Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Inactive Malware Help Topics

User Tag List

slow laptop and internet speed?

This is a discussion on slow laptop and internet speed? within the Inactive Malware Help Topics forums, part of the Tech Support Forum category. my laptop's cpu usage's been kinda high lately.. nothing is running in my background. also, over the past few weeks,


 
 
Thread Tools Search this Thread
Old 04-22-2008, 11:05 PM   #1
Registered Member
 
Join Date: Nov 2007
Posts: 31
OS: Vista SP2



my laptop's cpu usage's been kinda high lately.. nothing is running in my background. also, over the past few weeks, my internet speeds been very sluggish.. i dont know if its my isp or is it just me..
i ran spybot and it removed afew spyware cookies.. thats it.. i also ran comodo firewall's scanner but came out clean..
i ran dss.exe and got this log :
i deleted extra.txt by accident :( i re-ran dss but extra.txt didnt come up..

Quote:
Deckard's System Scanner v20071014.68
Run by Xaero on 2008-04-23 13:50:46
Computer is in Normal Mode.
--------------------------------------------------------------------------------



-- HijackThis (run as Xaero.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:50:49 PM, on 4/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\PROGRA~1\CACHEM~1\CachemanXP.exe
C:\Program Files\COMODO\Firewall\cmdagent.exe
C:\Program Files\Hotspot Shield\bin\openvpnas.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\winKeyLock\winKeyLock.exe
C:\Program Files\Launchy\Launchy.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\WINDOWS\system32\LVCOMSX.EXE
C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
C:\Program Files\COMODO\Firewall\cfp.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe
C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\WINDOWS\XPize\XPizeSettings.exe
C:\Documents and Settings\Xaero\Local Settings\Application Data\HumanizedEnso\Enso.exe
C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\InstantEyedropper\InstantEyedropper.exe
C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
C:\Program Files\Styler\Styler.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\DOCUME~1\Xaero\LOCALS~1\Temp\RtkBtMnt.exe
C:\Program Files\Vidalia Bundle\Tor\tor.exe
C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Xaero's Folder\Appz & Games\Transparent Icon\TransDtopIco.exe
C:\WINDOWS\notepad.exe
C:\Documents and Settings\Xaero\Desktop\dss.exe
C:\DOCUME~1\Xaero\Desktop\Xaero.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = https://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = https://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = https://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=fol.singnet.com.sg:8080
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Xaero's Folder\Appz & Games\IDM Portable\IDMIECC.dll
O2 - BHO: SnagIt Toolbar Loader - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AzMixerSel] C:\Program Files\Realtek\InstallShield\AzMixerSel.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
O4 - HKLM\..\Run: [Boot] C:\Acer\Empowering Technology\ePower\Boot.exe
O4 - HKLM\..\Run: [Acer ePresentation HPD] C:\Acer\Empowering Technology\ePresentation\ePresentation.exe
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\COMODO\Firewall\cfp.exe" -h
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"
O4 - HKCU\..\Run: [TaskSwitchXP] C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [XPizeSettings] "C:\WINDOWS\XPize\XPizeSettings.exe"
O4 - HKCU\..\Run: [HumanizedEnso] C:\Documents and Settings\Xaero\Local Settings\Application Data\HumanizedEnso\Enso.exe --disable-monologue-boxes
O4 - HKCU\..\Run: [Vidalia] "C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [instanteyedropper] "C:\Program Files\InstantEyedropper\InstantEyedropper.exe"
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: Styler.lnk = ?
O4 - Startup: Yahoo! Widgets.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe
O4 - Global Startup: Acer Empowering Technology.lnk = ?
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Launchy.lnk = C:\Program Files\Launchy\Launchy.exe
O4 - Global Startup: Privoxy.lnk = C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm
O8 - Extra context menu item: Download All Links with IDM - C:\Xaero's Folder\Appz & Games\IDM Portable\IEGetAll.htm
O8 - Extra context menu item: Download FLV video content with IDM - C:\Xaero's Folder\Appz & Games\IDM.5.12.Build.6.Portable\IEGetVL.htm
O8 - Extra context menu item: Download with IDM - C:\Xaero's Folder\Appz & Games\IDM Portable\IEExt.htm
O8 - Extra context menu item: Send to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {00001025-A15C-11D4-97A4-0050BF0FBE67} (NetmarbleStarter25 Class) - https://download.netmarble.com/web/nm...MStarter25.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {518059C9-3257-4B29-88EE-102E02DE5F25} (NetmarbleDownloaderCtrl Class) - https://download.netmarble.com/web/NM...Downloader.cab
O16 - DPF: {6FC19219-C47E-4880-9A79-D218A1C374F9} (NMJTransX Control) - https://www.netmarble.jp/_common/cab/NMJTransX.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} (Kdfense8 Control) - https://download.netmarble.com/kdefence/kdfense8237.cab
O16 - DPF: {DB962ED5-C4A1-4B50-8CEB-D6F9CD70A6F8} (Netmarble GameCheck Class) - https://download.netmarble.com/web/NM...MGameCheck.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\guard32.dll
O23 - Service: Memory Check Service (AcerMemUsageCheckService) - Acer Inc. - C:\Acer\Empowering Technology\ePerformance\MemCheck.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: CachemanXP (CachemanXPService) - Outertech - C:\PROGRA~1\CACHEM~1\CachemanXP.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - C:\Program Files\COMODO\Firewall\cmdagent.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Hotspot Shield Service (HotspotShieldService) - Unknown owner - C:\Program Files\Hotspot Shield\bin\openvpnas.exe
O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

