Hello,
First of all thanks for your reply
, it would be great if i don´t have any malware in my PC!
I am afraid if some remaining malware from my past win xp installations is still active.
Here are the logs:
Deckard's System Scanner v20071014.68
Run by London Beat on 2008-06-22 16:45:19
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- System Restore --------------------------------------------------------------
Successfully created a Deckard's System Scanner Restore Point.
-- Last 5 Restore Point(s) --
21: 2008-06-22 15:45:34 UTC - RP38 - Deckard's System Scanner Restore Point
20: 2008-06-21 15:53:10 UTC - RP37 - Installed Java 6 Update 6
19: 2008-06-21 15:52:10 UTC - RP36 - Removed Java 6 Update 6
18: 2008-06-21 15:37:30 UTC - RP35 - Installed OpenOffice.org Installer 1.0
17: 2008-06-21 15:35:07 UTC - RP34 - Installed Java 6 Update 6
-- First Restore Point --
1: 2008-06-10 04:02:19 UTC - RP18 - Logitech SetPoint Mouse and Keyboard Device Drivers
Backed up registry hives.
Performed disk cleanup.
System Drive C: has 2.55 GiB (less than 15%) free.-- HijackThis (run as London Beat.exe) -----------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:47:13, on 22/06/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Chaos Software\Chaos 7\alarm.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Timex\Data Link USB\DataLinkLauncher.exe
C:\Documents and Settings\London Beat\Local Settings\Temp\wzb451\uefa-euro_alerts.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\London Beat\Desktop\dss.exe
C:\WINDOWS\system32\wscntfy.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\London Beat.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext =
http://go.microsoft....k/?LinkId=71126O2 - BHO: IE7Pro - {00011268-E188-40DF-A514-835FCD78B1BF} - C:\Program Files\IEPro\iepro.dll
O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe"
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [alarm.exe] "C:\Program Files\Chaos Software\Chaos 7\alarm.exe"
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"
O4 - HKCU\..\Run: [RoboForm] "C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe"
O4 - HKCU\..\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Avisos EURO 2008.lnk = C:\Documents and Settings\London Beat\Local Settings\Temp\wzb451\uefa-euro_alerts.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Orbit.lnk = C:\Program Files\Orbitdownloader\orbitdm.exe
O4 - Global Startup: Timex Data Link USB Launcher.lnk = ?
O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201
O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204
O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203
O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Preencher - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: Salvar Formulários - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra 'Tools' menuitem: IE7Pro Preferences - {0026439F-A980-4f18-8C95-4F1CBBF9C1D8} - C:\Program Files\IEPro\iepro.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\SCIEPlgn.dll
O9 - Extra button: Preencher - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Preencher - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Salvar - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Salvar Formulários - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) -
http://go.microsoft....k/?linkid=39204O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://www.update.mi...b?1213031595984O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{29CC2B01-57B9-4A14-ADDE-43A124E82843}: NameServer = 195.23.129.126,194.79.69.222
O17 - HKLM\System\CS1\Services\Tcpip\..\{29CC2B01-57B9-4A14-ADDE-43A124E82843}: NameServer = 195.23.129.126,194.79.69.222
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
--
End of file - 9904 bytes
-- File Associations -----------------------------------------------------------
.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------
R1 SCDEmu - c:\windows\system32\drivers\scdemu.sys <Not Verified; PowerISO Computing, Inc.; scdemu>
R3 EL2000 (3Com 3C2000x EtherLink XL Adapter) - c:\windows\system32\drivers\el2k_xp.sys <Not Verified; 3Com Corporation; 3Com Gigabit NIC (3C2000 Family)>
S3 catchme - c:\docume~1\london~1\locals~1\temp\catchme.sys (file missing)
-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------
R2 CTAudSvcService (Creative Audio Service) - c:\program files\creative\shared files\ctaudsvc.exe <Not Verified; Creative Technology Ltd; Creative Audio Service>
S3 Creative Audio Engine Licensing Service - "c:\program files\common files\creative labs shared\service\ctaelicensing.exe" <Not Verified; Creative Labs; Creative Audio Engine Licensing Service>
-- Device Manager: Disabled ----------------------------------------------------
No disabled devices found.
