system32.exe, Grey Loud, and other problems - Page 2

neonknightmare · 02-26-2007, 04:15 PM

grrrr!!

I started the scan and then left for work. When I came back, it was only about a quarter done, and I had the popup that asked if I wanted to cure it.(I clicked yes to all.) So, it will be awhile yet before it is done. I had hoped to have it done when I got home.

It has found a couple of things though.

Hmmmm, it thinks smitRem is a virus?

I did find the extra empty adobe folder and deleted it.

btw, what used to be D drive is now G drive. I installed my external DVD RW.

tetonbob · 02-26-2007, 05:53 PM

Don't fret...many scanners wrongly target smitrem because of the potential of files it uses.

Sorry this is taking you so long...good thing is, we never close.

neonknightmare · 02-26-2007, 06:18 PM

No need to apologize to me!! You have been a savior.

I have just been a little frustrated because I have so much work to do, and having just reinstalled windows, I have a million things to do before I can even get started. But cleaning my system has to come first.

You have been extremely prompt and I have sang the praises of this forum to many.

OK, here are my scan results.

db2.mdb;G:\My Documents;Probably Virus;Moved.;
Process.exe;C:\Documents and Settings\Dennetts Hardware\Desktop\smitRem;Tool.Prockill;Moved.;
htfyykee.dll;C:\Documents and Settings\Dennetts Hardware\Local Settings\Temp;Trojan.Virtumod;Deleted.;
pbjqkctm.dll;C:\Documents and Settings\Dennetts Hardware\Local Settings\Temp;Trojan.Virtumod;Deleted.;
Process.exe;C:\SDFix\apps;Tool.Prockill;Moved.;
A0008204.dll;C:\System Volume Information\_restore{13A726FF-B9C1-48F9-9B4A-D960FD62303B}\RP39;Trojan.Virtumod;Deleted.;
A0008205.dll;C:\System Volume Information\_restore{13A726FF-B9C1-48F9-9B4A-D960FD62303B}\RP39;Trojan.Virtumod;Deleted.;

tetonbob · 02-26-2007, 07:20 PM

Ok, I think we're just about done....I'd like one more set of logs from ComboScan.

This time, please run it with these instructions:

Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK (Do not miss the first quote!)

"%userprofile%\desktop\comboscan.exe" /config

A configuration screen shall appear.

Tick All Boxes shown on the screen.

Click Scan!

When finished, it shall produce a set of logs for you. Post those logs in your next reply.

neonknightmare · 02-27-2007, 05:59 AM

ComboScan v20070221.16 run by ourroom on 2007-02-27 at 06:52:29
Computer is in Normal Mode.
--------------------------------------------------------------------------------

Successfully created restore point.
Performed disk cleanup.

-- HijackThis (run as ourroom.exe) ----------------------------------------------

Logfile of HijackThis v1.99.1
Scan saved at 6:53:15 AM, on 2/27/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe
C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe
C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\Program Files\D-Tools\daemon.exe
C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe
C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe
C:\Program Files\WinTV\Ir.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Creative\SBLive 24-Bit External\Entertainment Center\EAXLoadr.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\ourroom\desktop\comboscan.exe
C:\Documents and Settings\ourroom\Desktop\hijackthis\ourroom.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://microsoft.com/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe"
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup
O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll"
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 10\LaunchList.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab
O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: WUSB54Gv42SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv42.exe (file missing)

-- File Associations ------------------------------------------------------------

.bat - batfile - "%1" %*
.chm - chm.file - "C:\WINDOWS\hh.exe" %1
.cmd - cmdfile - "%1" %*
.com - comfile - "%1" %*
.exe - exefile - "%1" %*
.hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1
.inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1
.ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1
.js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %*
.lnk - lnkfile - {00021401-0000-0000-C000-000000000046}
.pif - piffile - "%1" %*
.reg - regfile - regedit.exe "%1"
.scr - scrfile - "%1" /S
.txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1
.vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %*

-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ----------------------

2R AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.3.0) - C:\WINDOWS\system32\drivers\AegisP.sys
3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys
1R AVG Anti-Spyware Driver - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys
1R AvgAsCln (AVG Anti-Spyware Clean Driver) - C:\WINDOWS\system32\drivers\AvgAsCln.sys
3S CCDECODE (Closed Caption Decoder) - C:\WINDOWS\system32\drivers\CCDECODE.sys
3R ctsfm2k (Creative SoundFont Management Device Driver) - C:\WINDOWS\system32\drivers\ctsfm2k.sys
0R d347bus - C:\WINDOWS\system32\drivers\d347bus.sys
0R d347prt - C:\WINDOWS\system32\drivers\d347prt.sys
3R HCWBT8xx (Hauppauge WinTV 848/9 WDM Video Driver) - C:\WINDOWS\system32\drivers\HCWBT8XX.sys
3R hidusb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys
1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys
1S kbdhid (Keyboard HID Driver) - C:\WINDOWS\system32\drivers\kbdhid.sys
0R kl1 - C:\WINDOWS\system32\drivers\kl1.sys
1R klif - C:\WINDOWS\system32\drivers\klif.sys
3R MarvinBus (Pinnacle Marvin Bus) - C:\WINDOWS\system32\drivers\MarvinBus.sys
3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys
3S MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - C:\WINDOWS\system32\drivers\MSTEE.sys
3S NABTSFEC (NABTS/FEC VBI Codec) - C:\WINDOWS\system32\drivers\NABTSFEC.sys
3S NdisIP (Microsoft TV/Video Connection) - C:\WINDOWS\system32\drivers\NdisIP.sys
3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys
3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys
0R ohci1394 (OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys
3R ossrv (Creative OS Services Driver) - C:\WINDOWS\system32\drivers\ctoss2k.sys
1R PCLEPCI - C:\WINDOWS\system32\drivers\Pclepci.sys
3R pfc (Padus ASPI Shell) - C:\WINDOWS\system32\drivers\pfc.sys
3R sbusb (Sound Blaster USB Audio Driver) - C:\WINDOWS\system32\drivers\sbusb.sys
3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\SLIP.sys
3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\StreamIP.sys
3S usbaudio (USB Audio Driver (WDM)) - C:\WINDOWS\system32\drivers\usbaudio.sys
3R usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\system32\drivers\usbccgp.sys
3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys
3R usbstor (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\usbstor.sys
3S WSTCODEC (World Standard Teletext Codec) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS
3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys
3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys
3R WUSB54GPV4SRV (Linksys Home Wireless-G USB Adaptor Driver) - C:\WINDOWS\system32\drivers\rt2500usb.sys
3R GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - C:\WINDOWS\system32\GTNDIS5.sys

-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

3S Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe"
4S Alerter - C:\WINDOWS\System32\svchost.exe -k LocalService
3R ALG (Application Layer Gateway Service) - C:\WINDOWS\System32\alg.exe
4S AppMgmt (Application Management) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R AudioSrv (Windows Audio) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
2R AVP (Kaspersky Anti-Virus 6.0) - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r
3S BITS (Background Intelligent Transfer Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2S Browser (Computer Browser) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S CiSvc (Indexing Service) - C:\WINDOWS\system32\cisvc.exe
4S ClipSrv (ClipBook) - C:\WINDOWS\system32\clipsrv.exe
3S COMSysApp (COM+ System Application) - C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235}
2R Creative Service for CDROM Access - C:\WINDOWS\system32\CTsvcCDA.exe
2R CryptSvc (Cryptographic Services) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R DcomLaunch (DCOM Server Process Launcher) - C:\WINDOWS\system32\svchost -k DcomLaunch
2R Dhcp (DHCP Client) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S dmadmin (Logical Disk Manager Administrative Service) - C:\WINDOWS\System32\dmadmin.exe /com
3S dmserver (Logical Disk Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Dnscache (DNS Client) - C:\WINDOWS\System32\svchost.exe -k NetworkService
2R ERSvc (Error Reporting Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Eventlog (Event Log) - C:\WINDOWS\system32\services.exe
3R EventSystem (COM+ Event System) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R FastUserSwitchingCompatibility (Fast User Switching Compatibility) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R helpsvc (Help and Support) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R HidServ (HID Input Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S HTTPFilter (HTTP SSL) - C:\WINDOWS\System32\svchost.exe -k HTTPFilter
3S ImapiService (IMAPI CD-Burning COM Service) - C:\WINDOWS\System32\imapi.exe
2R lanmanserver (Server) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R lanmanworkstation (Workstation) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R LmHosts (TCP/IP NetBIOS Helper) - C:\WINDOWS\System32\svchost.exe -k LocalService
4S Messenger - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S mnmsrvc (NetMeeting Remote Desktop Sharing) - C:\WINDOWS\System32\mnmsrvc.exe
3S MSDTC (Distributed Transaction Coordinator) - C:\WINDOWS\System32\msdtc.exe
3S MSIServer (Windows Installer) - C:\WINDOWS\system32\msiexec.exe /V
3S NBService - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
4S NetDDE (Network DDE) - C:\WINDOWS\system32\netdde.exe
4S NetDDEdsdm (Network DDE DSDM) - C:\WINDOWS\system32\netdde.exe
3S Netlogon (Net Logon) - C:\WINDOWS\System32\lsass.exe
3R Netman (Network Connections) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R Nla (Network Location Awareness (NLA)) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S NtLmSsp (NT LM Security Support Provider) - C:\WINDOWS\System32\lsass.exe
3S NtmsSvc (Removable Storage) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R PlugPlay (Plug and Play) - C:\WINDOWS\system32\services.exe
2R PolicyAgent (IPSEC Services) - C:\WINDOWS\System32\lsass.exe
2R ProtectedStorage (Protected Storage) - C:\WINDOWS\system32\lsass.exe
3S RasAuto (Remote Access Auto Connection Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S RasMan (Remote Access Connection Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S RDSessMgr (Remote Desktop Help Session Manager) - C:\WINDOWS\system32\sessmgr.exe
4S RemoteAccess (Routing and Remote Access) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S RpcLocator (Remote Procedure Call (RPC) Locator) - C:\WINDOWS\System32\locator.exe
2R RpcSs (Remote Procedure Call (RPC)) - C:\WINDOWS\system32\svchost -k rpcss
3S RSVP (QoS RSVP) - C:\WINDOWS\System32\rsvp.exe
2R SamSs (Security Accounts Manager) - C:\WINDOWS\system32\lsass.exe
3S SCardSvr (Smart Card) - C:\WINDOWS\System32\SCardSvr.exe
2R Schedule (Task Scheduler) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R seclogon (Secondary Logon) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R SENS (System Event Notification) - C:\WINDOWS\system32\svchost.exe -k netsvcs
2R SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R ShellHWDetection (Shell Hardware Detection) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R Spooler (Print Spooler) - C:\WINDOWS\system32\spoolsv.exe
2R srservice (System Restore Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R SSDPSRV (SSDP Discovery Service) - C:\WINDOWS\System32\svchost.exe -k LocalService
3S stisvc (Windows Image Acquisition (WIA)) - C:\WINDOWS\System32\svchost.exe -k imgsvc
3S SwPrv (MS Software Shadow Copy Provider) - C:\WINDOWS\System32\dllhost.exe /Processid:{076B68ED-8FBA-44CF-A42D-89CE76D0729A}
3S SysmonLog (Performance Logs and Alerts) - C:\WINDOWS\system32\smlogsvc.exe
3S TapiSrv (Telephony) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3R TermService (Terminal Services) - C:\WINDOWS\System32\svchost -k DComLaunch
2R Themes - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R TrkWks (Distributed Link Tracking Client) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S upnphost (Universal Plug and Play Device Host) - C:\WINDOWS\System32\svchost.exe -k LocalService
3S UPS (Uninterruptible Power Supply) - C:\WINDOWS\System32\ups.exe
3S VSS (Volume Shadow Copy) - C:\WINDOWS\System32\vssvc.exe
2R W32Time (Windows Time) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R WebClient - C:\WINDOWS\System32\svchost.exe -k LocalService
2R winmgmt (Windows Management Instrumentation) - C:\WINDOWS\system32\svchost.exe -k netsvcs
3S WmdmPmSN (Portable Media Serial Number Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S WmiApSrv (WMI Performance Adapter) - C:\WINDOWS\System32\wbem\wmiapsrv.exe
3S WMPNetworkSvc (Windows Media Player Network Sharing Service) - "C:\Program Files\Windows Media Player\WMPNetwk.exe"
2R wscsvc (Security Center) - C:\WINDOWS\System32\svchost.exe -k netsvcs
2R wuauserv (Automatic Updates) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S WudfSvc (Windows Driver Foundation - User-mode Driver Framework) - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
2R WUSB54Gv42SVC - "C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv42.exe"
2S WZCSVC (Wireless Zero Configuration) - C:\WINDOWS\System32\svchost.exe -k netsvcs
3S xmlprov (Network Provisioning Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs

-- Files created between 2007-01-27 and 2007-02-27 ------------------------------

2007-02-26 06:53:05 0 d-------- C:\Documents and Settings\ourroom\DoctorWeb<DOCTOR~1>
2007-02-25 19

55 286720 --a------ C:\WINDOWS\system32\hcwzblast.dll<HCWZBL~1.DLL>
2007-02-25 19

