Computer slowing down and restarts

Welcome Guest ( Log In | Register )

Discover the best free computer help!
Learn more about Geeks to Go by taking the tour. Spyware, virus, trojan, fake security or privacy alerts? Read the malware cleaning guide.

> Geeks to Go! » Security » Malware Removal - HijackThis� Logs Go Here

3 Pages

1 2 3 >

Computer slowing down and restarts

Options

icerider View Member Profile	Nov 13 2006, 06:55 PM Post #1
Member Posts: 89 OS: XP	My computer freezes or slowdowns at random times. Sometimes, if I turn off my computer, it'll restart right after for no reason. When I'm looking at the My Computer screen and change the view to thumbnails, the labels for the drives and documents do not appear. I suspect that it is a virus due to the fact that my anti-virus did find viruses a few days ago. Here's the Hijack This log: Logfile of HijackThis v1.99.1 Scan saved at 2:19:08 PM, on 13/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\PROGRA~1\Browster\proxy\wrapper.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\Program Files\F-Secure\Common\FSMB32.EXE C:\WINDOWS\runservice.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\PROGRA~1\Browster\proxy\jre\bin\java.exe C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Anti-Virus\fsrw.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wwSecure.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\F-Secure\Common\FNRB32.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\Program Files\F-Secure\Common\FSM32.EXE C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\WINDOWS\system32\taskswitch.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe D:\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ig R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8448 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand2515.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [WinampAgent] D:\Music\Winamp\winampa.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: RAID Manager.lnk = ? O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O16 - DPF: {594ECDD4-A991-4208-A7B7-00DDAD9BE328} (Photosynth Class) - http://media.labs.live.com/all/ps/_code_/Photosynth.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Browster Proxy (BrwstrPF) - Unknown owner - C:\PROGRA~1\Browster\proxy\wrapper.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe Thanks.

Metallica View Member Profile	Nov 21 2006, 04:06 AM Post #2
Spyware Veteran Posts: 20,720 From: Netherlands OS: XP Pro & Vista Ultimate	Did you install any codecs lately? And how old is your most recent Acronis image? Open HijackThis, click Config, click Misc Tools Click "Open Uninstall Manager" Click "Save List" (generates uninstall_list.txt) Click Save, copy and paste the results in your next post. Regards,

icerider View Member Profile	Nov 21 2006, 06:47 PM Post #3
Member Posts: 89 OS: XP	Last image was a few days, and I don't believe I've installed any codecs at all. Acronis True Image Home Ad-Aware SE Professional Adobe Bridge 1.0 Adobe Common File Installer Adobe Flash Player 9 ActiveX Adobe Help Center 1.0 Adobe Photoshop CS2 Adobe Reader 7.0.8 Adobe Shockwave Player Adobe Stock Photos 1.0 Advanced Uninstaller PRO 2006 - version 7 Alt-Tab Task Switcher Powertoy for Windows XP ASAP Utilities ATI - Software Uninstall Utility ATI Control Panel ATI Display Driver Audacity 1.2.6 BIMP Lite 1.61 Browster Calculator Powertoy for Windows XP Canon i950 CleanUp! Copernic Desktop Search 2 DivX Total Pack EULAlyzer v1.1 FireTune FlashGet(JetCar) FLV Player 1.3.3 FM Modifier 2.1 FreeUndelete F-Secure Anti-Virus Client Security - Automatic Update Agent F-Secure Anti-Virus Client Security - E-Mail Scanning F-Secure Anti-Virus Client Security - Internet Shield F-Secure Anti-Virus Client Security - Virus & Spy Protection F-Secure Anti-Virus Client Security - Web Traffic Scanning Google Earth Google Toolbar for Internet Explorer High Definition Audio Driver Package - KB835221 HijackThis 1.99.1 Hotfix for Windows XP (KB926239) IconPackager Image Resizer Powertoy for Windows XP IrfanView (remove only) ITE IT8212 ATA RAID Controller J2SE Runtime Environment 5.0 Update 6 J2SE Runtime Environment 5.0 Update 9 Juice 2.2 Karen's Computer Profiler Karen's Disk Slack Checker Karen's Drive Info Karen's Time Sync Kaspersky Online Scanner KeePass Password Safe 1.06 Logitech SetPoint Macromedia Dreamweaver 8 Macromedia Extension Manager Macromedia Fireworks 8 Macromedia Flash 8 Macromedia Flash 8 Video Encoder Macromedia Flash Player 8 Macromedia Flash Player 8 Plugin Marvell Miniport Driver MediaLife MediaMonkey 2.5 Merriam-Webster Messenger Plus! Live Microsoft .NET Framework 1.1 Microsoft .NET Framework 2.0 Microsoft Compression Client Pack 1.0 for Windows XP Microsoft Office FrontPage 2003 Microsoft Office OneNote 2003 Microsoft Office Professional Edition 2003 Microsoft Office Project Professional 2003 Microsoft Office Visio Professional 2003 Microsoft User-Mode Driver Framework Feature Pack 1.0 MozBackup 1.4.5 Mozilla Firefox (2.0) Music Explorer Nokia Connectivity Cable Driver Oblivion OpenPandora 0.6.6 Opera 9.02 Panda ActiveScan PerfectDisk Pop-Up Stopper Professional PowerISO PrimoPDF PrimoPDF Redistribution Package QuickTime RealPlayer Realtek High Definition Audio Driver Samsung Music Studio Security Update for Windows Media Player (KB911564) Security Update for Windows Media Player 10 (KB911565) Security Update for Windows XP (KB890046) Security Update for Windows XP (KB893756) Security Update for Windows XP (KB896358) Security Update for Windows XP (KB896423) Security Update for Windows XP (KB896424) Security Update for Windows XP (KB896428) Security Update for Windows XP (KB899587) Security Update for Windows XP (KB899589) Security Update for Windows XP (KB899591) Security Update for Windows XP (KB900725) Security Update for Windows XP (KB901017) Security Update for Windows XP (KB901190) Security Update for Windows XP (KB901214) Security Update for Windows XP (KB902400) Security Update for Windows XP (KB904706) Security Update for Windows XP (KB905414) Security Update for Windows XP (KB905749) Security Update for Windows XP (KB908519) Security Update for Windows XP (KB911562) Security Update for Windows XP (KB911567) Security Update for Windows XP (KB911927) Security Update for Windows XP (KB912919) Security Update for Windows XP (KB913580) Security Update for Windows XP (KB914388) Security Update for Windows XP (KB914389) Security Update for Windows XP (KB917344) Security Update for Windows XP (KB917422) Security Update for Windows XP (KB917953) Security Update for Windows XP (KB918439) Security Update for Windows XP (KB918899) Security Update for Windows XP (KB919007) Security Update for Windows XP (KB920213) Security Update for Windows XP (KB920214) Security Update for Windows XP (KB920670) Security Update for Windows XP (KB920683) Security Update for Windows XP (KB920685) Security Update for Windows XP (KB921398) Security Update for Windows XP (KB921883) Security Update for Windows XP (KB922616) Security Update for Windows XP (KB922760) Security Update for Windows XP (KB922819) Security Update for Windows XP (KB923191) Security Update for Windows XP (KB923414) Security Update for Windows XP (KB923980) Security Update for Windows XP (KB924191) Security Update for Windows XP (KB924270) Security Update for Windows XP (KB924496) Security Update for Windows XP (KB925486) Spybot - Search & Destroy 1.4 SpywareBlaster v3.5.1 SpywareGuard v2.2 StyleWriter Tweak UI Update for Windows XP (KB894391) Update for Windows XP (KB898461) Update for Windows XP (KB900485) Update for Windows XP (KB908531) Update for Windows XP (KB910437) Update for Windows XP (KB911280) Update for Windows XP (KB916595) Update for Windows XP (KB920872) Update for Windows XP (KB922582) VideoLAN VLC media player 0.8.5 Virtual Earth 3D (Beta) Winamp (remove only) WinASO Registry Optimizer 2.0.5 Window Washer Windows Imaging Component Windows Installer 3.1 (KB893803) Windows Live Messenger Windows Live Sign-in Assistant Windows Media Format 11 runtime Windows Media Format 11 runtime Windows Media Player 11 Windows Media Player 11 Windows XP Hotfix - KB873339 Windows XP Hotfix - KB885835 Windows XP Hotfix - KB885836 Windows XP Hotfix - KB886185 Windows XP Hotfix - KB887472 Windows XP Hotfix - KB888302 Windows XP Hotfix - KB890859 Windows XP Hotfix - KB891781 WinPatrol WinRAR archiver WinZip Zune Desktop Theme

Metallica View Member Profile	Nov 22 2006, 01:47 AM Post #4
Spyware Veteran Posts: 20,720 From: Netherlands OS: XP Pro & Vista Ultimate	hmmm... Can you tell me if any of these were installed shortly before the problems started: DivX Total Pack FLV Player 1.3.3 Image Resizer Powertoy for Windows XP MediaMonkey 2.5 If the image was made of a workable situation, are there any subjections against reverting back to it? Regards,

icerider View Member Profile	Nov 22 2006, 07:04 PM Post #5
Member Posts: 89 OS: XP	I would prefer not to as I made a couple of changes to my computer after the problems came. I don't believe any of those programs are related to the problem, though I uninstalled MediaMonkey since I never use it.

Metallica View Member Profile	Nov 23 2006, 05:40 AM Post #6
Spyware Veteran Posts: 20,720 From: Netherlands OS: XP Pro & Vista Ultimate	QUOTE(icerider @ Nov 23 2006, 02:04 AM) [snapback]842501[/snapback] I would prefer not to as I made a couple of changes to my computer after the problems came. Yes, and one of them very likely caused the problems. In my opinion it's easier to go back and apply the changes again (one by one), then to find out which one it was in the first place.

icerider View Member Profile	Nov 23 2006, 06:25 PM Post #7
Member Posts: 89 OS: XP	would uninstalling those four programs help see which one is the culprit?

Metallica View Member Profile	Nov 24 2006, 01:37 AM Post #8
Spyware Veteran Posts: 20,720 From: Netherlands OS: XP Pro & Vista Ultimate	Only if it is one of them. Were those installed recently?

icerider View Member Profile	Nov 24 2006, 06:28 PM Post #9
Member Posts: 89 OS: XP	I recently installed MediaMonkey, but I haven't noticed any change in my computer's performance. Is there a way to see if a virus could've caused or some other unwanted malware?

Metallica View Member Profile	Nov 25 2006, 06:31 AM Post #10
Spyware Veteran Posts: 20,720 From: Netherlands OS: XP Pro & Vista Ultimate	Sure, but I don't think that is the case. Or do you have any reason to think you got infected? - Opened a suspicious email - Installed illegal software - Visited the wrong sites - Clicked on a link someone sent you by Messenger 1. Download this file - combofix.exe 2. Double click combofix.exe & follow the prompts. 3. When finished, it shall produce a log for you. Post that log in your next reply Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall In your next post, please include[list] new hijackthis log combofix log

icerider View Member Profile	Nov 25 2006, 01:16 PM Post #11
Member Posts: 89 OS: XP	HiJack! log: Logfile of HijackThis v1.99.1 Scan saved at 11:15:40 AM, on 25/11/2006 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE C:\PROGRA~1\Browster\proxy\wrapper.exe C:\WINDOWS\system32\crypserv.exe C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe C:\Program Files\F-Secure\Anti-Virus\fssm32.exe C:\Program Files\F-Secure\Common\FSMA32.EXE C:\WINDOWS\runservice.exe C:\Program Files\F-Secure\Common\FSMB32.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Raxco\PerfectDisk\PDAgent.exe C:\PROGRA~1\Browster\proxy\jre\bin\java.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\F-Secure\Common\FCH32.EXE C:\WINDOWS\system32\wwSecure.exe C:\Program Files\F-Secure\Common\FAMEH32.EXE C:\Program Files\F-Secure\Anti-Virus\fsqh.exe C:\Program Files\F-Secure\Anti-Virus\fsrw.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\Raxco\PerfectDisk\PDEngine.exe C:\Program Files\F-Secure\Anti-Virus\fsav32.exe C:\Program Files\F-Secure\Common\FNRB32.EXE C:\WINDOWS\Explorer.EXE C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe C:\Program Files\F-Secure\Common\FIH32.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\ALCWZRD.EXE C:\WINDOWS\ALCMTR.EXE C:\Program Files\F-Secure\Common\FSM32.EXE C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\Program Files\F-Secure\FSGUI\fsguidll.exe C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe C:\WINDOWS\system32\taskswitch.exe D:\Music\Winamp\winampa.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe C:\Program Files\SpywareGuard\sgmain.exe C:\Program Files\SpywareGuard\sgbhp.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\Explorer.EXE C:\PROGRA~1\MOZILL~1\FIREFOX.EXE D:\HiJack! This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ig R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8448 O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand2515.dll O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe" O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE O4 - HKLM\..\Run: [WinampAgent] D:\Music\Winamp\winampa.exe O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE O4 - Global Startup: RAID Manager.lnk = ? O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/kos/english/kavwebscan_unicode.cab O16 - DPF: {594ECDD4-A991-4208-A7B7-00DDAD9BE328} (Photosynth Class) - http://media.labs.live.com/all/ps/_code_/Photosynth.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE O23 - Service: Browster Proxy (BrwstrPF) - Unknown owner - C:\PROGRA~1\Browster\proxy\wrapper.exe O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe edit: combofix log was too long This post has been edited by icerider: Nov 25 2006, 01:19 PM

icerider

Nov 25 2006, 01:22 PM

Post #12

Member

Posts: 89
OS: XP

Combofixlog:

Simon - 06-11-25 11:10:57.17 Service Pack 2
ComboFix 06.11.22 - Running from: "D:\"

((((((((((((((((((((((((((((((( Files Created from 2006-10-25 to 2006-11-25 ))))))))))))))))))))))))))))))))))

2006-11-20 11:25 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2006-11-20 11:01 <DIR> d-------- C:\Downloads
2006-11-20 11:00 <DIR> d-------- C:\Config.Msi
2006-11-20 10:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2006-11-16 19:04 <DIR> d-------- C:\Program Files\Audacity
2006-11-14 22:44 <DIR> d-------- C:\Program Files\Music Explorer
2006-11-13 14:21 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2006-11-13 14:20 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-11-13 10:13 <DIR> d-------- C:\My Music
2006-11-12 13:57 <DIR> d-------- C:\Program Files\Raxco
2006-11-12 13:57 <DIR> d-------- C:\Program Files\Common Files\Raxco
2006-11-12 13:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Raxco
2006-11-12 11:03 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-11-11 22:05 <DIR> d-------- C:\Program Files\Innovative Solutions
2006-11-11 21:38 <DIR> d-------- C:\Program Files\FlashGet
2006-11-11 21:23 <DIR> d-------- C:\Program Files\Copernic Desktop Search 2
2006-11-11 21:15 <DIR> d-------- C:\Program Files\FreeUndelete
2006-11-11 20:47 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2006-11-11 20:47 <DIR> d-------- C:\WINDOWS\PrimoPDF
2006-11-11 20:47 <DIR> d-------- C:\Program Files\activePDF
2006-11-11 20:36 <DIR> d-------- C:\Program Files\ASAP Utilities
2006-11-10 20:02 793 --ahs---- C:\WINDOWS\system32\mmf.sys
2006-11-10 20:02 48,640 --a------ C:\WINDOWS\mmfs.dll
2006-11-10 20:02 2,560 --a------ C:\WINDOWS\Runservice.exe
2006-11-10 16:04 <DIR> d-------- C:\Program Files\EULAlyzer
2006-11-09 16:47 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Sports Interactive
2006-11-08 20:41 <DIR> d-------- C:\Program Files\MozBackup
2006-11-08 19:53 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\vlc
2006-11-08 16:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-11-08 16:23 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Opera
2006-11-07 18:44 96,256 --a------ C:\WINDOWS\system32\drivers\sptd7933.sys
2006-11-07 18:44 664,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-11-07 00:32 <DIR> d---s---- C:\Documents and Settings\Simon\UserData
2006-11-06 20:55 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2006-11-06 19:57 87,552 --a------ C:\WINDOWS\system32\CNMLM4d.DLL
2006-11-06 19:57 5,632 --a------ C:\WINDOWS\system32\CNMVS4d.DLL
2006-11-06 19:56 73,728 -ra------ C:\WINDOWS\system32\CNMCP4d.exe
2006-11-06 19:56 <DIR> d--h----- C:\BJPrinter
2006-11-06 19:54 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2006-11-06 17:24 <DIR> d-------- C:\Program Files\Common Files\xing shared
2006-11-06 17:24 <DIR> d-------- C:\Program Files\Common Files\Real
2006-11-06 17:23 <DIR> d-------- C:\Program Files\Real
2006-11-06 17:23 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Real
2006-11-05 23:43 <DIR> d-------- C:\Program Files\Stardock
2006-11-05 23:43 <DIR> d-------- C:\Program Files\Common Files\Stardock
2006-11-05 23:36 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2006-11-05 23:35 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2006-11-05 23:35 <DIR> d-------- C:\a46b6fc35cc00ba54eea37ee8b
2006-11-05 23:34 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2006-11-05 23:34 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-11-05 23:34 <DIR> d-------- C:\32cb30e7998bc8a656e8cb
2006-11-05 21:30 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\AdobeUM
2006-11-05 21:29 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Adobe
2006-11-05 21:26 <DIR> d-------- C:\WINDOWS\Minidump
2006-11-05 21:22 <DIR> d-------- C:\Program Files\PowerISO
2006-11-05 21:21 <DIR> d-------- C:\Documents and Settings\Simon\Contacts
2006-11-05 21:15 <DIR> d-------- C:\Program Files\Samsung
2006-11-05 21:10 <DIR> d-------- C:\Program Files\OpenPandora
2006-11-05 21:10 <DIR> d-------- C:\Program Files\CleanUp!
2006-11-05 21:10 <DIR> d-------- C:\Program Files\Browster
2006-11-05 21:08 <DIR> dr--s---- C:\WINDOWS\assembly
2006-11-05 21:08 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2006-11-05 21:08 <DIR> d-------- C:\WINDOWS\Microsoft.NET
2006-11-05 21:07 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-11-05 21:07 <DIR> d-------- C:\Program Files\Opera
2006-11-05 21:07 <DIR> d-------- C:\Program Files\Nokia
2006-11-05 21:06 <DIR> d-------- C:\Program Files\Karen's Disk Slack Checker
2006-11-05 21:06 <DIR> d-------- C:\Program Files\Karen's Computer Profiler
2006-11-05 21:06 <DIR> d-------- C:\Program Files\DInfo
2006-11-05 21:05 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2006-11-05 21:05 249,856 --------- C:\WINDOWS\Setup1.exe
2006-11-05 21:05 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-05 21:05 <DIR> d-------- C:\Program Files\PTSync
2006-11-05 21:05 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Macromedia
2006-11-05 21:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-11-05 21:04 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2006-11-05 21:04 <DIR> d-------- C:\Program Files\VideoLAN
2006-11-05 21:04 <DIR> d-------- C:\Program Files\SpywareGuard
2006-11-05 21:03 <DIR> d-------- C:\Program Files\QuickTime
2006-11-05 21:03 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Shareaza
2006-11-05 21:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-11-05 21:02 <DIR> d-------- C:\Program Files\KeePass Password Safe
2006-11-05 21:02 <DIR> d-------- C:\Program Files\Juice
2006-11-05 21:01 <DIR> d-------- C:\Program Files\IrfanView
2006-11-05 21:00 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2006-11-05 21:00 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Google
2006-11-05 20:59 <DIR> d-------- C:\Program Files\Google
2006-11-05 20:58 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2006-11-05 20:58 <DIR> d-------- C:\Program Files\MSN Messenger
2006-11-05 20:57 720,896 --a------ C:\WINDOWS\iun6002.exe
2006-11-05 20:57 <DIR> d-------- C:\Program Files\FireTune
2006-11-05 20:57 <DIR> d-------- C:\Program Files\BIMP Lite
2006-11-05 20:56 <DIR> d-------- C:\Program Files\Lavasoft
2006-11-05 20:56 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Lavasoft
2006-11-05 20:55 <DIR> d-------- C:\Program Files\BillP Studios
2006-11-05 20:55 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\WinPatrol
2006-11-05 20:54 299,520 --a------ C:\WINDOWS\uninst.exe
2006-11-05 20:53 57,344 --a------ C:\WINDOWS\Unwash6.exe
2006-11-05 20:53 487,936 --a------ C:\WINDOWS\system32\wwSecure.exe
2006-11-05 20:53 <DIR> d-------- C:\Program Files\Webroot
2006-11-05 20:53 <DIR> d-------- C:\Program Files\Common Files\Webroot Shared
2006-11-05 20:53 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Webroot
2006-11-05 20:52 <DIR> d-------- C:\Program Files\WinASO
2006-11-05 20:51 <DIR> d-------- C:\Program Files\Merriam-Webster
2006-11-05 20:50 <DIR> d-------- C:\Program Files\TweakNow PowerPack 2006
2006-11-05 20:49 52,224 --a------ C:\WINDOWS\system32\Crypserv.exe
2006-11-05 20:49 27,648 -ra------ C:\WINDOWS\Setup_ck.exe
2006-11-05 20:49 24,608 --a------ C:\WINDOWS\system32\Ckldrv.sys
2006-11-05 20:49 18,432 --a------ C:\WINDOWS\Setup_ck.dll
2006-11-05 20:49 165,888 --a------ C:\WINDOWS\Ckconfig.exe
2006-11-05 20:49 11,776 --a------ C:\WINDOWS\Ckrfresh.exe
2006-11-05 20:49 <DIR> d-------- C:\Program Files\StyleWriter
2006-11-05 20:48 304,128 --a------ C:\WINDOWS\IsUninst.exe
2006-11-05 20:48 <DIR> d-------- C:\Documents and Settings\Simon\WINDOWS
2006-11-05 20:46 <DIR> d-------- C:\Program Files\Panicware
2006-11-05 20:37 <DIR> d-------- C:\Program Files\Common Files\Macromedia
2006-11-05 20:36 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2006-11-05 20:36 <DIR> d-------- C:\Program Files\Macromedia
2006-11-05 20:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Macromedia
2006-11-05 20:34 <DIR> d-------- C:\Program Files\Common Files\Acronis