 Hijackthis Log: Please Help Diagnose, pc crashes, so many adware and trojans, pc slows down, many viruses, |
Welcome Guest ( Log In | Click here to Register a free account now! )
Register a free account to unlock additional features at BleepingComputer.com
Welcome to Bleeping Computer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.
Forum Guidelines
Read this topic before posting a log. DO NOT post a ComboFix log unless requested to. Only members of the HijackThis Team or Moderators are allowed to help people with logs. Anyone else should refrain from posting to another user's log. When posting a log please put the type of infection you have in the topic title. IE: Winfixer, Virtumonde, WinTools, WebSearch, Home Search Assistant, etc. Do not bump your topic. We try to resolve logs on a first come/first served basis. By bumping your log you will be pushed back in line due to the new date of your bump.
  |
  Apr 22 2007, 04:30 AM
Post
#1
|
|
 New Member  Group: Members Posts: 7 Joined: 22-April 07 Member No.: 126,268  |
Scan saved at 2:49:04 PM, on 4/22/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\NMSSvc.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\QCONSVC.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wwSecure.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\tp4serv.exe C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\Promon.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe C:\PROGRA~1\Grisoft\AVG7\avgcc.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\clcl4.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\IBM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe C:\Program Files\IBM\Bluetooth Software\BTStackServer.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\DOCUME~1\Aika\LOCALS~1\Temp\ckbk.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HijackThis\HijackThis.exe O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [Promon.exe] Promon.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [VIPv3_Auto_Update] C:\WINDOWS\VIPv3\CheckForUpdates.exe O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\VIPv3\VIPhd\vsdrv.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP O4 - HKLM\..\Run: [SoundService] rundll32.exe "C:\WINDOWS\system32\oryimsvg.dll",setvm O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Intel system tool] C:\WINDOWS\system32\svehost.exe O4 - HKLM\..\Run: [clcl5] C:\WINDOWS\system32\clcl5.exe O4 - HKLM\..\RunOnce: [clcl4] command.com /c del C:\WINDOWS\system32\clcl4.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\RunOnce: [Index Washer] C:\Program Files\Webroot\Washer\WashIdx.exe "Aika" O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\PopCap Games\LimeWire\LimeWire.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe |
 |
 
|
|
Apr 22 2007, 07:12 AM
Post
#2
|
|
 Malware Assassin Group: HJT Team Posts: 13,611 Joined: 13-July 06 Member No.: 75,975 |
Welcome to the BleepingComputer HijackThis Logs and Analysis forum pretyaix
 Run 'BitDefender Online Scanner' using Internet Explorer: http://www.bitdefender.com/scan8/ie.html Read the 'END USER SOFTWARE LICENSE AGREEMENT' then click 'I agree'. You'll be prompted to install the activex control,please do so. Once installed,disable your current antivirus program,then click the 'Click here to scan' button. The virus signatures will then load. Once loaded the scan will start. The scan will take quite some time so please be patient. Once the scan has finished select the 'Detected Problems' tab. Click on 'Click here to export scan'. Save the file as an HTML file to your desktop. Then click on the saved file and allow it to open with your browser. Go to 'Edit'/'Select All' then copy and paste that log into your next reply. *Note* Don't forget to re-enable your antivirus program. ***************************** Please download Combofix and save to the desktop: http://download.bleepingcomputer.com/sUBs/Beta/ComboFix.exe Note: It is important that it is saved directly to your desktop Close any open browsers. Double click on combofix.exe and follow the prompts. When it's finished it will produce a log. Post the C:\ComboFix.txt into your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause the program to freeze/hang. ***************************** Please go to: C:\HijackThis\HijackThis.exe Right click on Hijackthis.exe and select 'Rename', rename it to abc.bat Double click on abc.bat(which is still Hijackthis.exe),post that log into your next reply please. Also post the BitDefender Online Scanner log,and the C:\ComboFix.txt -------------------- If I have helped you in any way, please consider a donation:
 Proud Member of ASAP (Alliance of Security Analysis Professionals). Proud Member of U-N-I-T-E (Unified Network of Instructors and Trusted Eliminators). |
|
|
|
|
Apr 23 2007, 09:17 AM
Post
#3
|
|
|
New Member Group: Members Posts: 7 Joined: 22-April 07 Member No.: 126,268 |
RICHIEUK thank you very much for your time i really appreciate it!
