Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
Trojan.Vundo Trojan.Vundo
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 02-27-2007, 05:47 PM   #1 (permalink)
Registered User
 
Gskater26's Avatar
 
Join Date: Feb 2007
Location: Maine.
Posts: 15
OS: Mac OS X 10.5.4


Send a message via AIM to Gskater26 Send a message via MSN to Gskater26
Trojan.Vundo

Norton's deteced a Trojan.Vundo as well as Adware.VituMonde

Once in a while, a pop up will pop up in Internet Explorer. My computer has been acting a bit sluggish lately, too.

Here's the Hijack This + ComboScan log :

ComboScan v20070226.18 run by user on 2007-02-27 at 20:33:33
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.


-- HijackThis (run as user.exe) -------------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 8:33:43 PM, on 2/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\WLTRYSVC.EXE
C:\WINDOWS\System32\bcmwltry.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Norton AntiVirus\NAVW32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\System32\igfxtray.exe
C:\WINDOWS\System32\hkcmd.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre1.6.0\bin\jusched.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\WLTRAY.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Desktop\comboscan.exe
C:\HIJACK~1\user.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {6B8D1B78-6B24-4E09-BF23-05464F80C2B7} - C:\WINDOWS\system32\jkklm.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: (no name) - {C47A9554-195A-4769-9B13-04F15B450A39} - C:\WINDOWS\system32\xxyvvst.dll
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton AntiVirus\osCheck.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0\bin\jusched.exe"
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\WINDOWS\system32\WLTRAY.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1170946099433
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 - Winlogon Notify: jkklm - C:\WINDOWS\system32\jkklm.dll
O20 - Winlogon Notify: xxyvvst - C:\WINDOWS\SYSTEM32\xxyvvst.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\isPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - C:\WINDOWS\System32\WLTRYSVC.EXE


-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
3R BCM43XX (Broadcom 802.11 Network Adapter Driver) - C:\WINDOWS\system32\drivers\BCMWL5.SYS
3R bcm4sbxp (Broadcom 440x 10/100 Integrated Controller XP Driver) - C:\WINDOWS\system32\drivers\bcm4sbxp.sys
3S Bridge (MAC Bridge) - C:\WINDOWS\system32\drivers\bridge.sys
3S BridgeMP (MAC Bridge Miniport) - C:\WINDOWS\system32\drivers\bridge.sys
1R eeCtrl (Symantec Eraser Control driver) - C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
3R EraserUtilRebootDrv - C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
3R GEARAspiWDM - C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
3R ialm - C:\WINDOWS\system32\drivers\ialmnt5.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys
3S mcdbus (Driver for MagicISO SCSI Host Controller) - C:\WINDOWS\system32\DRIVERS\mcdbus.sys (not found)
3R NAVENG - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070227.035\NAVENG.SYS
3R NAVEX15 - C:\Program Files\Common Files\Symantec Shared\VirusDefs\20070227.035\NAVEX15.SYS
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
0R ohci1394 (Texas Instruments OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
3R smwdm - C:\WINDOWS\system32\drivers\smwdm.sys
1R SPBBCDrv - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys
0R sptd - C:\WINDOWS\system32\drivers\sptd.sys
3R SRTSP - C:\WINDOWS\system32\drivers\srtsp.sys
3S SRTSPL - C:\WINDOWS\system32\drivers\srtspl.sys
1R SRTSPX - C:\WINDOWS\system32\drivers\srtspx.sys
3R SYMDNS - C:\WINDOWS\system32\drivers\symdns.sys
3R SymEvent - C:\WINDOWS\system32\drivers\SYMEVENT.SYS
3R SYMFW - C:\WINDOWS\system32\drivers\symfw.sys
3R SYMIDS - C:\WINDOWS\system32\drivers\symids.sys
3R SYMIDSCO - C:\Program Files\Common Files\Symantec Shared\SymcData\ids-diskless\20070221.002\SymIDSCo.sys
3R SYMNDIS - C:\WINDOWS\system32\drivers\symndis.sys
3R SYMREDRV - C:\WINDOWS\system32\drivers\symredrv.sys
1R SYMTDI - C:\WINDOWS\system32\drivers\symtdi.sys
3R SynTP (Synaptics TouchPad Driver) - C:\WINDOWS\system32\drivers\SynTP.sys
3R tifm21 - C:\WINDOWS\system32\drivers\tifm21.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3S USBSTOR (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\USBSTOR.SYS
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3S Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
3S aspnet_state (ASP.NET State Service) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe
2R Automatic LiveUpdate Scheduler - "C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe"
2R ccEvtMgr (Symantec Event Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
2R ccSetMgr (Symantec Settings Manager) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
3S clr_optimization_v2.0.50727_32 (.NET Runtime Optimization Service v2.0.50727_X86) - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
2R CLTNetCnService (Symantec Lic NetConnect service) - "C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
3R iPod Service - "C:\Program Files\iPod\bin\iPodService.exe"
3S ISPwdSvc (Symantec IS Password Validation) - "C:\Program Files\Norton AntiVirus\isPwdSvc.exe"
3S LiveUpdate - "C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE"
3S ose (Office Source Engine) - "C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE"
3R Symantec Core LC - "C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe"
2R SymAppCore (Symantec AppCore Service) - "C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"
2R wltrysvc (Broadcom Wireless LAN Tray Service) - C:\WINDOWS\System32\WLTRYSVC.EXE C:\WINDOWS\System32\bcmwltry.exe


-- Scheduled Tasks --------------------------------------------------------------

2007-02-27 00:03:37 528 --a------ C:\WINDOWS\Tasks\Norton AntiVirus - Run Full System Scan - user.job<NORTON~1.JOB>
2007-02-23 12:25:00 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job<APPLES~1.JOB>


-- Files created between 2007-01-27 and 2007-02-27 ------------------------------

2007-02-27 20:25:18 0 d-------- C:\Hijack This<HIJACK~1>
2007-02-27 17:27:44 1020907 ---hs---- C:\WINDOWS\system32\mlkkj.ini2<MLKKJ~1.INI>
2007-02-27 17:20:24 997207 ---hs---- C:\WINDOWS\system32\mlkkj.bak1<MLKKJ~1.BAK>
2007-02-27 17:19:41 281652 ---hs---- C:\WINDOWS\system32\jkklm.dll
2007-02-27 17:14:36 26637 ---hs---- C:\WINDOWS\system32\xxyvvst.dll
2007-02-25 21:10:51 700416 --a------ C:\WINDOWS\system32\BCMLogon.dll
2007-02-25 21:10:48 33664 --a------ C:\WINDOWS\system32\drivers\BCMWLNPF.SYS
2007-02-25 21:10:46 86016 --a------ C:\WINDOWS\system32\preflib.dll
2007-02-25 21:10:45 44032 --a------ C:\WINDOWS\system32\wltrynt.dll
2007-02-25 21:10:45 184320 --a------ C:\WINDOWS\system32\bcmwlu00.exe
2007-02-25 21:10:44 1282048 --a------ C:\WINDOWS\system32\WLTRAY.EXE
2007-02-25 21:10:44 69632 --a------ C:\WINDOWS\system32\bcmwlpkt.dll
2007-02-25 21:10:43 20480 --a------ C:\WINDOWS\system32\WLTRYSVC.EXE
2007-02-25 21:10:43 2129920 --a------ C:\WINDOWS\system32\WLBCGCBPRO731.DLL<WLBCGC~1.DLL>
2007-02-25 21:10:43 1134592 --a------ C:\WINDOWS\system32\BCMWLTRY.EXE
2007-02-25 21:10:43 757760 --a------ C:\WINDOWS\system32\bcm1xsup.dll
2007-02-25 21:10:42 0 d-------- C:\Program Files\Broadcom
2007-02-23 19:10:45 0 d-------- C:\Program Files\Alcohol Soft<ALCOHO~1>
2007-02-23 13:57:00 0 d-------- C:\Program Files\Web Publish<WEBPUB~1>
2007-02-23 13:45:50 0 d-------- C:\Documents and Settings\user\.borland<BORLAN~1>
2007-02-23 13:44:31 0 d-------- C:\Program Files\Delphi7SE<DELPHI~1>
2007-02-22 23:15:34 0 d-------- C:\Documents and Settings\user\Application Data\Opera
2007-02-22 23:14:57 0 d-------- C:\Program Files\Opera
2007-02-22 22:03:19 139536 --a------ C:\WINDOWS\system32\javaee.dll
2007-02-22 22:03:06 171792 --a------ C:\WINDOWS\system32\wjview.exe
2007-02-22 22:03:01 172304 --a------ C:\WINDOWS\system32\jview.exe
2007-02-22 22:02:56 49424 --a------ C:\WINDOWS\system32\clspack.exe
2007-02-22 20:03:04 46352 --a------ C:\WINDOWS\setdebug.exe
2007-02-22 20:03:03 171280 --a------ C:\WINDOWS\system32\jit.dll
2007-02-22 20:03:03 313856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-02-22 20:03:03 6550 --a------ C:\WINDOWS\jautoexp.dat
2007-02-22 20:02:56 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-02-22 20:02:56 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-02-22 20:02:56 286992 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-02-22 20:02:55 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-02-22 20:02:55 947472 --a------ C:\WINDOWS\system32\msjava.dll
2007-02-22 20:02:55 154384 --a------ C:\WINDOWS\system32\msawt.dll
2007-02-22 20:02:54 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-02-22 20:02:54 404752 --a------ C:\WINDOWS\system32\javart.dll
2007-02-22 20:02:53 63248 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-02-22 20:02:53 187152 --a------ C:\WINDOWS\system32\javacypt.dll
2007-02-22 20:02:52 44544 --a------ C:\WINDOWS\clspack.exe
2007-02-22 20:02:51 103424 --a------ C:\WINDOWS\extrac32.exe
2007-02-17 21:01:03 0 d-------- C:\Program Files\GameSpy Arcade<GAMESP~1>
2007-02-17 20:50:26 646392 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-02-17 20:44:36 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL OCP<AOLOCP~1>
2007-02-17 20:44:20 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL
2007-02-17 20:39:34 0 d-------- C:\Documents and Settings\All Users\Application Data\AOL Downloads<AOLDOW~1>
2007-02-17 19:11:33 0 d-------- C:\Program Files\MagicISO
2007-02-17 17:59:04 0 d-------- C:\926ab9b2452b1c951a3900<926AB9~1>
2007-02-16 23:24:31 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0>
2007-02-16 23:23:36 0 d-------- C:\Program Files\Microsoft Games<MICROS~4>
2007-02-16 22:04:54 335 --a------ C:\WINDOWS\mozregistry.dat<MOZREG~1.DAT>
2007-02-16 21:32:33 0 d-------- C:\Documents and Settings\user\Application Data\TextPad
2007-02-16 21:32:10 0 d-------- C:\Program Files\TextPad 4<TEXTPA~1>
2007-02-15 23:40:39 0 d-------- C:\Documents and Settings\user\Application Data\Viewpoint<VIEWPO~1>
2007-02-15 22:36:16 0 d-------- C:\Program Files\XP Codec Pack<XPCODE~1>
2007-02-15 22:20:25 0 d-------- C:\Documents and Settings\user\Application Data\AdobeUM
2007-02-15 22:20:25 0 d-------- C:\Documents and Settings\user\Application Data\AdobeAUM
2007-02-15 17:20:02 264192 --a------ C:\WINDOWS\system32\npacrx.dll
2007-02-15 17:20:02 76800 --a------ C:\WINDOWS\system32\mcilma32.dll
2007-02-15 17:20:02 37856 --a------ C:\WINDOWS\system32\mcilma.dll
2007-02-15 17:20:02 131584 --a------ C:\WINDOWS\system32\mcilau32.dll
2007-02-15 17:20:02 71168 --a------ C:\WINDOWS\system32\lmactl32.dll
2007-02-15 17:20:02 67936 --a------ C:\WINDOWS\system32\isprsht.dll
2007-02-15 17:20:02 95296 --a------ C:\WINDOWS\system\mcilau.dll
2007-02-15 17:20:00 563712 --a------ C:\WINDOWS\system32\VDK32116.DLL
2007-02-15 17:20:00 69632 --a------ C:\WINDOWS\system32\SX83P32.DLL
2007-02-15 17:20:00 22528 --a------ C:\WINDOWS\system32\NSMLAW32.DLL
2007-02-15 17:19:50 652289 --a------ C:\WINDOWS\cd32402.exe
2007-02-15 17:19:48 0 d-------- C:\Program Files\Netscape
2007-02-15 17:19:39 298496 --a------ C:\WINDOWS\uninst.exe
2007-02-15 17:19:13 0 d-------- C:\Documents and Settings\user\WINDOWS
2007-02-14 19:21:23 0 d--h----- C:\WINDOWS\PIF
2007-02-14 17:31:59 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1>
2007-02-14 17:26:32 0 d-------- C:\WINDOWS\.jagex_cache_32<JAGEX_~1>
2007-02-14 14:56:51 0 d-------- C:\Documents and Settings\user\.limewire<LIMEWI~1>
2007-02-14 13:20:43 0 d-------- C:\WINDOWS\.mpr_file_store_32<MPR_FI~1>
2007-02-13 22:14:47 0 d-------- C:\Documents and Settings\user\Application Data\Help
2007-02-13 21:38:48 0 d-------- C:\Documents and Settings\user\Application Data\DeskNote
2007-02-13 21:31:51 0 d-------- C:\Documents and Settings\user\Application Data\Weather Alarm Clock<WEATHE~1>
2007-02-13 20:22:30 81920 --a------ C:\WINDOWS\system32\SynTPCo2.dll
2007-02-13 17:05:22 0 d-------- C:\WINDOWS\WBEM
2007-02-13 17:05:20 0 d-------- C:\WINDOWS\system32\en-US
2007-02-13 17:03:47 0 d--h---c- C:\WINDOWS\ie7
2007-02-13 17:02:47 121856 -----n--- C:\WINDOWS\system32\xmllite.dll
2007-02-13 17:02:08 0 d-------- C:\WINDOWS\network diagnostic<NETWOR~1>
2007-02-13 16:38:05 0 d-------- C:\WINDOWS\system32\NtmsData
2007-02-13 15:05:59 0 d-------- C:\WINDOWS\Full Speed<FULLSP~1>
2007-02-13 15:05:58 0 d-------- C:\Program Files\Full Speed<FULLSP~1>
2007-02-13 14:26:02 24816 --a------ C:\WINDOWS\system32\mdimon.dll
2007-02-13 14:23:12 0 d-------- C:\Program Files\Microsoft ActiveSync<MICROS~3>
2007-02-13 14:18:49 0 d-------- C:\WINDOWS\SHELLNEW
2007-02-13 14:18:22 0 d-------- C:\Program Files\Microsoft.NET<MICROS~1.NET>
2007-02-12 20:26:44 0 d-------- C:\Documents and Settings\user\.SunDownloadManager<SUNDOW~1>
2007-02-12 17:18:55 0 d-------- C:\Documents and Settings\user\Application Data\Azureus
2007-02-12 17:17:43 0 d-------- C:\Program Files\Azureus
2007-02-12 16:44:25 0 d-------- C:\Documents and Settings\user\Application Data\CyberLink<CYBERL~1>
2007-02-12 14:39:50 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink<CYBERL~1>
2007-02-12 14:39:02 0 d-------- C:\Program Files\CyberLink<CYBERL~1>
2007-02-11 22:29:28 0 d-------- C:\Program Files\Common Files\stardock
2007-02-11 22:29:27 25088 --a------ C:\WINDOWS\system32\msxml3a.dll
2007-02-11 21:36:58 0 d-------- C:\Documents and Settings\user\Application Data\uTorrent
2007-02-11 20:40:10 36864 -----n--- C:\WINDOWS\system32\wbsys.dll
2007-02-11 20:40:10 20480 --a------ C:\WINDOWS\system32\wbload.dll
2007-02-11 20:40:09 0 d-------- C:\Program Files\Stardock
2007-02-11 18:34:52 0 d-------- C:\Documents and Settings\user\Shared
2007-02-11 18:34:50 0 d-------- C:\Documents and Settings\user\Incomplete<INCOMP~1>
2007-02-11 18:34:45 0 d-------- C:\Documents and Settings\user\Application Data\FrostWire<FROSTW~1>
2007-02-11 18:34:06 0 d-------- C:\Program Files\FrostWire<FROSTW~1>
2007-02-11 18:29:28 0 d-------- C:\WINDOWS\Sun
2007-02-11 18:21:05 327168 --a------ C:\WINDOWS\IsUninst.exe
