Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
PR**.tmp? PR**.tmp?
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 04-17-2007, 07:39 AM   #1 (permalink)
Registered User
 
Join Date: Apr 2007
Posts: 2
OS: WinXP/SP2


PR**.tmp?
Hey, I'm really tired right now so sorry if I say something stupid.

I've got a problem. A somewhat weird one. Kaspersky, TrendMicro, ZoneAlarm and some other online scanner I can't recall don't detect it, and neither do Spybot S&D or AdAware. It's like a ninja. But it's there.

Behaviour is that it creates files in the windows/temp directory. If I delete the temp directory, it halts it for a time until something else recreates it out of need.

These files are named PR**.tmp, which doesn't follow too much of a pattern outside of them being PRA.tmp, PRB.tmp, PRC4.tmp etc.

These files start small, and grow larger and larger. They're then deleted. Then more come. Sometimes a lot, sometimes only one or two. The overall size varies, and they aren't all the same size as each other. Generally they don't get larger than about 350mb, but I've seen them get to a little over 700. The real problem is that it chews up my system's resources to varying degrees. Sometimes it just slows things down a little, other times it brings the system to a standstill and my only option is to reboot.

I've tried Googling this, but the only sites I get for it are in German and sometimes Russian, and aren't much help (except for helping me find my way here).

Is this some form of Malware, or is my system going crazy for some other reason? I got so sick of the problem that I formatted my system drive, but it came back (potentially through something I kept?). I'm really at a loss.

Here's the Deckard log file and extra.txt.

I hope I've done this right, and I apologise if not.

Deckard's System Scanner v20070411.38
Run by Brodieman on 2007-04-17 at 23:24:22
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
31: 2007-04-17 13:54:29 UTC - RP31 - Deckard's System Scanner Restore Point
30: 2007-04-17 05:19:28 UTC - RP30 - Installed Windows XP KB928090.
29: 2007-04-17 05:17:05 UTC - RP29 - Installed Windows XP KB929969.
28: 2007-04-17 05:16:32 UTC - RP28 - Software Distribution Service 2.0
27: 2007-04-17 04:52:15 UTC - RP27 - Software Distribution Service 2.0


-- First Restore Point --
1: 2007-04-16 19:49:51 UTC - RP1 - System Checkpoint


Backed up registry hives.

Performed disk cleanup.


-- HijackThis (run as Brodieman.exe) -------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 11:25:04 PM, on 17/04/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\system32\WTablet\TabUserW.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\Tablet.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\SEC\MagicTune3.5_Client\GammaTray.exe
C:\Program Files\SEC\Natural Color\NaturalColorLoad.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Winamp\winamp.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Documents and Settings\Brodieman\Desktop\dss.exe
C:\PROGRA~1\HIJACK~1\Brodieman.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB001" /M "Stylus CX3700"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Color Calibration.lnk = ?
O4 - Global Startup: MagicTune3.5.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NaturalColorLoad.lnk = ?
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1176756098468
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1176756305281
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:\WINDOWS\system32\Tablet.exe


-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 viamraid - c:\windows\system32\drivers\viamraid.sys
R1 MagicTune - c:\windows\system32\drivers\mtictwl.sys
R3 FET5X86V (VIA Rhine-Family Fast-Ethernet Adapter Driver Service) - c:\windows\system32\drivers\fetnd5bv.sys
R3 HCF_MSFT - c:\windows\system32\drivers\hcf_msft.sys
R3 wacommousefilter (Wacom Mouse Filter Driver) - c:\windows\system32\drivers\wacommousefilter.sys
R3 wacomvhid (Wacom Virtual Hid Driver) - c:\windows\system32\drivers\wacomvhid.sys

S3 FETNDIS (VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver) - c:\windows\system32\drivers\fetnd5.sys
S3 FETNDISB (VIA Rhine Family Fast Ethernet Adapter Driver Service) - c:\windows\system32\drivers\fetnd5b.sys
S3 NTSIM - c:\windows\system32\ntsim.sys


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 TabletService - c:\windows\system32\tablet.exe


-- Files created between 2007-03-17 and 2007-04-17 -----------------------------

2007-04-17 22:47:50 0 d-------- C:\Program Files\SpywareGuard<SPYWAR~2>
2007-04-17 22:45:18 0 d-------- C:\Program Files\SpywareBlaster<SPYWAR~1>
2007-04-17 22:44:17 0 d-------- C:\ie-spyad
2007-04-17 21:41:06 0 d-------- C:\Documents and Settings\Brodieman\Application Data\uTorrent
2007-04-17 21:40:52 0 d-------- C:\Program Files\uTorrent
2007-04-17 21:20:22 2560 -----n--- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-04-17 21:20:22 2432 -----n--- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-04-17 21:20:21 36528 -----n--- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-17 21:20:19 115880 -----n--- C:\WINDOWS\system32\pxinsi64.exe
2007-04-17 21:20:17 129784 -----n--- C:\WINDOWS\system32\pxafs.dll
2007-04-17 21:19:24 0 d-------- C:\Program Files\Winamp
2007-04-17 21:19:24 0 d-------- C:\Documents and Settings\Brodieman\Application Data\Winamp
2007-04-17 14:34:51 76288 --a------ C:\WINDOWS\system32\uniime.dll
2007-04-17 14:34:44 811064 --a------ C:\WINDOWS\system32\imjp81k.dll
2007-04-17 14:34:42 838144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2007-04-17 14:34:42 1677824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2007-04-17 14:34:41 98304 --a------ C:\WINDOWS\system32\msir3jp.dll
2007-04-17 14:34:41 70656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2007-04-17 14:34:24 218112 --a------ C:\WINDOWS\system32\c_g18030.dll
2007-04-17 14:34:23 6144 --a------ C:\WINDOWS\system32\kbd101a.dll
2007-04-17 14:34:14 7680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2007-04-17 14:34:14 9216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2007-04-17 14:34:14 7168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2007-04-17 14:34:14 6144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2007-04-17 14:34:14 6656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2007-04-17 14:34:14 7168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2007-04-17 14:34:13 7168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2007-04-17 14:34:13 6144 --a------ C:\WINDOWS\system32\kbdax2.dll
2007-04-17 14:34:13 6144 --a------ C:\WINDOWS\system32\kbd106n.dll
2007-04-17 14:34:13 6144 --a------ C:\WINDOWS\system32\kbd101.dll
2007-04-17 14:33:54 6656 --a------ C:\WINDOWS\system32\c_is2022.dll
2007-04-17 14:33:53 185344 --a------ C:\WINDOWS\system32\Thawbrkr.dll
2007-04-17 14:33:53 8192 --a------ C:\WINDOWS\system32\kbdkor.dll
2007-04-17 14:33:53 8704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2007-04-17 14:33:53 5120 -ra------ C:\WINDOWS\system32\kbdarmw.dll
2007-04-17 14:33:53 6144 --a------ C:\WINDOWS\system32\kbd106.dll
2007-04-17 14:33:53 5632 --a------ C:\WINDOWS\system32\kbd103.dll
2007-04-17 14:33:53 6144 --a------ C:\WINDOWS\system32\kbd101c.dll
2007-04-17 14:33:53 6144 --a------ C:\WINDOWS\system32\kbd101b.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdvntc.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdintel.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdintam.dll
2007-04-17 14:33:52 6144 -ra------ C:\WINDOWS\system32\kbdinpun.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdinmar.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdinkan.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdinhin.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdinguj.dll
2007-04-17 14:33:52 5632 -ra------ C:\WINDOWS\system32\kbdindev.dll
2007-04-17 14:33:52 5120 -ra------ C:\WINDOWS\system32\kbdgeo.dll
2007-04-17 14:33:52 5120 -ra------ C:\WINDOWS\system32\kbdarme.dll
2007-04-17 14:33:52 10752 --a------ C:\WINDOWS\system32\c_iscii.dll
2007-04-17 14:33:50 5632 -ra------ C:\WINDOWS\system32\kbdsyr2.dll
2007-04-17 14:33:50 5632 -ra------ C:\WINDOWS\system32\kbdsyr1.dll
2007-04-17 14:33:50 5632 -ra------ C:\WINDOWS\system32\kbddiv2.dll
2007-04-17 14:33:49 5632 --a------ C:\WINDOWS\system32\kbdusa.dll
2007-04-17 14:33:49 5632 -ra------ C:\WINDOWS\system32\kbdurdu.dll
2007-04-17 14:33:49 5632 -ra------ C:\WINDOWS\system32\kbdfa.dll
2007-04-17 14:33:49 5632 -ra------ C:\WINDOWS\system32\kbddiv1.dll
2007-04-17 14:33:49 5632 -ra------ C:\WINDOWS\system32\kbda3.dll
2007-04-17 14:33:49 5632 -ra------ C:\WINDOWS\system32\kbda2.dll
2007-04-17 14:33:49 5632 -ra------ C:\WINDOWS\system32\kbda1.dll
2007-04-17 14:33:46 5632 -ra------ C:\WINDOWS\system32\kbdheb.dll
2007-04-17 14:33:42 6144 -ra------ C:\WINDOWS\system32\kbdth3.dll
2007-04-17 14:33:42 6144 -ra------ C:\WINDOWS\system32\kbdth2.dll
2007-04-17 14:33:42 5632 -ra------ C:\WINDOWS\system32\kbdth1.dll
2007-04-17 14:33:42 5632 -ra------ C:\WINDOWS\system32\kbdth0.dll
2007-04-17 14:33:42 6144 --a------ C:\WINDOWS\system32\ftlx041e.dll
2007-04-17 14:29:31 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2007-04-17 14:29:17 0 d-------- C:\WINDOWS\network diagnostic<NETWOR~1>
2007-04-17 14:26:20 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-17 14:25:51 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-17 14:25:07 27165 --a------ C:\WINDOWS\system32\drivers\fetnd5.sys
2007-04-17 14:25:05 74240 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-17 14:25:00 0 d-------- C:\Program Files\Windows Media Connect 2<WINDOW~4>
2007-04-17 14:24:58 46464 --a------ C:\WINDOWS\system32\drivers\GAGP30KX.SYS
2007-04-17 14:24:55 907456 --a------ C:\WINDOWS\system32\drivers\HCF_MSFT.sys
2007-04-17 14:23:51 0 d--hs---- C:\WINDOWS\Installer<INSTAL~1>
2007-04-17 14:23:50 0 d-------- C:\Program Files\Common Files\ODBC
2007-04-17 14:23:48 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-04-17 14:23:47 0 dr------- C:\Program Files<PROGRA~1>
2007-04-17 14:23:44 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-17 14:23:44 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-17 14:23:44 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-17 14:23:42 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-17 14:23:42 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-17 14:23:39 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-17 14:23:39 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-17 14:23:39 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-17 14:23:39 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-17 14:23:39 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-17 14:23:39 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-17 14:23:39 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-17 14:23:38 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-17 14:23:38 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-17 14:23:38 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-17 14:23:38 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-17 14:23:37 6144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-04-17 14:23:35 5632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-04-17 14:23:35 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-04-17 14:23:35 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-17 14:23:35 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-04-17 14:23:35 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-17 14:23:32 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-17 14:23:32 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-17 14:23:32 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-17 14:23:32 85020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-17 14:23:32 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-17 14:23:31 9008 --a------ C:\WINDOWS\system\VER.DLL
2007-04-17 14:23:31 19200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-17 14:23:31 5120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-17 14:23:31 24064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-17 14:23:31 82944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-17 14:23:31 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-17 14:23:30 15360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-17 14:23:30 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-17 14:23:30 32816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-17 14:23:30 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-17 14:23:30 69584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-17 14:23:29 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-17 14:23:29 8704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-17 14:23:29 68768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-17 14:23:29 69120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-04-17 14:23:26 74752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-17 14:23:19 0 dr------- C:\Documents and Settings\All Users\Documents<DOCUME~1>
2007-04-17 14:21:28 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-04-17 14:21:28 0 d-------- C:\WINDOWS\system32\CatRoot
2007-04-17 14:20:54 0 d--hs---- C:\System Volume Information<SYSTEM~1>
2007-04-17 14:20:54 0 d-------- C:\Documents and Settings<DOCUME~1>
2007-04-17 14:16:18 0 d-------- C:\WINDOWS
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\WinSxS
2007-04-17 14:16:18 0 dr------- C:\WINDOWS\Web
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\twain_32
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\wins
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\wbem
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\usmt
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\spool
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\ShellExt
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\Setup
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\ras
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\oobe
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\npp
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\mui
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\inetsrv
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\IME
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\icsxml
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\ias
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\export
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\drivers
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-17 14:16:18 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\dhcp
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\config
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\3076
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\2052
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1054
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1042
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1041
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1037
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1033
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1031
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1028
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system32\1025
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\system
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\security
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Resources<RESOUR~1>
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\repair
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Provisioning<PROVIS~1>
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\PeerNet
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\pchealth
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\mui
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\msapps
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\msagent
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Media
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\java
2007-04-17 14:16:18 0 d--h----- C:\WINDOWS\inf
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\ime
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Help
2007-04-17 14:16:18 0 dr--s---- C:\WINDOWS\Fonts
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\ehome
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Driver Cache<DRIVER~1>
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Debug
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Cursors
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Connection Wizard<CONNEC~1>
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\Config
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\AppPatch
2007-04-17 14:16:18 0 d-------- C:\WINDOWS\addins
2007-04-17 14:11:02 0 d-------- C:\Documents and Settings\LocalService\Application Data\WTablet
2007-04-17 07:23:25 0 d-------- C:\78b83240cf5511dd3b<78B832~1>
2007-04-17 07:23:15 0 d-------- C:\WINDOWS\system32\LogFiles
2007-04-17 07:23:15 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-17 07:05:29 0 d-------- C:\WINDOWS\RegisteredPackages<REGIST~2>
2007-04-17 06:37:59 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo!
2007-04-17 06:35:58 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-17 06:35:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage<WINDOW~1>
2007-04-17 06:31:16 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-04-17 06:31:16 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-04-17 06:31:06 0 d-------- C:\Program Files\Kaspersky Lab<KASPER~1>
2007-04-17 06:31:06 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab<KASPER~1>
2007-04-17 06:31:05 74528 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-04-17 06:31:05 1075232 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-04-17 06:29:58 0 d-------- C:\kav
2007-04-17 06:28:04 0 d-------- C:\Documents and Settings\Brodieman\Application Data\Lavasoft
2007-04-17 06:27:56 0 d-------- C:\Program Files\Lavasoft
2007-04-17 06:27:32 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy<SPYBOT~1>
2007-04-17 06:26:11 0 d-------- C:\Program Files\Yahoo!
2007-04-17 06:25:28 0 d--hs---- C:\RECYCLER
2007-04-17 06:18:58 0 d-------- C:\WINDOWS\system32\PreInstall<PREINS~1>
2007-04-17 06:18:57 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-04-17 06:18:56 0 d--h----- C:\WINDOWS\$hf_mig$
2007-04-17 06:13:24 0 d-------- C:\Documents and Settings\Brodieman\Contacts
2007-04-17 06:13:12 18200 --a------ C:\WINDOWS\system32\wups2.dll
2007-04-17 06:13:11 0 d-------- C:\WINDOWS\system32\SoftwareDistribution<SOFTWA~1>
2007-04-17 06:13:01 0 d------c- C:\WINDOWS\system32\DRVSTORE
2007-04-17 06:12:33 0 d-------- C:\Program Files\MSN Messenger<MSNMES~1>
2007-04-17 06:11:26 0 d--hs---- C:\Documents and Settings\Brodieman\UserData
2007-04-17 06:02:11 0 d-------- C:\Documents and Settings\All Users\Application Data\UDL
2007-04-17 05:59:52 479232 --a------ C:\WINDOWS\system32\PICSDK.dll
2007-04-17 05:59:52 114688 --a------ C:\WINDOWS\system32\EpPicPrt.dll
2007-04-17 05:59:52 92240 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat<EP2DCB~1.DAT>
2007-04-17 05:59:52 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_PT.dat<EPF40C~1.DAT>
2007-04-17 05:59:52 1120 --a------ C:\WINDOWS\system32\EPPICPresetData_IT.dat<EPF8EB~1.DAT>
2007-04-17 05:59:52 1107 --a------ C:\WINDOWS\system32\EPPICPresetData_GE.dat<EPB0EF~1.DAT>
2007-04-17 05:59:52 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_FR.dat<EPECD3~1.DAT>
2007-04-17 05:59:52 1136 --a------ C:\WINDOWS\system32\EPPICPresetData_ES.dat<EPF8D7~1.DAT>
2007-04-17 05:59:52 1104 --a------ C:\WINDOWS\system32\EPPICPresetData_EN.dat<EPD8D3~1.DAT>
2007-04-17 05:59:52 1146 --a------ C:\WINDOWS\system32\EPPICPresetData_DU.dat<EPF4DF~1.DAT>
2007-04-17 05:59:52 1129 --a------ C:\WINDOWS\system32\EPPICPresetData_CF.dat<EPB0D3~1.DAT>
2007-04-17 05:59:52 1139 --a------ C:\WINDOWS\system32\EPPICPresetData_BP.dat<EPECCB~1.DAT>
2007-04-17 05:59:52 4943 --a------ C:\WINDOWS\system32\EPPICPattern6.dat<EPE400~1.DAT>
2007-04-17 05:59:52 21390 --a------ C:\WINDOWS\system32\EPPICPattern5.dat<EPE000~1.DAT>
2007-04-17 05:59:52 11811 --a------ C:\WINDOWS\system32\EPPICPattern4.dat<EPPICP~4.DAT>
2007-04-17 05:59:52 24903 --a------ C:\WINDOWS\system32\EPPICPattern3.dat<EPPICP~3.DAT>
2007-04-17 05:59:52 20148 --a------ C:\WINDOWS\system32\EPPICPattern2.dat<EPPICP~2.DAT>
2007-04-17 05:59:52 26154 --a------ C:\WINDOWS\system32\EPPICPattern1.dat<EPPICP~1.DAT>
2007-04-17 05:59:52 65536 --a------ C:\WINDOWS\system32\EPPicMgr.dll
2007-04-17 05:58:10 79679 --a------ C:\WINDOWS\system32\E_FLMACP.DLL
2007-04-17 05:58:10 34304 --a------ C:\WINDOWS\system32\E_FBCHACP.DLL<E_FBCH~1.DLL>
2007-04-17 05:58:10 64000 --a------ C:\WINDOWS\system32\E_FBCBACP.DLL<E_FBCB~1.DLL>
2007-04-17 05:58:10 49152 --a------ C:\WINDOWS\system32\E_DCINST.DLL
2007-04-17 05:58:05 25856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-04-17 05:58:00 15104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys
2007-04-17 05:57:56 31616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-04-17 05:53:17 29696 --a------ C:\WINDOWS\system32\escwiad.dll
2007-04-17 05:53:17 46080 --a------ C:\WINDOWS\system32\escimgd.dll
2007-04-17 05:53:17 22016 --a------ C:\WINDOWS\system32\esccmd.dll
2007-04-17 05:53:17 0 d-------- C:\Program Files\epson
2007-04-17 05:50:50 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink<CYBERL~1>
2007-04-17 05:50:47 0 d-------- C:\Program Files\CyberLink<CYBERL~1>
2007-04-17 05:46:59 8 --a------ C:\WINDOWS\system32\nvModes.dat
2007-04-17 05:46:27 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles<NVIEW_~1>
2007-04-17 05:41:15 74880 --a------ C:\WINDOWS\system32\sam_nv4_disp.dll<SAM_NV~1.DLL>
2007-04-17 05:40:32 40960 --a------ C:\WINDOWS\system32\nvgpio.dll
2007-04-17 05:40:32 36864 --a------ C:\WINDOWS\system32\nvapi9x.dll
2007-04-17 05:40:32 12062 --a------ C:\WINDOWS\system32\drivers\MTiCtwl.sys
2007-04-17 05:38:54 65536 --a------ C:\WINDOWS\system32\Gif89.dll
2007-04-17 05:38:53 0 d-------- C:\Program Files\SEC
2007-04-17 05:35:53 0 d-------- C:\Documents and Settings\Brodieman\Application Data\WTablet
2007-04-17 05:35:39 0 d-------- C:\WINDOWS\system32\WTablet
2007-04-17 05:35:39 135168 --a------ C:\WINDOWS\system32\Wintab32.dll
2007-04-17 05:35:39 942080 --a------ C:\WINDOWS\system32\Tablet.exe
2007-04-17 05:35:39 6144 --a------ C:\WINDOWS\system32\drivers\wacomvhid.sys<WACOMV~1.SYS>
2007-04-17 05:35:39 5632 --a------ C:\WINDOWS\system32\drivers\wacommousefilter.sys<WACOMM~1.SYS>
2007-04-17 05:35:37 0 d-------- C:\Program Files\Tablet
2007-04-17 05:35:20 0 d-------- C:\Program Files\VIALAN
2007-04-17 05:34:53 208896 --a------ C:\WINDOWS\system32\nvudisp.exe
2007-04-17 05:34:53 0 d-------- C:\WINDOWS\nview
2007-04-17 05:34:43 208896 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-17 05:34:27 0 d-------- C:\NVIDIA
2007-04-17 05:33:26 74112 -ra------ C:\WINDOWS\system32\drivers\viamraid.sys
2007-04-17 05:33:15 0 d-------- C:\Program Files\VIA
2007-04-17 05:32:26 7040 -ra------ C:\WINDOWS\system32\ntsim.sys
2007-04-17 05:32:20 42496 --a------ C:\WINDOWS\system32\drivers\fetnd5b.sys
2007-04-17 05:31:34 39424 --a------ C:\WINDOWS\system32\drivers\AmdK8.sys
2007-04-17 05:31:34 0 d-------- C:\Program Files\AMD
2007-04-17 05:28:56 0 d-------- C:\WINDOWS\system32\ReinstallBackups<REINST~1>
2007-04-17 05:28:51 306688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-17 05:28:07 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-04-17 05:28:05 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-17 05:28:03 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-17 05:28:00 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-17 05:27:57 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-17 05:27:56 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-17 05:27:54 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-17 05:27:53 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-17 05:27:52 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-17 05:27:51 7552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-17 05:27:50 4992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-17 05:27:47 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-17 05:27:43 4024832 -ra------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2007-04-17 05:27:42 4096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-17 05:27:42 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-17 05:27:42 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-17 05:27:35 10528768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2007-04-17 05:27:35 0 d-------- C:\Program Files\Realtek AC97<REALTE~1>
2007-04-17 05:27:33 147456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2007-04-17 05:27:33 577536 --a------ C:\WINDOWS\soundman.exe
2007-04-17 05:27:33 315392 --a------ C:\WINDOWS\alcupd.exe
2007-04-17 05:27:33 217088 --a------ C:\WINDOWS\Alcrmv.exe
2007-04-17 05:27:32 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-04-17 05:26:48 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-04-17 05:24:53 0 d-------- C:\WINDOWS\ShellNew
2007-04-17 05:23:47 0 d-------- C:\Documents and Settings\Brodieman\Application Data\Microsoft Web Folders<MICROS~2>
2007-04-17 05:19:20 2097152 --ah----- C:\Documents and Settings\Brodieman\NTUSER.DAT
2007-04-17 05:17:22 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-04-17 05:17:20 0 d-------- C:\WINDOWS\Prefetch
2007-04-17 05:17:19 786432 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-04-17 05:16:58 786432 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-04-17 05:14:14 0 d-------- C:\WINDOWS\system32\xircom
2007-04-17 05:14:14 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-04-17 05:14:01 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-04-17 05:13:48 0 -rahs---- C:\MSDOS.SYS
2007-04-17 05:13:48 0 -rahs---- C:\IO.SYS
2007-04-17 05:13:48 0 --a------ C:\CONFIG.SYS
2007-04-17 05:13:48 0 --a------ C:\AUTOEXEC.BAT
2007-04-17 05:13:29 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-17 05:12:45 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-04-17 05:12:33 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-04-17 05:12:33 0 d---s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-04-17 05:12:22 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-04-17 05:11:59 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-17 05:11:37 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-17 05:11:28 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-17 05:11:26 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-17 05:11:23 0 d---s---- C:\WINDOWS\Tasks
2007-04-17 05:11:23 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-17 05:11:22 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-17 05:11:18 0 d-------- C:\WINDOWS\srchasst
2007-04-17 05:11:17 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-17 05:11:14 173536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-17 05:11:14 41240 --a------ C:\WINDOWS\system32\wups.dll
2007-04-17 05:11:14 127256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-17 05:11:14 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-17 05:11:14 194328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-17 05:11:14 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-17 05:11:14 172312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-17 05:11:14 124184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-17 05:11:14 465176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-17 05:11:13 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-17 05:11:13 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-17 05:11:13 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-17 05:11:13 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-17 05:11:10 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-04-17 05:11:06 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-17 05:11:06 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-17 05:11:06 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-17 05:11:05 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-17 05:11:02 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-17 05:11:02 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-17 05:11:02 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-17 05:11:02 0 d-------- C:\WINDOWS\system32\Restore
2007-04-17 05:11:02 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-04-17 05:11:02 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-17 05:11:02 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-17 05:11:02 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2007-04-17 05:11:01 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-17 05:11:01 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-17 05:11:01 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-17 05:11:01 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-17 05:11:00 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-17 05:11:00 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-17 05:10:58 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-17 05:10:58 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-17 05:10:57 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-17 05:10:56 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-17 05:10:55 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-17 05:10:55 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-17 05:10:55 274944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-17 05:10:54 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-17 05:10:54 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-17 05:10:54 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-17 05:10:54 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-17 05:10:22 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-04-17 05:10:07 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-04-17 05:10:00 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-04-17 05:09:53 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-04-17 05:09:49 5632 --a------ C:\WINDOWS\system32\write.exe
2007-04-17 05:09:49 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-04-17 05:09:38 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-17 05:09:38 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-17 05:09:38 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-17 05:09:38 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-17 05:09:38 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-17 05:09:37 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-17 05:09:29 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-17 05:09:29 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-17 05:09:29 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-17 05:09:28 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-17 05:09:28 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-17 05:09:28 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-17 05:09:28 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-17 05:09:28 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-17 05:09:27 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-17 05:09:27 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-17 05:09:27 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-17 05:09:27 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-17 05:09:27 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-17 05:09:27 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-17 05:09:27 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-17 05:09:27 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-17 05:09:27 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-17 05:09:27 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-17 05:09:26 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-17 05:09:26 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-17 05:09:26 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-17 05:09:26 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-17 05:09:25 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-17 05:09:25 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-17 05:09:25 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-17 05:09:25 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-17 05:09:25 97792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-17 05:09:25 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-17 05:09:24 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-17 05:09:24 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-17 05:09:10 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-17 05:09:09 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-17 05:09:09 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-17 05:09:09 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-17 05:09:09 347136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-17 05:09:09 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-04-17 05:09:08 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-17 05:09:08 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-17 05:09:08 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-17 05:09:08 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-17 05:09:08 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-17 05:09:07 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-17 05:09:07 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-17 05:09:07 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-17 05:09:07 60416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-17 05:09:07 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-17 05:09:07 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-17 05:09:07 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-17 05:09:07 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-17 05:09:07 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-17 05:09:06 295424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-17 05:09:06 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-17 05:09:06 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-17 05:09:06 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-17 05:09:06 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-17 05:09:06 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-17 05:09:06 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-17 05:09:06 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-17 05:09:06 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-17 05:09:05 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-17 05:09:05 91136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-17 05:09:05 956416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-17 05:09:05 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-17 05:09:05 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-17 05:09:05 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-17 05:09:04 0 d-------- C:\WINDOWS\system32\Com
2007-04-17 05:09:04 60416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-17 05:09:04 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-17 05:09:04 625152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-17 05:09:04 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-17 05:09:04 225792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-17 05:09:03 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-17 05:09:03 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-17 05:09:03 498688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-17 05:08:57 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-17 05:08:56 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-17 05:08:56 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-17 05:08:56 185344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-17 05:08:55 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-17 05:08:54 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys


-- Find3M Report ---------------------------------------------------------------

2007-04-17 21:32:28 0 d---s---- C:\Documents and Settings\Brodieman\Application Data\Microsoft<MICROS~1>
2007-04-17 14:23:19 62 --ahs---- C:\Documents and Settings\Brodieman\Application Data\desktop.ini
2007-04-17 06:35:55 0 d-------- C:\Documents and Settings\Brodieman\Application Data\Mozilla
2007-04-17 06:32:35 0 d-------- C:\Documents and Settings\Brodieman\Application Data\Macromedia<MACROM~1>
2007-04-17 05:19:37 0 d-------- C:\Documents and Settings\Brodieman\Application Data\Identities<IDENTI~1>
2007-03-17 23:13:01 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-09 19:52:52 200768 --a------ C:\WINDOWS\system32\klogon.dll
2007-03-09 0128 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-09 0128 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-09 0128 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 23:17:48 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-06 05:47:02 185344 --a------ C:\WINDOWS\system32\upnphost.dll
2007-01-19 12:53:04 51056 --a------ C:\WINDOWS\system32\sirenacm.dll


-- Registry Dump ---------------------------------------------------------------


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Yahoo! Pager"="\"C:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe\" -quiet"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"SoundMan"="SOUNDMAN.EXE"
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"EPSON Stylus CX3700 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATIACP.EXE /P26 \"EPSON Stylus CX3700 Series\" /O6 \"USB001\" /M \"Stylus CX3700\""
"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"


[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0



-- End of Deckard's System Scanner: finished at 2007-04-17 at 23:39:11 ---------
Attached Files
File Type: txt extra.txt (7.8 KB, 0 views)
Fodder Boy is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 04-19-2007, 08:40 AM   #2 (permalink)
Registered User
 
Join Date: Apr 2007
Posts: 2
OS: WinXP/SP2


Re: PR**.tmp?
Bump.
Fodder Boy is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 07:21 PM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82