i can't scan my computer to the online scanner you've told me because my ie kept on closing. The popup kept on opening when i try to scan again and it'll closes afterwards. but here are the logs of the abc.bat and the combofix. Logfile of HijackThis v1.99.1 Scan saved at 8:54:17 PM, on 4/23/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\ibmpmsvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\System32\QCONSVC.EXE C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\wwSecure.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\tp4serv.exe C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\Promon.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\taskswitch.exe C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe C:\WINDOWS\AGRSMMSG.exe C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\svehost.exe C:\WINDOWS\system32\clcl6.exe C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe C:\Program Files\IBM\Bluetooth Software\BTTray.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\WINDOWS\system32\NMSSvc.exe C:\Program Files\Actual Reminder 3.0\Actual Reminder.exe C:\Program Files\IBM\Bluetooth Software\BTStackServer.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY\TPONSCR.exe C:\Program Files\ThinkPad\PkgMgr\HOTKEY_1\TpScrex.exe C:\PROGRA~1\Yahoo!\MESSEN~1\ymsgr_tray.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\WINDOWS\system32\NOTEPAD.EXE C:\HijackThis\abc.bat.exe O2 - BHO: (no name) - {1557B435-8242-4686-9AA3-9265BF7525A4} - C:\WINDOWS\system32\snolyoym.dll (file missing) O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - (no file) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll O4 - HKLM\..\Run: [TrackPointSrv] tp4serv.exe O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM\..\Run: [QCTRAY] C:\Program Files\ThinkPad\ConnectUtilities\QCTRAY.EXE O4 - HKLM\..\Run: [QCWLICON] C:\Program Files\ThinkPad\ConnectUtilities\QCWLICON.EXE O4 - HKLM\..\Run: [BMMGAG] RunDll32 C:\PROGRA~1\ThinkPad\UTILIT~1\pwrmonit.dll,StartPwrMonitor O4 - HKLM\..\Run: [Promon.exe] Promon.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [CoolSwitch] C:\WINDOWS\system32\taskswitch.exe O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe" O4 - HKLM\..\Run: [VIPv3_Auto_Update] C:\WINDOWS\VIPv3\CheckForUpdates.exe O4 - HKLM\..\Run: [Vistadrv] C:\WINDOWS\VIPv3\VIPhd\vsdrv.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [TPHOTKEY] C:\PROGRA~1\ThinkPad\PkgMgr\HOTKEY\TPHKMGR.exe O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [VisualTooltip] C:\WINDOWS\VIPv3\VIPtooltip\VisualToolTip.exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime O4 - HKLM\..\Run: [Intel system tool] C:\WINDOWS\system32\svehost.exe O4 - HKLM\..\Run: [clcl6] C:\WINDOWS\system32\clcl6.exe O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet O4 - Startup: Actual Reminder.lnk = C:\Program Files\Actual Reminder 3.0\Actual Reminder.exe O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\PopCap Games\LimeWire\LimeWire.exe O4 - Global Startup: BlueSoleil.lnk = ? O4 - Global Startup: BTTray.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180 O17 - HKLM\System\CCS\Services\Tcpip\..\{4FFF7F65-3832-4EC3-82DE-BD8956562185}: NameServer = 85.255.114.44,85.255.112.180 O17 - HKLM\System\CCS\Services\Tcpip\..\{8C64672F-62A1-4D7A-8417-8D1AC1106306}: NameServer = 85.255.114.44,85.255.112.180 O17 - HKLM\System\CCS\Services\Tcpip\..\{9A425786-18A9-495D-B10D-AF501AD730BA}: NameServer = 85.255.114.44,85.255.112.180 O17 - HKLM\System\CCS\Services\Tcpip\..\{D19BAA0F-265D-4706-B21E-D5BB62A74ED8}: NameServer = 85.255.114.44,85.255.112.180 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180 O17 - HKLM\System\CS1\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180 O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180 O17 - HKLM\System\CS2\Services\Tcpip\..\{042050B2-2C4E-4999-A498-6B5FCA21B7F7}: NameServer = 85.255.114.44,85.255.112.180 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.114.44 85.255.112.180 O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe O23 - Service: Intel® NMS (NMSSvc) - Intel Corporation - C:\WINDOWS\system32\NMSSvc.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: QCONSVC - Unknown owner - C:\WINDOWS\System32\QCONSVC.EXE O23 - Service: CLCV0 (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE O23 - Service: Washer Security Access (wwSecSvc) - Webroot Software, Inc. - C:\WINDOWS\system32\wwSecure.exe =========== |
|
|
|
|
Apr 23 2007, 09:19 AM
Post
#4
|
|
|
New Member Group: Members Posts: 7 Joined: 22-April 07 Member No.: 126,268 |
"Aika" - 07-04-23 20:45:15 Service Pack 2
ComboFix 07-04-22.6V - Running from: "C:\Documents and Settings\Aika\Desktop\" (((((((((((((((((((((((((((((((((((((((((((((((((( V Log ))))))))))))))))))))))))))))))))))))))))))))))))))))))) C:\WINDOWS\system32\opjemcjb.dll C:\WINDOWS\system32\snolyoym.dll C:\WINDOWS\system32\qsvyb.bak1 C:\WINDOWS\system32\qsvyb.bak2 C:\WINDOWS\system32\qsvyb.ini C:\WINDOWS\system32\qsvyb.ini2 C:\WINDOWS\system32\qsvyb.tmp C:\WINDOWS\system32\byvsq.dll C:\WINDOWS\system32\tuvuvur.dll * * * POST RUN FILES/FOLDERS * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * ((((((((((((((((((((((((((((((( Files Created from 2007-03-23 to 2007-04-23 )))))))))))))))))))))))))))))))))) 2007-04-23 18:35 <DIR> d-------- C:\WINDOWS\BDOSCAN8 2007-04-23 18:14 204,288 --a------ C:\WINDOWS\system32\clcl6.exe 2007-04-23 17:55 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\iolo 2007-04-23 17:55 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\iolo 2007-04-23 17:39 0 --a------ C:\WINDOWS\system32\UTSCSI.EXE 2007-04-23 17:39 <DIR> d-------- C:\USB Notebook Data 2007-04-23 17:39 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\PLAux 2007-04-23 17:39 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\OTi 2007-04-22 19:59 <DIR> d-------- C:\Program Files\Music Challenge 2007-04-22 18:57 <DIR> d-------- C:\Program Files\Actual Reminder 3.0 2007-04-22 18:57 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Actual Reminder 2007-04-22 18:38 <DIR> d-------- C:\Program Files\Stardock 2007-04-22 18:38 <DIR> d-------- C:\Program Files\Common Files\Stardock 2007-04-22 14:26 <DIR> d-------- C:\HijackThis 2007-04-21 01:17 34,816 --a------ C:\WINDOWS\system32\svehost.exe 2007-04-20 17:02 <DIR> d-------- C:\WINDOWS\system32\NtmsData 2007-04-20 16:52 <DIR> d-------- C:\Program Files\GameHouse 2007-04-20 16:51 <DIR> d-------- C:\Program Files\PopCap Games 2007-04-20 16:47 <DIR> d-------- C:\Program Files\mIRC 2007-04-20 00:00 86,016 --a------ C:\WINDOWS\unvise32qt.exe 2007-04-19 23:58 <DIR> d-------- C:\WINDOWS\system32\QuickTime 2007-04-19 23:58 <DIR> d-------- C:\Program Files\QuickTime 2007-04-19 23:57 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\QuickTime 2007-04-19 23:35 <DIR> d-------- C:\DOCUME~1\Aika\Incomplete 2007-04-19 23:34 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\LimeWire 2007-04-19 19:59 <DIR> d-------- C:\WINDOWS\system32\appmgmt 2007-04-17 22:43 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys 2007-04-17 22:43 165,376 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2007-04-17 22:03 <DIR> d-------- C:\Program Files\SEGA 2007-04-17 21:37 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\SEGA 2007-04-16 17:47 133 --a------ C:\DOCUME~1\Aika\same.scr 2007-04-16 15:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Trymedia 2007-04-16 15:21 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\PlayFirst 2007-04-16 15:21 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\PlayFirst 2007-04-16 15:20 <DIR> d-------- C:\Program Files\Diner Dash Flo on the Go 2007-04-15 20:43 45,056 --a------ C:\WINDOWS\NCUNINST.EXE 2007-04-15 20:42 <DIR> d-------- C:\Program Files\Common Files\SWF Studio 2007-04-15 20:38 13,261 --a------ C:\DOCUME~1\Aika\block130.dat 2007-04-15 20:38 12 --a------ C:\DOCUME~1\Aika\block130.sys 2007-04-14 18:20 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Image Zone Express 2007-04-14 18:01 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\HP 2007-04-14 18:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\HP 2007-04-14 17:51 <DIR> d-------- C:\Program Files\Common Files\HP 2007-04-14 17:46 <DIR> d-------- C:\Program Files\Hewlett-Packard 2007-04-14 17:45 48,640 --a------ C:\WINDOWS\system32\hpzll4pi.dll 2007-04-14 17:41 94,208 --a------ C:\WINDOWS\system32\HPZipt12.dll 2007-04-14 17:41 69,632 --a------ C:\WINDOWS\system32\HPZipm12.exe 2007-04-14 17:41 65,536 --a------ C:\WINDOWS\system32\HPZinw12.exe 2007-04-14 17:41 57,344 --a------ C:\WINDOWS\system32\HPZisn12.dll 2007-04-14 17:41 282,680 --a------ C:\WINDOWS\system32\HPZidr12.dll 2007-04-14 17:41 204,800 --a------ C:\WINDOWS\system32\HPZipr12.dll 2007-04-14 17:38 31,616 --a------ C:\WINDOWS\system32\drivers\usbccgp.sys 2007-04-14 17:38 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys 2007-04-14 17:37 <DIR> d-------- C:\Program Files\HP 2007-04-14 17:36 14,916 --------- C:\WINDOWS\hphmdl12.dat 2007-04-14 17:36 123,979 --a------ C:\WINDOWS\HPHins12.dat 2007-04-13 21:20 53,760 --a------ C:\WINDOWS\system32\vfwwdm32.dll 2007-04-13 21:18 94,208 --a------ C:\WINDOWS\amcap.exe 2007-04-13 21:18 61,440 --a------ C:\WINDOWS\system32\csnpstd3.dll 2007-04-13 21:18 57,344 --a------ C:\WINDOWS\system32\rsnpstd3.dll 2007-04-13 21:18 498,432 --a------ C:\WINDOWS\system32\drivers\snpstd3.sys 2007-04-13 21:18 36,864 --a------ C:\WINDOWS\system32\vsnpstd3.dll 2007-04-13 21:18 339,968 --a------ C:\WINDOWS\vsnpstd3.exe 2007-04-13 21:18 20,480 --a------ C:\WINDOWS\usnpstd3.exe 2007-04-13 21:18 <DIR> d-------- C:\Program Files\Common Files\snpstd3 2007-04-12 10:43 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll 2007-04-12 10:42 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007 2007-04-12 10:42 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\TuneUp Software 2007-04-12 10:41 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard 2007-04-12 10:41 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software 2007-04-12 09:55 <DIR> d-------- C:\Program Files\ChikkaV4 2007-04-12 09:41 <DIR> d-------- C:\DOCUME~1\LOCALS~1\APPLIC~1\Spyware Terminator 2007-04-11 21:41 <DIR> d-------- C:\Program Files\Alcohol Soft 2007-04-10 23:45 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll 2007-04-10 23:45 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll 2007-04-10 23:45 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-04-10 19:54 <DIR> d-------- C:\WINDOWS\pss 2007-04-10 19:20 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Help 2007-04-10 17:37 <DIR> d---s---- C:\DOCUME~1\Aika\UserData 2007-04-10 12:50 <DIR> d-------- C:\DOCUME~1\Guest\APPLIC~1\IBM 2007-04-10 12:48 643,072 --a------ C:\DOCUME~1\Guest\NTUSER.DAT 2007-04-10 12:48 <DIR> d-------- C:\DOCUME~1\Guest\Bluetooth Software 2007-04-10 09:32 221,184 --a------ C:\WINDOWS\system32\wmpns.dll 2007-04-10 09:27 0 --a------ C:\WINDOWS\nsreg.dat 2007-04-10 09:27 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Talkback 2007-04-10 08:44 20 --a------ C:\WINDOWS\popcinfo.dat 2007-04-10 07:52 <DIR> d-------- C:\Program Files\Common Files\DirectX 2007-04-10 04:30 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-04-10 04:30 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys 2007-04-10 04:30 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-04-10 04:30 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-04-10 04:30 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-04-10 04:30 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-04-10 04:30 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2007-04-10 04:30 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys 2007-04-10 04:30 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-04-10 04:30 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-04-10 04:30 171,776 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-04-10 04:30 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-04-10 04:29 9,344 --a------ C:\WINDOWS\system32\drivers\compbatt.sys 2007-04-10 04:29 87,424 --a------ C:\WINDOWS\system32\drivers\irda.sys 2007-04-10 04:29 82,432 --a------ C:\WINDOWS\system32\tp4mon.exe 2007-04-10 04:29 8,192 --a------ C:\WINDOWS\system32\wshirda.dll 2007-04-10 04:29 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys 2007-04-10 04:29 42,496 --a------ C:\WINDOWS\system32\tp4res.dll 2007-04-10 04:29 31,744 --a------ C:\WINDOWS\system32\tp4.dll 2007-04-10 04:29 28,672 --a------ C:\WINDOWS\system32\drivers\nscirda.sys 2007-04-10 04:29 27,136 --a------ C:\WINDOWS\system32\irmon.dll 2007-04-10 04:29 19,584 --a------ C:\WINDOWS\system32\drivers\rasirda.sys 2007-04-10 04:29 152,576 --a------ C:\WINDOWS\system32\irftp.exe 2007-04-10 04:29 14,080 --a------ C:\WINDOWS\system32\drivers\CmBatt.sys 2007-04-10 04:29 14,080 --a------ C:\WINDOWS\system32\drivers\battc.sys 2007-04-10 04:29 117,760 --a------ C:\WINDOWS\system32\drivers\e100b325.sys 2007-04-10 04:29 11,520 --a------ C:\WINDOWS\system32\drivers\TwoTrack.sys 2007-04-10 04:28 96,256 --a------ C:\WINDOWS\system32\drivers\ac97intc.sys 2007-04-10 04:28 802,683 --a------ C:\WINDOWS\system32\drivers\LTSM.sys 2007-04-10 04:28 74,240 --a------ C:\WINDOWS\system32\usbui.dll 2007-04-10 04:28 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-04-10 04:28 42,368 --a------ C:\WINDOWS\system32\drivers\AGP440.SYS 2007-04-10 04:28 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-04-10 04:28 145,792 --a------ C:\WINDOWS\system32\drivers\portcls.sys 2007-04-10 04:27 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-04-10 04:27 9,008 --a------ C:\WINDOWS\system\VER.DLL 2007-04-10 04:27 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-04-10 04:27 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-04-10 04:27 8,704 --a------ C:\WINDOWS\system32\batt.dll 2007-04-10 04:27 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-04-10 04:27 74,752 --a------ C:\WINDOWS\system32\storprop.dll 2007-04-10 04:27 70,656 --a------ C:\WINDOWS\notepad.exe 2007-04-10 04:27 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll 2007-04-10 04:27 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-04-10 04:27 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll 2007-04-10 04:27 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL 2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-04-10 04:27 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-04-10 04:27 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-04-10 04:27 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-04-10 04:27 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-04-10 04:27 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-04-10 04:27 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-04-10 04:27 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-04-10 04:27 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-04-10 04:27 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-04-10 04:27 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-04-10 04:27 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-04-10 04:27 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-04-10 04:27 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-04-10 04:27 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-04-10 04:27 <DIR> dr------- C:\Program Files 2007-04-10 04:27 <DIR> d--hs---- C:\WINDOWS\Installer 2007-04-10 04:27 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines 2007-04-10 04:27 <DIR> d-------- C:\Program Files\Common Files\ODBC 2007-04-10 04:26 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents 2007-04-10 04:26 <DIR> d--hs---- C:\System Volume Information 2007-04-10 04:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot2 2007-04-10 04:26 <DIR> d-------- C:\WINDOWS\system32\CatRoot 2007-04-10 04:26 <DIR> d-------- C:\Documents and Settings 2007-04-10 04:21 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache 2007-04-10 04:21 <DIR> dr--s---- C:\WINDOWS\Fonts 2007-04-10 04:21 <DIR> dr------- C:\WINDOWS\Web 2007-04-10 04:21 <DIR> d--h----- C:\WINDOWS\inf 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\WinSxS 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\twain_32 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\wins 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\wbem 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\usmt 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\spool 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ShellExt 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\Setup 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ras 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\oobe 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\npp 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\mui 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\inetsrv 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\IME 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\icsxml 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\ias 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\export 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers\etc 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\drivers 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\dhcp 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\config 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\3com_dmi 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\3076 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\2052 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1054 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1042 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1041 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1037 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1033 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1031 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1028 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32\1025 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system32 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\system 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\security 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Resources 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\repair 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Provisioning 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\PeerNet 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\pchealth 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\mui 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\msapps 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\msagent 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Media 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\ime 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Help 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\ehome 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Driver Cache 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Debug 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Cursors 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Connection Wizard 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\Config 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\AppPatch 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS\addins 2007-04-10 04:21 <DIR> d-------- C:\WINDOWS 2007-04-10 00:35 <DIR> d-------- C:\Program Files\ibmhelp 2007-04-10 00:35 <DIR> d-------- C:\icons 2007-04-10 00:35 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\IBM 2007-04-10 00:27 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll 2007-04-10 00:27 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll 2007-04-09 23:58 <DIR> d-------- C:\Program Files\vanBasco's Karaoke Player 2007-04-09 23:32 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\CyberLink 2007-04-09 22:11 14,848 --a------ C:\WINDOWS\system32\drivers\kbdhid.sys 2007-04-09 22:09 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Bluetooth 2007-04-09 22:07 85,376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys 2007-04-09 22:07 53,760 --a------ C:\WINDOWS\system32\drivers\vfwwdm32.dll 2007-04-09 22:07 5,504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys 2007-04-09 22:07 19,328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS 2007-04-09 22:07 17,024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys 2007-04-09 22:07 15,360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys 2007-04-09 22:07 11,136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys 2007-04-09 22:07 10,880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys 2007-04-09 22:06 82,148 --a------ C:\WINDOWS\system32\drivers\VcommMgr.sys 2007-04-09 22:06 77,824 -ra------ C:\WINDOWS\system32\drivers\SioUi2k.dll 2007-04-09 22:06 7,680 --a------ C:\WINDOWS\system32\btinstall.dll 2007-04-09 22:06 63,488 -ra------ C:\WINDOWS\system32\drivers\wssbtr1f.sys 2007-04-09 22:06 61,312 --a------ C:\WINDOWS\system32\drivers\VComm.sys 2007-04-09 22:06 51,169 -ra------ C:\WINDOWS\system32\drivers\OXSER.SYS 2007-04-09 22:06 49,152 --a------ C:\WINDOWS\system32\btfunc.dll 2007-04-09 22:06 48,556 -ra------ C:\WINDOWS\system32\drivers\SktBt2k.sys 2007-04-09 22:06 48,076 -ra------ C:\WINDOWS\system32\drivers\Sio9502k.sys 2007-04-09 22:06 40,960 -ra------ C:\WINDOWS\system32\drivers\SCTray.exe 2007-04-09 22:06 28,271 --a------ C:\WINDOWS\system32\drivers\BTHidMgr.sys 2007-04-09 22:06 23,000 --a------ C:\WINDOWS\system32\drivers\btcusb.sys 2007-04-09 22:06 20,480 --a------ C:\WINDOWS\system32\drivers\blueletaudio.sys 2007-04-09 22:06 148,830 --a------ C:\WINDOWS\system32\drivers\bcbthub.sys 2007-04-09 22:06 13,304 --a------ C:\WINDOWS\system32\drivers\BTNetFilter.sys 2007-04-09 22:06 116,021 --a------ C:\WINDOWS\system32\drivers\fw203x.sys 2007-04-09 22:06 11,860 --a------ C:\WINDOWS\system32\drivers\vbtenum.sys 2007-04-09 22:06 11,736 --a------ C:\WINDOWS\system32\drivers\VHIDMini.sys 2007-04-09 22:06 10,804 --a------ C:\WINDOWS\system32\drivers\BtNetDrv.sys 2007-04-09 22:06 <DIR> d-------- C:\Program Files\IVT Corporation 2007-04-09 21:42 <DIR> d-------- C:\WINDOWS\Options 2007-04-09 21:40 <DIR> d--hs---- C:\RECYCLER 2007-04-09 21:39 138 --a------ C:\WINDOWS\system32\VIPuninstall.bat 2007-04-09 21:32 7,152,585 --a------ C:\WINDOWS\system32\VIPv3_EXT.dll 2007-04-09 21:32 <DIR> d-------- C:\WINDOWS\VIPv3 2007-04-09 21:27 77,824 --a------ C:\WINDOWS\system32\StartupCPL.exe 2007-04-09 21:27 696,320 --a------ C:\WINDOWS\system32\americanflag.scr 2007-04-09 21:27 641,824 --a------ C:\WINDOWS\system32\valentines.scr 2007-04-09 21:27 291,840 --a------ C:\WINDOWS\system32\Bliss.scr 2007-04-09 21:27 176,128 --a------ C:\WINDOWS\system32\Bliss.exe 2007-04-09 21:27 1,634,304 --a------ C:\WINDOWS\system32\3dwindowsxp.scr 2007-04-09 21:26 266,360 --a------ C:\WINDOWS\system32\TweakUI.exe 2007-04-09 21:26 <DIR> d-------- C:\WINDOWS\Downloaded Installations 2007-04-09 21:24 17,920 --a------ C:\WINDOWS\system32\mdimon.dll 2007-04-09 21:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\CyberLink 2007-04-09 21:23 <DIR> d-------- C:\Program Files\Microsoft.NET 2007-04-09 21:23 <DIR> d-------- C:\Program Files\Microsoft ActiveSync 2007-04-09 21:23 <DIR> d-------- C:\Program Files\CyberLink 2007-04-09 21:22 57,344 --a------ C:\WINDOWS\Unwash6.exe 2007-04-09 21:22 486,400 --a------ C:\WINDOWS\system32\wwSecure.exe 2007-04-09 21:22 <DIR> d-------- C:\WINDOWS\SHELLNEW 2007-04-09 21:22 <DIR> d-------- C:\Program Files\Webroot 2007-04-09 21:22 <DIR> d-------- C:\Program Files\Common Files\Webroot Shared 2007-04-09 21:22 <DIR> d-------- C:\DOCUME~1\Aika\APPLIC~1\Webroot 2007-04-09 21:21 20,016 --------- C:\WINDOWS\system32\drivers\pxhelp20.sys 2007-04-09 21:20 <DIR> d-------- C:\Program Files\Yahoo! 2007-04-09 21:20 <DIR> d-------- C:\Program Files\Winamp 2007-04-09 21:20 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Yahoo! 2007-04-09 21:17 <DIR> d-------- C:\Program Files\Foxit Software 2007-04-09 21:15 87,037 --a------ C:\WINDOWS\AGRSMMSG.exe 2007-04-09 21:15 57,856 --a------ C:\WINDOWS\agrsmdel.exe 2007-04-09 21:15 1,112,096 --a------ C:\WINDOWS\system32\drivers\AGRSM.sys 2007-04-09 21:15 <DIR> dr-h----- C:\MSOCache 2007-04-09 21:11 720,896 --a------ C:\WINDOWS\system32\a3d.dll 2007-04-09 21:11 500,648 --a------ C:\WINDOWS\system32\drivers\smwdm.sys 2007-04-09 21:11 45,056 --a------ C:\WINDOWS\system32\DSndUp.exe 2007-04-09 21:11 45,056 --a------ C:\WINDOWS\system32\CleanUp.exe 2007-04-09 21:11 4,816 --a------ C:\WINDOWS\system32\drivers\aeaudio.sys 2007-04-09 21:11 3,744 --a------ C:\WINDOWS\system32\drivers\smsens.sys 2007-04-09 21:11 2,619 --a------ C:\WINDOWS\system32\drivers\sensupgd.sys 2007-04-09 21:11 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups 2007-04-09 21:11 <DIR> d-------- C:\Program Files\Analog Devices 2007-04-09 21:08 9,644 --a------ C:\WINDOWS\system32\drivers\NMSCFG.SYS 2007-04-09 21:08 61,440 --a------ C:\WINDOWS\system32\PROMON.EXE 2007-04-09 21:08 59,152 --a------ C:\WINDOWS\system32\drivers\IANSW2K.SYS 2007-04-09 21:08 36,864 --a------ C:\WINDOWS\system32\NMSSVCPS.DLL 2007-04-09 21:08 317,952 --a------ C:\WINDOWS\system32\ROBOEX32.DLL 2007-04-09 21:08 24,778 --a------ C:\WINDOWS\system32\drivers\NMSDD.SYS 2007-04-09 21:08 20,480 --a------ C:\WINDOWS\system32\NMSMSG.DLL 2007-04-09 21:08 147,456 --a------ C:\WINDOWS\system32\PRONTOBJ.DLL 2007-04-09 21:08 147,456 --a------ C:\WINDOWS\system32\NMSAPI.DLL 2007-04-09 21:08 1,081,344 --a------ C:\WINDOWS\system32\NMSSVC.EXE 2007-04-09 21:08 <DIR> d-------- C:\Program Files\Intel 2007-04-09 21:07 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-04-09 21:07 184,320 --a------ C:\WINDOWS\TPBATHLP.EXE 2007-04-09 21:07 13,824 --a------ C:\WINDOWS\system32\drivers\SMAPINT.SYS 2007-04-09 21:07 12,288 --a------ C:\WINDOWS\system32\drivers\TPPWR.SYS 2007-04-09 21:05 <DIR> d-------- C:\DOCUME~1\Aika\Bluetooth Software 2007-04-09 21:02 <DIR> d-------- C:\Program Files\IBM 2007-04-09 21:01 40,960 --a------ C:\WINDOWS\system32\QCONSVC.EXE 2007-04-09 21:01 2,295 --a------ C:\WINDOWS\system32\drivers\IBMBLDID.SYS 2007-04-09 21:01 <DIR> d-------- C:\Program Files\ThinkPad 2007-04-09 20:56 4,557 --------- C:\WINDOWS\system32\atiicdxx.sys 2007-04-09 20:56 <DIR> d--h----- C:\Program Files\InstallShield Installation Information 2007-04-09 20:56 <DIR> d-------- C:\Program Files\Common Files\InstallShield 2007-04-09 20:51 12,605 --a------ C:\WINDOWS\system32\drivers\TPHKDRV.sys 2007-04-09 20:50 98,304 --a------ C:\WINDOWS\system32\atiiprxx.exe 2007-04-09 20:50 94,208 --a------ C:\WINDOWS\system32\atiprbxx.exe 2007-04-09 20:50 94,208 --a------ C:\WINDOWS\system32\atippaxx.dll 2007-04-09 20:50 73,728 --a------ C:\WINDOWS\system32\Oemdspif.dll 2007-04-09 20:50 61,440 --a------ C:\WINDOWS\system32\atiphexx.exe 2007-04-09 20:50 580,279 --a------ C:\WINDOWS\system32\ati3duag.dll 2007-04-09 20:50 45,056 --a------ C:\WINDOWS\system32\atiicpxx.dll 2007-04-09 20:50 331,863 --a------ C:\WINDOWS\system32\atiicdxx.dll 2007-04-09 20:50 32,768 --a------ C:\WINDOWS\system32\atitvo32.dll 2007-04-09 20:50 3,080,274 --a------ C:\WINDOWS\system32\atioglxx.dll 2007-04-09 20:50 286,720 --a------ C:\WINDOWS\system32\atiptaxx.exe 2007-04-09 20:50 253,952 --a------ C:\WINDOWS\system32\atiiiexx.dll 2007-04-09 20:50 208,972 --a------ C:\WINDOWS\system32\atipdsxx.dll 2007-04-09 20:50 1,126,400 --a------ C:\WINDOWS\system32\atipuixx.dll 2007-04-09 20:49 932,761 --a------ C:\WINDOWS\system32\ati3d2ag.dll 2007-04-09 20:49 88,064 --a------ C:\WINDOWS\system32\drivers\PCX504.sys 2007-04-09 20:49 852,377 --a------ C:\WINDOWS\system32\ati3d1ag.dll 2007-04-09 20:49 456,192 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys 2007-04-09 20:49 28,672 --a------ C:\WINDOWS\system32\Ati2mdxx.exe 2007-04-09 20:49 215,424 --a------ C:\WINDOWS\system32\ati2dvag.dll 2007-04-09 20:49 131,072 --a------ C:\WINDOWS\system32\ati2evxx.exe 2007-04-09 20:45 3,145,728 --ah----- C:\DOCUME~1\Aika\NTUSER.DAT 2007-04-09 20:44 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-04-09 20:44 <DIR> d-------- C:\WINDOWS\SoftwareDistribution 2007-04-09 20:44 <DIR> d-------- C:\WINDOWS\Prefetch 2007-04-09 20:43 225,280 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-04-09 20:37 225,280 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-04-09 20:37 0 -rahs---- C:\MSDOS.SYS 2007-04-09 20:37 0 -rahs---- C:\IO.SYS 2007-04-09 20:37 0 --a------ C:\CONFIG.SYS 2007-04-09 20:37 0 --a------ C:\AUTOEXEC.BAT 2007-04-09 20:37 <DIR> d-------- C:\WINDOWS\system32\xircom 2007-04-09 20:37 <DIR> d-------- C:\Program Files\microsoft frontpage 2007-04-09 20:36 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-04-09 20:35 <DIR> dr------- C:\WINDOWS\Offline Web Pages 2007-04-09 20:35 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM 2007-04-09 20:35 <DIR> d--h----- C:\Program Files\WindowsUpdate 2007-04-09 20:35 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files 2007-04-09 20:35 <DIR> d-------- C:\WINDOWS\system32\DirectX 2007-04-09 20:34 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-04-09 20:34 81,920 --a------ C:\WINDOWS\system32\ils.dll 2007-04-09 20:34 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll 2007-04-09 20:34 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2007-04-09 20:34 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-04-09 20:34 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll 2007-04-09 20:34 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2007-04-09 20:34 678,400 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-04-09 20:34 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2007-04-09 20:34 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-04-09 20:34 64,512 --a------ C:\WINDOWS\system32\acctres.dll 2007-04-09 20:34 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-04-09 20:34 48,128 --a------ C:\WINDOWS\system32\inetres.dll 2007-04-09 20:34 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2007-04-09 20:34 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-04-09 20:34 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll 2007-04-09 20:34 394,752 --a------ C:\WINDOWS\system32\wuapi.dll 2007-04-09 20:34 382,464 --a------ C:\WINDOWS\system32\qmgr.dll 2007-04-09 20:34 36,864 --a------ C:\WINDOWS\system32\wups.dll 2007-04-09 20:34 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-04-09 20:34 331,776 --a------ C:\WINDOWS\system32\mstask.dll 2007-04-09 20:34 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-04-09 20:34 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-04-09 20:34 29,696 --a------ C:\WINDOWS\system32\safrdm.dll 2007-04-09 20:34 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll 2007-04-09 20:34 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-04-09 20:34 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-04-09 20:34 239,104 --a------ C:\WINDOWS\system32\srrstr.dll 2007-04-09 20:34 22,528 --a------ C:\WINDOWS\system32\fltMc.exe 2007-04-09 20:34 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-04-09 20:34 183,296 --a------ C:\WINDOWS\system32\wuaueng1.dll 2007-04-09 20:34 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll 2007-04-09 20:34 170,496 --a------ C:\WINDOWS\system32\srsvc.dll 2007-04-09 20:34 165,888 --a------ C:\WINDOWS\system32\wuauclt1.exe 2007-04-09 20:34 16,896 --a------ C:\WINDOWS\system32\fltlib.dll 2007-04-09 20:34 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-04-09 20:34 124,800 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys 2007-04-09 20:34 120,320 --a------ C:\WINDOWS\system32\wuweb.dll 2007-04-09 20:34 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll 2007-04-09 20:34 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2007-04-09 20:34 112,640 --a------ C:\WINDOWS\system32\wucltui.dll 2007-04-09 20:34 112,640 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-04-09 20:34 11,264 --a------ C:\WINDOWS\system32\atrace.dll 2007-04-09 20:34 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2007-04-09 20:34 1,134,592 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-04-09 20:34 <DIR> d---s---- C:\WINDOWS\Tasks 2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\system32\Restore 2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\system32\Macromed 2007-04-09 20:34 <DIR> d-------- C:\WINDOWS\srchasst 2007-04-09 20:34 <DIR> d-------- C:\Program Files\Movie Maker 2007-04-09 20:34 <DIR> d-------- C:\Program Files\Common Files\MSSoap 2007-04-09 20:33 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-04-09 20:33 <DIR> d-------- C:\WINDOWS\Registration 2007-04-09 20:33 <DIR> d-------- C:\Program Files\Online Services 2007-04-09 20:32 949,248 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-04-09 20:32 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll 2007-04-09 20:32 90,112 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-04-09 20:32 9,728 --a------ C:\WINDOWS\system32\reset.exe 2007-04-09 20:32 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll 2007-04-09 20:32 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-04-09 20:32 83,456 --a------ C:\WINDOWS\system32\charmap.exe 2007-04-09 20:32 82,432 --a------ C:\WINDOWS\system32\comrepl.dll 2007-04-09 20:32 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-04-09 20:32 72,704 --a------ C:\WINDOWS\system32\winchat.exe 2007-04-09 20:32 717,312 --a------ C:\WINDOWS\system32\mstsc.exe 2007-04-09 20:32 67,072 --a------ C:\WINDOWS\system32\rdshost.exe 2007-04-09 20:32 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2007-04-09 20:32 628,224 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-04-09 20:32 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe 2007-04-09 20:32 62,464 --a------ C:\WINDOWS\system32\colbact.dll 2007-04-09 20:32 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-04-09 20:32 60,416 --a------ C:\WINDOWS\system32\remotepg.dll 2007-04-09 20:32 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-04-09 20:32 59,904 --a------ C:\WINDOWS\system32\sol.exe 2007-04-09 20:32 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-04-09 20:32 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2007-04-09 20:32 58,368 --a------ C:\WINDOWS\system32\freecell.exe 2007-04-09 20:32 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2007-04-09 20:32 542,720 --a------ C:\WINDOWS\system32\spider.exe 2007-04-09 20:32 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2007-04-09 20:32 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-04-09 20:32 501,248 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-04-09 20:32 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-04-09 20:32 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-04-09 20:32 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe 2007-04-09 20:32 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-04-09 20:32 425,472 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-04-09 20:32 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys 2007-04-09 20:32 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll 2007-04-09 20:32 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-04-09 20:32 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-04-09 20:32 360,960 --a------ C:\WINDOWS\system32\mspaint.exe 2007-04-09 20:32 345,088 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-04-09 20:32 33,792 --a------ C:\WINDOWS\system32\regini.exe 2007-04-09 20:32 295,424 --a------ C:\WINDOWS\system32\termsrv.dll 2007-04-09 20:32 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-04-09 20:32 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-04-09 20:32 229,888 --a------ C:\WINDOWS\system32\catsrv.dll 2007-04-09 20:32 227,840 --a------ C:\WINDOWS\system32\avtapi.dll 2007-04-09 20:32 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-04-09 20:32 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys 2007-04-09 20:32 20,992 --a------ C:\WINDOWS\system32\msg.exe 2007-04-09 20:32 20,480 --a------ C:\WINDOWS\system32\qprocess.exe 2007-04-09 20:32 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-04-09 20:32 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys 2007-04-09 20:32 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll 2007-04-09 20:32 186,368 --a------ C:\WINDOWS\system32\accwiz.exe 2007-04-09 20:32 185,344 --a------ C:\WINDOWS\system32\cmprops.dll 2007-04-09 20:32 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-04-09 20:32 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-04-09 20:32 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe 2007-04-09 20:32 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-04-09 20:32 16,384 --a------ C:\WINDOWS\system32\tskill.exe 2007-04-09 20:32 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-04-09 20:32 159,232 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-04-09 20:32 158,720 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-04-09 20:32 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe 2007-04-09 20:32 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-04-09 20:32 15,360 --a------ C:\WINDOWS\system32\logoff.exe 2007-04-09 20:32 147,968 --a------ C:\WINDOWS\system32\rdchost.dll 2007-04-09 20:32 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-04-09 20:32 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe 2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\tscon.exe 2007-04-09 20:32 14,848 --a------ C:\WINDOWS\system32\shadow.exe 2007-04-09 20:32 139,400 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys 2007-04-09 20:32 130,560 --a------ C:\WINDOWS\system32\mshearts.exe 2007-04-09 20:32 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe 2007-04-09 20:32 123,392 --a------ C:\WINDOWS\system32\mplay32.exe 2007-04-09 20:32 122,880 --a------ C:\WINDOWS\system32\winmine.exe 2007-04-09 20:32 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys 2007-04-09 20:32 117,760 --a------ C:\WINDOWS\system32\calc.exe 2007-04-09 20:32 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-04-09 20:32 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-04-09 20:32 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2007-04-09 20:32 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-04-09 20:32 1,251,840 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-04-09 20:32 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-04-09 20:32 <DIR> d-------- C:\WINDOWS\system32\MsDtc 2007-04-09 20:32 <DIR> d-------- C:\WINDOWS\system32\Com 2007-04-09 20:32 <DIR> d-------- C:\Program Files\Windows NT 2007-04-09 20:32 <DIR> d-------- C:\Program Files\MSN Gaming Zone 2007-04-09 20:32 <DIR> d-------- C:\Program Files\Messenger 2007-04-09 18:55 8,192 --a------ C:\WINDOWS\system32\drivers\ibmpmdrv.sys 2007-04-09 18:55 57,344 --a------ C:\WINDOWS\system32\tp4unins.exe 2007-04-09 18:55 53,248 --a------ C:\WINDOWS\system32\ibmpmsvc.exe 2007-04-09 18:55 48,640 --a------ C:\WINDOWS\system32\tp4ui.dll 2007-04-09 18:55 3,943 --a------ C:\WINDOWS\system32\tp4table.dat 2007-04-09 18:55 14,096 --a------ C:\WINDOWS\system32\drivers\tp4track.sys 2007-04-09 18:55 114,176 --a------ C:\WINDOWS\system32\tp4uires.dll 2007-04-09 18:55 110,592 --a------ C:\WINDOWS\system32\tp4serv.exe (((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-04-17 22:12 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys 2007-04-10 04:26 62 --ahs---- C:\DOCUME~1\Aika\APPLIC~1\desktop.ini (((((((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))) *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects] {1557B435-8242-4686-9AA3-9265BF7525A4} C:\WINDOWS\system32\snolyoym.dll [x] {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run] "TrackPointSrv"="tp4serv.exe" "ATIModeChange"="Ati2mdxx.exe" "QCTRAY"="C:\\Program Files\\ThinkPad\\ConnectUtilities\\QCTRAY.EXE" "QCWLICON"="C:\\Program Files\\ThinkPad\\ConnectUtilities\\QCWLICON.EXE" "BMMGAG"="RunDll32 C:\\PROGRA~1\\ThinkPad\\UTILIT~1\\pwrmonit.dll,StartPwrMonitor" "Promon.exe"="Promon.exe" "RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\"" "CoolSwitch"="C:\\WINDOWS\\system32\\taskswitch.exe" "SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_09\\bin\\jusched.exe\"" "VIPv3_Auto_Update"="C:\\WINDOWS\\VIPv3\\CheckForUpdates.exe" "Vistadrv"="C:\\WINDOWS\\VIPv3\\VIPhd\\vsdrv.exe" "AGRSMMSG"="AGRSMMSG.exe" "TPHOTKEY"="C:\\PROGRA~1\\ThinkPad\\PkgMgr\\HOTKEY\\TPHKMGR.exe" "snpstd3"="C:\\WINDOWS\\vsnpstd3.exe" "HP Software Update"="C:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe" "VisualTooltip"="C:\\WINDOWS\\VIPv3\\VIPtooltip\\VisualToolTip.exe" "QuickTime Task"="\"C:\\Program Files\\QuickTime\\qttask.exe\" -atboottime" "Intel system tool"="C:\\WINDOWS\\system32\\svehost.exe" "clcl6"="C:\\WINDOWS\\system32\\clcl6.exe" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run] "Yahoo! Pager"="\"C:\\PROGRA~1\\Yahoo!\\MESSEN~1\\YAHOOM~1.EXE\" -quiet" [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "disablecad"=dword:00000001 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoSaveSettings"=dword:00000000 [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer\run] HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa Authentication Packages REG_MULTI_SZ msv1_0\0\0 Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0 Notification Packages REG_MULTI_SZ scecli\0\0 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost] HTTPFilter REG_MULTI_SZ HTTPFilter\0\0 LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0 NetworkService REG_MULTI_SZ DnsCache\0\0 DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0 rpcss REG_MULTI_SZ RpcSs\0\0 imgsvc REG_MULTI_SZ StiSvc\0\0 termsvcs REG_MULTI_SZ TermService\0\0 hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs* UxTuneUp [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f50b9d0-ee0e-11db-93a8-101111111111}] Shell\AutoRun\command C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe MS32DLL.dll.vbs [HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4f50b9d1-ee0e-11db-93a8-101111111111}] Shell\AutoRun\command G:\USBNB.exe Contents of the 'Scheduled Tasks' folder C:\WINDOWS\tasks\1-Click Maintenance.job C:\WINDOWS\tasks\BMMTask.job ******************************************************************** catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net Rootkit scan 2007-04-23 20:50:15 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden services ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden processes: 0 hidden services: 0 hidden files: 0 ******************************************************************** Completion time: 07-04-23 20:50:18 - machine was rebooted C:\ComboFix-quarantined-files.txt ... 07-04-23 20:50 |
|
|
|
|
Apr 23 2007, 09:21 AM
Post
#5
|
|
|
New Member Group: Members Posts: 7 Joined: 22-April 07 Member No.: 126,268 |
by the way, i changed my security from AVG7 to Pccillin2007, and awhile ago when i scanned my computer it disinfected 100 files if im not mistaken, but still my computer freezes its windows
|
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
| Lo-Fi Version | Time is now: 8th November 2009 - 04:32 AM |
© 2003-2009 All Rights Reserved Bleeping Computer LLC.