Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Computer slowing down and restarts

Started by icerider , Nov 13 2006 06:55 PM

  • Please log in to reply

#1
icerider
Posted 13 November 2006 - 06:55 PM

icerider

    Member

  • Member
  • PipPip
  • 90 posts
My computer freezes or slowdowns at random times. Sometimes, if I turn off my computer, it'll restart right after for no reason. When I'm looking at the My Computer screen and change the view to thumbnails, the labels for the drives and documents do not appear. I suspect that it is a virus due to the fact that my anti-virus did find viruses a few days ago. Here's the Hijack This log:

Logfile of HijackThis v1.99.1
Scan saved at 2:19:08 PM, on 13/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\PROGRA~1\Browster\proxy\wrapper.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\WINDOWS\runservice.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\PROGRA~1\Browster\proxy\jre\bin\java.exe
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\taskswitch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
D:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ig
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8448
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand2515.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] D:\Music\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: RAID Manager.lnk = ?
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O16 - DPF: {594ECDD4-A991-4208-A7B7-00DDAD9BE328} (Photosynth Class) - http://media.labs.li.../Photosynth.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Browster Proxy (BrwstrPF) - Unknown owner - C:\PROGRA~1\Browster\proxy\wrapper.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

Thanks.
  • 0

Advertisements

#2
Metallica
Posted 21 November 2006 - 04:06 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Did you install any codecs lately?
And how old is your most recent Acronis image?

Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager"
Click "Save List" (generates uninstall_list.txt)
Click Save, copy and paste the results in your next post.

Regards,
  • 0

#3
icerider
Posted 21 November 2006 - 06:47 PM

icerider

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
Last image was a few days, and I don't believe I've installed any codecs at all.

Acronis True Image Home
Ad-Aware SE Professional
Adobe Bridge 1.0
Adobe Common File Installer
Adobe Flash Player 9 ActiveX
Adobe Help Center 1.0
Adobe Photoshop CS2
Adobe Reader 7.0.8
Adobe Shockwave Player
Adobe Stock Photos 1.0
Advanced Uninstaller PRO 2006 - version 7
Alt-Tab Task Switcher Powertoy for Windows XP
ASAP Utilities
ATI - Software Uninstall Utility
ATI Control Panel
ATI Display Driver
Audacity 1.2.6
BIMP Lite 1.61
Browster
Calculator Powertoy for Windows XP
Canon i950
CleanUp!
Copernic Desktop Search 2
DivX Total Pack
EULAlyzer v1.1
FireTune
FlashGet(JetCar)
FLV Player 1.3.3
FM Modifier 2.1
FreeUndelete
F-Secure Anti-Virus Client Security - Automatic Update Agent
F-Secure Anti-Virus Client Security - E-Mail Scanning
F-Secure Anti-Virus Client Security - Internet Shield
F-Secure Anti-Virus Client Security - Virus & Spy Protection
F-Secure Anti-Virus Client Security - Web Traffic Scanning
Google Earth
Google Toolbar for Internet Explorer
High Definition Audio Driver Package - KB835221
HijackThis 1.99.1
Hotfix for Windows XP (KB926239)
IconPackager
Image Resizer Powertoy for Windows XP
IrfanView (remove only)
ITE IT8212 ATA RAID Controller
J2SE Runtime Environment 5.0 Update 6
J2SE Runtime Environment 5.0 Update 9
Juice 2.2
Karen's Computer Profiler
Karen's Disk Slack Checker
Karen's Drive Info
Karen's Time Sync
Kaspersky Online Scanner
KeePass Password Safe 1.06
Logitech SetPoint
Macromedia Dreamweaver 8
Macromedia Extension Manager
Macromedia Fireworks 8
Macromedia Flash 8
Macromedia Flash 8 Video Encoder
Macromedia Flash Player 8
Macromedia Flash Player 8 Plugin
Marvell Miniport Driver
MediaLife
MediaMonkey 2.5
Merriam-Webster
Messenger Plus! Live
Microsoft .NET Framework 1.1
Microsoft .NET Framework 2.0
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Office FrontPage 2003
Microsoft Office OneNote 2003
Microsoft Office Professional Edition 2003
Microsoft Office Project Professional 2003
Microsoft Office Visio Professional 2003
Microsoft User-Mode Driver Framework Feature Pack 1.0
MozBackup 1.4.5
Mozilla Firefox (2.0)
Music Explorer
Nokia Connectivity Cable Driver
Oblivion
OpenPandora 0.6.6
Opera 9.02
Panda ActiveScan
PerfectDisk
Pop-Up Stopper Professional
PowerISO
PrimoPDF
PrimoPDF Redistribution Package
QuickTime
RealPlayer
Realtek High Definition Audio Driver
Samsung Music Studio
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player 10 (KB911565)
Security Update for Windows XP (KB890046)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896424)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899589)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901190)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911567)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB912919)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917422)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB918899)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920214)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921398)
Security Update for Windows XP (KB921883)
Security Update for Windows XP (KB922616)
Security Update for Windows XP (KB922760)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB925486)
Spybot - Search & Destroy 1.4
SpywareBlaster v3.5.1
SpywareGuard v2.2
StyleWriter
Tweak UI
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
VideoLAN VLC media player 0.8.5
Virtual Earth 3D (Beta)
Winamp (remove only)
WinASO Registry Optimizer 2.0.5
Window Washer
Windows Imaging Component
Windows Installer 3.1 (KB893803)
Windows Live Messenger
Windows Live Sign-in Assistant
Windows Media Format 11 runtime
Windows Media Format 11 runtime
Windows Media Player 11
Windows Media Player 11
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885835
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
WinPatrol
WinRAR archiver
WinZip
Zune Desktop Theme
  • 0

#4
Metallica
Posted 22 November 2006 - 01:47 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
hmmm...

Can you tell me if any of these were installed shortly before the problems started:

DivX Total Pack
FLV Player 1.3.3
Image Resizer Powertoy for Windows XP
MediaMonkey 2.5

If the image was made of a workable situation, are there any subjections against reverting back to it?

Regards,
  • 0

#5
icerider
Posted 22 November 2006 - 07:04 PM

icerider

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
I would prefer not to as I made a couple of changes to my computer after the problems came.

I don't believe any of those programs are related to the problem, though I uninstalled MediaMonkey since I never use it.
  • 0

#6
Metallica
Posted 23 November 2006 - 05:40 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts

I would prefer not to as I made a couple of changes to my computer after the problems came.


Yes, and one of them very likely caused the problems.
In my opinion it's easier to go back and apply the changes again (one by one), then to find out which one it was in the first place.
  • 0

#7
icerider
Posted 23 November 2006 - 06:25 PM

icerider

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
would uninstalling those four programs help see which one is the culprit?
  • 0

#8
Metallica
Posted 24 November 2006 - 01:37 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Only if it is one of them.
Were those installed recently?
  • 0

#9
icerider
Posted 24 November 2006 - 06:28 PM

icerider

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
I recently installed MediaMonkey, but I haven't noticed any change in my computer's performance. Is there a way to see if a virus could've caused or some other unwanted malware?
  • 0

#10
Metallica
Posted 25 November 2006 - 06:31 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Sure, but I don't think that is the case.
Or do you have any reason to think you got infected?
- Opened a suspicious email
- Installed illegal software
- Visited the wrong sites
- Clicked on a link someone sent you by Messenger
  • 1. Download this file - combofix.exe
    2. Double click combofix.exe & follow the prompts.
    3. When finished, it shall produce a log for you. Post that log in your next reply

    Note:
    Do not mouseclick combofix's window whilst it's running. That may cause it to stall

    In your next post, please include[list]
  • new hijackthis log
  • combofix log

  • 0

Advertisements

#11
icerider
Posted 25 November 2006 - 01:16 PM

icerider

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
HiJack! log:

Logfile of HijackThis v1.99.1
Scan saved at 11:15:40 AM, on 25/11/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\PROGRA~1\Browster\proxy\wrapper.exe
C:\WINDOWS\system32\crypserv.exe
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\WINDOWS\runservice.exe
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
C:\PROGRA~1\Browster\proxy\jre\bin\java.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\system32\wwSecure.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\WINDOWS\ALCMTR.EXE
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
C:\WINDOWS\system32\taskswitch.exe
D:\Music\Winamp\winampa.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
C:\Program Files\ITE\ITE IT8212 ATA RAID Controller\RaidMgr.exe
C:\Program Files\SpywareGuard\sgmain.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
D:\HiJack! This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ig
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:8448
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Browster BrwIEConnector - {908A31E8-2A6E-4736-8E8A-AAF00C4AE38F} - C:\Program Files\Browster\Browster.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\PROGRA~1\FlashGet\getflash.dll
O3 - Toolbar: Browster - {2EF39867-654F-48b6-8F93-B4FC3E8C6844} - C:\Program Files\Browster\Browster.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Copernic Desktop Search 2 - {968631B6-4729-440D-9BF4-251F5593EC9A} - C:\Program Files\Copernic Desktop Search 2\DesktopSearchBand2515.dll
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [TrueImageMonitor.exe] C:\Program Files\Acronis\TrueImageHome\TrueImageMonitor.exe
O4 - HKLM\..\Run: [AcronisTimounterMonitor] C:\Program Files\Acronis\TrueImageHome\TimounterMonitor.exe
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [WinPatrol] C:\Program Files\BillP Studios\WinPatrol\winpatrol.exe
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [WinampAgent] D:\Music\Winamp\winampa.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Copernic Desktop Search 2] "C:\Program Files\Copernic Desktop Search 2\DesktopSearchService.exe" /tray
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe
O4 - Global Startup: Microsoft Office OneNote 2003 Quick Launch.lnk = C:\Program Files\Microsoft Office\OFFICE11\ONENOTEM.EXE
O4 - Global Startup: RAID Manager.lnk = ?
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky...can_unicode.cab
O16 - DPF: {594ECDD4-A991-4208-A7B7-00DDAD9BE328} (Photosynth Class) - http://media.labs.li.../Photosynth.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoft...free/asinst.cab
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Browster Proxy (BrwstrPF) - Unknown owner - C:\PROGRA~1\Browster\proxy\wrapper.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:\WINDOWS\SYSTEM32\crypserv.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:\WINDOWS\runservice.exe
O23 - Service: PDAgent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDAgent.exe
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: Washer AutoComplete (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe

edit: combofix log was too long

Edited by icerider, 25 November 2006 - 01:19 PM.

  • 0

#12
icerider
Posted 25 November 2006 - 01:22 PM

icerider

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
Combofixlog:

Simon - 06-11-25 11:10:57.17 Service Pack 2
ComboFix 06.11.22 - Running from: "D:\"

((((((((((((((((((((((((((((((( Files Created from 2006-10-25 to 2006-11-25 ))))))))))))))))))))))))))))))))))


2006-11-20 11:25 32,592 --a------ C:\WINDOWS\system32\msonpmon.dll
2006-11-20 11:01 <DIR> d-------- C:\Downloads
2006-11-20 11:00 <DIR> d-------- C:\Config.Msi
2006-11-20 10:59 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2006-11-16 19:04 <DIR> d-------- C:\Program Files\Audacity
2006-11-14 22:44 <DIR> d-------- C:\Program Files\Music Explorer
2006-11-13 14:21 <DIR> d-------- C:\WINDOWS\system32\Kaspersky Lab
2006-11-13 14:20 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2006-11-13 10:13 <DIR> d-------- C:\My Music
2006-11-12 13:57 <DIR> d-------- C:\Program Files\Raxco
2006-11-12 13:57 <DIR> d-------- C:\Program Files\Common Files\Raxco
2006-11-12 13:57 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Raxco
2006-11-12 11:03 <DIR> d-------- C:\Program Files\SpywareBlaster
2006-11-11 22:05 <DIR> d-------- C:\Program Files\Innovative Solutions
2006-11-11 21:38 <DIR> d-------- C:\Program Files\FlashGet
2006-11-11 21:23 <DIR> d-------- C:\Program Files\Copernic Desktop Search 2
2006-11-11 21:15 <DIR> d-------- C:\Program Files\FreeUndelete
2006-11-11 20:47 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2006-11-11 20:47 <DIR> d-------- C:\WINDOWS\PrimoPDF
2006-11-11 20:47 <DIR> d-------- C:\Program Files\activePDF
2006-11-11 20:36 <DIR> d-------- C:\Program Files\ASAP Utilities
2006-11-10 20:02 793 --ahs---- C:\WINDOWS\system32\mmf.sys
2006-11-10 20:02 48,640 --a------ C:\WINDOWS\mmfs.dll
2006-11-10 20:02 2,560 --a------ C:\WINDOWS\Runservice.exe
2006-11-10 16:04 <DIR> d-------- C:\Program Files\EULAlyzer
2006-11-09 16:47 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Sports Interactive
2006-11-08 20:41 <DIR> d-------- C:\Program Files\MozBackup
2006-11-08 19:53 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\vlc
2006-11-08 16:35 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Google
2006-11-08 16:23 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Opera
2006-11-07 18:44 96,256 --a------ C:\WINDOWS\system32\drivers\sptd7933.sys
2006-11-07 18:44 664,064 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2006-11-07 00:32 <DIR> d---s---- C:\Documents and Settings\Simon\UserData
2006-11-06 20:55 60,416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2006-11-06 19:57 87,552 --a------ C:\WINDOWS\system32\CNMLM4d.DLL
2006-11-06 19:57 5,632 --a------ C:\WINDOWS\system32\CNMVS4d.DLL
2006-11-06 19:56 73,728 -ra------ C:\WINDOWS\system32\CNMCP4d.exe
2006-11-06 19:56 <DIR> d--h----- C:\BJPrinter
2006-11-06 19:54 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2006-11-06 17:24 <DIR> d-------- C:\Program Files\Common Files\xing shared
2006-11-06 17:24 <DIR> d-------- C:\Program Files\Common Files\Real
2006-11-06 17:23 <DIR> d-------- C:\Program Files\Real
2006-11-06 17:23 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Real
2006-11-05 23:43 <DIR> d-------- C:\Program Files\Stardock
2006-11-05 23:43 <DIR> d-------- C:\Program Files\Common Files\Stardock
2006-11-05 23:36 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2006-11-05 23:35 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2006-11-05 23:35 <DIR> d-------- C:\a46b6fc35cc00ba54eea37ee8b
2006-11-05 23:34 <DIR> d-------- C:\WINDOWS\system32\LogFiles
2006-11-05 23:34 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2006-11-05 23:34 <DIR> d-------- C:\32cb30e7998bc8a656e8cb
2006-11-05 21:30 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\AdobeUM
2006-11-05 21:29 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Adobe
2006-11-05 21:26 <DIR> d-------- C:\WINDOWS\Minidump
2006-11-05 21:22 <DIR> d-------- C:\Program Files\PowerISO
2006-11-05 21:21 <DIR> d-------- C:\Documents and Settings\Simon\Contacts
2006-11-05 21:15 <DIR> d-------- C:\Program Files\Samsung
2006-11-05 21:10 <DIR> d-------- C:\Program Files\OpenPandora
2006-11-05 21:10 <DIR> d-------- C:\Program Files\CleanUp!
2006-11-05 21:10 <DIR> d-------- C:\Program Files\Browster
2006-11-05 21:08 <DIR> dr--s---- C:\WINDOWS\assembly
2006-11-05 21:08 <DIR> d-------- C:\WINDOWS\system32\URTTemp
2006-11-05 21:08 <DIR> d-------- C:\WINDOWS\Microsoft.NET
2006-11-05 21:07 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2006-11-05 21:07 <DIR> d-------- C:\Program Files\Opera
2006-11-05 21:07 <DIR> d-------- C:\Program Files\Nokia
2006-11-05 21:06 <DIR> d-------- C:\Program Files\Karen's Disk Slack Checker
2006-11-05 21:06 <DIR> d-------- C:\Program Files\Karen's Computer Profiler
2006-11-05 21:06 <DIR> d-------- C:\Program Files\DInfo
2006-11-05 21:05 73,216 --a------ C:\WINDOWS\ST6UNST.EXE
2006-11-05 21:05 249,856 --------- C:\WINDOWS\Setup1.exe
2006-11-05 21:05 <DIR> d-------- C:\Program Files\Spybot - Search & Destroy
2006-11-05 21:05 <DIR> d-------- C:\Program Files\PTSync
2006-11-05 21:05 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Macromedia
2006-11-05 21:05 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2006-11-05 21:04 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2006-11-05 21:04 <DIR> d-------- C:\Program Files\VideoLAN
2006-11-05 21:04 <DIR> d-------- C:\Program Files\SpywareGuard
2006-11-05 21:03 <DIR> d-------- C:\Program Files\QuickTime
2006-11-05 21:03 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Shareaza
2006-11-05 21:03 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2006-11-05 21:02 <DIR> d-------- C:\Program Files\KeePass Password Safe
2006-11-05 21:02 <DIR> d-------- C:\Program Files\Juice
2006-11-05 21:01 <DIR> d-------- C:\Program Files\IrfanView
2006-11-05 21:00 <DIR> d-------- C:\Program Files\Messenger Plus! Live
2006-11-05 21:00 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Google
2006-11-05 20:59 <DIR> d-------- C:\Program Files\Google
2006-11-05 20:58 <DIR> d----c--- C:\WINDOWS\system32\DRVSTORE
2006-11-05 20:58 <DIR> d-------- C:\Program Files\MSN Messenger
2006-11-05 20:57 720,896 --a------ C:\WINDOWS\iun6002.exe
2006-11-05 20:57 <DIR> d-------- C:\Program Files\FireTune
2006-11-05 20:57 <DIR> d-------- C:\Program Files\BIMP Lite
2006-11-05 20:56 <DIR> d-------- C:\Program Files\Lavasoft
2006-11-05 20:56 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Lavasoft
2006-11-05 20:55 <DIR> d-------- C:\Program Files\BillP Studios
2006-11-05 20:55 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\WinPatrol
2006-11-05 20:54 299,520 --a------ C:\WINDOWS\uninst.exe
2006-11-05 20:53 57,344 --a------ C:\WINDOWS\Unwash6.exe
2006-11-05 20:53 487,936 --a------ C:\WINDOWS\system32\wwSecure.exe
2006-11-05 20:53 <DIR> d-------- C:\Program Files\Webroot
2006-11-05 20:53 <DIR> d-------- C:\Program Files\Common Files\Webroot Shared
2006-11-05 20:53 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Webroot
2006-11-05 20:52 <DIR> d-------- C:\Program Files\WinASO
2006-11-05 20:51 <DIR> d-------- C:\Program Files\Merriam-Webster
2006-11-05 20:50 <DIR> d-------- C:\Program Files\TweakNow PowerPack 2006
2006-11-05 20:49 52,224 --a------ C:\WINDOWS\system32\Crypserv.exe
2006-11-05 20:49 27,648 -ra------ C:\WINDOWS\Setup_ck.exe
2006-11-05 20:49 24,608 --a------ C:\WINDOWS\system32\Ckldrv.sys
2006-11-05 20:49 18,432 --a------ C:\WINDOWS\Setup_ck.dll
2006-11-05 20:49 165,888 --a------ C:\WINDOWS\Ckconfig.exe
2006-11-05 20:49 11,776 --a------ C:\WINDOWS\Ckrfresh.exe
2006-11-05 20:49 <DIR> d-------- C:\Program Files\StyleWriter
2006-11-05 20:48 304,128 --a------ C:\WINDOWS\IsUninst.exe
2006-11-05 20:48 <DIR> d-------- C:\Documents and Settings\Simon\WINDOWS
2006-11-05 20:46 <DIR> d-------- C:\Program Files\Panicware
2006-11-05 20:37 <DIR> d-------- C:\Program Files\Common Files\Macromedia
2006-11-05 20:36 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2006-11-05 20:36 <DIR> d-------- C:\Program Files\Macromedia
2006-11-05 20:36 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Macromedia
2006-11-05 20:34 <DIR> d-------- C:\Program Files\Common Files\Acronis
2006-11-05 20:34 <DIR> d-------- C:\Program Files\Acronis
2006-11-05 20:29 36,528 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2006-11-05 20:29 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2006-11-05 20:29 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2006-11-05 20:29 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2006-11-05 20:29 115,880 --------- C:\WINDOWS\system32\pxinsi64.exe
2006-11-05 20:29 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2006-11-05 20:27 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2006-11-05 20:24 <DIR> d-------- C:\WINDOWS\Sun
2006-11-05 20:24 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Sun
2006-11-05 20:13 <DIR> d-------- C:\Program Files\Java
2006-11-05 20:10 <DIR> d-------- C:\Program Files\Common Files\Java
2006-11-05 20:06 20,480 --a------ C:\WINDOWS\normaliz.dll
2006-11-05 20:05 20,480 --a------ C:\WINDOWS\system32\normaliz.dll
2006-11-05 17:07 <DIR> d--hs---- C:\WINDOWS\CSC
2006-11-05 17:04 <DIR> d-------- C:\Program Files\Mozilla Firefox
2006-11-05 17:04 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Talkback
2006-11-05 17:04 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Mozilla
2006-11-05 16:58 <DIR> d-------- C:\WINDOWS\WBEM
2006-11-05 16:58 <DIR> d-------- C:\WINDOWS\system32\en-US
2006-11-05 16:58 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2006-11-05 16:58 <DIR> d-------- C:\WINDOWS\%DownloadedProgramFiles%
2006-11-05 16:54 <DIR> d-------- C:\Program Files\WinZip
2006-11-05 16:41 <DIR> d--hs---- C:\RECYCLER
2006-11-05 16:29 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Acronis
2006-11-05 16:25 45,056 --a------ C:\WINDOWS\system32\WMErrCHT.dll
2006-11-05 16:23 45,056 --a------ C:\WINDOWS\system32\WMErrCHS.dll
2006-11-05 16:22 6,144 --a------ C:\WINDOWS\system32\kbd101a.dll
2006-11-05 16:21 9,216 --a------ C:\WINDOWS\system32\kbdnecAT.dll
2006-11-05 16:21 7,680 --a------ C:\WINDOWS\system32\kbdnecNT.dll
2006-11-05 16:21 7,168 --a------ C:\WINDOWS\system32\kbdnec95.dll
2006-11-05 16:21 7,168 --a------ C:\WINDOWS\system32\kbdibm02.dll
2006-11-05 16:21 6,656 --a------ C:\WINDOWS\system32\kbdlk41a.dll
2006-11-05 16:21 6,144 --a------ C:\WINDOWS\system32\kbdlk41j.dll
2006-11-05 16:21 6,144 --a------ C:\WINDOWS\system32\kbdax2.dll
2006-11-05 16:21 6,144 --a------ C:\WINDOWS\system32\kbd106n.dll
2006-11-05 16:21 6,144 --a------ C:\WINDOWS\system32\kbd101.dll
2006-11-05 16:20 811,064 --a------ C:\WINDOWS\system32\imjp81k.dll
2006-11-05 16:20 76,288 --a------ C:\WINDOWS\system32\uniime.dll
2006-11-05 16:19 8,704 --a------ C:\WINDOWS\system32\kbdjpn.dll
2006-11-05 16:19 8,192 --a------ C:\WINDOWS\system32\kbdkor.dll
2006-11-05 16:19 6,144 --a------ C:\WINDOWS\system32\kbd106.dll
2006-11-05 16:19 6,144 --a------ C:\WINDOWS\system32\kbd101c.dll
2006-11-05 16:19 6,144 --a------ C:\WINDOWS\system32\kbd101b.dll
2006-11-05 16:19 5,632 --a------ C:\WINDOWS\system32\kbd103.dll
2006-11-05 16:18 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\F-Secure
2006-11-05 16:17 395,744 --a------ C:\WINDOWS\system32\drivers\timntr.sys
2006-11-05 16:17 39,264 --a------ C:\WINDOWS\system32\drivers\tifsfilt.sys
2006-11-05 16:17 114,048 --a------ C:\WINDOWS\system32\drivers\snapman.sys
2006-11-05 16:14 <DIR> d-------- C:\Program Files\WinRAR
2006-11-05 16:12 70,896 --a------ C:\WINDOWS\system32\drivers\fsdfw.sys
2006-11-05 16:12 33,584 --a------ C:\WINDOWS\system32\drivers\fsndis5.sys
2006-11-05 16:11 118,842 -r------- C:\WINDOWS\bwUnin-6.3.2.116-7681197L.exe
2006-11-05 16:11 <DIR> d-------- C:\Program Files\F-Secure
2006-11-05 16:11 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\F-Secure
2006-11-05 16:08 <DIR> d-------- C:\Program Files\Common Files\Adobe Systems Shared
2006-11-05 16:08 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2006-11-05 16:07 <DIR> d-------- C:\Program Files\Common Files\Adobe
2006-11-05 16:07 <DIR> d-------- C:\Program Files\Adobe
2006-11-05 16:07 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2006-11-05 15:57 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2006-11-05 15:56 <DIR> d-------- C:\Program Files\Microsoft.NET
2006-11-05 15:56 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2006-11-05 15:56 <DIR> d-------- C:\Program Files\Common Files\L&H
2006-11-05 15:55 <DIR> d-------- C:\WINDOWS\SHELLNEW
2006-11-05 15:55 <DIR> d-------- C:\Program Files\Microsoft Works
2006-11-05 15:55 <DIR> d-------- C:\Program Files\Microsoft Visual Studio
2006-11-05 15:55 <DIR> d-------- C:\Program Files\Microsoft Office
2006-11-05 15:55 <DIR> d-------- C:\Program Files\Common Files\DESIGNER
2006-11-05 15:54 <DIR> dr-h----- C:\MSOCache
2006-11-05 15:48 <DIR> d--hs---- C:\WINDOWS\ftpcache
2006-11-05 15:48 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Logitech
2006-11-05 15:45 25,088 --a------ C:\WINDOWS\system32\msxml3a.dll
2006-11-05 15:45 <DIR> d-------- C:\Program Files\CyberLink
2006-11-05 15:45 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2006-11-05 15:44 71,533 --a------ C:\WINDOWS\system32\drivers\LMouKE.Sys
2006-11-05 15:44 54,817 --a------ C:\WINDOWS\system32\drivers\L8042mou.Sys
2006-11-05 15:44 13,105 --a------ C:\WINDOWS\system32\drivers\L8042Kbd.sys
2006-11-05 15:44 <DIR> d-------- C:\Program Files\Logitech
2006-11-05 15:44 <DIR> d-------- C:\Program Files\Common Files\Logitech
2006-11-05 15:42 <DIR> d-------- C:\WINDOWS\system32\Lang
2006-11-05 15:40 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Help
2006-11-05 15:34 516,096 --------- C:\WINDOWS\system32\ati2sgag.exe
2006-11-05 15:33 294,912 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2006-11-05 15:33 <DIR> d-------- C:\Program Files\ATI Technologies
2006-11-05 15:32 65,536 --------- C:\WINDOWS\system32\ntport.dll
2006-11-05 15:32 6,080 --------- C:\WINDOWS\system32\zntport.sys
2006-11-05 15:32 25,657 --------- C:\WINDOWS\install.exe
2006-11-05 15:32 25,111 --------- C:\WINDOWS\remove.exe
2006-11-05 15:32 24,971 --a------ C:\WINDOWS\system32\drivers\iteraid.sys
2006-11-05 15:32 <DIR> d-------- C:\Program Files\ITE
2006-11-05 15:31 <DIR> d-------- C:\Program Files\Marvell
2006-11-05 15:30 7,360,512 --a------ C:\WINDOWS\RTLCPL.EXE
2006-11-05 15:30 67,584 --a------ C:\WINDOWS\SOUNDMAN.EXE
2006-11-05 15:30 57,344 --a------ C:\WINDOWS\ALCMTR.EXE
2006-11-05 15:30 2,545,664 --a------ C:\WINDOWS\ALCWZRD.EXE
2006-11-05 15:30 2,161,792 --a------ C:\WINDOWS\system32\drivers\RtkHDAud.sys
2006-11-05 15:30 156,160 --a------ C:\WINDOWS\system32\RTLCPAPI.dll
2006-11-05 15:30 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2006-11-05 15:30 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2006-11-05 15:30 <DIR> d-------- C:\Program Files\Realtek
2006-11-05 15:30 <DIR> d-------- C:\Program Files\Intel
2006-11-05 15:29 5,824 --a------ C:\WINDOWS\system32\drivers\ASUSHWIO.SYS
2006-11-05 15:29 5,755 -ra------ C:\WINDOWS\system32\drivers\ASACPI.sys
2006-11-05 15:29 <DIR> d-------- C:\WINDOWS\ATK0110
2006-11-05 15:29 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2006-11-05 15:28 23,856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2006-11-05 15:28 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2006-11-05 15:28 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2006-11-05 15:24 <DIR> d-------- C:\WINDOWS\system32\SoftwareDistribution
2006-11-05 15:23 178,560 --a------ C:\WINDOWS\system32\drivers\yk51x86.sys
2006-11-05 15:21 26,496 --a------ C:\WINDOWS\system32\drivers\USBSTOR.SYS
2006-11-05 15:17 <DIR> dr-h----- C:\Documents and Settings\Simon\SendTo
2006-11-05 15:17 <DIR> dr-h----- C:\Documents and Settings\Simon\Application Data\.
2006-11-05 15:17 <DIR> dr-h----- C:\Documents and Settings\Simon\Application Data
2006-11-05 15:17 <DIR> dr------- C:\Documents and Settings\Simon\Start Menu
2006-11-05 15:17 <DIR> dr------- C:\Documents and Settings\Simon\My Documents
2006-11-05 15:17 <DIR> dr------- C:\Documents and Settings\Simon\Desktop
2006-11-05 15:17 <DIR> d--h----- C:\Program Files\Uninstall Information
2006-11-05 15:17 <DIR> d--h----- C:\Documents and Settings\Simon\Templates
2006-11-05 15:17 <DIR> d--h----- C:\Documents and Settings\Simon\PrintHood
2006-11-05 15:17 <DIR> d--h----- C:\Documents and Settings\Simon\NetHood
2006-11-05 15:17 <DIR> d--h----- C:\Documents and Settings\Simon\Local Settings
2006-11-05 15:17 <DIR> d---s---- C:\Documents and Settings\Simon\Recent
2006-11-05 15:17 <DIR> d---s---- C:\Documents and Settings\Simon\Favorites
2006-11-05 15:17 <DIR> d---s---- C:\Documents and Settings\Simon\Cookies
2006-11-05 15:17 <DIR> d---s---- C:\Documents and Settings\Simon\Application Data\Microsoft
2006-11-05 15:17 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\Identities
2006-11-05 15:17 <DIR> d-------- C:\Documents and Settings\Simon\Application Data\..
2006-11-05 15:17 <DIR> d-------- C:\Documents and Settings\Simon\..
2006-11-05 15:17 <DIR> d-------- C:\Documents and Settings\Simon\.
2006-11-05 15:15 <DIR> d---s---- C:\WINDOWS\system32\Microsoft
2006-11-05 15:15 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2006-11-05 15:15 <DIR> d-------- C:\WINDOWS\Prefetch
2006-11-05 15:13 98,304 --a------ C:\WINDOWS\system32\msir3jp.dll
2006-11-05 15:13 70,656 --a------ C:\WINDOWS\system32\korwbrkr.dll
2006-11-05 15:11 838,144 --a------ C:\WINDOWS\system32\chtbrkr.dll
2006-11-05 15:11 7,168 --a------ C:\WINDOWS\system32\f3ahvoas.dll
2006-11-05 15:11 6,656 --a------ C:\WINDOWS\system32\c_is2022.dll
2006-11-05 15:11 218,112 --a------ C:\WINDOWS\system32\c_g18030.dll
2006-11-05 15:11 1,677,824 --a------ C:\WINDOWS\system32\chsbrkr.dll
2006-11-05 15:11 <DIR> d-------- C:\WINDOWS\system32\xircom
2006-11-05 15:11 <DIR> d-------- C:\Program Files\xerox
2006-11-05 15:11 <DIR> d-------- C:\Program Files\microsoft frontpage
2006-11-05 15:10 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2006-11-05 15:10 0 -rahs---- C:\MSDOS.SYS
2006-11-05 15:10 0 -rahs---- C:\IO.SYS
2006-11-05 15:10 0 --a------ C:\CONFIG.SYS
2006-11-05 15:10 0 --a------ C:\AUTOEXEC.BAT
2006-11-05 15:09 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2006-11-05 15:09 <DIR> d--hs---- C:\Documents and Settings\All Users\DRM
2006-11-05 15:09 <DIR> d--h----- C:\Program Files\WindowsUpdate
2006-11-05 15:09 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2006-11-05 15:08 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2006-11-05 15:08 <DIR> d-------- C:\WINDOWS\system32\DirectX
2006-11-05 15:07 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2006-11-05 15:07 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2006-11-05 15:07 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2006-11-05 15:07 <DIR> d---s---- C:\WINDOWS\Tasks
2006-11-05 15:07 <DIR> d-------- C:\Program Files\Common Files\Services
2006-11-05 15:07 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2006-11-05 15:06 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2006-11-05 15:06 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2006-11-05 15:06 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2006-11-05 15:06 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2006-11-05 15:06 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2006-11-05 15:06 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2006-11-05 15:06 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2006-11-05 15:06 41,240 --a------ C:\WINDOWS\system32\wups.dll
2006-11-05 15:06 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2006-11-05 15:06 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2006-11-05 15:06 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2006-11-05 15:06 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2006-11-05 15:06 173,536 --a------ C:\WINDOWS\system32\wuweb.dll
2006-11-05 15:06 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2006-11-05 15:06 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2006-11-05 15:06 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe
2006-11-05 15:06 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2006-11-05 15:06 <DIR> d-------- C:\WINDOWS\system32\Macromed
2006-11-05 15:06 <DIR> d-------- C:\WINDOWS\srchasst
2006-11-05 15:06 <DIR> d-------- C:\Program Files\Movie Maker
2006-11-05 15:05 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2006-11-05 15:05 81,920 --a------ C:\WINDOWS\system32\ils.dll
2006-11-05 15:05 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2006-11-05 15:05 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2006-11-05 15:05 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2006-11-05 15:05 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2006-11-05 15:05 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2006-11-05 15:05 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2006-11-05 15:05 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2006-11-05 15:05 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2006-11-05 15:05 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2006-11-05 15:05 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2006-11-05 15:05 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2006-11-05 15:05 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2006-11-05 15:05 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2006-11-05 15:05 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2006-11-05 15:05 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2006-11-05 15:05 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2006-11-05 15:05 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2006-11-05 15:05 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2006-11-05 15:05 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2006-11-05 15:05 128,896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2006-11-05 15:05 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2006-11-05 15:05 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2006-11-05 15:05 <DIR> d-------- C:\WINDOWS\system32\Restore
2006-11-05 15:05 <DIR> d-------- C:\Program Files\Outlook Express
2006-11-05 15:05 <DIR> d-------- C:\Program Files\NetMeeting
2006-11-05 15:05 <DIR> d-------- C:\Program Files\Internet Explorer
2006-11-05 15:05 <DIR> d-------- C:\Program Files\Common Files\System
2006-11-05 15:04 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2006-11-05 15:04 5,632 --a------ C:\WINDOWS\system32\write.exe
2006-11-05 15:04 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2006-11-05 15:04 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2006-11-05 15:04 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2006-11-05 15:04 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2006-11-05 15:04 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2006-11-05 15:04 <DIR> d-------- C:\WINDOWS\Registration
2006-11-05 15:04 <DIR> d-------- C:\Program Files\Windows Media Player
2006-11-05 15:04 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2006-11-05 15:04 <DIR> d-------- C:\Program Files\Messenger
2006-11-05 15:03 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2006-11-05 15:03 9,728 --a------ C:\WINDOWS\system32\reset.exe
2006-11-05 15:03 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2006-11-05 15:03 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2006-11-05 15:03 56,832 --a------ C:\WINDOWS\system32\sol.exe
2006-11-05 15:03 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2006-11-05 15:03 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2006-11-05 15:03 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2006-11-05 15:03 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2006-11-05 15:03 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2006-11-05 15:03 33,792 --a------ C:\WINDOWS\system32\regini.exe
2006-11-05 15:03 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2006-11-05 15:03 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2006-11-05 15:03 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2006-11-05 15:03 20,992 --a------ C:\WINDOWS\system32\msg.exe
2006-11-05 15:03 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2006-11-05 15:03 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2006-11-05 15:03 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2006-11-05 15:03 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2006-11-05 15:03 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2006-11-05 15:03 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2006-11-05 15:03 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2006-11-05 15:03 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2006-11-05 15:03 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2006-11-05 15:03 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2006-11-05 15:03 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2006-11-05 15:03 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2006-11-05 15:03 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2006-11-05 15:03 114,688 --a------ C:\WINDOWS\system32\calc.exe
2006-11-05 15:03 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2006-11-05 15:02 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2006-11-05 15:02 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2006-11-05 15:02 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll
2006-11-05 15:02 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2006-11-05 15:02 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2006-11-05 15:02 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2006-11-05 15:02 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2006-11-05 15:02 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2006-11-05 15:02 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2006-11-05 15:02 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2006-11-05 15:02 538,624 --a------ C:\WINDOWS\system32\spider.exe
2006-11-05 15:02 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2006-11-05 15:02 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2006-11-05 15:02 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2006-11-05 15:02 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2006-11-05 15:02 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2006-11-05 15:02 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2006-11-05 15:02 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2006-11-05 15:02 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2006-11-05 15:02 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2006-11-05 15:02 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2006-11-05 15:02 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2006-11-05 15:02 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2006-11-05 15:02 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2006-11-05 15:02 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2006-11-05 15:02 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2006-11-05 15:02 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2006-11-05 15:02 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2006-11-05 15:02 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2006-11-05 15:02 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2006-11-05 15:02 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2006-11-05 15:02 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2006-11-05 15:02 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2006-11-05 15:02 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2006-11-05 15:02 <DIR> d-------- C:\Program Files\Windows NT
2006-11-05 15:02 <DIR> d-------- C:\Program Files\MSN
2006-11-05 15:01 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2006-11-05 15:01 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2006-11-05 15:01 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2006-11-05 15:01 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2006-11-05 15:01 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2006-11-05 15:01 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2006-11-05 15:01 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2006-11-05 15:01 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2006-11-05 15:01 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2006-11-05 15:01 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2006-11-05 15:01 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2006-11-05 15:01 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2006-11-05 15:01 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2006-11-05 15:01 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll
2006-11-05 15:01 <DIR> d-------- C:\WINDOWS\system32\Com
2006-11-05 06:58 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2006-11-05 06:58 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2006-11-05 06:58 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2006-11-05 06:58 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2006-11-05 06:58 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2006-11-05 06:58 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2006-11-05 06:58 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2006-11-05 06:58 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2006-11-05 06:58 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2006-11-05 06:58 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2006-11-05 06:58 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2006-11-05 06:58 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2006-11-05 06:58 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2006-11-05 06:58 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2006-11-05 06:58 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2006-11-05 06:58 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2006-11-05 06:58 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2006-11-05 06:58 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2006-11-05 06:58 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2006-11-05 06:57 74,240 --a------ C:\WINDOWS\system\CamExO20.dll
2006-11-05 06:57 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2006-11-05 06:57 59,264 --a------ C:\WINDOWS\system32\drivers\USBAUDIO.sys
2006-11-05 06:57 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2006-11-05 06:57 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2006-11-05 06:57 44,544 --a------ C:\WINDOWS\system32\OVUI2.dll
2006-11-05 06:57 41,984 --a------ C:\WINDOWS\system32\OVUI2RC.dll
2006-11-05 06:57 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2006-11-05 06:57 39,424 --a------ C:\WINDOWS\system32\OVComS.exe
2006-11-05 06:57 314,752 --a------ C:\WINDOWS\system32\drivers\CamDrO21.sys
2006-11-05 06:57 20,480 --a------ C:\WINDOWS\system32\OVComC.dll
2006-11-05 06:57 135,040 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2006-11-05 06:57 116,736 --a------ C:\WINDOWS\system32\OVCodec2.dll
2006-11-05 06:56 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2006-11-05 06:56 5,504 --a------ C:\WINDOWS\system32\drivers\intelide.sys
2006-11-05 06:55 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2006-11-05 06:55 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdycc.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbduzb.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdur.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdtat.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdru1.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdru.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdkaz.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdbu.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdblr.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2006-11-05 06:55 5,632 -ra------ C:\WINDOWS\system32\kbdaze.dll
2006-11-05 06:55 <DIR> dr------- C:\Program Files\Common Files\..
2006-11-05 06:55 <DIR> dr------- C:\Program Files\.
2006-11-05 06:55 <DIR> dr------- C:\Program Files
2006-11-05 06:55 <DIR> d--hs---- C:\WINDOWS\Installer
2006-11-05 06:55 <DIR> d--hs---- C:\Program Files\..
2006-11-05 06:55 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2006-11-05 06:55 <DIR> d-------- C:\Program Files\Common Files\ODBC
2006-11-05 06:55 <DIR> d-------- C:\Program Files\Common Files\Microsoft Shared
2006-11-05 06:55 <DIR> d-------- C:\Program Files\Common Files\.
2006-11-05 06:55 <DIR> d-------- C:\Program Files\Common Files
2006-11-05 06:54 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2006-11-05 06:54 9,008 --a------ C:\WINDOWS\system\VER.DLL
2006-11-05 06:54 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2006-11-05 06:54 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2006-11-05 06:54 8,704 --a------ C:\WINDOWS\system32\batt.dll
2006-11-05 06:54 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2006-11-05 06:54 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2006-11-05 06:54 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2006-11-05 06:54 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2006-11-05 06:54 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2006-11-05 06:54 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2006-11-05 06:54 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2006-11-05 06:54 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2006-11-05 06:54 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2006-11-05 06:54 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2006-11-05 06:54 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2006-11-05 06:54 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2006-11-05 06:54 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2006-11-05 06:54 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2006-11-05 06:54 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2006-11-05 06:54 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2006-11-05 06:54 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2006-11-05 06:54 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2006-11-05 06:54 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2006-11-05 06:54 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2006-11-05 06:54 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2006-11-05 06:54 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2006-11-05 06:54 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2006-11-05 06:54 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2006-11-05 06:54 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2006-11-05 06:54 <DIR> dr------- C:\Documents and Settings\All Users\Start Menu
2006-11-05 06:54 <DIR> dr------- C:\Documents and Settings\All Users\Documents
2006-11-05 06:54 <DIR> d--h----- C:\Documents and Settings\All Users\Templates
2006-11-05 06:54 <DIR> d-------- C:\Documents and Settings\All Users\Favorites
2006-11-05 06:54 <DIR> d-------- C:\Documents and Settings\All Users\Desktop
2006-11-05 06:53 <DIR> dr-h----- C:\Documents and Settings\All Users\Application Data\.
2006-11-05 06:53 <DIR> dr-h----- C:\Documents and Settings\All Users\Application Data
2006-11-05 06:53 <DIR> d--hs---- C:\System Volume Information
2006-11-05 06:53 <DIR> d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2006-11-05 06:53 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2006-11-05 06:53 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2006-11-05 06:53 <DIR> d-------- C:\Documents and Settings\All Users\Application Data\..
2006-11-05 06:53 <DIR> d-------- C:\Documents and Settings\All Users\..
2006-11-05 06:53 <DIR> d-------- C:\Documents and Settings\All Users\.
2006-11-05 06:53 <DIR> d-------- C:\Documents and Settings
2006-11-05 06:40 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2006-11-05 06:40 <DIR> dr--s---- C:\WINDOWS\Fonts
2006-11-05 06:40 <DIR> dr------- C:\WINDOWS\Web
2006-11-05 06:40 <DIR> d--hs---- C:\WINDOWS\..
2006-11-05 06:40 <DIR> d--h----- C:\WINDOWS\inf
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\WinSxS
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\twain_32
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Temp
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\wins
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\wbem
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\usmt
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\spool
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\Setup
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\ras
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\oobe
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\npp
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\mui
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\IME
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\icsxml
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\ias
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\export
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\drivers\..
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\drivers\.
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\drivers
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\dhcp
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\config
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\3076
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\2052
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1054
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1042
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1041
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1037
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1033
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1031
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1028
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\1025
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\..
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32\.
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system32
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system\..
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system\.
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\system
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\security
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Resources
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\repair
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Provisioning
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\PeerNet
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\pchealth
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\mui
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\msapps
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\msagent
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Media
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\java
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\ime
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Help
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\ehome
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Driver Cache
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Debug
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Cursors
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Connection Wizard
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\Config
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\AppPatch
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\addins
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS\.
2006-11-05 06:40 <DIR> d-------- C:\WINDOWS
2006-10-26 14:10 33,088 --a------ C:\WINDOWS\system32\FM20ENU.DLL
2006-10-26 14:10 1,190,688 --a------ C:\WINDOWS\system32\FM20.DLL
2006-10-26 13:45 293,376 --a------ C:\WINDOWS\system32\WISPTIS.EXE
2006-10-26 13:45 207,360 --a------ C:\WINDOWS\system32\INKED.DLL


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))




(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MsnMsgr"="\"C:\\Program Files\\MSN Messenger\\MsnMsgr.Exe\" /background"
"Copernic Desktop Search 2"="\"C:\\Program Files\\Copernic Desktop Search 2\\DesktopSearchService.exe\" /tray"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"High Definition Audio Property Page Shortcut"="HDAudPropShortcut.exe"
"ATIPTA"="C:\\Program Files\\ATI Technologies\\ATI Control Panel\\atiptaxx.exe"
"SoundMan"="SOUNDMAN.EXE"
"AlcWzrd"="ALCWZRD.EXE"
"Alcmtr"="ALCMTR.EXE"
"F-Secure Manager"="\"C:\\Program Files\\F-Secure\\Common\\FSM32.EXE\" /splash"
"F-Secure TNB"="\"C:\\Program Files\\F-Secure\\TNB\\TNBUtil.exe\" /CHECKALL /WAITFORSW"
"IMJPMIG8.1"="\"C:\\WINDOWS\\IME\\imjp8_1\\IMJPMIG.EXE\" /Spoil /RemAdvDef /Migration32"
"MSPY2002"="C:\\WINDOWS\\system32\\IME\\PINTLGNT\\ImScInst.exe /SYNC"
"PHIME2002ASync"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /SYNC"
"PHIME2002A"="C:\\WINDOWS\\system32\\IME\\TINTLGNT\\TINTSETP.EXE /IMEName"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"TrueImageMonitor.exe"="C:\\Program Files\\Acronis\\TrueImageHome\\TrueImageMonitor.exe"
"AcronisTimounterMonitor"="C:\\Program Files\\Acronis\\TrueImageHome\\TimounterMonitor.exe"
"Acronis Scheduler2 Service"="\"C:\\Program Files\\Common Files\\Acronis\\Schedule2\\schedhlp.exe\""
"WinPatrol"="C:\\Program Files\\BillP Studios\\WinPatrol\\winpatrol.exe"
"CoolSwitch"="C:\\WINDOWS\\system32\\taskswitch.exe"
"PWRISOVM.EXE"="C:\\Program Files\\PowerISO\\PWRISOVM.EXE"
"WinampAgent"="D:\\Music\\Winamp\\winampa.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,00,01,00,00,00,00,00,00,00,04,00,00,e2,03,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
00,00,04,00,00,40
"RestoredStateInfo"=hex:18,00,00,00,a0,00,00,00,00,00,00,00,80,02,00,00,3a,02,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"CTFMON.EXE"="C:\\WINDOWS\\system32\\CTFMON.EXE"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091
"NoControlPanel"=dword:00000000
"NoNetHood"=dword:00000000
"NoComputersNearMe"=dword:00000000

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\Run]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"dontdisplaylastusername"=dword:00000000
"legalnoticecaption"=""
"legalnoticetext"=""
"shutdownwithoutlogon"=dword:00000001
"undockwithoutlogon"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoControlPanel"=dword:00000000
"NoComputersNearMe"=dword:00000000

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer\run]

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"PostBootReminder"="{7849596a-48ea-486e-8937-a2a3009f31a9}"
"CDBurn"="{fbeb8a05-beee-4442-804e-409d6c4515e9}"
"WebCheck"="{E6FB5E20-DE35-11CF-9C87-00AA005127ED}"
"SysTray"="{35CEC8A3-2BE6-11D2-8773-92E220524153}"
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

Completion time: 06-11-25 11:12:43.67
C:\ComboFix.txt ... 06-11-25 11:12
C:\ComboFix2.txt ... 06-11-25 10:34
  • 0

#13
Metallica
Posted 26 November 2006 - 07:28 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
I can tell that you have installed a lot of software the last month, but I see no sign of malware.

Did you install Daemon Tools?
http://www.greatis.c...%...3##.sys.htm
  • 0

#14
icerider
Posted 28 November 2006 - 12:53 AM

icerider

    Member

  • Topic Starter
  • Member
  • PipPip
  • 90 posts
I tried that, didn't seem to make that big a difference.

Do you have any explanation for why the labels disappear when I go into thumbnail view in My Computer?
  • 0

#15
Metallica
Posted 28 November 2006 - 01:31 AM

Metallica

    Spyware Veteran

  • GeekU Moderator
  • 33,101 posts
Not sure if this makes sense or not, but I found this:

The following file types can be displayed by using the Thumbnail view:
• .bmp (Windows Bitmap files)
• .gif (Graphics Interchange Format files)
• .jpg, .jpeg (Joint Photographic Experts Group files)
• .htm, .html (Hypertext Markup Language files)

http://support.microsoft.com/kb/176882
  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP