Joined
·
1 Posts
Hey guys this is my bros computer and i hope im putting these in here right. I know i have somekind of keylogger/spyware because my WOW(world of warcract) account and email have been stolen and passwords have been changed. Please help, any assistance is greatly appreciated. Thanks to all who can provide any service 
ray:
DDS (Version 1.0) - NTFSx86
Run by HP_Administrator at 15:57:22.00 on Mon 11/24/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.185 [GMT -8:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\Documents and Settings\HP_Administrator\Desktop\dds.scr
============== Psuedo HJT Report ===============
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Symantec NetDriver Monitor] c:\progra~1\symnet~1\SNDMon.exe /Consumer
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\spysub~1.lnk - c:\program files\intermute\spysubtract\sslaunch.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\309731\program\Updates from HP.exe
IE: E&xport to Microsoft Excel
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: avgrsstx.dll
============= SERVICES / DRIVERS ===============
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-11-24 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-24 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-11-24 90632]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-11-24 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-11-24 231704]
R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2008-11-24 1212184]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2008-11-24 29208]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2008-11-24 29208]
S3 EnumHook2;Enumerate Global Windows Service 2;\??\c:\windows\system32\drivers\dHook.sys [2008-11-22 2080]
=============== Created Last 30 ================
2008-11-24 15:52 250 a------- c:\windows\gmer.ini
2008-11-24 15:19 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-11-24 15:19 12,936 a------- c:\windows\system32\drivers\avgrkx86.sys
2008-11-24 15:19 90,632 a------- c:\windows\system32\drivers\avgtdix.sys
2008-11-24 15:19 98,440 a------- c:\windows\system32\drivers\avgldx86.sys
2008-11-24 15:19 <DIR> --d----- c:\windows\system32\drivers\Avg
2008-11-24 15:19 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\AVGTOOLBAR
2008-11-24 15:18 50,968 a------- c:\windows\system32\avgfwdx.dll
2008-11-24 15:18 29,208 a------- c:\windows\system32\drivers\avgfwdx.sys
2008-11-24 15:18 <DIR> --d----- c:\program files\AVG
2008-11-24 15:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2008-11-24 14:58 <DIR> --d----- c:\program files\Trend Micro
2008-11-24 11:44 <DIR> --d----- c:\program files\MSXML 4.0
2008-11-23 03:03 <DIR> --d----- c:\windows\system32\CatRoot_bak
2008-11-23 03:02 272,128 -------- c:\windows\system32\drivers\bthport.sys
2008-11-23 03:02 272,128 -------- c:\windows\system32\dllcache\bthport.sys
2008-11-23 03:02 2,136,064 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-23 03:02 2,180,352 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-23 03:02 2,057,728 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-23 03:02 2,015,744 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-23 03:02 453,632 -------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-23 03:00 <DIR> --d----- c:\windows\system32\PreInstall
2008-11-22 20:05 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\SpywareRemover
2008-11-22 19:46 <DIR> --d----- c:\program files\Eusing Free Registry Cleaner
2008-11-22 19:37 40,960 a------- c:\windows\system32\VBAME.DLL
2008-11-22 19:37 <DIR> --d----- c:\program files\AML Products
2008-11-22 16:31 <DIR> --d----- c:\windows\pss
2008-11-22 16:30 <DIR> --d----- c:\program files\Personal Antispy
2008-11-22 16:20 2,080 a------- c:\windows\system32\drivers\dHook.sys
2008-11-22 16:20 <DIR> --d----- c:\program files\Flyos
2008-11-22 15:50 <DIR> --ds---- c:\documents and settings\hp_administrator\UserData
2008-11-22 15:34 <DIR> --d----- c:\program files\SymNetDrv
2008-11-22 15:29 <DIR> --dshr-- C:\cmdcons
2008-11-22 15:29 <DIR> --d----- c:\windows\setup.pss
2008-11-22 15:28 <DIR> --d----- c:\windows\setupupd
2008-11-22 15:13 <DIR> --d----- c:\windows\system32\appmgmt
2008-11-22 15:07 <DIR> --d----- c:\program files\Crazy Browser
2008-11-22 14:46 1,772 a--shr-- c:\windows\system32\drivers\103C_HP_CPC_PY029AA-ABA A1129N_YC_0Pavi_QMXK526_E53NAsyEPC2_47_IALBACORE_SMSI_V1.0_B3.18_T050609_WXP2_L409_M511_J200_7AMD_8Athlon 64_92.19_#050823_N10EC8139_Z11C1048C_G_OHP DVD Writer 640c;IDE-DVD DROM6216_D.MRK
2008-11-22 14:45 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\Symantec
2008-11-22 14:45 <DIR> --d----- c:\documents and settings\hp_administrator\WINDOWS
2008-11-22 14:45 <DIR> --d----- c:\documents and settings\HP_Administrator
2008-11-22 14:41 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-11-22 14:38 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2008-11-22 14:38 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2008-11-22 14:33 247 a------- c:\windows\system\hpsysdrv.dat
2008-11-22 14:33 <DIR> --d----- c:\windows\Cain
2008-11-22 14:32 <DIR> --d----- c:\windows\I386
2008-11-22 14:23 <DIR> --d--r-- c:\documents and settings\all users\Documents
2008-11-22 14:23 <DIR> --d--r-- c:\windows\Offline Web Pages
2008-11-22 14:22 <DIR> --dshr-- c:\windows\system32\dllcache
==================== Find3M ====================
2008-11-24 15:15 <DIR> --d----- c:\program files\common files\Symantec Shared
2008-11-24 15:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2008-11-24 15:06 <DIR> --d----- c:\program files\muvee Technologies
2008-11-24 15:06 <DIR> --d----- c:\program files\common files\muvee Technologies
2008-11-24 15:05 <DIR> --d----- c:\program files\Microsoft Plus! Digital Media Edition
2008-11-24 11:50 <DIR> --d----- c:\program files\Messenger
2008-11-22 18:52 <DIR> --d----- c:\program files\MSN Encarta Standard
2008-11-22 15:35 <DIR> --d----- c:\program files\Symantec
2008-11-22 14:47 <DIR> --d----- c:\program files\Easy Internet signup
2008-11-22 14:32 <DIR> --d----- c:\program files\Windows NT
2008-10-16 14:08 34,328 a------- c:\windows\system32\dllcache\wups.dll
2008-10-15 08:57 332,800 a------- c:\windows\system32\dllcache\netapi32.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-15 03:57 1,846,016 a------- c:\windows\system32\win32k.sys
2008-09-15 03:57 1,846,016 a------- c:\windows\system32\dllcache\win32k.sys
2008-09-04 08:42 1,106,944 a------- c:\windows\system32\msxml3.dll
2008-09-04 08:42 1,106,944 a------- c:\windows\system32\dllcache\msxml3.dll
2008-08-28 02:04 333,056 a------- c:\windows\system32\dllcache\srv.sys
2005-05-25 17:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SBSI
============= FINISH: 15:57:50.81 ===============
Hey by the way i cant recieve any private messages beacuse the keylogger or whatever changed my password as soon as i posted so ill just be in touch as a guest
ray:DDS (Version 1.0) - NTFSx86
Run by HP_Administrator at 15:57:22.00 on Mon 11/24/2008
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.510.185 [GMT -8:00]
============== Running Processes ===============
C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\Explorer.EXE
c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\WINDOWS\system32\dllhost.exe
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\wuauclt.exe
C:\HP\KBD\KBD.EXE
c:\windows\system\hpsysdrv.exe
C:\WINDOWS\system32\hphmon06.exe
C:\Program Files\Java\jre1.5.0\bin\jusched.exe
C:\Program Files\InterMute\SpySubtract\SpySub.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
c:\Program Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgfws8.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\AVG\AVG8\avgscanx.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\Documents and Settings\HP_Administrator\Desktop\dds.scr
============== Psuedo HJT Report ===============
uSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uDefault_Search_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
mSearch Bar = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iesearch&locale=EN_US&c=Q305&bd=pavilion&pf=desktop
uSearchURL,(Default) = hxxp://www.google.com/keyword/%s
BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\adobe\acrobat 6.0\reader\activex\AcroIEHelper.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg8\avgssie.dll
BHO: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - c:\program files\hp\digital imaging\bin\HPDTLK02.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [ehTray] c:\windows\ehome\ehtray.exe
mRun: [HPBootOp] "c:\program files\hewlett-packard\hp boot optimizer\HPBootOp.exe" /run
mRun: [ATIPTA] c:\program files\ati technologies\ati control panel\atiptaxx.exe
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [Symantec NetDriver Monitor] c:\progra~1\symnet~1\SNDMon.exe /Consumer
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\spysub~1.lnk - c:\program files\intermute\spysubtract\sslaunch.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\update~1.lnk - c:\program files\updates from hp\309731\program\Updates from HP.exe
IE: E&xport to Microsoft Excel
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.5.0\bin\npjpi150.dll
IE: {E2D4D26B-0180-43a4-B05F-462D6D54C789} - c:\windows\pchealth\helpctr\vendors\cn=hewlett-packard,l=cupertino,s=ca,c=us\iebutton\support.htm
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
Notify: AtiExtEvent - Ati2evxx.dll
AppInit_DLLs: avgrsstx.dll
============= SERVICES / DRIVERS ===============
R0 AvgRkx86;avgrkx86.sys;c:\windows\system32\drivers\avgrkx86.sys [2008-11-24 12936]
R1 AvgLdx86;AVG AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2008-11-24 98440]
R1 AvgTdiX;AVG8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2008-11-24 90632]
R2 avg8emc;AVG8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2008-11-24 874776]
R2 avg8wd;AVG8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2008-11-24 231704]
R2 avgfws8;AVG8 Firewall;c:\progra~1\avg\avg8\avgfws8.exe [2008-11-24 1212184]
R3 Avgfwdx;Avgfwdx;c:\windows\system32\drivers\avgfwdx.sys [2008-11-24 29208]
S3 Avgfwfd;AVG network filter service;c:\windows\system32\drivers\avgfwdx.sys [2008-11-24 29208]
S3 EnumHook2;Enumerate Global Windows Service 2;\??\c:\windows\system32\drivers\dHook.sys [2008-11-22 2080]
=============== Created Last 30 ================
2008-11-24 15:52 250 a------- c:\windows\gmer.ini
2008-11-24 15:19 10,520 a------- c:\windows\system32\avgrsstx.dll
2008-11-24 15:19 12,936 a------- c:\windows\system32\drivers\avgrkx86.sys
2008-11-24 15:19 90,632 a------- c:\windows\system32\drivers\avgtdix.sys
2008-11-24 15:19 98,440 a------- c:\windows\system32\drivers\avgldx86.sys
2008-11-24 15:19 <DIR> --d----- c:\windows\system32\drivers\Avg
2008-11-24 15:19 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\AVGTOOLBAR
2008-11-24 15:18 50,968 a------- c:\windows\system32\avgfwdx.dll
2008-11-24 15:18 29,208 a------- c:\windows\system32\drivers\avgfwdx.sys
2008-11-24 15:18 <DIR> --d----- c:\program files\AVG
2008-11-24 15:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8
2008-11-24 14:58 <DIR> --d----- c:\program files\Trend Micro
2008-11-24 11:44 <DIR> --d----- c:\program files\MSXML 4.0
2008-11-23 03:03 <DIR> --d----- c:\windows\system32\CatRoot_bak
2008-11-23 03:02 272,128 -------- c:\windows\system32\drivers\bthport.sys
2008-11-23 03:02 272,128 -------- c:\windows\system32\dllcache\bthport.sys
2008-11-23 03:02 2,136,064 -------- c:\windows\system32\dllcache\ntkrnlmp.exe
2008-11-23 03:02 2,180,352 -------- c:\windows\system32\dllcache\ntoskrnl.exe
2008-11-23 03:02 2,057,728 -------- c:\windows\system32\dllcache\ntkrnlpa.exe
2008-11-23 03:02 2,015,744 -------- c:\windows\system32\dllcache\ntkrpamp.exe
2008-11-23 03:02 453,632 -------- c:\windows\system32\dllcache\mrxsmb.sys
2008-11-23 03:00 <DIR> --d----- c:\windows\system32\PreInstall
2008-11-22 20:05 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\SpywareRemover
2008-11-22 19:46 <DIR> --d----- c:\program files\Eusing Free Registry Cleaner
2008-11-22 19:37 40,960 a------- c:\windows\system32\VBAME.DLL
2008-11-22 19:37 <DIR> --d----- c:\program files\AML Products
2008-11-22 16:31 <DIR> --d----- c:\windows\pss
2008-11-22 16:30 <DIR> --d----- c:\program files\Personal Antispy
2008-11-22 16:20 2,080 a------- c:\windows\system32\drivers\dHook.sys
2008-11-22 16:20 <DIR> --d----- c:\program files\Flyos
2008-11-22 15:50 <DIR> --ds---- c:\documents and settings\hp_administrator\UserData
2008-11-22 15:34 <DIR> --d----- c:\program files\SymNetDrv
2008-11-22 15:29 <DIR> --dshr-- C:\cmdcons
2008-11-22 15:29 <DIR> --d----- c:\windows\setup.pss
2008-11-22 15:28 <DIR> --d----- c:\windows\setupupd
2008-11-22 15:13 <DIR> --d----- c:\windows\system32\appmgmt
2008-11-22 15:07 <DIR> --d----- c:\program files\Crazy Browser
2008-11-22 14:46 1,772 a--shr-- c:\windows\system32\drivers\103C_HP_CPC_PY029AA-ABA A1129N_YC_0Pavi_QMXK526_E53NAsyEPC2_47_IALBACORE_SMSI_V1.0_B3.18_T050609_WXP2_L409_M511_J200_7AMD_8Athlon 64_92.19_#050823_N10EC8139_Z11C1048C_G_OHP DVD Writer 640c;IDE-DVD DROM6216_D.MRK
2008-11-22 14:45 <DIR> --d----- c:\docume~1\hp_adm~1\applic~1\Symantec
2008-11-22 14:45 <DIR> --d----- c:\documents and settings\hp_administrator\WINDOWS
2008-11-22 14:45 <DIR> --d----- c:\documents and settings\HP_Administrator
2008-11-22 14:41 <DIR> --d----- c:\windows\system32\SoftwareDistribution
2008-11-22 14:38 12,160 a------- c:\windows\system32\drivers\mouhid.sys
2008-11-22 14:38 9,600 a------- c:\windows\system32\drivers\hidusb.sys
2008-11-22 14:33 247 a------- c:\windows\system\hpsysdrv.dat
2008-11-22 14:33 <DIR> --d----- c:\windows\Cain
2008-11-22 14:32 <DIR> --d----- c:\windows\I386
2008-11-22 14:23 <DIR> --d--r-- c:\documents and settings\all users\Documents
2008-11-22 14:23 <DIR> --d--r-- c:\windows\Offline Web Pages
2008-11-22 14:22 <DIR> --dshr-- c:\windows\system32\dllcache
==================== Find3M ====================
2008-11-24 15:15 <DIR> --d----- c:\program files\common files\Symantec Shared
2008-11-24 15:15 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2008-11-24 15:06 <DIR> --d----- c:\program files\muvee Technologies
2008-11-24 15:06 <DIR> --d----- c:\program files\common files\muvee Technologies
2008-11-24 15:05 <DIR> --d----- c:\program files\Microsoft Plus! Digital Media Edition
2008-11-24 11:50 <DIR> --d----- c:\program files\Messenger
2008-11-22 18:52 <DIR> --d----- c:\program files\MSN Encarta Standard
2008-11-22 15:35 <DIR> --d----- c:\program files\Symantec
2008-11-22 14:47 <DIR> --d----- c:\program files\Easy Internet signup
2008-11-22 14:32 <DIR> --d----- c:\program files\Windows NT
2008-10-16 14:08 34,328 a------- c:\windows\system32\dllcache\wups.dll
2008-10-15 08:57 332,800 a------- c:\windows\system32\dllcache\netapi32.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-15 03:57 1,846,016 a------- c:\windows\system32\win32k.sys
2008-09-15 03:57 1,846,016 a------- c:\windows\system32\dllcache\win32k.sys
2008-09-04 08:42 1,106,944 a------- c:\windows\system32\msxml3.dll
2008-09-04 08:42 1,106,944 a------- c:\windows\system32\dllcache\msxml3.dll
2008-08-28 02:04 333,056 a------- c:\windows\system32\dllcache\srv.sys
2005-05-25 17:31 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SBSI
============= FINISH: 15:57:50.81 ===============
Hey by the way i cant recieve any private messages beacuse the keylogger or whatever changed my password as soon as i posted so ill just be in touch as a guest