--
End of file - 12292 bytes

-- Files created between 2008-03-23 and 2008-04-23 -----------------------------

2008-04-23 13:48:56 0 dr-h----- C:\Documents and Settings\Xaero\Recent
2008-04-23 13:40:18 0 d-------- C:\WINDOWS\Prefetch
2008-04-22 18:08:24 0 d-------- C:\Program Files\InstantEyedropper
2008-04-21 18:13:42 0 d-------- C:\Program Files\Common Files\SWF Studio
2008-04-21 18:13:38 0 d-------- C:\Program Files\Riva
2008-04-21 15:54:32 61440 --a------ C:\WINDOWS\system32\kdfmod.dll <Not Verified; Kings Information & Network; Kings Information & Network - KDFMOD>
2008-04-21 15:54:32 159744 --a------ C:\WINDOWS\system32\kdfmgr.exe <Not Verified; Kings Information & Network; k-Defense Manager>
2008-04-21 15:54:32 47104 --a------ C:\WINDOWS\system32\Kdfhok.dll <Not Verified; Kings Information & Network; Kings kdfhok>
2008-04-21 15:54:32 73728 --a------ C:\WINDOWS\system32\kdfapi.dll <Not Verified; Kings Information & Network; lab kdfapi>
2008-04-21 15:54:31 373248 --a------ C:\WINDOWS\system32\kdfinj.dll <Not Verified; Kings Information & Network; k-Defense kdfinj Library>
2008-04-21 15:54:29 0 d-------- C:\WINDOWS\kdefense
2008-04-21 14:24:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Macrovision
2008-04-21 14:24:08 0 d-------- C:\Program Files\Rainbow Technologies
2008-04-21 1428 0 d-------- C:\Program Files\UGS
2008-04-19 19:02:05 0 d-------- C:\Program Files\Ubisoft
2008-04-19 18:42:49 0 d-------- C:\Program Files\DVD Decrypter
2008-04-19 10:51:08 0 d--h----- C:\Documents and Settings\Xaero\Application Data\ijjigame
2008-04-18 23:57:29 0 d-------- C:\ijji
2008-04-18 23:53:29 0 d-------- C:\Program Files\ijji
2008-04-18 22:52:09 0 d-------- C:\Documents and Settings\Xaero\deluge
2008-04-18 22:51:30 0 d-------- C:\Program Files\Deluge
2008-04-18 22:41:23 0 d-------- C:\Program Files\Haali
2008-04-18 22:40:46 0 d-------- C:\Program Files\CoreCodec
2008-04-18 21:57:51 0 d-------- C:\WINDOWS\system32\PreInstall
2008-04-18 13:20:39 0 d-------- C:\Program Files\RegToy
2008-04-16 22:07:20 180224 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-04-16 22:07:20 765952 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-04-16 22:07:19 0 d-------- C:\Program Files\Xvid
2008-04-16 2257 0 d-------- C:\Program Files\AVI ReComp
2008-04-16 19:34:15 679936 --a------ C:\WINDOWS\system32\ijjiSetup.exe <Not Verified; NHN USA; ijjiSetup Application>
2008-04-16 19:34:15 0 d-------- C:\Program Files\NHN USA
2008-04-16 19:19:44 0 d-------- C:\WINDOWS\pss
2008-04-16 18:30:45 0 d-------- C:\Program Files\Defraggler
2008-04-16 13:05:44 0 d-------- C:\Program Files\Hotspot Shield
2008-04-14 18:33:40 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-04-13 23:00:10 18991 --a------ C:\WINDOWS\system32\Vmscnt3.dll
2008-04-13 23:00:08 0 d-------- C:\Program Files\Sub Station Alpha v4.08
2008-04-13 22:59:46 299520 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2008-04-13 22:59:02 0 d-------- C:\Documents and Settings\Xaero\WINDOWS
2008-04-13 22:58:54 0 d-------- C:\Program Files\Gabest
2008-04-13 15:38:55 0 d-------- C:\Documents and Settings\Xaero\Application Data\Mp3tag
2008-04-12 20:36:14 0 d-------- C:\Documents and Settings\Xaero\Application Data\Wireshark
2008-04-12 19:33:10 0 d-------- C:\Program Files\WinPcap
2008-04-12 19:32:49 0 d-------- C:\Program Files\Wireshark
2008-04-11 23:15:20 0 d-------- C:\Program Files\WinDirStat
2008-04-11 15:28:45 0 d-------- C:\Program Files\GoldWave
2008-04-11 14:34:14 0 d-------- C:\Program Files\Adobe Media Player
2008-04-11 14:34:10 0 d-------- C:\Program Files\Common Files\Adobe AIR
2008-04-08 10:16:24 0 d-------- C:\Program Files\Foxit Software
2008-04-07 19:42:14 0 d-------- C:\Program Files\Rainmeter
2008-04-07 18:00:32 0 d--h----- C:\WINDOWS\PIF
2008-04-07 10:43:11 0 d-------- C:\Documents and Settings\Xaero\Application Data\ExportTool
2008-04-07 10:02:32 0 d-------- C:\Program Files\Samurize
2008-04-05 12:23:47 15781 --a------ C:\WINDOWS\system32\drivers\mdc8021x.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 2.3.1.9>
2008-04-04 19:45:04 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-04-04 19:42:38 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared
2008-04-04 19:41:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-04-04 19:41:17 16384 --a------ C:\WINDOWS\system32\FileOps.exe
2008-04-04 19:41:17 0 d-------- C:\Program Files\Common Files\Adobe
2008-04-04 19:15:17 37888 --a------ C:\WINDOWS\netpass.exe <Not Verified; NirSoft; Network Password Recovery>
2008-04-04 19:10:27 310 --a------ C:\Documents and Settings\Xaero\test
2008-04-04 19:10:00 59904 --a------ C:\WINDOWS\mspass.exe <Not Verified; NirSoft; MessenPass>
2008-04-04 19:05:58 0 d-------- C:\Program Files\AllToAVI
2008-04-04 19:02:27 0 d-------- C:\Documents and Settings\Xaero\Application Data\ImgBurn
2008-04-04 19:01:07 0 d-------- C:\Program Files\ImgBurn
2008-04-04 18:47:31 0 d-------- C:\Documents and Settings\All Users\Application Data\TechSmith
2008-04-04 18:47:26 0 d-------- C:\Program Files\TechSmith
2008-04-04 18:39:28 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-04-04 18:34:26 58 --a------ C:\WINDOWS\system32\DonationCoder_ScreenshotCaptor_InstallInfo.dat
2008-04-04 18:34:26 0 d-------- C:\Documents and Settings\Xaero\Application Data\DonationCoder
2008-04-04 18:34:10 0 d-------- C:\Program Files\ScreenshotCaptor
2008-04-04 16:11:22 0 d-------- C:\Program Files\danny_kay1710
2008-04-04 12:05:37 0 d-------- C:\WINDOWS\Sun
2008-04-04 12:05:37 0 d-------- C:\Documents and Settings\Xaero\Application Data\Sun
2008-04-04 11:29:56 0 d-------- C:\Program Files\Java
2008-04-04 11:27:19 0 d-------- C:\Program Files\Common Files\Java
2008-04-03 18:15:55 0 d-------- C:\Documents and Settings\Xaero\.drdivx2
2008-04-03 18:12:04 0 d--h----- C:\WINDOWS\system32\GroupPolicy
2008-04-03 14:22:19 0 d-------- C:\Documents and Settings\Xaero\Application Data\Inkscape
2008-04-03 14:13:43 0 d-------- C:\Program Files\gs
2008-04-03 14:12:45 0 d-------- C:\Program Files\Inkscape
2008-04-01 21:26:54 0 d-------- C:\Program Files\Cooltoolsonline
2008-04-01 21:05:28 0 d-------- C:\Documents and Settings\Xaero\Application Data\InfraRecorder
2008-04-01 20:58:03 0 d-------- C:\Documents and Settings\Xaero\Application Data\Ahead
2008-04-01 20:28:34 0 d-------- C:\Program Files\Nero
2008-04-01 20:28:34 0 d-------- C:\Program Files\Common Files\Ahead
2008-04-01 20:27:52 0 d-------- C:\WINDOWS\RegisteredPackages
2008-04-01 10:59:40 0 d--h----- C:\WINDOWS\$hf_mig$
2008-03-31 21:02:30 413696 --a------ C:\WINDOWS\system32\wrap_oal.dll <Not Verified; Creative Labs; Creative Labs OpenAL32>
2008-03-31 21:02:30 0 d-------- C:\Program Files\OpenAL
2008-03-31 20:14:14 3150 --a------ C:\WINDOWS\system32\tmp.reg
2008-03-31 20:13:56 25600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-03-31 20:13:56 289144 --a------ C:\WINDOWS\system32\VCCLSID.exe <Not Verified; S!Ri; >
2008-03-31 20:13:56 86528 --a------ C:\WINDOWS\system32\VACFix.exe <Not Verified; S!Ri.URZ; VACFix>
2008-03-31 20:13:56 288417 --a------ C:\WINDOWS\system32\SrchSTS.exe <Not Verified; S!Ri; SrchSTS>
2008-03-31 20:13:56 53248 --a------ C:\WINDOWS\system32\Process.exe <Not Verified; https://www.beyondlogic.org; Command Line Process Utility>
2008-03-31 20:13:56 82432 --a------ C:\WINDOWS\system32\IEDFix.exe <Not Verified; S!Ri.URZ; IEDFix>
2008-03-31 20:13:56 51200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-03-31 20:04:45 0 d-------- C:\Documents and Settings\Xaero\Application Data\IDM
2008-03-31 20:04:43 0 d-------- C:\Documents and Settings\Xaero\Application Data\DMCache
2008-03-31 19:20:21 110592 --a------ C:\WINDOWS\system32\OpenAL32.dll <Not Verified; Portions (C) Creative Labs Inc. and NVIDIA Corp.; Standard OpenAL(TM) Library>
2008-03-31 19:16:24 0 d-------- C:\WINDOWS\system32\xlive
2008-03-31 18:22:38 0 d-------- C:\Program Files\KAPITALSIN
2008-03-30 19:53:00 0 d-------- C:\Documents and Settings\Xaero\Application Data\tor
2008-03-30 19:52:48 0 d-------- C:\Documents and Settings\Xaero\Application Data\Vidalia
2008-03-30 19:52:47 0 d-------- C:\Program Files\Vidalia Bundle
2008-03-30 13:19:55 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-03-30 13:19:54 0 d-------- C:\Fraps
2008-03-29 20:25:31 0 d-------- C:\Program Files\Handbrake
2008-03-29 18:44:15 0 d-------- C:\Temp
2008-03-29 17:53:24 0 d-------- C:\Program Files\BestGameEver
2008-03-29 17:45:56 0 d-------- C:\Documents and Settings\Xaero\Application Data\FFSJ
2008-03-29 17:39:07 0 d-------- C:\Documents and Settings\Xaero\Application Data\gtk-2.0
2008-03-29 17:38:04 0 d-------- C:\Documents and Settings\Xaero\.thumbnails
2008-03-29 17:29:08 0 d-------- C:\Documents and Settings\Xaero\.gimp-2.4
2008-03-29 17:28:31 0 d-------- C:\Program Files\GIMP-2.0
2008-03-29 17:27:19 0 d-------- C:\Program Files\Common Files\CANON
2008-03-29 17:26:43 0 d--h----- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-03-29 17:26:24 0 d--h----- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-03-29 17:25:47 0 d--h----- C:\Program Files\CanonBJ
2008-03-29 14:35:20 0 d-------- C:\Program Files\Common Files\INCA Shared
2008-03-29 14:35:00 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2008-03-29 14:11:41 0 d-------- C:\Program Files\PowerISO
2008-03-29 13:58:31 0 d-------- C:\Documents and Settings\All Users\Application Data\IJJIGame
2008-03-29 13:34:56 187392 --a------ C:\WINDOWS\system32\JPGUtils.dll
2008-03-29 13:34:55 0 d-------- C:\Program Files\WinCustomize
2008-03-29 13:34:55 0 d-------- C:\Program Files\Common Files\Stardock
2008-03-29 13:03:47 0 d-------- C:\Program Files\AveIconifier2
2008-03-29 10:28:33 0 d-------- C:\Program Files\Paint.NET
2008-03-29 00:39:05 0 d--hs---- C:\WINDOWS\Installer
2008-03-29 00:39:02 0 d-------- C:\Program Files\Common Files\ODBC
2008-03-29 00:38:59 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-03-29 00:38:58 0 dr------- C:\Program Files
2008-03-29 00:38:58 0 d-------- C:\Program Files\Common Files
2008-03-29 00:38:43 17408 --a------ C:\WINDOWS\system32\irclass.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-29 00:38:39 13312 --a------ C:\WINDOWS\system32\batt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-29 00:38:23 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-03-29 00:38:23 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-03-29 00:38:23 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-03-29 00:38:23 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-03-29 00:38:23 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-03-29 00:38:23 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-03-29 00:38:23 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-03-29 00:38:23 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-03-29 00:38:23 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-03-29 00:38:23 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-03-29 00:38:23 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-03-29 00:38:23 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-03-29 00:38:23 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-03-29 00:38:23 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-03-29 00:38:23 0 dr------- C:\Documents and Settings\All Users\Documents
2008-03-29 00:38:23 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-03-29 00:38:03 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-03-29 00:38:03 0 d-------- C:\WINDOWS\system32\CatRoot
2008-03-29 00:37:57 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-03-29 00:37:57 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-03-29 00:37:57 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-03-29 00:37:57 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-03-29 00:36:52 0 d-------- C:\Documents and Settings
2008-03-29 00:36:51 0 d--hs---- C:\System Volume Information
2008-03-29 00:28:58 0 d-------- C:\WINDOWS
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\WinSxS
2008-03-29 00:28:58 0 dr------- C:\WINDOWS\Web
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\twain_32
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\wins
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\wbem
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\usmt
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\spool
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\ShellExt
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\Setup
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\ras
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\oobe
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\npp
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\mui
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\inetsrv
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\IME
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\icsxml
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\ias
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\export
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\drivers
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-03-29 00:28:58 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\dhcp
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\config
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\3076
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\2052
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1054
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1042
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1041
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1037
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1033
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1031
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1028
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system32\1025
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\system
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\security
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Resources
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\repair
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Provisioning
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\PeerNet
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\pchealth
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\mui
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\msapps
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\msagent
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Media
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\java
2008-03-29 00:28:58 0 d--h----- C:\WINDOWS\inf
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\ime
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Help
2008-03-29 00:28:58 0 dr--s---- C:\WINDOWS\Fonts
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\ehome
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Driver Cache
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Debug
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Cursors
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Connection Wizard
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\Config
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\AppPatch
2008-03-29 00:28:58 0 d-------- C:\WINDOWS\addins
2008-03-28 23:14:09 0 d-------- C:\Program Files\URUSoft
2008-03-28 23:13:51 0 d-------- C:\Program Files\AviSynth 2.5
2008-03-28 23:13:43 0 d-------- C:\Program Files\Winnydows
2008-03-28 23:12:39 0 d-------- C:\Program Files\winKeyLock
2008-03-28 23:09:48 0 d-------- C:\Documents and Settings\Xaero\Application Data\DivX
2008-03-28 23:09:11 0 d-------- C:\Program Files\HyCam2
2008-03-28 22:59:52 0 d-------- C:\Program Files\Yahoo!
2008-03-28 22:40:56 0 d-------- C:\Program Files\DivX
2008-03-28 21:44:37 0 d-------- C:\Program Files\Mp3tag
2008-03-28 21:35:35 0 d-------- C:\Xaero's Folder
2008-03-28 21:28:52 0 d-------- C:\All Customizations
2008-03-28 21:24:15 0 d-------- C:\Program Files\RocketDock
2008-03-28 21:21:10 0 d-------- C:\Documents and Settings\Xaero\Application Data\Launchy
2008-03-28 21:21:07 0 d-------- C:\Program Files\Launchy
2008-03-28 21:13:30 0 d-------- C:\Program Files\TaskSwitchXP
2008-03-28 21:11:03 0 d--h----- C:\WINDOWS\XPize
2008-03-28 20:51:22 0 d-------- C:\Documents and Settings\Xaero\Application Data\AVG7
2008-03-28 20:50:39 0 d-------- C:\Documents and Settings\LocalService\Application Data\AVG7
2008-03-28 20:50:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Grisoft
2008-03-28 20:50:30 0 d-------- C:\Documents and Settings\All Users\Application Data\avg7
2008-03-28 20:50:11 0 d-------- C:\Documents and Settings\Xaero\Application Data\Styler
2008-03-28 20:49:02 0 d-------- C:\Program Files\Styler
2008-03-28 20:48:04 0 d-------- C:\Program Files\WinRoll
2008-03-28 20:40:19 0 d-------- C:\Documents and Settings\Xaero\Application Data\Media Player Classic
2008-03-28 20:27:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-03-28 20:23:24 0 d-------- C:\Documents and Settings\Xaero\Application Data\Comodo
2008-03-28 20:23:23 0 d-------- C:\Documents and Settings\All Users\Application Data\comodo
2008-03-28 20:23:22 0 d-------- C:\Program Files\COMODO
2008-03-28 20:18:18 0 d-------- C:\Program Files\The KMPlayer
2008-03-28 20:16:22 0 d-------- C:\Documents and Settings\All Users\Application Data\GRETECH
2008-03-28 20:15:52 0 d-------- C:\Documents and Settings\Xaero\Application Data\GRETECH
2008-03-28 20:15:42 0 d-------- C:\Program Files\GRETECH
2008-03-28 20:15:26 0 d-------- C:\Program Files\Winamp
2008-03-28 20:15:26 0 d-------- C:\Documents and Settings\Xaero\Application Data\Winamp
2008-03-28 20:14:30 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-03-28 20:14:26 0 d-------- C:\Program Files\QuickTime Alternative
2008-03-28 20:14:16 0 d-------- C:\Program Files\Real Alternative
2008-03-28 20:14:16 0 d-------- C:\Documents and Settings\Xaero\Application Data\Real
2008-03-28 20:14:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Real
2008-03-28 20:13:54 0 d-------- C:\Program Files\K-Lite Codec Pack
2008-03-28 20:10:37 0 d-------- C:\Documents and Settings\Xaero\Application Data\Macromedia
2008-03-28 20:10:37 0 d-------- C:\Documents and Settings\Xaero\Application Data\Adobe
2008-03-28 19:38:42 0 d-------- C:\Program Files\MSBuild
2008-03-28 19:38:38 0 d-------- C:\WINDOWS\system32\XPSViewer
2008-03-28 19:38:33 0 d-------- C:\Program Files\Reference Assemblies
2008-03-28 19:36:10 0 d-------- C:\Program Files\MSXML 6.0
2008-03-28 19:29:25 0 d-------- C:\Program Files\digestIT 2004
2008-03-28 19:27:44 0 d-------- C:\Program Files\FreshDevices
2008-03-28 19:27:16 0 d-------- C:\WINDOWS\system32\Adobe
2008-03-28 19:27:06 0 d--h----- C:\WINDOWS\msdownld.tmp
2008-03-28 19:25:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-03-28 19:24:45 0 d-------- C:\WINDOWS\system32\URTTEMP
2008-03-28 19:24:04 0 d-------- C:\Downloads
2008-03-28 19:21:16 0 d-------- C:\Documents and Settings\Xaero\Application Data\TeraCopy
2008-03-28 19:21:15 0 d-------- C:\Program Files\TeraCopy
2008-03-28 19:19:59 0 d-------- C:\Program Files\CachemanXP
2008-03-28 19:19:26 0 d-------- C:\Program Files\MediaInfo
2008-03-28 19:19:21 0 d-------- C:\Program Files\CCleaner
2008-03-28 19:16:55 0 d-------- C:\Documents and Settings\Xaero\Application Data\Free Download Manager
2008-03-28 19:16:51 0 d-------- C:\Program Files\Free Download Manager
2008-03-28 19:16:51 0 d-------- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-03-28 19:13:26 0 d-------- C:\Program Files\FlashGet
2008-03-28 19:04:00 0 --a------ C:\WINDOWS\nsreg.dat
2008-03-28 19:03:58 0 d-------- C:\Documents and Settings\Xaero\Application Data\Mozilla
2008-03-28 18:38:17 45056 --a------ C:\WINDOWS\system32\Epm-Po.dll <Not Verified; Acer Labs USA; EPM-PO Dynamic Link Library>
2008-03-28 18:38:17 78208 --a------ C:\WINDOWS\system32\drivers\epm-shd.sys <Not Verified; Acer Value Labs, USA; Acer EPM System Hardware Driver>
2008-03-28 18:38:17 4096 --a------ C:\WINDOWS\system32\drivers\epm-psd.sys <Not Verified; Acer Value Labs, USA; Acer EPM Power Scheme Driver>
2008-03-28 18:38:17 53248 --a------ C:\WINDOWS\system32\acpimof.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 18:34:22 69632 --a------ C:\WINDOWS\system32\eRecUtil.dll <Not Verified; Acer Inc.; eRecUtil Dynamic Link Library>
2008-03-28 18:34:20 49152 --a------ C:\WINDOWS\system32\SysMonitor.exe
2008-03-28 18:34:20 331776 --a------ C:\WINDOWS\system32\ScrollBarLib.dll
2008-03-28 18:34:14 0 d-------- C:\Acer
2008-03-28 18:28:40 0 d-------- C:\Documents and Settings\Xaero\Bluetooth Software
2008-03-28 18:24:30 0 d-------- C:\Program Files\WIDCOMM
2008-03-28 18:22:58 245824 --a------ C:\WINDOWS\Instexec.exe <Not Verified; Logitech; Logitech>
2008-03-28 18:22:57 245824 -ra------ C:\WINDOWS\system32\InstExec.exe <Not Verified; Logitech; Logitech>
2008-03-28 18:22:42 0 d-------- C:\Program Files\Common Files\Logitech
2008-03-28 18:22:31 0 d-------- C:\Program Files\Common Files\Acer
2008-03-28 18:22:26 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2008-03-28 18:21:43 0 d-------- C:\WINDOWS\tiinst
2008-03-28 18:20:19 0 d-------- C:\NVIDIA
2008-03-28 18:02:13 0 d-------- C:\WINDOWS\Options
2008-03-28 18:02:13 0 d-------- C:\Program Files\Atheros
2008-03-28 18:01:48 0 d-------- C:\Documents and Settings\All Users\Application Data\Atheros
2008-03-28 18:01:47 0 d-------- C:\Documents and Settings\Xaero\Application Data\InstallShield
2008-03-28 18:00:59 0 d-------- C:\Documents and Settings\All Users\Application Data\QMI
2008-03-28 18:00:15 0 d-------- C:\Documents and Settings\Xaero\Application Data\Intel
2008-03-28 18:00:00 21275 --a------ C:\WINDOWS\system32\drivers\AegisP.sys <Not Verified; Meetinghouse Data Communications; AEGIS Client 3.4.10.0>
2008-03-28 17:59:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Intel
2008-03-28 17:59:31 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-03-28 17:54:26 0 d-------- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-03-28 17:52:33 0 d-------- C:\WINDOWS\nview
2008-03-28 17:48:12 0 d-------- C:\WINDOWS\system32\Lang
2008-03-28 17:43:40 0 d-------- C:\3216
2008-03-28 17:40:25 0 d--hs---- C:\Documents and Settings\Xaero\UserData
2008-03-28 17:37:13 0 d-------- C:\Program Files\Synaptics
2008-03-28 17:36:10 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-03-28 17:36:09 0 d-------- C:\Program Files\Intel
2008-03-28 17:34:57 40960 --a------ C:\WINDOWS\system32\ChCfg.exe
2008-03-28 17:34:37 0 d-------- C:\WINDOWS\system32\RTCOM
2008-03-28 17:34:02 102400 --a------ C:\WINDOWS\Soundman.exe <Not Verified; Realtek Semiconductor Corp.; Realtek HD Sound Manager>
2008-03-28 17:34:00 16266752 --a------ C:\WINDOWS\Rthdcpl.exe <Not Verified; Realtek Semiconductor Corp.; Realtek HD Audio Sound Effect Manager>
2008-03-28 17:33:59 0 d-------- C:\Program Files\Realtek
2008-03-28 17:33:59 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-03-28 17:33:52 487424 --a------ C:\WINDOWS\RtlExUpd.dll <Not Verified; Realtek Semiconductor Corp.; RtlExUpd Dynamic Link Library>
2008-03-28 17:33:48 0 d-------- C:\Program Files\Common Files\InstallShield
2008-03-28 17:31:52 0 d-------- C:\Documents and Settings\Xaero\Application Data\WinRAR
2008-03-28 17:04:45 0 d-------- C:\Documents and Settings\Xaero\Application Data\Identities
2008-03-28 17:04:37 0 d--h----- C:\Documents and Settings\Xaero\NetHood
