Logfile of HijackThis v1.99.1
Scan saved at 2:49:04 PM, on 4/22/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\NMSSvc.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\tp4serv.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\Promon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\clcl4.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\IBM\Bluetooth Software\BTStackServer.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\DOCUME~1\Aika\LOCALS~1\Temp\ckbk.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\HijackThis.exe
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [VIPv3_Auto_Update] C:\WINDOWS\VIPv3\CheckForUpdates.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\VIPv3\VIPhd\vsdrv.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\oryimsvg.dll",setvm
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Intel system tool] C:\WINDOWS\system32\svehost.exe
O4 - HKLM\..\Run: [clcl5] C:\WINDOWS\system32\clcl5.exe
O4 - HKLM\..\RunOnce: [clcl4] command.com /c del C:\WINDOWS\system32\clcl4.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Aika"
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\PopCap Games\LimeWire\LimeWire.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
Full Version: Hijackthis Log: Please Help Diagnose
Welcome to the BleepingComputer HijackThis Logs and Analysis forum pretyaix 
Run 'BitDefender Online Scanner' using Internet Explorer:
http://www.bitdefender.com/scan8/ie.html
Read the 'END USER SOFTWARE LICENSE AGREEMENT' then click 'I agree'.
You'll be prompted to install the activex control,please do so.
Once installed,disable your current antivirus program,then click the 'Click here to scan' button.
The virus signatures will then load.
Once loaded the scan will start.
The scan will take quite some time so please be patient.
Once the scan has finished select the 'Detected Problems' tab.
Click on 'Click here to export scan'.
Save the file as an HTML file to your desktop.
Then click on the saved file and allow it to open with your browser.
Go to 'Edit'/'Select All' then copy and paste that log into your next reply.
*Note*
Don't forget to re-enable your antivirus program.
*****************************
Please download Combofix and save to the desktop:
http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe
Note:
It is important that it is saved directly to your desktop
Close any open browsers.
Double click on combofix.exe and follow the prompts.
When it's finished it will produce a log.
Post the C:\ComboFix.txt into your next reply.
Note:
Do not mouseclick combofix's window whilst it's running.
That may cause the program to freeze/hang.
*****************************
Please go to:
C:\HijackThis\HijackThis.exe
Right click on Hijackthis.exe and select 'Rename', rename it to abc.bat
Double click on abc.bat(which is still Hijackthis.exe),post that log into your next reply please.
Also post the BitDefender Online Scanner log,and the C:\ComboFix.txt
Run 'BitDefender Online Scanner' using Internet Explorer:
http://www.bitdefender.com/scan8/ie.html
Read the 'END USER SOFTWARE LICENSE AGREEMENT' then click 'I agree'.
You'll be prompted to install the activex control,please do so.
Once installed,disable your current antivirus program,then click the 'Click here to scan' button.
The virus signatures will then load.
Once loaded the scan will start.
The scan will take quite some time so please be patient.
Once the scan has finished select the 'Detected Problems' tab.
Click on 'Click here to export scan'.
Save the file as an HTML file to your desktop.
Then click on the saved file and allow it to open with your browser.
Go to 'Edit'/'Select All' then copy and paste that log into your next reply.
*Note*
Don't forget to re-enable your antivirus program.
*****************************
Please download Combofix and save to the desktop:
http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe
Note:
It is important that it is saved directly to your desktop
Close any open browsers.
Double click on combofix.exe and follow the prompts.
When it's finished it will produce a log.
Post the C:\ComboFix.txt into your next reply.
Note:
Do not mouseclick combofix's window whilst it's running.
That may cause the program to freeze/hang.
*****************************
Please go to:
C:\HijackThis\HijackThis.exe
Right click on Hijackthis.exe and select 'Rename', rename it to abc.bat
Double click on abc.bat(which is still Hijackthis.exe),post that log into your next reply please.
Also post the BitDefender Online Scanner log,and the C:\ComboFix.txt
RICHIEUK thank you very much for your time i really appreciate it!
i can't scan my computer to the online scanner you've told me because my ie kept on closing. The popup kept on opening when i try to scan again and it'll closes afterwards.
but here are the logs of the abc.bat and the combofix.
Logfile of HijackThis v1.99.1
Scan saved at 8:54:17 PM, on 4/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\tp4serv.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\Promon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\svehost.exe
C:\WINDOWS\system32\clcl6.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\NMSSvc.exe
C:\Program Files\Actual Reminder 3.0\Actual Reminder.exe
C:\Program Files\IBM\Bluetooth Software\BTStackServer.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\abc.bat.exe
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\snolyoym.dll (file missing)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [VIPv3_Auto_Update] C:\WINDOWS\VIPv3\CheckForUpdates.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\VIPv3\VIPhd\vsdrv.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Intel system tool] C:\WINDOWS\system32\svehost.exe
O4 - HKLM\..\Run: [clcl6] C:\WINDOWS\system32\clcl6.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Actual Reminder.lnk = C:\Program Files\Actual Reminder 3.0\Actual Reminder.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\PopCap Games\LimeWire\LimeWire.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{4FFF7F65-3832-4EC3-82DE-BD8956562185}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C64672F-62A1-4D7A-8417-8D1AC1106306}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A425786-18A9-495D-B10D-AF501AD730BA}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{D19BAA0F-265D-4706-B21E-D5BB62A74ED8}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
===========
i can't scan my computer to the online scanner you've told me because my ie kept on closing. The popup kept on opening when i try to scan again and it'll closes afterwards.
but here are the logs of the abc.bat and the combofix.