-- Scheduled Tasks -------------------------------------------------------------
2008-06-16 00:38:20 1082 --a------ C:\WINDOWS\Tasks\defrag_all2.job
-- Files created between 2008-05-22 and 2008-06-22 -----------------------------
2008-06-22 07:31:30 0 d-------- C:\WINDOWS\Sun
2008-06-22 07:31:29 0 d-------- C:\Documents and Settings\London Beat\Application Data\Sun
2008-06-21 16:53:54 0 d-------- C:\Program Files\Java
2008-06-21 16:53:16 0 d-------- C:\Program Files\Common Files\Java
2008-06-21 16:37:32 0 d-------- C:\Program Files\Sun
2008-06-20 21:38:05 0 d-------- C:\Program Files\AllerCalc
2008-06-20 13:45:04 0 d--h----- C:\WINDOWS\PIF
2008-06-20 13:43:25 0 d-------- C:\Program Files\SizeExplorer Pro 3.8.7
2008-06-20 13:33:57 0 d-------- C:\Program Files\zabkat
2008-06-20 12:49:35 0 d-------- C:\Copia
2008-06-19 14:44:56 0 d-------- C:\Program Files\Flobo Hard Disk Repair
2008-06-18 19:12:27 0 d-------- C:\Documents and Settings\London Beat\Application Data\Help
2008-06-18 18:31:27 0 d-------- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-06-18 18:31:20 0 d-------- C:\Program Files\Security Task Manager
2008-06-18 14:01:47 0 d-------- C:\Program Files\ProcessExplorer
2008-06-17 17:44:52 0 d-------- C:\Program Files\Lavasoft
2008-06-17 17:44:50 0 d-------- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-06-17 01:05:31 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2008-06-17 01:04:56 0 d-------- C:\Program Files\Common Files\Adobe
2008-06-16 22:43:34 0 d-------- C:\WINDOWS\pss
2008-06-16 21:39:22 0 d-------- C:\Program Files\Trend Micro
2008-06-16 20:39:37 0 d-------- C:\Program Files\KeePass Password Safe
2008-06-16 16:06:01 0 d-------- C:\WINDOWS\Easy CD-DA Extractor 11.5.3
2008-06-16 16:06:01 0 d-------- C:\Program Files\Easy CD-DA Extractor 11
2008-06-16 15:46:22 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2008-06-16 15:43:08 0 d-------- C:\WINDOWS\Easy CD-DA Extractor 11.5
2008-06-16 06:50:07 0 d-------- C:\downloads <DOWNLO~1>
2008-06-16 06:50:07 0 d-------- C:\Documents and Settings\London Beat\Application Data\GrabPro
2008-06-16 06:49:44 0 d-------- C:\Documents and Settings\London Beat\Application Data\Orbit
2008-06-16 06:49:23 0 d-------- C:\Program Files\Orbitdownloader
2008-06-16 05:21:59 0 d-------- C:\Program Files\Cryptload
2008-06-16 04:06:46 0 d-------- C:\Documents and Settings\London Beat\Application Data\WinRAR
2008-06-16 01:44:47 0 d-------- C:\Documents and Settings\London Beat\Application Data\IEPro
2008-06-16 01:41:26 0 d-------- C:\Program Files\IEPro
2008-06-16 01:17:43 0 d-------- C:\Program Files\FLV Player
2008-06-16 01:04:46 0 d-------- C:\Program Files\YouTube Downloader
2008-06-15 23:58:19 0 dr-h----- C:\Documents and Settings\London Beat\Recent
2008-06-15 23:47:31 0 d-------- C:\Program Files\CCleaner
2008-06-15 17:49:57 0 d-------- C:\Program Files\PowerISO
2008-06-14 15:04:01 0 d------c- C:\WINDOWS\system32\DRVSTORE
2008-06-14 14:34:59 0 d-------- C:\Program Files\Microsoft Windows OneCare Live
2008-06-13 15:58:14 114688 --a------ C:\WINDOWS\system32\Vbis5032.dll <Not Verified; Software Source; Software Source vbis5032>
2008-06-13 15:58:14 126976 --a------ C:\WINDOWS\system32\Isb.dll
2008-06-13 15:58:13 0 d-------- C:\Program Files\Common Files\Chaos Software
2008-06-13 15:42:38 0 d-------- C:\Program Files\Chaos Software
2008-06-12 21:33:32 0 d-------- C:\Documents and Settings\London Beat\Application Data\Nero
2008-06-11 16:24:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Uniblue
2008-06-11 04:52:49 0 d-------- C:\Program Files\Seagate
2008-06-11 04:36:44 0 d-------- C:\Documents and Settings\London Beat\Application Data\Uniblue
2008-06-11 04:18:45 0 d-------- C:\Program Files\Winamp Desk Band
2008-06-11 04:14:29 0 d-------- C:\Program Files\Winamp
2008-06-11 04:14:29 0 d-------- C:\Documents and Settings\London Beat\Application Data\Winamp
2008-06-11 03:26:03 0 d-------- C:\Documents and Settings\All Users\Application Data\Creative Labs
2008-06-11 01:56:24 0 d-------- C:\Documents and Settings\London Beat\Application Data\OfficeUpdate12
2008-06-11 01:53:40 676224 --a------ C:\WINDOWS\system32\OGACheckControl.dll
2008-06-10 23:10:24 0 d-------- C:\Program Files\Vietcong
2008-06-10 18:15:31 0 d-------- C:\Program Files\HP
2008-06-10 18:04:44 0 d-------- C:\Documents and Settings\London Beat\Application Data\Share-to-Web Upload Folder
2008-06-10 18:02:50 0 d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-06-10 18:02:44 0 d-------- C:\Program Files\Hewlett-Packard
2008-06-10 17:30:16 335 --a------ C:\WINDOWS\mozregistry.dat
2008-06-10 17:29:52 1160 --a------ C:\WINDOWS\mozver.dat
2008-06-10 17:26:54 0 d-------- C:\Documents and Settings\London Beat\dwhelper
2008-06-10 17:07:04 0 d-------- C:\Program Files\MozBackup
2008-06-10 16:58:45 0 d-------- C:\Documents and Settings\All Users\Application Data\RoboForm
2008-06-10 16:57:09 0 d-------- C:\Program Files\Siber Systems
2008-06-10 16:48:34 0 d-------- C:\Documents and Settings\All Users\Application Data\WinZip
2008-06-10 16:41:16 0 d-------- C:\Documents and Settings\London Beat\Application Data\Talkback
2008-06-10 16:41:09 0 --a------ C:\WINDOWS\nsreg.dat
2008-06-10 16:41:06 0 d-------- C:\Documents and Settings\London Beat\Application Data\Mozilla
2008-06-10 15:51:06 0 d-------- C:\Documents and Settings\London Beat\Application Data\Adobe
2008-06-10 15:44:12 0 d-------- C:\Program Files\QuickTime
2008-06-10 15:44:11 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-06-10 15:43:47 0 d-------- C:\Program Files\Apple Software Update
2008-06-10 15:43:47 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-10 05:25:02 0 d-------- C:\Program Files\NeroInstall.bak
2008-06-10 05:19:01 0 d-------- C:\Program Files\Nero
2008-06-10 05:19:01 0 d-------- C:\Program Files\Common Files\Nero
2008-06-10 05:19:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Nero
2008-06-10 05:12:49 717296 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2008-06-10 05:12:48 0 d-------- C:\Documents and Settings\London Beat\Application Data\DAEMON Tools
2008-06-10 05:07:07 0 d-------- C:\Program Files\Common Files\Creative Labs Shared
2008-06-10 05:06:53 0 d-------- C:\Program Files\Creative
2008-06-10 05:06:18 0 d-------- C:\Documents and Settings\All Users\Application Data\Creative
2008-06-10 05:06:17 102400 --a------ C:\WINDOWS\system32\cttele32.dll <Not Verified; Creative Technology Ltd; Creative Common Proxy Stud>
2008-06-10 05:05:39 0 d-------- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-06-10 05:05:25 0 d-------- C:\Program Files\OpenAL
2008-06-10 05:05:15 0 d-------- C:\Documents and Settings\London Beat\Application Data\Logitech
2008-06-10 05:04:46 0 d-------- C:\WINDOWS\system32\Data
2008-06-10 05:01:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Logitech
2008-06-10 05:01:07 0 d-------- C:\Program Files\Common Files\Logishrd
2008-06-10 05:01:04 0 d-------- C:\Program Files\Logitech
2008-06-10 05:01:02 0 d-------- C:\Documents and Settings\London Beat\Application Data\InstallShield
2008-06-10 04:40:36 718 --a------ C:\WINDOWS\system32\tmp.reg
2008-06-10 04:02:17 0 d-------- C:\Documents and Settings\London Beat\Application Data\Google
2008-06-10 04:02:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2008-06-10 03:56:09 0 d-------- C:\Documents and Settings\London Beat\Application Data\ATI
2008-06-10 03:56:09 0 d-------- C:\Documents and Settings\All Users\Application Data\ATI
2008-06-10 03:52:29 0 --a------ C:\WINDOWS\ativpsrm.bin
2008-06-10 03:40:59 0 d-------- C:\WINDOWS\ERUNT
2008-06-10 03:00:53 593920 -----n--- C:\WINDOWS\system32\ati2sgag.exe <Not Verified; ; ATI Smart>
2008-06-10 03:00:27 0 d-------- C:\Program Files\ATI Technologies
2008-06-10 02:57:35 0 d-------- C:\ATI
2008-06-10 02:35:19 0 d-------- C:\Program Files\uTorrent
2008-06-10 02:35:14 0 d-------- C:\Documents and Settings\London Beat\Application Data\uTorrent
2008-06-10 02:08:07 0 d-------- C:\Documents and Settings\London Beat\Application Data\Macromedia
2008-06-10 01:44:55 0 d-------- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-06-10 01:44:50 0 d-------- C:\Program Files\SUPERAntiSpyware
2008-06-10 01:44:50 0 d-------- C:\Documents and Settings\London Beat\Application Data\SUPERAntiSpyware.com
2008-06-10 01:44:36 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-06-10 01:27:15 0 d-------- C:\Documents and Settings\London Beat\Application Data\Malwarebytes