2008-03-28 17:04:37 0 dr------- C:\Documents and Settings\Xaero\My Documents
2008-03-28 17:04:37 0 d--h----- C:\Documents and Settings\Xaero\Local Settings
2008-03-28 17:04:37 0 dr------- C:\Documents and Settings\Xaero\Favorites
2008-03-28 17:04:37 0 d-------- C:\Documents and Settings\Xaero\Desktop
2008-03-28 17:04:37 0 d--hs---- C:\Documents and Settings\Xaero\Cookies
2008-03-28 17:04:37 0 dr-h----- C:\Documents and Settings\Xaero\Application Data
2008-03-28 17:04:36 0 d--h----- C:\Documents and Settings\Xaero\Templates
2008-03-28 17:04:36 0 dr------- C:\Documents and Settings\Xaero\Start Menu
2008-03-28 17:04:36 0 dr-h----- C:\Documents and Settings\Xaero\SendTo
2008-03-28 17:04:36 0 d--h----- C:\Documents and Settings\Xaero\PrintHood
2008-03-28 17:04:36 7340032 --ah----- C:\Documents and Settings\Xaero\NTUSER.DAT
2008-03-28 17:01:32 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-03-28 17:01:29 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-03-28 17:01:28 229376 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-03-28 17:01:28 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-03-28 17:01:28 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-03-28 17:01:28 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-03-28 17:01:28 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-03-28 17:00:37 229376 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-03-28 17:00:37 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-03-28 17:00:37 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-03-28 17:00:37 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-03-28 17:00:37 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-03-28 16:56:38 0 d-------- C:\WINDOWS\system32\xircom
2008-03-28 16:56:38 0 d-------- C:\Program Files\microsoft frontpage
2008-03-28 16:56:27 229376 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-03-28 16:56:23 0 -rahs---- C:\MSDOS.SYS
2008-03-28 16:56:23 0 -rahs---- C:\IO.SYS
2008-03-28 16:56:23 0 --a------ C:\CONFIG.SYS
2008-03-28 16:56:23 0 --a------ C:\AUTOEXEC.BAT
2008-03-28 16:56:08 135680 --a------ C:\WINDOWS\system32\mapi32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:55:30 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-03-28 16:55:21 0 dr------- C:\WINDOWS\Offline Web Pages
2008-03-28 16:55:21 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-03-28 16:55:11 0 d--h----- C:\Program Files\WindowsUpdate
2008-03-28 16:54:44 0 d-------- C:\WINDOWS\system32\DirectX
2008-03-28 16:54:07 87040 --a------ C:\WINDOWS\system32\acctres.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:54:03 0 d---s---- C:\WINDOWS\Tasks
2008-03-28 16:54:02 0 d-------- C:\Program Files\Common Files\MSSoap
2008-03-28 16:53:58 0 d-------- C:\WINDOWS\srchasst
2008-03-28 16:53:57 0 d-------- C:\WINDOWS\system32\Macromed
2008-03-28 16:53:47 0 d-------- C:\Program Files\Movie Maker
2008-03-28 16:53:37 234496 --a------ C:\WINDOWS\system32\srrstr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:53:37 0 d-------- C:\WINDOWS\system32\Restore
2008-03-28 16:53:31 55808 --a------ C:\WINDOWS\system32\inetres.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:53:28 396288 --a------ C:\WINDOWS\system32\mstask.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:52:56 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-03-28 16:52:33 0 d-------- C:\WINDOWS\Registration
2008-03-28 16:52:26 0 d-------- C:\Program Files\Online Services
2008-03-28 16:52:12 0 d-------- C:\Program Files\Messenger
2008-03-28 16:52:07 19456 --a------ C:\WINDOWS\system32\write.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:52:07 0 d-------- C:\Program Files\MSN Gaming Zone
2008-03-28 16:51:57 145920 --a------ C:\WINDOWS\system32\sndvol32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:51:47 228864 --a------ C:\WINDOWS\system32\calc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:51:20 146944 --a------ C:\WINDOWS\system32\sndrec32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:51:20 303104 --a------ C:\WINDOWS\system32\accwiz.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:51:19 503808 --a------ C:\WINDOWS\system32\mspaint.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:51:19 107520 --a------ C:\WINDOWS\system32\clipbrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:51:19 0 d-------- C:\Program Files\Windows NT
2008-03-28 16:51:17 82432 --a------ C:\WINDOWS\system32\remotepg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-28 16:51:15 0 d-------- C:\WINDOWS\system32\MsDtc
2008-03-28 16:51:14 20480 --a------ C:\WINDOWS\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-03-28 16:51:13 0 d-------- C:\WINDOWS\system32\Com


-- Find3M Report ---------------------------------------------------------------

2008-04-02 11:36:37 519168 --a------ C:\WINDOWS\system32\logonuiX.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-29 00:38:23 62 --ahs---- C:\Documents and Settings\Xaero\Application Data\desktop.ini
2008-03-28 21:04:24 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IMJPMIG8.1"="C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe" [08/04/2004 08:00 PM]
"PHIME2002ASync"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 PM]
"PHIME2002A"="C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe" [08/04/2004 08:00 PM]
"RTHDCPL"="RTHDCPL.EXE" [07/19/2006 09:42 AM C:\WINDOWS\Rthdcpl.exe]
"SkyTel"="SkyTel.EXE" [07/19/2006 09:42 AM C:\WINDOWS\SkyTel.exe]
"Alcmtr"="ALCMTR.EXE" [07/19/2006 09:41 AM C:\WINDOWS\Alcmtr.exe]
"AzMixerSel"="C:\Program Files\Realtek\InstallShield\AzMixerSel.exe" [07/19/2006 09:41 AM]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [04/29/2006 06:13 AM]
"NvCplDaemon"="C:\WINDOWS\system32\NvCpl.dll" [06/13/2006 07:11 AM]
"nwiz"="nwiz.exe" [06/13/2006 07:11 AM C:\WINDOWS\system32\nwiz.exe]
"NvMediaCenter"="C:\WINDOWS\system32\NvMcTray.dll" [06/13/2006 07:11 AM]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [04/14/2006 11:51 AM]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [04/14/2006 11:52 AM]
"EOUApp"="C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe" [04/14/2006 11:56 AM]
"LVCOMSX"="C:\WINDOWS\system32\LVCOMSX.EXE" [06/23/2006 10:39 AM]
"ePower_DMC"="C:\Acer\Empowering Technology\ePower\ePower_DMC.exe" [07/12/2006 03:48 PM]
"Boot"="C:\Acer\Empowering Technology\ePower\Boot.exe" [03/15/2006 10:12 PM]
"Acer ePresentation HPD"="C:\Acer\Empowering Technology\ePresentation\ePresentation.exe" [06/07/2006 08:18 PM]
"COMODO Firewall Pro"="C:\Program Files\COMODO\Firewall\cfp.exe" [04/19/2008 02:32 PM]
"AVG7_CC"="C:\PROGRA~1\Grisoft\AVG7\avgcc.exe" [04/16/2008 10:32 AM]
"UnlockerAssistant"="C:\Program Files\Unlocker\UnlockerAssistant.exe" [03/01/2008 01:10 PM]
"LogonStudio"="C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" [09/03/2002 06:38 PM]
"NWEReboot"="" []
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe" [02/22/2008 04:25 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TaskSwitchXP"="C:\Program Files\TaskSwitchXP\TaskSwitchXP.exe" [08/05/2006 06:29 AM]
"RocketDock"="C:\Program Files\RocketDock\RocketDock.exe" [09/02/2007 01:58 PM]
"XPizeSettings"="C:\WINDOWS\XPize\XPizeSettings.exe" [04/19/2006 11:27 PM]
"HumanizedEnso"="C:\Documents and Settings\Xaero\Local Settings\Application Data\HumanizedEnso\Enso.exe" [01/15/2008 04:42 AM]
"Vidalia"="C:\Program Files\Vidalia Bundle\Vidalia\vidalia.exe" [11/23/2007 05:49 AM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/04/2004 08:00 PM]
"instanteyedropper"="C:\Program Files\InstantEyedropper\InstantEyedropper.exe" [10/17/2007 04:22 PM]

C:\Documents and Settings\Xaero\Start Menu\Programs\Startup\
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [3/16/2005 7:16:50 PM]
Styler.lnk - C:\Documents and Settings\Xaero\Application Data\Microsoft\Installer\{E9ECF354-2422-4FDB-9ABF-D8ADAC0EF941}\_585b207a.exe [3/28/2008 8:49:03 PM]
Yahoo! Widgets.lnk - C:\Program Files\Yahoo!\Widgets\YahooWidgets.exe [12/12/2007 6:34:48 AM]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Acer Empowering Technology.lnk - C:\Acer\Empowering Technology\Acer.Empowering.Framework.Launcher.exe [3/28/2008 6:34:20 PM]
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe [1/17/2006 10:45:32 AM]
Launchy.lnk - C:\Program Files\Launchy\Launchy.exe [3/28/2008 9:21:07 PM]
Privoxy.lnk - C:\Program Files\Vidalia Bundle\Privoxy\privoxy.exe [11/20/2006 10:30:54 PM]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoRecentDocsHistory"=00000000
"NoRecentDocsMenu"=00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"= C:\WINDOWS\system32\guard32.dll


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b395d011-0ea7-11dd-aacb-001b2420141c}]
AutoRun\command- wscript go.vbs

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b395d012-0ea7-11dd-aacb-001b2420141c}]
Auto\command- Ghost.pif
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Ghost.pif




-- End of Deckard's System Scanner: finished at 2008-04-23 13:51:35 ------------
XaeroEvo is offline  
Sponsored Links
Advertisement
 
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 11:48 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts