Welcome to Tech Support Forum home to more then 136,000 problems solved. Issues have included: Spyware, Malware, Virus Issues, Windows, Microsoft, Linux, Networking, Security, Hardware, and Gaming Getting your problem solved is as easy as:
1. Registering for a free account
2. Asking your question
3. Receiving an answer

Registered members:
* Get free support
* Communicate privately with other members (PM).
* Removal of this message
* See fewer ads.
* And much more..

 




Want to know how to post a question? click here Having problems with spyware and pop-ups? First Steps
Go Back   Tech Support Forum > Security Center > HijackThis Log Help
IDK if its me or is there something wrong?? IDK if its me or is there something wrong??
User Name
Password
Site Map Register Donate Rules Blogs Mark Forums Read

HijackThis Log Help Get Rid Of Malware With Help From Our Analysts. Follow the "First Steps" link at the top right of each page before posting for help.

Reply
 
Thread Tools
Old 06-27-2008, 12:14 AM   #1 (permalink)
Registered User
 
Join Date: Jun 2008
Posts: 5
OS: XP Pro SP2


Confused IDK if its me or is there something wrong??
Wut is with the WINDOWS.0??? Is it from my AVG??




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:13:03 AM, on 6/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20815)
Boot mode: Normal

Running processes:
F:\WINDOWS.0\System32\smss.exe
F:\WINDOWS.0\system32\winlogon.exe
F:\WINDOWS.0\system32\services.exe
F:\WINDOWS.0\system32\lsass.exe
F:\WINDOWS.0\system32\svchost.exe
F:\WINDOWS.0\System32\svchost.exe
F:\WINDOWS.0\system32\spoolsv.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\WINDOWS.0\Explorer.EXE
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
F:\Program Files\UPHClean\uphclean.exe
F:\PROGRA~1\AVG\AVG8\avgrsx.exe
F:\PROGRA~1\AVG\AVG8\avgemc.exe
F:\PROGRA~1\AVG\AVG8\avgtray.exe
F:\WINDOWS.0\system32\RunDll32.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
F:\WINDOWS.0\system32\ctfmon.exe
F:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
F:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
F:\Program Files\YPOPs\YPOPs.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Documents and Settings\sdf'igjp\Application Data\mjusbsp\magicJack.exe
F:\WINDOWS.0\system32\taskmgr.exe
F:\Documents and Settings\sdf'igjp\Application Data\U3\0000183947743E38\LaunchPad.exe
F:\Program Files\Mozilla Firefox\firefox.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "F:\Documents and Settings\sdf'igjp\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: YPOPs.lnk = ?
O4 - Global Startup: MiniEYE-MiniREAD Launch.lnk = F:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
O4 - Global Startup: RAID Manager.lnk = F:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{94676C83-C77D-4F50-8F5E-1940340C18B5}: NameServer = 192.168.2.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll prio.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - F:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - F:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe

--
End of file - 6351 bytes
Attached Files
File Type: txt 6_27_2008.txt (6.2 KB, 0 views)
Last edited by tabryan08 : 06-27-2008 at 12:18 AM.
tabryan08 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 06-27-2008, 09:09 AM   #2 (permalink)
Registered User
 
Join Date: Jun 2008
Posts: 5
OS: XP Pro SP2


Re: IDK if its me or is there something wrong??
Deckard's System Scanner v20071014.68
Run by Thomas on 2008-06-27 02:37:37
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
23: 2008-06-27 06:37:44 UTC - RP30 - Deckard's System Scanner Restore Point
22: 2008-06-26 15:15:33 UTC - RP29 - System Checkpoint
21: 2008-06-25 14:41:52 UTC - RP28 - System Checkpoint
20: 2008-06-24 14:15:08 UTC - RP27 - System Checkpoint
19: 2008-06-23 14:13:15 UTC - RP26 - System Checkpoint


-- First Restore Point --
1: 2008-06-14 03:57:19 UTC - RP8 - Installed Microsoft Office Professional Edition 2003


Backed up registry hives.
Performed disk cleanup.



-- HijackThis (run as Thomas.exe) ----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:38:10 AM, on 6/27/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20815)
Boot mode: Normal

Running processes:
F:\WINDOWS.0\System32\smss.exe
F:\WINDOWS.0\system32\winlogon.exe
F:\WINDOWS.0\system32\services.exe
F:\WINDOWS.0\system32\lsass.exe
F:\WINDOWS.0\system32\svchost.exe
F:\WINDOWS.0\System32\svchost.exe
F:\WINDOWS.0\system32\spoolsv.exe
F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
F:\Program Files\Bonjour\mDNSResponder.exe
F:\WINDOWS.0\Explorer.EXE
F:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
F:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
F:\Program Files\UPHClean\uphclean.exe
F:\PROGRA~1\AVG\AVG8\avgrsx.exe
F:\PROGRA~1\AVG\AVG8\avgemc.exe
F:\WINDOWS.0\system32\RunDll32.exe
F:\Program Files\iTunes\iTunesHelper.exe
F:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
F:\WINDOWS.0\system32\ctfmon.exe
F:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
F:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
F:\Program Files\YPOPs\YPOPs.exe
F:\Program Files\iPod\bin\iPodService.exe
F:\Documents and Settings\sdf'igjp\Application Data\mjusbsp\magicJack.exe
F:\Documents and Settings\sdf'igjp\Application Data\U3\0000183947743E38\LaunchPad.exe
F:\Documents and Settings\sdf'igjp\Desktop\dss.exe
F:\PROGRA~1\TRENDM~1\HIJACK~1\Thomas.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O4 - HKLM\..\Run: [AVG8_TRAY] F:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "F:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "F:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\WINDOWS.0\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "F:\Documents and Settings\sdf'igjp\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - HKUS\S-1-5-19\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [TSClientMSIUninstaller] cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs" (User 'Default user')
O4 - Startup: YPOPs.lnk = ?
O4 - Global Startup: MiniEYE-MiniREAD Launch.lnk = F:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe
O4 - Global Startup: RAID Manager.lnk = F:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
O8 - Extra context menu item: E&xport to Microsoft Office Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - F:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - F:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{94676C83-C77D-4F50-8F5E-1940340C18B5}: NameServer = 192.168.2.1
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - F:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll prio.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - F:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - F:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - F:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - F:\Program Files\iPod\bin\iPodService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - F:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - F:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe

--
End of file - 6274 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 PQNTDrv - f:\windows.0\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R1 SCDEmu - f:\windows.0\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

R2 Apple Mobile Device - "f:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe" <Not Verified; Apple, Inc.; Apple Mobile Device Service>
R2 Bonjour Service - "f:\program files\bonjour\mdnsresponder.exe" <Not Verified; Apple Inc.; Bonjour>
R2 UPHClean (User Profile Hive Cleanup) - f:\program files\uphclean\uphclean.exe <Not Verified; Microsoft Corporation; User Profile Hive Cleanup Service>


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: SiS 900 PCI Fast Ethernet Adapter
Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_09001039&REV_90\3&267A616A&0&20
Manufacturer: SiS
Name: SiS 900 PCI Fast Ethernet Adapter
PNP Device ID: PCI\VEN_1039&DEV_0900&SUBSYS_09001039&REV_90\3&267A616A&0&20
Service: SISNIC

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}
Description: Ethernet Controller
Device ID: PCI\VEN_11AB&DEV_1FAA&SUBSYS_1FAA11AB&REV_03\3&267A616A&0&48
Manufacturer:
Name: Ethernet Controller
PNP Device ID: PCI\VEN_11AB&DEV_1FAA&SUBSYS_1FAA11AB&REV_03\3&267A616A&0&48
Service:


-- Scheduled Tasks -------------------------------------------------------------

2008-06-21 15:41:06 284 --a----c- F:\WINDOWS.0\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-05-27 and 2008-06-27 -----------------------------

2008-06-27 02:21:58 0 d------c- F:\WINDOWS.0\LastGood
2008-06-27 02:21:42 0 d------c- F:\Program Files\Panda Security
2008-06-27 02:12:43 0 d------c- F:\Program Files\Trend Micro
2008-06-26 22:59:53 0 d------c- F:\Program Files\Prio
2008-06-26 22:47:33 280 --a------ F:\WINDOWS.0\system32\PDBootState
2008-06-21 11:23:08 4141056 --a----c- F:\WINDOWS.0\eyeQ Screen Saver.scr
2008-06-21 11:22:55 0 d------c- F:\Program Files\Infinite Mind LC
2008-06-20 01:10:52 0 d------c- F:\Documents and Settings\sdf'igjp\.magicfix
2008-06-20 01:09:56 0 d------c- F:\WINDOWS.0\Sun
2008-06-20 01:09:56 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\Sun
2008-06-20 0122 0 d------c- F:\Program Files\Java
2008-06-20 01:05:52 0 d------c- F:\Program Files\Common Files\Java
2008-06-19 03:53:10 0 d------c- F:\Program Files\Acro Software
2008-06-19 03:52:53 0 d------c- F:\Program Files\GPLGS
2008-06-18 03:26:11 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\Apple Computer
2008-06-18 03:25:43 0 d------c- F:\Program Files\iPod
2008-06-18 03:25:28 0 d------c- F:\Program Files\iTunes
2008-06-18 03:25:11 0 d------c- F:\Program Files\Bonjour
2008-06-18 03:24:24 0 d------c- F:\Program Files\QuickTime
2008-06-18 03:24:21 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple Computer
2008-06-18 03:23:58 0 d------c- F:\Program Files\Apple Software Update
2008-06-18 03:23:27 0 d------c- F:\Program Files\Common Files\Apple
2008-06-18 03:23:26 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data\Apple
2008-06-15 02:55:24 0 d------c- F:\Program Files\Macro Wizard 4.1
2008-06-15 02:55:17 73216 --a----c- F:\WINDOWS.0\ST6UNST.EXE <Not Verified; Microsoft Corporation; Microsoft® Visual Basic for Windows>
2008-06-15 00:14:37 0 d------c- F:\WINDOWS.0\system32\appmgmt
2008-06-14 18:59:05 0 d------c- F:\Documents and Settings\sdf'igjp\dwhelper
2008-06-13 05:54:14 266240 --a----c- F:\WINDOWS.0\CMIUninstall.exe <Not Verified; ; GeneralUninstall Application>
2008-06-13 05:54:14 225280 --a----c- F:\WINDOWS.0\CmiRmRedundDir.exe <Not Verified; ; CmiRmRedundDir Application>
2008-06-13 05:54:14 28672 --a----c- F:\WINDOWS.0\CMIRmDriver.dll
2008-06-13 05:54:02 306688 --a----c- F:\WINDOWS.0\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-06-13 05:19:16 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data\Adobe
2008-06-13 05:15:42 1007 --a----c- F:\WINDOWS.0\mozver.dat
2008-06-13 04:54:12 6080 -------c- F:\WINDOWS.0\system32\zntport.sys <Not Verified; Zeal SoftStudio; NTPort Library>
2008-06-13 04:54:12 65536 -------c- F:\WINDOWS.0\system32\ntport.dll <Not Verified; Zeal SoftStudio; NTPort Library>
2008-06-13 04:54:12 25111 -------c- F:\WINDOWS.0\remove.exe <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2008-06-13 04:54:12 25657 -------c- F:\WINDOWS.0\install.exe <Not Verified; Windows (R) 2000 DDK provider; Windows (R) 2000 DDK driver>
2008-06-13 03:36:39 0 d------c- F:\WINDOWS.0\system32\DRVSTORE
2008-06-13 03:36:31 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data\Raxco
2008-06-13 03:34:43 0 d------c- F:\Program Files\Raxco
2008-06-13 02:54:37 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\Thunderbird
2008-06-12 19:23:42 0 d--h---c- F:\$AVG8.VAULT$
2008-06-12 14:41:59 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\mjusbsp
2008-06-12 09:47:08 0 d--h---c- F:\WINDOWS.0\$hf_mig$
2008-06-12 05:41:53 0 d------c- F:\Program Files\PowerQuest
2008-06-12 05:13:42 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\WinRAR
2008-06-12 05:05:21 0 d------c- F:\Program Files\uTorrent
2008-06-12 05:05:07 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\uTorrent
2008-06-12 04:55:27 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\Macromedia
2008-06-12 04:52:05 0 --a----c- F:\WINDOWS.0\nsreg.dat
2008-06-12 04:50:04 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\Mozilla
2008-06-12 04:47:46 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\Adobe
2008-06-12 04:44:37 0 d------c- F:\WINDOWS.0\system32\drivers\Avg
2008-06-12 04:44:36 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\AVGTOOLBAR
2008-06-12 04:44:33 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data\avg8
2008-06-12 04:23:39 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\U3
2008-06-12 04:19:44 0 d------c- F:\Documents and Settings\sdf'igjp\Application Data\Identities
2008-06-12 04:19:37 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data\Windows Genuine Advantage
2008-06-12 04:19:32 0 dr-h---c- F:\Documents and Settings\sdf'igjp\SendTo
2008-06-12 04:19:32 0 dr-h---c- F:\Documents and Settings\sdf'igjp\Recent
2008-06-12 04:19:32 0 d--h---c- F:\Documents and Settings\sdf'igjp\PrintHood
2008-06-12 04:19:32 0 d--h---c- F:\Documents and Settings\sdf'igjp\NetHood
2008-06-12 04:19:32 0 dr-----c- F:\Documents and Settings\sdf'igjp\My Documents
2008-06-12 04:19:32 0 d--h---c- F:\Documents and Settings\sdf'igjp\Local Settings
2008-06-12 04:19:32 0 dr-----c- F:\Documents and Settings\sdf'igjp\Favorites
2008-06-12 04:19:32 0 d------c- F:\Documents and Settings\sdf'igjp\Desktop
2008-06-12 04:19:32 0 d--hs--c- F:\Documents and Settings\sdf'igjp\Cookies
2008-06-12 04:19:32 0 dr-h---c- F:\Documents and Settings\sdf'igjp\Application Data
2008-06-12 04:19:31 0 d--h---c- F:\Documents and Settings\sdf'igjp\Templates
2008-06-12 04:19:31 0 dr-----c- F:\Documents and Settings\sdf'igjp\Start Menu
2008-06-12 04:19:31 1572864 --ah----- F:\Documents and Settings\sdf'igjp\NTUSER.DAT
2008-06-12 04:08:33 0 d------c- F:\WINDOWS.0\Prefetch
2008-06-12 04:08:32 0 d---s--c- F:\WINDOWS.0\system32\Microsoft
2008-06-12 04:08:31 241664 --ah----- F:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT
2008-06-12 04:08:31 0 d--h---c- F:\Documents and Settings\LocalService.NT AUTHORITY\Local Settings
2008-06-12 04:08:31 0 d--hs--c- F:\Documents and Settings\LocalService.NT AUTHORITY\Cookies
2008-06-12 04:08:31 0 d------c- F:\Documents and Settings\LocalService.NT AUTHORITY\Application Data
2008-06-12 04:08:31 0 d---s--c- F:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Microsoft
2008-06-12 04:08:16 241664 --ah----- F:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT
2008-06-12 04:08:16 0 d--h---c- F:\Documents and Settings\NetworkService.NT AUTHORITY\Local Settings
2008-06-12 04:08:16 0 d--hs--c- F:\Documents and Settings\NetworkService.NT AUTHORITY\Cookies
2008-06-12 04:08:16 0 d------c- F:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data
2008-06-12 04:08:16 0 d---s--c- F:\Documents and Settings\NetworkService.NT AUTHORITY\Application Data\Microsoft
2008-06-12 04:01:01 0 d------c- F:\WINDOWS.0\system32\xircom
2008-06-12 04:00:33 241664 ---h---c- F:\Documents and Settings\Default User.WINDOWS.0\NTUSER.DAT
2008-06-12 04:00:23 0 d------c- F:\WINDOWS.0\system32\DRM
2008-06-12 03:57:21 0 d--hs--c- F:\Documents and Settings\All Users.WINDOWS.0\DRM
2008-06-12 03:56:12 0 d------c- F:\WINDOWS.0\system32\DirectX
2008-06-12 03:55:06 0 d---s--c- F:\WINDOWS.0\Tasks
2008-06-12 03:54:59 0 d------c- F:\WINDOWS.0\srchasst
2008-06-12 03:54:41 0 d------c- F:\WINDOWS.0\system32\Restore
2008-06-12 03:53:54 21640 --a----c- F:\WINDOWS.0\system32\emptyregdb.dat
2008-06-12 03:53:34 0 d------c- F:\WINDOWS.0\Registration
2008-06-12 03:53:16 0 d------c- F:\WINDOWS.0\SoftwareDistribution
2008-06-12 03:51:22 0 d------c- F:\WINDOWS.0\system32\MsDtc
2008-06-12 03:51:18 0 d------c- F:\WINDOWS.0\system32\Com
2008-06-11 23:39:23 0 d------c- F:\Program Files\Symantec
2008-06-11 23:37:51 0 d------c- F:\Program Files\PowerISO
2008-06-11 23:13:22 0 d------c- F:\Documents and Settings\Thomas\Application Data\Macromedia
2008-06-11 22:34:11 0 d------c- F:\Documents and Settings\Thomas\Application Data\U3
2008-06-11 20:39:36 0 d--h---c- F:\Documents and Settings\Default User.WINDOWS.0\Templates
2008-06-11 20:39:36 0 dr-----c- F:\Documents and Settings\Default User.WINDOWS.0\Start Menu
2008-06-11 20:39:36 0 dr-h---c- F:\Documents and Settings\Default User.WINDOWS.0\SendTo
2008-06-11 20:39:36 0 d--h---c- F:\Documents and Settings\Default User.WINDOWS.0\Recent
2008-06-11 20:39:36 0 d--h---c- F:\Documents and Settings\Default User.WINDOWS.0\PrintHood
2008-06-11 20:39:36 0 d--h---c- F:\Documents and Settings\Default User.WINDOWS.0\NetHood
2008-06-11 20:39:36 0 d------c- F:\Documents and Settings\Default User.WINDOWS.0\My Documents
2008-06-11 20:39:36 0 dr-h---c- F:\Documents and Settings\Default User.WINDOWS.0\Local Settings
2008-06-11 20:39:36 0 d------c- F:\Documents and Settings\Default User.WINDOWS.0\Favorites
2008-06-11 20:39:36 0 d------c- F:\Documents and Settings\Default User.WINDOWS.0\Desktop
2008-06-11 20:39:36 0 d--hs--c- F:\Documents and Settings\Default User.WINDOWS.0\Cookies
2008-06-11 20:39:36 0 d--h---c- F:\Documents and Settings\All Users.WINDOWS.0\Templates
2008-06-11 20:39:36 0 dr-----c- F:\Documents and Settings\All Users.WINDOWS.0\Start Menu
2008-06-11 20:39:36 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Favorites
2008-06-11 20:39:36 0 dr-----c- F:\Documents and Settings\All Users.WINDOWS.0\Documents
2008-06-11 20:39:36 0 d------c- F:\Documents and Settings\All Users.WINDOWS.0\Desktop
2008-06-11 20:37:43 0 d------c- F:\WINDOWS.0\system32\CatRoot2
2008-06-11 20:37:43 0 d------c- F:\WINDOWS.0\system32\CatRoot
2008-06-11 20:37:37 0 dr-h---c- F:\Documents and Settings\Default User.WINDOWS.0\Application Data
2008-06-11 20:37:37 0 d---s--c- F:\Documents and Settings\Default User.WINDOWS.0\Application Data\Microsoft
2008-06-11 20:37:37 0 dr-h---c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data
2008-06-11 20:37:37 0 d---s--c- F:\Documents and Settings\All Users.WINDOWS.0\Application Data\Microsoft
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\WinSxS
2008-06-11 20:26:56 0 dr-----c- F:\WINDOWS.0\Web
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\twain_32
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\wins
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\wbem
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\usmt
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\spool
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\ShellExt
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\Setup
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\ras
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\PreInstall
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\oobe
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\npp
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\mui
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\Macromed
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\inetsrv
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\IME
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\icsxml
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\ias
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\export
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\drivers
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\drivers\umdf
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\drivers\etc
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\drivers\disdn
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\dllcache
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\dhcp
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\config
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\3com_dmi
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\3076
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\2052
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1054
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1042
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1041
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1037
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1033
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1031
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1028
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system32\1025
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\system
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\security
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Resources
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\repair
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Provisioning
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\PeerNet
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\pchealth
2008-06-11 20:26:56 0 dr-----c- F:\WINDOWS.0\Offline Web Pages
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Network Diagnostic
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\mui
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\msapps
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\msagent
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Media
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\java
2008-06-11 20:26:56 0 d--hs--c- F:\WINDOWS.0\Installer
2008-06-11 20:26:56 0 d--h---c- F:\WINDOWS.0\inf
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\ime
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Help
2008-06-11 20:26:56 0 dr--s--c- F:\WINDOWS.0\Fonts
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\ehome
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Driver Cache
2008-06-11 20:26:56 0 d---s--c- F:\WINDOWS.0\Downloaded Program Files
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Debug
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Cursors
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Connection Wizard
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\Config
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\AppPatch
2008-06-11 20:26:56 0 d------c- F:\WINDOWS.0\addins
2008-06-11 15:19:34 0 d------c- F:\Documents and Settings\Thomas\Application Data\Mozilla
2008-06-11 15:15:03 0 d------c- F:\Program Files\Common Files\L&H
2008-06-11 15:14:52 0 d------c- F:\Program Files\Microsoft.NET
2008-06-11 15:14:42 0 d------c- F:\Program Files\Microsoft ActiveSync
2008-06-11 15:14:07 0 d------c- F:\Program Files\Microsoft Works
2008-06-11 15:11:27 0 d------c- F:\Documents and Settings\Thomas\Application Data\AVGTOOLBAR
2008-06-11 15:11:12 0 d------c- F:\Program Files\AVG
2008-06-11 15:11:11 0 d------c- F:\Documents and Settings\All Users\Application Data\avg8
2008-06-11 15:08:36 0 d------c- F:\Program Files\YPOPs
2008-06-11 15:07:49 0 d------c- F:\Documents and Settings\Thomas\Application Data\Adobe
2008-06-11 14:59:31 0 d------c- F:\Documents and Settings\All Users\Application Data\Adobe
2008-06-11 14:59:23 0 d------c- F:\Program Files\Common Files\Adobe
2008-06-11 14:56:16 0 d------c- F:\Documents and Settings\NetworkService\Start Menu
2008-06-11 14:34:51 24971 --a----c- F:\WINDOWS.0\system32\drivers\iteraid.sys <Not Verified; Integrated Technology Express, Inc.; Windows (R) 2000 DDK driver>
2008-06-11 14:34:51 0 d------c- F:\Program Files\ITE
2008-06-11 14:34:51 0 d--h---c- F:\Program Files\InstallShield Installation Information
2008-06-11 14:34:19 0 d------c- F:\Program Files\Common Files\InstallShield
2008-06-11 14:29:45 0 d------c- F:\Program Files\SiSLan
2008-06-11 14:28:06 0 d------c- F:\Program Files\C-Media 3D Audio
2008-06-11 14:27:08 0 d------c- F:\Documents and Settings\Thomas\WINDOWS
2008-06-11 14:25:00 0 d------c- F:\Documents and Settings\Thomas\Application Data\mjusbsp
2008-06-11 14:23:33 0 d------c- F:\Documents and Settings\Thomas\Application Data\Identities
2008-06-11 14:23:28 0 d------c- F:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-11 14:23:24 0 d--h---c- F:\Documents and Settings\Thomas\Templates
2008-06-11 14:23:24 0 dr-----c- F:\Documents and Settings\Thomas\Start Menu
2008-06-11 14:23:24 0 dr-h---c- F:\Documents and Settings\Thomas\SendTo
2008-06-11 14:23:24 0 dr-h---c- F:\Documents and Settings\Thomas\Recent
2008-06-11 14:23:24 0 d--h---c- F:\Documents and Settings\Thomas\PrintHood
2008-06-11 14:23:24 1310720 --ah----- F:\Documents and Settings\Thomas\NTUSER.DAT
2008-06-11 14:23:24 0 d--h---c- F:\Documents and Settings\Thomas\NetHood
2008-06-11 14:23:24 0 dr-----c- F:\Documents and Settings\Thomas\My Documents
2008-06-11 14:23:24 0 d--h---c- F:\Documents and Settings\Thomas\Local Settings
2008-06-11 14:23:24 0 dr-----c- F:\Documents and Settings\Thomas\Favorites
2008-06-11 14:23:24 0 d------c- F:\Documents and Settings\Thomas\Desktop
2008-06-11 14:23:24 0 d--hs--c- F:\Documents and Settings\Thomas\Cookies
2008-06-11 14:23:24 0 dr-h---c- F:\Documents and Settings\Thomas\Application Data
2008-06-11 14:23:24 0 d---s--c- F:\Documents and Settings\Thomas\Application Data\Microsoft
2008-06-11 14:15:18 262144 --ah----- F:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-11 14:15:18 0 d--h---c- F:\Documents and Settings\LocalService\Local Settings
2008-06-11 14:15:18 0 d--hs--c- F:\Documents and Settings\LocalService\Cookies
2008-06-11 14:15:18 0 d------c- F:\Documents and Settings\LocalService\Application Data
2008-06-11 14:15:18 0 d---s--c- F:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-11 14:15:09 0 d--h---c- F:\Documents and Settings\NetworkService\Local Settings
2008-06-11 14:15:09 0 d--hs--c- F:\Documents and Settings\NetworkService\Cookies
2008-06-11 14:15:09 0 d------c- F:\Documents and Settings\NetworkService\Application Data
2008-06-11 14:15:09 0 d---s--c- F:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-11 14:15:08 237568 --ah----- F:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-11 14:10:26 0 d------c- F:\Program Files\microsoft frontpage
2008-06-11 14:10:13 237568 ---h----- F:\Documents and Settings\Default User\NTUSER.DAT
2008-06-11 14:10:06 0 d------c- F:\Program Files\UPHClean
2008-06-11 14:09:45 0 -rahs--c- F:\MSDOS.SYS
2008-06-11 14:09:45 0 -rahs--c- F:\IO.SYS
2008-06-11 14:09:45 0 --a----c- F:\CONFIG.SYS
2008-06-11 14:09:45 0 --a----c- F:\AUTOEXEC.BAT
2008-06-11 14:07:39 0 d--hs--c- F:\Documents and Settings\All Users\DRM
2008-06-11 14:05:26 0 d------c- F:\Program Files\Common Files\MSSoap
2008-06-11 14:05:05 0 d------c- F:\Program Files\Movie Maker
2008-06-11 14:03:31 0 d------c- F:\Program Files\Online Services
2008-06-11 14:03:17 0 d------c- F:\Program Files\Windows Media Connect 2
2008-06-11 14:03:13 0 d------c- F:\Program Files\Messenger
2008-06-11 14:03:06 0 d------c- F:\Program Files\MSN Gaming Zone
2008-06-11 14:01:40 0 d------c- F:\Program Files\Windows NT
2008-06-11 09:48:05 0 d------c- F:\Program Files\Common Files\ODBC
2008-06-11 09:47:59 0 d------c- F:\Program Files\Common Files\SpeechEngines
2008-06-11 09:47:58 0 dr-----c- F:\Program Files
2008-06-11 09:47:58 0 d------c- F:\Program Files\Common Files
2008-06-11 09:47:04 0 d--h---c- F:\Documents and Settings\Default User\Templates
2008-06-11 09:47:04 0 dr-----c- F:\Documents and Settings\Default User\Start Menu
2008-06-11 09:47:04 0 dr-h---c- F:\Documents and Settings\Default User\SendTo
2008-06-11 09:47:04 0 d--h---c- F:\Documents and Settings\Default User\Recent
2008-06-11 09:47:04 0 d--h---c- F:\Documents and Settings\Default User\PrintHood
2008-06-11 09:47:04 0 d--h---c- F:\Documents and Settings\Default User\NetHood
2008-06-11 09:47:04 0 d------c- F:\Documents and Settings\Default User\My Documents
2008-06-11 09:47:04 0 dr-h---c- F:\Documents and Settings\Default User\Local Settings
2008-06-11 09:47:04 0 d------c- F:\Documents and Settings\Default User\Favorites
2008-06-11 09:47:04 0 d------c- F:\Documents and Settings\Default User\Desktop
2008-06-11 09:47:04 0 d--hs--c- F:\Documents and Settings\Default User\Cookies
2008-06-11 09:47:04 0 d--h---c- F:\Documents and Settings\All Users\Templates
2008-06-11 09:47:04 0 dr-----c- F:\Documents and Settings\All Users\Start Menu
2008-06-11 09:47:04 0 d------c- F:\Documents and Settings\All Users\Favorites
2008-06-11 09:47:04 0 dr-----c- F:\Documents and Settings\All Users\Documents
2008-06-11 09:47:04 0 d------c- F:\Documents and Settings\All Users\Desktop
2008-06-11 09:45:09 0 dr-h---c- F:\Documents and Settings\Default User\Application Data
2008-06-11 09:45:09 0 d---s--c- F:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-11 09:45:08 0 dr-h---c- F:\Documents and Settings\All Users\Application Data
2008-06-11 09:45:08 0 d---s--c- F:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-11 09:44:27 0 d------c- F:\Documents and Settings
2008-06-11 09:44:26 0 d--hs---- F:\System Volume Information
2008-06-11 09:35:19 0 d------c- F:\WINDOWS


-- Find3M Report ---------------------------------------------------------------

2008-06-27 02:26:32 326 --a----c- F:\Documents and Settings\sdf'igjp\Application Data\prio.ini
2008-06-11 20:39:36 62 --ahs--c- F:\Documents and Settings\sdf'igjp\Application Data\desktop.ini


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="F:\PROGRA~1\AVG\AVG8\avgtray.exe" [06/11/2008 03:11 PM]
"Adobe Reader Speed Launcher"="F:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 03:06 AM]
"Cmaudio"="cmicnfg.cpl" []
"QuickTime Task"="F:\Program Files\QuickTime\QTTask.exe" [05/27/2008 01:50 PM]
"iTunesHelper"="F:\Program Files\iTunes\iTunesHelper.exe" [06/02/2008 02:13 PM]
"SunJavaUpdateSched"="F:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [03/25/2008 04:28 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="F:\WINDOWS.0\system32\ctfmon.exe" [08/04/2004 03:56 AM]
"cdloader"="F:\Documents and Settings\sdf'igjp\Application Data\mjusbsp\cdloader2.exe" [06/12/2008 03:37 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"TSClientMSIUninstaller"=cmd.exe /C "cscript %systemroot%\Installer\TSClientMsiTrans\tscuinst.vbs"

F:\Documents and Settings\sdf'igjp\Start Menu\Programs\Startup\
YPOPs.lnk - F:\Program Files\YPOPs\YPOPs.exe [6/11/2008 3:08:36 PM]

F:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Startup\
MiniEYE-MiniREAD Launch.lnk - F:\Program Files\Infinite Mind LC\eyeQ\ARLaunch.exe [6/21/2008 11:22:55 AM]
RAID Manager.lnk - F:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe [6/11/2008 2:34:51 PM]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=avgrsstx.dll prio.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H]
AutoRun\command- H:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\I]
AutoRun\command- I:\SETUP.EXE /AUTORUN
configure\command- I:\SETUP.EXE
install\command- I:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\S]
AutoRun\command- S:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\T]
AutoRun\command- T:\autorun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0e9c9846-3816-11dd-b3f3-806d6172696f}]
AutoRun\command- O:\LaunchU3.exe -a

*Newly Created Service* - PRIO
*Newly Created Service* - RKPAVPROC



-- End of Deckard's System Scanner: finished at 2008-06-27 02:40:19 ------------
Attached Files
File Type: txt extra.txt (10.7 KB, 1 views)
tabryan08 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 06-27-2008, 02:20 PM   #3 (permalink)
Manager, Security Center, TSF Academy; Analyst, Security Team
 
tetonbob's Avatar
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 26,435
OS: 2000 Pro; XP Pro; XP Home


Re: IDK if its me or is there something wrong??
Seems to indicate you have a parallel installation of Windows XP.

SystemRoot=F:\WINDOWS.0

Is this also a multiboot machine?

This is more a question for the folks in the Windows XP section. We deal with malware removal in this section of the forum. I see no active malware present in those logs.
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006


Please do not ask for help via Private Message.
tetonbob is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 06-28-2008, 11:28 AM   #4 (permalink)
Registered User
 
Join Date: Jun 2008
Posts: 5
OS: XP Pro SP2


Confused Re: IDK if its me or is there something wrong??
see i do have a multi boot system BUT on that partition I didnt creat that WINDOWS.0, i knew thats what that was but the weird thing is that is poped up outta nowhere, thats why i posted it in here.

That partition had all the normal stuff when i first started out but then it just all appeared. I think it has to do with my AVG, I didnt have this untill i started using that, do you think its a back up that AVG created???
tabryan08 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 06-28-2008, 11:29 AM   #5 (permalink)
Registered User
 
Join Date: Jun 2008
Posts: 5
OS: XP Pro SP2


Re: IDK if its me or is there something wrong??
And if you think i can get better help from the XP guys could i have this transfered over there??
tabryan08 is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Old 06-28-2008, 11:32 AM   #6 (permalink)
Manager, Security Center, TSF Academy; Analyst, Security Team
 
tetonbob's Avatar
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 26,435
OS: 2000 Pro; XP Pro; XP Home


Re: IDK if its me or is there something wrong??
Repost your question in a new thread there, without HijackThis/DSS logs. They are only to be posted in this forum, for use in malware removal assistance.
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of ASAP since 2005
Proud Member of UNITE since 2006


Please do not ask for help via Private Message.
tetonbob is offline  
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!Bookmark on Thread SoupReddit!
Reply With Quote
Reply

« Previous Thread | Next Thread »

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off



All times are GMT -7. The time now is 08:42 AM.

Contact Us - Tech Support Forum - Archive - Privacy Statement - Top


Copyright 2001 - 2008, Tech Support Forum

Search Engine Friendly URLs by vBSEO

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82