Logfile of HijackThis v1.99.1
Scan saved at 8:54:17 PM, on 4/23/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\QCONSVC.EXE
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wwSecure.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\tp4serv.exe
C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\WINDOWS\system32\Promon.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\WINDOWS\system32\taskswitch.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
C:\WINDOWS\vsnpstd3.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\svehost.exe
C:\WINDOWS\system32\clcl6.exe
C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\IBM\Bluetooth Software\BTTray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\NMSSvc.exe
C:\Program Files\Actual Reminder 3.0\Actual Reminder.exe
C:\Program Files\IBM\Bluetooth Software\BTStackServer.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe
C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe
C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\NOTEPAD.EXE
C:\HijackThis\abc.bat.exe
O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\snolyoym.dll (file missing)
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE
O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE
O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor
O4 - HKLM\..\Run: [Promon.exe] Promon.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [VIPv3_Auto_Update] C:\WINDOWS\VIPv3\CheckForUpdates.exe
O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\VIPv3\VIPhd\vsdrv.exe
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Intel system tool] C:\WINDOWS\system32\svehost.exe
O4 - HKLM\..\Run: [clcl6] C:\WINDOWS\system32\clcl6.exe
O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O4 - Startup: Actual Reminder.lnk = C:\Program Files\Actual Reminder 3.0\Actual Reminder.exe
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\PopCap Games\LimeWire\LimeWire.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: BTTray.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{4FFF7F65-3832-4EC3-82DE-BD8956562185}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{8C64672F-62A1-4D7A-8417-8D1AC1106306}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{9A425786-18A9-495D-B10D-AF501AD730BA}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\..\{D19BAA0F-265D-4706-B21E-D5BB62A74ED8}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS1\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O17 - HKLM\System\CS2\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe
O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE
O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE
O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe
===========
"Aika" - 07-04-23 20:45:15 Service Pack 2
ComboFix 07-04-22.6V - Running from: "C:\Documents and Settings\Aika\Desktop\"
(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\opjemcjb.dll
C:\WINDOWS\system32\snolyoym.dll
C:\WINDOWS\system32\qsvyb.bak1
C:\WINDOWS\system32\qsvyb.bak2
C:\WINDOWS\system32\qsvyb.ini
C:\WINDOWS\system32\qsvyb.ini2
C:\WINDOWS\system32\qsvyb.tmp
C:\WINDOWS\system32\byvsq.dll
C:\WINDOWS\system32\tuvuvur.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((( Files Created from 2007-03-23 to 2007-04-23 ))))))))))))))))))))))))))))))))))
2007-04-23 18:35 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-04-23 18:14 204,288 --a------ C:\WINDOWS\system32\clcl6.exe
2007-04-23 17:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
2007-04-23 17:55 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\iolo
2007-04-23 17:39 0 --a------ C:\WINDOWS\system32\UTSCSI.EXE
2007-04-23 17:39 <DIR> d-------- C:\USB Notebook Data
2007-04-23 17:39 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\PLAux
2007-04-23 17:39 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\OTi
2007-04-22 19:59 <DIR> d-------- C:\Program Files\Music Challenge
2007-04-22 18:57 <DIR> d-------- C:\Program Files\Actual Reminder 3.0
2007-04-22 18:57 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Actual Reminder
2007-04-22 18:38 <DIR> d-------- C:\Program Files\Stardock
2007-04-22 18:38 <DIR> d-------- C:\Program Files\Common Files\Stardock
2007-04-22 14:26 <DIR> d-------- C:\HijackThis
2007-04-21 01:17 34,816 --a------ C:\WINDOWS\system32\svehost.exe
2007-04-20 17:02 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-04-20 16:52 <DIR> d-------- C:\Program Files\GameHouse
2007-04-20 16:51 <DIR> d-------- C:\Program Files\PopCap Games
2007-04-20 16:47 <DIR> d-------- C:\Program Files\mIRC
2007-04-20 00:00 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2007-04-19 23:58 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2007-04-19 23:58 <DIR> d-------- C:\Program Files\QuickTime
2007-04-19 23:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
2007-04-19 23:35 <DIR> d-------- C:\DOCUME~1\Aika\Incomplete
2007-04-19 23:34 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\LimeWire
2007-04-19 19:59 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-17 22:43 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2007-04-17 22:43 165,376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2007-04-17 22:03 <DIR> d-------- C:\Program Files\SEGA
2007-04-17 21:37 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\SEGA
2007-04-16 17:47 133 --a------ C:\DOCUME~1\Aika\same.scr
2007-04-16 15:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
2007-04-16 15:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
2007-04-16 15:21 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\PlayFirst
2007-04-16 15:20 <DIR> d-------- C:\Program Files\Diner Dash Flo on the Go
2007-04-15 20:43 45,056 --a------ C:\WINDOWS\NCUNINST.EXE
2007-04-15 20:42 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2007-04-15 20:38 13,261 --a------ C:\DOCUME~1\Aika\block130.dat
2007-04-15 20:38 12 --a------ C:\DOCUME~1\Aika\block130.sys
2007-04-14 18:20 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Image Zone Express
2007-04-14 18:01 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\HP
2007-04-14 18:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
2007-04-14 17:51 <DIR> d-------- C:\Program Files\Common Files\HP
2007-04-14 17:46 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-04-14 17:45 48,640 --a------ C:\WINDOWS\system32\hpzll4pi.dll
2007-04-14 17:41 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-04-14 17:41 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-04-14 17:41 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-04-14 17:41 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-04-14 17:41 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-04-14 17:41 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-04-14 17:38 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-04-14 17:38 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-04-14 17:37 <DIR> d-------- C:\Program Files\HP
2007-04-14 17:36 14,916 --------- C:\WINDOWS\hphmdl12.dat
2007-04-14 17:36 123,979 --a------ C:\WINDOWS\HPHins12.dat
2007-04-13 21:20 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-04-13 21:18 94,208 --a------ C:\WINDOWS\amcap.exe
2007-04-13 21:18 61,440 --a------ C:\WINDOWS\system32\csnpstd3.dll
2007-04-13 21:18 57,344 --a------ C:\WINDOWS\system32\rsnpstd3.dll
2007-04-13 21:18 498,432 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys
2007-04-13 21:18 36,864 --a------ C:\WINDOWS\system32\vsnpstd3.dll
2007-04-13 21:18 339,968 --a------ C:\WINDOWS\vsnpstd3.exe
2007-04-13 21:18 20,480 --a------ C:\WINDOWS\usnpstd3.exe
2007-04-13 21:18 <DIR> d-------- C:\Program Files\Common Files\snpstd3
2007-04-12 10:43 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-12 10:42 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2007-04-12 10:42 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\TuneUp Software
2007-04-12 10:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-12 10:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-04-12 09:55 <DIR> d-------- C:\Program Files\ChikkaV4
2007-04-12 09:41 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Spyware Terminator
2007-04-11 21:41 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-04-10 23:45 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-04-10 23:45 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-04-10 23:45 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-04-10 19:54 <DIR> d-------- C:\WINDOWS\pss
2007-04-10 19:20 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Help
2007-04-10 17:37 <DIR> d---s---- C:\DOCUME~1\Aika\UserData
2007-04-10 12:50 <DIR> d-------- C:\DOCUME~1\Guest\APPLIC~1\IBM
2007-04-10 12:48 643,072 --a------ C:\DOCUME~1\Guest\NTUSER.DAT
2007-04-10 12:48 <DIR> d-------- C:\DOCUME~1\Guest\Bluetooth Software
2007-04-10 09:32 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-04-10 09:27 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-10 09:27 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Talkback
2007-04-10 08:44 20 --a------ C:\WINDOWS\popcinfo.dat
2007-04-10 07:52 <DIR> d-------- C:\Program Files\Common Files\DirectX
2007-04-10 04:30 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-10 04:30 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-10 04:30 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-10 04:30 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-10 04:30 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-10 04:30 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-10 04:30 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-10 04:30 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-10 04:30 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-10 04:30 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-10 04:30 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-10 04:30 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-10 04:29 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2007-04-10 04:29 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2007-04-10 04:29 82,432 --a------ C:\WINDOWS\system32\tp4mon.exe
2007-04-10 04:29 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2007-04-10 04:29 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-10 04:29 42,496 --a------ C:\WINDOWS\system32\tp4res.dll
2007-04-10 04:29 31,744 --a------ C:\WINDOWS\system32\tp4.dll
2007-04-10 04:29 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2007-04-10 04:29 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2007-04-10 04:29 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2007-04-10 04:29 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2007-04-10 04:29 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys
2007-04-10 04:29 14,080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2007-04-10 04:29 117,760 --a------ C:\WINDOWS\system32\drivers\e100b325.sys
2007-04-10 04:29 11,520 --a------ C:\WINDOWS\system32\drivers\TwoTrack.sys
2007-04-10 04:28 96,256 --a------ C:\WINDOWS\system32\drivers\ac97intc.sys
2007-04-10 04:28 802,683 --a------ C:\WINDOWS\system32\drivers\LTSM.sys
2007-04-10 04:28 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-10 04:28 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-10 04:28 42,368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2007-04-10 04:28 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-10 04:28 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-10 04:27 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-10 04:27 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-04-10 04:27 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-10 04:27 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-10 04:27 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-10 04:27 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-10 04:27 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-10 04:27 70,656 --a------ C:\WINDOWS\notepad.exe
2007-04-10 04:27 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-04-10 04:27 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-10 04:27 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-10 04:27 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-10 04:27 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-10 04:27 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-10 04:27 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-10 04:27 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-10 04:27 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-10 04:27 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-10 04:27 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-10 04:27 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-10 04:27 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-10 04:27 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-10 04:27 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-10 04:27 <DIR> dr------- C:\Program Files
2007-04-10 04:27 <DIR> d--hs---- C:\WINDOWS\Installer
2007-04-10 04:27 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-10 04:27 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-10 04:26 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2007-04-10 04:26 <DIR> d--hs---- C:\System Volume Information
2007-04-10 04:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-10 04:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-10 04:26 <DIR> d-------- C:\Documents and Settings
2007-04-10 04:21 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-04-10 04:21 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-04-10 04:21 <DIR> dr------- C:\WINDOWS\Web
2007-04-10 04:21 <DIR> d--h----- C:\WINDOWS\inf
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\security
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Resources
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\repair
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Provisioning
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\PeerNet
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\pchealth
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\mui
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\msapps
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\msagent
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Media
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\ime
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Help
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\ehome
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Debug
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Config
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\addins
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS
2007-04-10 00:35 <DIR> d-------- C:\Program Files\ibmhelp
2007-04-10 00:35 <DIR> d-------- C:\icons
2007-04-10 00:35 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\IBM
2007-04-10 00:27 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-04-10 00:27 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-04-09 23:58 <DIR> d-------- C:\Program Files\vanBasco's Karaoke Player
2007-04-09 23:32 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\CyberLink
2007-04-09 22:11 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-04-09 22:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
2007-04-09 22:07 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-04-09 22:07 53,760 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll
2007-04-09 22:07 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-04-09 22:07 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-04-09 22:07 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-04-09 22:07 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-04-09 22:07 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-04-09 22:07 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-04-09 22:06 82,148 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys
2007-04-09 22:06 77,824 -ra------ C:\WINDOWS\system32\drivers\SioUi2k.dll
2007-04-09 22:06 7,680 --a------ C:\WINDOWS\system32\btinstall.dll
2007-04-09 22:06 63,488 -ra------ C:\WINDOWS\system32\drivers\wssbtr1f.sys
2007-04-09 22:06 61,312 --a------ C:\WINDOWS\system32\drivers\VComm.sys
2007-04-09 22:06 51,169 -ra------ C:\WINDOWS\system32\drivers\OXSER.SYS
2007-04-09 22:06 49,152 --a------ C:\WINDOWS\system32\btfunc.dll
2007-04-09 22:06 48,556 -ra------ C:\WINDOWS\system32\drivers\SktBt2k.sys
2007-04-09 22:06 48,076 -ra------ C:\WINDOWS\system32\drivers\Sio9502k.sys
2007-04-09 22:06 40,960 -ra------ C:\WINDOWS\system32\drivers\SCTray.exe
2007-04-09 22:06 28,271 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys
2007-04-09 22:06 23,000 --a------ C:\WINDOWS\system32\drivers\btcusb.sys
2007-04-09 22:06 20,480 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys
2007-04-09 22:06 148,830 --a------ C:\WINDOWS\system32\drivers\bcbthub.sys
2007-04-09 22:06 13,304 --a------ C:\WINDOWS\system32\drivers\BTNetFilter.sys
2007-04-09 22:06 116,021 --a------ C:\WINDOWS\system32\drivers\fw203x.sys
2007-04-09 22:06 11,860 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys
2007-04-09 22:06 11,736 --a------ C:\WINDOWS\system32\drivers\VHIDMini.sys
2007-04-09 22:06 10,804 --a------ C:\WINDOWS\system32\drivers\BtNetDrv.sys
2007-04-09 22:06 <DIR> d-------- C:\Program Files\IVT Corporation
2007-04-09 21:42 <DIR> d-------- C:\WINDOWS\Options
2007-04-09 21:40 <DIR> d--hs---- C:\RECYCLER
2007-04-09 21:39 138 --a------ C:\WINDOWS\system32\VIPuninstall.bat
2007-04-09 21:32 7,152,585 --a------ C:\WINDOWS\system32\VIPv3_EXT.dll
2007-04-09 21:32 <DIR> d-------- C:\WINDOWS\VIPv3
2007-04-09 21:27 77,824 --a------ C:\WINDOWS\system32\StartupCPL.exe
2007-04-09 21:27 696,320 --a------ C:\WINDOWS\system32\americanflag.scr
2007-04-09 21:27 641,824 --a------ C:\WINDOWS\system32\valentines.scr
2007-04-09 21:27 291,840 --a------ C:\WINDOWS\system32\Bliss.scr
2007-04-09 21:27 176,128 --a------ C:\WINDOWS\system32\Bliss.exe
2007-04-09 21:27 1,634,304 --a------ C:\WINDOWS\system32\3dwindowsxp.scr
2007-04-09 21:26 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2007-04-09 21:26 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-04-09 21:24 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2007-04-09 21:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
2007-04-09 21:23 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-04-09 21:23 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-04-09 21:23 <DIR> d-------- C:\Program Files\CyberLink
2007-04-09 21:22 57,344 --a------ C:\WINDOWS\Unwash6.exe
2007-04-09 21:22 486,400 --a------ C:\WINDOWS\system32\wwSecure.exe
2007-04-09 21:22 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-04-09 21:22 <DIR> d-------- C:\Program Files\Webroot
2007-04-09 21:22 <DIR> d-------- C:\Program Files\Common Files\Webroot Shared
2007-04-09 21:22 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Webroot
2007-04-09 21:21 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-04-09 21:20 <DIR> d-------- C:\Program Files\Yahoo!
