Thread: popups and system issues
View Single Post
Old 04-30-2007, 02:06 PM   #7 (permalink)
debneal57
Registered User
 
Join Date: Apr 2007
Location: IL
Posts: 7
OS: XP Pro

My System

Re: popups and system issues
HIJACKTHIS LOG =

Logfile of HijackThis v1.99.1
Scan saved at 2:58:11 PM, on 4/30/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\WINDOWS\LTMSG.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe
C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Common Files\AOL\1177962369\ee\AOLSoftware.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\ATI Multimedia\main\launchpd.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\ATI Multimedia\main\ATISched.EXE
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Microsoft Money\System\mnyexpr.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/home.html
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {549B5CA7-4A86-11D7-A4DF-000874180BB3} - (no file)
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: (no name) - {FDD3B846-8D59-4ffb-8758-209B6AD74ACC} - (no file)
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe -CheckReg
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Version Cue CS2] "C:\Program Files\Adobe\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Adobe Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1177962369\ee\AOLSoftware.exe
O4 - HKCU\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKCU\..\Run: [ATI Remote Control] "C:\Program Files\ATI Multimedia\RemCtrl\ATIRW.exe"
O4 - HKCU\..\Run: [ATI Launchpad] "C:\Program Files\ATI Multimedia\main\launchpd.exe"
O4 - HKCU\..\Run: [ATI DeviceDetect] C:\Program Files\ATI Multimedia\main\ATIDtct.EXE
O4 - HKCU\..\Run: [ATI Scheduler] C:\Program Files\ATI Multimedia\main\ATISched.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MoneyAgent] "C:\Program Files\Microsoft Money\System\mnyexpr.exe"
O4 - HKCU\..\Run: [XdriveTrayIcon] "C:\Program Files\Xdrive\Xdrive Desktop\XdriveTray.exe"
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Save to &Xdrive - res://C:\Program Files\Xdrive\Xdrive Desktop\xdrive.exe/std.html
O9 - Extra button: ATI TV - {44226DFF-747E-4edc-B30C-78752E50CD0C} - C:\Program Files\ATI Multimedia\dtv\EXPLBAR.DLL
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4D7F48C0-CB49-4EA6-97D4-04F4EACC2F3B} (InstallShield Setup Player 2K2) - http://www.xdrive.com/downloads/std_install/setup.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1177832176781
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/...sh/swflash.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS2 - Unknown owner - C:\Program Files\Adobe\Adobe Version Cue CS2\bin\VersionCueCS2.exe" -win32service (file missing)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Xdrive Service - Xdrive LLC - C:\Program Files\Xdrive\Xdrive Desktop\XdriveService.exe


COMBOFIX LOG =

"Owner" - 07-04-30 14:59:36 Service Pack 2
ComboFix 07-04-28.V - Running from: "C:\Documents and Settings\Owner\Desktop\"


((((((((((((((((((((((((((((((( Files Created from 2007-03-28 to 2007-04-30 ))))))))))))))))))))))))))))))))))


2007-04-30 14:46 4,992 --a------ C:\WINDOWS\system32\drivers\loop.sys
2007-04-30 14:46 <DIR> d-------- C:\Program Files\Common Files\Merge Modules
2007-04-30 14:46 <DIR> d-------- C:\Program Files\Common Files\AOL
2007-04-30 14:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\AOL
2007-04-30 14:45 55,808 --a------ C:\WINDOWS\system32\zlib1.dll
2007-04-30 14:45 <DIR> d-------- C:\Program Files\Xdrive
2007-04-30 14:45 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\InstallShield
2007-04-30 14:42 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Xdrive
2007-04-30 14:42 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\InstallShield Installation Information
2007-04-30 13:13 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-04-30 00:00 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Ahead
2007-04-29 23:58 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-04-29 23:14 <DIR> d-------- C:\Program Files\Microsoft Money
2007-04-29 18:32 3,968 --a------ C:\WINDOWS\system32\drivers\AvgArCln.sys
2007-04-29 18:30 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-04-29 14:58 <DIR> d-------- C:\Program Files\Elaborate Bytes
2007-04-29 14:52 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-04-29 14:20 <DIR> d-------- C:\Program Files\Nero
2007-04-29 14:20 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-04-29 13:42 16,384 --a------ C:\WINDOWS\system32\FileOps.exe
2007-04-29 13:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe Systems
2007-04-29 13:34 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2007-04-29 12:34 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2007-04-29 12:31 <DIR> d-------- C:\Program Files\Common Files\L&H
2007-04-29 12:30 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-04-29 12:29 <DIR> d-------- C:\Program Files\Microsoft Works
2007-04-29 12:28 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-04-29 12:27 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-04-29 12:05 <DIR> d-------- C:\Program Files\Winamp
2007-04-29 12:00 <DIR> d-------- C:\Program Files\Trillian
2007-04-29 11:55 <DIR> d-------- C:\Program Files\Smart Projects
2007-04-29 11:39 45,056 --------- C:\WINDOWS\system32\EpPicPrt.dll
2007-04-29 11:39 45,056 --------- C:\WINDOWS\system32\EpPicMgr.dll
2007-04-29 11:39 413,696 --a------ C:\WINDOWS\system32\PICSDK.dll
2007-04-29 11:39 29,521 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat
2007-04-29 11:39 20,910 --a------ C:\WINDOWS\system32\EPPICPattern2.dat
2007-04-29 11:39 20,869 --a------ C:\WINDOWS\system32\EPPICPattern1.dat
2007-04-29 11:39 <DIR> d-------- C:\EPSONREG
2007-04-29 11:39 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\Leadertech
2007-04-29 11:38 98,304 -ra------ C:\WINDOWS\StiRegstEng.dll
2007-04-29 11:38 78,608 --a------ C:\WINDOWS\system32\Vb5db.dll
2007-04-29 11:38 73,810 --a------ C:\WINDOWS\system32\rapi.dll
2007-04-29 11:38 41,044 --a------ C:\WINDOWS\system32\ceutil.dll
2007-04-29 11:38 <DIR> d-------- C:\Program Files\NewSoft
2007-04-29 11:37 <DIR> d-------- C:\Program Files\ABBYY FineReader 5.0 Sprint
2007-04-29 11:35 96,768 --a------ C:\WINDOWS\SlantAdj.dll
2007-04-29 11:35 73,216 --a------ C:\WINDOWS\ADE.DLL
2007-04-29 11:35 3,136 --a------ C:\WINDOWS\Ade001.bin
2007-04-29 11:35 <DIR> d-------- C:\Program Files\Smart Panel
2007-04-29 11:34 65,793 --a------ C:\WINDOWS\system32\esfw43.bin
2007-04-29 11:34 47,104 --a------ C:\WINDOWS\system32\escimgn.dll
2007-04-29 11:34 32,768 --a------ C:\WINDOWS\system32\eswia43.dll
2007-04-29 11:34 23,552 --a------ C:\WINDOWS\system32\esccmn.dll
2007-04-29 11:34 163,840 --a------ C:\WINDOWS\system32\esint43.dll
2007-04-29 11:34 <DIR> d-------- C:\Program Files\epson
2007-04-29 11:23 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\HP
2007-04-29 11:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
2007-04-29 11:15 <DIR> d-------- C:\Program Files\Common Files\Sonic Shared
2007-04-29 11:15 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sonic
2007-04-29 11:14 <DIR> d-------- C:\Program Files\Common Files\HP
2007-04-29 11:11 77,824 -ra------ C:\WINDOWS\system32\hpzids01.dll
2007-04-29 11:11 49,920 --a------ C:\WINDOWS\system32\drivers\HPZid412.sys
2007-04-29 11:11 37,376 --a------ C:\WINDOWS\system32\hpz3l43a.dll
2007-04-29 11:11 16,496 --a------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2007-04-29 11:10 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-04-29 11:10 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-04-29 11:10 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-04-29 11:10 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-04-29 11:10 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-29 11:10 278,584 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-04-29 11:10 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-04-29 11:09 <DIR> d-------- C:\Program Files\HP
2007-04-29 11:07 3,732 --------- C:\WINDOWS\hpfmdl09.dat
2007-04-29 11:07 104,494 --a------ C:\WINDOWS\HPFins09.dat
2007-04-29 10:49 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-04-29 10:38 458,112 --a------ C:\WINDOWS\system32\drivers\MarvinUsb.sys
2007-04-29 10:38 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys
2007-04-29 10:18 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL
2007-04-29 10:18 82,432 --------- C:\WINDOWS\system32\msxml4r.dll
2007-04-29 10:18 81,920 --------- C:\WINDOWS\system32\vdrmux.dll
2007-04-29 10:18 76,800 --------- C:\WINDOWS\system32\Lfwmf13n.dll
2007-04-29 10:18 73,728 --------- C:\WINDOWS\system32\MMAviAx.dll
2007-04-29 10:18 73,728 --------- C:\WINDOWS\system32\lffax13n.dll
2007-04-29 10:18 65,536 --------- C:\WINDOWS\system32\Lfpct13n.dll
2007-04-29 10:18 46,592 --------- C:\WINDOWS\system32\vdrcodec.dll
2007-04-29 10:18 453,120 --------- C:\WINDOWS\system32\ltkrn13n.dll
2007-04-29 10:18 44,544 --------- C:\WINDOWS\system32\msxml4a.dll
2007-04-29 10:18 40,960 --------- C:\WINDOWS\system32\langserv.dll
2007-04-29 10:18 393,216 --------- C:\WINDOWS\system32\LFCMP13n.DLL
2007-04-29 10:18 32,768 --------- C:\WINDOWS\system32\MLPagAx.dll
2007-04-29 10:18 30,208 --------- C:\WINDOWS\system32\lfbmp13n.dll
2007-04-29 10:18 294,912 --------- C:\WINDOWS\system32\pvmjpg21.dll
2007-04-29 10:18 278,016 --------- C:\WINDOWS\system32\LFJ2K13n.dll
2007-04-29 10:18 24,576 --------- C:\WINDOWS\system32\lftga13n.dll
2007-04-29 10:18 204,881 --------- C:\WINDOWS\system32\DiskIO.dll
2007-04-29 10:18 18,432 --------- C:\WINDOWS\system32\Cachex.dll
2007-04-29 10:18 155,721 --------- C:\WINDOWS\system32\RALMain.dll
2007-04-29 10:18 153,088 --------- C:\WINDOWS\system32\ltfil13n.DLL
2007-04-29 10:18 143,360 --------- C:\WINDOWS\system32\lftif13n.dll
2007-04-29 10:18 114,759 --------- C:\WINDOWS\system32\Aviprax.dll
2007-04-29 10:18 1,693,696 --------- C:\WINDOWS\system32\LTCLR13n.dll
2007-04-29 10:16 <DIR> d-------- C:\Program Files\SmartSound Software
2007-04-29 10:16 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\SmartSound Software Inc
2007-04-29 10:15 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2007-04-29 10:15 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2007-04-29 10:15 <DIR> d-------- C:\Program Files\QuickTime
2007-04-29 10:15 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
2007-04-29 10:14 406,016 --a------ C:\WINDOWS\system32\PSDrvCheck.exe
2007-04-29 10:14 19,456 --a------ C:\WINDOWS\system32\asapi.dll
2007-04-29 10:14 14,165 --------- C:\WINDOWS\system32\drivers\Pclepci.sys
2007-04-29 10:14 11,264 --a------ C:\WINDOWS\system32\drivers\asapiW2k.sys
2007-04-29 10:13 90,112 --a------ C:\WINDOWS\unvise32.exe
2007-04-29 10:12 974,848 --a------ C:\WINDOWS\system32\MFC70.DLL
2007-04-29 10:12 964,608 --a------ C:\WINDOWS\system32\MFC70U.DLL
2007-04-29 10:12 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2007-04-29 10:12 61,440 --a------ C:\WINDOWS\system32\pclepim1.dll
2007-04-29 10:12 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2007-04-29 10:12 61,440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL
2007-04-29 10:12 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2007-04-29 10:12 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2007-04-29 10:12 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll
2007-04-29 10:12 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2007-04-29 10:12 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2007-04-29 10:12 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2007-04-29 10:12 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2007-04-29 10:10 <DIR> d-------- C:\Program Files\Pinnacle
2007-04-29 10:10 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Pinnacle
2007-04-29 09:24 <DIR> d-------- C:\Program Files\Gemstar
2007-04-29 09:24 <DIR> d-------- C:\Program Files\Common Files\Borland Shared
2007-04-29 09:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\X10 Settings
2007-04-29 08:52 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\ATI MMC
2007-04-29 08:51 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\ATI MMC
2007-04-29 08:45 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-04-29 08:40 <DIR> d-------- C:\Program Files\Common Files\ATI Technologies
2007-04-29 08:38 <DIR> d-------- C:\Program Files\Common Files\CyberLink
2007-04-29 08:32 9,091 --a------ C:\WINDOWS\system32\drivers\atirwrf.sys
2007-04-29 08:32 257,872 --a------ C:\WINDOWS\system32\drivers\atirwvd.sys
2007-04-29 08:32 <DIR> d-------- C:\Program Files\Common Files\ATI
2007-04-29 08:32 <DIR> d-------- C:\Program Files\ATI Multimedia
2007-04-29 08:27 <DIR> d-------- C:\Program Files\TitanTV
2007-04-29 08:26 <DIR> d--h----- C:\WINDOWS\msdownld.tmp
2007-04-29 08:26 <DIR> d-------- C:\WINDOWS\system32\windows media
2007-04-29 08:26 <DIR> d-------- C:\Program Files\Windows Media Components
2007-04-29 07:50 <DIR> d-------- C:\DOCUME~1\Owner\APPLIC~1\ATI
2007-04-29 07:47 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-04-29 07:47 <DIR> d-------- C:\Program Files\ATI Technologies
2007-04-29 07:39 <DIR> d-------- C:\ATI
2007-04-29 06:57 363,520 --a------ C:\WINDOWS\system32\PsisDecd.dll
2007-04-29 06:57 15,360 --a------ C:\WINDOWS\system32\drivers\MPE.sys
2007-04-29 06:57 11,776 --a------ C:\WINDOWS\system32\drivers\BdaSup.sys
2007-04-29 06:54 168,832 --a------ C:\WINDOWS\system32\drivers\atinavt2.sys
2007-04-29 06:53 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-29 06:53 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-29 06:31 <DIR> d-------- C:\Program Files\MSBuild
2007-04-29 06:28 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2007-04-29 06:27 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-04-29 06:27 <DIR> d-------- C:\Program Files\Reference Assemblies
2007-04-29 06:26 <DIR> d-------- C:\0e49d46b42f0fc6211816ca6f4b071
2007-04-29 06:23 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-29 06:23 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-04-29 06:21 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2007-04-29 06:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-04-29 04:53 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
2007-04-29 04:43 28,672 --------- C:\WINDOWS\system32\verclsid.exe
2007-04-29 04:14 503,808 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-04-29 04:14 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-04-29 03:58 <DIR> d--hs---- C:\RECYCLER
2007-04-29 03:39 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-29 03:28 27,165 --a------ C:\WINDOWS\system32\drivers\fetnd5.sys
2007-04-29 03:26 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-29 03:26 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-29 02:39 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-04-29 02:39 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-04-29 02:39 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-04-29 02:36 18,200 --a------ C:\WINDOWS\system32\wups2.dll
2007-04-29 02:36 <DIR> d---s---- C:\DOCUME~1\Owner\UserData
2007-04-29 02:36 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2007-04-29 02:13 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-04-29 02:13 2,097,152 --ah----- C:\DOCUME~1\Owner\NTUSER.DAT
2007-04-29 02:11 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-04-29 02:09 524,288 --a------ C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-04-29 02:09 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-04-29 02:05 262,144 --ah----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-04-29 02:05 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-29 02:05 0 -rahs---- C:\MSDOS.SYS
2007-04-29 02:05 0 -rahs---- C:\IO.SYS
2007-04-29 02:05 0 --a------ C:\CONFIG.SYS
2007-04-29 02:05 0 --a------ C:\AUTOEXEC.BAT
2007-04-29 02:05 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-29 02:05 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-29 02:04 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-04-29 02:03 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-04-29 02:03 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-04-29 02:03 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-29 02:03 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-29 02:02 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-29 02:02 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-29 02:02 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-29 02:02 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-29 02:02 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-29 02:02 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-29 02:02 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-29 02:02 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-29 02:02 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-29 02:02 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-29 02:02 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-29 02:02 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-29 02:02 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-29 02:02 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-29 02:02 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-29 02:02 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-29 02:02 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-29 02:02 41,240 --a------ C:\WINDOWS\system32\wups.dll
2007-04-29 02:02 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-29 02:02 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-29 02:02 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-29 02:02 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-29 02:02 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-29 02:02 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-29 02:02 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-29 02:02 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-29 02:02 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-29 02:02 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-29 02:02 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-04-29 02:02 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-29 02:02 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-29 02:02 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-29 02:02 173,536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-29 02:02 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-29 02:02 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-29 02:02 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-29 02:02 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-29 02:02 128,896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2007-04-29 02:02 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-29 02:02 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-29 02:02 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-29 02:02 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-29 02:02 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-29 02:02 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-29 02:02 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-29 02:02 <DIR> d---s---- C:\WINDOWS\Tasks
2007-04-29 02:02 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-29 02:02 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-29 02:02 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-29 02:02 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-29 02:02 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-29 02:01 22,720 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-29 02:01 <DIR> d-------- C:\WINDOWS\Registration
2007-04-29 02:00 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-29 02:00 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-29 02:00 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-29 02:00 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-29 02:00 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-29 02:00 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-29 02:00 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-29 02:00 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-29 02:00 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-04-29 02:00 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-29 02:00 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-29 02:00 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-29 02:00 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-29 02:00 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-29 02:00 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-29 02:00 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-29 02:00 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-29 02:00 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-29 02:00 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-29 02:00 20,992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-29 02:00 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-29 02:00 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-29 02:00 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-29 02:00 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-29 02:00 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-29 02:00 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-29 02:00 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-29 02:00 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-29 02:00 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-29 02:00 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-29 02:00 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-29 02:00 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-29 02:00 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-29 02:00 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-29 02:00 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-29 02:00 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-29 02:00 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-29 02:00 <DIR> d-------- C:\Program Files\Online Services
2007-04-29 02:00 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-29 02:00 <DIR> d-------- C:\Program Files\Messenger
2007-04-29 01:59 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-29 01:59 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-29 01:59 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-29 01:59 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-29 01:59 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-29 01:59 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-29 01:59 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-29 01:59 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-29 01:59 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-29 01:59 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-29 01:59 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-29 01:59 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-29 01:59 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-29 01:59 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-29 01:59 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-29 01:59 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-29 01:59 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-29 01:59 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-29 01:59 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-29 01:59 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-29 01:59 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-29 01:59 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-29 01:59 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-29 01:59 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-29 01:59 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-29 01:59 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-29 01:59 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-29 01:59 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-29 01:59 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-29 01:59 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-29 01:59 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-29 01:59 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-29 01:59 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-29 01:59 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-29 01:59 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-29 01:59 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-29 01:59 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-29 01:59 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-29 01:59 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-29 01:59 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-29 01:59 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-29 01:59 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-29 01:59 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-29 01:59 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-29 01:59 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-29 01:59 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-29 01:59 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-29 01:59 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-29 01:59 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-29 01:59 <DIR> d-------- C:\Program Files\Windows NT
2007-04-28 20:52 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-04-28 20:52 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-28 20:52 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-28 20:52 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-04-28 20:52 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-04-28 20:51 73,216 --a------ C:\WINDOWS\system32\drivers\atintuxx.sys
2007-04-28 20:51 63,488 --a------ C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-04-28 20:51 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-04-28 20:51 52,224 --a------ C:\WINDOWS\system32\drivers\atinraxx.sys
2007-04-28 20:51 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-28 20:51 32,768 --a------ C:\WINDOWS\system32\ativtmxx.dll
2007-04-28 20:51 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-28 20:51 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-04-28 20:51 13,824 --a------ C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-04-28 20:51 104,960 --a------ C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-04-28 20:50 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-28 20:50 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-04-28 20:49 870,784 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-04-28 20:49 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-04-28 20:49 356,352 --a------ C:\WINDOWS\system32\ati2cqag.dll
2007-04-28 20:49 267,776 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-04-28 20:49 2,820,544 --a------ C:\WINDOWS\system32\ati3duag.dll
2007-04-28 20:49 1,986,560 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-28 20:49 1,315,712 --a------ C:\WINDOWS\system32\ativvaxx.dll
2007-04-28 20:48 652,689 --a------ C:\WINDOWS\system32\drivers\ltmdmnt.sys
2007-04-28 20:48 44,672 --a------ C:\WINDOWS\system32\drivers\UAGP35.SYS
2007-04-28 20:46 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-28 20:46 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-28 20:46 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-28 20:46 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-28 20:46 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-28 20:46 <DIR> dr------- C:\Program Files
2007-04-28 20:46 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2007-04-28 20:46 <DIR> d--hs---- C:\WINDOWS\Installer
2007-04-28 20:46 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-28 20:46 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-28 20:45 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-28 20:45 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-28 20:44 <DIR> d--hs---- C:\System Volume Information
2007-04-28 20:44 <DIR> d-------- C:\Documents and Settings
2007-04-28 20:37 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-04-28 20:37 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-04-28 20:37 <DIR> dr------- C:\WINDOWS\Web
2007-04-28 20:37 <DIR> d--h----- C:\WINDOWS\inf
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system32
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\system
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\security
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Resources
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\repair
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Provisioning
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\PeerNet
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\pchealth
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\mui
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\msapps
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\msagent
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Media
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\ime
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Help
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Debug
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\Config
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS\addins
2007-04-28 20:37 <DIR> d-------- C:\WINDOWS


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-28 20:46 62 --ahs---- C:\DOCUME~1\Owner\APPLIC~1\desktop.ini
2007-03-23 06:07 583504 --------- C:\WINDOWS\system32\xpsshhdr.dll
2007-03-23 06:07 1683280 --------- C:\WINDOWS\system32\xpssvcs.dll
2007-03-22 20:25 124928 --------- C:\WINDOWS\system32\prntvpt.dll
2007-03-17 08:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-14 20:58 315392 --a------ C:\WINDOWS\system32\atidemgx.dll
2007-03-14 20:55 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2007-03-14 20:50 42496 --a------ C:\WINDOWS\system32\ati2edxx.dll
2007-03-14 20:50 26112 --a------ C:\WINDOWS\system32\ati2mdxx.exe
2007-03-14 20:50 122880 --a------ C:\WINDOWS\system32\atipdlxx.dll
2007-03-14 20:50 114688 --a------ C:\WINDOWS\system32\oemdspif.dll
2007-03-14 20:49 114688 --a------ C:\WINDOWS\system32\ati2evxx.dll
2007-03-14 20:48 450560 --a------ C:\WINDOWS\system32\ati2evxx.exe
2007-03-14 20:47 53248 --a------ C:\WINDOWS\system32\atiddc.dll
2007-03-14 20:29 3107788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2007-03-14 20:19 5402624 --a------ C:\WINDOWS\system32\atioglxx.dll
2007-03-14 20:16 258048 --a------ C:\WINDOWS\system32\atikvmag.dll
2007-03-14 20:14 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
2007-03-14 19:27 972336 --a------ C:\WINDOWS\unrecode.exe
2007-03-14 19:19 972336 --a------ C:\WINDOWS\unnerobackitup.exe
2007-03-14 19:19 95864 --a------ C:\WINDOWS\system32\neroco.dll
2007-03-12 18:54 38576 --a------ C:\WINDOWS\system32\drivers\InCDRm.sys
2007-03-12 18:54 37040 --a------ C:\WINDOWS\system32\drivers\InCDPass.sys
2007-03-12 18:54 239152 --a------ C:\WINDOWS\nuninst.exe
2007-03-12 18:54 16304 --a------ C:\WINDOWS\system32\drivers\InCDrec.sys
2007-03-12 18:53 118064 --a------ C:\WINDOWS\system32\drivers\InCDfs.sys
2007-03-12 13:51 972336 --a------ C:\WINDOWS\unneromediahome.exe
2007-03-08 10:36 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 10:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 10:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 08:47 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-06 17:04 143676 --a------ C:\WINDOWS\system32\atiicdxx.dat
2007-02-28 20:53 972336 --a------ C:\WINDOWS\unnerovision.exe
2007-02-28 15:41 972336 --a------ C:\WINDOWS\unneroshowtime.exe
2007-02-05 15:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
"{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}"="C:\Program Files\Adobe\Adobe Acrobat 7.0\ActiveX\AcroIEHelper.dll"
"{AE7CD045-E861-484f-8273-0445EE161910}"="C:\Program Files\Adobe\Adobe Acrobat 7.0\Acrobat\AcroIEFavClient.dll"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVG7\\avgcc.exe /STARTUP"
"AlcxMonitor"="ALCXMNTR.EXE"
"LTMSG"="LTMSG.exe 7"
"PinnacleDriverCheck"="C:\\WINDOWS\\system32\\PSDrvCheck.exe -CheckReg"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"Adobe Version Cue CS2"="\"C:\\Program Files\\Adobe\\Adobe Version Cue CS2\\ControlPanel\\VersionCueCS2Tray.exe\""
"Acrobat Assistant 7.0"="\"C:\\Program Files\\Adobe\\Adobe Acrobat 7.0\\Distillr\\Acrotray.exe\""
@=""
"NWEReboot"=""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"SecurDisc"="C:\\Program Files\\Nero\\Nero 7\\InCD\\NBHGui.exe"
"InCD"="C:\\Program Files\\Nero\\Nero 7\\InCD\\InCD.exe"
"HostManager"="C:\\Program Files\\Common Files\\AOL\\1177962369\\ee\\AOLSoftware.exe"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
@=""
"StartCCC"="C:\\Program Files\\ATI Technologies\\ATI.ACE\\Core-Static\\CLIStart.exe"
"ATI Remote Control"="\"C:\\Program Files\\ATI Multimedia\\RemCtrl\\ATIRW.exe\""
"ATI Launchpad"="\"C:\\Program Files\\ATI Multimedia\\main\\launchpd.exe\""
"ATI DeviceDetect"="C:\\Program Files\\ATI Multimedia\\main\\ATIDtct.EXE"
"ATI Scheduler"="C:\\Program Files\\ATI Multimedia\\main\\ATISched.EXE"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MoneyAgent"="\"C:\\Program Files\\Microsoft Money\\System\\mnyexpr.exe\""
"XdriveTrayIcon"="\"C:\\Program Files\\Xdrive\\Xdrive Desktop\\XdriveTray.exe\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\shellexecutehook.dll"


HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\EPG_REC_000.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-04-30 15:01:50
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 07-04-30 15:01:53
C:\ComboFix-quarantined-files.txt ... 07-04-30 15:01
C:\ComboFix2.txt ... 07-04-30 13:13
debneal57 is offline