2007-02-11 18:14:57 0 d-------- C:\Program Files\SCAR 2.03<SCAR2~1.03>
2007-02-10 13:27:58 0 d-------- C:\Program Files\MTV Networks<MTVNET~1>
2007-02-10 13:27:49 0 d-------- C:\WINDOWS\Downloaded Installations<DOWNLO~2>
2007-02-10 13:13:58 221184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-02-10 13:13:53 0 d-------- C:\Program Files\Windows Media Connect 2<WINDOW~4>
2007-02-10 13:12:32 0 d-------- C:\WINDOWS\system32\LogFiles
2007-02-10 13:12:32 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-02-10 12:27:03 0 d-------- C:\Program Files\Wide Angle Software<WIDEAN~1>
2007-02-10 12:24:04 0 dr--s---- C:\WINDOWS\assembly
2007-02-10 12:23:27 0 d-------- C:\WINDOWS\Microsoft.NET<MICROS~1.NET>
2007-02-10 10:21:48 0 d-------- C:\Program Files\Xinox Software<XINOXS~1>
2007-02-09 22:29:39 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems<ADOBES~1>
2007-02-09 22:29:05 0 d-------- C:\Documents and Settings\user\Application Data\Adobe
2007-02-09 22:25:14 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared<ADOBES~1>
2007-02-09 22:23:43 0 d-------- C:\Program Files\Common Files\Adobe
2007-02-09 22:23:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-02-09 20:33:17 1168 --a------ C:\WINDOWS\mozver.dat
2007-02-09 19:13:41 0 d-------- C:\Program Files\Java
2007-02-09 19:13:41 0 d-------- C:\Program Files\Common Files\Java
2007-02-09 19:13:20 0 d-------- C:\Documents and Settings\user\Application Data\Sun
2007-02-09 19:03:01 0 d-------- C:\Documents and Settings\user\Application Data\Apple Computer<APPLEC~1>
2007-02-09 19:02:50 0 d-------- C:\Program Files\iPod
2007-02-09 19:02:46 0 d-------- C:\Program Files\iTunes
2007-02-09 19:02:03 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-09 19:01:45 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-02-09 19:01:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer<APPLEC~1>
2007-02-09 17:30:39 0 d-------- C:\Program Files\Norton AntiVirus<NORTON~1>
2007-02-09 17:29:44 48776 --a------ C:\WINDOWS\system32\S32EVNT1.DLL
2007-02-09 17:29:44 115000 --a------ C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2007-02-09 17:29:15 0 d-------- C:\Program Files\Symantec
2007-02-09 17:29:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-02-09 17:14:17 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-02-09 17:09:14 0 d-------- C:\Program Files\CCleaner
2007-02-09 16:43:42 0 d--hs---- C:\RECYCLER
2007-02-09 16:41:53 0 d-------- C:\Documents and Settings\user\Application Data\Aim
2007-02-09 16:41:09 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint<VIEWPO~1>
2007-02-09 16:41:08 0 d-------- C:\Program Files\Viewpoint<VIEWPO~1>
2007-02-09 16:41:06 348160 --a------ C:\WINDOWS\system32\MSVCR71.DLL
2007-02-09 16:41:04 0 d-------- C:\Program Files\AIM
2007-02-09 16:37:07 0 d-------- C:\Documents and Settings\user\Application Data\Talkback
2007-02-09 16:36:58 42692 --a------ C:\WINDOWS\nsreg.dat
2007-02-09 16:36:50 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-08 15:13:28 0 d-------- C:\WINDOWS\Prefetch
2007-02-08 14:31:06 0 d-------- C:\WINDOWS\peernet
2007-02-08 14:31:05 0 d-------- C:\WINDOWS\provisioning<PROVIS~1>
2007-02-08 14:29:58 0 d-------- C:\WINDOWS\ServicePackFiles<SERVIC~1>
2007-02-08 14:25:15 0 d-------- C:\WINDOWS\EHome
2007-02-08 14:22:12 11776 -----n--- C:\WINDOWS\system32\spnpinst.exe
2007-02-08 14:22:11 4569 -----n--- C:\WINDOWS\system32\secupd.dat
2007-02-08 13:15:13 159744 --a------ C:\WINDOWS\system32\igfxres.dll
2007-02-08 11:54:39 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2007-02-08 11:38:55 26112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-02-08 11:38:55 39936 --a------ C:\WINDOWS\system32\mf3216.dll
2007-02-08 11:38:54 331264 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-02-08 11:38:54 614912 --a------ C:\WINDOWS\system32\h323msp.dll
2007-02-08 11:10:21 1082368 --a------ C:\WINDOWS\system32\esent.dll
2007-02-08 10:40:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage<WINDOW~1>
2007-02-08 09:53:49 0 d-------- C:\WINDOWS\system32\PreInstall<PREINS~1>
2007-02-08 09:53:47 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-02-08 09:53:46 0 d--h----- C:\WINDOWS\$hf_mig$
2007-02-08 09:53:06 0 d-------- C:\WINDOWS\system32\bits
2007-02-08 09:52:31 351232 --a------ C:\WINDOWS\system32\winhttp.dll
2007-02-08 09:52:31 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-02-08 09:52:31 7168 -----n--- C:\WINDOWS\system32\bitsprx3.dll
2007-02-08 09:52:31 8192 -----n--- C:\WINDOWS\system32\bitsprx2.dll
2007-02-08 09:48:57 18200 --a------ C:\WINDOWS\system32\wups2.dll
2007-02-08 09:48:57 41240 --a------ C:\WINDOWS\system32\wups.dll
2007-02-08 09:48:56 127256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-02-08 09:48:56 194328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-02-08 09:48:56 172312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-02-08 09:48:56 465176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-02-08 09:48:27 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-02-08 09:48:16 0 d---s---- C:\Documents and Settings\user\UserData
2007-02-08 09:23:54 69721 --a------ C:\WINDOWS\system32\SynTPFcs.dll
2007-02-08 09:23:54 77824 --a------ C:\WINDOWS\system32\SynTPCoI.dll
2007-02-08 09:23:54 94297 --a------ C:\WINDOWS\system32\SynTPAPI.dll
2007-02-08 09:23:54 114688 --a------ C:\WINDOWS\system32\SynCtrl.dll
2007-02-08 09:23:54 82012 --a------ C:\WINDOWS\system32\SynCOM.dll
2007-02-08 09:23:54 193088 --a------ C:\WINDOWS\system32\drivers\SynTP.sys
2007-02-08 09:23:54 0 d-------- C:\Program Files\Synaptics<SYNAPT~1>
2007-02-08 09:22:00 0 d-------- C:\Program Files\Intel
2007-02-08 09:21:52 74240 --a------ C:\WINDOWS\system32\usbui.dll
2007-02-08 09:21:51 142976 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2007-02-08 09:21:51 57600 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2007-02-08 09:21:51 26624 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2007-02-08 09:21:49 35840 --a------ C:\WINDOWS\system32\drivers\isapnp.sys
2007-02-08 09:21:45 25088 --a------ C:\WINDOWS\system32\drivers\pciidex.sys
2007-02-08 09:21:45 3328 --a------ C:\WINDOWS\system32\drivers\pciide.sys
2007-02-08 09:21:45 95360 --a------ C:\WINDOWS\system32\drivers\atapi.sys
2007-02-08 09:21:42 20480 --a------ C:\WINDOWS\system32\drivers\usbuhci.sys
2007-02-08 09:21:32 0 d-------- C:\WINDOWS\system32\ReinstallBackups<REINST~1>
2007-02-08 09:21:32 68224 --a------ C:\WINDOWS\system32\drivers\pci.sys
2007-02-08 09:11:08 0 d-------- C:\WINDOWS\tiinst
2007-02-08 09:09:04 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-02-08 09:09:02 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-02-08 09:09:01 52864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2007-02-08 09:09:00 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-02-08 09:08:59 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-02-08 09:08:58 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-02-08 09:08:56 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-02-08 09:08:55 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-02-08 09:08:44 7552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2007-02-08 09:08:42 4992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2007-02-08 09:08:41 5376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2007-02-08 09:08:37 140928 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-02-08 09:08:36 48640 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-02-08 09:08:36 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-02-08 09:08:36 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-02-08 09:08:35 4096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-02-08 09:08:30 49152 --a------ C:\WINDOWS\system32\DSndUp.exe
2007-02-08 09:08:30 259648 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
2007-02-08 09:08:30 45056 --a------ C:\WINDOWS\system32\CleanUp.exe
2007-02-08 09:08:30 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-08 09:08:30 0 d-------- C:\Program Files\Analog Devices<ANALOG~1>
2007-02-08 09:08:21 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-02-08 09:07:25 0 d-------- C:\BCM_REL_4_100_15_5_WHQL<BCM_RE~1>
2007-02-08 08:55:33 0 d-------- C:\cabs
2007-02-07 16:22:04 0 d--hs---- C:\WINDOWS\Installer<INSTAL~1>
2007-02-07 16:21:52 3407872 --a------ C:\Documents and Settings\user\NTUSER.DAT
2007-02-07 16:21:07 0 d--hs---- C:\System Volume Information<SYSTEM~1>
2007-02-07 16:21:06 225280 --a------ C:\Documents and Settings\LocalService\NTUSER.DAT
2007-02-07 16:21:05 225280 --a------ C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-02-07 16:18:21 0 d-------- C:\WINDOWS\system32\xircom
2007-02-07 16:18:21 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-02-07 16:18:19 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-02-07 16:18:13 0 -rahs---- C:\MSDOS.SYS
2007-02-07 16:18:13 0 -rahs---- C:\IO.SYS
2007-02-07 16:18:13 0 --a------ C:\CONFIG.SYS
2007-02-07 16:18:13 0 --a------ C:\AUTOEXEC.BAT
2007-02-07 16:18:02 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-02-07 16:17:26 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-02-07 16:17:18 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-02-07 16:17:17 0 d---s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-02-07 16:16:51 0 d-------- C:\WINDOWS\system32\DirectX
2007-02-07 16:16:24 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-02-07 16:16:24 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-02-07 16:16:24 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-02-07 16:16:24 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-02-07 16:16:23 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-02-07 16:16:13 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-02-07 16:16:13 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-02-07 16:16:13 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-02-07 16:16:12 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-02-07 16:16:10 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-02-07 16:16:07 0 d---s---- C:\WINDOWS\Tasks
2007-02-07 16:16:07 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-02-07 16:16:07 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-02-07 16:16:07 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-02-07 16:16:07 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-02-07 16:16:06 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-02-07 16:16:04 0 d-------- C:\Program Files\Common Files\MSSoap
2007-02-07 16:16:00 0 d-------- C:\WINDOWS\system32\Macromed
2007-02-07 16:16:00 0 d-------- C:\WINDOWS\srchasst
2007-02-07 16:15:59 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-02-07 16:15:58 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-07 16:15:54 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-02-07 16:15:54 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-02-07 16:15:54 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-02-07 16:15:54 0 d-------- C:\WINDOWS\system32\Restore
2007-02-07 16:15:54 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-02-07 16:15:54 0 d-------- C:\WINDOWS\PCHealth
2007-02-07 16:15:53 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-02-07 16:15:53 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-02-07 16:15:53 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-02-07 16:15:53 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-02-07 16:15:51 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-02-07 16:15:50 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-02-07 16:15:50 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-02-07 16:15:49 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-02-07 16:15:49 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-02-07 16:15:49 274944 --a------ C:\WINDOWS\system32\mstask.dll
2007-02-07 16:15:36 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-07 16:15:17 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-02-07 16:14:50 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-02-07 16:14:50 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-02-07 16:14:43 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-02-07 16:14:38 5632 --a------ C:\WINDOWS\system32\write.exe
2007-02-07 16:14:38 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-02-07 16:14:31 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-02-07 16:14:31 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-02-07 16:14:30 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-02-07 16:14:30 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-02-07 16:14:30 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-02-07 16:14:30 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-02-07 16:14:30 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-02-07 16:14:29 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-02-07 16:14:23 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-02-07 16:14:23 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-02-07 16:14:23 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-02-07 16:14:23 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-02-07 16:14:22 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-02-07 16:14:22 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-02-07 16:14:22 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-02-07 16:14:22 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-02-07 16:14:22 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-02-07 16:14:22 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-02-07 16:14:22 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-02-07 16:14:22 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-02-07 16:14:22 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-02-07 16:14:22 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-02-07 16:14:21 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-02-07 16:14:21 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-02-07 16:14:21 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-02-07 16:14:21 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-02-07 16:14:21 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-02-07 16:14:21 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-02-07 16:14:21 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-02-07 16:14:21 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-02-07 16:14:21 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-02-07 16:14:21 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-02-07 16:14:21 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-02-07 16:14:21 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-02-07 16:14:21 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-02-07 16:14:20 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-02-07 16:14:20 956416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-02-07 16:14:20 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-02-07 16:14:20 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-02-07 16:14:18 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-02-07 16:14:18 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-02-07 16:14:18 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-02-07 16:14:18 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-02-07 16:14:18 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-02-07 16:14:18 97792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-02-07 16:14:18 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-02-07 16:14:18 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-02-07 16:14:17 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-02-07 16:14:17 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-02-07 16:14:17 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-02-07 16:14:11 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-02-07 16:14:10 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-02-07 16:14:10 185344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-02-07 16:14:04 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-02-07 16:14:04 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-02-07 16:14:04 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-07 16:14:03 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-02-07 16:14:03 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-02-07 16:14:03 124184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-02-07 16:14:03 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-02-07 16:14:03 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-02-07 16:14:02 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-02-07 16:14:02 60416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-02-07 16:14:02 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-02-07 16:14:02 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-02-07 16:14:02 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-02-07 16:14:02 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-02-07 16:14:01 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-02-07 16:14:01 295424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-02-07 16:14:01 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-02-07 16:14:01 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-02-07 16:14:01 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-02-07 16:14:01 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-02-07 16:14:01 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-02-07 16:14:01 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-02-07 16:14:01 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-02-07 16:14:00 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-02-07 16:14:00 0 d-------- C:\WINDOWS\system32\MsDtc
2007-02-07 16:14:00 0 d-------- C:\WINDOWS\system32\Com
2007-02-07 16:13:56 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-02-07 16:13:51 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-02-07 16:13:51 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-02-07 11:05:15 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-02-07 11:04:55 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-02-07 11:04:32 6400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-02-07 11:04:15 5504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2007-02-07 11:04:02 9344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2007-02-07 11:04:01 14080 --a------ C:\WINDOWS\system32\drivers\cmbatt.sys
2007-02-07 11:04:01 14080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2007-02-07 11:03:07 0 d-------- C:\Program Files\Common Files\ODBC
2007-02-07 11:03:04 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-02-07 11:03:03 0 d-------- C:\Program Files<PROGRA~1>
2007-02-07 11:03:01 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-02-07 11:03:01 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-02-07 11:03:01 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-02-07 11:02:59 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-02-07 11:02:59 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-02-07 11:02:56 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-02-07 11:02:56 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-02-07 11:02:56 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-02-07 11:02:56 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-02-07 11:02:56 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-02-07 11:02:56 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-02-07 11:02:56 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-02-07 11:02:54 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-02-07 11:02:54 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-02-07 11:02:54 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-02-07 11:02:54 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-02-07 11:02:54 6144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-02-07 11:02:52 5632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-02-07 11:02:52 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-02-07 11:02:52 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-02-07 11:02:52 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-02-07 11:02:52 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-02-07 11:02:49 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-02-07 11:02:49 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-02-07 11:02:49 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-02-07 11:02:49 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-02-07 11:02:49 85020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-02-07 11:02:49 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-02-07 11:02:48 9008 --a------ C:\WINDOWS\system\VER.DLL
2007-02-07 11:02:48 19200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-02-07 11:02:48 5120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-02-07 11:02:48 24064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-02-07 11:02:48 82944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-02-07 11:02:48 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-02-07 11:02:47 68768 --a------ C:\WINDOWS\system\mmsystem.dll
2007-02-07 11:02:47 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-02-07 11:02:47 32816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-02-07 11:02:47 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-02-07 11:02:47 69584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-02-07 11:02:46 15360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-02-07 11:02:46 8704 --a------ C:\WINDOWS\system32\batt.dll
2007-02-07 11:02:46 69120 --a------ C:\WINDOWS\notepad.exe
2007-02-07 11:02:45 74752 --a------ C:\WINDOWS\system32\storprop.dll
2007-02-07 11:02:37 0 dr------- C:\Documents and Settings\All Users\Documents<DOCUME~1>
2007-02-07 11:02:24 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-02-07 11:02:24 0 d-------- C:\WINDOWS\system32\CatRoot
2007-02-07 11:01:47 0 d-------- C:\Documents and Settings<DOCUME~1>
2007-02-07 10:54:29 0 d-------- C:\WINDOWS
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\WinSxS
2007-02-07 10:54:29 0 dr------- C:\WINDOWS\Web
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\twain_32
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\wins
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\wbem
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\usmt
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\spool
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\ShellExt
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\Setup
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\ras
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\oobe
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\npp
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\mui
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\inetsrv
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\IME
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\icsxml
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\ias
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\export
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\drivers
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-02-07 10:54:29 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\dhcp
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\config
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\3076
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\2052
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1054
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1042
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1041
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1037
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1033
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1031
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1028
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system32\1025
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\system
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\security
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Resources<RESOUR~1>
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\repair
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\mui
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\msapps
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\msagent
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Media
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\java
2007-02-07 10:54:29 0 d--h----- C:\WINDOWS\inf
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\ime
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Help
2007-02-07 10:54:29 0 dr--s---- C:\WINDOWS\Fonts
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Driver Cache<DRIVER~1>
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Debug
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Cursors
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Connection Wizard<CONNEC~1>
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\Config
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\AppPatch
2007-02-07 10:54:29 0 d-------- C:\WINDOWS\addins
2007-01-29 03:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe


-- Find3M Report ----------------------------------------------------------------

2007-02-17 20:43:06 0 d-------- C:\Documents and Settings\user\Application Data\Mozilla
2007-02-13 22:04:09 0 d---s---- C:\Documents and Settings\user\Application Data\Microsoft<MICROS~1>
2007-02-12 14:15:23 0 d-------- C:\Documents and Settings\user\Application Data\Macromedia<MACROM~1>
2007-02-12 14:13:25 0 d-------- C:\Program Files\Common Files\Macromedia<MACROM~1>
2007-02-12 14:12:36 0 d-------- C:\Program Files\Macromedia<MACROM~1>
2007-02-11 21:42:12 218624 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-02-07 16:22:01 0 d-------- C:\Documents and Settings\user\Application Data\Identities<IDENTI~1>
2007-02-07 11:02:37 62 --ahs---- C:\Documents and Settings\user\Application Data\desktop.ini
2007-01-12 09:27:42 232960 --a------ C:\WINDOWS\system32\webcheck.dll
2007-01-12 09:27:42 51712 -----n--- C:\WINDOWS\system32\msfeedsbs.dll<MSFEED~1.DLL>
2007-01-12 09:27:42 458752 -----n--- C:\WINDOWS\system32\msfeeds.dll
2007-01-12 09:27:42 6054400 --a------ C:\WINDOWS\system32\ieframe.dll
2007-01-08 19:04:54 105984 --a------ C:\WINDOWS\system32\url.dll
2007-01-08 19:04:08 102400 --a------ C:\WINDOWS\system32\occache.dll
2007-01-08 19:02:04 266752 --a------ C:\WINDOWS\system32\iertutil.dll
2007-01-08 19:02:04 44544 --a------ C:\WINDOWS\system32\iernonce.dll
2007-01-08 19:02:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll
2007-01-08 19:02:02 383488 -----n--- C:\WINDOWS\system32\ieapfltr.dll
2007-01-08 19:02:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll
2007-01-08 19:02:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll
2007-01-08 19:02:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll
2007-01-08 19:00:48 124928 --a------ C:\WINDOWS\system32\advpack.dll
2007-01-08 18:08:14 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe
2007-01-08 18:08:10 13824 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-12-19 16:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 13:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-11-27 09:54:06 433152 --a------ C:\WINDOWS\system32\riched20.dll
2006-11-27 09:54:06 539136 --a------ C:\WINDOWS\system32\msftedit.dll


-- Registry Dump ----------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SynTPLpr"="C:\\Program Files\\Synaptics\\SynTP\\SynTPLpr.exe"
"SynTPEnh"="C:\\Program Files\\Synaptics\\SynTP\\SynTPEnh.exe"
"IgfxTray"="C:\\WINDOWS\\System32\\igfxtray.exe"
"HotKeysCmds"="C:\\WINDOWS\\System32\\hkcmd.exe"
"ccApp"="\"C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe\""
"osCheck"="\"C:\\Program Files\\Norton AntiVirus\\osCheck.exe\""
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"iTunesHelper"="\"C:\\Program Files\\iTunes\\iTunesHelper.exe\""
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0\\bin\\jusched.exe\""
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"KernelFaultCheck"=hex(2):25,73,79,73,74,65,6d,72,6f,6f,74,25,5c,73,79,73,74,\
65,6d,33,32,5c,64,75,6d,70,72,65,70,20,30,20,2d,6b,00
"Broadcom Wireless Manager UI"="C:\\WINDOWS\\system32\\WLTRAY.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{C47A9554-195A-4769-9B13-04F15B450A39}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"0aMCPClient"="{F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsMenu"=dword:00000001
"NoFavoritesMenu"=dword:00000000
"NoSMMyDocs"=dword:00000000
"NoSMMyPictures"=dword:00000000
"NoStartMenuMyMusic"=dword:00000000
"NoRecentDocsHistory"=dword:00000001
"NoRecentDocsNetHood"=dword:00000000
"NoSMHelp"=dword:00000000
"NoRun"=dword:00000000
"NoInstrumentation"=dword:00000000
"NoSimpleStartMenu"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoWindowsUpdate"=dword:00000000
"NoRecentDocsMenu"=dword:00000001
"NoFavoritesMenu"=dword:00000000
"NoSMMyDocs"=dword:00000000
"NoSMMyPictures"=dword:00000000
"NoStartMenuMyMusic"=dword:00000000
"NoRecentDocsHistory"=dword:00000001
"ClearRecentDocsOnExit"=dword:00000001
"NoRecentDocsNetHood"=dword:00000000
"NoSMHelp"=dword:00000000
"NoRun"=dword:00000000
"NoUserNameInStartMenu"=dword:00000001
"NoInstrumentation"=dword:00000000
"NoStartMenuPinnedList"=dword:00000000
"ForceStartMenuLogoff"=dword:00000000
"NoSharedDocuments"=dword:00000001

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
Source REG_SZ file:///C:/Documents%20and%20Settings/user/Desktop/Kevin's%20Stuff/SqueakerCryoSleep.jpg

HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkklm
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\xxyvvst

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0


[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{0c7e81de-b898-11db-b0bb-00032524ec4c}]
Shell\AutoRun\command setupSNK.exe

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{206f8221-c066-11db-b0d4-00904bdb957e}]
Shell\AutoRun\command E:\setup.exe /autorun
Shell\directx\command E:\DirectX\dxsetup.exe
Shell\setup\command E:\setup.exe


-- End of ComboScan: finished at 2007-02-27 at 20:34:59 -------------------------


The other log is attached.

Thanks in advanced.


Attached Files
File Type: txt Supplementary.txt (8.6 KB, 3 views)
Last edited by Glaswegian : 03-04-2007 at 01:06 PM. Reason: Removed Code tags
Gskater26 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 03-04-2007, 01:14 PM   #2 (permalink)
Moderator/ Rangemaster TSF Academy; Analyst, Security Team; Oor Wullie; TSF Surgeon and Resident Comic
 
Glaswegian's Avatar
 
Join Date: Sep 2005
Location: Glasgow
Posts: 21,344
OS: Win XP Pro SP3

My System

Blog Entries: 10
Send a message via MSN to Glaswegian
Hi and welcome to TSF.

Apologies for any delay in replying, but we have been rather busy lately, and, of course, all our helpers are volunteers.

My name is Iain and I will be helping you clean your system.

You may wish to Subscribe to this thread (Thread Tools > Subscribe to this thread) so that you are notified when you receive a reply.

Please read these instructions carefully and then print out or copy this page to Notepad in order to assist you when carrying out the fix. You should not have any open browsers or live internet connections when you are following the procedures below.

Note that the fix may take several posts. Please continue to respond to my instructions until I confirm that your system is clean. Remember that although your symptoms may vanish, this does NOT mean that your system is clean.


Vundo Fix
Please download Vundofix to your desktop.
  • Double-click VundoFix.exe to run it.
  • Click Scan for Vundo button.
  • Once it's done scanning, click the Remove Vundo button.
  • You will receive a prompt asking if you want to remove the files, click YES
  • Once you click yes, your desktop will go blank as it starts removing Vundo.
  • When completed, it will prompt that it will shutdown your computer, click OK.
  • Turn your computer back on.
  • It will produce a log of it's actions at C:\vundofix.txt Post back that log & a fresh HJT log
__________________
Iain - Defender of the Haggis and all things Scottish.
I don't help by PM - post in the Forums.



Ad-Aware::SpywareBlaster::SpyBot::SpywareGuard::SnoopFree::AVG Free::HOSTS File::HijackThis::Donate::5 Steps For Infected PCs
Glaswegian is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 02:06 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82