Tech Support banner

Status
Not open for further replies.
1 - 7 of 7 Posts

·
Registered
Joined
·
149 Posts
Discussion Starter #1
Hi, my computer has been slowing down increasingly, and i cant seem to figure out whats wrong. Also it has been freezing up alot causing me to have to restart.





Deckard's System Scanner v20071014.68
Run by Owner on 2001-11-13 21:38:39
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------



-- Last 5 Restore Point(s) --
50: 2001-11-14 05:33:08 UTC - RP488 - Deckard's System Scanner Restore Point
49: 2001-11-13 12:00:59 UTC - RP487 - Installed Windows Internet Explorer 7.
48: 2001-11-13 11:59:58 UTC - RP486 - Installed Windows IDNMitigationAPIs.
47: 2001-11-13 11:59:32 UTC - RP485 - Installed Windows NLSDownlevelMapping.
46: 2001-11-13 11:58:56 UTC - RP484 - Installed Windows XP KB915865.


-- First Restore Point --
1: 2001-09-24 15:14:00 UTC - RP439 - System Checkpoint


Performed disk cleanup.



-- HijackThis (run as Owner.exe) -----------------------------------------------

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:38:45 PM, on 11/13/2001
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\userinit.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Documents and Settings\Owner\Desktop\dss(2).exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Owner.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: hp toolkit - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\HP\EXPLOREBAR\HPTOOLKT.DLL
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [StartCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [PlayCenter2] "C:\Program Files\Creative\SBAudigy\PlayCenter2\MDEntry.EXE" "C:\Program Files\Creative\SBAudigy\PlayCenter2" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SetDefaultMidi] MIDIDEF.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?LinkID=39204
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.1.99.cab
O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab
O16 - DPF: {68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info Class) - http://www.blizzard.com/support/includes/cabs/si.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: iPod Service - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Softex OmniPass Service (omniserv) - Unknown owner - C:\Program Files\Softex\OmniPass\Omniserv.exe

--
End of file - 4810 bytes

-- File Associations -----------------------------------------------------------

All associations okay.


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R0 drvmcdb - c:\windows\system32\drivers\drvmcdb.sys <Not Verified; VERITAS Software, Inc.; >
R0 fasttx2k - c:\windows\system32\drivers\fasttx2k.sys <Not Verified; Promise Technology, Inc.; Promise FastTrak Series Driver>

S3 nsysaudm - c:\docume~1\owner\locals~1\temp\nsysaudm.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

All services whitelisted.


-- Device Manager: Disabled ----------------------------------------------------

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
Description: 1394 Net Adapter
Device ID: V1394\NIC1394\2D5D07E01800
Manufacturer: Microsoft
Name: 1394 Net Adapter
PNP Device ID: V1394\NIC1394\2D5D07E01800
Service: NIC1394