2008-06-10 01:27:13 0 d-------- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-06-10 01:27:12 0 d-------- C:\Program Files\Malwarebytes' Anti-Malware
2008-06-10 00:42:27 68096 --a------ C:\WINDOWS\zip.exe
2008-06-10 00:42:27 49152 --a------ C:\WINDOWS\VFind.exe
2008-06-10 00:42:27 212480 --a------ C:\WINDOWS\swxcacls.exe <Not Verified; SteelWerX; SteelWerX Extended Configurator ACLists>
2008-06-10 00:42:27 136704 --a------ C:\WINDOWS\swsc.exe <Not Verified; SteelWerX; SteelWerX Service Controller>
2008-06-10 00:42:27 161792 --a------ C:\WINDOWS\swreg.exe <Not Verified; SteelWerX; SteelWerX Registry Editor>
2008-06-10 00:42:27 98816 --a------ C:\WINDOWS\sed.exe
2008-06-10 00:42:27 80412 --a------ C:\WINDOWS\grep.exe
2008-06-10 00:42:27 89504 --a------ C:\WINDOWS\fdsv.exe <Not Verified; Smallfrogs Studio; >
2008-06-09 23:41:22 33533 --a------ C:\WINDOWS\system32\CoreVorbis-uninstall.exe
2008-06-09 23:41:18 36734 --a------ C:\WINDOWS\system32\OggDSuninst.exe
2008-06-09 23:41:11 0 d-------- C:\Program Files\ffdshow
2008-06-09 23:40:58 77824 --a------ C:\WINDOWS\system32\MMSwitch.dll
2008-06-09 23:40:58 40960 --a------ C:\WINDOWS\system32\MMAVILNG.exe
2008-06-09 23:40:57 0 d-------- C:\Program Files\Morgan
2008-06-09 23:40:51 0 d-------- C:\Program Files\AC3Filter
2008-06-09 23:40:42 0 d-------- C:\Program Files\XviD
2008-06-09 23:39:34 0 d-------- C:\Program Files\Google
2008-06-09 23:39:30 1890 --ahs---- C:\WINDOWS\system32\KGyGaAvL.sys
2008-06-09 23:39:30 56 -r-hs---- C:\WINDOWS\system32\0C30A3A8B4.sys
2008-06-09 23:39:20 0 d-------- C:\Program Files\DivX
2008-06-09 23:00:05 0 d-------- C:\Program Files\eMule
2008-06-09 20:06:20 0 d-------- C:\Program Files\Windows Media Connect 2
2008-06-09 20:04:54 0 d-------- C:\WINDOWS\system32\LogFiles
2008-06-09 20:04:54 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2008-06-09 20:00:12 0 d-------- C:\WINDOWS\system32\URTTemp
2008-06-09 18:59:05 0 d-------- C:\WINDOWS\Prefetch
2008-06-09 18:49:51 0 d-------- C:\WINDOWS\system32\scripting
2008-06-09 18:49:51 0 d-------- C:\WINDOWS\l2schemas
2008-06-09 18:49:50 0 d-------- C:\WINDOWS\system32\en
2008-06-09 18:49:48 0 d-------- C:\WINDOWS\system32\bits
2008-06-09 18:46:54 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-09 18:44:27 0 d-------- C:\WINDOWS\network diagnostic
2008-06-09 18:42:06 0 d-------- C:\WINDOWS\system32\ReinstallBackups
2008-06-09 18:17:02 0 d-------- C:\WINDOWS\system32\PreInstall
2008-06-09 18:17:00 0 d--h----- C:\WINDOWS\$hf_mig$
2008-06-09 18:13:58 0 d-------- C:\WINDOWS\system32\SoftwareDistribution
2008-06-09 18:13:00 0 d--hs---- C:\Documents and Settings\London Beat\UserData
2008-06-09 17:37:42 0 d--hs---- C:\WINDOWS\Installer
2008-06-09 17:37:41 0 d-------- C:\Program Files\Common Files\ODBC
2008-06-09 17:37:39 0 d-------- C:\Program Files\Common Files\SpeechEngines
2008-06-09 17:37:38 0 dr------- C:\Program Files
2008-06-09 17:37:38 0 d-------- C:\Program Files\Common Files
2008-06-09 17:37:12 0 d--h----- C:\Documents and Settings\Default User\Templates
2008-06-09 17:37:12 0 dr------- C:\Documents and Settings\Default User\Start Menu
2008-06-09 17:37:12 0 dr-h----- C:\Documents and Settings\Default User\SendTo
2008-06-09 17:37:12 0 d--h----- C:\Documents and Settings\Default User\Recent
2008-06-09 17:37:12 0 d--h----- C:\Documents and Settings\Default User\PrintHood
2008-06-09 17:37:12 0 d--h----- C:\Documents and Settings\Default User\NetHood
2008-06-09 17:37:12 0 d-------- C:\Documents and Settings\Default User\My Documents
2008-06-09 17:37:12 0 dr-h----- C:\Documents and Settings\Default User\Local Settings
2008-06-09 17:37:12 0 d-------- C:\Documents and Settings\Default User\Favorites
2008-06-09 17:37:12 0 d-------- C:\Documents and Settings\Default User\Desktop
2008-06-09 17:37:12 0 d---s---- C:\Documents and Settings\Default User\Cookies
2008-06-09 17:37:12 0 d--h----- C:\Documents and Settings\All Users\Templates
2008-06-09 17:37:12 0 dr------- C:\Documents and Settings\All Users\Start Menu
2008-06-09 17:37:12 0 d-------- C:\Documents and Settings\All Users\Favorites
2008-06-09 17:37:12 0 dr------- C:\Documents and Settings\All Users\Documents
2008-06-09 17:37:12 0 d-------- C:\Documents and Settings\All Users\Desktop
2008-06-09 17:35:21 0 d-------- C:\WINDOWS\system32\CatRoot2
2008-06-09 17:35:21 0 d-------- C:\WINDOWS\system32\CatRoot
2008-06-09 17:35:16 0 dr-h----- C:\Documents and Settings\Default User\Application Data
2008-06-09 17:35:16 0 d---s---- C:\Documents and Settings\Default User\Application Data\Microsoft
2008-06-09 17:35:15 0 dr-h----- C:\Documents and Settings\All Users\Application Data
2008-06-09 17:35:15 0 d---s---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-09 17:34:56 0 d--hs---- C:\System Volume Information
2008-06-09 17:34:56 0 d-------- C:\Documents and Settings
2008-06-09 17:31:00 0 dra------ C:\WINDOWS
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\WinSxS
2008-06-09 17:31:00 0 dr------- C:\WINDOWS\Web
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\twain_32
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\wins
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\wbem
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\usmt
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\spool
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\ShellExt
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\Setup
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\ras
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\oobe
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\npp
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\mui
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\inetsrv
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\IME
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\icsxml
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\ias
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\export
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\drivers
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\drivers\etc
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\drivers\disdn
2008-06-09 17:31:00 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\dhcp
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\config
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\3com_dmi
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\3076
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\2052
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1054
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1042
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1041
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1037
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1033
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1031
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1028
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system32\1025
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\system
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\security
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Resources
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\repair
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Provisioning
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\PeerNet
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\pchealth
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\mui
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\msapps
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\msagent
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Media
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\java
2008-06-09 17:31:00 0 d--h----- C:\WINDOWS\inf
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\ime
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Help
2008-06-09 17:31:00 0 dr--s---- C:\WINDOWS\Fonts
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\ehome
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Driver Cache
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Debug
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Cursors
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Connection Wizard
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\Config
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\AppPatch
2008-06-09 17:31:00 0 d-------- C:\WINDOWS\addins
2008-06-09 17:29:48 0 d-------- C:\Program Files\Timex
2008-06-09 17:29:48 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-09 17:29:37 0 d-------- C:\Program Files\Common Files\InstallShield
2008-06-09 17:27:15 0 d-------- C:\Documents and Settings\London Beat\Application Data\Chaos Software
2008-06-09 17:27:15 0 d-------- C:\Documents and Settings\All Users\Application Data\Chaos Software
2008-06-09 17:24:39 96966 --a------ C:\WINDOWS\system32\drivers\klin.dat
2008-06-09 17:24:39 88774 --a------ C:\WINDOWS\system32\drivers\klick.dat
2008-06-09 17:24:20 543008 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-06-09 17:24:20 17222944 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-06-09 17:24:20 0 d-------- C:\Program Files\Kaspersky Lab
2008-06-09 17:24:20 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab
2008-06-09 17:23:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-06-09 17:17:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-09 17:17:56 0 d-------- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2008-06-09 17:08:51 0 d-------- C:\Program Files\Microsoft Works
2008-06-09 17:06:20 0 d-------- C:\WINDOWS\SHELLNEW
2008-06-09 17:06:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-06-09 17:05:28 0 dr-h----- C:\MSOCache
2008-06-09 16:55:12 0 d-------- C:\Documents and Settings\London Beat\Application Data\Identities
2008-06-09 16:54:55 0 d--h----- C:\Documents and Settings\London Beat\Templates
2008-06-09 16:54:55 0 dr------- C:\Documents and Settings\London Beat\Start Menu
2008-06-09 16:54:55 0 dr-h----- C:\Documents and Settings\London Beat\SendTo
2008-06-09 16:54:55 0 d--h----- C:\Documents and Settings\London Beat\PrintHood
2008-06-09 16:54:55 2621440 --ah----- C:\Documents and Settings\London Beat\NTUSER.DAT
2008-06-09 16:54:55 0 d--h----- C:\Documents and Settings\London Beat\NetHood
2008-06-09 16:54:55 0 dr------- C:\Documents and Settings\London Beat\My Documents
2008-06-09 16:54:55 0 d--h----- C:\Documents and Settings\London Beat\Local Settings
2008-06-09 16:54:55 0 dr------- C:\Documents and Settings\London Beat\Favorites
2008-06-09 16:54:55 0 d-------- C:\Documents and Settings\London Beat\Desktop
2008-06-09 16:54:55 0 d--hs---- C:\Documents and Settings\London Beat\Cookies
2008-06-09 16:54:55 0 dr-h----- C:\Documents and Settings\London Beat\Application Data
2008-06-09 16:53:53 0 d-------- C:\WINDOWS\SoftwareDistribution
2008-06-09 16:53:51 0 d---s---- C:\WINDOWS\system32\Microsoft
2008-06-09 16:53:51 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2008-06-09 16:53:51 0 d--h----- C:\Documents and Settings\LocalService\Local Settings
2008-06-09 16:53:51 0 d--hs---- C:\Documents and Settings\LocalService\Cookies
2008-06-09 16:53:51 0 d-------- C:\Documents and Settings\LocalService\Application Data
2008-06-09 16:53:51 0 d---s---- C:\Documents and Settings\LocalService\Application Data\Microsoft
2008-06-09 16:53:33 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2008-06-09 16:53:33 0 d--h----- C:\Documents and Settings\NetworkService\Local Settings
2008-06-09 16:53:33 0 d---s---- C:\Documents and Settings\NetworkService\Cookies
2008-06-09 16:53:33 0 d-------- C:\Documents and Settings\NetworkService\Application Data
2008-06-09 16:53:33 0 d---s---- C:\Documents and Settings\NetworkService\Application Data\Microsoft
2008-06-09 16:50:50 0 d-------- C:\WINDOWS\system32\xircom
2008-06-09 16:50:50 0 d-------- C:\Program Files\microsoft frontpage
2008-06-09 16:50:37 262144 --ah----- C:\Documents and Settings\Default User\NTUSER.DAT
2008-06-09 16:50:26 0 -rahs---- C:\MSDOS.SYS
2008-06-09 16:50:26 0 -rahs---- C:\IO.SYS
2008-06-09 16:50:26 0 --a------ C:\CONFIG.SYS
2008-06-09 16:50:26 0 --a------ C:\AUTOEXEC.BAT
2008-06-09 16:49:33 0 d--hs---- C:\Documents and Settings\All Users\DRM
2008-06-09 16:49:24 0 dr------- C:\WINDOWS\Offline Web Pages
2008-06-09 16:49:24 0 d---s---- C:\WINDOWS\Downloaded Program Files
2008-06-09 16:49:14 0 d--h----- C:\Program Files\WindowsUpdate
2008-06-09 16:48:56 0 d-------- C:\WINDOWS\system32\DirectX
2008-06-09 16:48:29 0 d---s---- C:\WINDOWS\Tasks
2008-06-09 16:48:29 0 d-------- C:\Program Files\Common Files\MSSoap
2008-06-09 16:48:26 0 d-------- C:\WINDOWS\system32\Macromed
2008-06-09 16:48:26 0 d-------- C:\WINDOWS\srchasst
2008-06-09 16:48:20 0 d-------- C:\Program Files\Movie Maker
2008-06-09 16:48:14 0 d-------- C:\WINDOWS\system32\Restore
2008-06-09 16:47:37 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2008-06-09 16:47:23 0 d-------- C:\WINDOWS\Registration
2008-06-09 16:47:16 0 d-------- C:\Program Files\Online Services
2008-06-09 16:47:09 0 d-------- C:\Program Files\Messenger
2008-06-09 16:47:07 0 d-------- C:\Program Files\MSN Gaming Zone
2008-06-09 16:46:35 0 d-------- C:\Program Files\Windows NT
2008-06-09 16:46:31 0 d-------- C:\WINDOWS\system32\MsDtc
2008-06-09 16:46:29 0 d-------- C:\WINDOWS\system32\Com
2008-05-29 00:26:02 524288 --a------ C:\WINDOWS\opuc.dll <Not Verified; Microsoft Corporation; 2007 Microsoft Office system>
-- Find3M Report ---------------------------------------------------------------
2008-06-10 18:15:39 1508 --a------ C:\Documents and Settings\London Beat\Application Data\HPCOM_48BitScanUpdate.log
2008-06-09 17:37:12 62 --ahs---- C:\Documents and Settings\London Beat\Application Data\desktop.ini
2008-05-09 15:29:18 14336 --a------ C:\WINDOWS\system32\a3d.dll <Not Verified; ; a3dx5>
2008-05-09 15:29:00 13312 --a------ C:\WINDOWS\system32\ac3api.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:28:42 2560 --a------ C:\WINDOWS\system32\CtxfiRes.dll <Not Verified; ; CTxfiRes Dynamic Link Library>
2008-05-09 15:28:42 2560 --a------ C:\WINDOWS\CTXFIRES.DLL <Not Verified; ; CTxfiRes Dynamic Link Library>
2008-05-09 15:28:40 39424 --a------ C:\WINDOWS\system32\CTxfiSpk.dll <Not Verified; Creative Technology Ltd; Ctxfispk Dynamic Link Library>
2008-05-09 15:28:40 41984 --a------ C:\WINDOWS\system32\CTxfiBtn.dll <Not Verified; Creative Technology Ltd; CTXFIBTN Dynamic Link Library>
2008-05-09 15:28:38 23040 --a------ C:\WINDOWS\system32\Ctxfihlp.exe <Not Verified; Creative Technology Ltd; CTXfiHlp Application>
2008-05-09 15:24:14 47104 --a------ C:\WINDOWS\system32\CTxfiReg.exe <Not Verified; Creative Technology Ltd; CTXFIREG>
2008-05-09 15:24:12 15360 --a------ C:\WINDOWS\system32\Ct20xspi.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:24:08 1214464 --a------ C:\WINDOWS\system32\CTxfispi.exe <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:15:36 386852 --a------ C:\WINDOWS\system32\ctdnlstr.dat
2008-05-09 15:15:36 51787 --a------ C:\WINDOWS\system32\ctdlang.dat
2008-05-09 15:15:04 201216 --a------ C:\WINDOWS\system32\ctemupia.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:12:16 194560 --a------ C:\WINDOWS\system32\ct_oal.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:12:12 50688 --a------ C:\WINDOWS\system32\ctasio.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:12:10 53248 --a------ C:\WINDOWS\system32\ctdproxy.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:11:46 74240 --a------ C:\WINDOWS\system32\ctosuser.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:11:44 10240 --a------ C:\WINDOWS\system32\sfman32.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:11:42 130560 --a------ C:\WINDOWS\system32\sfms32.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-09 15:11:38 16384 --a------ C:\WINDOWS\system32\regplib.exe
2008-05-09 15:11:36 68608 --a------ C:\WINDOWS\system32\piaproxy.dll <Not Verified; Creative Technology Ltd; E-mu PIA>
2008-05-09 15:08:12 7680 --a------ C:\WINDOWS\system32\enlocstr.exe
2008-05-09 15:08:08 12800 --a------ C:\WINDOWS\system32\killapps.exe <Not Verified; ; killapps>
2008-05-09 15:07:24 36864 --a------ C:\WINDOWS\system32\devreg.dll <Not Verified; Creative Technology Ltd; Creative Audio Product>
2008-05-05 15:17:26 585416 --a------ C:\WINDOWS\system32\APOIM32.exe <Not Verified; Creative Technology Ltd; Creative Audio Processing Object Interface Module>
-- Registry Dump ---------------------------------------------------------------
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [21/01/2008 12:17]
"Kernel and Hardware Abstraction Layer"="KHALMNPR.EXE" [29/02/2008 03:12 C:\WINDOWS\KHALMNPR.Exe]
"CTxfiHlp"="CTXFIHLP.EXE" [09/05/2008 15:28 C:\WINDOWS\system32\Ctxfihlp.exe]
"NeroFilterCheck"="C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe" [28/02/2008 09:59]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 7.0\avp.exe" [08/02/2008 18:36]
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" [27/05/2008 10:50]
"PWRISOVM.EXE"="C:\Program Files\PowerISO\PWRISOVM.EXE" [15/03/2008 00:50]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [11/01/2008 22:16]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [25/03/2008 04:28]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [14/04/2008 01:12]
"alarm.exe"="C:\Program Files\Chaos Software\Chaos 7\alarm.exe" [17/10/2006 17:22]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [10/06/2008 04:02]
"IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe" [28/02/2008 17:07]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [10/06/2008 02:35]
"RoboForm"="C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [10/06/2008 17:04]
"eMuleAutoStart"="C:\Program Files\eMule\emule.exe" [11/05/2008 12:19]
C:\Documents and Settings\London Beat\Start Menu\Programs\Startup\
Avisos EURO 2008.lnk - C:\Documents and Settings\London Beat\Local Settings\Temp\wzb451\uefa-euro_alerts.exe [5/27/2008 1:00:00 AM]
C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe [6/10/2008 5:02:03 AM]
Orbit.lnk - C:\Program Files\Orbitdownloader\orbitdm.exe [6/16/2008 6:49:31 AM]
Timex Data Link USB Launcher.lnk - C:\Program Files\Timex\Data Link USB\DataLinkLauncher.exe [6/9/2008 5:29:48 PM]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"HideLegacyLogonScripts"=0 (0x0)
"HideLogoffScripts"=0 (0x0)
"RunLogonScriptSync"=1 (0x1)
"RunStartupScriptSync"=0 (0x0)
"HideStartupScripts"=0 (0x0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [13/05/2008 10:13 77824]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll 19/04/2007 13:41 294912 C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll 02/05/2008 02:42 72208 c:\Program Files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Share-to-Web Namespace Daemon]
c:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
-- End of Deckard's System Scanner: finished at 2008-06-22 16:50:15 ------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft Windows XP Professional (build 2600) SP 3.0
Architecture: X86; Language: English
CPU 0: Intel® Pentium® 4 CPU 2.80GHz
Percentage of Memory in Use: 31%
Physical Memory (total/avail): 1022.73 MiB / 698.87 MiB
Pagefile Memory (total/avail): 2463.04 MiB / 2063.85 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1913.08 MiB
A: is Removable (No Media)
C: is Fixed (NTFS) - 111.78 GiB total, 2.55 GiB free.
D: is Fixed (NTFS) - 698.63 GiB total, 336.02 GiB free.
E: is CDROM (No Media)
F: is CDROM (CDFS)
G: is CDROM (No Media)
\\.\PHYSICALDRIVE0 - ST3120026AS - 111.79 GiB - 1 partition
\PARTITION0 (bootable) - Installable File System - 111.78 GiB - C:
\\.\PHYSICALDRIVE1 - ST3750640AS - 698.64 GiB - 1 partition
\PARTITION0 (bootable) - Extended w/Extended Int 13 - 698.63 GiB - D:
-- Security Center -------------------------------------------------------------
AUOptions is scheduled to auto-install.
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\London Beat\Application Data
CLASSPATH=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=LONDONBEAT-PC
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\London Beat
LOGONSERVER=\\LONDONBEAT-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\SizeExplorer Pro 3.8.7
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 2 Stepping 9, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0209
ProgramFiles=C:\Program Files
PROMPT=$P$G
QTJAVA=C:\Program Files\QuickTime\QTSystem\QTJava.zip
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\LONDON~1\LOCALS~1\Temp
TMP=C:\DOCUME~1\LONDON~1\LOCALS~1\Temp
USERDOMAIN=LONDONBEAT-PC
USERNAME=London Beat
USERPROFILE=C:\Documents and Settings\London Beat
windir=C:\WINDOWS
-- User Profiles ---------------------------------------------------------------
London Beat
(admin)-- Add/Remove Programs ---------------------------------------------------------
--> C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{17E96A7F-AFE3-4171-87B1-583E376319E8}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{700932B3-A964-4878-82A2-96054622A1F7}\setup.exe" -l0x9 /remove
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9
--> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CC3D3A93-C433-4329-AC3A-7EFC52A332C2}\setup.exe" -l0x9 /remove
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1) --> msiexec /package {90120000-0115-0409-0000-0