|
|
|
|
|||||
|
|
|
|
|
|
|||
| Welcome
to Tech Support Forum home to more then 136,000 problems solved. Issues
have included: Spyware, Malware, Virus Issues, Windows, Microsoft,
Linux, Networking, Security, Hardware, and Gaming Getting your
problem solved is as easy as: 1. Registering for a free account 2. Asking your question 3. Receiving an answer Registered members: * See fewer ads. * And much more..
|
| Want to know how to post a question? click here | Having problems with spyware and pop-ups? First Steps |
|
|||||||
| Resolved HJT Threads Resolved spyware and popup issues. |
|
|
LinkBack | Thread Tools |
02-13-2007, 12:45 PM
|
#1 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 4
OS: XP
|
My Hijack log
Please help as I am getting a lot of pop ups. I go to type in a search box and every time I di the pop ups start. I never had this before. Please help...thanks
Logfile of HijackThis v1.99.1 Scan saved at 3:39:23 PM, on 2/13/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE C:\Program Files\Iomega\AutoDisk\ADUserMon.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Common Files\AOL\1168821879\ee\AOLSoftware.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonnt.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\Vrres.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyc.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyd.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Registry Clean Expert\RCHelper.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe C:\WINDOWS\explorer.exe C:\Program Files\America Online 9.0\waol.exe C:\Program Files\America Online 9.0\shellmon.exe C:\Documents and Settings\Cranky Baby\My Documents\Downloads\Files for Cleaning PC up\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ptd.net/tiki-index.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1168821879\ee\AOLSoftware.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [Vrmon] C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonnt.exe Main O4 - HKLM\..\Run: [VrSchedule] C:\Program Files\PCSecurityShield\ShieldAntivirus\Vrres.exe O4 - HKLM\..\Run: [VrProxyc] C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyc.exe O4 - HKLM\..\Run: [VrProxyd] C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyd.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\PPE.EXE O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [Program two bib free] C:\Documents and Settings\All Users\Application Data\AntiToolProgramTwo\Wmastop.exe O4 - HKLM\..\Run: [Easy SpyRemover] C:\Program Files\Easy SpyRemover\EasySpyRemover.exe /smart O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" O4 - HKCU\..\Run: [Sectpart] C:\DOCUME~1\CRANKY~1\APPLIC~1\DOWNLO~1\signcast.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1168800309390 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1168804950978 O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - HAURI - C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonsvc.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe |
|
     |
| Sponsored Links |
|
02-13-2007, 04:41 PM
|
#2 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 4
OS: XP
|
Constant pop ups and NVCPL.DLL error
Problems: Constant pop ups and at boot up I keep getting a NVCPL.DLL error, file not found and it is on my pc.
Sorry for posting and not reading first: Included are the following reports that I was ask to do before posting... Hijackthis log ComboScan report Panda report Logfile of HijackThis v1.99.1 Scan saved at 7:34:57 PM, on 2/13/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.5730.0011) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE C:\Program Files\Iomega\AutoDisk\ADUserMon.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Common Files\AOL\1168821879\ee\AOLSoftware.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonnt.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\Vrres.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyc.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyd.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Pinnacle\Shared Files\Programs\USBTip\USBTip.exe C:\WINDOWS\system32\RunDLL32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Program Files\Registry Clean Expert\RCHelper.exe c:\progra~1\intern~1\iexplore.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonsvc.exe C:\WINDOWS\system32\cidaemon.exe C:\WINDOWS\system32\drwtsn32.exe C:\WINDOWS\system32\drwtsn32.exe C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe C:\WINDOWS\explorer.exe C:\Program Files\America Online 9.0\waol.exe C:\Program Files\America Online 9.0\shellmon.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32Info.exe C:\Documents and Settings\Cranky Baby\My Documents\Downloads\Files for Cleaning PC up\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1168821879\ee\AOLSoftware.exe O4 - HKLM\..\Run: [AOLDialer] C:\Program Files\Common Files\AOL\ACS\AOLDial.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe" O4 - HKLM\..\Run: [Vrmon] C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonnt.exe Main O4 - HKLM\..\Run: [VrSchedule] C:\Program Files\PCSecurityShield\ShieldAntivirus\Vrres.exe O4 - HKLM\..\Run: [VrProxyc] C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyc.exe O4 - HKLM\..\Run: [VrProxyd] C:\Program Files\PCSecurityShield\ShieldAntivirus\vrproxyd.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [PCLEPCI] C:\PROGRA~1\Pinnacle\PPE\PPE.EXE O4 - HKLM\..\Run: [USBToolTip] "C:\Program Files\Pinnacle\Shared Files\\Programs\USBTip\USBTip.exe" O4 - HKLM\..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Program two bib free] C:\Documents and Settings\All Users\Application Data\AntiToolProgramTwo\Wmastop.exe O4 - HKLM\..\Run: [Easy SpyRemover] C:\Program Files\Easy SpyRemover\EasySpyRemover.exe /smart O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\RunOnce: [SpybotSnD] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" O4 - HKCU\..\Run: [Sectpart] C:\DOCUME~1\CRANKY~1\APPLIC~1\DOWNLO~1\signcast.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &AOL Toolbar search - res://C:\Program Files\AOL Toolbar\toolbar.dll/SEARCH.HTML O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1168800309390 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1168804950978 O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: {BB383206-6DA1-4E80-B62A-3DF950FCC697} (Create & Print ActiveX Plug-in) - http://ak.imgag.com/imgag/cp/install/AxCtp2.cab O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C:\Program Files\Common Files\AOL\TopSpeed\2.0\aoltsmon.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSHost.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: ViRobot Expert Monitoring (vrmonsvc) - HAURI - C:\Program Files\PCSecurityShield\ShieldAntivirus\vrmonsvc.exe O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe ----------------------------------------------------------------- ComboScan: "Cranky Baby" - 07-02-13 19:18:15 Service Pack 2 ComboFix 07-02-13 - Running from: "C:\Documents and Settings\Cranky Baby\Desktop" ((((((((((((((((((((((((((((((( Files Created from 2007-01-13 to 2007-02-13 )))))))))))))))))))))))))))))))))) 2007-02-13 19:13 <DIR> d-------- C:\WINDOWS\ie7updates 2007-02-13 18:30 <DIR> d-------- C:\WINDOWS\system32\ActiveScan 2007-02-13 18:30 <DIR> d-------- C:\WINDOWS\LastGood 2007-02-12 11:48 <DIR> d-------- C:\Program Files\Download Lite Audio 2007-02-12 11:43 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Download Lite Audio 2007-02-12 11:43 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\AntiToolProgramTwo 2007-02-11 23:22 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Shared 2007-02-11 23:17 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Incomplete 2007-02-11 23:17 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\LimeWire 2007-02-11 23:16 <DIR> d-------- C:\Program Files\LimeWire 2007-02-11 22:27 <DIR> d-------- C:\Program Files\Common Files\Java 2007-02-11 21:26 <DIR> d-------- C:\Program Files\RegistryFix 2007-02-11 20:41 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\.BitTornado 2007-02-11 13:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\NVIDIA 2007-02-11 13:45 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2007-02-11 13:44 <DIR> d-------- C:\NVIDIA 2007-02-11 00:10 <DIR> d-------- C:\Program Files\PerformanceTest 2007-02-10 14:41 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Saved Games 2007-02-10 14:33 <DIR> d-------- C:\Program Files\Dream Day Wedding 2007-02-06 18:45 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\PlayFirst 2007-02-06 18:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\PlayFirst 2007-02-04 14:20 153,088 --a------ C:\Program Files\UNWISE.EXE 2007-02-04 09:20 <DIR> d-------- C:\Program Files\AdorageI-GfxDatas 2007-02-04 09:09 930,992 --------- C:\WINDOWS\system32\Ltr13n.dll 2007-02-04 09:09 884,736 --------- C:\WINDOWS\system32\LMUIRes.dll 2007-02-04 09:09 80,896 --------- C:\WINDOWS\system32\lfwmf13s.dll 2007-02-04 09:09 79,360 --a------ C:\WINDOWS\system32\lfeps13s.dll 2007-02-04 09:09 76,800 --------- C:\WINDOWS\system32\Lfwmf13n.dll 2007-02-04 09:09 74,752 --a------ C:\WINDOWS\system32\lfgif13s.dll 2007-02-04 09:09 73,728 --------- C:\WINDOWS\system32\MMAviAx.dll 2007-02-04 09:09 73,728 --------- C:\WINDOWS\system32\lffax13n.dll 2007-02-04 09:09 70,144 --------- C:\WINDOWS\system32\lfbmp13s.dll 2007-02-04 09:09 65,536 --------- C:\WINDOWS\system32\lfpcx13s.dll 2007-02-04 09:09 65,536 --------- C:\WINDOWS\system32\Lfpct13n.dll 2007-02-04 09:09 64,512 --------- C:\WINDOWS\system32\lftga13s.dll 2007-02-04 09:09 59,904 --------- C:\WINDOWS\system32\lfpcd13s.dll 2007-02-04 09:09 466,624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL 2007-02-04 09:09 453,120 --------- C:\WINDOWS\system32\ltkrn13n.dll 2007-02-04 09:09 409,600 --------- C:\WINDOWS\system32\LFCMP13s.DLL 2007-02-04 09:09 401,408 --a------ C:\WINDOWS\system32\pvmjpg30.dll 2007-02-04 09:09 393,216 --------- C:\WINDOWS\system32\LFCMP13n.DLL 2007-02-04 09:09 306,352 --------- C:\WINDOWS\system32\Ltrio13n.dll 2007-02-04 09:09 30,208 --------- C:\WINDOWS\system32\lfbmp13n.dll 2007-02-04 09:09 283,648 --------- C:\WINDOWS\system32\LFJ2K13s.dll 2007-02-04 09:09 278,016 --------- C:\WINDOWS\system32\LFJ2K13n.dll 2007-02-04 09:09 24,576 --------- C:\WINDOWS\system32\lftga13n.dll 2007-02-04 09:09 2,079,232 --------- C:\WINDOWS\system32\LTCLR13s.dll 2007-02-04 09:09 194,248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL 2007-02-04 09:09 185,856 --a------ C:\WINDOWS\system32\lfpng13s.dll 2007-02-04 09:09 167,936 --------- C:\WINDOWS\system32\lftif13s.dll 2007-02-04 09:09 153,088 --------- C:\WINDOWS\system32\ltfil13n.DLL 2007-02-04 09:09 143,360 --------- C:\WINDOWS\system32\lftif13n.dll 2007-02-04 09:09 126,976 --------- C:\WINDOWS\system32\AVIPrAx.dll 2007-02-04 09:09 12,288 --------- C:\WINDOWS\system32\LMLRes.dll 2007-02-04 09:09 116,224 --------- C:\WINDOWS\system32\lffax13s.dll 2007-02-04 09:09 110,080 --------- C:\WINDOWS\system32\lfpsd13s.dll 2007-02-04 09:09 105,984 --------- C:\WINDOWS\system32\lfpct13s.dll 2007-02-04 09:09 1,693,696 --------- C:\WINDOWS\system32\LTCLR13n.dll 2007-02-04 09:09 1,013,248 --------- C:\WINDOWS\system32\Ltwvc13n.dll 2007-02-04 09:00 57,856 --a------ C:\WINDOWS\system32\masd32.dll 2007-02-04 09:00 27,648 --a------ C:\WINDOWS\system32\ma32.dll 2007-02-04 09:00 196,096 --a------ C:\WINDOWS\system32\macd32.dll 2007-02-04 09:00 138,752 --a------ C:\WINDOWS\system32\mase32.dll 2007-02-04 09:00 136,192 --a------ C:\WINDOWS\system32\mamc32.dll 2007-02-04 09:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\SmartSound Software Inc 2007-02-04 08:59 41,219 --a------ C:\WINDOWS\RSETPATH.exe 2007-02-04 08:58 49,152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll 2007-02-04 08:48 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Pinnacle Studio 2007-02-04 08:39 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Pinnacle 2007-02-04 08:36 <DIR> d-------- C:\Program Files\Pinnacle 2007-02-04 08:20 86,016 --a------ C:\WINDOWS\system32\nvmctray.dll 2007-02-04 08:20 81,920 --a------ C:\WINDOWS\system32\nvwddi.dll 2007-02-04 08:20 7,630,848 --a------ C:\WINDOWS\system32\nvcpl.dll 2007-02-04 08:20 581,632 --a------ C:\WINDOWS\system32\nvhwvid.dll 2007-02-04 08:20 5,636,096 --a------ C:\WINDOWS\system32\nvoglnt.dll 2007-02-04 08:20 466,944 --a------ C:\WINDOWS\system32\nvshell.dll 2007-02-04 08:20 45,056 --a------ C:\WINDOWS\system32\nvmccsrs.dll 2007-02-04 08:20 442,368 --a------ C:\WINDOWS\system32\nvappbar.exe 2007-02-04 08:20 425,984 --a------ C:\WINDOWS\system32\keystone.exe 2007-02-04 08:20 35,840 --a------ C:\WINDOWS\system32\nvcodins.dll 2007-02-04 08:20 35,840 --a------ C:\WINDOWS\system32\nvcod.dll 2007-02-04 08:20 286,720 --a------ C:\WINDOWS\system32\nvnt4cpl.dll 2007-02-04 08:20 229,376 --a------ C:\WINDOWS\system32\nvmccs.dll 2007-02-04 08:20 208,896 --a------ C:\WINDOWS\system32\nvudisp.exe 2007-02-04 08:20 196,608 --a------ C:\WINDOWS\system32\nvapi.dll 2007-02-04 08:20 155,715 --a------ C:\WINDOWS\system32\nvsvc32.exe 2007-02-04 08:20 147,456 --a------ C:\WINDOWS\system32\nvcolor.exe 2007-02-04 08:20 1,662,976 --a------ C:\WINDOWS\system32\nvwdmcpl.dll 2007-02-04 08:20 1,519,616 --a------ C:\WINDOWS\system32\nwiz.exe 2007-02-04 08:20 1,470,464 --a------ C:\WINDOWS\system32\nview.dll 2007-02-04 08:20 1,339,392 --a------ C:\WINDOWS\system32\nvdspsch.exe 2007-02-04 08:20 1,019,904 --a------ C:\WINDOWS\system32\nvwimg.dll 2007-02-04 08:20 <DIR> d-------- C:\WINDOWS\NV36402184.TMP 2007-02-03 13:09 341,064 --a------ C:\WINDOWS\system32\mcinsctl.dll 2007-02-03 13:09 279,624 --a------ C:\WINDOWS\system32\mcgdmgr.dll 2007-02-03 13:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\McAfee.com 2007-02-03 12:42 90,112 --a------ C:\WINDOWS\system32\vruntar.dll 2007-02-03 12:42 860,672 --a------ C:\WINDOWS\system32\VrRes.dll 2007-02-03 12:42 72,704 --a------ C:\WINDOWS\system32\vrunace.dll 2007-02-03 12:42 70,568 --a------ C:\WINDOWS\system32\vrd.exe 2007-02-03 12:42 61,440 --a------ C:\WINDOWS\system32\vrunarj.dll 2007-02-03 12:42 58,880 --a------ C:\WINDOWS\system32\vrfil.sys 2007-02-03 12:42 573,440 --a------ C:\WINDOWS\system32\VrCfg.dll 2007-02-03 12:42 57,598 --a------ C:\WINDOWS\system32\vruncab.dll 2007-02-03 12:42 48,128 --a------ C:\WINDOWS\system32\VrDate.dll 2007-02-03 12:42 44,032 --a------ C:\WINDOWS\system32\vrungzip.dll 2007-02-03 12:42 425,984 --a------ C:\WINDOWS\system32\VrExpkor.dll 2007-02-03 12:42 41,472 --a------ C:\WINDOWS\vrmem.dll 2007-02-03 12:42 41,472 --a------ C:\WINDOWS\system32\vrmem.dll 2007-02-03 12:42 40,025 --a------ C:\WINDOWS\system32\drivers\vrfil.sys 2007-02-03 12:42 327,680 --a------ C:\WINDOWS\system32\VrCheck.dll 2007-02-03 12:42 3,283,264 --a------ C:\WINDOWS\system32\drivers\vrcore.sys 2007-02-03 12:42 27,136 --a------ C:\WINDOWS\system32\vrboot.dll 2007-02-03 12:42 254,464 --a------ C:\WINDOWS\system32\vrunlzh.dll 2007-02-03 12:42 237,632 --a------ C:\WINDOWS\system32\VrSFil.dll 2007-02-03 12:42 221,257 --a------ C:\WINDOWS\system32\vrrepair.dll 2007-02-03 12:42 218,624 --a------ C:\WINDOWS\ViRobot.dll 2007-02-03 12:42 218,624 --a------ C:\WINDOWS\system32\ViRobot.dll 2007-02-03 12:42 20,184 --a------ C:\WINDOWS\system32\diskrw.dll 2007-02-03 12:42 2,245,760 --a------ C:\WINDOWS\system32\vrcore.sys 2007-02-03 12:42 196,674 --a------ C:\WINDOWS\system32\VrBack.dll 2007-02-03 12:42 184,383 --a------ C:\WINDOWS\system32\VrGetEn.dll 2007-02-03 12:42 159,744 --a------ C:\WINDOWS\system32\DZIP32.DLL 2007-02-03 12:42 155,648 --a------ C:\WINDOWS\system32\vrunzip.dll 2007-02-03 12:42 147,456 --a------ C:\WINDOWS\vrad.dll 2007-02-03 12:42 147,456 --a------ C:\WINDOWS\system32\vrad.dll 2007-02-03 12:42 126,976 --a------ C:\WINDOWS\system32\VrBootIn.dll 2007-02-03 12:42 119,296 --a------ C:\WINDOWS\system32\vrunrar.dll 2007-02-03 12:42 110,592 --a------ C:\WINDOWS\system32\vruncom.dll 2007-02-03 12:42 1,404,096 --a------ C:\WINDOWS\system32\virobot.sys 2007-02-03 12:41 <DIR> d-------- C:\Program Files\PCSecurityShield 2007-02-02 23:49 <DIR> d-------- C:\Program Files\Reference Assemblies 2007-02-02 23:48 14,048 --------- C:\WINDOWS\system32\spmsg2.dll 2007-02-02 23:47 <DIR> d-------- C:\bf408f34e755c676a8eed00e915689f8 2007-02-02 17:48 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\EPSON 2007-02-02 02:03 996,872 --a------ C:\WINDOWS\system\CP3240MT.DLL 2007-02-02 02:03 6,656 --a------ C:\WINDOWS\system32\drivers\AsProbe.sys 2007-02-02 02:03 458,752 --a------ C:\WINDOWS\system\COMCTL32.DLL 2007-02-02 02:03 29,952 --a------ C:\WINDOWS\system\BORLNDMM.DLL 2007-02-02 02:02 6,272 --a------ C:\WINDOWS\system32\drivers\ASLM75.SYS 2007-02-02 02:02 299,008 --a------ C:\WINDOWS\uninst.exe 2007-02-02 02:02 <DIR> d-------- C:\Program Files\ASUS 2007-02-02 02:02 <DIR> d-------- C:\DOCUME~1\CRANKY~1\WINDOWS 2007-01-31 14:24 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\History 2007-01-27 23:29 <DIR> d-------- C:\Program Files\DVD Shrink 2007-01-27 23:29 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\DVD Shrink 2007-01-27 08:52 <DIR> d--hs---- C:\Diskeeper 2007-01-27 08:47 <DIR> d-------- C:\Program Files\Diskeeper Corporation 2007-01-24 15:58 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Help 2007-01-23 22:23 <DIR> d-------- C:\Program Files\proDAD 2007-01-23 22:18 <DIR> d-------- C:\Program Files\AdorageI-SAL 2007-01-23 21:42 <DIR> d-------- C:\Program Files\SmartSound Software 2007-01-23 21:40 <DIR> d-------- C:\Program Files\QuickTime 2007-01-23 21:28 <DIR> d-------- C:\Program Files\MSXML 4.0 2007-01-23 21:28 <DIR> d-------- C:\961d7d285b8ac494b5ba67e3c47ab0 2007-01-23 21:06 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Symantec 2007-01-23 15:23 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Viewpoint 2007-01-23 00:22 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Apple Computer 2007-01-23 00:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Apple Computer 2007-01-21 10:34 <DIR> d-------- C:\WINDOWS\Sun 2007-01-21 10:34 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Sun 2007-01-21 10:33 <DIR> d-------- C:\Program Files\Java 2007-01-18 19:11 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\InstallShield 2007-01-18 18:30 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-01-18 18:30 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-01-18 18:30 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-01-18 18:30 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-01-18 18:30 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-01-18 18:30 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-01-18 18:30 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-01-18 18:30 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-01-18 18:29 203,264 --a------ C:\WINDOWS\system32\drivers\bender.sys 2007-01-18 18:24 32,768 --------- C:\WINDOWS\system32\MLPagAx.dll 2007-01-18 18:24 233,472 --a------ C:\WINDOWS\system32\DiskIO.dll 2007-01-18 18:24 184,320 --a------ C:\WINDOWS\system32\RALMain.dll 2007-01-18 18:22 765,952 --------- C:\WINDOWS\system32\msvcp71d.dll 2007-01-18 18:22 544,768 --------- C:\WINDOWS\system32\msvcr71d.dll 2007-01-18 18:22 33,340 --a------ C:\WINDOWS\system32\dbmsqlgc.dll 2007-01-18 18:22 24,576 --a------ C:\WINDOWS\system32\dbmsgnet.dll 2007-01-18 18:22 <DIR> d-------- C:\WINDOWS\Cache 2007-01-18 18:22 <DIR> d-------- C:\Program Files\Microsoft SQL Server 2007-01-18 18:19 <DIR> dr--s---- C:\WINDOWS\assembly 2007-01-18 18:19 <DIR> d-------- C:\WINDOWS\system32\URTTemp 2007-01-18 18:19 <DIR> d-------- C:\WINDOWS\Microsoft.NET 2007-01-18 18:09 84,992 --a------ C:\WINDOWS\system32\ATL70.DLL 2007-01-18 18:09 171,008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys 2007-01-18 18:08 65,536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL 2007-01-18 18:08 61,440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL 2007-01-18 18:08 61,440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL 2007-01-18 18:08 61,440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL 2007-01-18 18:08 57,344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL 2007-01-18 18:08 54,784 --a------ C:\WINDOWS\system32\MSVCI70.DLL 2007-01-18 18:08 49,152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL 2007-01-18 18:08 49,152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL 2007-01-18 18:08 487,424 --a------ C:\WINDOWS\system32\MSVCP70.DLL 2007-01-18 18:08 45,056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL 2007-01-18 18:08 40,960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL 2007-01-18 18:08 344,064 --a------ C:\WINDOWS\system32\MSVCR70.DLL 2007-01-18 18:00 14,165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys 2007-01-17 17:28 952 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys 2007-01-17 17:28 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\InstallShield 2007-01-17 17:27 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Corel 2007-01-17 17:26 <DIR> d-------- C:\Program Files\Corel 2007-01-17 17:26 <DIR> d-------- C:\Program Files\Common Files\Corel 2007-01-17 12:57 <DIR> d--hs---- C:\WINDOWS\ftpcache 2007-01-17 10:08 <DIR> d-------- C:\Program Files\Paparazzi 2007-01-17 10:08 <DIR> d-------- C:\Program Files\BFG 2007-01-16 10:58 10,920 --a------ C:\aolconnfix.exe 2007-01-15 21:40 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Lavasoft 2007-01-15 18:36 10,368 --a------ C:\WINDOWS\system32\drivers\pfc.sys 2007-01-15 18:36 <DIR> d-------- C:\Program Files\MemoriesOnTV3 2007-01-15 18:06 <DIR> d-------- C:\WINDOWS\pss 2007-01-15 17:32 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Trymedia 2007-01-15 15:05 20,640 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys 2007-01-15 15:02 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy 2007-01-15 14:55 <DIR> d-------- C:\Program Files\Lavasoft 2007-01-15 14:44 <DIR> d-------- C:\Program Files\The Weather Channel FW 2007-01-15 13:56 1,613,824 --a------ C:\WINDOWS\system32\cdintf250.dll 2007-01-15 13:56 <DIR> d-------- C:\Program Files\Common Files\Palo Alto Software 2007-01-15 13:55 <DIR> d-------- C:\Program Files\Quicken 2007-01-15 13:55 <DIR> d-------- C:\Program Files\Common Files\Intuit 2007-01-15 11:30 <DIR> d-------- C:\Program Files\MemoriesOnTV 2007-01-15 11:14 <DIR> d-------- C:\Program Files\Age Of Japan 2007-01-15 11:13 <DIR> d-------- C:\Program Files\Bejeweled 2007-01-15 11:13 <DIR> d-------- C:\Program Files\Atlantis 2007-01-15 11:12 <DIR> d-------- C:\Program Files\Zodiac Tower 2007-01-15 11:12 <DIR> d-------- C:\Program Files\Tropical Puzzle 2007-01-15 11:12 <DIR> d-------- C:\Program Files\Travelogue 360 Paris 2007-01-15 11:12 <DIR> d-------- C:\Program Files\TipTop Deluxe 2007-01-15 11:12 <DIR> d-------- C:\Program Files\Tiki Boom Boom 2007-01-15 11:12 <DIR> d-------- C:\Program Files\The Wonderful Wizard of Oz 2007-01-15 11:12 <DIR> d-------- C:\Program Files\The Treasures Of Montezuma 2007-01-15 11:12 <DIR> d-------- C:\Program Files\Temple of Jewels 2007-01-15 11:11 <DIR> d-------- C:\Program Files\SuperBounceOut 2007-01-15 11:11 <DIR> d-------- C:\Program Files\Spin & Play 2007-01-15 11:11 <DIR> d-------- C:\Program Files\Scrubbles 2007-01-15 11:11 <DIR> d-------- C:\Program Files\ReflexiveArcade 2007-01-15 11:11 <DIR> d-------- C:\Program Files\Phantasia 2007-01-15 11:10 <DIR> d-------- C:\Program Files\Nancy Drew - Last Train to Blue Moon Canyon 2007-01-15 11:10 <DIR> d-------- C:\Program Files\Mystery Solitaire - Secret Island 2007-01-15 11:10 <DIR> d-------- C:\Program Files\Mystery Case Files - Ravenhearst 2007-01-15 11:10 <DIR> d-------- C:\Program Files\Mystery Case Files - Prime Suspects 2007-01-15 11:10 <DIR> d-------- C:\Program Files\Mystery Case Files - Huntsville 2007-01-15 11:10 <DIR> d-------- C:\Program Files\Mosaic Tomb of Mystery 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Mind Your Marbles 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Magic Vines 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Jewels of Cleopatra 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Jewel Quest Solitaire 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Jewel Quest 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Jewel Match 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Galapago 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Fresco Wizard 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Fairies 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Dynomite 2007-01-15 11:09 <DIR> d-------- C:\Program Files\DXBall2 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Druids - Battle of Magic 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Charm Tale 2007-01-15 11:09 <DIR> d-------- C:\Program Files\Caribbean Treasures 2007-01-15 11:08 <DIR> d-------- C:\Program Files\Butterfly Escape 2007-01-15 11:08 <DIR> d-------- C:\Program Files\BounceOutBlitz 2007-01-15 11:08 <DIR> d-------- C:\Program Files\BounceOut 2007-01-15 11:08 <DIR> d-------- C:\Program Files\Big Money Deluxe 2007-01-15 11:08 <DIR> d-------- C:\Program Files\Big Kahuna Reef 2007-01-15 11:08 <DIR> d-------- C:\Program Files\Angkor 2007-01-14 20:45 <DIR> d-------- C:\Program Files\Common Files\Scanner 2007-01-14 20:44 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Application Data\McAfee.com Personal Firewall 2007-01-14 20:44 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\McAfee.com Personal Firewall 2007-01-14 20:44 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\mcafee.com personal firewall 2007-01-14 20:43 <DIR> d-------- C:\WINDOWS\Downloaded Installations 2007-01-14 20:41 82,432 --a------ C:\WINDOWS\system32\msxml4r.dll 2007-01-14 20:41 44,544 --a------ C:\WINDOWS\system32\msxml4a.dll 2007-01-14 20:40 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\McAfee 2007-01-14 20:07 <DIR> d-------- C:\Program Files\AOL 2007-01-14 19:52 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\AOL Downloads 2007-01-14 19:47 <DIR> d-------- C:\Program Files\Common Files\aolback 2007-01-14 19:47 <DIR> d-------- C:\Install iTunes 2007-01-14 19:47 <DIR> d-------- C:\Install ICQ 2007-01-14 19:47 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\AOL 2007-01-14 19:47 <DIR> d-------- C:\aolextras 2007-01-14 19:47 <DIR> d-------- C:\AOL Instant Messenger 2007-01-14 19:46 <DIR> d-------- C:\Program Files\Common Files\Nullsoft 2007-01-14 19:46 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\You've Got Pictures Screensaver 2007-01-14 19:46 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\QuickTime 2007-01-14 19:45 8,552 --a------ C:\WINDOWS\system32\drivers\asctrm.sys 2007-01-14 19:45 102,400 --a------ C:\WINDOWS\system32\SimpleRegistry.dll 2007-01-14 19:45 10,752 --a------ C:\WINDOWS\system32\aamd532.dll 2007-01-14 19:45 <DIR> d-------- C:\Program Files\Viewpoint 2007-01-14 19:45 <DIR> d-------- C:\Program Files\Real 2007-01-14 19:45 <DIR> d-------- C:\Program Files\Pure Networks 2007-01-14 19:45 <DIR> d-------- C:\Program Files\Common Files\Real 2007-01-14 19:45 <DIR> d-------- C:\My Music 2007-01-14 19:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Viewpoint 2007-01-14 19:45 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Pure Networks 2007-01-14 19:44 335 --a------ C:\WINDOWS\nsreg.dat 2007-01-14 19:44 <DIR> d-------- C:\Program Files\Common Files\aolshare 2007-01-14 19:44 <DIR> d-------- C:\Program Files\Common Files\AOL 2007-01-14 19:44 <DIR> d-------- C:\Program Files\America Online 9.0 2007-01-14 19:44 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\AOL 2007-01-14 19:43 <DIR> d--h----- C:\TEMP 2007-01-14 19:16 <DIR> d-------- C:\Program Files\Registry Clean Expert 2007-01-14 19:13 43,136 --a------ C:\WINDOWS\system32\drivers\sbp2port.sys 2007-01-14 18:50 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2007-01-14 18:46 <DIR> d-------- C:\Program Files\Texas Instruments Inc 2007-01-14 17:13 <DIR> d-------- C:\WINDOWS\system32\appmgmt 2007-01-14 16:54 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Acronis 2007-01-14 16:52 99,776 --a------ C:\WINDOWS\system32\drivers\snapman.sys 2007-01-14 16:52 388,000 --a------ C:\WINDOWS\system32\drivers\timntr.sys 2007-01-14 16:52 32,288 --a------ C:\WINDOWS\system32\drivers\tifsfilt.sys 2007-01-14 16:52 <DIR> d-------- C:\Program Files\Common Files\Acronis 2007-01-14 16:52 <DIR> d-------- C:\Program Files\Acronis 2007-01-14 16:30 <DIR> d-------- C:\Program Files\Common Files\Adobe 2007-01-14 16:30 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Application Data\Adobe 2007-01-14 16:30 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Adobe 2007-01-14 16:26 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\AdobeUM 2007-01-14 16:26 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Adobe 2007-01-14 16:22 5,888 --------- C:\WINDOWS\system32\drivers\imagedrv.sys 2007-01-14 16:22 127,488 --------- C:\WINDOWS\system32\drivers\imagesrv.sys 2007-01-14 16:04 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Active Disk 2007-01-14 16:03 86,016 --a------ C:\WINDOWS\unvise32.exe 2007-01-14 16:02 <DIR> d-------- C:\Program Files\Iomega 2007-01-14 15:53 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Smart Panel 2007-01-14 15:48 45,056 --------- C:\WINDOWS\system32\EpPicPrt.dll 2007-01-14 15:48 45,056 --------- C:\WINDOWS\system32\EpPicMgr.dll 2007-01-14 15:48 413,696 --a------ C:\WINDOWS\system32\PICSDK.dll 2007-01-14 15:48 29,521 --a------ C:\WINDOWS\system32\EPPICPrinterDB.dat 2007-01-14 15:48 20,910 --a------ C:\WINDOWS\system32\EPPICPattern2.dat 2007-01-14 15:48 20,869 --a------ C:\WINDOWS\system32\EPPICPattern1.dat 2007-01-14 15:48 <DIR> d-------- C:\EPSONREG 2007-01-14 15:48 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Leadertech 2007-01-14 15:47 <DIR> d-------- C:\Program Files\ABBYY FineReader 5.0 Sprint 2007-01-14 15:46 96,768 --a------ C:\WINDOWS\SlantAdj.dll 2007-01-14 15:46 73,216 --a------ C:\WINDOWS\ADE.DLL 2007-01-14 15:46 <DIR> d-------- C:\Program Files\Smart Panel 2007-01-14 15:45 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2007-01-14 15:45 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-01-14 15:45 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2007-01-14 15:44 46,080 --a------ C:\WINDOWS\system32\escimgd.dll 2007-01-14 15:44 29,696 --a------ C:\WINDOWS\system32\escwiad.dll 2007-01-14 15:44 22,528 --a------ C:\WINDOWS\system32\esccmd.dll 2007-01-14 15:44 131,072 --a------ C:\WINDOWS\system32\Epcmlib.dll 2007-01-14 15:44 <DIR> d-------- C:\WINDOWS\EPSON PhotoStarter Essential 2007-01-14 15:44 <DIR> d-------- C:\WINDOWS\EPSON CardMonitor Essential 2007-01-14 15:44 <DIR> d-------- C:\Program Files\epson 2007-01-14 15:37 <DIR> d-------- C:\DOCUME~1\CRANKY~1\Application Data\Intuit 2007-01-14 15:36 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Intuit 2007-01-14 15:31 2,973,696 --------- C:\WINDOWS\UNMRW.exe 2007-01-14 15:30 8,704 --------- C:\WINDOWS\system32\drivers\InCDrec.sys 2007-01-14 15:30 33,536 --------- C:\WINDOWS\system32\drivers\InCDrm.sys 2007-01-14 15:30 3,067,904 --------- C:\WINDOWS\NuNinst.exe 2007-01-14 15:30 29,440 --------- C:\WINDOWS\system32\drivers\InCDpass.sys 2007-01-14 15:30 102,016 --------- C:\WINDOWS\system32\drivers\InCDfs.sys 2007-01-14 15:30 <DIR> d-------- C:\WINDOWS\InCD 2007-01-14 15:30 <DIR> d-------- C:\Program Files\Common Files\Nero 2007-01-14 15:30 <DIR> d-------- C:\Program Files\Common Files\LightScribe 2007-01-14 15:29 476,320 --------- C:\WINDOWS\system32\ImagXpr7.dll 2007-01-14 15:29 471,040 --------- C:\WINDOWS\system32\ImagXRA7.dll 2007-01-14 15:29 364,544 --------- C:\WINDOWS\system32\TwnLib4.dll 2007-01-14 15:29 262,144 --------- C:\WINDOWS\system32\ImagXR7.dll 2007-01-14 15:29 155,648 --a------ C:\WINDOWS\system32\NeroCheck.exe 2007-01-14 15:29 106,496 --a------ C:\WINDOWS\system32\TwnLib20.dll 2007-01-14 15:29 1,568,768 --------- C:\WINDOWS\system32\ImagX7.dll 2007-01-14 15:29 <DIR> d-------- C:\Program Files\Common Files\Ahead 2007-01-14 15:29 <DIR> d-------- C:\Program Files\Ahead 2007-01-14 15:22 <DIR> d-------- C:\Program Files\SAMSUNG 2007-01-14 15:20 <DIR> d-------- C:\Samsung DVD 2007-01-14 14:53 <DIR> d-------- C:\WINDOWS\ShellNew 2007-01-14 14:53 <DIR> d-------- C:\Program Files\Microsoft ActiveSync 2007-01-14 14:52 <DIR> d--hs---- C:\RECYCLER 2007-01-14 14:42 <DIR> d-------- C:\Program Files\Windows Media Connect 2 2007-01-14 14:41 <DIR> d-------- C:\WINDOWS\system32\LogFiles 2007-01-14 14:41 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF 2007-01-14 14:35 <DIR> d-------- C:\WINDOWS\RegisteredPackages 2007-01-14 14:31 <DIR> d-------- C:\WINDOWS\WBEM 2007-01-14 14:31 <DIR> d-------- C:\WINDOWS\system32\en-US 2007-01-14 14:29 121,856 --------- C:\WINDOWS\system32\xmllite.dll 2007-01-14 14:29 <DIR> d--h-c--- C:\WINDOWS\ie7 2007-01-14 14:29 <DIR> d-------- C:\WINDOWS\network diagnostic 2007-01-14 14:22 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat 2007-01-14 14:01 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage 2007-01-14 13:57 831,600 --a------ C:\WINDOWS\system32\Ctaa1.dat 2007-01-14 13:57 77,824 --a------ C:\WINDOWS\system32\ctdvda32.dll 2007-01-14 13:57 <DIR> d-------- C:\WINDOWS\system32\Win9X 2007-01-14 13:47 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-01-14 13:47 <DIR> d--h----- C:\WINDOWS\$hf_mig$ 2007-01-14 13:47 <DIR> d-------- C:\WINDOWS\system32\PreInstall 2007-01-14 13:45 18,200 --a------ C:\WINDOWS\system32\wups2.dll 2007-01-14 13:45 <DIR> d--hs---- C:\DOCUME~1\CRANKY~1\UserData 2007-01-14 13:45 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-01-14 13:37 41,984 --------- C:\WINDOWS\Ctregrun.exe 2007-01-14 13:37 384 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000A-00001102-00000004-20021102}.dat 2007-01-14 13:37 384 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000A-00001102-00000004-20021102}.dat 2007-01-14 13:36 90,112 --------- C:\WINDOWS\Updreg.EXE 2007-01-14 13:36 84,992 --------- C:\WINDOWS\system32\SFCVRT32.DLL 2007-01-14 13:36 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-01-14 13:36 82,432 --------- C:\WINDOWS\system32\CTWFLT32.DLL 2007-01-14 13:36 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys 2007-01-14 13:36 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-01-14 13:36 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-01-14 13:36 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-01-14 13:36 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-01-14 13:36 53,552 --------- C:\WINDOWS\CTCCW.DLL 2007-01-14 13:36 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-01-14 13:36 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2007-01-14 13:36 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys 2007-01-14 13:36 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-01-14 13:36 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-01-14 13:36 26,768 --------- C:\WINDOWS\system32\CTL3D.DLL 2007-01-14 13:36 24,976 --------- C:\WINDOWS\CTRES.DLL 2007-01-14 13:36 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-01-14 13:36 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-01-14 13:36 149,504 --------- C:\WINDOWS\system32\MFCANS32.DLL 2007-01-14 13:36 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-01-14 13:36 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-01-14 13:36 108,032 --------- C:\WINDOWS\system32\MFCUIA32.DLL 2007-01-14 13:36 10,624 --a------ C:\WINDOWS\system32\drivers\gameenum.sys 2007-01-14 13:36 1,048,576 --------- C:\WINDOWS\system32\SFMAN.DAT 2007-01-14 13:36 <DIR> d-------- C:\WINDOWS\system32\Defaults 2007-01-14 13:35 94,208 --a------ C:\WINDOWS\DEVREG.DLL 2007-01-14 13:35 860,592 --a------ C:\WINDOWS\system32\drivers\ha10kx2k.sys 2007-01-14 13:35 77,824 --a------ C:\WINDOWS\system32\EAXAC3.DLL 2007-01-14 13:35 651,792 --a------ C:\WINDOWS\system32\drivers\ctac32k.sys 2007-01-14 13:35 65,536 --a------ C:\WINDOWS\system32\a3d.dll 2007-01-14 13:35 602,112 --a------ C:\WINDOWS\system32\ctsblfx.dll 2007-01-14 13:35 6,144 --a------ C:\WINDOWS\system32\drivers\ctprxy2k.sys 2007-01-14 13:35 589,824 --a------ C:\WINDOWS\system32\ctaudfx.dll 2007-01-14 13:35 57,344 --a------ C:\WINDOWS\system32\CTAGENT.DLL 2007-01-14 13:35 54,190 --a------ C:\WINDOWS\system32\ctdaught.dat 2007-01-14 13:35 53,248 --a------ C:\WINDOWS\system32\KILLAPPS.EXE 2007-01-14 13:35 53,248 --a------ C:\WINDOWS\system32\AC3API.DLL 2007-01-14 13:35 509,328 --a------ C:\WINDOWS\system32\drivers\ctaud2k.sys 2007-01-14 13:35 49,152 --a------ C:\WINDOWS\system32\ctcoinst.dll 2007-01-14 13:35 49,152 --a------ C:\WINDOWS\MIDIDEF.EXE 2007-01-14 13:35 49,152 --a------ C:\WINDOWS\CTDCRES.DLL 2007-01-14 13:35 458,752 --a------ C:\WINDOWS\system32\CTDC0001.DLL 2007-01-14 13:35 45,056 --a------ C:\WINDOWS\system32\CTSPKHLP.DLL 2007-01-14 13:35 36,864 --a------ C:\WINDOWS\system32\sfman32.dll 2007-01-14 13:35 36,864 --a------ C:\WINDOWS\system32\REGPLIB.EXE 2007-01-14 13:35 36,864 --a------ C:\WINDOWS\system32\CTEMUPIA.DLL 2007-01-14 13:35 323,584 --a------ C:\WINDOWS\system32\CTDC0000.DLL 2007-01-14 13:35 298,971 --a------ C:\WINDOWS\system32\ctstatic.dat 2007-01-14 13:35 287,920 --a------ C:\WINDOWS\system32\drivers\ctdvda2k.sys 2007-01-14 13:35 28,672 --a------ C:\WINDOWS\system32\CTMMEP.DLL 2007-01-14 13:35 256,927 --a------ C:\WINDOWS\system32\ctsbas2w.dat 2007-01-14 13:35 24,576 --a------ C:\WINDOWS\system32\CTHELPER.EXE 2007-01-14 13:35 228,510 --a------ C:\WINDOWS\system32\CTSBASW.DAT 2007-01-14 13:35 222,293 --a------ C:\WINDOWS\system32\ctdlang.dat 2007-01-14 13:35 20,480 --a------ C:\WINDOWS\system32\ENSDEF.EXE 2007-01-14 13:35 20,480 --a------ C:\WINDOWS\INRES.DLL 2007-01-14 13:35 190,208 --a------ C:\WINDOWS\system32\drivers\ctoss2k.sys 2007-01-14 13:35 189,120 --a------ C:\WINDOWS\system32\drivers\CTOSS9X.SYS 2007-01-14 13:35 184,320 --a------ C:\WINDOWS\PSCONV.EXE 2007-01-14 13:35 184 --a------ C:\WINDOWS\system32\e000001.dat 2007-01-14 13:35 180,224 --a------ C:\WINDOWS\READREG.EXE 2007-01-14 13:35 172,032 --a------ C:\WINDOWS\system32\SFMS32.DLL 2007-01-14 13:35 163,840 --a------ C:\WINDOWS\system32\OPENAL32.DLL 2007-01-14 13:35 159,040 --a------ C:\WINDOWS\system32\drivers\haP16v2k.sys 2007-01-14 13:35 155,648 --a------ C:\WINDOWS\system32\CTOSUSER.DLL 2007-01-14 13:35 145,232 --a------ C:\WINDOWS\system32\drivers\emupia2k.sys 2007-01-14 13:35 139,944 --a------ C:\WINDOWS\system32\ctbas2w.dat 2007-01-14 13:35 139,264 --a------ C:\WINDOWS\system32\CTDCIFCE.DLL 2007-01-14 13:35 136,016 --a------ C:\WINDOWS\system32\drivers\ctsfm2k.sys 2007-01-14 13:35 122,880 --a------ C:\WINDOWS\system32\ctdvinst.dll 2007-01-14 13:35 12,160 --a------ C:\WINDOWS\system32\drivers\CTGAME.SYS 2007-01-14 13:35 118,784 --a------ C:\WINDOWS\system32\CTSCAL.DLL 2007-01-14 13:35 118,784 --a------ C:\WINDOWS\system32\CTASIO.DLL 2007-01-14 13:35 114,688 --a------ C:\WINDOWS\system32\commonfx.dll 2007-01-14 13:35 111,996 --a------ C:\WINDOWS\system32\CTBASICW.DAT 2007-01-14 13:35 110,592 --a------ C:\WINDOWS\system32\PIAPROXY.DLL 2007-01-14 13:35 110,592 --a------ C:\WINDOWS\system32\CTDPROXY.DLL 2007-01-14 13:35 102,400 --a------ C:\WINDOWS\system32\CTTHXCAL.DLL 2007-01-14 13:35 <DIR> d-------- C:\WINDOWS\system32\Data 2007-01-14 13:33 15,840 --a------ C:\WINDOWS\system32\drivers\PfModNT.sys 2007-01-14 13:33 <DIR> d-------- C:\Program Files\Creative 2007-01-14 13:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\nView_Profiles 2007-01-14 13:20 4,496,128 --a------ C:\WINDOWS\system32\nv4_disp.dll 2007-01-14 13:20 3,958,496 --a------ C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-01-14 13:20 <DIR> d--h----- C:\Program Files\InstallShield Installation Information 2007-01-14 13:20 <DIR> d-------- C:\WINDOWS\system32\EVGA 2007-01-14 13:20 <DIR> d-------- C:\WINDOWS\nview 2007-01-14 13:12 <DIR> d-------- C:\Program Files\Marvell 2007-01-14 13:12 <DIR> d-------- C:\Program Files\Common Files\InstallShield 2007-01-14 13:05 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups 2007-01-14 13:05 <DIR> d-------- C:\Program Files\Intel 2007-01-14 12:57 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS 2007-01-14 12:57 5,810 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys 2007-01-14 12:51 5,242,880 --a------ C:\DOCUME~1\CRANKY~1\NTUSER.DAT 2007-01-14 12:50 229,376 --a------ C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-01-14 12:50 225,280 --a------ C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-01-14 12:50 <DIR> d-------- C:\WINDOWS\SoftwareDistribution 2007-01-14 12:50 <DIR> d-------- C:\WINDOWS\Prefetch 2007-01-14 12:47 95 --a------ C:\AUTOEXEC.BAT 2007-01-14 12:47 262,144 --ah----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-01-14 12:47 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-01-14 12:47 0 -rahs---- C:\MSDOS.SYS 2007-01-14 12:47 0 -rahs---- C:\IO.SYS 2007-01-14 12:47 0 --a------ C:\CONFIG.SYS 2007-01-14 12:47 <DIR> d-------- C:\WINDOWS\system32\xircom 2007-01-14 12:47 <DIR> d-------- C:\Program Files\microsoft frontpage 2007-01-14 12:46 <DIR> dr------- C:\WINDOWS\Offline Web Pages 2007-01-14 12:46 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM 2007-01-14 12:46 <DIR> d--h----- C:\Program Files\WindowsUpdate 2007-01-14 12:46 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files 2007-01-14 12:46 <DIR> d-------- C:\WINDOWS\system32\DirectX 2007-01-14 12:45 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-01-14 12:45 81,920 --a------ C:\WINDOWS\system32\ils.dll 2007-01-14 12:45 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll 2007-01-14 12:45 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2007-01-14 12:45 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-01-14 12:45 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll 2007-01-14 12:45 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2007-01-14 12:45 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-01-14 12:45 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2007-01-14 12:45 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-01-14 12:45 64,512 --a------ C:\WINDOWS\system32\acctres.dll 2007-01-14 12:45 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-01-14 12:45 48,128 --a------ C:\WINDOWS\system32\inetres.dll 2007-01-14 12:45 465,176 --a------ C:\WINDOWS\system32\wuapi.dll 2007-01-14 12:45 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2007-01-14 12:45 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-01-14 12:45 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-01-14 12:45 41,240 --a------ C:\WINDOWS\system32\wups.dll 2007-01-14 12:45 382,464 --a------ C:\WINDOWS\system32\qmgr.dll 2007-01-14 12:45 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-01-14 12:45 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-01-14 12:45 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-01-14 12:45 29,696 --a------ C:\WINDOWS\system32\safrdm.dll 2007-01-14 12:45 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-01-14 12:45 274,944 --a------ C:\WINDOWS\system32\mstask.dll 2007-01-14 12:45 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-01-14 12:45 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-01-14 12:45 239,104 --a------ C:\WINDOWS\system32\srrstr.dll 2007-01-14 12:45 23,040 --a------ C:\WINDOWS\system32\fltmc.exe 2007-01-14 12:45 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-01-14 12:45 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-01-14 12:45 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-01-14 12:45 173,536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-01-14 12:45 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-01-14 12:45 170,496 --a------ C:\WINDOWS\system32\srsvc.dll 2007-01-14 12:45 16,896 --a------ C:\WINDOWS\system32\fltlib.dll 2007-01-14 12:45 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-01-14 12:45 128,896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys 2007-01-14 12:45 127,256 --a------ C:\WINDOWS\system32\wucltui.dll 2007-01-14 12:45 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-01-14 12:45 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-01-14 12:45 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2007-01-14 12:45 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-01-14 12:45 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2007-01-14 12:45 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-01-14 12:45 <DIR> d---s---- C:\WINDOWS\Tasks 2007-01-14 12:45 <DIR> d-------- C:\WINDOWS\system32\Restore 2007-01-14 12:45 <DIR> d-------- C:\WINDOWS\system32\Macromed 2007-01-14 12:45 <DIR> d-------- C:\WINDOWS\srchasst 2007-01-14 12:45 <DIR> d-------- C:\Program Files\Movie Maker 2007-01-14 12:45 <DIR> d-------- C:\Program Files\Common Files\MSSoap 2007-01-14 12:44 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-01-14 12:44 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-01-14 12:44 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-01-14 12:44 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-01-14 12:44 227,840 --a------ C:\WINDOWS\system32\avtapi.dll 2007-01-14 12:44 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-01-14 12:44 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-01-14 12:44 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-01-14 12:44 <DIR> d-------- C:\WINDOWS\Registration 2007-01-14 12:44 <DIR> d-------- C:\Program Files\MSN Gaming Zone 2007-01-14 12:44 <DIR> d-------- C:\Program Files\Messenger 2007-01-14 12:43 97,792 --a------ C:\WINDOWS\system32\comrepl.dll 2007-01-14 12:43 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-01-14 12:43 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-01-14 12:43 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-01-14 12:43 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-01-14 12:43 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-01-14 12:43 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-01-14 12:43 80,384 --a------ C:\WINDOWS\system32\charmap.exe 2007-01-14 12:43 67,072 --a------ C:\WINDOWS\system32\rdshost.exe 2007-01-14 12:43 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2007-01-14 12:43 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-01-14 12:43 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-01-14 12:43 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-01-14 12:43 60,416 --a------ C:\WINDOWS\system32\remotepg.dll 2007-01-14 12:43 60,416 --a------ C:\WINDOWS\system32\colbact.dll 2007-01-14 12:43 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-01-14 12:43 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-01-14 12:43 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2007-01-14 12:43 56,832 --a------ C:\WINDOWS\system32\sol.exe 2007-01-14 12:43 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2007-01-14 12:43 55,296 --a------ C:\WINDOWS\system32\freecell.exe 2007-01-14 12:43 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2007-01-14 12:43 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-01-14 12:43 538,624 --a------ C:\WINDOWS\system32\spider.exe 2007-01-14 12:43 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-01-14 12:43 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-01-14 12:43 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-01-14 12:43 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-01-14 12:43 407,552 --a------ C:\WINDOWS\system32\mstsc.exe 2007-01-14 12:43 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-01-14 12:43 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-01-14 12:43 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-01-14 12:43 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-01-14 12:43 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-01-14 12:43 343,040 --a------ C:\WINDOWS\system32\mspaint.exe 2007-01-14 12:43 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-01-14 12:43 295,424 --a------ C:\WINDOWS\system32\termsrv.dll 2007-01-14 12:43 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-01-14 12:43 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-01-14 12:43 225,792 --a------ C:\WINDOWS\system32\catsrv.dll 2007-01-14 12:43 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-01-14 12:43 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-01-14 12:43 20,992 --a------ C:\WINDOWS\system32\msg.exe 2007-01-14 12:43 20,480 --a------ C:\WINDOWS\system32\qprocess.exe 2007-01-14 12:43 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-01-14 12:43 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-01-14 12:43 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-01-14 12:43 185,344 --a------ C:\WINDOWS\system32\cmprops.dll 2007-01-14 12:43 183,808 --a------ C:\WINDOWS\system32\accwiz.exe 2007-01-14 12:43 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-01-14 12:43 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-01-14 12:43 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-01-14 12:43 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-01-14 12:43 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-01-14 12:43 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-01-14 12:43 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-01-14 12:43 15,360 --a------ C:\WINDOWS\system32\logoff.exe 2007-01-14 12:43 147,968 --a------ C:\WINDOWS\system32\rdchost.dll 2007-01-14 12:43 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-01-14 12:43 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-01-14 12:43 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-01-14 12:43 14,848 --a------ C:\WINDOWS\system32\tscon.exe 2007-01-14 12:43 14,848 --a------ C:\WINDOWS\system32\shadow.exe 2007-01-14 12:43 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-01-14 12:43 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-01-14 12:43 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-01-14 12:43 126,976 --a------ C:\WINDOWS\system32\mshearts.exe 2007-01-14 12:43 123,392 --a------ C:\WINDOWS\system32\mplay32.exe 2007-01-14 12:43 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-01-14 12:43 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-01-14 12:43 114,688 --a------ C:\WINDOWS\system32\calc.exe 2007-01-14 12:43 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-01-14 12:43 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-01-14 12:43 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2007-01-14 12:43 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-01-14 12:43 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-01-14 12:43 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-01-14 12:43 <DIR> d-------- C:\WINDOWS\system32\MsDtc 2007-01-14 12:43 <DIR> d-------- C:\WINDOWS\system32\Com 2007-01-14 12:43 <DIR> d-------- C:\Program Files\Windows NT 2007-01-14 07:40 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-01-14 07:39 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2007-01-14 07:39 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-01-14 07:38 74,240 --a------ C:\WINDOWS\system32\usbui.dll 2007-01-14 07:38 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys 2007-01-14 07:38 42,368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS 2007-01-14 07:37 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-01-14 07:37 9,008 --a------ C:\WINDOWS\system\VER.DLL 2007-01-14 07:37 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-01-14 07:37 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-01-14 07:37 8,704 --a------ C:\WINDOWS\system32\batt.dll 2007-01-14 07:37 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-01-14 07:37 74,752 --a------ C:\WINDOWS\system32\storprop.dll 2007-01-14 07:37 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll 2007-01-14 07:37 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-01-14 07:37 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE 2007-01-14 07:37 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll 2007-01-14 07:37 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL 2007-01-14 07:37 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-01-14 07:37 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-01-14 07:37 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-01-14 07:37 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-01-14 07:37 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-01-14 07:37 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-01-14 07:37 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-01-14 07:37 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-01-14 07:37 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-01-14 07:37 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-01-14 07:37 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-01-14 07:37 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-01-14 07:37 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-01-14 07:37 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-01-14 07:37 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-01-14 07:37 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-01-14 07:37 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-01-14 07:37 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-01-14 07:37 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-01-14 07:37 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-01-14 07:37 <DIR> dr------- C:\Program Files 2007-01-14 07:37 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents 2007-01-14 07:37 <DIR> d--hs---- C:\WINDOWS\Installer 2007-01-14 07:37 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines 2007-01-14 07:37 <DIR> d-------- C:\Program Files\Common Files\ODBC 2007-01-14 07:36 <DIR> d--hs---- C:\System Volume Information 2007-01-14 07:36 <DIR> d-------- C:\WINDOWS\system32\CatRoot2 2007-01-14 07:36 <DIR> d-------- C:\WINDOWS\system32\CatRoot 2007-01-14 07:36 <DIR> d-------- C:\Documents and Settings 2007-01-14 07:30 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache 2007-01-14 07:30 <DIR> dr--s---- C:\WINDOWS\Fonts 2007-01-14 07:30 <DIR> dr------- C:\WINDOWS\Web 2007-01-14 07:30 <DIR> d--h----- C:\WINDOWS\inf 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\WinSxS 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\twain_32 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\wins 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\wbem 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\usmt 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\spool 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\ShellExt 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\Setup 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\ras 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\oobe 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\npp 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\mui 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\inetsrv 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\IME 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\icsxml 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\ias 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\export 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\drivers\etc 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\drivers 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\dhcp 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\config 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\3com_dmi 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\3076 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\2052 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1054 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1042 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1041 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1037 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1033 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1031 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1028 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32\1025 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system32 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\system 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\security 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Resources 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\repair 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Provisioning 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\PeerNet 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\pchealth 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\mui 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\msapps 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\msagent 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Media 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\java 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\ime 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Help 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\ehome 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Driver Cache 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Debug 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Cursors 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Connection Wizard 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\Config 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\AppPatch 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS\addins 2007-01-14 07:30 <DIR> d-------- C:\WINDOWS (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-02-11 20:41 -------- d-------- C:\DOCUME~1\CRANKY~1\Application Data\.bittornado 2007-01-29 03:58 60416 --------- C:\WINDOWS\system32\tzchange.exe 2007-01-17 10:57 -------- d-------- C:\DOCUME~1\CRANKY~1\Application Data\macromedia 2007-01-15 15:13 -------- d---s---- C:\DOCUME~1\CRANKY~1\Application Data\microsoft 2007-01-14 12:51 -------- d-------- C:\DOCUME~1\CRANKY~1\Application Data\identities 2007-01-14 07:37 62 --ahs---- C:\DOCUME~1\CRANKY~1\Application Data\desktop.ini 2007-01-12 09:27 51712 --------- C:\WINDOWS\system32\msfeedsbs.dll 2007-01-12 09:27 458752 --------- C:\WINDOWS\system32\msfeeds.dll 2007-01-08 19:04 102400 --a------ C:\WINDOWS\system32\occache.dll 2007-01-08 19:02 44544 --a------ C:\WINDOWS\system32\iernonce.dll 2007-01-08 19:02 384000 --a------ C:\WINDOWS\system32\iedkcs32.dll 2007-01-08 19:02 230400 --a------ C:\WINDOWS\system32\ieaksie.dll 2007-01-08 19:02 161792 --a------ C:\WINDOWS\system32\ieakui.dll 2007-01-08 19:02 153088 --a------ C:\WINDOWS\system32\ieakeng.dll 2007-01-08 18:08 56832 --a------ C:\WINDOWS\system32\ie4uinit.exe 2007-01-08 18:08 13824 --a------ C:\WINDOWS\system32\ieudinit.exe 2006-12-01 13:53 624240 --a------ C:\WINDOWS\system32\imagecontrol.dll 2006-12-01 13:53 2684528 --a------ C:\WINDOWS\system32\axctp2.dll 2006-11-27 09:54 539136 --a------ C:\WINDOWS\system32\msftedit.dll 2006-11-27 09:54 433152 --a------ C:\WINDOWS\system32\riched20.dll 2006-11-16 11:44 103984 --a------ C:\WINDOWS\system32\aoldial.dll (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe" "RegClean Expert Scheduler"="\"C:\\Program Files\\Registry Clean Expert\\RCHelper.exe\" /startup" "DW4"="\"C:\\Program Files\\The Weather Channel FW\\Desktop Weather\\DesktopWeather.exe\"" "Sectpart"="C:\\DOCUME~1\\CRANKY~1\\APPLIC~1\\DOWNLO~1\\signcast.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "CTHelper"="CTHELPER.EXE" "AsioReg"="REGSVR32.EXE /S CTASIO.DLL" "SBDrvDet"="C:\\Program Files\\Creative\\SB Drive Det\\SBDrvDet.exe /r" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "CTSysVol"="C:\\Program Files\\Creative\\SBAudigy2ZS\\Surround Mixer\\CTSysVol.exe /r" "CTDVDDET"="C:\\Program Files\\Creative\\SBAudigy2ZS\\DVDAudio\\CTDVDDET.EXE" "NeroFilterCheck"="C:\\WINDOWS\\system32\\NeroCheck.exe" "InCD"="C:\\Program Files\\Ahead\\InCD\\InCD.exe" "EPSON Stylus CX6600 Series"="C:\\WINDOWS\\System32\\spool\\DRIVERS\\W32X86\\3\\E_FATI9EA.EXE /P26 \"EPSON Stylus CX6600 Series\" /O6 \"USB001\" /M \"Stylus CX6600\"" "ADUserMon"="C:\\Program Files\\Iomega\\AutoDisk\\ADUserMon.exe" "TrueImageMonitor.exe"="C:\\Program Files\\Acronis\\TrueImageHome\\TrueImageMonitor.exe" "AcronisTimounterMonitor"="C:\\Program Files\\Acronis\\TrueImageHome\\TimounterMonitor.exe" "Acronis Scheduler2 Service"="\"C:\\Program Files\\Common Files\\Acronis\\Schedule2\\schedhlp.exe\"" "HostManager"="C:\\Program Files\\Common Files\\AOL\\1168821879\\ee\\AOLSoftware.exe" "AOLDialer"="C:\\Program Files\\Common Files\\AOL\\ACS\\AOLDial.exe" "Iomega Drive Icons"="C:\\Program Files\\Iomega\\DriveIcons\\ImgIcon.exe" "Deskup"="C:\\Program Files\\Iomega\\DriveIcons\\deskup.exe /IMGSTART" "DiskeeperSystray"="\"C:\\Program Files\\Diskeeper Corporation\\Diskeeper\\DkIcon.exe\"" "Vrmon"="C:\\Program Files\\PCSecurityShield\\ShieldAntivirus\\vrmonnt.exe Main" "VrSchedule"="C:\\Program Files\\PCSecurityShield\\ShieldAntivirus\\Vrres.exe" "VrProxyc"="C:\\Program Files\\PCSecurityShield\\ShieldAntivirus\\vrproxyc.exe" "VrProxyd"="C:\\Program Files\\PCSecurityShield\\ShieldAntivirus\\vrproxyd.exe" "NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup" "nwiz"="nwiz.exe /install" "PinnacleDriverCheck"="C:\\WINDOWS\\system32\\\\PSDrvCheck.exe" "PCLEPCI"="C:\\PROGRA~1\\Pinnacle\\PPE\\PPE.EXE" "USBToolTip"="\"C:\\Program Files\\Pinnacle\\Shared Files\\\\Programs\\USBTip\\USBTip.exe\"" "NvMediaCenter"="RunDLL32.exe NvMCTray.dll,NvTaskbarInit" "Program two bib free"="C:\\Documents and Settings\\All Users\\Application Data\\AntiToolProgramTwo\\Wmastop.exe" "Easy SpyRemover"="C:\\Program Files\\Easy SpyRemover\\EasySpyRemover.exe /smart" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\"" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI] "Installed"="1" "NoChange"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS] "Installed"="1" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce] "SpybotSnD"="\"C:\\Program Files\\Spybot - Search & Destroy\\SpybotSD.exe\" /autocheck" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk] "backup"="C:\\WINDOWS\\pss\\Adobe Reader Speed Launch.lnkCommon Startup" "location"="Common Startup" "command"="C:\\PROGRA~1\\Adobe\\ACROBA~1.0\\Reader\\READER~1.EXE " "item"="Adobe Reader Speed Launch" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AOL Fast Start] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="AOL" "hkey"="HKCU" "command"="\"C:\\Program Files\\America Online 9.0\\AOL.EXE\" -b" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="dumprep 0 -k" "hkey"="HKLM" "command"="%systemroot%\\system32\\dumprep 0 -k" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="qttask" "hkey"="HKLM" "command"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="RealPlay" "hkey"="HKLM" "command"="C:\\Program Files\\Real\\RealPlayer\\RealPlay.exe SYSTEMBOOTHIDEPLAYER" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Sectpart] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="signcast" "hkey"="HKCU" "command"="C:\\DOCUME~1\\CRANKY~1\\APPLIC~1\\DOWNLO~1\\signcast.exe" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] "key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run" "item"="winampa" "hkey"="HKLM" "inimapping"="0" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\ADD4EDE291D36B66.job ******************************************************************** catchme 0.1 W2K/XP - userland rootkit detector by Gmer, 17 October 2006 http://www.gmer.net scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-02-13 19:19:36 ---------------------------------------------------- Panda report:: Incident Status Location Adware:Adware/Lop Not disinfected c:\docume~1\cranky~1\applic~1\downlo~1\signcast.exe Adware:Adware/Lop Not disinfected C:\Documents and Settings\All Users\Application Data\AntiToolProgramTwo\Pollgram.exe Adware:Adware/Lop Not disinfected C:\Documents and Settings\All Users\Application Data\AntiToolProgramTwo\Wmastop.exe Adware:Adware/Lop Not disinfected C:\Documents and Settings\Cranky Baby\Application Data\Download Lite Audio\fkbmufja.exe Adware:Adware/Lop Not disinfected C:\Documents and Settings\Cranky Baby\Application Data\Download Lite Audio\keurgehk.exe Adware:Adware/Lop Not disinfected C:\Documents and Settings\Cranky Baby\Application Data\Download Lite Audio\signcast.exe Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@2o7[1].txt Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@advertising[2].txt Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@apmebf[2].txt Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@atdmt[2].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@atwola[1].txt Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@atwola[2].txt Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@com[1].txt Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@fastclick[2].txt Spyware:Cookie/Hitbox Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@hitbox[1].txt Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@media.fastclick[1].txt Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@mediaplex[1].txt Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@tribalfusion[1].txt Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Cranky Baby\Cookies\cranky_baby@zedo[2].txt Adware:Adware/Lop Not disinfected C:\Documents and Settings\Cranky Baby\Local Settings\Temp\bis97.exe Adware:Adware/Lop Not disinfected C:\Documents and Settings\Cranky Baby\Local Settings\Temp\bis9D.exe -------------------------------------------------------------- |
|
|
|
|
02-14-2007, 09:08 PM
|
#3 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Hi pumpkin729,
Welcome to Tech Support Forum!  I apologize for the delay getting to your log. The helpers here are all volunteers and we have been very busy here lately. If you are still having malware problems, I will be glad to help. Do you have Netpumper or Bitgrabber or BitRoll installed? If so, uninstall them via Start -> Control Panel -> Software -> Add or Remove Programs. This is because they are bundled with the malware you are dealing with (Swizzor aka Lop). Also, please check to see if the following are present in Add or Remove Programs and uninstall them if found: CiD Manager CiD Help Download Plugin for Internet Explorer EasySpyRemover Messenger Plus Messenger Plus 2 Messenger Plus 3 Zone Media If during uninstall, you are asked for uninstall Verification, please enter the numbers that will appear in the window. Then reboot. <-- Important! NEXT: After reboot, please download Deljob.exe and save it on your desktop. Double-click Deljob.exe. A log named logit.txt should open afterwards. This log will be present on your desktop. Please post the contents of the Deljob.exe log in your next reply. NEXT: Then please run HijackThis and click "Scan." Place checks next to the following entries: R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = O4 - HKLM\..\Run: [Program two bib free] C:\Documents and Settings\All Users\Application Data\AntiToolProgramTwo\Wmastop.exe O4 - HKLM\..\Run: [Easy SpyRemover] C:\Program Files\Easy SpyRemover\EasySpyRemover.exe /smart O4 - HKCU\..\Run: [Sectpart] C:\DOCUME~1\CRANKY~1\APPLIC~1\DOWNLO~1\signcast.exe Close ALL browsers (including this one) and other windows except for HijackThis, and click "Fix checked". NEXT: Please download the Killbox by Option^Explicit and save it to your desktop. NOTE: In the event you already have Killbox, this is a new version that I need you to download.
If your computer does not reboot automatically, please reboot it manually. NOTE: If you receive a message such as, "Component 'MsComCtl.ocx' or one of its dependencies not correctly registered: a file is missing or invalid." when trying to run Killbox, CLICK HERE to download and run missingfilesetup.exe. Then try Killbox again. NEXT: Please reboot your computer normally into Windows and then please post the Deljob.exe log and a new HijackThis log. How are things running now? Please let me know of any problems that still persist.
__________________
 Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum |
|
|
|
|
02-17-2007, 08:20 AM
|
#4 (permalink) |
|
Registered User
Join Date: Jul 2006
Posts: 4
OS: XP
|
New log
Sorry it took long for me to reply to your message. My hubby decided to just reinstall my windows all over again. I don't think anything is on the NEW install but please just look it over for me. I have installed Windows live One Care. Is there anything else that I should run from time to time to keep my system clean?? Thanks so much.
Logfile of HijackThis v1.99.1 Scan saved at 11:13:54 AM, on 2/17/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16414) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Microsoft Windows OneCare Live\Antivirus\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Ahead\InCD\InCDsrv.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\CTHELPER.EXE C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE C:\Program Files\Ahead\InCD\InCD.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE C:\Program Files\Iomega\AutoDisk\ADUserMon.exe C:\Program Files\Iomega\DriveIcons\ImgIcon.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\Common Files\AOL\1171650003\ee\AOLSoftware.exe C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Registry Clean Expert\RCHelper.exe C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe C:\Program Files\AOL 9.0\waol.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\WINDOWS\system32\cisvc.exe C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe C:\PROGRA~1\Iomega\System32\AppServices.exe C:\Program Files\Common Files\LightScribe\LSSrvc.exe C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Iomega\AutoDisk\ADService.exe C:\Program Files\Microsoft Windows OneCare Live\Firewall\msfwsvc.exe C:\Program Files\Microsoft Windows OneCare Live\winss.exe c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe C:\Program Files\AOL 9.0\shellmon.exe C:\WINDOWS\system32\cidaemon.exe C:\Program Files\Common Files\AOL\Topspeed\3.0\aoltpsd3.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe C:\Documents and Settings\Cranky Baby\Desktop\PC Cleaning\Files for Cleaning PC up\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ptd.net/tiki-index.php R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL O4 - HKLM\..\Run: [SBDrvDet] C:\Program Files\Creative\SB Drive Det\SBDrvDet.exe /r O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [CTDVDDET] C:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [EPSON Stylus CX6600 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9EA.EXE /P26 "EPSON Stylus CX6600 Series" /O6 "USB001" /M "Stylus CX6600" O4 - HKLM\..\Run: [ADUserMon] C:\Program Files\Iomega\AutoDisk\ADUserMon.exe O4 - HKLM\..\Run: [Iomega Drive Icons] C:\Program Files\Iomega\DriveIcons\ImgIcon.exe O4 - HKLM\..\Run: [Deskup] C:\Program Files\Iomega\DriveIcons\deskup.exe /IMGSTART O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\\PSDrvCheck.exe O4 - HKLM\..\Run: [HostManager] C:\Program Files\Common Files\AOL\1171650003\ee\AOLSoftware.exe O4 - HKLM\..\Run: [OneCareUI] "C:\Program Files\Microsoft Windows OneCare Live\winssnotify.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [RegClean Expert Scheduler] "C:\Program Files\Registry Clean Expert\RCHelper.exe" /startup O4 - HKCU\..\Run: [DW4] "C:\Program Files\The Weather Channel FW\Desktop Weather\DesktopWeather.exe" O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.0\AOL.EXE" -b O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {2AF5BD25-90C5-4EEC-88C5-B44DC2905D8B} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanage...ex-2.2.0.5.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1168800309390 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1168804950978 O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: InCD Helper (read only) (InCDsrvR) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe O23 - Service: Iomega App Services - Iomega Corporation - C:\PROGRA~1\Iomega\System32\AppServices.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe O23 - Service: MSSQL$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlservr.exe" -sPINNACLESYS (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: Pinnacle Systems Media Service (PinnacleSys.MediaServer) - Pinnacle Systems - c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe O23 - Service: SQLAgent$PINNACLESYS - Unknown owner - C:\Program Files\Pinnacle\MediaServer\Microsoft SQL Server\MSSQL$PINNACLESYS\Binn\sqlagent.EXE" -i PINNACLESYS (file missing) O23 - Service: Iomega Active Disk (_IOMEGA_ACTIVE_DISK_SERVICE_) - Iomega Corporation - C:\Program Files\Iomega\AutoDisk\ADService.exe |
|
|
|
|
02-17-2007, 10:22 AM
|
#5 (permalink) |
|
Analyst, Security Team
Join Date: Sep 2006
Posts: 1,302
OS: Windows XP SP2
|
Hi pumpkin729,
No worries about the late reply.  Just some loose ends to tie up, and then we can let you go home. Your version of Sun Java is out-of-date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older Java version components and update:
NEXT: Everything looks great --- your HijackThis log appears to be clean. Please take some time reading this list; it is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.
Please also read Tony Klein's excellent article How I got Infected in the First Place and this CastleCops article Malware Prevention: Prevent Re-infection. Hopefully this should take care of your problems! Good luck! Please respond one more time and let me know you received this post, so that it can be marked as resolved, unless you have other problems.
__________________
Keep this forum alive - if you've been helped at this forum, please do consider a donation. Thank you for your support. Donation link for Tech Support Forum Last edited by Sempurna; 02-17-2007 at 10:23 AM. |
|
|
|
| Thread Tools | |
|
|