-- Scheduled Tasks -------------------------------------------------------------

2006-12-06 21:41:00 272 --a------ C:\WINDOWS\Tasks\easy Internet sign-up.job


-- Files created between 2001-10-13 and 2001-11-13 -----------------------------

2007-10-19 16:56:16 3596288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2007-10-19 16:54:28 196608 --a------ C:\WINDOWS\system32\dtu100.dll <Not Verified; DivX, Inc.; DivX, Inc. dtu100>
2007-10-19 16:54:28 81920 --a------ C:\WINDOWS\system32\dpl100.dll <Not Verified; DivX, Inc.; DivX, Inc. dpl100>
2007-10-19 16:54:12 802816 --a------ C:\WINDOWS\system32\divx_xx11.dll <Not Verified; DivX, Inc.; DivX?>
2007-10-19 16:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx0c.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-19 16:54:12 823296 --a------ C:\WINDOWS\system32\divx_xx07.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-19 16:54:10 739840 --a------ C:\WINDOWS\system32\DivX.dll <Not Verified; DivX, Inc.; DivX®>
2007-10-18 01:02:34 12288 --a------ C:\WINDOWS\system32\DivXWMPExtType.dll
2007-06-02 23:15:39 0 d-------- C:\WINDOWS\system32\LogFiles
2007-06-02 23:13:05 0 d-------- C:\Program Files\Windows Journal Viewer
2007-05-23 22:21:55 0 dr-h----- C:\Documents and Settings\Owner\Recent
2007-05-08 18:41:03 0 d-------- C:\Documents and Settings\Owner\Application Data\DivX
2007-05-07 00:43:18 4096 --a------ C:\WINDOWS\system32\crash
2007-04-26 17:09:24 0 d-------- C:\Program Files\Tales of Pirates Online
2007-04-26 15:39:46 0 d-------- C:\Documents and Settings\Owner\Application Data\uTorrent
2007-04-23 23:18:48 4682 --a------ C:\WINDOWS\system32\npptNT2.sys <Not Verified; INCA Internet Co., Ltd.; nProtect NPSC Kernel Mode Driver for NT>
2007-04-23 23:13:13 0 d-------- C:\ijji
2007-04-19 23:00:22 0 d-------- C:\Documents and Settings\Owner\Desktop'bump
2007-04-19 16:05:11 294912 --a------ C:\WINDOWS\system32\Bump J Multi-Trainer.exe <Not Verified; Bump Bump J; Trainers>
2007-04-16 00:46:45 0 d-------- C:\Documents and Settings\Owner\Desktoptrainer2
2007-04-13 01:55:58 70656 --a------ C:\WINDOWS\system32\yv12vfw.dll <Not Verified; www.helixcommunity.org; Helix YV12 YUV Codec>
2007-04-13 01:55:58 471552 --a------ C:\WINDOWS\system32\Smab.dll
2007-04-13 01:55:58 70656 --a------ C:\WINDOWS\system32\i420vfw.dll <Not Verified; www.helixcommunity.org; Helix I420 YUV Codec>
2007-04-13 01:55:58 719872 --a------ C:\WINDOWS\system32\devil.dll <Not Verified; Abysmal Software; Developer's Image Library (DevIL)>
2007-04-13 01:55:58 27648 --a------ C:\WINDOWS\system32\AVSredirect.dll
2007-04-13 01:55:58 306688 --a------ C:\WINDOWS\system32\avisynth.dll <Not Verified; The Public; Avisynth 2.5>
2007-04-13 01:55:58 66560 --a------ C:\WINDOWS\MOTA113.exe
2007-04-13 01:55:58 217073 --a------ C:\WINDOWS\meta4.exe
2007-04-13 01:55:57 0 d-------- C:\Program Files\AviSynth 2.5
2007-04-13 01:55:52 31232 -r-hs---- C:\WINDOWS\system32\msfDX.dll <Not Verified; Hans Mayerl; msfDX.dll>
2007-04-13 01:55:52 163328 -r-hs---- C:\WINDOWS\system32\flvDX.dll <Not Verified; Gabest; FLV Splitter>
2007-04-13 01:55:47 0 d-------- C:\Program Files\eRightSoft
2007-04-13 01:17:13 0 d-------- C:\Documents and Settings\Owner\.Nokia
2007-04-13 01:17:11 0 d-------- C:\Nokia
2007-04-13 01:16:41 0 d--h----- C:\Program Files\Zero G Registry
2007-04-13 01:16:41 0 d--h----- C:\Documents and Settings\Owner\InstallAnywhere
2007-03-14 01:28:20 0 d-------- C:\Program Files\Disc2Phone
2007-02-26 20:47:40 0 d-------- C:\Documents and Settings\Owner\Application Data\WNR
2007-02-26 20:24:48 32 --a------ C:\WINDOWS\go
2007-02-26 19:35:34 0 d-------- C:\WINDOWS\SxsCaPendDel
2007-02-26 19:26:30 0 d-------- C:\Documents and Settings\LocalService\Start Menu
2007-02-26 19:26:00 0 d-------- C:\WINDOWS\Prefetch
2007-02-26 18:49:42 0 d-------- C:\WINDOWS\peernet
2007-02-26 18:49:40 0 d-------- C:\WINDOWS\provisioning
2007-02-26 18:47:38 0 d-------- C:\WINDOWS\ServicePackFiles
2007-02-26 18:41:12 0 d-------- C:\WINDOWS\EHome
2007-02-23 15:51:06 0 d-------- C:\Documents and Settings\Owner\Application Data\ATI
2007-02-23 15:50:10 0 d-------- C:\Program Files\GameShadow
2007-02-23 15:50:03 0 d-------- C:\WINDOWS\Downloaded Installations
2007-02-23 15:49:46 0 d-------- C:\Program Files\Common Files\ATI Technologies
2007-02-23 15:45:42 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2007-02-10 13:09:12 723 --a------ C:\WINDOWS\system32\events
2007-02-10 13:06:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Nalsoft
2007-02-10 13:06:14 0 d-------- C:\Program Files\Nalsoft
2007-01-29 15:19:21 0 d-------- C:\NVIDIA
2007-01-29 00:03:14 0 d-------- C:\Program Files\ATI Technologies
2007-01-27 13:37:31 0 d-------- C:\Program Files\Sony
2007-01-23 21:29:20 90112 --a------ C:\WINDOWS\unvise32.exe <Not Verified; MindVision Software; Installer VISE>
2007-01-23 21:29:16 0 d-------- C:\Program Files\MathMagic Pro Edition for QuarkXPress
2007-01-22 22:37:25 85952 --a------ C:\Documents and Settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
2007-01-22 22:30:03 0 d-------- C:\Program Files\DivX
2007-01-22 18:51:33 0 d-------- C:\Program Files\Common Files\xing shared
2007-01-17 01:39:06 0 d-------- C:\Documents and Settings\Owner\Application Data\Viewpoint
2006-12-24 20:36:03 0 d--h----- C:\Documents and Settings\All Users\Application Data\Move Networks
2006-12-11 16:19:10 0 d-------- C:\Documents and Settings\Owner\Application Data\Lavasoft
2006-12-11 16:19:04 0 d-------- C:\Program Files\Lavasoft
2006-12-07 19:35:25 0 d-------- C:\Program Files\MessengerMate
2006-12-07 18:05:36 4 --a------ C:\WINDOWS\system32\DA4569
2006-11-28 21:12:59 38160 --a------ C:\WINDOWS\system32\LMRTREND.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2006-11-28 21:12:57 182032 --a------ C:\WINDOWS\system32\dxtmsft3.dll <Not Verified; Microsoft Corporation; Microsoft® Windows(TM) Operating System>
2006-11-28 21:12:56 63488 --a------ C:\WINDOWS\system32\unam4ie.exe <Not Verified; Microsoft Corporation; DirectShow>
2006-11-28 21:12:54 10240 --a------ C:\WINDOWS\system32\vidx16.dll
2006-11-28 21:12:54 194320 --a------ C:\WINDOWS\system32\qcut.dll <Not Verified; Microsoft Corporation; DirectShow>
2006-11-28 21:12:52 4608 --a------ C:\WINDOWS\system32\w95inf32.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2006-11-28 21:12:52 2272 --a------ C:\WINDOWS\system32\w95inf16.dll <Not Verified; Microsoft Corporation; Microsoft® Plus! for Windows® 95>
2006-11-28 15:36:05 967 --a------ C:\WINDOWS\ScUnin.pif
2006-11-28 15:36:05 94208 --a------ C:\WINDOWS\ScUnin.exe <Not Verified; Blizzard Entertainment; Starcraft Uninstaller>
2006-11-28 15:36:05 27805 --a------ C:\WINDOWS\scunin.dat
2006-11-27 21:42:49 36864 --a------ C:\WINDOWS\system32\EGameEncrypt.dll <Not Verified; ; EGameEncrypt Module>
2006-11-27 21:41:50 0 d-------- C:\Program Files\e-Games
2006-11-20 18:49:58 0 d-------- C:\Documents and Settings\Owner\Application Data\Ventrilo
2006-11-20 18:49:52 0 d-------- C:\Program Files\Ventrilo
2006-11-20 18:49:42 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2006-11-19 16:38:31 0 d-------- C:\Program Files\Warcraft III
2006-11-19 16:21:41 65747 --a------ C:\WINDOWS\War3Unin.dat
2006-11-19 16:21:40 2829 --a------ C:\WINDOWS\War3Unin.pif
2006-11-19 16:21:40 139264 --a------ C:\WINDOWS\War3Unin.exe <Not Verified; Blizzard Entertainment; Warcraft III Uninstaller>
2006-11-16 18:20:16 0 d-------- C:\Documents and Settings\Owner\Application Data\Real
2006-11-16 18:15:20 774144 --a------ C:\Program Files\RngInterstitial.dll <Not Verified; RealNetworks, Inc.; RealNetworks, Inc. RngInterstitial>
2006-11-16 18:15:16 0 d-------- C:\Program Files\Real
2006-11-14 00:29:13 1755 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
2006-11-06 00:39:59 0 d-------- C:\Program Files\Skype
2006-11-02 15:25:33 0 d-------- C:\Documents and Settings\Owner\Application Data\Apple Computer
2006-11-02 15:25:23 0 d-------- C:\Program Files\iPod
2006-11-02 15:25:19 0 d-------- C:\Program Files\iTunes
2006-11-02 15:24:46 0 d-------- C:\Program Files\QuickTime
2006-11-02 15:24:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-10-29 22:12:09 0 d-------- C:\Program Files\IrfanView
2006-10-16 23:30:44 0 d-------- C:\Documents and Settings\Owner\Application Data\ArcSoft
2006-10-15 19:03:50 0 d-------- C:\Documents and Settings\Owner\Application Data\Talkback
2006-10-15 19:03:30 4132 --a------ C:\WINDOWS\mozver.dat
2006-10-15 19:03:29 0 d-------- C:\Documents and Settings\Owner\Application Data\Mozilla
2006-10-15 18:26:30 0 d-------- C:\Documents and Settings\Owner\Contacts
2006-10-15 18:25:53 0 d------c- C:\WINDOWS\system32\DRVSTORE
2006-10-15 15:50:47 43520 --a------ C:\WINDOWS\system32\CmdLineExt03.dll
2006-10-15 13:07:22 0 d-------- C:\Documents and Settings\Owner\Application Data\Help
2006-10-09 20:43:22 171280 --a------ C:\WINDOWS\system32\jit.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:22 139536 --a------ C:\WINDOWS\system32\javaee.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:22 46352 --a------ C:\WINDOWS\setdebug.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:21 313856 --a------ C:\WINDOWS\system32\dx3j.dll <Not Verified; Microsoft Corporation; Microsoft® DirectX for Java>
2006-10-09 20:43:21 6550 --a------ C:\WINDOWS\jautoexp.dat
2006-10-09 20:43:18 113 --a------ C:\WINDOWS\system32\zonedon.reg
2006-10-09 20:43:18 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2006-10-09 20:43:17 171792 --a------ C:\WINDOWS\system32\wjview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:17 286992 --a------ C:\WINDOWS\system32\vmhelper.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:17 21264 --a------ C:\WINDOWS\system32\msjdbc10.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:16 947472 --a------ C:\WINDOWS\system32\msjava.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:16 154384 --a------ C:\WINDOWS\system32\msawt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:16 172304 --a------ C:\WINDOWS\system32\jview.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:16 15120 --a------ C:\WINDOWS\system32\jdbgmgr.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:15 404752 --a------ C:\WINDOWS\system32\javart.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:15 63248 --a------ C:\WINDOWS\system32\javaprxy.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:15 187152 --a------ C:\WINDOWS\system32\javacypt.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:43:14 49424 --a------ C:\WINDOWS\system32\clspack.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows (R) Operating System>
2006-10-09 20:30:54 0 d--hs---- C:\Documents and Settings\Owner\UserData
2006-10-09 20:23:32 1324 --a------ C:\WINDOWS\system32\d3d9caps.dat
2006-10-09 20:14:51 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-10-09 16:03:48 0 d-------- C:\Program Files\Common Files\Blizzard Entertainment
2006-10-07 22:02:16 0 d-------- C:\Program Files\IGN
2006-10-07 21:55:59 0 d-------- C:\Documents and Settings\Owner\Application Data\Macromedia
2006-10-07 21:52:27 0 d-------- C:\WINDOWS\system32\bits
2006-10-07 21:51:26 0 d-------- C:\WINDOWS\system32\PreInstall
2006-10-07 21:51:20 0 d--h----- C:\WINDOWS\$hf_mig$
2006-10-07 21:47:04 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-10-07 21:45:34 0 d-------- C:\WINDOWS\SoftwareDistribution
2006-10-07 21:26:22 0 d-------- C:\Documents and Settings\Owner\Application Data\Aim
2006-10-07 21:26:16 0 d-------- C:\Program Files\Viewpoint
2006-10-07 21:26:16 0 d-------- C:\Program Files\AOD
2006-10-07 21:26:16 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint
2006-10-07 21:26:13 0 d-------- C:\Program Files\AIM
2006-10-07 21:10:58 245920 -r-hs---- C:\cmldr
2006-10-07 21:10:51 0 dr-hs---- C:\cmdcons
2006-10-07 21:10:49 0 d-------- C:\WINDOWS\setup.pss
2006-10-07 21:10:37 0 d-------- C:\WINDOWS\setupupd
2006-10-07 21:09:16 262144 --a------ C:\Documents and Settings\All Users\NTUSER.DAT
2006-10-07 21:07:19 26112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2006-10-07 21:07:05 26768 -----n--- C:\WINDOWS\system32\CTL3D.DLL <Not Verified; Microsoft Corporation; 3D Windows Control>
2006-10-07 21:07:05 53552 -----n--- C:\WINDOWS\CTCCW.DLL <Not Verified; Creative® Technology Ltd.; Custom Control for Windows>
2006-10-07 21:06:29 0 d-------- C:\Documents and Settings\All Users\Application Data\Creative
2006-10-07 21:06:19 0 d-------- C:\Media
2006-10-07 21:06:17 54784 -----n--- C:\WINDOWS\system32\INETWH32.DLL <Not Verified; Blue Sky Software Corporation.; Blue Sky Software - INETWH32>
2006-10-07 21:06:13 25088 --a------ C:\WINDOWS\system32\CTSVCCTL.EXE <Not Verified; Creative Technology Ltd; Creative Service Control>
2006-10-07 21:06:13 44032 --a------ C:\WINDOWS\system32\CTSVCCDA.EXE <Not Verified; Creative Technology Ltd; Creative Service for CDROM Access>
2006-10-07 21:05:56 0 d-------- C:\Program Files\Creative
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\WINDOWS
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\Symantec
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\Sonic
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\Share-to-Web Upload Folder
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\SampleView
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\Real
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\InterTrust
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\interMute
2006-10-07 21:04:58 0 d-a------ C:\Documents and Settings\Default User\Application Data\Adobe
2006-10-07 21:04:06 0 d--hs---- C:\System Volume Information
2006-10-07 20:34:56 247 --a------ C:\WINDOWS\system\hpsysdrv.dat
2006-10-07 20:32:53 0 d-------- C:\I386
2006-10-07 20:22:37 0 d-a------ C:\Program Files
2006-10-07 20:22:37 0 d-a------ C:\Documents and Settings\Owner\Start Menu
2006-10-07 20:22:37 0 d-a------ C:\Documents and Settings\Owner\SendTo
2006-10-07 20:22:37 0 dra------ C:\Documents and Settings\Owner\My Documents
2006-10-07 20:22:36 0 dra------ C:\Documents and Settings\Owner\Favorites
2006-10-07 20:22:36 0 d-a------ C:\Documents and Settings\Owner\Application Data
2006-10-07 20:22:36 0 d-a------ C:\Documents and Settings\Default User\Start Menu
2006-10-07 20:22:36 0 d-a------ C:\Documents and Settings\Default User\SendTo
2006-10-07 20:22:36 0 d-a------ C:\Documents and Settings\Default User\Local Settings
2006-10-07 20:22:36 0 d-a------ C:\Documents and Settings\Default User\Application Data
2006-10-07 20:22:35 0 d-a------ C:\Documents and Settings\All Users\Start Menu
2006-10-07 20:22:34 0 d-a------ C:\Documents and Settings\All Users\Documents
2006-10-07 20:22:30 0 d-a------ C:\Documents and Settings\All Users\Application Data
2006-10-07 20:22:09 0 d-a------ C:\WINDOWS\Offline Web Pages
2006-10-07 20:20:30 0 d-a----c- C:\WINDOWS\system32\dllcache
2005-09-23 07:28:52 74240 --a------ C:\WINDOWS\system32\mscories.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:52 150016 --a------ C:\WINDOWS\system32\mscorier.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:52 270848 --a------ C:\WINDOWS\system32\mscoree.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-09-23 07:28:38 83456 --a------ C:\WINDOWS\system32\dfshim.dll <Not Verified; Microsoft Corporation; Microsoft® .NET Framework>
2005-08-07 19:59:58 45056 --a------ C:\WINDOWS\system32\almufn.dll
2005-04-04 09:52:16 765952 -ra------ C:\WINDOWS\system32\CDDBUI.dll <Not Verified; Gracenote; CDDBUIControl Module>
2005-04-04 09:52:16 589824 -ra------ C:\WINDOWS\system32\CDDBControl.dll <Not Verified; Gracenote, Inc.; CDDBControl Core Module>
2005-03-10 12:06:58 77824 -ra------ C:\WINDOWS\system32\CddbLangZT.dll <Not Verified; Gracenote; Gracenote CddbLangZT>
2005-03-10 12:06:58 77824 -ra------ C:\WINDOWS\system32\CddbLangZH.dll <Not Verified; Gracenote; Gracenote CddbLangZH>
2005-03-10 12:06:58 102400 -ra------ C:\WINDOWS\system32\CddbLangTH.dll <Not Verified; Gracenote; Gracenote CddbLangTH>
2005-03-10 12:06:58 106496 -ra------ C:\WINDOWS\system32\CddbLangSV.dll <Not Verified; Gracenote; Gracenote CddbLangSV>
2005-03-10 12:06:58 110592 -ra------ C:\WINDOWS\system32\CddbLangPT_BR.dll <Not Verified; Gracenote; Gracenote CddbLangPT_BR>
2005-03-10 12:06:58 110592 -ra------ C:\WINDOWS\system32\CddbLangNL.dll <Not Verified; Gracenote; Gracenote CddbLangNL>
2005-03-10 12:06:58 81920 -ra------ C:\WINDOWS\system32\CddbLangKO.dll <Not Verified; Gracenote; Gracenote CddbLangKO>
2005-03-10 12:06:58 86016 -ra------ C:\WINDOWS\system32\CddbLangJA.dll <Not Verified; Gracenote; Gracenote CddbLangJA>
2005-03-10 12:06:58 110592 -ra------ C:\WINDOWS\system32\CddbLangIT.dll <Not Verified; Gracenote; Gracenote CddbLangIT>
2005-03-10 12:06:58 110592 -ra------ C:\WINDOWS\system32\CddbLangFR.dll <Not Verified; Gracenote; Gracenote CddbLangFR>
2005-03-10 12:06:58 110592 -ra------ C:\WINDOWS\system32\CddbLangES.dll <Not Verified; Gracenote; Gracenote CddbLangES>
2005-03-10 12:06:58 110592 -ra------ C:\WINDOWS\system32\CddbLangDE.dll <Not Verified; Gracenote; Gracenote CddbLangDE>
2004-04-07 14:29:38 98304 --a------ C:\WINDOWS\system32\almzip.dll
2003-08-28 13:08:47 10 --a------ C:\reimage
2003-08-28 13:04:32 0 d-a------ C:\Program Files\Microsoft ActiveSync
2003-08-28 13:00:39 288 --a------ C:\WINDOWS\system32\DVCStateBkp-{00000002-00000000-0000000B-00001102-00000004-005B1102}.dat
2003-08-28 13:00:39 288 --a------ C:\WINDOWS\system32\DVCState-{00000002-00000000-0000000B-00001102-00000004-005B1102}.dat
2003-08-28 13:00:04 0 d-a------ C:\WINDOWS\system32\defaults
2003-08-28 13:00:03 0 d-a------ C:\WINDOWS\system32\data
2003-06-03 12:52:30 368710 --a------ C:\WINDOWS\system32\msisam11.dll <Not Verified; Microsoft Corporation; Microsoft (R) Jet>
2003-06-03 12:52:23 163840 --a------ C:\WINDOWS\system32\mindex.dll <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2003-06-03 12:23:13 446464 --a------ C:\WINDOWS\system32\wmvdmoe.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2003-06-03 12:23:12 1677312 --a------ C:\WINDOWS\system32\wmvcore2.dll <Not Verified; Microsoft Corporation; Microsoft® Windows Media Services>
2003-06-03 12:23:12 311327 --a------ C:\WINDOWS\system32\wmv8dmod.dll <Not Verified; Microsoft Corporation; Window Media Video>
2003-06-03 12:23:11 77824 --a------ C:\WINDOWS\system32\wmpstub.exe <Not Verified; Microsoft Corporation; Microsoft(R) Windows Media Player>
2003-06-03 12:19:47 241725 --a------ C:\WINDOWS\system32\msuni11.dll <Not Verified; Microsoft Corporation; Microsoft (R) Jet>
2003-04-10 10:34:24 0 --a------ C:\WINDOWS\system32\iAlmcoin.dll
2003-04-10 10:22:08 0 d-a------ C:\Program Files\AWS
2003-04-10 10:21:36 131072 --a------ C:\WINDOWS\system32\SpSubLSP.dll <Not Verified; interMute, Inc.; SpamSubtract>
2003-04-10 10:21:36 0 d-a------ C:\Documents and Settings\Owner\Application Data\interMute
2003-04-10 10:20:22 1138688 --a------ C:\WINDOWS\system32\atsc51.dll <Not Verified; AuthenTec, Inc.; AuthenTec Sensor Control Library>
2003-04-10 10:20:19 0 d-a------ C:\Program Files\Softex
2003-04-10 10:19:03 0 d-a------ C:\Documents and Settings\Owner\Application Data\Symantec
2003-04-10 10:18:55 0 d-a------ C:\Documents and Settings\All Users\Application Data\Symantec
2003-04-10 10:18:52 0 d-a------ C:\Program Files\Symantec
2003-04-10 06:48:32 0 d-a------ C:\WINDOWS\system32\URTTemp
2003-04-10 06:12:30 0 d-a------ C:\Documents and Settings\All Users\Application Data\Motive
2003-04-10 06:06:13 0 d-a------ C:\Program Files\HP Instant Support
2003-04-10 06:06:10 167936 --a------ C:\WINDOWS\system32\PCDrJNI_1_1.dll
2003-04-10 06:04:32 0 d-a------ C:\WINDOWS\system32\pcintro
2003-04-10 06:04:31 0 d-a------ C:\Documents and Settings\Owner\Application Data\SampleView
2003-04-10 06:04:24 77824 --a------ C:\WINDOWS\system32\hpaghlpr.dll <Not Verified; Hewlett-Packard Company; HPAgHlpr Module>
2003-04-10 06:04:19 0 d-a------ C:\WINDOWS\speech
2003-04-10 06:04:15 0 d-a------ C:\WINDOWS\lhsp
2003-04-10 06:04:00 0 d-a------ C:\Program Files\Updates from HP
2003-04-10 06:03:59 0 d-a------ C:\Program Files\BackWeb
2003-04-10 06:03:54 40960 --a------ C:\WINDOWS\system32\omano.dll <Not Verified; Hewlett-Packard; HpSpl Module>
2003-04-10 06:03:38 24576 --a------ C:\WINDOWS\system32\syscontr.dll <Not Verified; ; syscontr Dynamic Link Library>
2003-04-10 06:03:38 45056 --a------ C:\WINDOWS\system32\hpreg.dll <Not Verified; ; HpReg Module>
2003-04-10 06:00:51 122880 --a------ C:\WINDOWS\system32\ShellvRTF.dll <Not Verified; XSS; XSS ShellvRTF>
2003-04-10 06:00:51 0 d-a------ C:\WINDOWS\SMINST
2003-04-10 06:00:51 0 d-a------ C:\WINDOWS\CREATOR
2003-04-10 06:00:48 0 d-a------ C:\Documents and Settings\Owner\WINDOWS
2003-04-10 05:56:58 0 d-a------ C:\Program Files\Common Files\Intuit
2003-04-10 05:56:43 0 d-a------ C:\Program Files\Quicken
2003-04-10 05:54:49 0 d-a------ C:\WINDOWS\ShellNew
2003-04-10 05:54:02 0 d-a------ C:\WINDOWS\Corel
2003-04-10 05:52:23 0 d-a------ C:\WINDOWS\Profiles
2003-04-10 05:52:20 0 d-a------ C:\WINDOWS\system32\Adobe
2003-04-10 05:52:19 0 d-a------ C:\Documents and Settings\Owner\Application Data\InterTrust
2003-04-10 05:51:33 0 d-a------ C:\Program Files\IntelliMover Data Transfer Demo
2003-04-10 05:49:38 0 d-a------ C:\Program Files\Simple Backup for My Pictures
2003-04-10 05:49:06 0 d-a------ C:\WINDOWS\HPTK
2003-04-10 05:43:59 77312 --a------ C:\WINDOWS\system32\TWAIN_32.DLL <Not Verified; Twain Working Group; Twain_32 Source Manager>
2003-04-10 05:43:59 212480 --a------ C:\WINDOWS\system32\PCDLIB32.DLL <Not Verified; Eastman Kodak; Kodak Photo CD Access Developer Toolkit>
2003-04-10 05:36:47 0 d-a------ C:\Program Files\Common Files\Real
2003-04-10 05:35:29 0 d-a------ C:\Documents and Settings\Owner\Application Data\Sonic
2003-04-10 05:34:26 0 d-a------ C:\Program Files\InterVideo
2003-04-10 05:27:02 0 d-a------ C:\Documents and Settings\Owner\Application Data\Share-to-Web Upload Folder
2003-04-10 05:26:14 0 d-a------ C:\Program Files\Hewlett-Packard
2003-04-10 05:23:02 0 d-a------ C:\Program Files\HP Photosmart 11
2003-04-10 05:17:00 0 d-a------ C:\WINDOWS\system32\FxsTmp
2003-04-10 05:14:15 0 d-a------ C:\WINDOWS\MSBN
2003-04-10 05:08:50 0 d-a------ C:\6in1ico
2003-04-10 05:08:49 0 d--h----- C:\Program Files\InstallShield Installation Information
2003-04-10 05:08:47 0 d-a------ C:\Program Files\Common Files\InstallShield
2003-04-10 05:05:36 141824 --a------ C:\WINDOWS\system32\drivers\Fasttx2k.sys <Not Verified; Promise Technology, Inc.; Promise FastTrak Series Driver>
2003-04-10 05:02:53 0 d-a------ C:\WINDOWS\system32\ReinstallBackups
2003-04-10 04:55:45 0 d-a------ C:\WINDOWS\RegisteredPackages
2003-04-10 04:53:03 52736 --a------ C:\WINDOWS\system\hpsysdrv.exe <Not Verified; Hewlett-Packard Company; hpsysdrv>
2003-04-10 04:51:23 0 d-a------ C:\WINDOWS\system32\Microsoft
2003-04-10 04:44:58 65536 --a------ C:\WINDOWS\system32\PyWinTypes22.dll
2003-04-10 04:44:58 299073 --a------ C:\WINDOWS\system32\PythonCOM22.dll
2003-04-10 04:44:32 839729 --a------ C:\WINDOWS\system32\python22.dll <Not Verified; PythonLabs at Zope Corporation; Python>
2003-04-10 04:44:32 0 d-a------ C:\Python22
2003-04-10 04:44:29 272491 --a------ C:\WINDOWS\system32\WBDBV32I.DLL <Not Verified; Wilson WindowWare, Inc.; WIL DLL>
2003-04-10 04:44:29 480768 --a------ C:\WINDOWS\system32\WBDBT32I.DLL <Not Verified; Wilson WindowWare, Inc.; WIL DLL>
2003-04-10 04:44:29 136704 --a------ C:\WINDOWS\system32\OemInfo.dll <Not Verified; Hewlett-Packard; >
2003-04-10 04:44:29 17920 --a------ C:\WINDOWS\system32\delphimm.dll <Not Verified; Inprise Corporation; Borland Delphi>
2003-04-10 04:44:29 1496064 --a------ C:\WINDOWS\system32\cc3250mt.dll <Not Verified; Inprise Corporation; Borland C++ Builder 5.0>
2003-04-10 04:44:29 1404416 --a------ C:\WINDOWS\system32\cc3250.dll <Not Verified; Inprise Corporation; Borland C++ Builder 5.0>
2003-04-10 04:44:29 16896 --a------ C:\WINDOWS\system32\bcbmm.dll
2003-04-10 04:44:29 0 d-a------ C:\system.sav
2003-04-10 04:24:33 0 d--h----- C:\hp
2003-04-10 04:24:18 0 d-a------ C:\Documents and Settings\All Users\Application Data\SBSI
2003-04-10 04:23:19 306688 --a------ C:\WINDOWS\IsUninst.exe <Not Verified; InstallShield Software Corporation; InstallShield® unInstaller>
2003-04-10 04:23:01 0 d--hs---- C:\WINDOWS\Installer
2003-04-10 04:22:36 0 d--h----- C:\Documents and Settings\Owner\Local Settings
2003-04-10 04:22:36 0 d-a------ C:\Documents and Settings\Owner\Desktop
2003-04-10 04:22:36 0 d--hs---- C:\Documents and Settings\Owner\Cookies
2003-04-10 04:22:36 0 d-a------ C:\Documents and Settings\Owner\Application Data\Identities
2003-04-10 04:22:35 0 d-a------ C:\Documents and Settings\Owner\Templates
2003-04-10 04:22:35 0 d-a------ C:\Documents and Settings\Owner\PrintHood
2003-04-10 04:22:35 4980736 --ah----- C:\Documents and Settings\Owner\NTUSER.DAT
2003-04-10 04:22:35 0 d-a------ C:\Documents and Settings\Owner\NetHood
2003-04-10 04:22:23 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2003-04-10 04:22:23 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2003-04-10 04:22:23 0 d---s---- C:\Documents and Settings\LocalService\Cookies
2003-04-10 04:22:23 0 d-a------ C:\Documents and Settings\LocalService\Application Data
2003-04-10 04:22:23 0 d-a------ C:\Documents and Settings\LocalService\Application Data\Microsoft
2003-04-10 04:22:22 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2003-04-10 04:22:22 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2003-04-10 04:22:22 0 d--hs---- C:\Documents and Settings\NetworkService\Cookies
2003-04-10 04:22:22 0 d-a------ C:\Documents and Settings\NetworkService\Application Data
2003-04-10 04:22:22 0 d-a------ C:\Documents and Settings\NetworkService\Application Data\Microsoft
2003-04-10 04:19:32 0 d-a------ C:\WINDOWS\system32\xircom
2003-04-10 04:19:32 0 d-a------ C:\Program Files\microsoft frontpage
2003-04-10 04:19:26 786432 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2003-04-10 04:19:26 0 d-a------ C:\Documents and Settings\Default User\Application Data\Identities
2003-04-10 04:17:39 0 d--hs---- C:\Documents and Settings\All Users\DRM
2003-04-10 04:17:27 0 d-a------ C:\WINDOWS\Downloaded Program Files
2003-04-10 04:16:53 0 d-a------ C:\WINDOWS\system32\DirectX
2003-04-10 04:16:37 0 d-a------ C:\WINDOWS\Tasks
2003-04-10 04:16:36 0 d-a------ C:\Program Files\Common Files\MSSoap
2003-04-10 04:16:34 0 d-a------ C:\WINDOWS\system32\Macromed
2003-04-10 04:16:34 0 d-a------ C:\WINDOWS\srchasst
2003-04-10 04:16:33 0 d-a------ C:\Program Files\Movie Maker
2003-04-10 04:16:31 0 d-a------ C:\WINDOWS\system32\Restore
2003-04-10 04:16:31 0 d-a------ C:\WINDOWS\PCHealth
2003-04-10 04:16:07 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2003-04-10 04:15:45 0 d-a------ C:\WINDOWS\Registration
2003-04-10 04:15:05 0 d-ah----- C:\Program Files\WindowsUpdate
2003-04-10 04:15:05 0 d-a------ C:\Program Files\Online Services
2003-04-10 04:14:57 0 d-a------ C:\Program Files\Messenger
2003-04-10 04:14:54 0 d-a------ C:\Program Files\MSN Gaming Zone
2003-04-10 04:14:36 0 d-a------ C:\Program Files\Windows NT
2003-04-10 04:14:35 0 d-a------ C:\WINDOWS\system32\MsDtc
2003-04-10 04:14:35 0 d-a------ C:\WINDOWS\system32\Com
2003-04-10 04:00:20 0 d-a------ C:\WINDOWS\I386
2003-04-09 21:10:31 0 d-a------ C:\Program Files\Common Files\ODBC
2003-04-09 21:10:27 0 d-a------ C:\Program Files\Common Files
2003-04-09 21:10:27 0 d-a------ C:\Program Files\Common Files\SpeechEngines
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\Templates
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\Recent
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\PrintHood
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\NetHood
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\My Documents
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\Favorites
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\Desktop
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\Default User\Cookies
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\All Users\Templates
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\All Users\Favorites
2003-04-09 21:10:07 0 d-a------ C:\Documents and Settings\All Users\Desktop
2003-04-09 21:09:51 0 d-a------ C:\WINDOWS\system32\CatRoot2
2003-04-09 21:09:51 0 d-a------ C:\WINDOWS\system32\CatRoot
2003-04-09 21:09:46 0 d-a------ C:\Documents and Settings\Default User\Application Data\Microsoft
2003-04-09 21:09:45 0 d-a------ C:\Documents and Settings\All Users\Application Data\Microsoft
2003-04-09 21:09:27 0 d-a------ C:\Documents and Settings
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\WinSxS
2003-04-09 21:06:52 0 dr------- C:\WINDOWS\Web
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\twain_32
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\wins
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\wbem
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\usmt
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\spool
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\ShellExt
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\Setup
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\ras
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\oobe
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\npp
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\mui
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\inetsrv
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\IME
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\icsxml
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\ias
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\export
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\drivers
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\drivers\etc
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\drivers\disdn
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\dhcp
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\config
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\3com_dmi
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\3076
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\2052
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1054
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1042
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1041
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1037
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1033
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1031
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1028
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system32\1025
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\system
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\security
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Resources
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\repair
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\mui
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\msapps
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\msagent
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Media
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\java
2003-04-09 21:06:52 0 d--h----- C:\WINDOWS\inf
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\ime
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Help
2003-04-09 21:06:52 0 dr--s---- C:\WINDOWS\Fonts
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Driver Cache
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Debug
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Cursors
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Connection Wizard
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\Config
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\AppPatch
2003-04-09 21:06:52 0 d-a------ C:\WINDOWS\addins
2003-04-09 05:40:14 782336 --a------ C:\WINDOWS\system32\RDBios32.dll <Not Verified; Hewlett Packard; RDBios32 Utility DLL>
2003-02-20 19:16:34 32768 --a------ C:\WINDOWS\system32\netfxperf.dll <Not Verified; Microsoft Corporation; Microsoft (R) .NET Framework>
2002-11-14 14:09:12 36864 --a------ C:\WINDOWS\hpfsched.exe
2002-11-14 14:08:26 249856 --a------ C:\WINDOWS\system32\hphsav04.exe <Not Verified; Hewlett-Packard; hp photosmart>
2002-11-14 14:08:26 348160 --a------ C:\WINDOWS\system32\hphmon04.exe <Not Verified; Hewlett-Packard; hp photosmart>
2002-11-14 14:08:26 185344 --a------ C:\WINDOWS\system32\hpfinst.dll <Not Verified; Hewlett-Packard; hp photosmart>
2002-10-21 16:21:00 82784 --a------ C:\WINDOWS\system32\drivers\drvmcdb.sys <Not Verified; VERITAS Software, Inc.; >
2002-09-21 01:20:26 1687625 --a------ C:\WINDOWS\system32\InetClnt.dll <Not Verified; Intuit Inc.; Internet Client Dynamic Link Library>
2002-09-21 01:20:26 41472 --a------ C:\WINDOWS\IPROF32.DLL <Not Verified; Intuit; Intuit Family of Products>
2001-11-09 05:16:28 0 d-------- C:\Documents and Settings\Owner\.SunDownloadManager
2001-11-09 04:41:44 0 d-------- C:\WINDOWS\.jagex_cache_32
2001-11-09 04:19:58 0 d-------- C:\Documents and Settings\Owner\Shared
2001-11-09 04:19:56 0 d-------- C:\Documents and Settings\Owner\Incomplete
2001-11-09 04:19:45 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2001-11-09 04:19:22 0 d-------- C:\Program Files\LimeWire
2001-10-17 12:53:02 596992 --a------ C:\WINDOWS\system32\rave.dll <Not Verified; Apple Computer, Inc.; Apple Computer, Inc. QuickDraw 3D Rendering Acceleration Virtual Engine - RAVE>
2001-10-17 12:53:02 27136 --a------ C:\WINDOWS\system32\QTUninst.dll
2001-10-17 12:53:02 969216 --a------ C:\WINDOWS\system32\qd3d.dll <Not Verified; Apple Computer Inc.; Apple Computer, Inc. QuickDraw 3D>
2001-10-17 12:53:02 126976 --a------ C:\WINDOWS\system32\3DViewer.dll <Not Verified; Apple Computer, Inc.; Apple Computer, Inc. QuickDraw 3D Viewer Controller>
2001-10-17 12:51:50 635241 --a------ C:\WINDOWS\ld32407.exe
2001-10-17 12:51:48 0 d-------- C:\Program Files\Netscape
2001-10-17 12:51:41 299008 --a------ C:\WINDOWS\uninst.exe <Not Verified; InstallShield Corporation, Inc.; InstallShield unInstaller>
2001-10-17 12:50:34 27600 -ra------ C:\WINDOWS\isk3ro.exe <Not Verified; Microsoft Corporation; Microsoft® Internet Explorer CD>
2001-10-15 08:28:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe


-- Find3M Report ---------------------------------------------------------------

2003-04-09 21:10:07 62 --ahs---- C:\Documents and Settings\Owner\Application Data\desktop.ini
2001-11-13 03:54:38 0 d-------- C:\Program Files\SpywareBlaster
2001-10-18 08:26:17 31001 --a------ C:\WINDOWS\nsreg.dat
2001-10-15 08:29:24 0 d-------- C:\Documents and Settings\Owner\Application Data\Adobe
2001-10-15 08:28:23 0 d-------- C:\Program Files\Common Files\Adobe
2001-09-19 10:55:41 0 d-------- C:\Program Files\Trillian
2001-09-18 10:24:10 0 d-------- C:\Program Files\MSN Messenger
2001-08-15 00:47:08 20480 --a------ C:\WINDOWS\system32\vxpsapi.dll


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [01/22/2007 06:51 PM]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe" [03/14/2007 03:43 AM]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [11/10/2006 11:35 AM]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [05/11/2007 02:06 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [04/27/2007 01:17 PM]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [08/03/2004 11:56 PM]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"SetDefaultMidi"=MIDIDEF.EXE
"PlayCenter2"="C:\Program Files\Creative\SBAudigy\PlayCenter2\MDEntry.EXE" "C:\Program Files\Creative\SBAudigy\PlayCenter2"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"DisableRegistryTools"=0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
@=

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
C:\Program Files\Softex\OmniPass\opxpgina.dll 02/21/2003 09:50 AM 40960 C:\Program Files\Softex\OmniPass\OPXPGina.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Quicken Scheduled Updates.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Quicken Scheduled Updates.lnk
backup=C:\WINDOWS\pss\Quicken Scheduled Updates.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\!AVG Anti-Spyware]
"C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM]
C:\Program Files\AIM\aim.exe -cnetwait.odl

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AIM Logger]
C:\PROGRA~1\Nalsoft\AIMLOG~1\AIMLogger.exe /start /minimize

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
"C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CamMonitor]
c:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Hide IP Platinum]
C:\Program Files\Hide IP Platinum\hideippla.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HotKeysCmds]
C:\WINDOWS\System32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\hpsysdrv]
c:\windows\system\hpsysdrv.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
"C:\Program Files\iTunes\iTunesHelper.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Jet Detection]
"C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KBD]
C:\HP\KBD\KBD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MsnMsgr]
"C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PS2]
C:\WINDOWS\system32\ps2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Recguard]
C:\WINDOWS\SMINST\RECGUARD.EXE

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
"C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
"C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\UpdReg.EXE




-- End of Deckard's System Scanner: finished at 2001-11-13 21:42:54 ------------



ACTIVSCAN


Incident Status Location

Virus:Generic Malware Disinfected C:\Deckard\System Scanner\20010822221626\backup\WINDOWS\Downloaded Program Files\HGStart9USA.exe
Virus:Generic Malware Disinfected C:\Deckard\System Scanner\20070522165602\backup\WINDOWS\Downloaded Program Files\HGStart9USA.exe
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.doubleclick.net/]
Spyware:Cookie/Linksynergy Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.linksynergy.com/]
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.casalemedia.com/]
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.atdmt.com/]
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.questionmarket.com/]
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.tribalfusion.com/]
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.ads.pointroll.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[server.iad.liveperson.net/hc/61201819]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[server.iad.liveperson.net/]
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.advertising.com/]
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[ad.yieldmanager.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.bs.serving-sys.com/]
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.serving-sys.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.overture.com/]
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.mediaplex.com/]
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.adrevolver.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.2o7.net/]
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.statcounter.com/]
Spyware:Cookie/Adtech Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.adtech.de/]
Spyware:Cookie/Adserver Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.adserver.easyad.info/]
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.zedo.com/]
Spyware:Cookie/Clickbank Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.clickbank.net/]
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.burstnet.com/]
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.ads.addynamix.com/]
Spyware:Cookie/Smartadserver Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.smartadserver.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.realmedia.com/]
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.perf.overture.com/]
Spyware:Cookie/FastClick Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.fastclick.net/]
Spyware:Cookie/Azjmp Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.azjmp.com/]
Spyware:Cookie/Server.iad.Liveperson Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[server.iad.liveperson.net/hc/LPpacificsunwear]
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.com.com/]
Spyware:Cookie/bravenetA Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.bravenet.com/]
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.247realmedia.com/]
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.apmebf.com/]
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.trafficmp.com/]
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.bluestreak.com/]
Spyware:Cookie/adultfriendfinder Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.adultfriendfinder.com/]
Spyware:Cookie/Bfast Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.bfast.com/]
Spyware:Cookie/BurstBeacon Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[www.burstbeacon.com/]
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.atwola.com/]
Spyware:Cookie/did-it Not disinfected C:\Documents and Settings\Owner\Application Data\Mozilla\Firefox\Profiles\0ogn4hm4.default\cookies.txt[.did-it.com/]
Spyware:Cookie/2o7 Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/YieldManager Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Adrevolver Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/AdDynamix Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/PointRoll Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Advertising Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Apmebf Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Atlas DMT Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Atwola Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Bluestreak Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/BurstNet Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Casalemedia Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Bridgetrack Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Com.com Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Doubleclick Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Mediaplex Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Overture Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/QuestionMarket Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/RealMedia Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Serving-sys Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Statcounter Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/WebtrendsLive Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Target Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Traffic Marketplace Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Spyware:Cookie/Tribalfusion Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Xiti Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][1].txt
Spyware:Cookie/Zedo Not disinfected C:\Documents and Settings\Owner\Cookies\[email protected][2].txt
Potentially unwanted tool:Application/KillApp.B Not disinfected C:\hp\bin\KillIt.exe
Potentially unwanted tool:Application/KillApp.A Not disinfected C:\hp\bin\Terminator.exe
Potentially unwanted tool:Application/NirCmd.A Not disinfected C:\WINDOWS\nircmd.exe
 

Attachments

·
TSF Security Manager, Emeritus
Joined
·
42,837 Posts
Hello Frankh1188,

I'm not seeing any malware in this log. Try a general cleaning and see if that improves things for you a bit.

Please copy this page to Notepad and save to your desktop for reference as you will not have any browsers open while you are carrying out portions of these instructions.


***************************************************

1. Download and install CleanUp! (Not Recommended for XP64).



2. Download AVG Anti Spyware **Not to be confused with AVG 7.5 Free Anti-Virus. Use this tool alongside the AV



Install AVG Anti Spyware
  • Double-click the icon on Desktop to launch AVG
  • On the main Status screen, under Your Computer's Security, click Resident Shield
  • Click the word active to change it to inactive
  • On the top of the main screen click Update.
  • Then click on Start Update. The update will start and a progress bar will show the updates being installed.
  • Once the update has completed select the "Scanner" icon at the top of the screen, then select the "Settings" tab.
  • Once in the Settings screen click on "Recommended actions" and then select "Quarantine".
  • Under "Reports"
    • Select "Do Not Automatically generate report after every scan"
When you have finished updating, EXIT AVG Anti Spyware. Do Not run a scan just yet, we will shortly.


--------------------------------------------------------------------

Close any open browsers.

--------------------------------------------------------------------

*WARNING* Cleanup deletes EVERYTHING out of temp/temporary folders and does not make backups. If you have any documents or programs that are saved in any Temporary Folders, please make a backup of these before running CleanUp! or move them to a permanent location.

Open Cleanup! by double-clicking the icon on your desktop (or from the Start > All Programs menu). Set the program up as follows:
*Click "Options..."
*Move the arrow down to "Custom CleanUp!"
*Put a check next to the following:
  • Empty Recycle Bins
  • Delete Cookies
  • Delete Prefetch files
  • Cleanup! All Users
  • Click on the "Temporary Files" and uncheck the box for "Scan drives for file matching" if it's checked.
Click OK
Press the CleanUp! button to start the program. Do NOT reboot/logoff when prompted.

--------------------------------------------------------------------

Run AVG Anti-Spyware with it's updated definitions:(...it's important that all windows must be closed)
  • Click Scanner
  • Click on the Scan tab
  • Click Complete System Scan to begin scanning.
    Once the scan is complete do the following:
  • If you have any infections you will prompted, then select "Apply all actions"
  • Once finished, click the Save report button, then click Save Report As and save it to your desktop. (make sure to remember where you saved that file, this is important).
--------------------------------------------------------------------

Reboot your system.

--------------------------------------------------------------------

Run a new scan with HijackThis and save the log.

--------------------------------------------------------------------

Please include the following in your next reply:

AVG Anti-Spyware results
New HijackThis log
Update on system behavior
 
1 - 7 of 7 Posts
Status
Not open for further replies.
Top