2007-04-09 21:20 <DIR> d-------- C:\Program Files\Winamp
2007-04-09 21:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
2007-04-09 21:17 <DIR> d-------- C:\Program Files\Foxit Software
2007-04-09 21:15 87,037 --a------ C:\WINDOWS\AGRSMMSG.exe
2007-04-09 21:15 57,856 --a------ C:\WINDOWS\agrsmdel.exe
2007-04-09 21:15 1,112,096 --a------ C:\WINDOWS\system32\drivers\AGRSM.sys
2007-04-09 21:15 <DIR> dr-h----- C:\MSOCache
2007-04-09 21:11 720,896 --a------ C:\WINDOWS\system32\a3d.dll
2007-04-09 21:11 500,648 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
2007-04-09 21:11 45,056 --a------ C:\WINDOWS\system32\DSndUp.exe
2007-04-09 21:11 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2007-04-09 21:11 4,816 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys
2007-04-09 21:11 3,744 --a------ C:\WINDOWS\system32\drivers\smsens.sys
2007-04-09 21:11 2,619 --a------ C:\WINDOWS\system32\drivers\sensupgd.sys
2007-04-09 21:11 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-09 21:11 <DIR> d-------- C:\Program Files\Analog Devices
2007-04-09 21:08 9,644 --a------ C:\WINDOWS\system32\drivers\NMSCFG.SYS
2007-04-09 21:08 61,440 --a------ C:\WINDOWS\system32\PROMON.EXE
2007-04-09 21:08 59,152 --a------ C:\WINDOWS\system32\drivers\IANSW2K.SYS
2007-04-09 21:08 36,864 --a------ C:\WINDOWS\system32\NMSSVCPS.DLL
2007-04-09 21:08 317,952 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2007-04-09 21:08 24,778 --a------ C:\WINDOWS\system32\drivers\NMSDD.SYS
2007-04-09 21:08 20,480 --a------ C:\WINDOWS\system32\NMSMSG.DLL
2007-04-09 21:08 147,456 --a------ C:\WINDOWS\system32\PRONTOBJ.DLL
2007-04-09 21:08 147,456 --a------ C:\WINDOWS\system32\NMSAPI.DLL
2007-04-09 21:08 1,081,344 --a------ C:\WINDOWS\system32\NMSSVC.EXE
2007-04-09 21:08 <DIR> d-------- C:\Program Files\Intel
2007-04-09 21:07 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-09 21:07 184,320 --a------ C:\WINDOWS\TPBATHLP.EXE
2007-04-09 21:07 13,824 --a------ C:\WINDOWS\system32\drivers\SMAPINT.SYS
2007-04-09 21:07 12,288 --a------ C:\WINDOWS\system32\drivers\TPPWR.SYS
2007-04-09 21:05 <DIR> d-------- C:\DOCUME~1\Aika\Bluetooth Software
2007-04-09 21:02 <DIR> d-------- C:\Program Files\IBM
2007-04-09 21:01 40,960 --a------ C:\WINDOWS\system32\QCONSVC.EXE
2007-04-09 21:01 2,295 --a------ C:\WINDOWS\system32\drivers\IBMBLDID.SYS
2007-04-09 21:01 <DIR> d-------- C:\Program Files\ThinkPad
2007-04-09 20:56 4,557 --------- C:\WINDOWS\system32\atiicdxx.sys
2007-04-09 20:56 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-09 20:56 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-09 20:51 12,605 --a------ C:\WINDOWS\system32\drivers\TPHKDRV.sys
2007-04-09 20:50 98,304 --a------ C:\WINDOWS\system32\atiiprxx.exe
2007-04-09 20:50 94,208 --a------ C:\WINDOWS\system32\atiprbxx.exe
2007-04-09 20:50 94,208 --a------ C:\WINDOWS\system32\atippaxx.dll
2007-04-09 20:50 73,728 --a------ C:\WINDOWS\system32\Oemdspif.dll
2007-04-09 20:50 61,440 --a------ C:\WINDOWS\system32\atiphexx.exe
2007-04-09 20:50 580,279 --a------ C:\WINDOWS\system32\ati3duag.dll
2007-04-09 20:50 45,056 --a------ C:\WINDOWS\system32\atiicpxx.dll
2007-04-09 20:50 331,863 --a------ C:\WINDOWS\system32\atiicdxx.dll
2007-04-09 20:50 32,768 --a------ C:\WINDOWS\system32\atitvo32.dll
2007-04-09 20:50 3,080,274 --a------ C:\WINDOWS\system32\atioglxx.dll
2007-04-09 20:50 286,720 --a------ C:\WINDOWS\system32\atiptaxx.exe
2007-04-09 20:50 253,952 --a------ C:\WINDOWS\system32\atiiiexx.dll
2007-04-09 20:50 208,972 --a------ C:\WINDOWS\system32\atipdsxx.dll
2007-04-09 20:50 1,126,400 --a------ C:\WINDOWS\system32\atipuixx.dll
2007-04-09 20:49 932,761 --a------ C:\WINDOWS\system32\ati3d2ag.dll
2007-04-09 20:49 88,064 --a------ C:\WINDOWS\system32\drivers\PCX504.sys
2007-04-09 20:49 852,377 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-04-09 20:49 456,192 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-09 20:49 28,672 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2007-04-09 20:49 215,424 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-04-09 20:49 131,072 --a------ C:\WINDOWS\system32\ati2evxx.exe
2007-04-09 20:45 3,145,728 --ah----- C:\DOCUME~1\Aika\NTUSER.DAT
2007-04-09 20:44 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-04-09 20:44 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-04-09 20:44 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-09 20:43 225,280 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-04-09 20:37 225,280 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-04-09 20:37 0 -rahs---- C:\MSDOS.SYS
2007-04-09 20:37 0 -rahs---- C:\IO.SYS
2007-04-09 20:37 0 --a------ C:\CONFIG.SYS
2007-04-09 20:37 0 --a------ C:\AUTOEXEC.BAT
2007-04-09 20:37 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-09 20:37 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-09 20:36 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-09 20:35 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-04-09 20:35 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-04-09 20:35 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-04-09 20:35 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-09 20:35 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-09 20:34 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-09 20:34 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-09 20:34 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-09 20:34 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-09 20:34 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-09 20:34 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-09 20:34 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-09 20:34 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-09 20:34 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-09 20:34 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-09 20:34 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-09 20:34 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-09 20:34 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-09 20:34 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-09 20:34 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-09 20:34 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-09 20:34 394,752 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-09 20:34 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-09 20:34 36,864 --a------ C:\WINDOWS\system32\wups.dll
2007-04-09 20:34 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-09 20:34 331,776 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-09 20:34 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-09 20:34 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-09 20:34 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-09 20:34 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-09 20:34 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-09 20:34 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-09 20:34 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-09 20:34 22,528 --a------ C:\WINDOWS\system32\fltMc.exe
2007-04-09 20:34 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-09 20:34 183,296 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-09 20:34 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-09 20:34 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-09 20:34 165,888 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-09 20:34 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-09 20:34 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-09 20:34 124,800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-04-09 20:34 120,320 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-09 20:34 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-09 20:34 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-09 20:34 112,640 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-09 20:34 112,640 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-09 20:34 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-09 20:34 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-09 20:34 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-09 20:34 <DIR> d---s---- C:\WINDOWS\Tasks
2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-09 20:34 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-09 20:34 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-09 20:33 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-09 20:33 <DIR> d-------- C:\WINDOWS\Registration
2007-04-09 20:33 <DIR> d-------- C:\Program Files\Online Services
2007-04-09 20:32 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-09 20:32 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-09 20:32 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-09 20:32 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-09 20:32 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-09 20:32 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-09 20:32 83,456 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-09 20:32 82,432 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-09 20:32 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-09 20:32 72,704 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-09 20:32 717,312 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-09 20:32 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-09 20:32 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-09 20:32 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-09 20:32 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-09 20:32 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-09 20:32 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-09 20:32 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-09 20:32 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-09 20:32 59,904 --a------ C:\WINDOWS\system32\sol.exe
2007-04-09 20:32 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-09 20:32 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-09 20:32 58,368 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-09 20:32 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-09 20:32 542,720 --a------ C:\WINDOWS\system32\spider.exe
2007-04-09 20:32 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-09 20:32 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-09 20:32 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-09 20:32 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-04-09 20:32 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-09 20:32 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-09 20:32 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-09 20:32 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-09 20:32 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-09 20:32 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-09 20:32 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-09 20:32 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-09 20:32 360,960 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-09 20:32 345,088 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-09 20:32 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-09 20:32 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-09 20:32 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-09 20:32 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-09 20:32 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-09 20:32 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-09 20:32 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-09 20:32 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-09 20:32 20,992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-09 20:32 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-09 20:32 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-09 20:32 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-09 20:32 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-09 20:32 186,368 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-09 20:32 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-09 20:32 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-09 20:32 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-09 20:32 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-09 20:32 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-09 20:32 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-09 20:32 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-09 20:32 159,232 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-09 20:32 158,720 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-09 20:32 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-09 20:32 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-09 20:32 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-09 20:32 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-09 20:32 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-09 20:32 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-09 20:32 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-09 20:32 130,560 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-09 20:32 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-09 20:32 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-09 20:32 122,880 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-09 20:32 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-09 20:32 117,760 --a------ C:\WINDOWS\system32\calc.exe
2007-04-09 20:32 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-09 20:32 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-09 20:32 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-09 20:32 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-09 20:32 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-09 20:32 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-09 20:32 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-09 20:32 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-09 20:32 <DIR> d-------- C:\Program Files\Windows NT
2007-04-09 20:32 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-09 20:32 <DIR> d-------- C:\Program Files\Messenger
2007-04-09 18:55 8,192 --a------ C:\WINDOWS\system32\drivers\ibmpmdrv.sys
2007-04-09 18:55 57,344 --a------ C:\WINDOWS\system32\tp4unins.exe
2007-04-09 18:55 53,248 --a------ C:\WINDOWS\system32\ibmpmsvc.exe
2007-04-09 18:55 48,640 --a------ C:\WINDOWS\system32\tp4ui.dll
2007-04-09 18:55 3,943 --a------ C:\WINDOWS\system32\tp4table.dat
2007-04-09 18:55 14,096 --a------ C:\WINDOWS\system32\drivers\tp4track.sys
2007-04-09 18:55 114,176 --a------ C:\WINDOWS\system32\tp4uires.dll
2007-04-09 18:55 110,592 --a------ C:\WINDOWS\system32\tp4serv.exe
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-04-17 22:12 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-04-10 04:26 62 --ahs---- C:\DOCUME~1\Aika\APPLIC~1\desktop.ini
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{1557B435-8242-4686-9AA3-9265BF7525A4} C:\WINDOWS\system32\snolyoym.dll [x]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"TrackPointSrv"="tp4serv.exe"
"ATIModeChange"="Ati2mdxx.exe"
"QCTRAY"="C:\\Program Files\\ThinkPad\\ConnectUtilities\\QCTRAY.EXE"
"QCWLICON"="C:\\Program Files\\ThinkPad\\ConnectUtilities\\QCWLICON.EXE"
"BMMGAG"="RunDll32 C:\\PROGRA~1\\ThinkPad\\UTILIT~1\\pwrmonit.dll,StartPwrMonitor"
"Promon.exe"="Promon.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"CoolSwitch"="C:\\WINDOWS\\system32\\taskswitch.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"VIPv3_Auto_Update"="C:\\WINDOWS\\VIPv3\\CheckForUpdates.exe"
"Vistadrv"="C:\\WINDOWS\\VIPv3\\VIPhd\\vsdrv.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TPHOTKEY"="C:\\PROGRA~1\\ThinkPad\\PkgMgr\\HOTKEY\\TPHKMGR.exe"
"snpstd3"="C:\\WINDOWS\\vsnpstd3.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"VisualTooltip"="C:\\WINDOWS\\VIPv3\\VIPtooltip\\VisualToolTip.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Intel system tool"="C:\\WINDOWS\\system32\\svehost.exe"
"clcl6"="C:\\WINDOWS\\system32\\clcl6.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSaveSettings"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f50b9d0-ee0e-11db-93a8-101111111111}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f50b9d1-ee0e-11db-93a8-101111111111}]
Shell\AutoRun\command G:\USBNB.exe
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\BMMTask.job
********************************************************************
catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-04-23 20:50:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-04-23 20:50:18 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 07-04-23 20:50
ComboFix 07-04-22.6V - Running from: "C:\Documents and Settings\Aika\Desktop\"
(((((((((((((((((((((((((((((((((((((((((((((((((( V Log )))))))))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\opjemcjb.dll
C:\WINDOWS\system32\snolyoym.dll
C:\WINDOWS\system32\qsvyb.bak1
C:\WINDOWS\system32\qsvyb.bak2
C:\WINDOWS\system32\qsvyb.ini
C:\WINDOWS\system32\qsvyb.ini2
C:\WINDOWS\system32\qsvyb.tmp
C:\WINDOWS\system32\byvsq.dll
C:\WINDOWS\system32\tuvuvur.dll
* * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
((((((((((((((((((((((((((((((( Files Created from 2007-03-23 to 2007-04-23 ))))))))))))))))))))))))))))))))))
2007-04-23 18:35 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-04-23 18:14 204,288 --a------ C:\WINDOWS\system32\clcl6.exe
2007-04-23 17:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo
2007-04-23 17:55 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\iolo
2007-04-23 17:39 0 --a------ C:\WINDOWS\system32\UTSCSI.EXE
2007-04-23 17:39 <DIR> d-------- C:\USB Notebook Data
2007-04-23 17:39 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\PLAux
2007-04-23 17:39 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\OTi
2007-04-22 19:59 <DIR> d-------- C:\Program Files\Music Challenge
2007-04-22 18:57 <DIR> d-------- C:\Program Files\Actual Reminder 3.0
2007-04-22 18:57 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Actual Reminder
2007-04-22 18:38 <DIR> d-------- C:\Program Files\Stardock
2007-04-22 18:38 <DIR> d-------- C:\Program Files\Common Files\Stardock
2007-04-22 14:26 <DIR> d-------- C:\HijackThis
2007-04-21 01:17 34,816 --a------ C:\WINDOWS\system32\svehost.exe
2007-04-20 17:02 <DIR> d-------- C:\WINDOWS\system32\NtmsData
2007-04-20 16:52 <DIR> d-------- C:\Program Files\GameHouse
2007-04-20 16:51 <DIR> d-------- C:\Program Files\PopCap Games
2007-04-20 16:47 <DIR> d-------- C:\Program Files\mIRC
2007-04-20 00:00 86,016 --a------ C:\WINDOWS\unvise32qt.exe
2007-04-19 23:58 <DIR> d-------- C:\WINDOWS\system32\QuickTime
2007-04-19 23:58 <DIR> d-------- C:\Program Files\QuickTime
2007-04-19 23:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime
2007-04-19 23:35 <DIR> d-------- C:\DOCUME~1\Aika\Incomplete
2007-04-19 23:34 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\LimeWire
2007-04-19 19:59 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-17 22:43 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys
2007-04-17 22:43 165,376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys
2007-04-17 22:03 <DIR> d-------- C:\Program Files\SEGA
2007-04-17 21:37 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\SEGA
2007-04-16 17:47 133 --a------ C:\DOCUME~1\Aika\same.scr
2007-04-16 15:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia
2007-04-16 15:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst
2007-04-16 15:21 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\PlayFirst
2007-04-16 15:20 <DIR> d-------- C:\Program Files\Diner Dash Flo on the Go
2007-04-15 20:43 45,056 --a------ C:\WINDOWS\NCUNINST.EXE
2007-04-15 20:42 <DIR> d-------- C:\Program Files\Common Files\SWF Studio
2007-04-15 20:38 13,261 --a------ C:\DOCUME~1\Aika\block130.dat
2007-04-15 20:38 12 --a------ C:\DOCUME~1\Aika\block130.sys
2007-04-14 18:20 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Image Zone Express
2007-04-14 18:01 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\HP
2007-04-14 18:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP
2007-04-14 17:51 <DIR> d-------- C:\Program Files\Common Files\HP
2007-04-14 17:46 <DIR> d-------- C:\Program Files\Hewlett-Packard
2007-04-14 17:45 48,640 --a------ C:\WINDOWS\system32\hpzll4pi.dll
2007-04-14 17:41 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll
2007-04-14 17:41 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe
2007-04-14 17:41 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe
2007-04-14 17:41 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll
2007-04-14 17:41 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll
2007-04-14 17:41 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll
2007-04-14 17:38 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys
2007-04-14 17:38 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-04-14 17:37 <DIR> d-------- C:\Program Files\HP
2007-04-14 17:36 14,916 --------- C:\WINDOWS\hphmdl12.dat
2007-04-14 17:36 123,979 --a------ C:\WINDOWS\HPHins12.dat
2007-04-13 21:20 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-04-13 21:18 94,208 --a------ C:\WINDOWS\amcap.exe
2007-04-13 21:18 61,440 --a------ C:\WINDOWS\system32\csnpstd3.dll
2007-04-13 21:18 57,344 --a------ C:\WINDOWS\system32\rsnpstd3.dll
2007-04-13 21:18 498,432 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys
2007-04-13 21:18 36,864 --a------ C:\WINDOWS\system32\vsnpstd3.dll
2007-04-13 21:18 339,968 --a------ C:\WINDOWS\vsnpstd3.exe
2007-04-13 21:18 20,480 --a------ C:\WINDOWS\usnpstd3.exe
2007-04-13 21:18 <DIR> d-------- C:\Program Files\Common Files\snpstd3
2007-04-12 10:43 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-12 10:42 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2007-04-12 10:42 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\TuneUp Software
2007-04-12 10:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-12 10:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-04-12 09:55 <DIR> d-------- C:\Program Files\ChikkaV4
2007-04-12 09:41 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Spyware Terminator
2007-04-11 21:41 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-04-10 23:45 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-04-10 23:45 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-04-10 23:45 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-04-10 19:54 <DIR> d-------- C:\WINDOWS\pss
2007-04-10 19:20 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Help
2007-04-10 17:37 <DIR> d---s---- C:\DOCUME~1\Aika\UserData
2007-04-10 12:50 <DIR> d-------- C:\DOCUME~1\Guest\APPLIC~1\IBM
2007-04-10 12:48 643,072 --a------ C:\DOCUME~1\Guest\NTUSER.DAT
2007-04-10 12:48 <DIR> d-------- C:\DOCUME~1\Guest\Bluetooth Software
2007-04-10 09:32 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-04-10 09:27 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-10 09:27 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Talkback
2007-04-10 08:44 20 --a------ C:\WINDOWS\popcinfo.dat
2007-04-10 07:52 <DIR> d-------- C:\Program Files\Common Files\DirectX
2007-04-10 04:30 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-10 04:30 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-10 04:30 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-10 04:30 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-10 04:30 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-10 04:30 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-10 04:30 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-10 04:30 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-10 04:30 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-10 04:30 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-10 04:30 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-10 04:30 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-10 04:29 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys
2007-04-10 04:29 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys
2007-04-10 04:29 82,432 --a------ C:\WINDOWS\system32\tp4mon.exe
2007-04-10 04:29 8,192 --a------ C:\WINDOWS\system32\wshirda.dll
2007-04-10 04:29 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-10 04:29 42,496 --a------ C:\WINDOWS\system32\tp4res.dll
2007-04-10 04:29 31,744 --a------ C:\WINDOWS\system32\tp4.dll
2007-04-10 04:29 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys
2007-04-10 04:29 27,136 --a------ C:\WINDOWS\system32\irmon.dll
2007-04-10 04:29 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys
2007-04-10 04:29 152,576 --a------ C:\WINDOWS\system32\irftp.exe
2007-04-10 04:29 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys
2007-04-10 04:29 14,080 --a------ C:\WINDOWS\system32\drivers\battc.sys
2007-04-10 04:29 117,760 --a------ C:\WINDOWS\system32\drivers\e100b325.sys
2007-04-10 04:29 11,520 --a------ C:\WINDOWS\system32\drivers\TwoTrack.sys
2007-04-10 04:28 96,256 --a------ C:\WINDOWS\system32\drivers\ac97intc.sys
2007-04-10 04:28 802,683 --a------ C:\WINDOWS\system32\drivers\LTSM.sys
2007-04-10 04:28 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-10 04:28 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-10 04:28 42,368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS
2007-04-10 04:28 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-10 04:28 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-10 04:27 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-10 04:27 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-04-10 04:27 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-10 04:27 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-10 04:27 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-10 04:27 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-10 04:27 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-10 04:27 70,656 --a------ C:\WINDOWS\notepad.exe
2007-04-10 04:27 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-04-10 04:27 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-10 04:27 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-10 04:27 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-10 04:27 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-10 04:27 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-10 04:27 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-10 04:27 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-10 04:27 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-10 04:27 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-10 04:27 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-10 04:27 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-10 04:27 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-10 04:27 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-10 04:27 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-10 04:27 <DIR> dr------- C:\Program Files
2007-04-10 04:27 <DIR> d--hs---- C:\WINDOWS\Installer
2007-04-10 04:27 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-10 04:27 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-10 04:26 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2007-04-10 04:26 <DIR> d--hs---- C:\System Volume Information
2007-04-10 04:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-10 04:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-10 04:26 <DIR> d-------- C:\Documents and Settings
2007-04-10 04:21 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-04-10 04:21 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-04-10 04:21 <DIR> dr------- C:\WINDOWS\Web
2007-04-10 04:21 <DIR> d--h----- C:\WINDOWS\inf
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\security
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Resources
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\repair
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Provisioning
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\PeerNet
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\pchealth
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\mui
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\msapps
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\msagent
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Media
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\ime
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Help
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\ehome
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Debug
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Config
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\addins
2007-04-10 04:21 <DIR> d-------- C:\WINDOWS
2007-04-10 00:35 <DIR> d-------- C:\Program Files\ibmhelp
2007-04-10 00:35 <DIR> d-------- C:\icons
2007-04-10 00:35 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\IBM
2007-04-10 00:27 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-04-10 00:27 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-04-09 23:58 <DIR> d-------- C:\Program Files\vanBasco's Karaoke Player
2007-04-09 23:32 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\CyberLink
2007-04-09 22:11 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys
2007-04-09 22:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth
2007-04-09 22:07 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-04-09 22:07 53,760 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll
2007-04-09 22:07 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-04-09 22:07 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-04-09 22:07 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-04-09 22:07 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-04-09 22:07 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-04-09 22:07 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-04-09 22:06 82,148 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys
2007-04-09 22:06 77,824 -ra------ C:\WINDOWS\system32\drivers\SioUi2k.dll
2007-04-09 22:06 7,680 --a------ C:\WINDOWS\system32\btinstall.dll
2007-04-09 22:06 63,488 -ra------ C:\WINDOWS\system32\drivers\wssbtr1f.sys
2007-04-09 22:06 61,312 --a------ C:\WINDOWS\system32\drivers\VComm.sys
2007-04-09 22:06 51,169 -ra------ C:\WINDOWS\system32\drivers\OXSER.SYS
2007-04-09 22:06 49,152 --a------ C:\WINDOWS\system32\btfunc.dll
2007-04-09 22:06 48,556 -ra------ C:\WINDOWS\system32\drivers\SktBt2k.sys
2007-04-09 22:06 48,076 -ra------ C:\WINDOWS\system32\drivers\Sio9502k.sys
2007-04-09 22:06 40,960 -ra------ C:\WINDOWS\system32\drivers\SCTray.exe
2007-04-09 22:06 28,271 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys
2007-04-09 22:06 23,000 --a------ C:\WINDOWS\system32\drivers\btcusb.sys
2007-04-09 22:06 20,480 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys
2007-04-09 22:06 148,830 --a------ C:\WINDOWS\system32\drivers\bcbthub.sys
2007-04-09 22:06 13,304 --a------ C:\WINDOWS\system32\drivers\BTNetFilter.sys
2007-04-09 22:06 116,021 --a------ C:\WINDOWS\system32\drivers\fw203x.sys
2007-04-09 22:06 11,860 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys
2007-04-09 22:06 11,736 --a------ C:\WINDOWS\system32\drivers\VHIDMini.sys
2007-04-09 22:06 10,804 --a------ C:\WINDOWS\system32\drivers\BtNetDrv.sys
2007-04-09 22:06 <DIR> d-------- C:\Program Files\IVT Corporation
2007-04-09 21:42 <DIR> d-------- C:\WINDOWS\Options
2007-04-09 21:40 <DIR> d--hs---- C:\RECYCLER
2007-04-09 21:39 138 --a------ C:\WINDOWS\system32\VIPuninstall.bat
2007-04-09 21:32 7,152,585 --a------ C:\WINDOWS\system32\VIPv3_EXT.dll
2007-04-09 21:32 <DIR> d-------- C:\WINDOWS\VIPv3
2007-04-09 21:27 77,824 --a------ C:\WINDOWS\system32\StartupCPL.exe
2007-04-09 21:27 696,320 --a------ C:\WINDOWS\system32\americanflag.scr
2007-04-09 21:27 641,824 --a------ C:\WINDOWS\system32\valentines.scr
2007-04-09 21:27 291,840 --a------ C:\WINDOWS\system32\Bliss.scr
2007-04-09 21:27 176,128 --a------ C:\WINDOWS\system32\Bliss.exe
2007-04-09 21:27 1,634,304 --a------ C:\WINDOWS\system32\3dwindowsxp.scr
2007-04-09 21:26 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe
2007-04-09 21:26 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-04-09 21:24 17,920 --a------ C:\WINDOWS\system32\mdimon.dll
2007-04-09 21:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink
2007-04-09 21:23 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-04-09 21:23 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-04-09 21:23 <DIR> d-------- C:\Program Files\CyberLink
2007-04-09 21:22 57,344 --a------ C:\WINDOWS\Unwash6.exe
2007-04-09 21:22 486,400 --a------ C:\WINDOWS\system32\wwSecure.exe
2007-04-09 21:22 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-04-09 21:22 <DIR> d-------- C:\Program Files\Webroot
2007-04-09 21:22 <DIR> d-------- C:\Program Files\Common Files\Webroot Shared
2007-04-09 21:22 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Webroot
2007-04-09 21:21 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys
2007-04-09 21:20 <DIR> d-------- C:\Program Files\Yahoo!
2007-04-09 21:20 <DIR> d-------- C:\Program Files\Winamp
2007-04-09 21:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo!
2007-04-09 21:17 <DIR> d-------- C:\Program Files\Foxit Software
2007-04-09 21:15 87,037 --a------ C:\WINDOWS\AGRSMMSG.exe
2007-04-09 21:15 57,856 --a------ C:\WINDOWS\agrsmdel.exe
2007-04-09 21:15 1,112,096 --a------ C:\WINDOWS\system32\drivers\AGRSM.sys
2007-04-09 21:15 <DIR> dr-h----- C:\MSOCache
2007-04-09 21:11 720,896 --a------ C:\WINDOWS\system32\a3d.dll
2007-04-09 21:11 500,648 --a------ C:\WINDOWS\system32\drivers\smwdm.sys
2007-04-09 21:11 45,056 --a------ C:\WINDOWS\system32\DSndUp.exe
2007-04-09 21:11 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe
2007-04-09 21:11 4,816 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys
2007-04-09 21:11 3,744 --a------ C:\WINDOWS\system32\drivers\smsens.sys
2007-04-09 21:11 2,619 --a------ C:\WINDOWS\system32\drivers\sensupgd.sys
2007-04-09 21:11 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-09 21:11 <DIR> d-------- C:\Program Files\Analog Devices
2007-04-09 21:08 9,644 --a------ C:\WINDOWS\system32\drivers\NMSCFG.SYS
2007-04-09 21:08 61,440 --a------ C:\WINDOWS\system32\PROMON.EXE
2007-04-09 21:08 59,152 --a------ C:\WINDOWS\system32\drivers\IANSW2K.SYS
2007-04-09 21:08 36,864 --a------ C:\WINDOWS\system32\NMSSVCPS.DLL
2007-04-09 21:08 317,952 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2007-04-09 21:08 24,778 --a------ C:\WINDOWS\system32\drivers\NMSDD.SYS
2007-04-09 21:08 20,480 --a------ C:\WINDOWS\system32\NMSMSG.DLL
2007-04-09 21:08 147,456 --a------ C:\WINDOWS\system32\PRONTOBJ.DLL
2007-04-09 21:08 147,456 --a------ C:\WINDOWS\system32\NMSAPI.DLL
2007-04-09 21:08 1,081,344 --a------ C:\WINDOWS\system32\NMSSVC.EXE
2007-04-09 21:08 <DIR> d-------- C:\Program Files\Intel
2007-04-09 21:07 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-09 21:07 184,320 --a------ C:\WINDOWS\TPBATHLP.EXE
2007-04-09 21:07 13,824 --a------ C:\WINDOWS\system32\drivers\SMAPINT.SYS
2007-04-09 21:07 12,288 --a------ C:\WINDOWS\system32\drivers\TPPWR.SYS
2007-04-09 21:05 <DIR> d-------- C:\DOCUME~1\Aika\Bluetooth Software
2007-04-09 21:02 <DIR> d-------- C:\Program Files\IBM
2007-04-09 21:01 40,960 --a------ C:\WINDOWS\system32\QCONSVC.EXE
2007-04-09 21:01 2,295 --a------ C:\WINDOWS\system32\drivers\IBMBLDID.SYS
2007-04-09 21:01 <DIR> d-------- C:\Program Files\ThinkPad
2007-04-09 20:56 4,557 --------- C:\WINDOWS\system32\atiicdxx.sys
2007-04-09 20:56 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-09 20:56 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-09 20:51 12,605 --a------ C:\WINDOWS\system32\drivers\TPHKDRV.sys
2007-04-09 20:50 98,304 --a------ C:\WINDOWS\system32\atiiprxx.exe
2007-04-09 20:50 94,208 --a------ C:\WINDOWS\system32\atiprbxx.exe
2007-04-09 20:50 94,208 --a------ C:\WINDOWS\system32\atippaxx.dll
2007-04-09 20:50 73,728 --a------ C:\WINDOWS\system32\Oemdspif.dll
2007-04-09 20:50 61,440 --a------ C:\WINDOWS\system32\atiphexx.exe
2007-04-09 20:50 580,279 --a------ C:\WINDOWS\system32\ati3duag.dll
2007-04-09 20:50 45,056 --a------ C:\WINDOWS\system32\atiicpxx.dll
2007-04-09 20:50 331,863 --a------ C:\WINDOWS\system32\atiicdxx.dll
2007-04-09 20:50 32,768 --a------ C:\WINDOWS\system32\atitvo32.dll
2007-04-09 20:50 3,080,274 --a------ C:\WINDOWS\system32\atioglxx.dll
2007-04-09 20:50 286,720 --a------ C:\WINDOWS\system32\atiptaxx.exe
2007-04-09 20:50 253,952 --a------ C:\WINDOWS\system32\atiiiexx.dll
2007-04-09 20:50 208,972 --a------ C:\WINDOWS\system32\atipdsxx.dll
2007-04-09 20:50 1,126,400 --a------ C:\WINDOWS\system32\atipuixx.dll
2007-04-09 20:49 932,761 --a------ C:\WINDOWS\system32\ati3d2ag.dll
2007-04-09 20:49 88,064 --a------ C:\WINDOWS\system32\drivers\PCX504.sys
2007-04-09 20:49 852,377 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-04-09 20:49 456,192 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-09 20:49 28,672 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2007-04-09 20:49 215,424 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-04-09 20:49 131,072 --a------ C:\WINDOWS\system32\ati2evxx.exe
2007-04-09 20:45 3,145,728 --ah----- C:\DOCUME~1\Aika\NTUSER.DAT
2007-04-09 20:44 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-04-09 20:44 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-04-09 20:44 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-09 20:43 225,280 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-04-09 20:37 225,280 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-04-09 20:37 0 -rahs---- C:\MSDOS.SYS
2007-04-09 20:37 0 -rahs---- C:\IO.SYS
2007-04-09 20:37 0 --a------ C:\CONFIG.SYS
2007-04-09 20:37 0 --a------ C:\AUTOEXEC.BAT
2007-04-09 20:37 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-09 20:37 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-09 20:36 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-09 20:35 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-04-09 20:35 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-04-09 20:35 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-04-09 20:35 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-09 20:35 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-09 20:34 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-09 20:34 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-09 20:34 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-09 20:34 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-09 20:34 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-09 20:34 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-09 20:34 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-09 20:34 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-09 20:34 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-09 20:34 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-09 20:34 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-09 20:34 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-09 20:34 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-09 20:34 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-09 20:34 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-09 20:34 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-09 20:34 394,752 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-09 20:34 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-09 20:34 36,864 --a------ C:\WINDOWS\system32\wups.dll
2007-04-09 20:34 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-09 20:34 331,776 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-09 20:34 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-09 20:34 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-09 20:34 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-09 20:34 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-09 20:34 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-09 20:34 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-09 20:34 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-09 20:34 22,528 --a------ C:\WINDOWS\system32\fltMc.exe
2007-04-09 20:34 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-09 20:34 183,296 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-09 20:34 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-09 20:34 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-09 20:34 165,888 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-09 20:34 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-09 20:34 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-09 20:34 124,800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-04-09 20:34 120,320 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-09 20:34 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-09 20:34 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-09 20:34 112,640 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-09 20:34 112,640 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-09 20:34 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-09 20:34 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-09 20:34 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-09 20:34 <DIR> d---s---- C:\WINDOWS\Tasks
2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-09 20:34 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-09 20:34 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-09 20:33 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-09 20:33 <DIR> d-------- C:\WINDOWS\Registration
2007-04-09 20:33 <DIR> d-------- C:\Program Files\Online Services
2007-04-09 20:32 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-09 20:32 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-09 20:32 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-09 20:32 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-09 20:32 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-09 20:32 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-09 20:32 83,456 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-09 20:32 82,432 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-09 20:32 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-09 20:32 72,704 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-09 20:32 717,312 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-09 20:32 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-09 20:32 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-09 20:32 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-09 20:32 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-09 20:32 62,464 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-09 20:32 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-09 20:32 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-09 20:32 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-09 20:32 59,904 --a------ C:\WINDOWS\system32\sol.exe
2007-04-09 20:32 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-09 20:32 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-09 20:32 58,368 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-09 20:32 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-09 20:32 542,720 --a------ C:\WINDOWS\system32\spider.exe
2007-04-09 20:32 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-09 20:32 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-09 20:32 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-09 20:32 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-04-09 20:32 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-09 20:32 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-09 20:32 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-09 20:32 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-09 20:32 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-09 20:32 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-09 20:32 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-09 20:32 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-09 20:32 360,960 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-09 20:32 345,088 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-09 20:32 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-09 20:32 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-09 20:32 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-09 20:32 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-09 20:32 229,888 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-09 20:32 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-09 20:32 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-09 20:32 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-09 20:32 20,992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-09 20:32 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-09 20:32 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-09 20:32 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-09 20:32 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-09 20:32 186,368 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-09 20:32 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-09 20:32 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-09 20:32 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-09 20:32 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-09 20:32 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-09 20:32 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-09 20:32 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-09 20:32 159,232 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-09 20:32 158,720 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-09 20:32 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-09 20:32 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-09 20:32 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-09 20:32 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-09 20:32 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-09 20:32 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-09 20:32 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-09 20:32 130,560 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-09 20:32 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-09 20:32 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-09 20:32 122,880 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-09 20:32 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-09 20:32 117,760 --a------ C:\WINDOWS\system32\calc.exe
2007-04-09 20:32 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-09 20:32 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-09 20:32 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-09 20:32 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-09 20:32 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-09 20:32 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-09 20:32 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-09 20:32 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-09 20:32 <DIR> d-------- C:\Program Files\Windows NT
2007-04-09 20:32 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-09 20:32 <DIR> d-------- C:\Program Files\Messenger
2007-04-09 18:55 8,192 --a------ C:\WINDOWS\system32\drivers\ibmpmdrv.sys
2007-04-09 18:55 57,344 --a------ C:\WINDOWS\system32\tp4unins.exe
2007-04-09 18:55 53,248 --a------ C:\WINDOWS\system32\ibmpmsvc.exe
2007-04-09 18:55 48,640 --a------ C:\WINDOWS\system32\tp4ui.dll
2007-04-09 18:55 3,943 --a------ C:\WINDOWS\system32\tp4table.dat
2007-04-09 18:55 14,096 --a------ C:\WINDOWS\system32\drivers\tp4track.sys
2007-04-09 18:55 114,176 --a------ C:\WINDOWS\system32\tp4uires.dll
2007-04-09 18:55 110,592 --a------ C:\WINDOWS\system32\tp4serv.exe
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-04-17 22:12 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-04-10 04:26 62 --ahs---- C:\DOCUME~1\Aika\APPLIC~1\desktop.ini
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{1557B435-8242-4686-9AA3-9265BF7525A4} C:\WINDOWS\system32\snolyoym.dll [x]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"TrackPointSrv"="tp4serv.exe"
"ATIModeChange"="Ati2mdxx.exe"
"QCTRAY"="C:\\Program Files\\ThinkPad\\ConnectUtilities\\QCTRAY.EXE"
"QCWLICON"="C:\\Program Files\\ThinkPad\\ConnectUtilities\\QCWLICON.EXE"
"BMMGAG"="RunDll32 C:\\PROGRA~1\\ThinkPad\\UTILIT~1\\pwrmonit.dll,StartPwrMonitor"
"Promon.exe"="Promon.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""
"CoolSwitch"="C:\\WINDOWS\\system32\\taskswitch.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\""
"VIPv3_Auto_Update"="C:\\WINDOWS\\VIPv3\\CheckForUpdates.exe"
"Vistadrv"="C:\\WINDOWS\\VIPv3\\VIPhd\\vsdrv.exe"
"AGRSMMSG"="AGRSMMSG.exe"
"TPHOTKEY"="C:\\PROGRA~1\\ThinkPad\\PkgMgr\\HOTKEY\\TPHKMGR.exe"
"snpstd3"="C:\\WINDOWS\\vsnpstd3.exe"
"HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe"
"VisualTooltip"="C:\\WINDOWS\\VIPv3\\VIPtooltip\\VisualToolTip.exe"
"QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime"
"Intel system tool"="C:\\WINDOWS\\system32\\svehost.exe"
"clcl6"="C:\\WINDOWS\\system32\\clcl6.exe"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"disablecad"=dword:00000001
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoSaveSettings"=dword:00000000
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run]
HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f50b9d0-ee0e-11db-93a8-101111111111}]
Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs
[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f50b9d1-ee0e-11db-93a8-101111111111}]
Shell\AutoRun\command G:\USBNB.exe
Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\BMMTask.job
********************************************************************
catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-04-23 20:50:15
Windows 5.1.2600 Service Pack 2 NTFS
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-04-23 20:50:18 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 07-04-23 20:50
by the way, i changed my security from AVG7 to Pccillin2007, and awhile ago when i scanned my computer it disinfected 100 files if im not mistaken, but still my computer freezes its windows
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.