55 65603 --a------ C:\WINDOWS\system32\hcwIRblast.dll<HCWIRB~1.DLL>
2007-02-25 19:01:15 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL
2007-02-25 19:01:02 524353 --a------ C:\WINDOWS\system32\HCWTVWND.dll
2007-02-25 19:01:02 11264 --a------ C:\WINDOWS\system32\hcwhook.dll
2007-02-25 19:01:02 90174 --a------ C:\WINDOWS\system32\bt848wst.dll
2007-02-25 19:00:56 106559 --a------ C:\WINDOWS\system32\Hcwtvdlg.dll
2007-02-25 19:00:50 393216 --a------ C:\WINDOWS\system32\hcwsnbd9.dll
2007-02-25 19:00:50 69632 --a------ C:\WINDOWS\system32\hcwsched.dll
2007-02-25 19:00:50 229432 --a------ C:\WINDOWS\system32\hcwpnp32.dll
2007-02-25 19:00:50 94264 --a------ C:\WINDOWS\system32\hcwi2c32.dll
2007-02-25 19:00:50 213050 --a------ C:\WINDOWS\system32\Hcwchan.dll
2007-02-25 19:00:50 65536 --a------ C:\WINDOWS\system32\dmcrypto.dll
2007-02-25 19:00:50 12288 --a------ C:\WINDOWS\system32\btgpio32.dll
2007-02-25 18:59:51 5504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-02-25 18:59:42 10880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-02-25 18:59:36 15360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-02-25 18:59:30 11136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-02-25 18:59:24 19328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-02-25 18:58:36 85376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-02-25 18:58:31 17024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-02-25 18:57:39 36921 -----n--- C:\WINDOWS\system32\hcwutl32.dll
2007-02-25 18:57:39 472644 -ra------ C:\WINDOWS\system32\drivers\HCWBT8XX.sys
2007-02-25 18:57:31 53760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-02-25 18:47:45 0 d-------- C:\Documents and Settings\ourroom\Application Data\InterTrust<INTERT~1>
2007-02-25 18:44:05 306688 --a------ C:\WINDOWS\IsUninst.exe
2007-02-25 18:27:32 0 d-------- C:\Documents and Settings\ourroom\Application Data\Real
2007-02-25 18:26:26 0 --a------ C:\WINDOWS\mozver.dat
2007-02-25 18:17:40 89088 --a------ C:\WINDOWS\system32\atl71.dll
2007-02-25 18:17:39 84992 --a------ C:\WINDOWS\system32\ATL70.DLL
2007-02-25 18:03:19 171008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys<MARVIN~1.SYS>
2007-02-25 18:00:34 0 d-------- C:\Documents and Settings\ourroom\Application Data\Sun
2007-02-25 17:57:09 344064 --a------ C:\WINDOWS\system32\msvcr70.dll
2007-02-25 17:57:08 487424 --a------ C:\WINDOWS\system32\MSVCP70.DLL
2007-02-25 17:57:08 54784 --a------ C:\WINDOWS\system32\MSVCI70.DLL
2007-02-25 17:57:07 1047552 --a------ C:\WINDOWS\system32\MFC71u.dll
2007-02-25 17:57:07 49152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2007-02-25 17:57:07 49152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2007-02-25 17:57:06 61440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2007-02-25 17:57:06 61440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL
2007-02-25 17:57:06 61440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2007-02-25 17:57:06 57344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2007-02-25 17:57:06 65536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2007-02-25 17:57:06 45056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2007-02-25 17:57:05 40960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2007-02-25 17:57:04 964608 --a------ C:\WINDOWS\system32\MFC70U.DLL
2007-02-25 17:57:04 974848 --a------ C:\WINDOWS\system32\MFC70.DLL
2007-02-25 17:46:51 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Pinnacle Studio<PINNAC~1>
2007-02-25 17:45:58 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Pinnacle
2007-02-25 17:45:29 14165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2007-02-25 14:51:13 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Ahead
2007-02-25 14:31:58 41984 -----n--- C:\WINDOWS\Ctregrun.exe
2007-02-25 14:29:22 25088 -----n--- C:\WINDOWS\system32\CTSVCCTL.EXE
2007-02-25 14:29:22 44032 -----n--- C:\WINDOWS\system32\CTSVCCDA.EXE
2007-02-25 14:27:33 90112 -----n--- C:\WINDOWS\Updreg.EXE
2007-02-25 14:26:28 20480 --a------ C:\WINDOWS\INRES.DLL
2007-02-25 14:24:28 0 d-------- C:\Documents and Settings\ourroom\Application Data\Creative
2007-02-25 14:24:26 77824 -----n--- C:\WINDOWS\system32\ctdvda32.dll
2007-02-25 11:51:46 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero
2007-02-25 11:33:52 2494464 --a------ C:\WINDOWS\system32\advrcntr2.dll<ADVRCN~1.DLL>
2007-02-25 11:32:49 2494464 --a------ C:\WINDOWS\system\advrcntr2.dll<ADVRCN~1.DLL>
2007-02-25 11:26:34 0 d-------- C:\Documents and Settings\ourroom\Application Data\Ahead
2007-02-25 11:21:04 0 d-------- C:\Program Files\Common Files\Nero
2007-02-25 11:18:19 24064 -----n--- C:\WINDOWS\system32\msxml3a.dll
2007-02-25 11:17:19 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ahead
2007-02-25 11:17:08 0 d-------- C:\Program Files\Ahead
2007-02-25 09:41:11 5248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys
2007-02-25 09:41:11 155136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys
2007-02-25 09:41:08 0 d-------- C:\Program Files\D-Tools
2007-02-25 07:26:53 0 d-------- C:\Documents and Settings\ourroom\Application Data\Azureus
2007-02-25 07:26:38 0 d-------- C:\Program Files\Azureus
2007-02-24 11:36:32 0 d-------- C:\WINDOWS\BDOSCAN8
2007-02-24 11:35:32 0 d---s---- C:\Documents and Settings\ourroom\UserData
2007-02-24 06:26:51 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-02-24 06:21:40 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg7
2007-02-23 09:47:01 20016 -----n--- C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-02-23 09:35:37 221184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-02-23 09:31:22 262144 --a------ C:\Documents and Settings\All Users.WINDOWS\ntuser.dat
2007-02-23 09:20:37 0 d-------- C:\Documents and Settings\ourroom\Application Data\Lavasoft
2007-02-23 09:00:08 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat
2007-02-23 09:00:08 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat
2007-02-23 08:59:50 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab<KASPER~1>
2007-02-23 08:59:47 166432 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-02-23 08:59:47 6417184 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-02-23 06:45:22 0 d-------- C:\bintheredunthat<BINTHE~1>
2007-02-23 06:39:34 397312 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT
2007-02-23 06:28:49 106 --a------ C:\delete.bat
2007-02-23 06:16:31 0 d-------- C:\VundoFix Backups<VUNDOF~1>
2007-02-23 06:14:52 0 d-------- C:\SDFix
2007-02-23 06:10:05 0 d-------- C:\bfu
2007-02-22 21:13:53 0 d-------- C:\Documents and Settings\ourroom\Shared
2007-02-22 21:13:51 0 d-------- C:\Documents and Settings\ourroom\Incomplete<INCOMP~1>
2007-02-22 21:13:35 0 d-------- C:\Documents and Settings\ourroom\Application Data\LimeWire
2007-02-22 20:49:11 0 d-------- C:\Documents and Settings\ourroom\Application Data\SmartFTP
2007-02-22 20:10:58 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe Systems<ADOBES~1>
2007-02-22 20:09:14 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2007-02-22 20:04:41 0 d-------- C:\Documents and Settings\ourroom\Application Data\Adobe
2007-02-22 19:45:11 0 d-------- C:\WINDOWS\system32\QuickTime<QUICKT~1>
2007-02-22 19:25:55 0 d-------- C:\Documents and Settings\ourroom\Application Data\WinRAR
2007-02-22 19:23:02 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage<WINDOW~1>
2007-02-22 19:10:31 0 --a------ C:\WINDOWS\nsreg.dat
2007-02-22 19:04:04 0 d-------- C:\WINDOWS\Prefetch
2007-02-22 18:58:07 9216 -----n--- C:\WINDOWS\system32\proxycfg.exe
2007-02-22 18:58:07 59392 -----n--- C:\WINDOWS\system32\logman.exe
2007-02-22 18:58:02 63488 -----n--- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-02-22 18:58:02 31744 -----n--- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-02-22 18:58:02 73216 -----n--- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-02-22 18:58:02 13824 -----n--- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-02-22 18:58:02 28672 -----n--- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-02-22 18:58:02 104960 -----n--- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-02-22 18:58:02 52224 -----n--- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-02-22 18:58:02 14336 -----n--- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-02-22 18:58:02 13824 -----n--- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-02-22 18:58:02 57856 -----n--- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-02-22 18:58:02 701440 -----n--- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-02-22 18:58:02 327040 -----n--- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-02-22 18:58:02 34735 -----n--- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-02-22 18:58:02 29455 -----n--- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-02-22 18:58:02 36463 -----n--- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-02-22 18:58:02 21343 -----n--- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-02-22 18:58:02 26367 -----n--- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-02-22 18:58:02 63663 -----n--- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-02-22 18:58:02 30671 -----n--- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-02-22 18:58:02 12047 -----n--- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-02-22 18:58:02 11615 -----n--- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-02-22 18:58:02 56623 -----n--- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-02-22 18:58:02 43008 -----n--- C:\WINDOWS\system32\drivers\amdagp.sys
2007-02-22 18:58:02 42752 -----n--- C:\WINDOWS\system32\drivers\alim1541.sys
2007-02-22 18:58:02 44928 -----n--- C:\WINDOWS\system32\drivers\agpcpq.sys
2007-02-22 18:58:02 42368 -----n--- C:\WINDOWS\system32\drivers\agp440.sys
2007-02-22 18:58:02 3775 -----n--- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-02-22 18:58:02 3711 -----n--- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-02-22 18:58:02 3135 -----n--- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-02-22 18:58:02 3647 -----n--- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-02-22 18:58:02 3615 -----n--- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-02-22 18:58:02 3967 -----n--- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-02-22 18:58:02 4255 -----n--- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-02-22 18:58:01 1309184 -----n--- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-02-22 18:58:01 126686 -----n--- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-02-22 18:58:01 15488 -----n--- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-02-22 18:58:01 11868 -----n--- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-02-22 18:58:01 29056 -----n--- C:\WINDOWS\system32\drivers\ip6fw.sys
2007-02-22 18:58:01 36096 -----n--- C:\WINDOWS\system32\drivers\intelppm.sys
2007-02-22 18:58:01 262784 -----n--- C:\WINDOWS\system32\drivers\http.sys
2007-02-22 18:58:01 1041536 -----n--- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-02-22 18:58:01 685056 -----n--- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-02-22 18:58:01 220032 -----n--- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-02-22 18:58:01 15104 -----n--- C:\WINDOWS\system32\drivers\hidir.sys
2007-02-22 18:58:01 25600 -----n--- C:\WINDOWS\system32\drivers\hidbth.sys
2007-02-22 18:58:01 46464 -----n--- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-02-22 18:58:01 128896 -----n--- C:\WINDOWS\system32\drivers\fltmgr.sys
2007-02-22 18:58:01 15423 -----n--- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-02-22 18:58:01 18944 -----n--- C:\WINDOWS\system32\drivers\bthusb.sys
2007-02-22 18:58:01 35456 -----n--- C:\WINDOWS\system32\drivers\bthprint.sys
2007-02-22 18:58:01 274304 -----n--- C:\WINDOWS\system32\drivers\bthport.sys
2007-02-22 18:58:01 100992 -----n--- C:\WINDOWS\system32\drivers\bthpan.sys
2007-02-22 18:58:01 38016 -----n--- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-02-22 18:58:01 17024 -----n--- C:\WINDOWS\system32\drivers\bthenum.sys
2007-02-22 18:58:01 17279 -----n--- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-02-22 18:58:01 14143 -----n--- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-02-22 18:58:01 25471 -----n--- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-02-22 18:58:01 11359 -----n--- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-02-22 18:58:01 21183 -----n--- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-02-22 18:58:00 78464 -----n--- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-02-22 18:58:00 12672 -----n--- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-02-22 18:58:00 44672 -----n--- C:\WINDOWS\system32\drivers\uagp35.sys
2007-02-22 18:58:00 6016 -----n--- C:\WINDOWS\system32\drivers\smbali.sys
2007-02-22 18:58:00 13240 -----n--- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-02-22 18:58:00 95424 -----n--- C:\WINDOWS\system32\drivers\slnthal.sys
2007-02-22 18:58:00 404990 -----n--- C:\WINDOWS\system32\drivers\slntamr.sys
2007-02-22 18:58:00 129535 -----n--- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-02-22 18:58:00 41088 -----n--- C:\WINDOWS\system32\drivers\sisagp.sys
2007-02-22 18:58:00 3901 -----n--- C:\WINDOWS\system32\drivers\siint5.dll
2007-02-22 18:58:00 10240 -----n--- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-02-22 18:58:00 11136 -----n--- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-02-22 18:58:00 67584 -----n--- C:\WINDOWS\system32\drivers\sdbus.sys
2007-02-22 18:58:00 166912 -----n--- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-02-22 18:58:00 30080 -----n--- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-02-22 18:58:00 59648 -----n--- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-02-22 18:58:00 13776 -----n--- C:\WINDOWS\system32\drivers\recagent.sys
2007-02-22 18:58:00 1897408 -----n--- C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-02-22 18:58:00 180360 -----n--- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-02-22 18:58:00 12672 -----n--- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-02-22 18:58:00 452736 -----n--- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-02-22 18:57:59 25471 -----n--- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-02-22 18:57:59 22271 -----n--- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-02-22 18:57:59 11935 -----n--- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-02-22 18:57:59 11871 -----n--- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-02-22 18:57:59 11295 -----n--- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-02-22 18:57:59 11807 -----n--- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-02-22 18:57:59 13568 -----n--- C:\WINDOWS\system32\drivers\wacompen.sys
2007-02-22 18:57:59 42240 -----n--- C:\WINDOWS\system32\drivers\viaagp.sys
2007-02-22 18:57:59 11325 -----n--- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-02-22 18:57:59 13824 -----n--- C:\WINDOWS\system32\cmsetacl.dll
2007-02-22 18:57:59 50688 -----n--- C:\WINDOWS\system32\btpanui.dll
2007-02-22 18:57:59 30208 -----n--- C:\WINDOWS\system32\bthserv.dll
2007-02-22 18:57:59 20992 -----n--- C:\WINDOWS\system32\bthci.dll
2007-02-22 18:57:59 71680 -----n--- C:\WINDOWS\system32\blastcln.exe
2007-02-22 18:57:59 7168 -----n--- C:\WINDOWS\system32\bitsprx3.dll
2007-02-22 18:57:59 8192 -----n--- C:\WINDOWS\system32\bitsprx2.dll
2007-02-22 18:57:59 14336 -----n--- C:\WINDOWS\system32\auditusr.exe
2007-02-22 18:57:59 516768 -----n--- C:\WINDOWS\system32\ativvaxx.dll
2007-02-22 18:57:59 32768 -----n--- C:\WINDOWS\system32\ativtmxx.dll
2007-02-22 18:57:59 1888992 -----n--- C:\WINDOWS\system32\ati3duag.dll
2007-02-22 18:57:59 870784 -----n--- C:\WINDOWS\system32\ati3d1ag.dll
2007-02-22 18:57:59 201728 -----n--- C:\WINDOWS\system32\ati2dvag.dll
2007-02-22 18:57:59 377984 -----n--- C:\WINDOWS\system32\ati2dvaa.dll
2007-02-22 18:57:59 229376 -----n--- C:\WINDOWS\system32\ati2cqag.dll
2007-02-22 18:57:58 81920 -----n--- C:\WINDOWS\system32\ieencode.dll
2007-02-22 18:57:58 24576 -----n--- C:\WINDOWS\system32\httpapi.dll
2007-02-22 18:57:58 32285 -----n--- C:\WINDOWS\system32\hsfcisp2.dll
2007-02-22 18:57:58 60416 -----n--- C:\WINDOWS\system32\fwcfg.dll
2007-02-22 18:57:58 193024 -----n--- C:\WINDOWS\system32\fsquirt.exe
2007-02-22 18:57:58 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-02-22 18:57:58 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-02-22 18:57:58 2113536 -----n--- C:\WINDOWS\system32\dxdiagn.dll
2007-02-22 18:57:58 1689088 -----n--- C:\WINDOWS\system32\d3d9.dll
2007-02-22 18:57:57 86016 -----n--- C:\WINDOWS\system32\mdmxsdk.dll
2007-02-22 18:57:57 7168 -----n--- C:\WINDOWS\system32\kbdukx.dll
2007-02-22 18:57:57 7680 -----n--- C:\WINDOWS\system32\kbdsmsno.dll
2007-02-22 18:57:57 7680 -----n--- C:\WINDOWS\system32\kbdsmsfi.dll
2007-02-22 18:57:57 7168 -----n--- C:\WINDOWS\system32\kbdno1.dll
2007-02-22 18:57:57 6144 -----n--- C:\WINDOWS\system32\kbdmlt48.dll
2007-02-22 18:57:57 6144 -----n--- C:\WINDOWS\system32\kbdmlt47.dll
2007-02-22 18:57:57 5632 -----n--- C:\WINDOWS\system32\kbdmaori.dll
2007-02-22 18:57:57 6656 -----n--- C:\WINDOWS\system32\kbdinmal.dll
2007-02-22 18:57:57 6656 -----n--- C:\WINDOWS\system32\kbdinben.dll
2007-02-22 18:57:57 6144 -----n--- C:\WINDOWS\system32\kbdinbe1.dll
2007-02-22 18:57:57 7168 -----n--- C:\WINDOWS\system32\kbdfi1.dll
2007-02-22 18:57:56 1737856 -----n--- C:\WINDOWS\system32\mtxparhd.dll
2007-02-22 18:57:56 27136 -----n--- C:\WINDOWS\system32\mspmsnsv.dll
2007-02-22 18:57:56 118784 -----n--- C:\WINDOWS\system32\msdadiag.dll
2007-02-22 18:57:56 4096 -----n--- C:\WINDOWS\system32\MP4SDMOD.dll
2007-02-22 18:57:56 4096 -----n--- C:\WINDOWS\system32\MP43DMOD.dll
2007-02-22 18:57:55 49152 -----n--- C:\WINDOWS\system32\powercfg.exe
2007-02-22 18:57:55 48640 -----n--- C:\WINDOWS\system32\pnrpnsp.dll
2007-02-22 18:57:55 526848 -----n--- C:\WINDOWS\system32\p2psvc.dll
2007-02-22 18:57:55 88064 -----n--- C:\WINDOWS\system32\p2pnetsh.dll
2007-02-22 18:57:55 312320 -----n--- C:\WINDOWS\system32\p2pgraph.dll
2007-02-22 18:57:55 86016 -----n--- C:\WINDOWS\system32\p2pgasvc.dll
2007-02-22 18:57:55 116224 -----n--- C:\WINDOWS\system32\p2p.dll
2007-02-22 18:57:55 4274816 -----n--- C:\WINDOWS\system32\nv4_disp.dll
2007-02-22 18:57:54 15872 -----n--- C:\WINDOWS\system32\w3ssl.dll
2007-02-22 18:57:54 44032 -----n--- C:\WINDOWS\system32\twext.dll
2007-02-22 18:57:54 75776 -----n--- C:\WINDOWS\system32\strmfilt.dll
2007-02-22 18:57:54 8192 -----n--- C:\WINDOWS\system32\smbinst.exe
2007-02-22 18:57:54 73796 -----n--- C:\WINDOWS\system32\slserv.exe
2007-02-22 18:57:54 32866 -----n--- C:\WINDOWS\system32\slrundll.exe
2007-02-22 18:57:54 188508 -----n--- C:\WINDOWS\system32\slgen.dll
2007-02-22 18:57:54 286792 -----n--- C:\WINDOWS\system32\slextspk.dll
2007-02-22 18:57:54 73832 -----n--- C:\WINDOWS\system32\slcoinst.dll
2007-02-22 18:57:54 29184 -----n--- C:\WINDOWS\system32\sdhcinst.dll
2007-02-22 18:57:54 397056 -----n--- C:\WINDOWS\system32\s3gnb.dll
2007-02-22 18:57:53 603648 -----n--- C:\WINDOWS\system32\WMSPDMOD.dll
2007-02-22 18:57:53 4096 -----n--- C:\WINDOWS\system32\wmsdmoe2.dll
2007-02-22 18:57:53 314880 -----n--- C:\WINDOWS\system32\wmpdxm.dll
2007-02-22 18:57:53 242688 -----n--- C:\WINDOWS\system32\wmpasf.dll
2007-02-22 18:57:53 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2007-02-22 18:57:53 227328 -----n--- C:\WINDOWS\system32\wmerror.dll
2007-02-22 18:57:53 17408 -----n--- C:\WINDOWS\system32\winshfhc.dll
2007-02-22 18:57:52 172312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-02-22 18:57:52 465176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-02-22 18:57:52 108032 -----n--- C:\WINDOWS\system32\wshbth.dll
2007-02-22 18:57:52 81408 -----n--- C:\WINDOWS\system32\wscsvc.dll
2007-02-22 18:57:52 13824 -----n--- C:\WINDOWS\system32\wscntfy.exe
2007-02-22 18:57:52 4096 -----n--- C:\WINDOWS\system32\wmvdmoe2.dll
2007-02-22 18:57:52 1329152 -----n--- C:\WINDOWS\system32\WMSPDMOE.dll
2007-02-22 18:57:51 438784 -----n--- C:\WINDOWS\system32\xpob2res.dll
2007-02-22 18:57:51 50176 -----n--- C:\WINDOWS\system32\xmlprovi.dll
2007-02-22 18:57:51 129536 -----n--- C:\WINDOWS\system32\xmlprov.dll
2007-02-22 18:57:51 173536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-02-22 18:57:51 41240 --a------ C:\WINDOWS\system32\wups.dll
2007-02-22 18:57:51 127256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-02-22 18:57:51 194328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-02-22 18:57:51 32866 -----n--- C:\WINDOWS\slrundll.exe
2007-02-22 18:50:55 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-02-22 18:40:08 20747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys
2007-02-22 18:40:07 374752 --a------ C:\WINDOWS\system32\WUSBGXP.sys
2007-02-22 18:40:07 339488 --a------ C:\WINDOWS\system32\WUSB20XP.sys
2007-02-22 18:40:07 245376 --a------ C:\WINDOWS\system32\rt2500usb.sys<RT2500~1.SYS>
2007-02-22 18:40:07 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll
2007-02-22 18:40:07 15872 --a------ C:\WINDOWS\system32\GTNDIS5.sys
2007-02-22 18:40:04 17992 --a------ C:\WINDOWS\system32\drivers\bcm42rly.sys
2007-02-22 18:40:04 17992 --a------ C:\WINDOWS\system32\bcm42rly.sys
2007-02-22 18:31:11 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-02-22 18:31:10 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-02-22 18:31:08 52864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2007-02-22 18:31:07 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-02-22 18:31:06 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-02-22 18:31:04 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-02-22 18:31:03 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-02-22 18:31:02 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-02-22 18:30:50 7552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2007-02-22 18:30:48 4992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2007-02-22 18:30:47 5376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2007-02-22 18:30:44 4096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-02-22 18:30:43 59264 --a------ C:\WINDOWS\system32\drivers\usbaudio.sys
2007-02-22 18:30:42 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-02-22 18:30:42 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-02-22 18:24:10 2359296 --ah----- C:\Documents and Settings\ourroom\NTUSER.DAT
2007-02-22 18:22:27 229376 --ah----- C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT
2007-02-22 18:22:26 229376 --ah----- C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT
2007-02-22 18:16:58 229376 ---h----- C:\Documents and Settings\Default User.WINDOWS\NTUSER.DAT
2007-02-22 18:13:49 24576 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-02-22 18:12:06 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-02-22 18:11:10 0 d--hs---- C:\Documents and Settings\All Users.WINDOWS\DRM
2007-02-22 18:09:51 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-02-22 18:09:51 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-02-22 18:09:51 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-02-22 18:09:51 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-02-22 18:09:51 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-02-22 18:09:43 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-02-22 18:09:43 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-02-22 18:09:43 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-02-22 18:09:43 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-02-22 18:09:42 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-02-22 18:09:41 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-02-22 18:09:41 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-02-22 18:09:41 65536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-02-22 18:09:41 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-02-22 18:09:41 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-02-22 18:09:38 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-02-22 18:09:38 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-02-22 18:09:34 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-02-22 18:09:33 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-02-22 18:09:33 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-02-22 18:09:33 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-02-22 18:09:33 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-02-22 18:09:33 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-02-22 18:09:33 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-02-22 18:09:33 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-02-22 18:09:33 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-02-22 18:09:33 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-02-22 18:09:32 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-02-22 18:09:32 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-02-22 18:09:32 274944 --a------ C:\WINDOWS\system32\mstask.dll
2007-02-22 18:09:32 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-02-22 18:09:20 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-02-22 18:08:12 5632 --a------ C:\WINDOWS\system32\write.exe
2007-02-22 18:08:06 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-02-22 18:08:06 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-02-22 18:08:06 347136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-02-22 18:08:06 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-02-22 18:08:05 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-02-22 18:08:05 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-02-22 18:08:05 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-02-22 18:08:05 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-02-22 18:08:05 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-02-22 18:07:59 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-02-22 18:07:59 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-02-22 18:07:59 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-02-22 18:07:58 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-02-22 18:07:58 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-02-22 18:07:58 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-02-22 18:07:58 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-02-22 18:07:58 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-02-22 18:07:58 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-02-22 18:07:57 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-02-22 18:07:57 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-02-22 18:07:57 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-02-22 18:07:57 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-02-22 18:07:57 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-02-22 18:07:57 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-02-22 18:07:57 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-02-22 18:07:57 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-02-22 18:07:57 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-02-22 18:07:57 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-02-22 18:07:57 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-02-22 18:07:57 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-02-22 18:07:57 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-02-22 18:07:57 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-02-22 18:07:57 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-02-22 18:07:57 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-02-22 18:07:56 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-02-22 18:07:56 91136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-02-22 18:07:56 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-02-22 18:07:56 956416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-02-22 18:07:56 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-02-22 18:07:56 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-02-22 18:07:56 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-02-22 18:07:55 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-02-22 18:07:55 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-02-22 18:07:54 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-02-22 18:07:54 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-02-22 18:07:54 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-02-22 18:07:54 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-02-22 18:07:54 97792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-02-22 18:07:54 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-02-22 18:07:54 60416 --a------ C:\WINDOWS\system32\colbact.dll
2007-02-22 18:07:54 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-02-22 18:07:54 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-02-22 18:07:54 225792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-02-22 18:07:53 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-02-22 18:07:53 498688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-02-22 18:07:47 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-02-22 18:07:47 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-02-22 18:07:47 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-02-22 18:07:47 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-02-22 18:07:47 185344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-02-22 18:07:46 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-02-22 18:07:46 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-02-22 18:07:46 124184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-02-22 18:07:46 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-02-22 18:07:46 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-02-22 18:07:46 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-02-22 18:07:45 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-02-22 18:07:45 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-02-22 18:07:45 295424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-02-22 18:07:45 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-02-22 18:07:45 60416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-02-22 18:07:45 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-02-22 18:07:45 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-02-22 18:07:45 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-02-22 18:07:45 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-02-22 18:07:45 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-02-22 18:07:45 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-02-22 18:07:44 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-02-22 18:07:44 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-02-22 18:07:44 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-02-22 18:07:44 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-02-22 18:07:44 625152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-02-22 18:07:43 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-02-22 18:07:41 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-02-22 18:07:36 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-02-22 18:07:36 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-02-22 13:37:34 0 d-------- C:\068f143c3f22844b0d1240e523037b<068F14~1>
2007-02-22 11:53:45 0 d-------- C:\Program Files\s?stem
2007-02-22 11:52:16 0 d-------- C:\ffd38e13e662ce6d2c83768d99e805fd<FFD38E~1>
2007-02-22 11:34:49 0 d-------- C:\Program Files\Registry Mechanic<REGIST~1>
2007-02-22 11:26:13 21504 --a------ C:\WINDOWS\system32\hidserv.dll
2007-02-22 11:25:56 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-02-22 11:25:22 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-02-22 11:25:04 6400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-02-22 11:24:52 5504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2007-02-22 11:24:36 74240 --a------ C:\WINDOWS\system32\usbui.dll
2007-02-22 11:22:54 0 d-------- C:\Documents and Settings\LocalService\Application Data\NetMon
2007-02-22 11:19:51 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-02-22 11:19:51 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-02-22 11:19:51 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-02-22 11:19:50 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-02-22 11:19:49 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-02-22 11:19:48 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-02-22 11:19:48 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-02-22 11:19:48 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-02-22 11:19:48 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-02-22 11:19:48 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-02-22 11:19:48 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-02-22 11:19:48 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-02-22 11:19:46 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-02-22 11:19:46 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-02-22 11:19:46 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-02-22 11:19:46 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-02-22 11:19:46 6144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-02-22 11:19:45 5632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-02-22 11:19:45 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-02-22 11:19:45 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-02-22 11:19:45 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-02-22 11:19:42 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-02-22 11:19:42 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-02-22 11:19:42 85020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-02-22 11:19:42 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-02-22 11:19:41 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-02-22 11:19:41 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-02-22 11:19:41 9008 --a------ C:\WINDOWS\system\VER.DLL
2007-02-22 11:19:41 19200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-02-22 11:19:41 5120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-02-22 11:19:41 24064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-02-22 11:19:41 82944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-02-22 11:19:40 15360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-02-22 11:19:40 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-02-22 11:19:40 68768 --a------ C:\WINDOWS\system\mmsystem.dll
2007-02-22 11:19:40 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-02-22 11:19:40 32816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-02-22 11:19:40 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-02-22 11:19:40 69584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-02-22 11:19:39 8704 --a------ C:\WINDOWS\system32\batt.dll
2007-02-22 11:19:39 69120 --a------ C:\WINDOWS\notepad.exe
2007-02-22 11:19:38 74752 --a------ C:\WINDOWS\system32\storprop.dll
2007-02-22 11:19:27 0 dr------- C:\Documents and Settings\All Users.WINDOWS\Documents<DOCUME~1>
2007-02-22 11:14:21 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Systweak
2007-02-21 21:24:14 0 d-------- C:\8f2399186ff3a900dfb1da8dc820210d<8F2399~1>
2007-02-21 16:33:27 0 d-------- C:\7df1ac5d04c72c2a7d4291a91491<7DF1AC~1>
2007-02-21 12:48:00 0 d-------- C:\Program Files\Common Files\PC Tools<PCTOOL~1>
2007-02-21 08:18:39 0 d-------- C:\WINDOWS\Sytem32
2007-02-20 19:21:36 0 d-------- C:\Program Files\Lavasoft
2007-02-20 18:12:09 0 d-------- C:\Program Files\DiskTrix
2007-02-20 10:32:55 0 d-------- C:\Program Files\Kaspersky Lab<KASPER~1>
2007-02-20 10:32:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab<KASPER~1>
2007-02-20 10:30:35 0 d-------- C:\KAV
2007-02-19 21:27:57 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee
2007-02-19 18:34:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7
2007-02-19 17:14:57 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Uniblue
2007-02-19 13:38:51 0 d-------- C:\Documents and Settings\All Users\Application Data\fssg
2007-02-19 13:37:51 0 d-------- C:\Program Files\F-Secure
2007-02-19 13:09:53 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\GlarySoft<GLARYS~1>
2007-02-19 13:05:13 0 d-------- C:\Program Files\Glary Utilities<GLARYU~1>
2007-02-19 12:26:19 670 --a------ C:\ICSdata.dat
2007-02-19 12:26:03 0 d-------- C:\Program Files\InfoClock Screensaver<INFOCL~1>
2007-02-19 12:26:03 0 d-------- C:\DESfiles
2007-02-17 16:47:55 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1>
2007-02-17 10:14:09 0 d-------- C:\Program Files\Torrent101<TORREN~1>
2007-02-12 11:36:25 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Azureus
2007-02-12 10:24:07 0 d-------- C:\WINDOWS\vbSkinner<VBSKIN~1>
2007-02-12 09:34:53 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\uTorrent
2007-02-12 09:34:49 0 d-------- C:\Program Files\uTorrent
2007-02-06 12:57:56 0 d-------- C:\Program Files\iPod
2007-02-06 12:57:44 0 d-------- C:\Program Files\iTunes
2007-02-03 11:44:48 0 d-------- C:\Program Files\Reallusion<REALLU~1>
2007-02-02 22:49:44 5767168 --a------ C:\Documents and Settings\Dennetts Hardware\ntuser.dat
2007-02-01 18:57:50 0 d-------- C:\Program Files\SmartFTP Client 2.0 Setup Files<SMARTF~1.0SE>
2007-02-01 16:51:09 0 d-------- C:\Program Files\SuperCleaner<SUPERC~1>
2007-01-31 22:05:08 47360 --a------ C:\Documents and Settings\Dennetts Hardware\Application Data\pcouffin.sys
2007-01-31 22:05:08 87608 --a------ C:\Documents and Settings\Dennetts Hardware\Application Data\ezpinst.exe
2007-01-31 22:05:07 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Vso
2007-01-31 22:05:04 0 d-------- C:\Program Files\DVDFab Platinum 3<DVDFAB~1>
2007-01-31 21:34:48 0 d-------- C:\WINDOWS\WBEM
2007-01-31 21:34:46 0 d-------- C:\WINDOWS\system32\en-US
2007-01-31 21:33:08 0 d--h---c- C:\WINDOWS\ie7
2007-01-31 21:30:17 0 d-------- C:\WINDOWS\network diagnostic<NETWOR~1>
2007-01-31 20:19:14 0 d-------- C:\Program Files\FLVPlayer<FLVPLA~1>
2007-01-31 17:31:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2007-01-31 16:11:21 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\BitTorrent<BITTOR~1>
2007-01-31 15:27:31 0 d-------- C:\Program Files\Common Files\Creative
2007-01-31 15:20:03 0 d-------- C:\WINDOWS\system32\Data
2007-01-31 14:56:00 0 d-------- C:\Program Files\Dell Computer<DELLCO~1>
2007-01-31 14:55:42 0 d-------- C:\Program Files\PianoFX
2007-01-31 14:55:06 0 d-------- C:\Program Files\Common Files\Sonic
2007-01-31 14:54:48 0 d-------- C:\WINDOWS\system32\dla
2007-01-31 14:52:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion<YAHOO!~1>
2007-01-31 14:51:59 0 d-------- C:\Documents and Settings\All Users\Application Data\yahoo!
2007-01-31 14:51:52 0 d-------- C:\Program Files\Microsoft Money<MICROS~3>
2007-01-31 13

05 0 d-------- C:\Program Files\SmartFTP Client 2.0<SMARTF~1.0>
2007-01-31 11:59:16 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Ahead
2007-01-31 11:57:04 0 d-------- C:\Program Files\Nero
2007-01-31 11:57:03 0 d-------- C:\Program Files\Common Files\Ahead
2007-01-31 09:44:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems<ADOBES~1>
2007-01-31 09:32:27 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Smart Recorder<SMARTR~1>
2007-01-30 20:15:24 0 d--h----- C:\Program Files\Creative Installation Information<CREATI~1>
2007-01-30 20:11:43 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Creative
2007-01-30 19:54:52 0 d-------- C:\Program Files\Creative
2007-01-29 23:09:14 23196 --a------ C:\WINDOWS\system32\drivers\klop.dat
2007-01-29 23:04:00 200768 --a------ C:\WINDOWS\system32\klogon.dll
2007-01-29 20:05:25 0 d-------- C:\WINDOWS\system32\NtmsData
2007-01-29 17:35:33 0 d-------- C:\WINDOWS\Profiles
2007-01-29 17:35:31 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\InterTrust<INTERT~1>
2007-01-29 17:33:51 0 d-------- C:\WINDOWS\system32\hauppauge<HAUPPA~1>
2007-01-29 17:33:38 0 d-------- C:\MyVideos
2007-01-29 17:33:25 0 d-------- C:\Program Files\WinTV
2007-01-29 17:15:27 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles<NVIEW_~1>
2007-01-29 17:09:01 0 d-------- C:\WINDOWS\nview
2007-01-29 13:19:54 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield<INSTAL~1>
2007-01-29 13:18:05 0 d-------- C:\Program Files\Ulead Systems<ULEADS~1>
2007-01-29 12:38:41 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\WinRAR
2007-01-29 08:49:13 245376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys<RT2500~1.SYS>
2007-01-29 08:48:47 0 d-------- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor<LINKSY~1>
2007-01-29 02:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe

-- Find3M Report ----------------------------------------------------------------

2007-02-26 13

51 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1>
2007-02-25 18:29:07 0 d-------- C:\Program Files\Common Files\Real
2007-02-25 18:28:32 0 d-------- C:\Program Files\Real
2007-02-25 18:19:09 0 d-------- C:\Program Files\DivX
2007-02-25 18:05:07 139 --a------ C:\AUTOEXEC.BAT
2007-02-24 06:21:40 0 d-------- C:\Program Files\Grisoft
2007-02-23 11:40:53 0 d---s---- C:\Documents and Settings\ourroom\Application Data\Microsoft<MICROS~1>
2007-02-23 05:37:26 0 d-------- C:\Program Files\Attitude POSitive<ATTITU~1>
2007-02-23 05:26:11 0 d-------- C:\Program Files\Java
2007-02-22 20:35:09 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1>
2007-02-22 19:53:43 0 d-------- C:\Documents and Settings\ourroom\Application Data\Macromedia<MACROM~1>
2007-02-22 19:50:46 0 d-------- C:\Program Files\Macromedia<MACROM~1>
2007-02-22 19:50:46 0 d-------- C:\Program Files\Common Files\Macromedia<MACROM~1>
2007-02-22 19:10:27 0 d-------- C:\Documents and Settings\ourroom\Application Data\Mozilla
2007-02-22 18:55:36 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-02-22 18:55:23 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-02-22 18:24:25 0 d-------- C:\Documents and Settings\ourroom\Application Data\Identities<IDENTI~1>
2007-02-22 11:19:27 62 --ahs---- C:\Documents and Settings\ourroom\Application Data\desktop.ini
2007-02-21 14:47:20 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-02-20 19:45:24 0 d-------- C:\Program Files\Microsoft ActiveSync<MI3AA1~1>
2007-02-20 19:44:31 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1>
2007-02-20 18:10:58 0 d-------- C:\Program Files\UI
2007-02-20 18:10:58 0 d-------- C:\Program Files\scripts
2007-02-20 18:10:58 0 d-------- C:\Program Files\plugins
2007-02-20 18:10:56 0 d-------- C:\Program Files\Replay7
2007-02-20 18:05:12 0 d-------- C:\Program Files\Data
2007-02-20 18:05:11 0 d-------- C:\Program Files\MainRetail3<MAINRE~1>
2007-02-16 06:46:51 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-02-16 06:46:13 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-02-01 16:11:38 0 d-------- C:\Program Files\MUSICMATCH<MUSICM~1>
2007-02-01 12:14:31 0 d-------- C:\Program Files\LimeWire
2007-01-31 14:03:34 0 d-------- C:\Program Files\Yahoo!
2007-01-30 11:51:16 0 d-------- C:\Program Files\Jasc Software Inc<JASCSO~1>
2007-01-30 11:48:25 0 d-------- C:\Program Files\Hewlett-Packard<HEWLET~1>
2007-01-30 11:45:48 0 d-------- C:\Program Files\Amor SWF to Video Converter<AMORSW~1>
2007-01-29 17:35:31 0 d-------- C:\Program Files\Common Files\Adobe
2007-01-29 13:18:20 0 d-------- C:\Program Files\Common Files\Ulead Systems<ULEADS~1>
2007-01-17 11:02:19 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1>
2007-01-12 10:44:01 0 d-------- C:\Program Files\Luxor Mahjong<LUXORM~1>
2006-12-19 15:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll
2006-12-19 12:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll
2006-11-27 08:54:06 433152 --a------ C:\WINDOWS\system32\riched20.dll
2006-11-27 08:54:06 539136 --a------ C:\WINDOWS\system32\msftedit.dll

-- Registry Dump ----------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""
"SetDefaultMIDI"="MIDIDef.exe"
"Creative MediaSource Go"="\"C:\\Program Files\\Creative\\MediaSource5\\Go\\CTCMSGoU.exe\" /SCB"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\""
"AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"
"DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"RCSystem"="\"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" RCSystem * -Startup"
"AudioDrvEmulator"="\"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" -1 AudioDrvEmulator \"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\Audio Emulator\\AudDrvEm.dll\""
"CTSysVol"="C:\\Program Files\\Creative\\SBLive 24-Bit External\\Surround Mixer\\CTSysVol.exe /r"
"SbUsb AudCtrl"="RunDll32 sbusbdll.dll,RCMonitor"
"UpdReg"="C:\\WINDOWS\\UpdReg.EXE"
"LaunchList"="C:\\Program Files\\Pinnacle\\Studio 10\\LaunchList.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=dword:00000000

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

-- End of ComboScan: finished at 2007-02-27 at 06:56:22 -------------------------

tetonbob · 02-27-2007, 09:22 AM

Hmmm, did you tick the Supplementary Log box, and all boxes below it? If so, Supplementary.txt should have been produced, and opened minimized.

If you didn't, we can do it this way, it will be very quick:

Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK

"%userprofile%\desktop\comboscan.exe" /config

Untick ComboScan Log

Next...

Tick Supplementary Log, and then under that, tick Add/Remove

Click Scan!

When finished, it shall produce a log for you, Supplementary.txt (it will be minimized). Post that log in your next reply.

This folder needs to go:

2007-02-22 11:53:45 0 d-------- C:\Program Files\s?stem

It's quite possibly empty, another one of the Purity Scan folders which emulate legit looking folders.

neonknightmare · 02-27-2007, 04:20 PM

ComboScan v20070221.16 run by ourroom on 2007-02-27 at 17:17:09
Supplementary logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- Add/Remove Programs ----------------------------------------------------------

--> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009
--> "C:\Program Files\Creative\SBLive 24-Bit External\Program\CTZAPXX.exe" SBUSB.INI /S /U /W
--> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
--> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747}
Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll"
Adobe Audition 2.0 --> msiexec /I {01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC}
Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103}
Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Premiere Pro 2.0 --> msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe
Azureus --> C:\Program Files\Azureus\Uninstall.exe
Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove
Creative Software AutoUpdate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove
Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove
DAEMON Tools --> MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0}
Hauppauge English Help Files and Resources --> C:\PROGRA~1\WinTV\UNHLPeng.EXE C:\PROGRA~1\WinTV\WTV2Keng.LOG
Hauppauge WinTV Infrared Remote --> C:\PROGRA~1\WinTV\UNir32.EXE C:\PROGRA~1\WinTV\ir32.LOG
Hauppauge WinTV IR Blaster --> C:\PROGRA~1\WinTV\UNirblst.EXE C:\PROGRA~1\WinTV\IRblast.LOG
Hauppauge WinTV Scheduler --> C:\PROGRA~1\WinTV\SCHEDU~1\UniSched.EXE C:\PROGRA~1\WinTV\SCHEDU~1\INSTALL.LOG
Hauppauge WinTV Soft PVR --> C:\PROGRA~1\WinTV\UNSftPVR.EXE C:\PROGRA~1\WinTV\softpvr.LOG
Hauppauge WinTV Source Selector --> C:\PROGRA~1\WinTV\UNtvsel.EXE C:\PROGRA~1\WinTV\WINTVsel.LOG
Hauppauge WinTV2000 --> C:\PROGRA~1\WinTV\UNTV32.EXE C:\PROGRA~1\WinTV\WINTV2K.LOG
HijackThis 1.99.1 --> C:\Documents and Settings\ourroom\Desktop\hijackthis\HijackThis.exe /uninstall
InfoClock Screensaver 1.6.7 --> "C:\Program Files\InfoClock Screensaver\unins000.exe"
J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110}
J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090}
Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920}
LimeWire PRO 4.13.0 --> "C:\Program Files\LimeWire\uninstall.exe"
Linksys Wireless-G USB Network Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C7EEF2B9-8C16-4A04-B98D-B1A952A47E55}\setup.exe" -l0x9
Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9}
Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F}
Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB}
Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6}
Macromedia Flash Player 8 --> MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6}
Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B}
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Mozilla Firefox (2.0) --> C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
Mozilla Firefox (2.0.0.2) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Nero 7 Ultra Edition --> MsiExec.exe /I{4908C75E-E5E2-43F7-B1DF-023CBA831033}
Online Manuals for WinTV (English) --> C:\PROGRA~1\WinTV\UNTVmans.exe C:\PROGRA~1\WinTV\WinTVMan.LOG
RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
SmartFTP Client 2.0 (remove only) --> "C:\Program Files\SmartFTP Client 2.0\uninst-sftp.exe"
Sound Blaster Live! 24-Bit External --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1C95A91-ED29-4806-9EDE-6A8D5C09DBB1}\SETUP.EXE" -l0x9 /remove
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe

-- End of ComboScan: finished at 2007-02-27 at 17:17:10 -------------------------

tetonbob · 02-27-2007, 05:50 PM

Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist:

J2SE Runtime Environment 5.0 Update 9

It's an outdated version, and a security risk simply by having it installed on the machine still.

Leave Update 11, as it is the latest update for Version 5.

---------------------------------------------------------------------------------------------

Well done. Your logs are clean. Any more issues? If not you should be good to go. We still have a few items to address.

Reset hidden/system files and folders

Click Start.
Open My Computer.
Select the Tools menu and click Folder Options.
Select the View tab.
Deselect the Show hidden files and folders option.
Select the Hide file extensions for known types option.
Select the Hide protected operating system files option.
Click Yes to confirm.
Click OK.

Create a new System Restore point

click Start >> Run - type SYSDM.CPL & press Enter
select the System Restore Tab
tick on the checkbox - "Turn off System Restore on all drives"
click Apply
then untick the same checkbox & click OK

Enable Windows Auto Update

Go to Start>Run - type wuaucpl.cpl
tick on the checkbox - "Automatically download the updates, and install them on the schedule that I specify".
Click on "OK".

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs:

SpywareBlaster to help prevent spyware from installing in the first place.
- Install & update SpywareBlaster with the latest definitions.
  After you have updated, click the button - enable protection for all unprotected items
SpywareGuard to catch and block spyware before it can execute.
SPYBOT - SEARCH & DESTROY
Download and install Spybot - Search & Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with the program on a regular basis just as you would an antivirus software. A tutorial on installing & using this product can be found here
AD-AWARE
Download and install Ad-Aware. You should use this program to scan your computer on a regular basis just as you would an antivirus software in conjunction with Spybot. A tutorial on installing & using this product can be found here
IE-SPYAD - IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites.
- Download IE-SpyAD - Extract the contents to a new folder
  From within the folder, double-click install.bat
  Select Option #2 - Install the new IE-SPYAD list.
  Then return to the main menu.
  Select option #4 - Add the old porn sites domain
MVPS HOST FILE
The MVPS Hosts file replaces your current HOSTS file with one that will restrict known ad sites form serving you unsolicited advertisements. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is the IP of your local computer.
- Download Host.zip to your desktop.
- From your Desktop right-click (hosts.zip) and select:
  Extract All from the menu.
- Click Next, click Next, select the option:
  "Show Extracted files", click Finish
- This will open the newly created hosts folder on your Desktop.
- Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine.
ANTIVIRUS SOFTWARE
It is very important that you have anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future.

Here are a few very good free Antivirus products which are available:
- AOL Active Virus Shield (powered by Kaspersky Antivirus)
- Avast!
- AVG
- Avira PersonalEdition Classic
Select one of these, or another of your choice. Do not install more than one antivirus program because they will conflict with each other. It is imperative that you update your antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch new malware that may have come out.

See this link for a listing of some online antivirus scanners:

Anti-Spyware Tutorial
FIREWALL
If you do not have a firewall, here are a couple of great free ones available for personal use. Using a third-party firewall will allow you to give/deny access for applications that want to go online. Select one of these, or another of your choice:

Do not install more than one firewall program because they will conflict with each other.

In light of your recent troubles, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles

If you want to fight back the Malware Writers that have made your life a misery, please take a look here and read what you can do against it.

Please respond to this thread one more time so we can mark this thread as resolved.

neonknightmare · 02-27-2007, 05:54 PM

Gotit, and thanks again.

I can't right now, but after the first of the month, I will definately give you guys a contribution.

tetonbob · 02-27-2007, 07:40 PM

Happy Computing, and Safe Surfing to you. Keep your guard up, the WWW is a wild woolly world these days.

02-26-2007, 05:53 PM	#22 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,237 OS: 2000 Pro; XP Pro; XP Home	Don't fret...many scanners wrongly target smitrem because of the potential of files it uses. Sorry this is taking you so long...good thing is, we never close. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009

02-26-2007, 07:20 PM	#24 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,237 OS: 2000 Pro; XP Pro; XP Home	Ok, I think we're just about done....I'd like one more set of logs from ComboScan. This time, please run it with these instructions: Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK (Do not miss the first quote!) "%userprofile%\desktop\comboscan.exe" /config A configuration screen shall appear. Tick All Boxes shown on the screen. Click Scan! When finished, it shall produce a set of logs for you. Post those logs in your next reply. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009

02-27-2007, 05:59 AM	#25 (permalink)
neonknightmare Registered User Join Date: Feb 2007 Posts: 16 OS: xp	ComboScan v20070221.16 run by ourroom on 2007-02-27 at 06:52:29 Computer is in Normal Mode. -------------------------------------------------------------------------------- Successfully created restore point. Performed disk cleanup. -- HijackThis (run as ourroom.exe) ---------------------------------------------- Logfile of HijackThis v1.99.1 Scan saved at 6:53:15 AM, on 2/27/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\WINDOWS\system32\CTsvcCDA.exe C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WUSB54Gv42.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\D-Tools\daemon.exe C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe C:\WINDOWS\system32\RunDll32.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe C:\Program Files\WinTV\Ir.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Creative\SBLive 24-Bit External\Entertainment Center\EAXLoadr.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\ourroom\desktop\comboscan.exe C:\Documents and Settings\ourroom\Desktop\hijackthis\ourroom.exe R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://microsoft.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe" O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM\..\Run: [RCSystem] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" RCSystem * -Startup O4 - HKLM\..\Run: [AudioDrvEmulator] "C:\Program Files\Creative\Shared Files\Module Loader\DLLML.exe" -1 AudioDrvEmulator "C:\Program Files\Creative\Shared Files\Module Loader\Audio Emulator\AudDrvEm.dll" O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBLive 24-Bit External\Surround Mixer\CTSysVol.exe /r O4 - HKLM\..\Run: [SbUsb AudCtrl] RunDll32 sbusbdll.dll,RCMonitor O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE O4 - HKLM\..\Run: [LaunchList] C:\Program Files\Pinnacle\Studio 10\LaunchList.exe O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe O4 - HKCU\..\Run: [Creative MediaSource Go] "C:\Program Files\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: AutoStart IR.lnk = C:\Program Files\WinTV\Ir.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\scieplugin.dll O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/reso...an8/oscan8.cab O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r (file missing) O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe O23 - Service: WUSB54Gv42SVC - Unknown owner - C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv42.exe (file missing) -- File Associations ------------------------------------------------------------ .bat - batfile - "%1" %* .chm - chm.file - "C:\WINDOWS\hh.exe" %1 .cmd - cmdfile - "%1" %* .com - comfile - "%1" %* .exe - exefile - "%1" %* .hlp - hlpfile - %SystemRoot%\System32\winhlp32.exe %1 .inf - inffile - %SystemRoot%\System32\NOTEPAD.EXE %1 .ini - inifile - %SystemRoot%\System32\NOTEPAD.EXE %1 .js - JSFile - %SystemRoot%\System32\WScript.exe "%1" %* .lnk - lnkfile - {00021401-0000-0000-C000-000000000046} .pif - piffile - "%1" %* .reg - regfile - regedit.exe "%1" .scr - scrfile - "%1" /S .txt - txtfile - %SystemRoot%\system32\NOTEPAD.EXE %1 .vbs - VBSFile - %SystemRoot%\System32\WScript.exe "%1" %* -- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------- 2R AegisP (AEGIS Protocol (IEEE 802.1x) v3.4.3.0) - C:\WINDOWS\system32\drivers\AegisP.sys 3R Arp1394 (1394 ARP Client Protocol) - C:\WINDOWS\system32\drivers\arp1394.sys 1R AVG Anti-Spyware Driver - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.sys 1R AvgAsCln (AVG Anti-Spyware Clean Driver) - C:\WINDOWS\system32\drivers\AvgAsCln.sys 3S CCDECODE (Closed Caption Decoder) - C:\WINDOWS\system32\drivers\CCDECODE.sys 3R ctsfm2k (Creative SoundFont Management Device Driver) - C:\WINDOWS\system32\drivers\ctsfm2k.sys 0R d347bus - C:\WINDOWS\system32\drivers\d347bus.sys 0R d347prt - C:\WINDOWS\system32\drivers\d347prt.sys 3R HCWBT8xx (Hauppauge WinTV 848/9 WDM Video Driver) - C:\WINDOWS\system32\drivers\HCWBT8XX.sys 3R hidusb (Microsoft HID Class Driver) - C:\WINDOWS\system32\drivers\hidusb.sys 1R intelppm (Intel Processor Driver) - C:\WINDOWS\system32\drivers\intelppm.sys 1S kbdhid (Keyboard HID Driver) - C:\WINDOWS\system32\drivers\kbdhid.sys 0R kl1 - C:\WINDOWS\system32\drivers\kl1.sys 1R klif - C:\WINDOWS\system32\drivers\klif.sys 3R MarvinBus (Pinnacle Marvin Bus) - C:\WINDOWS\system32\drivers\MarvinBus.sys 3R mouhid (Mouse HID Driver) - C:\WINDOWS\system32\drivers\mouhid.sys 3S MSTEE (Microsoft Streaming Tee/Sink-to-Sink Converter) - C:\WINDOWS\system32\drivers\MSTEE.sys 3S NABTSFEC (NABTS/FEC VBI Codec) - C:\WINDOWS\system32\drivers\NABTSFEC.sys 3S NdisIP (Microsoft TV/Video Connection) - C:\WINDOWS\system32\drivers\NdisIP.sys 3R NIC1394 (1394 Net Driver) - C:\WINDOWS\system32\drivers\nic1394.sys 3R nv - C:\WINDOWS\system32\drivers\nv4_mini.sys 0R ohci1394 (OHCI Compliant IEEE 1394 Host Controller) - C:\WINDOWS\system32\drivers\ohci1394.sys 3R ossrv (Creative OS Services Driver) - C:\WINDOWS\system32\drivers\ctoss2k.sys 1R PCLEPCI - C:\WINDOWS\system32\drivers\Pclepci.sys 3R pfc (Padus ASPI Shell) - C:\WINDOWS\system32\drivers\pfc.sys 3R sbusb (Sound Blaster USB Audio Driver) - C:\WINDOWS\system32\drivers\sbusb.sys 3S SLIP (BDA Slip De-Framer) - C:\WINDOWS\system32\drivers\SLIP.sys 3S streamip (BDA IPSink) - C:\WINDOWS\system32\drivers\StreamIP.sys 3S usbaudio (USB Audio Driver (WDM)) - C:\WINDOWS\system32\drivers\usbaudio.sys 3R usbccgp (Microsoft USB Generic Parent Driver) - C:\WINDOWS\system32\drivers\usbccgp.sys 3R usbehci (Microsoft USB 2.0 Enhanced Host Controller Miniport Driver) - C:\WINDOWS\system32\drivers\usbehci.sys 3R usbstor (USB Mass Storage Driver) - C:\WINDOWS\system32\drivers\usbstor.sys 3S WSTCODEC (World Standard Teletext Codec) - C:\WINDOWS\system32\drivers\WSTCODEC.SYS 3S WudfPf (Windows Driver Foundation - User-mode Driver Framework Platform Driver) - C:\WINDOWS\system32\drivers\WudfPf.sys 3S WudfRd (Windows Driver Foundation - User-mode Driver Framework Reflector) - C:\WINDOWS\system32\drivers\WudfRd.sys 3R WUSB54GPV4SRV (Linksys Home Wireless-G USB Adaptor Driver) - C:\WINDOWS\system32\drivers\rt2500usb.sys 3R GTNDIS5 (GTNDIS5 NDIS Protocol Driver) - C:\WINDOWS\system32\GTNDIS5.sys -- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- 3S Adobe LM Service - "C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe" 4S Alerter - C:\WINDOWS\System32\svchost.exe -k LocalService 3R ALG (Application Layer Gateway Service) - C:\WINDOWS\System32\alg.exe 4S AppMgmt (Application Management) - C:\WINDOWS\system32\svchost.exe -k netsvcs 2R AudioSrv (Windows Audio) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R AVG Anti-Spyware Guard - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe 2R AVP (Kaspersky Anti-Virus 6.0) - "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0\avp.exe" -r 3S BITS (Background Intelligent Transfer Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2S Browser (Computer Browser) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S CiSvc (Indexing Service) - C:\WINDOWS\system32\cisvc.exe 4S ClipSrv (ClipBook) - C:\WINDOWS\system32\clipsrv.exe 3S COMSysApp (COM+ System Application) - C:\WINDOWS\System32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} 2R Creative Service for CDROM Access - C:\WINDOWS\system32\CTsvcCDA.exe 2R CryptSvc (Cryptographic Services) - C:\WINDOWS\system32\svchost.exe -k netsvcs 2R DcomLaunch (DCOM Server Process Launcher) - C:\WINDOWS\system32\svchost -k DcomLaunch 2R Dhcp (DHCP Client) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S dmadmin (Logical Disk Manager Administrative Service) - C:\WINDOWS\System32\dmadmin.exe /com 3S dmserver (Logical Disk Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R Dnscache (DNS Client) - C:\WINDOWS\System32\svchost.exe -k NetworkService 2R ERSvc (Error Reporting Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R Eventlog (Event Log) - C:\WINDOWS\system32\services.exe 3R EventSystem (COM+ Event System) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3R FastUserSwitchingCompatibility (Fast User Switching Compatibility) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R helpsvc (Help and Support) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R HidServ (HID Input Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S HTTPFilter (HTTP SSL) - C:\WINDOWS\System32\svchost.exe -k HTTPFilter 3S ImapiService (IMAPI CD-Burning COM Service) - C:\WINDOWS\System32\imapi.exe 2R lanmanserver (Server) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R lanmanworkstation (Workstation) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R LmHosts (TCP/IP NetBIOS Helper) - C:\WINDOWS\System32\svchost.exe -k LocalService 4S Messenger - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S mnmsrvc (NetMeeting Remote Desktop Sharing) - C:\WINDOWS\System32\mnmsrvc.exe 3S MSDTC (Distributed Transaction Coordinator) - C:\WINDOWS\System32\msdtc.exe 3S MSIServer (Windows Installer) - C:\WINDOWS\system32\msiexec.exe /V 3S NBService - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe 4S NetDDE (Network DDE) - C:\WINDOWS\system32\netdde.exe 4S NetDDEdsdm (Network DDE DSDM) - C:\WINDOWS\system32\netdde.exe 3S Netlogon (Net Logon) - C:\WINDOWS\System32\lsass.exe 3R Netman (Network Connections) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3R Nla (Network Location Awareness (NLA)) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S NtLmSsp (NT LM Security Support Provider) - C:\WINDOWS\System32\lsass.exe 3S NtmsSvc (Removable Storage) - C:\WINDOWS\system32\svchost.exe -k netsvcs 2R PlugPlay (Plug and Play) - C:\WINDOWS\system32\services.exe 2R PolicyAgent (IPSEC Services) - C:\WINDOWS\System32\lsass.exe 2R ProtectedStorage (Protected Storage) - C:\WINDOWS\system32\lsass.exe 3S RasAuto (Remote Access Auto Connection Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S RasMan (Remote Access Connection Manager) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S RDSessMgr (Remote Desktop Help Session Manager) - C:\WINDOWS\system32\sessmgr.exe 4S RemoteAccess (Routing and Remote Access) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S RpcLocator (Remote Procedure Call (RPC) Locator) - C:\WINDOWS\System32\locator.exe 2R RpcSs (Remote Procedure Call (RPC)) - C:\WINDOWS\system32\svchost -k rpcss 3S RSVP (QoS RSVP) - C:\WINDOWS\System32\rsvp.exe 2R SamSs (Security Accounts Manager) - C:\WINDOWS\system32\lsass.exe 3S SCardSvr (Smart Card) - C:\WINDOWS\System32\SCardSvr.exe 2R Schedule (Task Scheduler) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R seclogon (Secondary Logon) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R SENS (System Event Notification) - C:\WINDOWS\system32\svchost.exe -k netsvcs 2R SharedAccess (Windows Firewall/Internet Connection Sharing (ICS)) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R ShellHWDetection (Shell Hardware Detection) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R Spooler (Print Spooler) - C:\WINDOWS\system32\spoolsv.exe 2R srservice (System Restore Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3R SSDPSRV (SSDP Discovery Service) - C:\WINDOWS\System32\svchost.exe -k LocalService 3S stisvc (Windows Image Acquisition (WIA)) - C:\WINDOWS\System32\svchost.exe -k imgsvc 3S SwPrv (MS Software Shadow Copy Provider) - C:\WINDOWS\System32\dllhost.exe /Processid:{076B68ED-8FBA-44CF-A42D-89CE76D0729A} 3S SysmonLog (Performance Logs and Alerts) - C:\WINDOWS\system32\smlogsvc.exe 3S TapiSrv (Telephony) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3R TermService (Terminal Services) - C:\WINDOWS\System32\svchost -k DComLaunch 2R Themes - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R TrkWks (Distributed Link Tracking Client) - C:\WINDOWS\system32\svchost.exe -k netsvcs 3S upnphost (Universal Plug and Play Device Host) - C:\WINDOWS\System32\svchost.exe -k LocalService 3S UPS (Uninterruptible Power Supply) - C:\WINDOWS\System32\ups.exe 3S VSS (Volume Shadow Copy) - C:\WINDOWS\System32\vssvc.exe 2R W32Time (Windows Time) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R WebClient - C:\WINDOWS\System32\svchost.exe -k LocalService 2R winmgmt (Windows Management Instrumentation) - C:\WINDOWS\system32\svchost.exe -k netsvcs 3S WmdmPmSN (Portable Media Serial Number Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S WmiApSrv (WMI Performance Adapter) - C:\WINDOWS\System32\wbem\wmiapsrv.exe 3S WMPNetworkSvc (Windows Media Player Network Sharing Service) - "C:\Program Files\Windows Media Player\WMPNetwk.exe" 2R wscsvc (Security Center) - C:\WINDOWS\System32\svchost.exe -k netsvcs 2R wuauserv (Automatic Updates) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S WudfSvc (Windows Driver Foundation - User-mode Driver Framework) - C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup 2R WUSB54Gv42SVC - "C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor\WLService.exe" "WUSB54Gv42.exe" 2S WZCSVC (Wireless Zero Configuration) - C:\WINDOWS\System32\svchost.exe -k netsvcs 3S xmlprov (Network Provisioning Service) - C:\WINDOWS\System32\svchost.exe -k netsvcs -- Files created between 2007-01-27 and 2007-02-27 ------------------------------ 2007-02-26 06:53:05 0 d-------- C:\Documents and Settings\ourroom\DoctorWeb<DOCTOR~1> 2007-02-25 1955 286720 --a------ C:\WINDOWS\system32\hcwzblast.dll<HCWZBL~1.DLL> 2007-02-25 1955 65603 --a------ C:\WINDOWS\system32\hcwIRblast.dll<HCWIRB~1.DLL> 2007-02-25 19:01:15 118784 --a------ C:\WINDOWS\system32\MSSTDFMT.DLL 2007-02-25 19:01:02 524353 --a------ C:\WINDOWS\system32\HCWTVWND.dll 2007-02-25 19:01:02 11264 --a------ C:\WINDOWS\system32\hcwhook.dll 2007-02-25 19:01:02 90174 --a------ C:\WINDOWS\system32\bt848wst.dll 2007-02-25 19:00:56 106559 --a------ C:\WINDOWS\system32\Hcwtvdlg.dll 2007-02-25 19:00:50 393216 --a------ C:\WINDOWS\system32\hcwsnbd9.dll 2007-02-25 19:00:50 69632 --a------ C:\WINDOWS\system32\hcwsched.dll 2007-02-25 19:00:50 229432 --a------ C:\WINDOWS\system32\hcwpnp32.dll 2007-02-25 19:00:50 94264 --a------ C:\WINDOWS\system32\hcwi2c32.dll 2007-02-25 19:00:50 213050 --a------ C:\WINDOWS\system32\Hcwchan.dll 2007-02-25 19:00:50 65536 --a------ C:\WINDOWS\system32\dmcrypto.dll 2007-02-25 19:00:50 12288 --a------ C:\WINDOWS\system32\btgpio32.dll 2007-02-25 18:59:51 5504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-02-25 18:59:42 10880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-02-25 18:59:36 15360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-02-25 18:59:30 11136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-02-25 18:59:24 19328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-02-25 18:58:36 85376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-02-25 18:58:31 17024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-02-25 18:57:39 36921 -----n--- C:\WINDOWS\system32\hcwutl32.dll 2007-02-25 18:57:39 472644 -ra------ C:\WINDOWS\system32\drivers\HCWBT8XX.sys 2007-02-25 18:57:31 53760 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-02-25 18:47:45 0 d-------- C:\Documents and Settings\ourroom\Application Data\InterTrust<INTERT~1> 2007-02-25 18:44:05 306688 --a------ C:\WINDOWS\IsUninst.exe 2007-02-25 18:27:32 0 d-------- C:\Documents and Settings\ourroom\Application Data\Real 2007-02-25 18:26:26 0 --a------ C:\WINDOWS\mozver.dat 2007-02-25 18:17:40 89088 --a------ C:\WINDOWS\system32\atl71.dll 2007-02-25 18:17:39 84992 --a------ C:\WINDOWS\system32\ATL70.DLL 2007-02-25 18:03:19 171008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys<MARVIN~1.SYS> 2007-02-25 18:00:34 0 d-------- C:\Documents and Settings\ourroom\Application Data\Sun 2007-02-25 17:57:09 344064 --a------ C:\WINDOWS\system32\msvcr70.dll 2007-02-25 17:57:08 487424 --a------ C:\WINDOWS\system32\MSVCP70.DLL 2007-02-25 17:57:08 54784 --a------ C:\WINDOWS\system32\MSVCI70.DLL 2007-02-25 17:57:07 1047552 --a------ C:\WINDOWS\system32\MFC71u.dll 2007-02-25 17:57:07 49152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL 2007-02-25 17:57:07 49152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL 2007-02-25 17:57:06 61440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL 2007-02-25 17:57:06 61440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL 2007-02-25 17:57:06 61440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL 2007-02-25 17:57:06 57344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL 2007-02-25 17:57:06 65536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL 2007-02-25 17:57:06 45056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL 2007-02-25 17:57:05 40960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL 2007-02-25 17:57:04 964608 --a------ C:\WINDOWS\system32\MFC70U.DLL 2007-02-25 17:57:04 974848 --a------ C:\WINDOWS\system32\MFC70.DLL 2007-02-25 17:46:51 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Pinnacle Studio<PINNAC~1> 2007-02-25 17:45:58 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Pinnacle 2007-02-25 17:45:29 14165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys 2007-02-25 14:51:13 0 d-------- C:\Documents and Settings\LocalService.NT AUTHORITY\Application Data\Ahead 2007-02-25 14:31:58 41984 -----n--- C:\WINDOWS\Ctregrun.exe 2007-02-25 14:29:22 25088 -----n--- C:\WINDOWS\system32\CTSVCCTL.EXE 2007-02-25 14:29:22 44032 -----n--- C:\WINDOWS\system32\CTSVCCDA.EXE 2007-02-25 14:27:33 90112 -----n--- C:\WINDOWS\Updreg.EXE 2007-02-25 14:26:28 20480 --a------ C:\WINDOWS\INRES.DLL 2007-02-25 14:24:28 0 d-------- C:\Documents and Settings\ourroom\Application Data\Creative 2007-02-25 14:24:26 77824 -----n--- C:\WINDOWS\system32\ctdvda32.dll 2007-02-25 11:51:46 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Nero 2007-02-25 11:33:52 2494464 --a------ C:\WINDOWS\system32\advrcntr2.dll<ADVRCN~1.DLL> 2007-02-25 11:32:49 2494464 --a------ C:\WINDOWS\system\advrcntr2.dll<ADVRCN~1.DLL> 2007-02-25 11:26:34 0 d-------- C:\Documents and Settings\ourroom\Application Data\Ahead 2007-02-25 11:21:04 0 d-------- C:\Program Files\Common Files\Nero 2007-02-25 11:18:19 24064 -----n--- C:\WINDOWS\system32\msxml3a.dll 2007-02-25 11:17:19 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ahead 2007-02-25 11:17:08 0 d-------- C:\Program Files\Ahead 2007-02-25 09:41:11 5248 --a------ C:\WINDOWS\system32\drivers\d347prt.sys 2007-02-25 09:41:11 155136 --a------ C:\WINDOWS\system32\drivers\d347bus.sys 2007-02-25 09:41:08 0 d-------- C:\Program Files\D-Tools 2007-02-25 07:26:53 0 d-------- C:\Documents and Settings\ourroom\Application Data\Azureus 2007-02-25 07:26:38 0 d-------- C:\Program Files\Azureus 2007-02-24 11:36:32 0 d-------- C:\WINDOWS\BDOSCAN8 2007-02-24 11:35:32 0 d---s---- C:\Documents and Settings\ourroom\UserData 2007-02-24 06:26:51 3968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys 2007-02-24 06:21:40 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Avg7 2007-02-23 09:47:01 20016 -----n--- C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-02-23 09:35:37 221184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-02-23 09:31:22 262144 --a------ C:\Documents and Settings\All Users.WINDOWS\ntuser.dat 2007-02-23 09:20:37 0 d-------- C:\Documents and Settings\ourroom\Application Data\Lavasoft 2007-02-23 09:00:08 74396 --a------ C:\WINDOWS\system32\drivers\klin.dat 2007-02-23 09:00:08 75932 --a------ C:\WINDOWS\system32\drivers\klick.dat 2007-02-23 08:59:50 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Kaspersky Lab<KASPER~1> 2007-02-23 08:59:47 166432 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat 2007-02-23 08:59:47 6417184 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat 2007-02-23 06:45:22 0 d-------- C:\bintheredunthat<BINTHE~1> 2007-02-23 06:39:34 397312 --a------ C:\Documents and Settings\Administrator\NTUSER.DAT 2007-02-23 06:28:49 106 --a------ C:\delete.bat 2007-02-23 06:16:31 0 d-------- C:\VundoFix Backups<VUNDOF~1> 2007-02-23 06:14:52 0 d-------- C:\SDFix 2007-02-23 06:10:05 0 d-------- C:\bfu 2007-02-22 21:13:53 0 d-------- C:\Documents and Settings\ourroom\Shared 2007-02-22 21:13:51 0 d-------- C:\Documents and Settings\ourroom\Incomplete<INCOMP~1> 2007-02-22 21:13:35 0 d-------- C:\Documents and Settings\ourroom\Application Data\LimeWire 2007-02-22 20:49:11 0 d-------- C:\Documents and Settings\ourroom\Application Data\SmartFTP 2007-02-22 20:10:58 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe Systems<ADOBES~1> 2007-02-22 20:09:14 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe 2007-02-22 20:04:41 0 d-------- C:\Documents and Settings\ourroom\Application Data\Adobe 2007-02-22 19:45:11 0 d-------- C:\WINDOWS\system32\QuickTime<QUICKT~1> 2007-02-22 19:25:55 0 d-------- C:\Documents and Settings\ourroom\Application Data\WinRAR 2007-02-22 19:23:02 0 d-------- C:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage<WINDOW~1> 2007-02-22 19:10:31 0 --a------ C:\WINDOWS\nsreg.dat 2007-02-22 19:04:04 0 d-------- C:\WINDOWS\Prefetch 2007-02-22 18:58:07 9216 -----n--- C:\WINDOWS\system32\proxycfg.exe 2007-02-22 18:58:07 59392 -----n--- C:\WINDOWS\system32\logman.exe 2007-02-22 18:58:02 63488 -----n--- C:\WINDOWS\system32\drivers\atinxsxx.sys 2007-02-22 18:58:02 31744 -----n--- C:\WINDOWS\system32\drivers\atinxbxx.sys 2007-02-22 18:58:02 73216 -----n--- C:\WINDOWS\system32\drivers\atintuxx.sys 2007-02-22 18:58:02 13824 -----n--- C:\WINDOWS\system32\drivers\atinttxx.sys 2007-02-22 18:58:02 28672 -----n--- C:\WINDOWS\system32\drivers\atinsnxx.sys 2007-02-22 18:58:02 104960 -----n--- C:\WINDOWS\system32\drivers\atinrvxx.sys 2007-02-22 18:58:02 52224 -----n--- C:\WINDOWS\system32\drivers\atinraxx.sys 2007-02-22 18:58:02 14336 -----n--- C:\WINDOWS\system32\drivers\atinpdxx.sys 2007-02-22 18:58:02 13824 -----n--- C:\WINDOWS\system32\drivers\atinmdxx.sys 2007-02-22 18:58:02 57856 -----n--- C:\WINDOWS\system32\drivers\atinbtxx.sys 2007-02-22 18:58:02 701440 -----n--- C:\WINDOWS\system32\drivers\ati2mtag.sys 2007-02-22 18:58:02 327040 -----n--- C:\WINDOWS\system32\drivers\ati2mtaa.sys 2007-02-22 18:58:02 34735 -----n--- C:\WINDOWS\system32\drivers\ati1xsxx.sys 2007-02-22 18:58:02 29455 -----n--- C:\WINDOWS\system32\drivers\ati1xbxx.sys 2007-02-22 18:58:02 36463 -----n--- C:\WINDOWS\system32\drivers\ati1tuxx.sys 2007-02-22 18:58:02 21343 -----n--- C:\WINDOWS\system32\drivers\ati1ttxx.sys 2007-02-22 18:58:02 26367 -----n--- C:\WINDOWS\system32\drivers\ati1snxx.sys 2007-02-22 18:58:02 63663 -----n--- C:\WINDOWS\system32\drivers\ati1rvxx.sys 2007-02-22 18:58:02 30671 -----n--- C:\WINDOWS\system32\drivers\ati1raxx.sys 2007-02-22 18:58:02 12047 -----n--- C:\WINDOWS\system32\drivers\ati1pdxx.sys 2007-02-22 18:58:02 11615 -----n--- C:\WINDOWS\system32\drivers\ati1mdxx.sys 2007-02-22 18:58:02 56623 -----n--- C:\WINDOWS\system32\drivers\ati1btxx.sys 2007-02-22 18:58:02 43008 -----n--- C:\WINDOWS\system32\drivers\amdagp.sys 2007-02-22 18:58:02 42752 -----n--- C:\WINDOWS\system32\drivers\alim1541.sys 2007-02-22 18:58:02 44928 -----n--- C:\WINDOWS\system32\drivers\agpcpq.sys 2007-02-22 18:58:02 42368 -----n--- C:\WINDOWS\system32\drivers\agp440.sys 2007-02-22 18:58:02 3775 -----n--- C:\WINDOWS\system32\drivers\adv11nt5.dll 2007-02-22 18:58:02 3711 -----n--- C:\WINDOWS\system32\drivers\adv09nt5.dll 2007-02-22 18:58:02 3135 -----n--- C:\WINDOWS\system32\drivers\adv08nt5.dll 2007-02-22 18:58:02 3647 -----n--- C:\WINDOWS\system32\drivers\adv07nt5.dll 2007-02-22 18:58:02 3615 -----n--- C:\WINDOWS\system32\drivers\adv05nt5.dll 2007-02-22 18:58:02 3967 -----n--- C:\WINDOWS\system32\drivers\adv02nt5.dll 2007-02-22 18:58:02 4255 -----n--- C:\WINDOWS\system32\drivers\adv01nt5.dll 2007-02-22 18:58:01 1309184 -----n--- C:\WINDOWS\system32\drivers\mtlstrm.sys 2007-02-22 18:58:01 126686 -----n--- C:\WINDOWS\system32\drivers\mtlmnt5.sys 2007-02-22 18:58:01 15488 -----n--- C:\WINDOWS\system32\drivers\mssmbios.sys 2007-02-22 18:58:01 11868 -----n--- C:\WINDOWS\system32\drivers\mdmxsdk.sys 2007-02-22 18:58:01 29056 -----n--- C:\WINDOWS\system32\drivers\ip6fw.sys 2007-02-22 18:58:01 36096 -----n--- C:\WINDOWS\system32\drivers\intelppm.sys 2007-02-22 18:58:01 262784 -----n--- C:\WINDOWS\system32\drivers\http.sys 2007-02-22 18:58:01 1041536 -----n--- C:\WINDOWS\system32\drivers\hsfdpsp2.sys 2007-02-22 18:58:01 685056 -----n--- C:\WINDOWS\system32\drivers\hsfcxts2.sys 2007-02-22 18:58:01 220032 -----n--- C:\WINDOWS\system32\drivers\hsfbs2s2.sys 2007-02-22 18:58:01 15104 -----n--- C:\WINDOWS\system32\drivers\hidir.sys 2007-02-22 18:58:01 25600 -----n--- C:\WINDOWS\system32\drivers\hidbth.sys 2007-02-22 18:58:01 46464 -----n--- C:\WINDOWS\system32\drivers\gagp30kx.sys 2007-02-22 18:58:01 128896 -----n--- C:\WINDOWS\system32\drivers\fltmgr.sys 2007-02-22 18:58:01 15423 -----n--- C:\WINDOWS\system32\drivers\ch7xxnt5.dll 2007-02-22 18:58:01 18944 -----n--- C:\WINDOWS\system32\drivers\bthusb.sys 2007-02-22 18:58:01 35456 -----n--- C:\WINDOWS\system32\drivers\bthprint.sys 2007-02-22 18:58:01 274304 -----n--- C:\WINDOWS\system32\drivers\bthport.sys 2007-02-22 18:58:01 100992 -----n--- C:\WINDOWS\system32\drivers\bthpan.sys 2007-02-22 18:58:01 38016 -----n--- C:\WINDOWS\system32\drivers\bthmodem.sys 2007-02-22 18:58:01 17024 -----n--- C:\WINDOWS\system32\drivers\bthenum.sys 2007-02-22 18:58:01 17279 -----n--- C:\WINDOWS\system32\drivers\atv10nt5.dll 2007-02-22 18:58:01 14143 -----n--- C:\WINDOWS\system32\drivers\atv06nt5.dll 2007-02-22 18:58:01 25471 -----n--- C:\WINDOWS\system32\drivers\atv04nt5.dll 2007-02-22 18:58:01 11359 -----n--- C:\WINDOWS\system32\drivers\atv02nt5.dll 2007-02-22 18:58:01 21183 -----n--- C:\WINDOWS\system32\drivers\atv01nt5.dll 2007-02-22 18:58:00 78464 -----n--- C:\WINDOWS\system32\drivers\usbvideo.sys 2007-02-22 18:58:00 12672 -----n--- C:\WINDOWS\system32\drivers\usb8023x.sys 2007-02-22 18:58:00 44672 -----n--- C:\WINDOWS\system32\drivers\uagp35.sys 2007-02-22 18:58:00 6016 -----n--- C:\WINDOWS\system32\drivers\smbali.sys 2007-02-22 18:58:00 13240 -----n--- C:\WINDOWS\system32\drivers\slwdmsup.sys 2007-02-22 18:58:00 95424 -----n--- C:\WINDOWS\system32\drivers\slnthal.sys 2007-02-22 18:58:00 404990 -----n--- C:\WINDOWS\system32\drivers\slntamr.sys 2007-02-22 18:58:00 129535 -----n--- C:\WINDOWS\system32\drivers\slnt7554.sys 2007-02-22 18:58:00 41088 -----n--- C:\WINDOWS\system32\drivers\sisagp.sys 2007-02-22 18:58:00 3901 -----n--- C:\WINDOWS\system32\drivers\siint5.dll 2007-02-22 18:58:00 10240 -----n--- C:\WINDOWS\system32\drivers\sffp_sd.sys 2007-02-22 18:58:00 11136 -----n--- C:\WINDOWS\system32\drivers\sffdisk.sys 2007-02-22 18:58:00 67584 -----n--- C:\WINDOWS\system32\drivers\sdbus.sys 2007-02-22 18:58:00 166912 -----n--- C:\WINDOWS\system32\drivers\s3gnbm.sys 2007-02-22 18:58:00 30080 -----n--- C:\WINDOWS\system32\drivers\rndismpx.sys 2007-02-22 18:58:00 59648 -----n--- C:\WINDOWS\system32\drivers\rfcomm.sys 2007-02-22 18:58:00 13776 -----n--- C:\WINDOWS\system32\drivers\recagent.sys 2007-02-22 18:58:00 1897408 -----n--- C:\WINDOWS\system32\drivers\nv4_mini.sys 2007-02-22 18:58:00 180360 -----n--- C:\WINDOWS\system32\drivers\ntmtlfax.sys 2007-02-22 18:58:00 12672 -----n--- C:\WINDOWS\system32\drivers\mutohpen.sys 2007-02-22 18:58:00 452736 -----n--- C:\WINDOWS\system32\drivers\mtxparhm.sys 2007-02-22 18:57:59 25471 -----n--- C:\WINDOWS\system32\drivers\watv10nt.sys 2007-02-22 18:57:59 22271 -----n--- C:\WINDOWS\system32\drivers\watv06nt.sys 2007-02-22 18:57:59 11935 -----n--- C:\WINDOWS\system32\drivers\wadv11nt.sys 2007-02-22 18:57:59 11871 -----n--- C:\WINDOWS\system32\drivers\wadv09nt.sys 2007-02-22 18:57:59 11295 -----n--- C:\WINDOWS\system32\drivers\wadv08nt.sys 2007-02-22 18:57:59 11807 -----n--- C:\WINDOWS\system32\drivers\wadv07nt.sys 2007-02-22 18:57:59 13568 -----n--- C:\WINDOWS\system32\drivers\wacompen.sys 2007-02-22 18:57:59 42240 -----n--- C:\WINDOWS\system32\drivers\viaagp.sys 2007-02-22 18:57:59 11325 -----n--- C:\WINDOWS\system32\drivers\vchnt5.dll 2007-02-22 18:57:59 13824 -----n--- C:\WINDOWS\system32\cmsetacl.dll 2007-02-22 18:57:59 50688 -----n--- C:\WINDOWS\system32\btpanui.dll 2007-02-22 18:57:59 30208 -----n--- C:\WINDOWS\system32\bthserv.dll 2007-02-22 18:57:59 20992 -----n--- C:\WINDOWS\system32\bthci.dll 2007-02-22 18:57:59 71680 -----n--- C:\WINDOWS\system32\blastcln.exe 2007-02-22 18:57:59 7168 -----n--- C:\WINDOWS\system32\bitsprx3.dll 2007-02-22 18:57:59 8192 -----n--- C:\WINDOWS\system32\bitsprx2.dll 2007-02-22 18:57:59 14336 -----n--- C:\WINDOWS\system32\auditusr.exe 2007-02-22 18:57:59 516768 -----n--- C:\WINDOWS\system32\ativvaxx.dll 2007-02-22 18:57:59 32768 -----n--- C:\WINDOWS\system32\ativtmxx.dll 2007-02-22 18:57:59 1888992 -----n--- C:\WINDOWS\system32\ati3duag.dll 2007-02-22 18:57:59 870784 -----n--- C:\WINDOWS\system32\ati3d1ag.dll 2007-02-22 18:57:59 201728 -----n--- C:\WINDOWS\system32\ati2dvag.dll 2007-02-22 18:57:59 377984 -----n--- C:\WINDOWS\system32\ati2dvaa.dll 2007-02-22 18:57:59 229376 -----n--- C:\WINDOWS\system32\ati2cqag.dll 2007-02-22 18:57:58 81920 -----n--- C:\WINDOWS\system32\ieencode.dll 2007-02-22 18:57:58 24576 -----n--- C:\WINDOWS\system32\httpapi.dll 2007-02-22 18:57:58 32285 -----n--- C:\WINDOWS\system32\hsfcisp2.dll 2007-02-22 18:57:58 60416 -----n--- C:\WINDOWS\system32\fwcfg.dll 2007-02-22 18:57:58 193024 -----n--- C:\WINDOWS\system32\fsquirt.exe 2007-02-22 18:57:58 23040 --a------ C:\WINDOWS\system32\fltmc.exe 2007-02-22 18:57:58 16896 --a------ C:\WINDOWS\system32\fltlib.dll 2007-02-22 18:57:58 2113536 -----n--- C:\WINDOWS\system32\dxdiagn.dll 2007-02-22 18:57:58 1689088 -----n--- C:\WINDOWS\system32\d3d9.dll 2007-02-22 18:57:57 86016 -----n--- C:\WINDOWS\system32\mdmxsdk.dll 2007-02-22 18:57:57 7168 -----n--- C:\WINDOWS\system32\kbdukx.dll 2007-02-22 18:57:57 7680 -----n--- C:\WINDOWS\system32\kbdsmsno.dll 2007-02-22 18:57:57 7680 -----n--- C:\WINDOWS\system32\kbdsmsfi.dll 2007-02-22 18:57:57 7168 -----n--- C:\WINDOWS\system32\kbdno1.dll 2007-02-22 18:57:57 6144 -----n--- C:\WINDOWS\system32\kbdmlt48.dll 2007-02-22 18:57:57 6144 -----n--- C:\WINDOWS\system32\kbdmlt47.dll 2007-02-22 18:57:57 5632 -----n--- C:\WINDOWS\system32\kbdmaori.dll 2007-02-22 18:57:57 6656 -----n--- C:\WINDOWS\system32\kbdinmal.dll 2007-02-22 18:57:57 6656 -----n--- C:\WINDOWS\system32\kbdinben.dll 2007-02-22 18:57:57 6144 -----n--- C:\WINDOWS\system32\kbdinbe1.dll 2007-02-22 18:57:57 7168 -----n--- C:\WINDOWS\system32\kbdfi1.dll 2007-02-22 18:57:56 1737856 -----n--- C:\WINDOWS\system32\mtxparhd.dll 2007-02-22 18:57:56 27136 -----n--- C:\WINDOWS\system32\mspmsnsv.dll 2007-02-22 18:57:56 118784 -----n--- C:\WINDOWS\system32\msdadiag.dll 2007-02-22 18:57:56 4096 -----n--- C:\WINDOWS\system32\MP4SDMOD.dll 2007-02-22 18:57:56 4096 -----n--- C:\WINDOWS\system32\MP43DMOD.dll 2007-02-22 18:57:55 49152 -----n--- C:\WINDOWS\system32\powercfg.exe 2007-02-22 18:57:55 48640 -----n--- C:\WINDOWS\system32\pnrpnsp.dll 2007-02-22 18:57:55 526848 -----n--- C:\WINDOWS\system32\p2psvc.dll 2007-02-22 18:57:55 88064 -----n--- C:\WINDOWS\system32\p2pnetsh.dll 2007-02-22 18:57:55 312320 -----n--- C:\WINDOWS\system32\p2pgraph.dll 2007-02-22 18:57:55 86016 -----n--- C:\WINDOWS\system32\p2pgasvc.dll 2007-02-22 18:57:55 116224 -----n--- C:\WINDOWS\system32\p2p.dll 2007-02-22 18:57:55 4274816 -----n--- C:\WINDOWS\system32\nv4_disp.dll 2007-02-22 18:57:54 15872 -----n--- C:\WINDOWS\system32\w3ssl.dll 2007-02-22 18:57:54 44032 -----n--- C:\WINDOWS\system32\twext.dll 2007-02-22 18:57:54 75776 -----n--- C:\WINDOWS\system32\strmfilt.dll 2007-02-22 18:57:54 8192 -----n--- C:\WINDOWS\system32\smbinst.exe 2007-02-22 18:57:54 73796 -----n--- C:\WINDOWS\system32\slserv.exe 2007-02-22 18:57:54 32866 -----n--- C:\WINDOWS\system32\slrundll.exe 2007-02-22 18:57:54 188508 -----n--- C:\WINDOWS\system32\slgen.dll 2007-02-22 18:57:54 286792 -----n--- C:\WINDOWS\system32\slextspk.dll 2007-02-22 18:57:54 73832 -----n--- C:\WINDOWS\system32\slcoinst.dll 2007-02-22 18:57:54 29184 -----n--- C:\WINDOWS\system32\sdhcinst.dll 2007-02-22 18:57:54 397056 -----n--- C:\WINDOWS\system32\s3gnb.dll 2007-02-22 18:57:53 603648 -----n--- C:\WINDOWS\system32\WMSPDMOD.dll 2007-02-22 18:57:53 4096 -----n--- C:\WINDOWS\system32\wmsdmoe2.dll 2007-02-22 18:57:53 314880 -----n--- C:\WINDOWS\system32\wmpdxm.dll 2007-02-22 18:57:53 242688 -----n--- C:\WINDOWS\system32\wmpasf.dll 2007-02-22 18:57:53 157184 --a------ C:\WINDOWS\system32\wmidx.dll 2007-02-22 18:57:53 227328 -----n--- C:\WINDOWS\system32\wmerror.dll 2007-02-22 18:57:53 17408 -----n--- C:\WINDOWS\system32\winshfhc.dll 2007-02-22 18:57:52 172312 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-02-22 18:57:52 465176 --a------ C:\WINDOWS\system32\wuapi.dll 2007-02-22 18:57:52 108032 -----n--- C:\WINDOWS\system32\wshbth.dll 2007-02-22 18:57:52 81408 -----n--- C:\WINDOWS\system32\wscsvc.dll 2007-02-22 18:57:52 13824 -----n--- C:\WINDOWS\system32\wscntfy.exe 2007-02-22 18:57:52 4096 -----n--- C:\WINDOWS\system32\wmvdmoe2.dll 2007-02-22 18:57:52 1329152 -----n--- C:\WINDOWS\system32\WMSPDMOE.dll 2007-02-22 18:57:51 438784 -----n--- C:\WINDOWS\system32\xpob2res.dll 2007-02-22 18:57:51 50176 -----n--- C:\WINDOWS\system32\xmlprovi.dll 2007-02-22 18:57:51 129536 -----n--- C:\WINDOWS\system32\xmlprov.dll 2007-02-22 18:57:51 173536 --a------ C:\WINDOWS\system32\wuweb.dll 2007-02-22 18:57:51 41240 --a------ C:\WINDOWS\system32\wups.dll 2007-02-22 18:57:51 127256 --a------ C:\WINDOWS\system32\wucltui.dll 2007-02-22 18:57:51 194328 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-02-22 18:57:51 32866 -----n--- C:\WINDOWS\slrundll.exe 2007-02-22 18:50:55 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-02-22 18:40:08 20747 --a------ C:\WINDOWS\system32\drivers\AegisP.sys 2007-02-22 18:40:07 374752 --a------ C:\WINDOWS\system32\WUSBGXP.sys 2007-02-22 18:40:07 339488 --a------ C:\WINDOWS\system32\WUSB20XP.sys 2007-02-22 18:40:07 245376 --a------ C:\WINDOWS\system32\rt2500usb.sys<RT2500~1.SYS> 2007-02-22 18:40:07 94208 --a------ C:\WINDOWS\system32\GTW32N50.dll 2007-02-22 18:40:07 15872 --a------ C:\WINDOWS\system32\GTNDIS5.sys 2007-02-22 18:40:04 17992 --a------ C:\WINDOWS\system32\drivers\bcm42rly.sys 2007-02-22 18:40:04 17992 --a------ C:\WINDOWS\system32\bcm42rly.sys 2007-02-22 18:31:11 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-02-22 18:31:10 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-02-22 18:31:08 52864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys 2007-02-22 18:31:07 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-02-22 18:31:06 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-02-22 18:31:04 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-02-22 18:31:03 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-02-22 18:31:02 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-02-22 18:30:50 7552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys 2007-02-22 18:30:48 4992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys 2007-02-22 18:30:47 5376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys 2007-02-22 18:30:44 4096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-02-22 18:30:43 59264 --a------ C:\WINDOWS\system32\drivers\usbaudio.sys 2007-02-22 18:30:42 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-02-22 18:30:42 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-02-22 18:24:10 2359296 --ah----- C:\Documents and Settings\ourroom\NTUSER.DAT 2007-02-22 18:22:27 229376 --ah----- C:\Documents and Settings\LocalService.NT AUTHORITY\NTUSER.DAT 2007-02-22 18:22:26 229376 --ah----- C:\Documents and Settings\NetworkService.NT AUTHORITY\NTUSER.DAT 2007-02-22 18:16:58 229376 ---h----- C:\Documents and Settings\Default User.WINDOWS\NTUSER.DAT 2007-02-22 18:13:49 24576 --a------ C:\WINDOWS\system32\xpsp1hfm.exe 2007-02-22 18:12:06 112128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-02-22 18:11:10 0 d--hs---- C:\Documents and Settings\All Users.WINDOWS\DRM 2007-02-22 18:09:51 45568 --a------ C:\WINDOWS\system32\safrslv.dll 2007-02-22 18:09:51 29696 --a------ C:\WINDOWS\system32\safrdm.dll 2007-02-22 18:09:51 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-02-22 18:09:51 43520 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-02-22 18:09:51 11264 --a------ C:\WINDOWS\system32\atrace.dll 2007-02-22 18:09:43 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-02-22 18:09:43 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-02-22 18:09:43 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-02-22 18:09:43 64512 --a------ C:\WINDOWS\system32\acctres.dll 2007-02-22 18:09:42 48128 --a------ C:\WINDOWS\system32\inetres.dll 2007-02-22 18:09:41 81920 --a------ C:\WINDOWS\system32\isign32.dll 2007-02-22 18:09:41 274432 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-02-22 18:09:41 65536 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-02-22 18:09:41 73728 --a------ C:\WINDOWS\system32\icwdial.dll 2007-02-22 18:09:41 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-02-22 18:09:38 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-02-22 18:09:38 382464 --a------ C:\WINDOWS\system32\qmgr.dll 2007-02-22 18:09:34 239104 --a------ C:\WINDOWS\system32\srrstr.dll 2007-02-22 18:09:33 170496 --a------ C:\WINDOWS\system32\srsvc.dll 2007-02-22 18:09:33 67584 --a------ C:\WINDOWS\system32\srclient.dll 2007-02-22 18:09:33 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-02-22 18:09:33 105984 --a------ C:\WINDOWS\system32\msoert2.dll 2007-02-22 18:09:33 252928 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-02-22 18:09:33 69632 --a------ C:\WINDOWS\system32\msconf.dll 2007-02-22 18:09:33 34560 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-02-22 18:09:33 81920 --a------ C:\WINDOWS\system32\ils.dll 2007-02-22 18:09:33 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-02-22 18:09:32 190976 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-02-22 18:09:32 12288 --a------ C:\WINDOWS\system32\mstinit.exe 2007-02-22 18:09:32 274944 --a------ C:\WINDOWS\system32\mstask.dll 2007-02-22 18:09:32 679424 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-02-22 18:09:20 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT> 2007-02-22 18:08:12 5632 --a------ C:\WINDOWS\system32\write.exe 2007-02-22 18:08:06 138752 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-02-22 18:08:06 131584 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-02-22 18:08:06 347136 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-02-22 18:08:06 183808 --a------ C:\WINDOWS\system32\accwiz.exe 2007-02-22 18:08:05 35328 --a------ C:\WINDOWS\system32\winchat.exe 2007-02-22 18:08:05 44544 --a------ C:\WINDOWS\system32\hticons.dll 2007-02-22 18:08:05 73216 --a------ C:\WINDOWS\system32\avwav.dll 2007-02-22 18:08:05 227840 --a------ C:\WINDOWS\system32\avtapi.dll 2007-02-22 18:08:05 16384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-02-22 18:07:59 605696 --a------ C:\WINDOWS\system32\getuname.dll 2007-02-22 18:07:59 80384 --a------ C:\WINDOWS\system32\charmap.exe 2007-02-22 18:07:59 114688 --a------ C:\WINDOWS\system32\calc.exe 2007-02-22 18:07:58 119808 --a------ C:\WINDOWS\system32\winmine.exe 2007-02-22 18:07:58 56832 --a------ C:\WINDOWS\system32\sol.exe 2007-02-22 18:07:58 126976 --a------ C:\WINDOWS\system32\mshearts.exe 2007-02-22 18:07:58 55296 --a------ C:\WINDOWS\system32\freecell.exe 2007-02-22 18:07:58 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-02-22 18:07:58 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-02-22 18:07:57 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-02-22 18:07:57 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-02-22 18:07:57 16384 --a------ C:\WINDOWS\system32\tskill.exe 2007-02-22 18:07:57 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-02-22 18:07:57 14848 --a------ C:\WINDOWS\system32\tscon.exe 2007-02-22 18:07:57 14848 --a------ C:\WINDOWS\system32\shadow.exe 2007-02-22 18:07:57 15872 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-02-22 18:07:57 9728 --a------ C:\WINDOWS\system32\reset.exe 2007-02-22 18:07:57 33792 --a------ C:\WINDOWS\system32\regini.exe 2007-02-22 18:07:57 67072 --a------ C:\WINDOWS\system32\rdshost.exe 2007-02-22 18:07:57 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-02-22 18:07:57 22016 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-02-22 18:07:57 20480 --a------ C:\WINDOWS\system32\qprocess.exe 2007-02-22 18:07:57 16896 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-02-22 18:07:57 20992 --a------ C:\WINDOWS\system32\msg.exe 2007-02-22 18:07:57 15360 --a------ C:\WINDOWS\system32\logoff.exe 2007-02-22 18:07:56 11776 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-02-22 18:07:56 91136 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-02-22 18:07:56 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-02-22 18:07:56 956416 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-02-22 18:07:56 58880 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-02-22 18:07:56 6144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-02-22 18:07:56 15872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-02-22 18:07:55 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-02-22 18:07:55 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-02-22 18:07:54 54272 --a------ C:\WINDOWS\system32\stclient.dll 2007-02-22 18:07:54 4096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-02-22 18:07:54 20480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-02-22 18:07:54 540160 --a------ C:\WINDOWS\system32\comuid.dll 2007-02-22 18:07:54 97792 --a------ C:\WINDOWS\system32\comrepl.dll 2007-02-22 18:07:54 25600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-02-22 18:07:54 60416 --a------ C:\WINDOWS\system32\colbact.dll 2007-02-22 18:07:54 110080 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-02-22 18:07:54 85504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-02-22 18:07:54 225792 --a------ C:\WINDOWS\system32\catsrv.dll 2007-02-22 18:07:53 147456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-02-22 18:07:53 498688 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-02-22 18:07:47 56320 --a------ C:\WINDOWS\system32\servdeps.dll 2007-02-22 18:07:47 343040 --a------ C:\WINDOWS\system32\mspaint.exe 2007-02-22 18:07:47 123392 --a------ C:\WINDOWS\system32\mplay32.exe 2007-02-22 18:07:47 17408 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-02-22 18:07:47 185344 --a------ C:\WINDOWS\system32\cmprops.dll 2007-02-22 18:07:46 6656 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-02-22 18:07:46 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-02-22 18:07:46 124184 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-02-22 18:07:46 538624 --a------ C:\WINDOWS\system32\spider.exe 2007-02-22 18:07:46 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-02-22 18:07:46 102912 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-02-22 18:07:45 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-02-22 18:07:45 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-02-22 18:07:45 295424 --a------ C:\WINDOWS\system32\termsrv.dll 2007-02-22 18:07:45 140800 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-02-22 18:07:45 60416 --a------ C:\WINDOWS\system32\remotepg.dll 2007-02-22 18:07:45 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-02-22 18:07:45 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-02-22 18:07:45 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-02-22 18:07:45 147968 --a------ C:\WINDOWS\system32\rdchost.dll 2007-02-22 18:07:45 655360 --a------ C:\WINDOWS\system32\mstscax.dll 2007-02-22 18:07:45 407552 --a------ C:\WINDOWS\system32\mstsc.exe 2007-02-22 18:07:44 62464 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-02-22 18:07:44 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-02-22 18:07:44 11264 --a------ C:\WINDOWS\system32\icaapi.dll 2007-02-22 18:07:44 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-02-22 18:07:44 625152 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-02-22 18:07:43 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-02-22 18:07:41 58880 --a------ C:\WINDOWS\system32\licwmi.dll 2007-02-22 18:07:36 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-02-22 18:07:36 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-02-22 13:37:34 0 d-------- C:\068f143c3f22844b0d1240e523037b<068F14~1> 2007-02-22 11:53:45 0 d-------- C:\Program Files\s?stem 2007-02-22 11:52:16 0 d-------- C:\ffd38e13e662ce6d2c83768d99e805fd<FFD38E~1> 2007-02-22 11:34:49 0 d-------- C:\Program Files\Registry Mechanic<REGIST~1> 2007-02-22 11:26:13 21504 --a------ C:\WINDOWS\system32\hidserv.dll 2007-02-22 11:25:56 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-02-22 11:25:22 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-02-22 11:25:04 6400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys 2007-02-22 11:24:52 5504 --a------ C:\WINDOWS\system32\drivers\intelide.sys 2007-02-22 11:24:36 74240 --a------ C:\WINDOWS\system32\usbui.dll 2007-02-22 11:22:54 0 d-------- C:\Documents and Settings\LocalService\Application Data\NetMon 2007-02-22 11:19:51 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-02-22 11:19:51 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-02-22 11:19:51 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-02-22 11:19:50 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-02-22 11:19:49 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-02-22 11:19:48 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-02-22 11:19:48 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-02-22 11:19:48 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-02-22 11:19:48 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-02-22 11:19:48 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-02-22 11:19:48 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-02-22 11:19:48 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-02-22 11:19:46 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-02-22 11:19:46 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-02-22 11:19:46 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-02-22 11:19:46 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-02-22 11:19:46 6144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll 2007-02-22 11:19:45 5632 -ra------ C:\WINDOWS\system32\kbdro.dll 2007-02-22 11:19:45 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll 2007-02-22 11:19:45 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll 2007-02-22 11:19:45 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll 2007-02-22 11:19:45 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL 2007-02-22 11:19:42 13312 --a------ C:\WINDOWS\system32\irclass.dll 2007-02-22 11:19:42 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-02-22 11:19:42 85020 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-02-22 11:19:42 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-02-22 11:19:41 24661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-02-22 11:19:41 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-02-22 11:19:41 9008 --a------ C:\WINDOWS\system\VER.DLL 2007-02-22 11:19:41 19200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-02-22 11:19:41 5120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-02-22 11:19:41 24064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-02-22 11:19:41 82944 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-02-22 11:19:40 15360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-02-22 11:19:40 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-02-22 11:19:40 68768 --a------ C:\WINDOWS\system\mmsystem.dll 2007-02-22 11:19:40 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-02-22 11:19:40 32816 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-02-22 11:19:40 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-02-22 11:19:40 69584 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-02-22 11:19:39 8704 --a------ C:\WINDOWS\system32\batt.dll 2007-02-22 11:19:39 69120 --a------ C:\WINDOWS\notepad.exe 2007-02-22 11:19:38 74752 --a------ C:\WINDOWS\system32\storprop.dll 2007-02-22 11:19:27 0 dr------- C:\Documents and Settings\All Users.WINDOWS\Documents<DOCUME~1> 2007-02-22 11:14:21 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Systweak 2007-02-21 21:24:14 0 d-------- C:\8f2399186ff3a900dfb1da8dc820210d<8F2399~1> 2007-02-21 16:33:27 0 d-------- C:\7df1ac5d04c72c2a7d4291a91491<7DF1AC~1> 2007-02-21 12:48:00 0 d-------- C:\Program Files\Common Files\PC Tools<PCTOOL~1> 2007-02-21 08:18:39 0 d-------- C:\WINDOWS\Sytem32 2007-02-20 19:21:36 0 d-------- C:\Program Files\Lavasoft 2007-02-20 18:12:09 0 d-------- C:\Program Files\DiskTrix 2007-02-20 10:32:55 0 d-------- C:\Program Files\Kaspersky Lab<KASPER~1> 2007-02-20 10:32:52 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab<KASPER~1> 2007-02-20 10:30:35 0 d-------- C:\KAV 2007-02-19 21:27:57 0 d-------- C:\Documents and Settings\All Users\Application Data\McAfee 2007-02-19 18:34:36 0 d-------- C:\Documents and Settings\All Users\Application Data\Avg7 2007-02-19 17:14:57 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Uniblue 2007-02-19 13:38:51 0 d-------- C:\Documents and Settings\All Users\Application Data\fssg 2007-02-19 13:37:51 0 d-------- C:\Program Files\F-Secure 2007-02-19 13:09:53 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\GlarySoft<GLARYS~1> 2007-02-19 13:05:13 0 d-------- C:\Program Files\Glary Utilities<GLARYU~1> 2007-02-19 12:26:19 670 --a------ C:\ICSdata.dat 2007-02-19 12:26:03 0 d-------- C:\Program Files\InfoClock Screensaver<INFOCL~1> 2007-02-19 12:26:03 0 d-------- C:\DESfiles 2007-02-17 16:47:55 0 d-------- C:\WINDOWS\ie7updates<IE7UPD~1> 2007-02-17 10:14:09 0 d-------- C:\Program Files\Torrent101<TORREN~1> 2007-02-12 11:36:25 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Azureus 2007-02-12 10:24:07 0 d-------- C:\WINDOWS\vbSkinner<VBSKIN~1> 2007-02-12 09:34:53 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\uTorrent 2007-02-12 09:34:49 0 d-------- C:\Program Files\uTorrent 2007-02-06 12:57:56 0 d-------- C:\Program Files\iPod 2007-02-06 12:57:44 0 d-------- C:\Program Files\iTunes 2007-02-03 11:44:48 0 d-------- C:\Program Files\Reallusion<REALLU~1> 2007-02-02 22:49:44 5767168 --a------ C:\Documents and Settings\Dennetts Hardware\ntuser.dat 2007-02-01 18:57:50 0 d-------- C:\Program Files\SmartFTP Client 2.0 Setup Files<SMARTF~1.0SE> 2007-02-01 16:51:09 0 d-------- C:\Program Files\SuperCleaner<SUPERC~1> 2007-01-31 22:05:08 47360 --a------ C:\Documents and Settings\Dennetts Hardware\Application Data\pcouffin.sys 2007-01-31 22:05:08 87608 --a------ C:\Documents and Settings\Dennetts Hardware\Application Data\ezpinst.exe 2007-01-31 22:05:07 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Vso 2007-01-31 22:05:04 0 d-------- C:\Program Files\DVDFab Platinum 3<DVDFAB~1> 2007-01-31 21:34:48 0 d-------- C:\WINDOWS\WBEM 2007-01-31 21:34:46 0 d-------- C:\WINDOWS\system32\en-US 2007-01-31 21:33:08 0 d--h---c- C:\WINDOWS\ie7 2007-01-31 21:30:17 0 d-------- C:\WINDOWS\network diagnostic<NETWOR~1> 2007-01-31 20:19:14 0 d-------- C:\Program Files\FLVPlayer<FLVPLA~1> 2007-01-31 17:31:34 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero 2007-01-31 16:11:21 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\BitTorrent<BITTOR~1> 2007-01-31 15:27:31 0 d-------- C:\Program Files\Common Files\Creative 2007-01-31 15:20:03 0 d-------- C:\WINDOWS\system32\Data 2007-01-31 14:56:00 0 d-------- C:\Program Files\Dell Computer<DELLCO~1> 2007-01-31 14:55:42 0 d-------- C:\Program Files\PianoFX 2007-01-31 14:55:06 0 d-------- C:\Program Files\Common Files\Sonic 2007-01-31 14:54:48 0 d-------- C:\WINDOWS\system32\dla 2007-01-31 14:52:00 0 d-------- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion<YAHOO!~1> 2007-01-31 14:51:59 0 d-------- C:\Documents and Settings\All Users\Application Data\yahoo! 2007-01-31 14:51:52 0 d-------- C:\Program Files\Microsoft Money<MICROS~3> 2007-01-31 1305 0 d-------- C:\Program Files\SmartFTP Client 2.0<SMARTF~1.0> 2007-01-31 11:59:16 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Ahead 2007-01-31 11:57:04 0 d-------- C:\Program Files\Nero 2007-01-31 11:57:03 0 d-------- C:\Program Files\Common Files\Ahead 2007-01-31 09:44:22 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems<ADOBES~1> 2007-01-31 09:32:27 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Smart Recorder<SMARTR~1> 2007-01-30 20:15:24 0 d--h----- C:\Program Files\Creative Installation Information<CREATI~1> 2007-01-30 20:11:43 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\Creative 2007-01-30 19:54:52 0 d-------- C:\Program Files\Creative 2007-01-29 23:09:14 23196 --a------ C:\WINDOWS\system32\drivers\klop.dat 2007-01-29 23:04:00 200768 --a------ C:\WINDOWS\system32\klogon.dll 2007-01-29 20:05:25 0 d-------- C:\WINDOWS\system32\NtmsData 2007-01-29 17:35:33 0 d-------- C:\WINDOWS\Profiles 2007-01-29 17:35:31 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\InterTrust<INTERT~1> 2007-01-29 17:33:51 0 d-------- C:\WINDOWS\system32\hauppauge<HAUPPA~1> 2007-01-29 17:33:38 0 d-------- C:\MyVideos 2007-01-29 17:33:25 0 d-------- C:\Program Files\WinTV 2007-01-29 17:15:27 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles<NVIEW_~1> 2007-01-29 17:09:01 0 d-------- C:\WINDOWS\nview 2007-01-29 13:19:54 0 d-------- C:\Documents and Settings\All Users\Application Data\InstallShield<INSTAL~1> 2007-01-29 13:18:05 0 d-------- C:\Program Files\Ulead Systems<ULEADS~1> 2007-01-29 12:38:41 0 d-------- C:\Documents and Settings\Dennetts Hardware\Application Data\WinRAR 2007-01-29 08:49:13 245376 --a------ C:\WINDOWS\system32\drivers\rt2500usb.sys<RT2500~1.SYS> 2007-01-29 08:48:47 0 d-------- C:\Program Files\Linksys Wireless-G USB Wireless Network Monitor<LINKSY~1> 2007-01-29 02:58:06 60416 -----n--- C:\WINDOWS\system32\tzchange.exe -- Find3M Report ---------------------------------------------------------------- 2007-02-26 1351 0 d-------- C:\Program Files\Mozilla Firefox<MOZILL~1> 2007-02-25 18:29:07 0 d-------- C:\Program Files\Common Files\Real 2007-02-25 18:28:32 0 d-------- C:\Program Files\Real 2007-02-25 18:19:09 0 d-------- C:\Program Files\DivX 2007-02-25 18:05:07 139 --a------ C:\AUTOEXEC.BAT 2007-02-24 06:21:40 0 d-------- C:\Program Files\Grisoft 2007-02-23 11:40:53 0 d---s---- C:\Documents and Settings\ourroom\Application Data\Microsoft<MICROS~1> 2007-02-23 05:37:26 0 d-------- C:\Program Files\Attitude POSitive<ATTITU~1> 2007-02-23 05:26:11 0 d-------- C:\Program Files\Java 2007-02-22 20:35:09 0 d--h----- C:\Program Files\InstallShield Installation Information<INSTAL~1> 2007-02-22 19:53:43 0 d-------- C:\Documents and Settings\ourroom\Application Data\Macromedia<MACROM~1> 2007-02-22 19:50:46 0 d-------- C:\Program Files\Macromedia<MACROM~1> 2007-02-22 19:50:46 0 d-------- C:\Program Files\Common Files\Macromedia<MACROM~1> 2007-02-22 19:10:27 0 d-------- C:\Documents and Settings\ourroom\Application Data\Mozilla 2007-02-22 18:55:36 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1> 2007-02-22 18:55:23 0 d-------- C:\Program Files\Windows NT<WINDOW~1> 2007-02-22 18:24:25 0 d-------- C:\Documents and Settings\ourroom\Application Data\Identities<IDENTI~1> 2007-02-22 11:19:27 62 --ahs---- C:\Documents and Settings\ourroom\Application Data\desktop.ini 2007-02-21 14:47:20 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3> 2007-02-20 19:45:24 0 d-------- C:\Program Files\Microsoft ActiveSync<MI3AA1~1> 2007-02-20 19:44:31 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard<WISEIN~1> 2007-02-20 18:10:58 0 d-------- C:\Program Files\UI 2007-02-20 18:10:58 0 d-------- C:\Program Files\scripts 2007-02-20 18:10:58 0 d-------- C:\Program Files\plugins 2007-02-20 18:10:56 0 d-------- C:\Program Files\Replay7 2007-02-20 18:05:12 0 d-------- C:\Program Files\Data 2007-02-20 18:05:11 0 d-------- C:\Program Files\MainRetail3<MAINRE~1> 2007-02-16 06:46:51 0 d-------- C:\Program Files\QuickTime<QUICKT~1> 2007-02-16 06:46:13 0 d-------- C:\Program Files\Apple Software Update<APPLES~1> 2007-02-01 16:11:38 0 d-------- C:\Program Files\MUSICMATCH<MUSICM~1> 2007-02-01 12:14:31 0 d-------- C:\Program Files\LimeWire 2007-01-31 14:03:34 0 d-------- C:\Program Files\Yahoo! 2007-01-30 11:51:16 0 d-------- C:\Program Files\Jasc Software Inc<JASCSO~1> 2007-01-30 11:48:25 0 d-------- C:\Program Files\Hewlett-Packard<HEWLET~1> 2007-01-30 11:45:48 0 d-------- C:\Program Files\Amor SWF to Video Converter<AMORSW~1> 2007-01-29 17:35:31 0 d-------- C:\Program Files\Common Files\Adobe 2007-01-29 13:18:20 0 d-------- C:\Program Files\Common Files\Ulead Systems<ULEADS~1> 2007-01-17 11:02:19 0 d-------- C:\Program Files\Windows Media Connect 2<WI4DF6~1> 2007-01-12 10:44:01 0 d-------- C:\Program Files\Luxor Mahjong<LUXORM~1> 2006-12-19 15:52:18 134656 --a------ C:\WINDOWS\system32\shsvcs.dll 2006-12-19 12:16:47 333824 --a------ C:\WINDOWS\system32\wiaservc.dll 2006-11-27 08:54:06 433152 --a------ C:\WINDOWS\system32\riched20.dll 2006-11-27 08:54:06 539136 --a------ C:\WINDOWS\system32\msftedit.dll -- Registry Dump ---------------------------------------------------------------- [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background" "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\"" "SetDefaultMIDI"="MIDIDef.exe" "Creative MediaSource Go"="\"C:\\Program Files\\Creative\\MediaSource5\\Go\\CTCMSGoU.exe\" /SCB" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_11\\bin\\jusched.exe\"" "AVP"="\"C:\\Program Files\\Kaspersky Lab\\Kaspersky Anti-Virus 6.0\\avp.exe\"" "!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized" "DAEMON Tools-1033"="\"C:\\Program Files\\D-Tools\\daemon.exe\" -lang 1033" "NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe" "RCSystem"="\"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" RCSystem * -Startup" "AudioDrvEmulator"="\"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\DLLML.exe\" -1 AudioDrvEmulator \"C:\\Program Files\\Creative\\Shared Files\\Module Loader\\Audio Emulator\\AudDrvEm.dll\"" "CTSysVol"="C:\\Program Files\\Creative\\SBLive 24-Bit External\\Surround Mixer\\CTSysVol.exe /r" "SbUsb AudCtrl"="RunDll32 sbusbdll.dll,RCMonitor" "UpdReg"="C:\\WINDOWS\\UpdReg.EXE" "LaunchList"="C:\\Program Files\\Pinnacle\\Studio 10\\LaunchList.exe" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks] "{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload] "WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system] "DisableRegistryTools"=dword:00000000 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] "SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll" [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0 -- End of ComboScan: finished at 2007-02-27 at 06:56:22 -------------------------

02-27-2007, 09:22 AM	#26 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,237 OS: 2000 Pro; XP Pro; XP Home	Hmmm, did you tick the Supplementary Log box, and all boxes below it? If so, Supplementary.txt should have been produced, and opened minimized. If you didn't, we can do it this way, it will be very quick: Click the Windows 'Start' button > Select 'Run' - then copy/paste this into the run box & click OK "%userprofile%\desktop\comboscan.exe" /config *Untick ComboScan Log* Next... Tick Supplementary Log, and then under that, tick Add/Remove Click Scan! When finished, it shall produce a log for you, Supplementary.txt (it will be minimized). Post that log in your next reply. This folder needs to go: 2007-02-22 11:53:45 0 d-------- C:\Program Files\s?stem It's quite possibly empty, another one of the Purity Scan folders which emulate legit looking folders. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009

02-27-2007, 05:50 PM	#28 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,237 OS: 2000 Pro; XP Pro; XP Home	Uninstall the following via the Add/Remove Panel (Start->(Settings)->Control Panel->Add/Remove Programs) if they exist: J2SE Runtime Environment 5.0 Update 9 It's an outdated version, and a security risk simply by having it installed on the machine still. Leave Update 11, as it is the latest update for Version 5. --------------------------------------------------------------------------------------------- Well done. Your logs are clean. Any more issues? If not you should be good to go. We still have a few items to address. Reset hidden/system files and folders Click Start. Open My Computer. Select the Tools menu and click Folder Options. Select the View tab. Deselect the Show hidden files and folders option. Select the Hide file extensions for known types option. Select the Hide protected operating system files option. Click Yes to confirm. Click OK. Create a new System Restore point click Start >> Run - type SYSDM.CPL & press Enter select the System Restore Tab tick on the checkbox - "Turn off System Restore on all drives" click Apply then untick the same checkbox & click OK Enable Windows Auto Update Go to Start>Run - type wuaucpl.cpl tick on the checkbox - "Automatically download the updates, and install them on the schedule that I specify". Click on "OK". Now that you are clean, to help protect your computer in the future I recommend that you get the following free programs: SpywareBlaster to help prevent spyware from installing in the first place. Install & update SpywareBlaster with the latest definitions. After you have updated, click the button - enable protection for all unprotected items SpywareGuard to catch and block spyware before it can execute. SPYBOT - SEARCH & DESTROY Download and install Spybot - Search & Destroy with its TeaTimer option. This will provide realtime spyware & hijacker protection on your computer alongside your virus protection. You should also scan your computer with the program on a regular basis just as you would an antivirus software. A tutorial on installing & using this product can be found here AD-AWARE Download and install Ad-Aware. You should use this program to scan your computer on a regular basis just as you would an antivirus software in conjunction with Spybot. A tutorial on installing & using this product can be found here IE-SPYAD - IE/Spyad places more than 4000 dubious websites and domains in the IE Restricted list. This severely impair attempts to infect your system. It basically prevents any downloads (Cookies etc) from the sites listed, although you will still be able to connect to the sites. Download IE-SpyAD - Extract the contents to a new folder From within the folder, double-click install.bat Select Option #2 - Install the new IE-SPYAD list. Then return to the main menu. Select option #4 - Add the old porn sites domain MVPS HOST FILE The MVPS Hosts file replaces your current HOSTS file with one that will restrict known ad sites form serving you unsolicited advertisements. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is the IP of your local computer. Download Host.zip to your desktop. From your Desktop right-click (hosts.zip) and select: Extract All from the menu. Click Next, click Next, select the option: "Show Extracted files", click Finish This will open the newly created hosts folder on your Desktop. Double-click on the included mvps.bat file, this will rename the existing HOSTS file to HOSTS.MVP, then it will copy the included updated HOSTS file to the correct location on your machine. ANTIVIRUS SOFTWARE It is very important that you have anti-virus software running on your machine. This alone can save you a lot of trouble with malware in the future. Here are a few very good free Antivirus products which are available: AOL Active Virus Shield (powered by Kaspersky Antivirus) Avast! AVG Avira PersonalEdition Classic Select one of these, or another of your choice. Do not install more than one antivirus program because they will conflict with each other. It is imperative that you update your antivirus software at least once a week (even more if you wish). If you do not update your antivirus software then it will not be able to catch new malware that may have come out. See this link for a listing of some online antivirus scanners: Anti-Spyware Tutorial FIREWALL If you do not have a firewall, here are a couple of great free ones available for personal use. Using a third-party firewall will allow you to give/deny access for applications that want to go online. Select one of these, or another of your choice: Do not install more than one firewall program because they will conflict with each other. Comodo Personal Firewall ZoneAlarm In light of your recent troubles, I'm sure you'll like to avoid any future infections. Please take a look at these well written articles HOW DID I GET INFECTED IN THE FIRST PLACE? THE ANTI-SPYWARE TUTORIAL MAKING INTERNET EXPLORER SAFER If you want to fight back the Malware Writers that have made your life a misery, please take a look here and read what you can do against it. Please respond to this thread one more time so we can mark this thread as resolved. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009

02-26-2007, 04:15 PM	#21 (permalink)
neonknightmare Registered User Join Date: Feb 2007 Posts: 16 OS: xp	grrrr!! I started the scan and then left for work. When I came back, it was only about a quarter done, and I had the popup that asked if I wanted to cure it.(I clicked yes to all.) So, it will be awhile yet before it is done. I had hoped to have it done when I got home. It has found a couple of things though. Hmmmm, it thinks smitRem is a virus? I did find the extra empty adobe folder and deleted it. btw, what used to be D drive is now G drive. I installed my external DVD RW.

02-26-2007, 06:18 PM	#23 (permalink)
neonknightmare Registered User Join Date: Feb 2007 Posts: 16 OS: xp	No need to apologize to me!! You have been a savior. I have just been a little frustrated because I have so much work to do, and having just reinstalled windows, I have a million things to do before I can even get started. But cleaning my system has to come first. You have been extremely prompt and I have sang the praises of this forum to many. OK, here are my scan results. db2.mdb;G:\My Documents;Probably Virus;Moved.; Process.exe;C:\Documents and Settings\Dennetts Hardware\Desktop\smitRem;Tool.Prockill;Moved.; htfyykee.dll;C:\Documents and Settings\Dennetts Hardware\Local Settings\Temp;Trojan.Virtumod;Deleted.; pbjqkctm.dll;C:\Documents and Settings\Dennetts Hardware\Local Settings\Temp;Trojan.Virtumod;Deleted.; Process.exe;C:\SDFix\apps;Tool.Prockill;Moved.; A0008204.dll;C:\System Volume Information\_restore{13A726FF-B9C1-48F9-9B4A-D960FD62303B}\RP39;Trojan.Virtumod;Deleted.; A0008205.dll;C:\System Volume Information\_restore{13A726FF-B9C1-48F9-9B4A-D960FD62303B}\RP39;Trojan.Virtumod;Deleted.;

02-27-2007, 04:20 PM	#27 (permalink)
neonknightmare Registered User Join Date: Feb 2007 Posts: 16 OS: xp	ComboScan v20070221.16 run by ourroom on 2007-02-27 at 17:17:09 Supplementary logfile - please post this as an attachment with your post. -------------------------------------------------------------------------------- -- Add/Remove Programs ---------------------------------------------------------- --> "C:\Program Files\Creative Installation Information\CREATIVE_MEDIASOURCE_U\Setup.exe" /remove /l0x0009 --> "C:\Program Files\Creative Installation Information\CTCMSGO\Setup.exe" /remove /l0x0009 --> "C:\Program Files\Creative Installation Information\E-CENTER_NET_CONTENT_U\Setup.exe" /remove /l0x0009 --> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_CDBURNER_U\Setup.exe" /remove /l0x0009 --> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_MINIDISC_U\Setup.exe" /remove /l0x0009 --> "C:\Program Files\Creative Installation Information\E-CENTER_PLUGIN_ONLINESTORE_U\Setup.exe" /remove /l0x0009 --> "C:\Program Files\Creative Installation Information\MEDIASOURCE_PLAYER_SKINPACK_U\Setup.exe" /remove /l0x0009 --> "C:\Program Files\Creative\SBLive 24-Bit External\Program\CTZAPXX.exe" SBUSB.INI /S /U /W --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 --> C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL --> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL --> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL --> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL --> C:\WINDOWS\UNNeroVision.exe /UNINSTALL --> C:\WINDOWS\UNRecode.exe /UNINSTALL --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1EF644C7-1A0D-4B94-9AF5-AD04702094A4}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2670895A-4E6C-4450-B868-7B7DB80A3357}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{32B4B536-4443-42F0-9676-98373BE9114F}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{52338F65-A1C3-4CDC-B733-50051682B297}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{73919E2B-725C-4FAA-8473-45E063A3575F}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{84F573D3-0F71-4768-978A-D35310E3FBA6}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9194237B-7B58-40B4-A739-184AD59531A2}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BD6928A2-9F8F-4AA7-9A3A-FD4A271712EE}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C64409FA-42A7-49C6-837A-D2E5D813BD57}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CEC86016-B796-4348-B93B-36C5EDEB85E1}\setup.exe" -l0x9 /remove --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{DE4A4C48-2232-4CCB-AD61-490ACD29BA85}\setup.exe" -l0x9 /remove --> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf Ad-Aware SE Personal --> MsiExec.exe /X{78CC3BAB-DE2A-4FB4-8FBB-E4DADDC26747} Adobe Acrobat 5.0 --> C:\WINDOWS\ISUNINST.EXE -f"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.isu" -c"C:\Program Files\Common Files\Adobe\Acrobat 5.0\NT\Uninst.dll" Adobe Audition 2.0 --> msiexec /I {01CEC7E5-70FD-4D06-8FAD-BF21DF0CC6DC} Adobe Bridge 1.0 --> MsiExec.exe /I{B74D4E10-6884-0000-0000-000000000103} Adobe Common File Installer --> MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102} Adobe Help Center 2.0 --> MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903} Adobe Photoshop CS2 --> msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D} Adobe Premiere Pro 2.0 --> msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E} Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001} Adobe Stock Photos 1.0 --> MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110} AVG Anti-Spyware 7.5 --> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\Uninstall.exe Azureus --> C:\Program Files\Azureus\Uninstall.exe Creative MediaSource 5 --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}\SETUP.EXE" -l0x9 /remove Creative Software AutoUpdate --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\SETUP.EXE" -l0x9 /remove Creative System Information --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{63A317D0-60A6-43FC-848A-9FE4A53B29CE}\setup.exe" -l0x9 /remove DAEMON Tools --> MsiExec.exe /I{3DED3A72-61A8-4B87-98A5-EF0BC8038AA0} Hauppauge English Help Files and Resources --> C:\PROGRA~1\WinTV\UNHLPeng.EXE C:\PROGRA~1\WinTV\WTV2Keng.LOG Hauppauge WinTV Infrared Remote --> C:\PROGRA~1\WinTV\UNir32.EXE C:\PROGRA~1\WinTV\ir32.LOG Hauppauge WinTV IR Blaster --> C:\PROGRA~1\WinTV\UNirblst.EXE C:\PROGRA~1\WinTV\IRblast.LOG Hauppauge WinTV Scheduler --> C:\PROGRA~1\WinTV\SCHEDU~1\UniSched.EXE C:\PROGRA~1\WinTV\SCHEDU~1\INSTALL.LOG Hauppauge WinTV Soft PVR --> C:\PROGRA~1\WinTV\UNSftPVR.EXE C:\PROGRA~1\WinTV\softpvr.LOG Hauppauge WinTV Source Selector --> C:\PROGRA~1\WinTV\UNtvsel.EXE C:\PROGRA~1\WinTV\WINTVsel.LOG Hauppauge WinTV2000 --> C:\PROGRA~1\WinTV\UNTV32.EXE C:\PROGRA~1\WinTV\WINTV2K.LOG HijackThis 1.99.1 --> C:\Documents and Settings\ourroom\Desktop\hijackthis\HijackThis.exe /uninstall InfoClock Screensaver 1.6.7 --> "C:\Program Files\InfoClock Screensaver\unins000.exe" J2SE Runtime Environment 5.0 Update 11 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150110} J2SE Runtime Environment 5.0 Update 9 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150090} Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920} Kaspersky Anti-Virus 6.0 --> MsiExec.exe /I{75193929-9A52-4CA4-98DE-8C7296940920} LimeWire PRO 4.13.0 --> "C:\Program Files\LimeWire\uninstall.exe" Linksys Wireless-G USB Network Adapter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{C7EEF2B9-8C16-4A04-B98D-B1A952A47E55}\setup.exe" -l0x9 Macromedia Dreamweaver 8 --> MsiExec.exe /I{0837A661-FEC3-48B3-876C-91E7D32048A9} Macromedia Extension Manager --> MsiExec.exe /I{5546CDB5-2CE2-498B-B059-5B3BF81FC41F} Macromedia Flash 8 --> MsiExec.exe /I{2BD5C305-1B27-4D41-B690-7A61172D2FEB} Macromedia Flash 8 Video Encoder --> MsiExec.exe /X{8BF2C401-02CE-424D-BC26-6C4F9FB446B6} Macromedia Flash Player 8 --> MsiExec.exe /X{885A63EA-382B-4DD4-A755-14809B8557D6} Macromedia Flash Player 8 Plugin --> MsiExec.exe /X{91057632-CA70-413C-B628-2D3CDBBB906B} Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Mozilla Firefox (2.0) --> C:\Program Files\Mozilla Firefox\uninstall\uninst.exe Mozilla Firefox (2.0.0.2) --> C:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe Nero 7 Ultra Edition --> MsiExec.exe /I{4908C75E-E5E2-43F7-B1DF-023CBA831033} Online Manuals for WinTV (English) --> C:\PROGRA~1\WinTV\UNTVmans.exe C:\PROGRA~1\WinTV\WinTVMan.LOG RealPlayer --> C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks\|RealPlayer\|6.0 SmartFTP Client 2.0 (remove only) --> "C:\Program Files\SmartFTP Client 2.0\uninst-sftp.exe" Sound Blaster Live! 24-Bit External --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1C95A91-ED29-4806-9EDE-6A8D5C09DBB1}\SETUP.EXE" -l0x9 /remove Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" WinRAR archiver --> C:\Program Files\WinRAR\uninstall.exe -- End of ComboScan: finished at 2007-02-27 at 17:17:10 -------------------------

02-27-2007, 05:54 PM	#29 (permalink)
neonknightmare Registered User Join Date: Feb 2007 Posts: 16 OS: xp	Gotit, and thanks again. I can't right now, but after the first of the month, I will definately give you guys a contribution.

02-27-2007, 07:40 PM	#30 (permalink)
tetonbob Manager, Security Center, TSF Academy; Analyst, Security Team Join Date: Jan 2005 Location: Transylvania County, North Carolina, USA Posts: 35,237 OS: 2000 Pro; XP Pro; XP Home	Happy Computing, and Safe Surfing to you. Keep your guard up, the WWW is a wild woolly world these days. __________________ Practice Safe Surfing PC Safety and Security--What Do I Need? Because what you don't know, CAN hurt you. Proud Member of ASAP since 2005 Proud Member of UNITE since 2006 Microsoft MVP - Consumer Security 2009