Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Popups From Jack9, Exitexchange, And Cpvfeed.com


  • Please log in to reply
29 replies to this topic

#1 MrSly

MrSly

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 29 April 2007 - 04:01 PM

I've never really had problems with popups until recently. I just switched to ZoneAlarm for Anti-virus and Spyware a week ago, now having issues. Happens if I'm in IE7 (not my idea) or Firefox2. Anyway, here's my HiJackThis log, any help would be GREATLY appreciated!!

Oh, and BitDefender is the only online scanner I could get to work correctly. The other two kept hanging before scanning...

Thank you,
Mr. Sly

Logfile of HijackThis v1.99.1
Scan saved at 3:54:20 PM, on 4/29/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ZoneLabs\avsys\ScanningProcess.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Google\Google Updater\GoogleUpdater.exe
C:\Program Files\ePrompter\ePrompter.exe
C:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HiJackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - Startup: ePrompter.lnk = C:\Program Files\ePrompter\ePrompter.exe
O4 - Global Startup: Google Updater.lnk = C:\Program Files\Google\Google Updater\GoogleUpdater.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

BC AdBot (Login to Remove)

 


#2 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 04 May 2007 - 09:51 AM

Howdy MrSly,


No infection showing here. Really sounds like your issues are all ZA related. You ARE getting popups after installing ZA? Cookies notifications, or attempted access firewall alerts, or actual advertising popups like many experience when infected? The same would go for online scanners not working - especially if you have the firewall settings too restrictive.
Ad eundum quo no duck ante iit

#3 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 04 May 2007 - 09:55 AM

Hmm - I am newish to assisting at this forum so am not used to seeing thread titles as posted, so I see after posting just now your popup descriptions in the title. Given that info we best take a different look at things as well.


Go Here and download Silent Runners to your desktop. Run it, and post back here the log it creates. If your AV queries the script, allow it to run. It's not malicious. It will create a file named Startup Programs, and will notify when the scan is complete. Copy the log from the Startup Programs file back here.
Ad eundum quo no duck ante iit

#4 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 11:13 AM

Thanks for the help Jintan!! I'm really stumped on this one.

BTW, I told ZA to KILL IE if it starts... only way I could get anything done online. And like I said, this is the first time I've ever used ZA. I MAY have it set up too restrictive...

Anyway, here's the log you asked for (I ran the Extreme version, just in case):

"Silent Runners.vbs", revision R50, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCU\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"ctfmon.exe" = "C:\WINDOWS\system32\ctfmon.exe" [MS]
"swg" = "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" ["Google Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\ {++}
"NVMixerTray" = ""C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"" ["NVIDIA Corporation"]
"ZoneAlarm Client" = ""C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"" ["Zone Labs, LLC"]
"NeroFilterCheck" = "C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe" ["Nero AG"]
"SunJavaUpdateSched" = ""C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"" ["Sun Microsystems, Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Adobe PDF Reader Link Helper"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll" ["Adobe Systems Incorporated"]
{53707962-6F74-2D53-2644-206D7942484F}\(Default) = (no title provided)
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll" ["Safer Networking Limited"]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\(Default) = (no title provided)
-> {HKLM...CLSID} = "SSVHelper Class"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Helper"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\(Default) = (no title provided)
-> {HKLM...CLSID} = "Google Toolbar Notifier BHO"
\InProcServer32\(Default) = "C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll" ["Google Inc."]

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Display Panning CPL Extension"
-> {HKLM...CLSID} = "Display Panning CPL Extension"
\InProcServer32\(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "HyperTerminal Icon Ext"
-> {HKLM...CLSID} = "HyperTerminal Icon Ext"
\InProcServer32\(Default) = "C:\WINDOWS\system32\hticons.dll" ["Hilgraeve, Inc."]
"{EFA24E62-B078-11d0-89E4-00C04FC9E26E}" = "History Band"
-> {HKLM...CLSID} = "History Band"
\InProcServer32\(Default) = "C:\WINDOWS\system32\shdocvw.dll" [MS]
"{5E2121EE-0300-11D4-8D3B-444553540000}" = "Catalyst Context Menu extension"
-> {HKLM...CLSID} = "SimpleShlExt Class"
\InProcServer32\(Default) = "C:\Program Files\ATI Technologies\ATI.ACE\atiacmxx.dll" [empty string]
"{B41DB860-8EE4-11D2-9906-E49FADC173CA}" = "WinRAR shell extension"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
"{D9872D13-7651-4471-9EEE-F0A00218BEBB}" = "Multiscan"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]
"{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}" = "Directory Opus Shell Execute Hook"
-> {HKLM...CLSID} = "Directory Opus Shell Execute Hook"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]
"{E9FE4040-3C93-11D4-8006-00201860E88A}" = "Directory Opus Context Menu"
-> {HKLM...CLSID} = "Directory Opus Context Menu"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]
"{B9DD4945-1BED-4CB7-994C-F40B72B7725A}" = "Directory Opus Desktop Context Menu"
-> {HKLM...CLSID} = "Directory Opus Desktop Context Menu"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]
"{42BEF283-A10E-472D-B105-9F2B59AFBFC8}" = "Directory Opus Find Extension"
-> {HKLM...CLSID} = "Directory Opus Find Extension"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]
"{2DF394BA-1955-4A52-900E-303836135F67}" = "Directory Opus Info Tip Handler"
-> {HKLM...CLSID} = "Directory Opus Info Tip Handler"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]
"{BBD5F00E-26A6-4FB2-BAE1-31543C0BEA47}" = "Directory Opus Icon Handler"
-> {HKLM...CLSID} = "Directory Opus Icon Handler"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]
"{F85D7E1E-9662-4B38-B1AE-3CF1E9581A3C}" = "Directory Opus Drop Target"
-> {HKLM...CLSID} = "Directory Opus Drop Target"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]
"{00020D75-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Desktop Icon Handler"
-> {HKLM...CLSID} = "Microsoft Office Outlook"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\OFFICE11\MLSHEXT.DLL" [MS]
"{0006F045-0000-0000-C000-000000000046}" = "Microsoft Office Outlook Custom Icon Handler"
-> {HKLM...CLSID} = "Outlook File Icon Extension"
\InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\OFFICE11\OLKFSTUB.DLL" [MS]
"{42042206-2D85-11D3-8CFF-005004838597}" = "Microsoft Office HTML Icon Handler"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Microsoft Office\OFFICE11\msohev.dll" [MS]
"{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2}" = "NeroCoverEd Live Icons"
-> {HKLM...CLSID} = "NeroCoverEdLiveIcons Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll" ["Nero AG"]
"{B327765E-D724-4347-8B16-78AE18552FC3}" = "NeroDigitalIconHandler"
-> {HKLM...CLSID} = "NeroDigitalIconHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{7F1CF152-04F8-453A-B34C-E609530A9DC8}" = "NeroDigitalPropSheetHandler"
-> {HKLM...CLSID} = "NeroDigitalPropSheetHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
"{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}" = "TuneUp Shredder Shell Extension"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
"{44440D00-FF19-4AFC-B765-9A0970567D97}" = "TuneUp Theme Extension"
-> {HKLM...CLSID} = "TuneUp Theme Extension"
\InProcServer32\(Default) = "C:\WINDOWS\system32\uxtuneup.dll" ["TuneUp Software GmbH"]

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\
<<!>> "{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}" = (no title provided)
-> {HKLM...CLSID} = "Directory Opus Shell Execute Hook"
\InProcServer32\(Default) = "C:\Program Files\Directory Opus\dopuslib.dll" ["GP Software"]

HKLM\Software\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\
"WPDShServiceObj" = "{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"
-> {HKLM...CLSID} = "WPDShServiceObj Class"
\InProcServer32\(Default) = "C:\WINDOWS\system32\wpdshserviceobj.dll" [MS]

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\
<<!>> AtiExtEvent\DLLName = "Ati2evxx.dll" ["ATI Technologies Inc."]

HKLM\Software\Classes\PROTOCOLS\Filter\
<<!>> text/xml\CLSID = "{807553E5-5146-11D5-A672-00B0D022E945}"
-> {HKLM...CLSID} = (no title provided)
\InProcServer32\(Default) = "C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL" [MS]

HKLM\Software\Classes\Folder\shellex\ColumnHandlers\
{7D4D6379-F301-4311-BEBA-E26EB0561882}\(Default) = "NeroDigitalExt.NeroDigitalColumnHandler"
-> {HKLM...CLSID} = "NeroDigitalColumnHandler Class"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Ahead\Lib\NeroDigitalExt.dll" ["Nero AG"]
{F9DB5320-233E-11D1-9F84-707F02C10627}\(Default) = "PDF Column Info"
-> {HKLM...CLSID} = "PDF Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\PDFShell.dll" ["Adobe Systems, Inc."]

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\
Cover Designer\(Default) = "{73FCA462-9BD5-4065-A73F-A8E5F6904EF7}"
-> {HKLM...CLSID} = "NeroCoverEdContextMenu Class"
\InProcServer32\(Default) = "C:\Program Files\Nero\Nero 7\Nero CoverDesigner\CoverEdExtension.dll" ["Nero AG"]
TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\
TuneUp Shredder Shell Extension\(Default) = "{4858E7D9-8E12-45a3-B6A3-1CD128C9D403}"
-> {HKLM...CLSID} = "TuneUp Shredder Shell Extension"
\InProcServer32\(Default) = "C:\Program Files\TuneUp Utilities 2007\SDShelEx-win32.dll" ["TuneUp Software GmbH"]
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\
WinRAR\(Default) = "{B41DB860-8EE4-11D2-9906-E49FADC173CA}"
-> {HKLM...CLSID} = "WinRAR"
\InProcServer32\(Default) = "C:\Program Files\WinRAR\rarext.dll" [null data]
ZLAVShExt\(Default) = "{D9872D13-7651-4471-9EEE-F0A00218BEBB}"
-> {HKLM...CLSID} = "ZLAVShExt Class"
\InProcServer32\(Default) = "C:\Program Files\Zone Labs\ZoneAlarm\zlavscan.dll" ["Zone Labs, LLC"]


Group Policies {GPedit.msc branch and setting}:
-----------------------------------------------

Note: detected settings may not have any effect.

HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System\

"shutdownwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Shutdown: Allow system to be shut down without having to log on}

"undockwithoutlogon" = (REG_DWORD) hex:0x00000001
{Computer Configuration|Windows Settings|Security Settings|Local Policies|Security Options|
Devices: Allow undock without having to log on}


Active Desktop and Wallpaper:
-----------------------------

Active Desktop may be disabled at this entry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState

Displayed if Active Desktop enabled and wallpaper not set by Group Policy:
HKCU\Software\Microsoft\Internet Explorer\Desktop\General\
"Wallpaper" = "C:\WINDOWS\system32\config\systemprofile\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"

Displayed if Active Desktop disabled and wallpaper not set by Group Policy:
HKCU\Control Panel\Desktop\
"Wallpaper" = "C:\Documents and Settings\Jon\Local Settings\Application Data\Microsoft\Wallpaper1.bmp"


Enabled Screen Saver:
---------------------

HKCU\Control Panel\Desktop\
"SCRNSAVE.EXE" = "C:\WINDOWS\system32\3PLANE~1.SCR" (3Planesoft_Screensaver_Manager.scr) ["3Planesoft"]


Startup items in "Jon" & "All Users" startup folders:
-----------------------------------------------------

C:\Documents and Settings\Jon\Start Menu\Programs\Startup
"ePrompter" -> shortcut to: "C:\Program Files\ePrompter\ePrompter.exe" ["Tiburon Technology, Inc."]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
"Google Updater" -> shortcut to: "C:\Program Files\Google\Google Updater\GoogleUpdater.exe -systray -startup" ["Google"]


Enabled Scheduled Tasks:
------------------------

"1-Click Maintenance" -> launches: "C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe /schedulestart" ["TuneUp Software GmbH"]


Winsock2 Service Provider DLLs:
-------------------------------

Namespace Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++}
000000000001\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]
000000000002\LibraryPath = "%SystemRoot%\System32\winrnr.dll" [MS]
000000000003\LibraryPath = "%SystemRoot%\System32\mswsock.dll" [MS]

Transport Service Providers

HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++}
0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range:
%SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 11
%SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05


Toolbars, Explorer Bars, Extensions:
------------------------------------

Toolbars

HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}"
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

HKLM\Software\Microsoft\Internet Explorer\Toolbar\
"{2318C2B1-4965-11D4-9B18-009027A5CD4F}" = (no title provided)
-> {HKLM...CLSID} = "&Google"
\InProcServer32\(Default) = "c:\program files\google\googletoolbar1.dll" ["Google Inc."]

Explorer Bars

HKLM\Software\Microsoft\Internet Explorer\Explorer Bars\

HKLM\Software\Classes\CLSID\{FF059E31-CC5A-4E2E-BF3B-96E929D65503}\(Default) = "&Research"
Implemented Categories\{00021493-0000-0000-C000-000000000046}\ [vertical bar]
InProcServer32\(Default) = "C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL" [MS]

Extensions (Tools menu items, main toolbar menu buttons)

HKLM\Software\Microsoft\Internet Explorer\Extensions\
{08B0E5C0-4FCB-11CF-AAA5-00401C608501}\
"MenuText" = "Sun Java Console"
"CLSIDExtension" = "{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}"
-> {HKCU...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll" ["Sun Microsystems, Inc."]
-> {HKLM...CLSID} = "Java Plug-in 1.6.0_01"
\InProcServer32\(Default) = "C:\Program Files\Java\jre1.6.0_01\bin\npjpi160_01.dll" ["Sun Microsystems, Inc."]

{85D1F590-48F4-11D9-9669-0800200C9A66}\
"MenuText" = "Uninstall BitDefender Online Scanner v8"
"Exec" = "%windir%\bdoscandel.exe" [null data]

{92780B25-18CC-41C8-B9BE-3C9C571A8263}\
"ButtonText" = "Research"

{E2E2DD38-D088-4134-82B7-F2BA38496583}\
"MenuText" = "@xpsp3res.dll,-20001"
"Exec" = "%windir%\Network Diagnostic\xpnetdiag.exe" [MS]

{FB5F1910-F110-11D2-BB9E-00C04F795683}\
"ButtonText" = "Messenger"
"MenuText" = "Windows Messenger"
"Exec" = "C:\Program Files\Messenger\msmsgs.exe" [MS]


Miscellaneous IE Hijack Points
------------------------------

HKLM\Software\Microsoft\Internet Explorer\AboutURLs\
<<H>> "TuneUp" = "file://C|/Documents and Settings/All Users/Application Data/TuneUp Software/Common/base.css" [file not found]


Running Services (Display Name, Service Name, Path {Service DLL}):
------------------------------------------------------------------

Ati HotKey Poller, Ati HotKey Poller, "C:\WINDOWS\system32\Ati2evxx.exe" ["ATI Technologies Inc."]
Google Updater Service, gusvc, ""C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"" ["Google"]
TrueVector Internet Monitor, vsmon, "C:\WINDOWS\system32\ZoneLabs\vsmon.exe -service" ["Zone Labs, LLC"]
TuneUp Design Expansion, UxTuneUp, "C:\WINDOWS\System32\svchost.exe -k netsvcs" {"C:\WINDOWS\System32\uxtuneup.dll" ["TuneUp Software GmbH"]}


Print Monitors:
---------------

HKLM\System\CurrentControlSet\Control\Print\Monitors\
Microsoft Document Imaging Writer Monitor\Driver = "mdimon.dll" [MS]
PrimoMon\Driver = "Primomonnt.dll" [null data]


----------
<<!>>: Suspicious data at a malware launch point.
<<H>>: Suspicious data at a browser hijack point.

+ This report excludes default entries except where indicated.
+ To see *everywhere* the script checks and *everything* it finds,
launch it from a command prompt or a shortcut with the -all parameter.
+ The search for DESKTOP.INI DLL launch points on all local fixed drives
took 222 seconds.
---------- (total run time: 260 seconds)

#5 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 04 May 2007 - 11:36 AM

You are sure describing a possible Vundo infection, but there sure isn't any indication in the logs so far.


Download ComboFix.exe from here to your desktop, and click the downloaded file to run the repair.

When the command window opens, select 1 (and Enter). Allow the scan to run. When completed a text window will appear - please copy/paste the contents back here. This log can also be found at C:\ComboFix.txt.

A caution - do not touch your mouse/keyboard until the scan has completed. The scan will temporarily disable your desktop, and if interrupted may leave your desktop disabled. If this occurs, please reboot to restore the desktop.
Ad eundum quo no duck ante iit

#6 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 11:38 AM

I just found in another forum that said the CPVFEED.COM garbage is coming from C:\WINDOWS\system32\drivers\core.sys

which is on my computer, and has a date of when these popups started happening...

I won't do anything until I hear from you, but I thought I'd mention it.

The URL is here:

http://www.pchell.com/support/poweredbyzedo.shtml

Edited by MrSly, 04 May 2007 - 11:48 AM.


#7 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 02:56 PM

Hey, looks like it found the culprit!! Awesome program! Here's the log you requested:

"Jon" - 07-05-04 14:08:16 Service Pack 2
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\Jon\Desktop\"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\drivers\core.sys


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\core
-------\LEGACY_CORE


((((((((((((((((((((((((((((((( Files Created from 2007-04-04 to 2007-05-04 ))))))))))))))))))))))))))))))))))


2007-05-03 14:16 <DIR> d-------- C:\Program Files\Trillian
2007-04-29 15:00 759,808 --a------ C:\WINDOWS\system32\Clock_Tower_3D_Screensaver.scr
2007-04-29 15:00 14,316,032 --a------ C:\WINDOWS\system32\Clock Tower 3D Screensaver.exe
2007-04-29 14:56 768,512 --a------ C:\WINDOWS\system32\Earth_3D_Screensaver.scr
2007-04-29 14:56 13,243,392 --a------ C:\WINDOWS\system32\Earth 3D Screensaver.exe
2007-04-29 14:52 772,608 --a------ C:\WINDOWS\system32\Coral_Clock_3D_Screensaver.scr
2007-04-29 14:52 10,982,912 --a------ C:\WINDOWS\system32\Coral Clock 3D Screensaver.exe
2007-04-29 00:42 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-28 13:39 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-04-28 13:28 <DIR> d-------- C:\DOCUME~1\Jon\.housecall6.6
2007-04-28 13:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-27 23:35 <DIR> d-------- C:\Program Files\Google
2007-04-27 23:35 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Google
2007-04-27 23:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-04-27 23:24 1,481,198 --a------ C:\WINDOWS\Lewd Leprechauns Full.scr
2007-04-27 09:10 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-27 00:32 290,816 --a------ C:\WINDOWS\Living 3D Dolphins Full.scr
2007-04-27 00:32 <DIR> d-------- C:\Program Files\ScreenSaver.com
2007-04-26 23:47 2,226,176 --a------ C:\WINDOWS\system32\3D Solar System.scr
2007-04-26 23:24 1 --a------ C:\WINDOWS\system32\sav80231.sys
2007-04-26 16:16 131,072 --a------ C:\WINDOWS\SNVerifyDLL.dll
2007-04-26 16:16 1,032,192 --a------ C:\WINDOWS\AquaReal.scr
2007-04-26 16:09 1 --a------ C:\WINDOWS\system32\sav87312.sys
2007-04-26 16:07 85,960 --a------ C:\WINDOWS\system32\update.exe
2007-04-26 16:07 5,570,560 --a------ C:\WINDOWS\system32\3D Galaxy Journey.scr
2007-04-26 16:07 291,776 --a------ C:\WINDOWS\system32\DealioKit97-stub-0.exe
2007-04-26 15:58 8,773,632 --a------ C:\WINDOWS\system32\Japanese Garden 3D Screensaver.scr
2007-04-26 15:58 528,384 --a------ C:\WINDOWS\system32\Astro Gemini Screensaver Manager.scr
2007-04-26 15:58 <DIR> d-------- C:\Program Files\Astro Gemini Software
2007-04-26 15:32 4,563,968 --a------ C:\WINDOWS\system32\Ocean.scr
2007-04-26 15:12 883,200 --a------ C:\WINDOWS\system32\Lagoon_3D_Screensaver.scr
2007-04-26 15:12 10,638,336 --a------ C:\WINDOWS\system32\Lagoon 3D Screensaver.exe
2007-04-26 14:50 1,175,700 --a------ C:\WINDOWS\system32\RainySs.scr
2007-04-26 14:43 8,358,400 --a------ C:\WINDOWS\system32\Ice Clock 3D Screensaver.exe
2007-04-26 14:43 740,352 --a------ C:\WINDOWS\system32\Ice_Clock_3D_Screensaver.scr
2007-04-26 14:43 409,600 --a------ C:\WINDOWS\system32\3Planesoft_Screensaver_Manager.scr
2007-04-26 14:43 <DIR> d-------- C:\WINDOWS\system32\3Planesoft
2007-04-26 14:43 <DIR> d-------- C:\Screensavers
2007-04-26 14:43 <DIR> d-------- C:\Program Files\3Planesoft Screensaver Manager
2007-04-24 23:20 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
2007-04-24 23:18 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-04-24 23:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-04-24 23:13 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-04-24 16:35 <DIR> d--h----- C:\WINDOWS\Icons
2007-04-23 17:17 2,277,376 --a------ C:\WINDOWS\system32\TUKernel.exe
2007-04-23 17:06 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-23 17:06 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2007-04-23 17:06 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\TuneUp Software
2007-04-23 17:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-23 17:05 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-04-23 16:37 <DIR> d-------- C:\Program Files\Ad-Aware SE Personal
2007-04-23 16:37 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Lavasoft
2007-04-23 16:33 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2007-04-23 16:33 <DIR> d-------- C:\WINDOWS\PrimoPDF
2007-04-23 16:33 <DIR> d-------- C:\Program Files\PrimoPDF
2007-04-23 16:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-04-23 16:18 <DIR> d-------- C:\Program Files\uTorrent
2007-04-23 16:18 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\uTorrent
2007-04-23 16:11 <DIR> d-------- C:\WINDOWS\Magic Ball 3
2007-04-23 16:02 <DIR> d--hs---- C:\RECYCLER
2007-04-23 15:44 <DIR> d-------- C:\Games
2007-04-23 15:37 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-04-23 15:26 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-04-23 15:13 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Ahead
2007-04-23 15:12 <DIR> d-------- C:\Program Files\Nero
2007-04-23 15:12 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-04-23 15:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-04-23 15:01 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2007-04-23 15:00 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-04-23 14:59 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-04-23 14:59 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-04-23 14:49 <DIR> d-------- C:\WINDOWS\system32\inf32
2007-04-23 14:49 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\GPSoftware
2007-04-23 14:48 1,044,480 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2007-04-23 14:48 <DIR> d-------- C:\Program Files\Directory Opus
2007-04-23 14:40 1,395 --a------ C:\WINDOWS\mozver.dat
2007-04-23 14:39 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-23 14:37 <DIR> d-------- C:\Program Files\ePrompter
2007-04-23 14:32 <DIR> d-------- C:\Program Files\LTFViewer
2007-04-23 14:24 512 --a------ C:\ScanSectorLog.dat
2007-04-23 14:21 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\MailFrontier
2007-04-23 14:15 11,983,136 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-04-23 14:15 1,512,480 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-04-23 14:13 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-04-23 14:12 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-04-23 14:12 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-04-23 14:12 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-04-23 14:12 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-04-23 14:12 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-04-20 12:22 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-20 12:22 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-20 12:22 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-20 12:22 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-20 12:22 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-20 12:22 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-20 12:22 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-20 12:22 466,944 --a------ C:\WINDOWS\system32\CapabilityTable.exe
2007-04-20 12:22 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-20 12:22 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-20 12:22 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-20 12:22 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-20 12:22 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2007-04-20 12:22 <DIR> d-------- C:\Program Files\Common Files\NVIDIA Shared
2007-04-20 12:21 937,984 -ra------ C:\WINDOWS\system32\drivers\nvmcp.sys
2007-04-20 12:21 93,568 -ra------ C:\WINDOWS\system32\drivers\nvata.sys
2007-04-20 12:21 7,680 -ra------ C:\WINDOWS\system32\nvack.dll
2007-04-20 12:21 66,688 -ra------ C:\WINDOWS\system32\drivers\nvarm.sys
2007-04-20 12:21 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-20 12:21 54,272 -ra------ C:\WINDOWS\system32\nvopenal.dll
2007-04-20 12:21 53,376 -ra------ C:\WINDOWS\system32\drivers\nvax.sys
2007-04-20 12:21 5,120 -ra------ C:\WINDOWS\system32\ALut.dll
2007-04-20 12:21 414,464 -ra------ C:\WINDOWS\system32\drivers\nvapu.sys
2007-04-20 12:21 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-20 12:21 33,280 -ra------ C:\WINDOWS\system32\NVCOI.DLL
2007-04-20 12:21 32,256 -ra------ C:\WINDOWS\system32\NVCOAD.DLL
2007-04-20 12:21 30,208 -ra------ C:\WINDOWS\system32\nvasio.dll
2007-04-20 12:21 289,792 -ra------ C:\WINDOWS\system32\idecoins.dll
2007-04-20 12:21 289,792 -ra------ C:\WINDOWS\system32\idecoi.dll
2007-04-20 12:21 21,504 -ra------ C:\WINDOWS\system32\OpenAL32.dll
2007-04-20 12:21 176,128 --a------ C:\WINDOWS\system32\nvuaudio.exe
2007-04-20 12:21 176,128 --------- C:\WINDOWS\system32\nvuide.exe
2007-04-20 12:21 146,048 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-20 12:21 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-20 12:20 612 -ra------ C:\WINDOWS\system32\drivers\nvphy.bin
2007-04-20 12:20 35,840 -ra------ C:\WINDOWS\system32\nvconrm.dll
2007-04-20 12:20 34,944 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2007-04-20 12:20 309,376 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2007-04-20 12:20 222,720 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2007-04-20 12:20 208,896 -ra------ C:\WINDOWS\system32\nvusmb.exe
2007-04-20 12:20 208,896 -ra------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-20 12:20 208,896 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-20 12:20 200,704 -ra------ C:\WINDOWS\system32\fdco1ins.dll
2007-04-20 12:20 200,704 -ra------ C:\WINDOWS\system32\fdco1.dll
2007-04-20 12:20 13,184 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2007-04-20 12:20 102,144 -ra------ C:\WINDOWS\system32\drivers\nvtcp.sys
2007-04-20 12:20 10,752 -ra------ C:\WINDOWS\system32\bdco1ins.dll
2007-04-20 12:20 10,752 -ra------ C:\WINDOWS\system32\bdco1.dll
2007-04-20 12:20 <DIR> d-------- C:\WINDOWS\NV9922332.TMP
2007-04-20 12:19 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-20 12:19 <DIR> d-------- C:\Program Files\Driver
2007-04-20 12:18 13,696 -ra------ C:\WINDOWS\system32\drivers\BIOS.sys
2007-04-20 09:12 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-04-20 08:46 <DIR> d-------- C:\Program Files\Microsoft Games
2007-04-20 08:44 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\ATI
2007-04-20 08:40 <DIR> d-------- C:\Program Files\Common Files\ATI Technologies
2007-04-20 08:37 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-04-20 08:37 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2007-04-20 08:37 3,107,788 -ra------ C:\WINDOWS\system32\ativvaxx.dat
2007-04-20 08:37 142,347 -ra------ C:\WINDOWS\system32\atiicdxx.dat
2007-04-20 08:36 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-20 08:36 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-20 08:36 <DIR> d-------- C:\Program Files\ATI Technologies
2007-04-20 08:33 2,097,152 --ah----- C:\DOCUME~1\Jon\NTUSER.DAT
2007-04-20 08:32 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-04-20 08:32 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-20 07:59 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-04-20 07:56 233,472 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-04-20 07:56 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-20 07:56 0 -rahs---- C:\MSDOS.SYS
2007-04-20 07:56 0 -rahs---- C:\IO.SYS
2007-04-20 07:56 0 --a------ C:\CONFIG.SYS
2007-04-20 07:56 0 --a------ C:\AUTOEXEC.BAT
2007-04-20 07:56 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-20 07:56 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-20 07:55 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-04-20 07:55 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-04-20 07:55 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-20 07:54 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-20 07:54 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-20 07:54 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-20 07:54 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-20 07:54 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-20 07:54 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-20 07:54 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-20 07:54 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-20 07:54 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-20 07:54 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-20 07:54 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-20 07:54 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-20 07:54 465,368 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-20 07:54 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-20 07:54 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-20 07:54 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-20 07:54 41,432 --a------ C:\WINDOWS\system32\wups.dll
2007-04-20 07:54 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-20 07:54 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-20 07:54 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-20 07:54 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-20 07:54 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-20 07:54 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-20 07:54 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-20 07:54 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-20 07:54 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-20 07:54 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-20 07:54 23,040 --a------ C:\WINDOWS\system32\fltMc.exe
2007-04-20 07:54 194,520 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-20 07:54 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-20 07:54 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-20 07:54 18,392 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-20 07:54 174,040 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-20 07:54 172,504 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-20 07:54 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-20 07:54 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-20 07:54 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-20 07:54 128,768 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-04-20 07:54 127,448 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-20 07:54 124,376 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-20 07:54 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-20 07:54 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-20 07:54 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-20 07:54 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-20 07:54 1,353,688 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-20 07:54 <DIR> d---s---- C:\WINDOWS\Tasks
2007-04-20 07:54 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-20 07:54 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-20 07:54 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-20 07:54 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-20 07:53 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-04-20 07:53 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-20 07:53 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-04-20 07:53 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-20 07:53 <DIR> d-------- C:\WINDOWS\Registration
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Online Services
2007-04-20 07:53 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Messenger
2007-04-20 07:52 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-20 07:52 956,928 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-20 07:52 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-20 07:52 91,648 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-20 07:52 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-20 07:52 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-20 07:52 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-20 07:52 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-20 07:52 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-20 07:52 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-20 07:52 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-20 07:52 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-20 07:52 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-20 07:52 600,576 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-20 07:52 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-20 07:52 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-20 07:52 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-20 07:52 59,392 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-20 07:52 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-20 07:52 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-20 07:52 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-20 07:52 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-20 07:52 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-20 07:52 539,648 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-20 07:52 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-20 07:52 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-20 07:52 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-20 07:52 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-20 07:52 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-20 07:52 427,520 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-20 07:52 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-20 07:52 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-20 07:52 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-20 07:52 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-20 07:52 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-20 07:52 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-20 07:52 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-20 07:52 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-20 07:52 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-20 07:52 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-20 07:52 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-20 07:52 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-20 07:52 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-20 07:52 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-20 07:52 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-20 07:52 20,992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-20 07:52 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-20 07:52 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-20 07:52 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-20 07:52 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-20 07:52 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-20 07:52 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-20 07:52 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-20 07:52 161,792 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-20 07:52 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-20 07:52 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-20 07:52 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-20 07:52 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-20 07:52 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-20 07:52 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-20 07:52 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-20 07:52 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-20 07:52 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-20 07:52 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-20 07:52 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-20 07:52 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-20 07:52 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-20 07:52 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-20 07:52 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-20 07:52 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-20 07:52 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-20 07:52 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-20 07:52 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-20 07:52 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-20 07:52 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-20 07:52 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-20 07:52 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-20 07:52 1,866,240 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-20 07:52 1,269,248 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-20 07:52 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-20 07:52 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-20 07:52 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-20 07:52 <DIR> d-------- C:\Program Files\Windows NT
2007-04-19 18:41 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-19 18:41 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-19 18:40 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-19 18:39 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-19 18:39 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-04-19 18:39 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-19 18:39 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-19 18:39 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-19 18:39 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-19 18:39 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-19 18:39 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-04-19 18:39 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-19 18:39 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-04-19 18:39 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-19 18:39 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-19 18:39 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-19 18:39 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-19 18:39 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-19 18:39 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-19 18:39 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-19 18:39 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-19 18:39 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-19 18:39 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-19 18:39 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-19 18:39 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-19 18:39 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-19 18:39 <DIR> dr------- C:\Program Files
2007-04-19 18:39 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2007-04-19 18:39 <DIR> d--hs---- C:\WINDOWS\Installer
2007-04-19 18:39 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-19 18:39 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-19 18:38 <DIR> d--hs---- C:\System Volume Information
2007-04-19 18:38 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-19 18:38 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-19 18:38 <DIR> d-------- C:\Documents and Settings
2007-04-19 18:34 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-04-19 18:34 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-04-19 18:34 <DIR> dr------- C:\WINDOWS\Web
2007-04-19 18:34 <DIR> d--h----- C:\WINDOWS\inf
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\security
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Resources
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\repair
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Provisioning
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\PeerNet
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\pchealth
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Network Diagnostic
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\mui
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\msapps
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\msagent
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Media
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\l2schemas
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\ime
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Help
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\ehome
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Debug
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Config
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\addins
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-19 18:39 62 --ahs---- C:\DOCUME~1\Jon\APPLIC~1\desktop.ini
2007-03-21 05:18 86073 --a------ C:\WINDOWS\system32\usrfaxa.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\tsbyuv.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\streamci.dll
2007-03-21 05:18 80128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2007-03-21 05:18 77891 --a------ C:\WINDOWS\system32\usrmlnka.exe
2007-03-21 05:18 77890 --a------ C:\WINDOWS\system32\usrdpa.dll
2007-03-21 05:18 77883 --a------ C:\WINDOWS\system32\usrrtosa.dll
2007-03-21 05:18 72192 --a------ C:\WINDOWS\system32\sprio800.dll
2007-03-21 05:18 70656 --a------ C:\WINDOWS\system32\sprio600.dll
2007-03-21 05:18 69700 --a------ C:\WINDOWS\system32\usrshuta.exe
2007-03-21 05:18 69699 --a------ C:\WINDOWS\system32\usrcoina.dll
2007-03-21 05:18 69632 --a------ C:\WINDOWS\system32\spnike.dll
2007-03-21 05:18 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2007-03-21 05:18 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2007-03-21 05:18 61508 --a------ C:\WINDOWS\system32\usrprbda.exe
2007-03-21 05:18 61500 --a------ C:\WINDOWS\system32\usrcntra.dll
2007-03-21 05:18 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2007-03-21 05:18 58112 --a------ C:\WINDOWS\system32\drivers\vdmindvd.sys
2007-03-21 05:18 55296 --a------ C:\WINDOWS\system32\dvdplay.exe
2007-03-21 05:18 53305 --a------ C:\WINDOWS\system32\usrlbva.dll
2007-03-21 05:18 52736 --a------ C:\WINDOWS\system32\wzcsapi.dll
2007-03-21 05:18 52224 --a------ C:\WINDOWS\system32\dmutil.dll
2007-03-21 05:18 51712 --a------ C:\WINDOWS\system32\drivers\tosdvd.sys
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrvpa.dll
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrsdpia.dll
2007-03-21 05:18 49209 --a------ C:\WINDOWS\system32\usrv80a.dll
2007-03-21 05:18 476160 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-03-21 05:18 47616 --a------ C:\WINDOWS\system32\iyuv_32.dll
2007-03-21 05:18 47104 --a------ C:\WINDOWS\system32\cnbjmon.dll
2007-03-21 05:18 45116 --a------ C:\WINDOWS\system32\usrvoica.dll
2007-03-21 05:18 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2007-03-21 05:18 42496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2007-03-21 05:18 41019 --a------ C:\WINDOWS\system32\usrsvpia.dll
2007-03-21 05:18 37376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2007-03-21 05:18 36992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2007-03-21 05:18 36480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2007-03-21 05:18 35456 --a------ C:\WINDOWS\system32\drivers\processr.sys
2007-03-21 05:18 35328 --a------ C:\WINDOWS\system32\pid.dll
2007-03-21 05:18 323641 --a------ C:\WINDOWS\system32\usrdtea.dll
2007-03-21 05:18 3200 --a------ C:\WINDOWS\system32\wowfax.dll
2007-03-21 05:18 30080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2007-03-21 05:18 262528 --a------ C:\WINDOWS\system32\drivers\cinemst2.sys
2007-03-21 05:18 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2007-03-21 05:18 23936 --a------ C:\WINDOWS\system32\drivers\usbcamd2.sys
2007-03-21 05:18 23808 --a------ C:\WINDOWS\system32\drivers\usbcamd.sys
2007-03-21 05:18 23040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2007-03-21 05:18 21376 --a------ C:\WINDOWS\system32\drivers\tsbvcap.sys
2007-03-21 05:18 20992 --a------ C:\WINDOWS\system32\hid.dll
2007-03-21 05:18 18688 --a------ C:\WINDOWS\system32\drivers\cdaudio.sys
2007-03-21 05:18 17408 --a------ C:\WINDOWS\system32\msyuv.dll
2007-03-21 05:18 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2007-03-21 05:18 157696 --a------ C:\WINDOWS\system32\paqsp.dll
2007-03-21 05:18 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2007-03-21 05:18 15360 --a------ C:\WINDOWS\system32\pjlmon.dll
2007-03-21 05:18 147968 --a------ C:\WINDOWS\system32\mdwmdmsp.dll
2007-03-21 05:18 14592 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2007-03-21 05:18 13824 --a------ C:\WINDOWS\system32\wowfaxui.dll
2007-03-21 05:18 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2007-03-21 05:18 12160 --a------ C:\WINDOWS\system32\drivers\fsvga.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\riodrv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\rio8drv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\nikedrv.sys
2007-03-21 05:18 11776 --a------ C:\WINDOWS\system32\drivers\cpqdap01.sys
2007-03-21 05:18 102457 --a------ C:\WINDOWS\system32\usrv42a.dll
2007-03-21 05:12 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2007-03-21 05:12 95344 --a------ C:\WINDOWS\system32\wudfcoinstaller.dll
2007-03-21 05:12 82944 --a------ C:\WINDOWS\system32\drivers\wudfrd.sys
2007-03-21 05:12 8231936 --a------ C:\WINDOWS\system32\wmploc.dll
2007-03-21 05:12 77568 --a------ C:\WINDOWS\system32\drivers\wudfpf.sys
2007-03-21 05:12 767488 --a------ C:\WINDOWS\system32\wmvsencd.dll
2007-03-21 05:12 656896 --a------ C:\WINDOWS\system32\wmvxencd.dll
2007-03-21 05:12 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2007-03-21 05:12 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2007-03-21 05:12 613376 --a------ C:\WINDOWS\system32\wmpmde.dll
2007-03-21 05:12 603648 --a------ C:\WINDOWS\system32\wmspdmod.dll
2007-03-21 05:12 55808 --a------ C:\WINDOWS\system32\wudfsvc.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadve.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadvd.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2007-03-21 05:12 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2007-03-21 05:12 38400 --a------ C:\WINDOWS\system32\wpdshextres.dll
2007-03-21 05:12 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2007-03-21 05:12 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2007-03-21 05:12 316416 --a------ C:\WINDOWS\system32\wudfx.dll
2007-03-21 05:12 2603008 --a------ C:\WINDOWS\system32\wpdshext.dll
2007-03-21 05:12 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2007-03-21 05:12 17408 --a------ C:\WINDOWS\system32\wpdshextautoplay.exe
2007-03-21 05:12 165376 --a------ C:\WINDOWS\system32\wudfplatform.dll
2007-03-21 05:12 1574912 --a------ C:\WINDOWS\system32\wmvencod.dll
2007-03-21 05:12 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2007-03-21 05:12 1543680 --a------ C:\WINDOWS\system32\wmvdecod.dll
2007-03-21 05:12 146432 --a------ C:\WINDOWS\system32\wudfhost.exe
2007-03-21 05:12 1382912 --a------ C:\WINDOWS\system32\wmvsdecd.dll
2007-03-21 05:12 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2007-03-21 05:12 1329152 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2007-03-21 05:12 130048 --a------ C:\WINDOWS\system32\wmpps.dll
2007-03-21 05:11 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2007-03-21 05:11 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2007-03-21 05:11 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-03-21 05:11 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2007-03-21 05:11 71680 --a------ C:\WINDOWS\system32\admparse.dll
2007-03-21 05:11 7168 --a------ C:\WINDOWS\system32\asferror.dll
2007-03-21 05:11 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-03-21 05:11 62744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-03-21 05:11 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2007-03-21 05:11 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2007-03-21 05:11 534528 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2007-03-21 05:11 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-03-21 05:11 45568 --a------ C:\WINDOWS\system32\mshta.exe
2007-03-21 05:11 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2007-03-21 05:11 414720 --a------ C:\WINDOWS\system32\msscp.dll
2007-03-21 05:11 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp43dmod.dll
2007-03-21 05:11 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2007-03-21 05:11 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2007-03-21 05:11 3426072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-03-21 05:11 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2007-03-21 05:11 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2007-03-21 05:11 317440 --a------ C:\WINDOWS\system32\mp4sdecd.dll
2007-03-21 05:11 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2007-03-21 05:11 312128 --a------ C:\WINDOWS\system32\msdelta.dll
2007-03-21 05:11 295936 --a------ C:\WINDOWS\system32\wmpeffects.dll
2007-03-21 05:11 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2007-03-21 05:11 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2007-03-21 05:11 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2007-03-21 05:11 26112 --a------ C:\WINDOWS\system32\idndl.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mpg4decd.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mp43decd.dll
2007-03-21 05:11 255848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-03-21 05:11 251672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-03-21 05:11 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2007-03-21 05:11 24576 --a------ C:\WINDOWS\system32\nlsdl.dll
2007-03-21 05:11 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2007-03-21 05:11 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-03-21 05:11 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-03-21 05:11 236824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-03-21 05:11 23552 --a------ C:\WINDOWS\system32\normaliz.dll
2007-03-21 05:11 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2007-03-21 05:11 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2007-03-21 05:11 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2007-03-21 05:11 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2007-03-21 05:11 211456 --a------ C:\WINDOWS\system32\qasf.dll
2007-03-21 05:11 199168 --a------ C:\WINDOWS\system32\portabledevicewmdrm.dll
2007-03-21 05:11 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2007-03-21 05:11 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2007-03-21 05:11 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-03-21 05:11 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2007-03-21 05:11 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2007-03-21 05:11 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2007-03-21 05:11 156160 --a------ C:\WINDOWS\system32\msls31.dll
2007-03-21 05:11 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-03-21 05:11 132096 --a------ C:\WINDOWS\system32\portabledevicewiacompat.dll
2007-03-21 05:11 11264 --a------ C:\WINDOWS\system32\laprxy.dll
2007-03-21 05:11 1117696 --a------ C:\WINDOWS\system32\wmadmoe.dll
2007-03-21 05:11 101888 --a------ C:\WINDOWS\system32\portabledeviceclassextension.dll
2007-03-21 05:11 100864 --a------ C:\WINDOWS\system32\logagent.exe
2007-03-21 05:10 985088 --a------ C:\WINDOWS\system32\setupapi.dll
2007-03-21 05:10 96768 --a------ C:\WINDOWS\system32\srvsvc.dll
2007-03-21 05:10 81664 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2007-03-21 05:10 80896 --a------ C:\WINDOWS\system32\wscsvc.dll
2007-03-21 05:10 713216 --a------ C:\WINDOWS\system32\sxs.dll
2007-03-21 05:10 69120 --a------ C:\WINDOWS\system32\wlanapi.dll
2007-03-21 05:10 68096 --a------ C:\WINDOWS\system32\webclnt.dll
2007-03-21 05:10 65536 --a------ C:\WINDOWS\system32\wshext.dll
2007-03-21 05:10 62336 --a------ C:\WINDOWS\system32\drivers\rspndr.sys
2007-03-21 05:10 59264 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2007-03-21 05:10 582656 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-03-21 05:10 57856 --a------ C:\WINDOWS\system32\spoolsv.exe
2007-03-21 05:10 55808 --a------ C:\WINDOWS\system32\twext.dll
2007-03-21 05:10 531568 --a------ C:\WINDOWS\system32\rmactivate_isv.exe
2007-03-21 05:10 519280 --a------ C:\WINDOWS\system32\secproc_isv.dll
2007-03-21 05:10 518768 --a------ C:\WINDOWS\system32\secproc.dll
2007-03-21 05:10 50176 --a------ C:\WINDOWS\system32\utilman.exe
2007-03-21 05:10 49152 --a------ C:\WINDOWS\system32\wdigest.dll
2007-03-21 05:10 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2007-03-21 05:10 399360 --a------ C:\WINDOWS\system32\rpcss.dll
2007-03-21 05:10 383488 --a------ C:\WINDOWS\system32\wzcdlg.dll
2007-03-21 05:10 36352 --a------ C:\WINDOWS\system32\tsgqec.dll
2007-03-21 05:10 360704 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-03-21 05:10 35840 --a------ C:\WINDOWS\system32\umandlg.dll
2007-03-21 05:10 358000 --a------ C:\WINDOWS\system32\rmactivate_ssp.exe
2007-03-21 05:10 354416 --a------ C:\WINDOWS\system32\rmactivate_ssp_isv.exe
2007-03-21 05:10 332928 --a------ C:\WINDOWS\system32\drivers\srv.sys
2007-03-21 05:10 30208 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\wshcon.dll
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\verclsid.exe
2007-03-21 05:10 26624 --a------ C:\WINDOWS\system32\verifier.dll
2007-03-21 05:10 249344 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-03-21 05:10 246814 --a------ C:\WINDOWS\system32\strmdll.dll
2007-03-21 05:10 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-03-21 05:10 225664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2007-03-21 05:10 218624 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-03-21 05:10 209280 --a------ C:\WINDOWS\system32\drivers\update.sys
2007-03-21 05:10 202496 --a------ C:\WINDOWS\system32\drivers\RMCast.sys
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp_isv.dll
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp.dll
2007-03-21 05:10 18392 --a------ C:\WINDOWS\system32\wups2.dll
2007-03-21 05:10 17152 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2007-03-21 05:10 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrrun.dll
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrobj.dll
2007-03-21 05:10 143488 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2007-03-21 05:10 132096 --a------ C:\WINDOWS\system32\wkssvc.dll
2007-03-21 05:10 123392 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-03-21 05:10 117760 --a------ C:\WINDOWS\system32\t2embed.dll
2007-03-21 05:10 114688 --a------ C:\WINDOWS\system32\wscript.exe
2007-03-21 05:10 10752 --a------ C:\WINDOWS\system32\rspndr.exe
2007-03-21 05:10 101376 --a------ C:\WINDOWS\system32\txflog.dll
2007-03-21 05:09 981760 --a------ C:\WINDOWS\system32\mfc42u.dll
2007-03-21 05:09 927504 --a------ C:\WINDOWS\system32\mfc40u.dll
2007-03-21 05:09 884736 --a------ C:\WINDOWS\system32\msimsg.dll
2007-03-21 05:09 84480 --a------ C:\WINDOWS\system32\pintool.exe
2007-03-21 05:09 838360 --a------ C:\WINDOWS\system32\mswdat10.dll
2007-03-21 05:09 82432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-03-21 05:09 79872 --a------ C:\WINDOWS\system32\msxml6r.dll
2007-03-21 05:09 78848 --a------ C:\WINDOWS\system32\msiexec.exe
2007-03-21 05:09 74752 --a------ C:\WINDOWS\system32\olecli32.dll
2007-03-21 05:09 73728 --a------ C:\WINDOWS\system32\mscms.dll
2007-03-21 05:09 72704 --a------ C:\WINDOWS\system32\magnify.exe
2007-03-21 05:09 726528 --a------ C:\WINDOWS\system32\lsasrv.dll
2007-03-21 05:09 701440 --a------ C:\WINDOWS\system32\msxml2.dll
2007-03-21 05:09 66560 --a------ C:\WINDOWS\system32\mtxclu.dll
2007-03-21 05:09 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2007-03-21 05:09 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2007-03-21 05:09 621272 --a------ C:\WINDOWS\system32\mswstr10.dll
2007-03-21 05:09 61440 --a------ C:\WINDOWS\system32\mmcshext.dll
2007-03-21 05:09 58880 --a------ C:\WINDOWS\system32\pnrpnsp.dll
2007-03-21 05:09 586240 --a------ C:\WINDOWS\system32\mlang.dll
2007-03-21 05:09 553984 --a------ C:\WINDOWS\system32\p2psvc.dll
2007-03-21 05:09 53760 --a------ C:\WINDOWS\system32\narrator.exe
2007-03-21 05:09 523376 --a------ C:\WINDOWS\system32\rmactivate.exe
2007-03-21 05:09 454656 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2007-03-21 05:09 43520 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-03-21 05:09 397312 --a------ C:\WINDOWS\system32\mmcex.dll
2007-03-21 05:09 386048 --a------ C:\WINDOWS\system32\qdvd.dll
2007-03-21 05:09 37376 --a------ C:\WINDOWS\system32\olecnv32.dll
2007-03-21 05:09 35840 --a------ C:\WINDOWS\system32\qfecheck.exe
2007-03-21 05:09 343040 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-03-21 05:09 33792 --a------ C:\WINDOWS\system32\mmcperf.exe
2007-03-21 05:09 323696 --a------ C:\WINDOWS\system32\msdrm.dll
2007-03-21 05:09 313344 --a------ C:\WINDOWS\system32\p2pgraph.dll
2007-03-21 05:09 298496 --a------ C:\WINDOWS\system32\kerberos.dll
2007-03-21 05:09 297472 --a------ C:\WINDOWS\system32\msctf.dll
2007-03-21 05:09 288768 --a------ C:\WINDOWS\system32\rhttpaa.dll
2007-03-21 05:09 2854400 --a------ C:\WINDOWS\system32\msi.dll
2007-03-21 05:09 271360 --a------ C:\WINDOWS\system32\msihnd.dll
2007-03-21 05:09 270336 --a------ C:\WINDOWS\system32\oakley.dll
2007-03-21 05:09 247808 --a------ C:\WINDOWS\system32\newdev.dll
2007-03-21 05:09 215552 --a------ C:\WINDOWS\system32\osk.exe
2007-03-21 05:09 19968 --a------ C:\WINDOWS\system32\linkinfo.dll
2007-03-21 05:09 197632 --a------ C:\WINDOWS\system32\netman.dll
2007-03-21 05:09 192512 --a------ C:\WINDOWS\system32\qcap.dll
2007-03-21 05:09 1913344 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2007-03-21 05:09 184320 --a------ C:\WINDOWS\system32\microsoft.managementconsole.dll
2007-03-21 05:09 178408 --a------ C:\WINDOWS\system32\muweb.dll
2007-03-21 05:09 174592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2007-03-21 05:09 1705472 --a------ C:\WINDOWS\system32\netshell.dll
2007-03-21 05:09 163456 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2007-03-21 05:09 163328 --a------ C:\WINDOWS\system32\mmcbase.dll
2007-03-21 05:09 15360 --a------ C:\WINDOWS\system32\msisip.dll
2007-03-21 05:09 153088 --a------ C:\WINDOWS\system32\p2p.dll
2007-03-21 05:09 1435648 --a------ C:\WINDOWS\system32\query.dll
2007-03-21 05:09 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2007-03-21 05:09 1354752 --a------ C:\WINDOWS\system32\mmc.exe
2007-03-21 05:09 1317648 --a------ C:\WINDOWS\system32\msxml6.dll
2007-03-21 05:09 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2007-03-21 05:09 1286656 --a------ C:\WINDOWS\system32\ole32.dll
2007-03-21 05:09 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2007-03-21 05:09 122880 --a------ C:\WINDOWS\system32\oledlg.dll
2007-03-21 05:09 115712 --a------ C:\WINDOWS\system32\p2pnetsh.dll
2007-03-21 05:09 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2007-03-21 05:09 106496 --a------ C:\WINDOWS\system32\mmcfxcommon.dll
2007-03-21 05:09 105088 --a------ C:\WINDOWS\system32\drivers\mup.sys
2007-03-21 05:09 104960 --a------ C:\WINDOWS\system32\p2pgasvc.dll
2007-03-21 05:08 98304 --a------ C:\WINDOWS\system32\cscript.exe
2007-03-21 05:08 96792 --a------ C:\WINDOWS\system32\basecsp.dll
2007-03-21 05:08 80896 --a------ C:\WINDOWS\system32\fontsub.dll
2007-03-21 05:08 77824 --a------ C:\WINDOWS\system32\browser.dll
2007-03-21 05:08 75736 --a------ C:\WINDOWS\system32\cdm.dll
2007-03-21 05:08 72704 --a------ C:\WINDOWS\system32\hlink.dll
2007-03-21 05:08 69120 --a------ C:\WINDOWS\system32\ciodm.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\authz.dll
2007-03-21 05:08 61952 --a------ C:\WINDOWS\system32\hdashcut.exe
2007-03-21 05:08 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2007-03-21 05:08 5120 --a------ C:\WINDOWS\system32\hdaudres.dll
2007-03-21 05:08 498742 --a------ C:\WINDOWS\system32\dxmasf.dll
2007-03-21 05:08 49536 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2007-03-21 05:08 42496 --a------ C:\WINDOWS\system32\ftp.exe
2007-03-21 05:08 41984 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2007-03-21 05:08 41472 --a------ C:\WINDOWS\system32\hhsetup.dll

#8 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 03:05 PM

Sorry, seems to have been cut off in mid paste... I'll try again:


"Jon" - 07-05-04 14:08:16 Service Pack 2
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\Jon\Desktop\"


(((((((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))


C:\WINDOWS\system32\drivers\core.sys


((((((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))


-------\core
-------\LEGACY_CORE


((((((((((((((((((((((((((((((( Files Created from 2007-04-04 to 2007-05-04 ))))))))))))))))))))))))))))))))))


2007-05-03 14:16 <DIR> d-------- C:\Program Files\Trillian
2007-04-29 15:00 759,808 --a------ C:\WINDOWS\system32\Clock_Tower_3D_Screensaver.scr
2007-04-29 15:00 14,316,032 --a------ C:\WINDOWS\system32\Clock Tower 3D Screensaver.exe
2007-04-29 14:56 768,512 --a------ C:\WINDOWS\system32\Earth_3D_Screensaver.scr
2007-04-29 14:56 13,243,392 --a------ C:\WINDOWS\system32\Earth 3D Screensaver.exe
2007-04-29 14:52 772,608 --a------ C:\WINDOWS\system32\Coral_Clock_3D_Screensaver.scr
2007-04-29 14:52 10,982,912 --a------ C:\WINDOWS\system32\Coral Clock 3D Screensaver.exe
2007-04-29 00:42 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-28 13:39 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-04-28 13:28 <DIR> d-------- C:\DOCUME~1\Jon\.housecall6.6
2007-04-28 13:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-27 23:35 <DIR> d-------- C:\Program Files\Google
2007-04-27 23:35 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Google
2007-04-27 23:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-04-27 23:24 1,481,198 --a------ C:\WINDOWS\Lewd Leprechauns Full.scr
2007-04-27 09:10 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-27 00:32 290,816 --a------ C:\WINDOWS\Living 3D Dolphins Full.scr
2007-04-27 00:32 <DIR> d-------- C:\Program Files\ScreenSaver.com
2007-04-26 23:47 2,226,176 --a------ C:\WINDOWS\system32\3D Solar System.scr
2007-04-26 23:24 1 --a------ C:\WINDOWS\system32\sav80231.sys
2007-04-26 16:16 131,072 --a------ C:\WINDOWS\SNVerifyDLL.dll
2007-04-26 16:16 1,032,192 --a------ C:\WINDOWS\AquaReal.scr
2007-04-26 16:09 1 --a------ C:\WINDOWS\system32\sav87312.sys
2007-04-26 16:07 85,960 --a------ C:\WINDOWS\system32\update.exe
2007-04-26 16:07 5,570,560 --a------ C:\WINDOWS\system32\3D Galaxy Journey.scr
2007-04-26 16:07 291,776 --a------ C:\WINDOWS\system32\DealioKit97-stub-0.exe
2007-04-26 15:58 8,773,632 --a------ C:\WINDOWS\system32\Japanese Garden 3D Screensaver.scr
2007-04-26 15:58 528,384 --a------ C:\WINDOWS\system32\Astro Gemini Screensaver Manager.scr
2007-04-26 15:58 <DIR> d-------- C:\Program Files\Astro Gemini Software
2007-04-26 15:32 4,563,968 --a------ C:\WINDOWS\system32\Ocean.scr
2007-04-26 15:12 883,200 --a------ C:\WINDOWS\system32\Lagoon_3D_Screensaver.scr
2007-04-26 15:12 10,638,336 --a------ C:\WINDOWS\system32\Lagoon 3D Screensaver.exe
2007-04-26 14:50 1,175,700 --a------ C:\WINDOWS\system32\RainySs.scr
2007-04-26 14:43 8,358,400 --a------ C:\WINDOWS\system32\Ice Clock 3D Screensaver.exe
2007-04-26 14:43 740,352 --a------ C:\WINDOWS\system32\Ice_Clock_3D_Screensaver.scr
2007-04-26 14:43 409,600 --a------ C:\WINDOWS\system32\3Planesoft_Screensaver_Manager.scr
2007-04-26 14:43 <DIR> d-------- C:\WINDOWS\system32\3Planesoft
2007-04-26 14:43 <DIR> d-------- C:\Screensavers
2007-04-26 14:43 <DIR> d-------- C:\Program Files\3Planesoft Screensaver Manager
2007-04-24 23:20 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
2007-04-24 23:18 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-04-24 23:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-04-24 23:13 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-04-24 16:35 <DIR> d--h----- C:\WINDOWS\Icons
2007-04-23 17:17 2,277,376 --a------ C:\WINDOWS\system32\TUKernel.exe
2007-04-23 17:06 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-23 17:06 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2007-04-23 17:06 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\TuneUp Software
2007-04-23 17:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-23 17:05 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-04-23 16:37 <DIR> d-------- C:\Program Files\Ad-Aware SE Personal
2007-04-23 16:37 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Lavasoft
2007-04-23 16:33 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2007-04-23 16:33 <DIR> d-------- C:\WINDOWS\PrimoPDF
2007-04-23 16:33 <DIR> d-------- C:\Program Files\PrimoPDF
2007-04-23 16:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-04-23 16:18 <DIR> d-------- C:\Program Files\uTorrent
2007-04-23 16:18 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\uTorrent
2007-04-23 16:11 <DIR> d-------- C:\WINDOWS\Magic Ball 3
2007-04-23 16:02 <DIR> d--hs---- C:\RECYCLER
2007-04-23 15:44 <DIR> d-------- C:\Games
2007-04-23 15:37 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-04-23 15:26 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-04-23 15:13 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Ahead
2007-04-23 15:12 <DIR> d-------- C:\Program Files\Nero
2007-04-23 15:12 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-04-23 15:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-04-23 15:01 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2007-04-23 15:00 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-04-23 14:59 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-04-23 14:59 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-04-23 14:49 <DIR> d-------- C:\WINDOWS\system32\inf32
2007-04-23 14:49 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\GPSoftware
2007-04-23 14:48 1,044,480 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2007-04-23 14:48 <DIR> d-------- C:\Program Files\Directory Opus
2007-04-23 14:40 1,395 --a------ C:\WINDOWS\mozver.dat
2007-04-23 14:39 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-23 14:37 <DIR> d-------- C:\Program Files\ePrompter
2007-04-23 14:32 <DIR> d-------- C:\Program Files\LTFViewer
2007-04-23 14:24 512 --a------ C:\ScanSectorLog.dat
2007-04-23 14:21 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\MailFrontier
2007-04-23 14:15 11,983,136 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-04-23 14:15 1,512,480 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-04-23 14:13 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-04-23 14:12 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-04-23 14:12 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-04-23 14:12 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-04-23 14:12 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-04-23 14:12 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-04-20 12:22 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-20 12:22 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-20 12:22 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-20 12:22 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-20 12:22 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-20 12:22 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-20 12:22 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-20 12:22 466,944 --a------ C:\WINDOWS\system32\CapabilityTable.exe
2007-04-20 12:22 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-20 12:22 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-20 12:22 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-20 12:22 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-20 12:22 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2007-04-20 12:22 <DIR> d-------- C:\Program Files\Common Files\NVIDIA Shared
2007-04-20 12:21 937,984 -ra------ C:\WINDOWS\system32\drivers\nvmcp.sys
2007-04-20 12:21 93,568 -ra------ C:\WINDOWS\system32\drivers\nvata.sys
2007-04-20 12:21 7,680 -ra------ C:\WINDOWS\system32\nvack.dll
2007-04-20 12:21 66,688 -ra------ C:\WINDOWS\system32\drivers\nvarm.sys
2007-04-20 12:21 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-20 12:21 54,272 -ra------ C:\WINDOWS\system32\nvopenal.dll
2007-04-20 12:21 53,376 -ra------ C:\WINDOWS\system32\drivers\nvax.sys
2007-04-20 12:21 5,120 -ra------ C:\WINDOWS\system32\ALut.dll
2007-04-20 12:21 414,464 -ra------ C:\WINDOWS\system32\drivers\nvapu.sys
2007-04-20 12:21 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-20 12:21 33,280 -ra------ C:\WINDOWS\system32\NVCOI.DLL
2007-04-20 12:21 32,256 -ra------ C:\WINDOWS\system32\NVCOAD.DLL
2007-04-20 12:21 30,208 -ra------ C:\WINDOWS\system32\nvasio.dll
2007-04-20 12:21 289,792 -ra------ C:\WINDOWS\system32\idecoins.dll
2007-04-20 12:21 289,792 -ra------ C:\WINDOWS\system32\idecoi.dll
2007-04-20 12:21 21,504 -ra------ C:\WINDOWS\system32\OpenAL32.dll
2007-04-20 12:21 176,128 --a------ C:\WINDOWS\system32\nvuaudio.exe
2007-04-20 12:21 176,128 --------- C:\WINDOWS\system32\nvuide.exe
2007-04-20 12:21 146,048 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-20 12:21 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-20 12:20 612 -ra------ C:\WINDOWS\system32\drivers\nvphy.bin
2007-04-20 12:20 35,840 -ra------ C:\WINDOWS\system32\nvconrm.dll
2007-04-20 12:20 34,944 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2007-04-20 12:20 309,376 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2007-04-20 12:20 222,720 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2007-04-20 12:20 208,896 -ra------ C:\WINDOWS\system32\nvusmb.exe
2007-04-20 12:20 208,896 -ra------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-20 12:20 208,896 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-20 12:20 200,704 -ra------ C:\WINDOWS\system32\fdco1ins.dll
2007-04-20 12:20 200,704 -ra------ C:\WINDOWS\system32\fdco1.dll
2007-04-20 12:20 13,184 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2007-04-20 12:20 102,144 -ra------ C:\WINDOWS\system32\drivers\nvtcp.sys
2007-04-20 12:20 10,752 -ra------ C:\WINDOWS\system32\bdco1ins.dll
2007-04-20 12:20 10,752 -ra------ C:\WINDOWS\system32\bdco1.dll
2007-04-20 12:20 <DIR> d-------- C:\WINDOWS\NV9922332.TMP
2007-04-20 12:19 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-20 12:19 <DIR> d-------- C:\Program Files\Driver
2007-04-20 12:18 13,696 -ra------ C:\WINDOWS\system32\drivers\BIOS.sys
2007-04-20 09:12 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-04-20 08:46 <DIR> d-------- C:\Program Files\Microsoft Games
2007-04-20 08:44 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\ATI
2007-04-20 08:40 <DIR> d-------- C:\Program Files\Common Files\ATI Technologies
2007-04-20 08:37 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-04-20 08:37 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2007-04-20 08:37 3,107,788 -ra------ C:\WINDOWS\system32\ativvaxx.dat
2007-04-20 08:37 142,347 -ra------ C:\WINDOWS\system32\atiicdxx.dat
2007-04-20 08:36 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-20 08:36 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-20 08:36 <DIR> d-------- C:\Program Files\ATI Technologies
2007-04-20 08:33 2,097,152 --ah----- C:\DOCUME~1\Jon\NTUSER.DAT
2007-04-20 08:32 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-04-20 08:32 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-20 07:59 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-04-20 07:56 233,472 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-04-20 07:56 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-20 07:56 0 -rahs---- C:\MSDOS.SYS
2007-04-20 07:56 0 -rahs---- C:\IO.SYS
2007-04-20 07:56 0 --a------ C:\CONFIG.SYS
2007-04-20 07:56 0 --a------ C:\AUTOEXEC.BAT
2007-04-20 07:56 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-20 07:56 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-20 07:55 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-04-20 07:55 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-04-20 07:55 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-20 07:54 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-20 07:54 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-20 07:54 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-20 07:54 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-20 07:54 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-20 07:54 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-20 07:54 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-20 07:54 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-20 07:54 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-20 07:54 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-20 07:54 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-20 07:54 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-20 07:54 465,368 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-20 07:54 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-20 07:54 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-20 07:54 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-20 07:54 41,432 --a------ C:\WINDOWS\system32\wups.dll
2007-04-20 07:54 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-20 07:54 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-20 07:54 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-20 07:54 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-20 07:54 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-20 07:54 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-20 07:54 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-20 07:54 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-20 07:54 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-20 07:54 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-20 07:54 23,040 --a------ C:\WINDOWS\system32\fltMc.exe
2007-04-20 07:54 194,520 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-20 07:54 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-20 07:54 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-20 07:54 18,392 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-20 07:54 174,040 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-20 07:54 172,504 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-20 07:54 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-20 07:54 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-20 07:54 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-20 07:54 128,768 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-04-20 07:54 127,448 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-20 07:54 124,376 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-20 07:54 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-20 07:54 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-20 07:54 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-20 07:54 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-20 07:54 1,353,688 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-20 07:54 <DIR> d---s---- C:\WINDOWS\Tasks
2007-04-20 07:54 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-20 07:54 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-20 07:54 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-20 07:54 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-20 07:53 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-04-20 07:53 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-20 07:53 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-04-20 07:53 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-20 07:53 <DIR> d-------- C:\WINDOWS\Registration
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Online Services
2007-04-20 07:53 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Messenger
2007-04-20 07:52 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-20 07:52 956,928 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-20 07:52 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-20 07:52 91,648 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-20 07:52 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-20 07:52 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-20 07:52 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-20 07:52 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-20 07:52 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-20 07:52 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-20 07:52 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-20 07:52 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-20 07:52 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-20 07:52 600,576 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-20 07:52 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-20 07:52 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-20 07:52 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-20 07:52 59,392 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-20 07:52 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-20 07:52 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-20 07:52 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-20 07:52 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-20 07:52 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-20 07:52 539,648 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-20 07:52 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-20 07:52 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-20 07:52 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-20 07:52 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-20 07:52 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-20 07:52 427,520 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-20 07:52 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-20 07:52 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-20 07:52 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-20 07:52 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-20 07:52 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-20 07:52 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-20 07:52 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-20 07:52 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-20 07:52 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-20 07:52 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-20 07:52 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-20 07:52 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-20 07:52 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-20 07:52 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-20 07:52 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-20 07:52 20,992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-20 07:52 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-20 07:52 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-20 07:52 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-20 07:52 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-20 07:52 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-20 07:52 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-20 07:52 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-20 07:52 161,792 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-20 07:52 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-20 07:52 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-20 07:52 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-20 07:52 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-20 07:52 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-20 07:52 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-20 07:52 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-20 07:52 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-20 07:52 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-20 07:52 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-20 07:52 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-20 07:52 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-20 07:52 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-20 07:52 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-20 07:52 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-20 07:52 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-20 07:52 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-20 07:52 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-20 07:52 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-20 07:52 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-20 07:52 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-20 07:52 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-20 07:52 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-20 07:52 1,866,240 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-20 07:52 1,269,248 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-20 07:52 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-20 07:52 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-20 07:52 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-20 07:52 <DIR> d-------- C:\Program Files\Windows NT
2007-04-19 18:41 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-19 18:41 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-19 18:40 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-19 18:39 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-19 18:39 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-04-19 18:39 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-19 18:39 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-19 18:39 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-19 18:39 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-19 18:39 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-19 18:39 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-04-19 18:39 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-19 18:39 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-04-19 18:39 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-19 18:39 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-19 18:39 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-19 18:39 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-19 18:39 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-19 18:39 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-19 18:39 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-19 18:39 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-19 18:39 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-19 18:39 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-19 18:39 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-19 18:39 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-19 18:39 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-19 18:39 <DIR> dr------- C:\Program Files
2007-04-19 18:39 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2007-04-19 18:39 <DIR> d--hs---- C:\WINDOWS\Installer
2007-04-19 18:39 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-19 18:39 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-19 18:38 <DIR> d--hs---- C:\System Volume Information
2007-04-19 18:38 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-19 18:38 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-19 18:38 <DIR> d-------- C:\Documents and Settings
2007-04-19 18:34 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-04-19 18:34 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-04-19 18:34 <DIR> dr------- C:\WINDOWS\Web
2007-04-19 18:34 <DIR> d--h----- C:\WINDOWS\inf
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\security
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Resources
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\repair
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Provisioning
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\PeerNet
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\pchealth
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Network Diagnostic
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\mui
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\msapps
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\msagent
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Media
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\l2schemas
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\ime
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Help
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\ehome
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Debug
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Config
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\addins
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-19 18:39 62 --ahs---- C:\DOCUME~1\Jon\APPLIC~1\desktop.ini
2007-03-21 05:18 86073 --a------ C:\WINDOWS\system32\usrfaxa.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\tsbyuv.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\streamci.dll
2007-03-21 05:18 80128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2007-03-21 05:18 77891 --a------ C:\WINDOWS\system32\usrmlnka.exe
2007-03-21 05:18 77890 --a------ C:\WINDOWS\system32\usrdpa.dll
2007-03-21 05:18 77883 --a------ C:\WINDOWS\system32\usrrtosa.dll
2007-03-21 05:18 72192 --a------ C:\WINDOWS\system32\sprio800.dll
2007-03-21 05:18 70656 --a------ C:\WINDOWS\system32\sprio600.dll
2007-03-21 05:18 69700 --a------ C:\WINDOWS\system32\usrshuta.exe
2007-03-21 05:18 69699 --a------ C:\WINDOWS\system32\usrcoina.dll
2007-03-21 05:18 69632 --a------ C:\WINDOWS\system32\spnike.dll
2007-03-21 05:18 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2007-03-21 05:18 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2007-03-21 05:18 61508 --a------ C:\WINDOWS\system32\usrprbda.exe
2007-03-21 05:18 61500 --a------ C:\WINDOWS\system32\usrcntra.dll
2007-03-21 05:18 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2007-03-21 05:18 58112 --a------ C:\WINDOWS\system32\drivers\vdmindvd.sys
2007-03-21 05:18 55296 --a------ C:\WINDOWS\system32\dvdplay.exe
2007-03-21 05:18 53305 --a------ C:\WINDOWS\system32\usrlbva.dll
2007-03-21 05:18 52736 --a------ C:\WINDOWS\system32\wzcsapi.dll
2007-03-21 05:18 52224 --a------ C:\WINDOWS\system32\dmutil.dll
2007-03-21 05:18 51712 --a------ C:\WINDOWS\system32\drivers\tosdvd.sys
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrvpa.dll
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrsdpia.dll
2007-03-21 05:18 49209 --a------ C:\WINDOWS\system32\usrv80a.dll
2007-03-21 05:18 476160 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-03-21 05:18 47616 --a------ C:\WINDOWS\system32\iyuv_32.dll
2007-03-21 05:18 47104 --a------ C:\WINDOWS\system32\cnbjmon.dll
2007-03-21 05:18 45116 --a------ C:\WINDOWS\system32\usrvoica.dll
2007-03-21 05:18 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2007-03-21 05:18 42496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2007-03-21 05:18 41019 --a------ C:\WINDOWS\system32\usrsvpia.dll
2007-03-21 05:18 37376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2007-03-21 05:18 36992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2007-03-21 05:18 36480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2007-03-21 05:18 35456 --a------ C:\WINDOWS\system32\drivers\processr.sys
2007-03-21 05:18 35328 --a------ C:\WINDOWS\system32\pid.dll
2007-03-21 05:18 323641 --a------ C:\WINDOWS\system32\usrdtea.dll
2007-03-21 05:18 3200 --a------ C:\WINDOWS\system32\wowfax.dll
2007-03-21 05:18 30080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2007-03-21 05:18 262528 --a------ C:\WINDOWS\system32\drivers\cinemst2.sys
2007-03-21 05:18 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2007-03-21 05:18 23936 --a------ C:\WINDOWS\system32\drivers\usbcamd2.sys
2007-03-21 05:18 23808 --a------ C:\WINDOWS\system32\drivers\usbcamd.sys
2007-03-21 05:18 23040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2007-03-21 05:18 21376 --a------ C:\WINDOWS\system32\drivers\tsbvcap.sys
2007-03-21 05:18 20992 --a------ C:\WINDOWS\system32\hid.dll
2007-03-21 05:18 18688 --a------ C:\WINDOWS\system32\drivers\cdaudio.sys
2007-03-21 05:18 17408 --a------ C:\WINDOWS\system32\msyuv.dll
2007-03-21 05:18 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2007-03-21 05:18 157696 --a------ C:\WINDOWS\system32\paqsp.dll
2007-03-21 05:18 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2007-03-21 05:18 15360 --a------ C:\WINDOWS\system32\pjlmon.dll
2007-03-21 05:18 147968 --a------ C:\WINDOWS\system32\mdwmdmsp.dll
2007-03-21 05:18 14592 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2007-03-21 05:18 13824 --a------ C:\WINDOWS\system32\wowfaxui.dll
2007-03-21 05:18 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2007-03-21 05:18 12160 --a------ C:\WINDOWS\system32\drivers\fsvga.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\riodrv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\rio8drv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\nikedrv.sys
2007-03-21 05:18 11776 --a------ C:\WINDOWS\system32\drivers\cpqdap01.sys
2007-03-21 05:18 102457 --a------ C:\WINDOWS\system32\usrv42a.dll
2007-03-21 05:12 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2007-03-21 05:12 95344 --a------ C:\WINDOWS\system32\wudfcoinstaller.dll
2007-03-21 05:12 82944 --a------ C:\WINDOWS\system32\drivers\wudfrd.sys
2007-03-21 05:12 8231936 --a------ C:\WINDOWS\system32\wmploc.dll
2007-03-21 05:12 77568 --a------ C:\WINDOWS\system32\drivers\wudfpf.sys
2007-03-21 05:12 767488 --a------ C:\WINDOWS\system32\wmvsencd.dll
2007-03-21 05:12 656896 --a------ C:\WINDOWS\system32\wmvxencd.dll
2007-03-21 05:12 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2007-03-21 05:12 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2007-03-21 05:12 613376 --a------ C:\WINDOWS\system32\wmpmde.dll
2007-03-21 05:12 603648 --a------ C:\WINDOWS\system32\wmspdmod.dll
2007-03-21 05:12 55808 --a------ C:\WINDOWS\system32\wudfsvc.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadve.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadvd.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2007-03-21 05:12 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2007-03-21 05:12 38400 --a------ C:\WINDOWS\system32\wpdshextres.dll
2007-03-21 05:12 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2007-03-21 05:12 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2007-03-21 05:12 316416 --a------ C:\WINDOWS\system32\wudfx.dll
2007-03-21 05:12 2603008 --a------ C:\WINDOWS\system32\wpdshext.dll
2007-03-21 05:12 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2007-03-21 05:12 17408 --a------ C:\WINDOWS\system32\wpdshextautoplay.exe
2007-03-21 05:12 165376 --a------ C:\WINDOWS\system32\wudfplatform.dll
2007-03-21 05:12 1574912 --a------ C:\WINDOWS\system32\wmvencod.dll
2007-03-21 05:12 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2007-03-21 05:12 1543680 --a------ C:\WINDOWS\system32\wmvdecod.dll
2007-03-21 05:12 146432 --a------ C:\WINDOWS\system32\wudfhost.exe
2007-03-21 05:12 1382912 --a------ C:\WINDOWS\system32\wmvsdecd.dll
2007-03-21 05:12 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2007-03-21 05:12 1329152 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2007-03-21 05:12 130048 --a------ C:\WINDOWS\system32\wmpps.dll
2007-03-21 05:11 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2007-03-21 05:11 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2007-03-21 05:11 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-03-21 05:11 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2007-03-21 05:11 71680 --a------ C:\WINDOWS\system32\admparse.dll
2007-03-21 05:11 7168 --a------ C:\WINDOWS\system32\asferror.dll
2007-03-21 05:11 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-03-21 05:11 62744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-03-21 05:11 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2007-03-21 05:11 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2007-03-21 05:11 534528 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2007-03-21 05:11 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-03-21 05:11 45568 --a------ C:\WINDOWS\system32\mshta.exe
2007-03-21 05:11 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2007-03-21 05:11 414720 --a------ C:\WINDOWS\system32\msscp.dll
2007-03-21 05:11 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp43dmod.dll
2007-03-21 05:11 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2007-03-21 05:11 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2007-03-21 05:11 3426072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-03-21 05:11 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2007-03-21 05:11 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2007-03-21 05:11 317440 --a------ C:\WINDOWS\system32\mp4sdecd.dll
2007-03-21 05:11 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2007-03-21 05:11 312128 --a------ C:\WINDOWS\system32\msdelta.dll
2007-03-21 05:11 295936 --a------ C:\WINDOWS\system32\wmpeffects.dll
2007-03-21 05:11 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2007-03-21 05:11 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2007-03-21 05:11 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2007-03-21 05:11 26112 --a------ C:\WINDOWS\system32\idndl.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mpg4decd.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mp43decd.dll
2007-03-21 05:11 255848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-03-21 05:11 251672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-03-21 05:11 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2007-03-21 05:11 24576 --a------ C:\WINDOWS\system32\nlsdl.dll
2007-03-21 05:11 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2007-03-21 05:11 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-03-21 05:11 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-03-21 05:11 236824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-03-21 05:11 23552 --a------ C:\WINDOWS\system32\normaliz.dll
2007-03-21 05:11 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2007-03-21 05:11 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2007-03-21 05:11 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2007-03-21 05:11 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2007-03-21 05:11 211456 --a------ C:\WINDOWS\system32\qasf.dll
2007-03-21 05:11 199168 --a------ C:\WINDOWS\system32\portabledevicewmdrm.dll
2007-03-21 05:11 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2007-03-21 05:11 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2007-03-21 05:11 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-03-21 05:11 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2007-03-21 05:11 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2007-03-21 05:11 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2007-03-21 05:11 156160 --a------ C:\WINDOWS\system32\msls31.dll
2007-03-21 05:11 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-03-21 05:11 132096 --a------ C:\WINDOWS\system32\portabledevicewiacompat.dll
2007-03-21 05:11 11264 --a------ C:\WINDOWS\system32\laprxy.dll
2007-03-21 05:11 1117696 --a------ C:\WINDOWS\system32\wmadmoe.dll
2007-03-21 05:11 101888 --a------ C:\WINDOWS\system32\portabledeviceclassextension.dll
2007-03-21 05:11 100864 --a------ C:\WINDOWS\system32\logagent.exe
2007-03-21 05:10 985088 --a------ C:\WINDOWS\system32\setupapi.dll
2007-03-21 05:10 96768 --a------ C:\WINDOWS\system32\srvsvc.dll
2007-03-21 05:10 81664 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2007-03-21 05:10 80896 --a------ C:\WINDOWS\system32\wscsvc.dll
2007-03-21 05:10 713216 --a------ C:\WINDOWS\system32\sxs.dll
2007-03-21 05:10 69120 --a------ C:\WINDOWS\system32\wlanapi.dll
2007-03-21 05:10 68096 --a------ C:\WINDOWS\system32\webclnt.dll
2007-03-21 05:10 65536 --a------ C:\WINDOWS\system32\wshext.dll
2007-03-21 05:10 62336 --a------ C:\WINDOWS\system32\drivers\rspndr.sys
2007-03-21 05:10 59264 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2007-03-21 05:10 582656 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-03-21 05:10 57856 --a------ C:\WINDOWS\system32\spoolsv.exe
2007-03-21 05:10 55808 --a------ C:\WINDOWS\system32\twext.dll
2007-03-21 05:10 531568 --a------ C:\WINDOWS\system32\rmactivate_isv.exe
2007-03-21 05:10 519280 --a------ C:\WINDOWS\system32\secproc_isv.dll
2007-03-21 05:10 518768 --a------ C:\WINDOWS\system32\secproc.dll
2007-03-21 05:10 50176 --a------ C:\WINDOWS\system32\utilman.exe
2007-03-21 05:10 49152 --a------ C:\WINDOWS\system32\wdigest.dll
2007-03-21 05:10 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2007-03-21 05:10 399360 --a------ C:\WINDOWS\system32\rpcss.dll
2007-03-21 05:10 383488 --a------ C:\WINDOWS\system32\wzcdlg.dll
2007-03-21 05:10 36352 --a------ C:\WINDOWS\system32\tsgqec.dll
2007-03-21 05:10 360704 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-03-21 05:10 35840 --a------ C:\WINDOWS\system32\umandlg.dll
2007-03-21 05:10 358000 --a------ C:\WINDOWS\system32\rmactivate_ssp.exe
2007-03-21 05:10 354416 --a------ C:\WINDOWS\system32\rmactivate_ssp_isv.exe
2007-03-21 05:10 332928 --a------ C:\WINDOWS\system32\drivers\srv.sys
2007-03-21 05:10 30208 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\wshcon.dll
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\verclsid.exe
2007-03-21 05:10 26624 --a------ C:\WINDOWS\system32\verifier.dll
2007-03-21 05:10 249344 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-03-21 05:10 246814 --a------ C:\WINDOWS\system32\strmdll.dll
2007-03-21 05:10 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-03-21 05:10 225664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2007-03-21 05:10 218624 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-03-21 05:10 209280 --a------ C:\WINDOWS\system32\drivers\update.sys
2007-03-21 05:10 202496 --a------ C:\WINDOWS\system32\drivers\RMCast.sys
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp_isv.dll
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp.dll
2007-03-21 05:10 18392 --a------ C:\WINDOWS\system32\wups2.dll
2007-03-21 05:10 17152 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2007-03-21 05:10 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrrun.dll
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrobj.dll
2007-03-21 05:10 143488 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2007-03-21 05:10 132096 --a------ C:\WINDOWS\system32\wkssvc.dll
2007-03-21 05:10 123392 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-03-21 05:10 117760 --a------ C:\WINDOWS\system32\t2embed.dll
2007-03-21 05:10 114688 --a------ C:\WINDOWS\system32\wscript.exe
2007-03-21 05:10 10752 --a------ C:\WINDOWS\system32\rspndr.exe
2007-03-21 05:10 101376 --a------ C:\WINDOWS\system32\txflog.dll
2007-03-21 05:09 981760 --a------ C:\WINDOWS\system32\mfc42u.dll
2007-03-21 05:09 927504 --a------ C:\WINDOWS\system32\mfc40u.dll
2007-03-21 05:09 884736 --a------ C:\WINDOWS\system32\msimsg.dll
2007-03-21 05:09 84480 --a------ C:\WINDOWS\system32\pintool.exe
2007-03-21 05:09 838360 --a------ C:\WINDOWS\system32\mswdat10.dll
2007-03-21 05:09 82432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-03-21 05:09 79872 --a------ C:\WINDOWS\system32\msxml6r.dll
2007-03-21 05:09 78848 --a------ C:\WINDOWS\system32\msiexec.exe
2007-03-21 05:09 74752 --a------ C:\WINDOWS\system32\olecli32.dll
2007-03-21 05:09 73728 --a------ C:\WINDOWS\system32\mscms.dll
2007-03-21 05:09 72704 --a------ C:\WINDOWS\system32\magnify.exe
2007-03-21 05:09 726528 --a------ C:\WINDOWS\system32\lsasrv.dll
2007-03-21 05:09 701440 --a------ C:\WINDOWS\system32\msxml2.dll
2007-03-21 05:09 66560 --a------ C:\WINDOWS\system32\mtxclu.dll
2007-03-21 05:09 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2007-03-21 05:09 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2007-03-21 05:09 621272 --a------ C:\WINDOWS\system32\mswstr10.dll
2007-03-21 05:09 61440 --a------ C:\WINDOWS\system32\mmcshext.dll
2007-03-21 05:09 58880 --a------ C:\WINDOWS\system32\pnrpnsp.dll
2007-03-21 05:09 586240 --a------ C:\WINDOWS\system32\mlang.dll
2007-03-21 05:09 553984 --a------ C:\WINDOWS\system32\p2psvc.dll
2007-03-21 05:09 53760 --a------ C:\WINDOWS\system32\narrator.exe
2007-03-21 05:09 523376 --a------ C:\WINDOWS\system32\rmactivate.exe
2007-03-21 05:09 454656 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2007-03-21 05:09 43520 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-03-21 05:09 397312 --a------ C:\WINDOWS\system32\mmcex.dll
2007-03-21 05:09 386048 --a------ C:\WINDOWS\system32\qdvd.dll
2007-03-21 05:09 37376 --a------ C:\WINDOWS\system32\olecnv32.dll
2007-03-21 05:09 35840 --a------ C:\WINDOWS\system32\qfecheck.exe
2007-03-21 05:09 343040 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-03-21 05:09 33792 --a------ C:\WINDOWS\system32\mmcperf.exe
2007-03-21 05:09 323696 --a------ C:\WINDOWS\system32\msdrm.dll
2007-03-21 05:09 313344 --a------ C:\WINDOWS\system32\p2pgraph.dll
2007-03-21 05:09 298496 --a------ C:\WINDOWS\system32\kerberos.dll
2007-03-21 05:09 297472 --a------ C:\WINDOWS\system32\msctf.dll
2007-03-21 05:09 288768 --a------ C:\WINDOWS\system32\rhttpaa.dll
2007-03-21 05:09 2854400 --a------ C:\WINDOWS\system32\msi.dll
2007-03-21 05:09 271360 --a------ C:\WINDOWS\system32\msihnd.dll
2007-03-21 05:09 270336 --a------ C:\WINDOWS\system32\oakley.dll
2007-03-21 05:09 247808 --a------ C:\WINDOWS\system32\newdev.dll
2007-03-21 05:09 215552 --a------ C:\WINDOWS\system32\osk.exe
2007-03-21 05:09 19968 --a------ C:\WINDOWS\system32\linkinfo.dll
2007-03-21 05:09 197632 --a------ C:\WINDOWS\system32\netman.dll
2007-03-21 05:09 192512 --a------ C:\WINDOWS\system32\qcap.dll
2007-03-21 05:09 1913344 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2007-03-21 05:09 184320 --a------ C:\WINDOWS\system32\microsoft.managementconsole.dll
2007-03-21 05:09 178408 --a------ C:\WINDOWS\system32\muweb.dll
2007-03-21 05:09 174592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2007-03-21 05:09 1705472 --a------ C:\WINDOWS\system32\netshell.dll
2007-03-21 05:09 163456 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2007-03-21 05:09 163328 --a------ C:\WINDOWS\system32\mmcbase.dll
2007-03-21 05:09 15360 --a------ C:\WINDOWS\system32\msisip.dll
2007-03-21 05:09 153088 --a------ C:\WINDOWS\system32\p2p.dll
2007-03-21 05:09 1435648 --a------ C:\WINDOWS\system32\query.dll
2007-03-21 05:09 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2007-03-21 05:09 1354752 --a------ C:\WINDOWS\system32\mmc.exe
2007-03-21 05:09 1317648 --a------ C:\WINDOWS\system32\msxml6.dll
2007-03-21 05:09 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2007-03-21 05:09 1286656 --a------ C:\WINDOWS\system32\ole32.dll
2007-03-21 05:09 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2007-03-21 05:09 122880 --a------ C:\WINDOWS\system32\oledlg.dll
2007-03-21 05:09 115712 --a------ C:\WINDOWS\system32\p2pnetsh.dll
2007-03-21 05:09 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2007-03-21 05:09 106496 --a------ C:\WINDOWS\system32\mmcfxcommon.dll
2007-03-21 05:09 105088 --a------ C:\WINDOWS\system32\drivers\mup.sys
2007-03-21 05:09 104960 --a------ C:\WINDOWS\system32\p2pgasvc.dll
2007-03-21 05:08 98304 --a------ C:\WINDOWS\system32\cscript.exe
2007-03-21 05:08 96792 --a------ C:\WINDOWS\system32\basecsp.dll
2007-03-21 05:08 80896 --a------ C:\WINDOWS\system32\fontsub.dll
2007-03-21 05:08 77824 --a------ C:\WINDOWS\system32\browser.dll
2007-03-21 05:08 75736 --a------ C:\WINDOWS\system32\cdm.dll
2007-03-21 05:08 72704 --a------ C:\WINDOWS\system32\hlink.dll
2007-03-21 05:08 69120 --a------ C:\WINDOWS\system32\ciodm.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\authz.dll
2007-03-21 05:08 61952 --a------ C:\WINDOWS\system32\hdashcut.exe
2007-03-21 05:08 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2007-03-21 05:08 5120 --a------ C:\WINDOWS\system32\hdaudres.dll
2007-03-21 05:08 498742 --a------ C:\WINDOWS\system32\dxmasf.dll
2007-03-21 05:08 49536 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2007-03-21 05:08 42496 --a------ C:\WINDOWS\system32\ftp.exe
2007-03-21 05:08 41984 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2007-03-21 05:08 41472 --a------ C:\WINDOWS\system32\hhsetup.dll
2007-03-21 05:08 36921 --a

#9 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 03:08 PM

Ok, fine then... I'll post from the Find3M Report onward...

At least I did see that it found that DEALIOKIT monster. I need to get rid of that, too.

Thanks,
Sly




(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-19 18:39 62 --ahs---- C:\DOCUME~1\Jon\APPLIC~1\desktop.ini
2007-03-21 05:18 86073 --a------ C:\WINDOWS\system32\usrfaxa.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\tsbyuv.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\streamci.dll
2007-03-21 05:18 80128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2007-03-21 05:18 77891 --a------ C:\WINDOWS\system32\usrmlnka.exe
2007-03-21 05:18 77890 --a------ C:\WINDOWS\system32\usrdpa.dll
2007-03-21 05:18 77883 --a------ C:\WINDOWS\system32\usrrtosa.dll
2007-03-21 05:18 72192 --a------ C:\WINDOWS\system32\sprio800.dll
2007-03-21 05:18 70656 --a------ C:\WINDOWS\system32\sprio600.dll
2007-03-21 05:18 69700 --a------ C:\WINDOWS\system32\usrshuta.exe
2007-03-21 05:18 69699 --a------ C:\WINDOWS\system32\usrcoina.dll
2007-03-21 05:18 69632 --a------ C:\WINDOWS\system32\spnike.dll
2007-03-21 05:18 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2007-03-21 05:18 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2007-03-21 05:18 61508 --a------ C:\WINDOWS\system32\usrprbda.exe
2007-03-21 05:18 61500 --a------ C:\WINDOWS\system32\usrcntra.dll
2007-03-21 05:18 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2007-03-21 05:18 58112 --a------ C:\WINDOWS\system32\drivers\vdmindvd.sys
2007-03-21 05:18 55296 --a------ C:\WINDOWS\system32\dvdplay.exe
2007-03-21 05:18 53305 --a------ C:\WINDOWS\system32\usrlbva.dll
2007-03-21 05:18 52736 --a------ C:\WINDOWS\system32\wzcsapi.dll
2007-03-21 05:18 52224 --a------ C:\WINDOWS\system32\dmutil.dll
2007-03-21 05:18 51712 --a------ C:\WINDOWS\system32\drivers\tosdvd.sys
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrvpa.dll
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrsdpia.dll
2007-03-21 05:18 49209 --a------ C:\WINDOWS\system32\usrv80a.dll
2007-03-21 05:18 476160 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-03-21 05:18 47616 --a------ C:\WINDOWS\system32\iyuv_32.dll
2007-03-21 05:18 47104 --a------ C:\WINDOWS\system32\cnbjmon.dll
2007-03-21 05:18 45116 --a------ C:\WINDOWS\system32\usrvoica.dll
2007-03-21 05:18 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2007-03-21 05:18 42496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2007-03-21 05:18 41019 --a------ C:\WINDOWS\system32\usrsvpia.dll
2007-03-21 05:18 37376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2007-03-21 05:18 36992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2007-03-21 05:18 36480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2007-03-21 05:18 35456 --a------ C:\WINDOWS\system32\drivers\processr.sys
2007-03-21 05:18 35328 --a------ C:\WINDOWS\system32\pid.dll
2007-03-21 05:18 323641 --a------ C:\WINDOWS\system32\usrdtea.dll
2007-03-21 05:18 3200 --a------ C:\WINDOWS\system32\wowfax.dll
2007-03-21 05:18 30080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2007-03-21 05:18 262528 --a------ C:\WINDOWS\system32\drivers\cinemst2.sys
2007-03-21 05:18 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2007-03-21 05:18 23936 --a------ C:\WINDOWS\system32\drivers\usbcamd2.sys
2007-03-21 05:18 23808 --a------ C:\WINDOWS\system32\drivers\usbcamd.sys
2007-03-21 05:18 23040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2007-03-21 05:18 21376 --a------ C:\WINDOWS\system32\drivers\tsbvcap.sys
2007-03-21 05:18 20992 --a------ C:\WINDOWS\system32\hid.dll
2007-03-21 05:18 18688 --a------ C:\WINDOWS\system32\drivers\cdaudio.sys
2007-03-21 05:18 17408 --a------ C:\WINDOWS\system32\msyuv.dll
2007-03-21 05:18 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2007-03-21 05:18 157696 --a------ C:\WINDOWS\system32\paqsp.dll
2007-03-21 05:18 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2007-03-21 05:18 15360 --a------ C:\WINDOWS\system32\pjlmon.dll
2007-03-21 05:18 147968 --a------ C:\WINDOWS\system32\mdwmdmsp.dll
2007-03-21 05:18 14592 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2007-03-21 05:18 13824 --a------ C:\WINDOWS\system32\wowfaxui.dll
2007-03-21 05:18 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2007-03-21 05:18 12160 --a------ C:\WINDOWS\system32\drivers\fsvga.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\riodrv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\rio8drv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\nikedrv.sys
2007-03-21 05:18 11776 --a------ C:\WINDOWS\system32\drivers\cpqdap01.sys
2007-03-21 05:18 102457 --a------ C:\WINDOWS\system32\usrv42a.dll
2007-03-21 05:12 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2007-03-21 05:12 95344 --a------ C:\WINDOWS\system32\wudfcoinstaller.dll
2007-03-21 05:12 82944 --a------ C:\WINDOWS\system32\drivers\wudfrd.sys
2007-03-21 05:12 8231936 --a------ C:\WINDOWS\system32\wmploc.dll
2007-03-21 05:12 77568 --a------ C:\WINDOWS\system32\drivers\wudfpf.sys
2007-03-21 05:12 767488 --a------ C:\WINDOWS\system32\wmvsencd.dll
2007-03-21 05:12 656896 --a------ C:\WINDOWS\system32\wmvxencd.dll
2007-03-21 05:12 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2007-03-21 05:12 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2007-03-21 05:12 613376 --a------ C:\WINDOWS\system32\wmpmde.dll
2007-03-21 05:12 603648 --a------ C:\WINDOWS\system32\wmspdmod.dll
2007-03-21 05:12 55808 --a------ C:\WINDOWS\system32\wudfsvc.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadve.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadvd.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2007-03-21 05:12 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2007-03-21 05:12 38400 --a------ C:\WINDOWS\system32\wpdshextres.dll
2007-03-21 05:12 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2007-03-21 05:12 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2007-03-21 05:12 316416 --a------ C:\WINDOWS\system32\wudfx.dll
2007-03-21 05:12 2603008 --a------ C:\WINDOWS\system32\wpdshext.dll
2007-03-21 05:12 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2007-03-21 05:12 17408 --a------ C:\WINDOWS\system32\wpdshextautoplay.exe
2007-03-21 05:12 165376 --a------ C:\WINDOWS\system32\wudfplatform.dll
2007-03-21 05:12 1574912 --a------ C:\WINDOWS\system32\wmvencod.dll
2007-03-21 05:12 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2007-03-21 05:12 1543680 --a------ C:\WINDOWS\system32\wmvdecod.dll
2007-03-21 05:12 146432 --a------ C:\WINDOWS\system32\wudfhost.exe
2007-03-21 05:12 1382912 --a------ C:\WINDOWS\system32\wmvsdecd.dll
2007-03-21 05:12 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2007-03-21 05:12 1329152 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2007-03-21 05:12 130048 --a------ C:\WINDOWS\system32\wmpps.dll
2007-03-21 05:11 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2007-03-21 05:11 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2007-03-21 05:11 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-03-21 05:11 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2007-03-21 05:11 71680 --a------ C:\WINDOWS\system32\admparse.dll
2007-03-21 05:11 7168 --a------ C:\WINDOWS\system32\asferror.dll
2007-03-21 05:11 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-03-21 05:11 62744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-03-21 05:11 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2007-03-21 05:11 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2007-03-21 05:11 534528 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2007-03-21 05:11 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-03-21 05:11 45568 --a------ C:\WINDOWS\system32\mshta.exe
2007-03-21 05:11 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2007-03-21 05:11 414720 --a------ C:\WINDOWS\system32\msscp.dll
2007-03-21 05:11 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp43dmod.dll
2007-03-21 05:11 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2007-03-21 05:11 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2007-03-21 05:11 3426072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-03-21 05:11 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2007-03-21 05:11 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2007-03-21 05:11 317440 --a------ C:\WINDOWS\system32\mp4sdecd.dll
2007-03-21 05:11 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2007-03-21 05:11 312128 --a------ C:\WINDOWS\system32\msdelta.dll
2007-03-21 05:11 295936 --a------ C:\WINDOWS\system32\wmpeffects.dll
2007-03-21 05:11 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2007-03-21 05:11 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2007-03-21 05:11 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2007-03-21 05:11 26112 --a------ C:\WINDOWS\system32\idndl.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mpg4decd.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mp43decd.dll
2007-03-21 05:11 255848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-03-21 05:11 251672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-03-21 05:11 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2007-03-21 05:11 24576 --a------ C:\WINDOWS\system32\nlsdl.dll
2007-03-21 05:11 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2007-03-21 05:11 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-03-21 05:11 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-03-21 05:11 236824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-03-21 05:11 23552 --a------ C:\WINDOWS\system32\normaliz.dll
2007-03-21 05:11 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2007-03-21 05:11 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2007-03-21 05:11 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2007-03-21 05:11 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2007-03-21 05:11 211456 --a------ C:\WINDOWS\system32\qasf.dll
2007-03-21 05:11 199168 --a------ C:\WINDOWS\system32\portabledevicewmdrm.dll
2007-03-21 05:11 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2007-03-21 05:11 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2007-03-21 05:11 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-03-21 05:11 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2007-03-21 05:11 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2007-03-21 05:11 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2007-03-21 05:11 156160 --a------ C:\WINDOWS\system32\msls31.dll
2007-03-21 05:11 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-03-21 05:11 132096 --a------ C:\WINDOWS\system32\portabledevicewiacompat.dll
2007-03-21 05:11 11264 --a------ C:\WINDOWS\system32\laprxy.dll
2007-03-21 05:11 1117696 --a------ C:\WINDOWS\system32\wmadmoe.dll
2007-03-21 05:11 101888 --a------ C:\WINDOWS\system32\portabledeviceclassextension.dll
2007-03-21 05:11 100864 --a------ C:\WINDOWS\system32\logagent.exe
2007-03-21 05:10 985088 --a------ C:\WINDOWS\system32\setupapi.dll
2007-03-21 05:10 96768 --a------ C:\WINDOWS\system32\srvsvc.dll
2007-03-21 05:10 81664 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2007-03-21 05:10 80896 --a------ C:\WINDOWS\system32\wscsvc.dll
2007-03-21 05:10 713216 --a------ C:\WINDOWS\system32\sxs.dll
2007-03-21 05:10 69120 --a------ C:\WINDOWS\system32\wlanapi.dll
2007-03-21 05:10 68096 --a------ C:\WINDOWS\system32\webclnt.dll
2007-03-21 05:10 65536 --a------ C:\WINDOWS\system32\wshext.dll
2007-03-21 05:10 62336 --a------ C:\WINDOWS\system32\drivers\rspndr.sys
2007-03-21 05:10 59264 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2007-03-21 05:10 582656 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-03-21 05:10 57856 --a------ C:\WINDOWS\system32\spoolsv.exe
2007-03-21 05:10 55808 --a------ C:\WINDOWS\system32\twext.dll
2007-03-21 05:10 531568 --a------ C:\WINDOWS\system32\rmactivate_isv.exe
2007-03-21 05:10 519280 --a------ C:\WINDOWS\system32\secproc_isv.dll
2007-03-21 05:10 518768 --a------ C:\WINDOWS\system32\secproc.dll
2007-03-21 05:10 50176 --a------ C:\WINDOWS\system32\utilman.exe
2007-03-21 05:10 49152 --a------ C:\WINDOWS\system32\wdigest.dll
2007-03-21 05:10 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2007-03-21 05:10 399360 --a------ C:\WINDOWS\system32\rpcss.dll
2007-03-21 05:10 383488 --a------ C:\WINDOWS\system32\wzcdlg.dll
2007-03-21 05:10 36352 --a------ C:\WINDOWS\system32\tsgqec.dll
2007-03-21 05:10 360704 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-03-21 05:10 35840 --a------ C:\WINDOWS\system32\umandlg.dll
2007-03-21 05:10 358000 --a------ C:\WINDOWS\system32\rmactivate_ssp.exe
2007-03-21 05:10 354416 --a------ C:\WINDOWS\system32\rmactivate_ssp_isv.exe
2007-03-21 05:10 332928 --a------ C:\WINDOWS\system32\drivers\srv.sys
2007-03-21 05:10 30208 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\wshcon.dll
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\verclsid.exe
2007-03-21 05:10 26624 --a------ C:\WINDOWS\system32\verifier.dll
2007-03-21 05:10 249344 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-03-21 05:10 246814 --a------ C:\WINDOWS\system32\strmdll.dll
2007-03-21 05:10 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-03-21 05:10 225664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2007-03-21 05:10 218624 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-03-21 05:10 209280 --a------ C:\WINDOWS\system32\drivers\update.sys
2007-03-21 05:10 202496 --a------ C:\WINDOWS\system32\drivers\RMCast.sys
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp_isv.dll
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp.dll
2007-03-21 05:10 18392 --a------ C:\WINDOWS\system32\wups2.dll
2007-03-21 05:10 17152 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2007-03-21 05:10 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrrun.dll
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrobj.dll
2007-03-21 05:10 143488 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2007-03-21 05:10 132096 --a------ C:\WINDOWS\system32\wkssvc.dll
2007-03-21 05:10 123392 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-03-21 05:10 117760 --a------ C:\WINDOWS\system32\t2embed.dll
2007-03-21 05:10 114688 --a------ C:\WINDOWS\system32\wscript.exe
2007-03-21 05:10 10752 --a------ C:\WINDOWS\system32\rspndr.exe
2007-03-21 05:10 101376 --a------ C:\WINDOWS\system32\txflog.dll
2007-03-21 05:09 981760 --a------ C:\WINDOWS\system32\mfc42u.dll
2007-03-21 05:09 927504 --a------ C:\WINDOWS\system32\mfc40u.dll
2007-03-21 05:09 884736 --a------ C:\WINDOWS\system32\msimsg.dll
2007-03-21 05:09 84480 --a------ C:\WINDOWS\system32\pintool.exe
2007-03-21 05:09 838360 --a------ C:\WINDOWS\system32\mswdat10.dll
2007-03-21 05:09 82432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-03-21 05:09 79872 --a------ C:\WINDOWS\system32\msxml6r.dll
2007-03-21 05:09 78848 --a------ C:\WINDOWS\system32\msiexec.exe
2007-03-21 05:09 74752 --a------ C:\WINDOWS\system32\olecli32.dll
2007-03-21 05:09 73728 --a------ C:\WINDOWS\system32\mscms.dll
2007-03-21 05:09 72704 --a------ C:\WINDOWS\system32\magnify.exe
2007-03-21 05:09 726528 --a------ C:\WINDOWS\system32\lsasrv.dll
2007-03-21 05:09 701440 --a------ C:\WINDOWS\system32\msxml2.dll
2007-03-21 05:09 66560 --a------ C:\WINDOWS\system32\mtxclu.dll
2007-03-21 05:09 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2007-03-21 05:09 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2007-03-21 05:09 621272 --a------ C:\WINDOWS\system32\mswstr10.dll
2007-03-21 05:09 61440 --a------ C:\WINDOWS\system32\mmcshext.dll
2007-03-21 05:09 58880 --a------ C:\WINDOWS\system32\pnrpnsp.dll
2007-03-21 05:09 586240 --a------ C:\WINDOWS\system32\mlang.dll
2007-03-21 05:09 553984 --a------ C:\WINDOWS\system32\p2psvc.dll
2007-03-21 05:09 53760 --a------ C:\WINDOWS\system32\narrator.exe
2007-03-21 05:09 523376 --a------ C:\WINDOWS\system32\rmactivate.exe
2007-03-21 05:09 454656 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2007-03-21 05:09 43520 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-03-21 05:09 397312 --a------ C:\WINDOWS\system32\mmcex.dll
2007-03-21 05:09 386048 --a------ C:\WINDOWS\system32\qdvd.dll
2007-03-21 05:09 37376 --a------ C:\WINDOWS\system32\olecnv32.dll
2007-03-21 05:09 35840 --a------ C:\WINDOWS\system32\qfecheck.exe
2007-03-21 05:09 343040 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-03-21 05:09 33792 --a------ C:\WINDOWS\system32\mmcperf.exe
2007-03-21 05:09 323696 --a------ C:\WINDOWS\system32\msdrm.dll
2007-03-21 05:09 313344 --a------ C:\WINDOWS\system32\p2pgraph.dll
2007-03-21 05:09 298496 --a------ C:\WINDOWS\system32\kerberos.dll
2007-03-21 05:09 297472 --a------ C:\WINDOWS\system32\msctf.dll
2007-03-21 05:09 288768 --a------ C:\WINDOWS\system32\rhttpaa.dll
2007-03-21 05:09 2854400 --a------ C:\WINDOWS\system32\msi.dll
2007-03-21 05:09 271360 --a------ C:\WINDOWS\system32\msihnd.dll
2007-03-21 05:09 270336 --a------ C:\WINDOWS\system32\oakley.dll
2007-03-21 05:09 247808 --a------ C:\WINDOWS\system32\newdev.dll
2007-03-21 05:09 215552 --a------ C:\WINDOWS\system32\osk.exe
2007-03-21 05:09 19968 --a------ C:\WINDOWS\system32\linkinfo.dll
2007-03-21 05:09 197632 --a------ C:\WINDOWS\system32\netman.dll
2007-03-21 05:09 192512 --a------ C:\WINDOWS\system32\qcap.dll
2007-03-21 05:09 1913344 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2007-03-21 05:09 184320 --a------ C:\WINDOWS\system32\microsoft.managementconsole.dll
2007-03-21 05:09 178408 --a------ C:\WINDOWS\system32\muweb.dll
2007-03-21 05:09 174592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2007-03-21 05:09 1705472 --a------ C:\WINDOWS\system32\netshell.dll
2007-03-21 05:09 163456 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2007-03-21 05:09 163328 --a------ C:\WINDOWS\system32\mmcbase.dll
2007-03-21 05:09 15360 --a------ C:\WINDOWS\system32\msisip.dll
2007-03-21 05:09 153088 --a------ C:\WINDOWS\system32\p2p.dll
2007-03-21 05:09 1435648 --a------ C:\WINDOWS\system32\query.dll
2007-03-21 05:09 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2007-03-21 05:09 1354752 --a------ C:\WINDOWS\system32\mmc.exe
2007-03-21 05:09 1317648 --a------ C:\WINDOWS\system32\msxml6.dll
2007-03-21 05:09 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2007-03-21 05:09 1286656 --a------ C:\WINDOWS\system32\ole32.dll
2007-03-21 05:09 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2007-03-21 05:09 122880 --a------ C:\WINDOWS\system32\oledlg.dll
2007-03-21 05:09 115712 --a------ C:\WINDOWS\system32\p2pnetsh.dll
2007-03-21 05:09 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2007-03-21 05:09 106496 --a------ C:\WINDOWS\system32\mmcfxcommon.dll
2007-03-21 05:09 105088 --a------ C:\WINDOWS\system32\drivers\mup.sys
2007-03-21 05:09 104960 --a------ C:\WINDOWS\system32\p2pgasvc.dll
2007-03-21 05:08 98304 --a------ C:\WINDOWS\system32\cscript.exe
2007-03-21 05:08 96792 --a------ C:\WINDOWS\system32\basecsp.dll
2007-03-21 05:08 80896 --a------ C:\WINDOWS\system32\fontsub.dll
2007-03-21 05:08 77824 --a------ C:\WINDOWS\system32\browser.dll
2007-03-21 05:08 75736 --a------ C:\WINDOWS\system32\cdm.dll
2007-03-21 05:08 72704 --a------ C:\WINDOWS\system32\hlink.dll
2007-03-21 05:08 69120 --a------ C:\WINDOWS\system32\ciodm.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\authz.dll
2007-03-21 05:08 61952 --a------ C:\WINDOWS\system32\hdashcut.exe
2007-03-21 05:08 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2007-03-21 05:08 5120 --a------ C:\WINDOWS\system32\hdaudres.dll
2007-03-21 05:08 498742 --a------ C:\WINDOWS\system32\dxmasf.dll
2007-03-21 05:08 49536 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2007-03-21 05:08 42496 --a------ C:\WINDOWS\system32\ftp.exe
2007-03-21 05:08 41984 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2007-03-21 05:08 41472 --a------ C:\WINDOWS\system32\hhsetup.dll
2007-03-21 05:08 36921 --a------ C:\WINDOWS\system32\imeshare.dll
2007-03-21 05:08 36864 --a------ C:\WINDOWS\system32\drivers\hidclass.sys
2007-03-21 05:08 36096 --a------ C:\WINDOWS\system32\drivers\intelppm.sys
2007-03-21 05:08 28672 --a------ C:\WINDOWS\system32\dispex.dll
2007-03-21 05:08 262656 --a------ C:\WINDOWS\system32\drivers\http.sys
2007-03-21 05:08 25600 --a------ C:\WINDOWS\system32\bcsprsrc.dll
2007-03-21 05:08 254976 --a------ C:\WINDOWS\system32\icm32.dll
2007-03-21 05:08 25088 --a------ C:\WINDOWS\system32\hdaprop.dll
2007-03-21 05:08 243200 --a------ C:\WINDOWS\system32\es.dll
2007-03-21 05:08 2068480 --a------ C:\WINDOWS\system32\cdosys.dll
2007-03-21 05:08 198616 --a------ C:\WINDOWS\system32\iuengine.dll
2007-03-21 05:08 183808 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2007-03-21 05:08 155136 --a------ C:\WINDOWS\system32\itircl.dll
2007-03-21 05:08 151552 --a------ C:\WINDOWS\system32\ifxcardm.dll
2007-03-21 05:08 148480 --a------ C:\WINDOWS\system32\cic.dll
2007-03-21 05:08 145920 --a------ C:\WINDOWS\system32\drivers\hdaudio.sys
2007-03-21 05:08 138752 --a------ C:\WINDOWS\system32\drivers\hdaudbus.sys
2007-03-21 05:08 137216 --a------ C:\WINDOWS\system32\itss.dll
2007-03-21 05:08 136320 --a------ C:\WINDOWS\system32\drivers\ipnat.sys
2007-03-21 05:08 133120 --a------ C:\WINDOWS\system32\axaltocm.dll
2007-03-21 05:08 123392 --a------ C:\WINDOWS\system32\input.dll
2007-03-21 05:08 116736 --a------ C:\WINDOWS\system32\aaclient.dll
2007-03-21 05:08 1082368 --a------ C:\WINDOWS\system32\esent.dll
2007-03-21 05:08 10752 --a------ C:\WINDOWS\hh.exe
2007-03-21 05:08 1033216 --a------ C:\WINDOWS\explorer.exe
2007-03-21 05:08 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2007-03-17 08:45 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-14 19:27 972336 --a------ C:\WINDOWS\unrecode.exe
2007-03-14 19:20 133168 --a------ C:\WINDOWS\system32\drivers\imagesrv.sys
2007-03-14 19:20 11568 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2007-03-14 19:19 972336 --a------ C:\WINDOWS\unnerobackitup.exe
2007-03-14 19:19 95864 --a------ C:\WINDOWS\system32\neroco.dll
2007-03-12 13:51 972336 --a------ C:\WINDOWS\unneromediahome.exe
2007-03-08 10:48 578048 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 10:48 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 10:48 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 08:49 1843968 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-28 20:53 972336 --a------ C:\WINDOWS\unnerovision.exe
2007-02-28 15:41 972336 --a------ C:\WINDOWS\unneroshowtime.exe
2007-02-28 12:50 777216 --a------ C:\WINDOWS\system32\the_lost_watch_3d_screensaver.scr
2007-02-28 12:50 776192 --a------ C:\WINDOWS\system32\mechanical_clock_3d_screensaver.scr
2007-02-28 12:50 2948608 --a------ C:\WINDOWS\system32\the lost watch 3d screensaver.exe
2007-02-28 12:50 2414592 --a------ C:\WINDOWS\system32\mechanical clock 3d screensaver.exe
2007-02-10 21:18 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2007-02-05 15:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar1.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NVMixerTray"="\"C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\""
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\Setup]
"Registrando Panda ActiveX"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\as.dll"
"Registrando Panda Almacen"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\pavpz.dll"
"Registering ActiveScan controles"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\ascontrol.dll"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32"
"IE7-11"=hex(2):72,75,6e,64,6c,6c,33,32,20,61,64,76,70,61,63,6b,2e,64,6c,6c,2c,\
4c,61,75,6e,63,68,49,4e,46,53,65,63,74,69,6f,6e,20,4e,52,5f,49,45,37,65,6e,\
2e,69,6e,66,2c,41,66,74,65,72,55,73,65,72,53,74,61,72,74,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}"=""

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-04 14:39:39
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 07-05-04 14:39:49 - machine was rebooted
C:\ComboFix-quarantined-files.txt ... 07-05-04 14:39

#10 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 04 May 2007 - 06:39 PM

That link you posted suggest deletions from the registry without using the Service Controller to remove the service, so perhaps not the best choice when addressing such infections. I would like to to delete and additional data file that came with this infection though. That long list of files indicates some recent software updates/installs by you, and I admit I am not sure in that very long list exactly what you are referring to with "that DEALIOKIT monster', so post back info on that if you would. if any of those many screensavers were free, or especially if they are products of freeze.com, they are suspect of adware.


We need to make sure all hidden files are showing:
* Click Start.
* Open My Computer.
* Select the Tools menu and click Folder Options.
* Select the View Tab.
* Under the Hidden files and folders heading select Show hidden files and folders.
* Uncheck the Hide protected operating system files (recommended) option.
* Click Yes to confirm.
* Click OK.


Then do a search ( Start - Search/Find - Files or Folders) for the following hilighted files/folders (shown in Bold), and if found, delete them.

C:\Windows\System32\drivers\core.cache.dsk


If you have difficulties removing that open HijackThis, and choose None of the above, just start the program. Click Config Misc Tools - Delete File on Reboot. Navigate to that file, double-click on it, and say Yes and allow it to reboot.



Then it is time for a decent on hand scan there.


Download the trial version of AVG Anti-Spyware 7.5 from here and install it.

If you have an exisiting copy of Ewido (which this software replaces), agree to the uninstall notification and uninstall Ewido. Reboot after. Then click the AVG download file again to install the software. (If you have a paid version of Ewido installed, go here to follow the steps to upgrade that now.)



After installation, double-click the icon on your Desktop to launch AVG Anti-Spyware 7.5.

On the top of the main screen click Shield. Then click the word active to change it to inactive.

You will need to also update AVG Anti-Spyware 7.5 to the latest definition files. On the top of the main screen click Update. Then click on Start Update. The update will start and a progress bar will show the updates being installed.

Now close AVG Anti-Spyware 7.5 (don't scan just yet).

-------------------

Go Here and download ATF cleaner. Click on the downloaded file to run it, and select "Select All", then click Empty Selected (and close ATF).

If you have them, also click on Firefox/Opera at the top and repeat the steps (and close ATF). Firefox/Opera will need to be closed first for the cleaning to be effective.

================================================

Reboot into Safe Mode (at startup tap the F8 key and select Safe Mode).



Make sure all windows are closed and run AVG Anti-Spyware 7.5. Click Scanner, then click on the Scan tab. Click Complete System Scan to begin scanning. When the scan is complete click Recommended Action and change it to Quarantine. Then click Apply all actions.

Once the scan has finished, click the Save report button, then click Save Report As. This will create a text file. Make sure you know where to find this file again.

-------------------------------------

Reboot to normal mode and run and post back a new ComboFix scan, along with the AVG log please (and info on this DEALIOKIT item).
Ad eundum quo no duck ante iit

#11 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 10:39 PM

Due to the size of the logs, I'll split them like last time.

The Dealio thing is basically a search thing that was attached to a screensaver. During install I opted NOT to install it, but it did it anyway. Then I removed it with Add/Remove Programs, said it removed it, but it's still there. It watches what you type in search engines and brings up it's own results box in a new window. Annoying as anything. Part of the reason I had ZA kill IE when it started.

As for all the installs, I just put this computer together 2 weeks ago and was loading a CD of stuff from a friend, Firefox, ePrompter, Adaware, that kind of stuff. He said the screensavers were cool. There were only 2 from Freeze.com. I'll be getting rid of them after we're done with this (the ones from Freeze.com, that is).

Here's the AVG report:

---------------------------------------------------------
AVG Anti-Spyware - Scan Report
---------------------------------------------------------

+ Created at: 9:59:59 PM 5/4/2007

+ Scan result:



C:\QooBox\Quarantine\C\WINDOWS\system32\drivers\core.sys.vir -> Adware.Salix : Cleaned with backup (quarantined).
C:\System Volume Information\_restore{95BA5E09-4B57-42B8-B8AE-9CEC53DF2CF9}\RP27\A0002046.sys -> Adware.Salix : Cleaned with backup (quarantined).
F:\From James\AquaReal 3D Aquarium Screensaver.zip/AquaReal 3D Aquarium Screensaver/AqRe.exe -> Dropper.Microjoin.h : Cleaned with backup (quarantined).
:mozilla.174:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.77:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.2o7 : Cleaned.
:mozilla.112:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.113:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.114:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.115:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Clickzs : Cleaned.
:mozilla.89:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Com : Cleaned.
:mozilla.313:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Cqcounter : Cleaned.
:mozilla.372:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Googleadservices : Cleaned.
:mozilla.184:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.185:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Imrworldwide : Cleaned.
:mozilla.339:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Information : Cleaned.
:mozilla.334:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Masterstats : Cleaned.
:mozilla.381:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Paypal : Cleaned.
:mozilla.100:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.101:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.102:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.103:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.104:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.105:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.106:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.107:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.108:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.109:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.110:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.95:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.96:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.97:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.98:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.99:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Sexcounter : Cleaned.
:mozilla.335:F:\Backup\Documents and Settings\Jon\Application Data\Mozilla\Firefox\Profiles\t2jh5b1l.default\cookies.txt -> TrackingCookie.Webtrends : Cleaned.
C:\WINDOWS\system32\update.exe -> Trojan.Agent : Cleaned with backup (quarantined).
F:\From James\6 3D Screensavers\mars_3d_space_tour\mars.3d.space.tour.screensaver.1.0.exe -> Trojan.Feutel.av : Cleaned with backup (quarantined).


::Report end

#12 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 10:45 PM

Here's the first part of the ComboFix report:


"Jon" - 07-05-04 22:06:07 Service Pack 2
ComboFix 07-04-25.4V - Running from: "C:\Documents and Settings\Jon\Desktop\"


((((((((((((((((((((((((((((((( Files Created from 2007-04-04 to 2007-05-04 ))))))))))))))))))))))))))))))))))


2007-05-04 19:29 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-05-04 16:10 <DIR> dr------- C:\DOCUME~1\Jon\APPLIC~1\Brother
2007-05-04 16:06 <DIR> d-------- C:\Program Files\EPSON
2007-05-04 14:39 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-05-03 14:16 <DIR> d-------- C:\Program Files\Trillian
2007-04-29 15:00 759,808 --a------ C:\WINDOWS\system32\Clock_Tower_3D_Screensaver.scr
2007-04-29 15:00 14,316,032 --a------ C:\WINDOWS\system32\Clock Tower 3D Screensaver.exe
2007-04-29 14:56 768,512 --a------ C:\WINDOWS\system32\Earth_3D_Screensaver.scr
2007-04-29 14:56 13,243,392 --a------ C:\WINDOWS\system32\Earth 3D Screensaver.exe
2007-04-29 14:52 772,608 --a------ C:\WINDOWS\system32\Coral_Clock_3D_Screensaver.scr
2007-04-29 14:52 10,982,912 --a------ C:\WINDOWS\system32\Coral Clock 3D Screensaver.exe
2007-04-29 00:42 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-04-28 13:39 <DIR> d-------- C:\WINDOWS\BDOSCAN8
2007-04-28 13:28 <DIR> d-------- C:\DOCUME~1\Jon\.housecall6.6
2007-04-28 13:11 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Spybot - Search & Destroy
2007-04-27 23:35 <DIR> d-------- C:\Program Files\Google
2007-04-27 23:35 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Google
2007-04-27 23:35 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google Updater
2007-04-27 23:24 1,481,198 --a------ C:\WINDOWS\Lewd Leprechauns Full.scr
2007-04-27 09:10 <DIR> d-------- C:\WINDOWS\system32\appmgmt
2007-04-27 00:32 290,816 --a------ C:\WINDOWS\Living 3D Dolphins Full.scr
2007-04-27 00:32 <DIR> d-------- C:\Program Files\ScreenSaver.com
2007-04-26 23:47 2,226,176 --a------ C:\WINDOWS\system32\3D Solar System.scr
2007-04-26 23:24 1 --a------ C:\WINDOWS\system32\sav80231.sys
2007-04-26 16:16 131,072 --a------ C:\WINDOWS\SNVerifyDLL.dll
2007-04-26 16:16 1,032,192 --a------ C:\WINDOWS\AquaReal.scr
2007-04-26 16:09 1 --a------ C:\WINDOWS\system32\sav87312.sys
2007-04-26 16:07 5,570,560 --a------ C:\WINDOWS\system32\3D Galaxy Journey.scr
2007-04-26 16:07 291,776 --a------ C:\WINDOWS\system32\DealioKit97-stub-0.exe
2007-04-26 15:58 8,773,632 --a------ C:\WINDOWS\system32\Japanese Garden 3D Screensaver.scr
2007-04-26 15:58 528,384 --a------ C:\WINDOWS\system32\Astro Gemini Screensaver Manager.scr
2007-04-26 15:58 <DIR> d-------- C:\Program Files\Astro Gemini Software
2007-04-26 15:32 4,563,968 --a------ C:\WINDOWS\system32\Ocean.scr
2007-04-26 15:12 883,200 --a------ C:\WINDOWS\system32\Lagoon_3D_Screensaver.scr
2007-04-26 15:12 10,638,336 --a------ C:\WINDOWS\system32\Lagoon 3D Screensaver.exe
2007-04-26 14:50 1,175,700 --a------ C:\WINDOWS\system32\RainySs.scr
2007-04-26 14:43 8,358,400 --a------ C:\WINDOWS\system32\Ice Clock 3D Screensaver.exe
2007-04-26 14:43 740,352 --a------ C:\WINDOWS\system32\Ice_Clock_3D_Screensaver.scr
2007-04-26 14:43 409,600 --a------ C:\WINDOWS\system32\3Planesoft_Screensaver_Manager.scr
2007-04-26 14:43 <DIR> d-------- C:\WINDOWS\system32\3Planesoft
2007-04-26 14:43 <DIR> d-------- C:\Screensavers
2007-04-26 14:43 <DIR> d-------- C:\Program Files\3Planesoft Screensaver Manager
2007-04-24 23:20 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
2007-04-24 23:18 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-04-24 23:18 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Windows Genuine Advantage
2007-04-24 23:13 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-04-24 16:35 <DIR> d--h----- C:\WINDOWS\Icons
2007-04-23 17:17 2,277,376 --a------ C:\WINDOWS\system32\TUKernel.exe
2007-04-23 17:06 24,072 --a------ C:\WINDOWS\system32\uxtuneup.dll
2007-04-23 17:06 <DIR> d-------- C:\Program Files\TuneUp Utilities 2007
2007-04-23 17:06 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\TuneUp Software
2007-04-23 17:05 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-04-23 17:05 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\TuneUp Software
2007-04-23 16:37 <DIR> d-------- C:\Program Files\Ad-Aware SE Personal
2007-04-23 16:37 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Lavasoft
2007-04-23 16:33 176,235 --a------ C:\WINDOWS\system32\Primomonnt.dll
2007-04-23 16:33 <DIR> d-------- C:\WINDOWS\PrimoPDF
2007-04-23 16:33 <DIR> d-------- C:\Program Files\PrimoPDF
2007-04-23 16:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Google
2007-04-23 16:11 <DIR> d-------- C:\WINDOWS\Magic Ball 3
2007-04-23 16:02 <DIR> d--hs---- C:\RECYCLER
2007-04-23 15:44 <DIR> d-------- C:\Games
2007-04-23 15:37 <DIR> d-------- C:\Program Files\Alcohol Soft
2007-04-23 15:26 639,224 --a------ C:\WINDOWS\system32\drivers\sptd.sys
2007-04-23 15:13 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\Ahead
2007-04-23 15:12 <DIR> d-------- C:\Program Files\Nero
2007-04-23 15:12 <DIR> d-------- C:\Program Files\Common Files\Ahead
2007-04-23 15:12 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Nero
2007-04-23 15:01 24,816 --a------ C:\WINDOWS\system32\mdimon.dll
2007-04-23 15:00 <DIR> d-------- C:\Program Files\Microsoft ActiveSync
2007-04-23 14:59 <DIR> d-------- C:\WINDOWS\SHELLNEW
2007-04-23 14:59 <DIR> d-------- C:\Program Files\Microsoft.NET
2007-04-23 14:49 <DIR> d-------- C:\WINDOWS\system32\inf32
2007-04-23 14:49 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\GPSoftware
2007-04-23 14:48 1,044,480 --a------ C:\WINDOWS\system32\ROBOEX32.DLL
2007-04-23 14:48 <DIR> d-------- C:\Program Files\Directory Opus
2007-04-23 14:40 1,395 --a------ C:\WINDOWS\mozver.dat
2007-04-23 14:39 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-23 14:37 <DIR> d-------- C:\Program Files\ePrompter
2007-04-23 14:32 <DIR> d-------- C:\Program Files\LTFViewer
2007-04-23 14:24 512 --a------ C:\ScanSectorLog.dat
2007-04-23 14:21 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\MailFrontier
2007-04-23 14:15 12,056,608 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2007-04-23 14:15 1,520,672 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2007-04-23 14:13 4,212 ---h----- C:\WINDOWS\system32\zllictbl.dat
2007-04-23 14:12 75,512 --a------ C:\WINDOWS\zllsputility.exe
2007-04-23 14:12 11,264 --a------ C:\WINDOWS\system32\SpOrder.dll
2007-04-23 14:12 1,087,216 --a------ C:\WINDOWS\system32\zpeng24.dll
2007-04-23 14:12 <DIR> d-------- C:\WINDOWS\system32\ZoneLabs
2007-04-23 14:12 <DIR> d-------- C:\WINDOWS\Internet Logs
2007-04-20 12:22 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-20 12:22 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-20 12:22 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-20 12:22 6,272 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-20 12:22 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-20 12:22 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-20 12:22 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-20 12:22 466,944 --a------ C:\WINDOWS\system32\CapabilityTable.exe
2007-04-20 12:22 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-20 12:22 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-20 12:22 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-20 12:22 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-20 12:22 <DIR> d-------- C:\Program Files\NVIDIA Corporation
2007-04-20 12:22 <DIR> d-------- C:\Program Files\Common Files\NVIDIA Shared
2007-04-20 12:21 937,984 -ra------ C:\WINDOWS\system32\drivers\nvmcp.sys
2007-04-20 12:21 93,568 -ra------ C:\WINDOWS\system32\drivers\nvata.sys
2007-04-20 12:21 7,680 -ra------ C:\WINDOWS\system32\nvack.dll
2007-04-20 12:21 66,688 -ra------ C:\WINDOWS\system32\drivers\nvarm.sys
2007-04-20 12:21 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-20 12:21 54,272 -ra------ C:\WINDOWS\system32\nvopenal.dll
2007-04-20 12:21 53,376 -ra------ C:\WINDOWS\system32\drivers\nvax.sys
2007-04-20 12:21 5,120 -ra------ C:\WINDOWS\system32\ALut.dll
2007-04-20 12:21 414,464 -ra------ C:\WINDOWS\system32\drivers\nvapu.sys
2007-04-20 12:21 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-20 12:21 33,280 -ra------ C:\WINDOWS\system32\NVCOI.DLL
2007-04-20 12:21 32,256 -ra------ C:\WINDOWS\system32\NVCOAD.DLL
2007-04-20 12:21 30,208 -ra------ C:\WINDOWS\system32\nvasio.dll
2007-04-20 12:21 289,792 -ra------ C:\WINDOWS\system32\idecoins.dll
2007-04-20 12:21 289,792 -ra------ C:\WINDOWS\system32\idecoi.dll
2007-04-20 12:21 21,504 -ra------ C:\WINDOWS\system32\OpenAL32.dll
2007-04-20 12:21 176,128 --a------ C:\WINDOWS\system32\nvuaudio.exe
2007-04-20 12:21 176,128 --------- C:\WINDOWS\system32\nvuide.exe
2007-04-20 12:21 146,048 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-20 12:21 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-04-20 12:20 612 -ra------ C:\WINDOWS\system32\drivers\nvphy.bin
2007-04-20 12:20 35,840 -ra------ C:\WINDOWS\system32\nvconrm.dll
2007-04-20 12:20 34,944 -ra------ C:\WINDOWS\system32\drivers\NVENETFD.sys
2007-04-20 12:20 309,376 -ra------ C:\WINDOWS\system32\drivers\nvnrm.sys
2007-04-20 12:20 222,720 -ra------ C:\WINDOWS\system32\drivers\nvsnpu.sys
2007-04-20 12:20 208,896 -ra------ C:\WINDOWS\system32\nvusmb.exe
2007-04-20 12:20 208,896 -ra------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-20 12:20 208,896 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-20 12:20 200,704 -ra------ C:\WINDOWS\system32\fdco1ins.dll
2007-04-20 12:20 200,704 -ra------ C:\WINDOWS\system32\fdco1.dll
2007-04-20 12:20 13,184 -ra------ C:\WINDOWS\system32\drivers\nvnetbus.sys
2007-04-20 12:20 102,144 -ra------ C:\WINDOWS\system32\drivers\nvtcp.sys
2007-04-20 12:20 10,752 -ra------ C:\WINDOWS\system32\bdco1ins.dll
2007-04-20 12:20 10,752 -ra------ C:\WINDOWS\system32\bdco1.dll
2007-04-20 12:20 <DIR> d-------- C:\WINDOWS\NV9922332.TMP
2007-04-20 12:19 306,688 --a------ C:\WINDOWS\IsUninst.exe
2007-04-20 12:19 <DIR> d-------- C:\Program Files\Driver
2007-04-20 12:18 13,696 -ra------ C:\WINDOWS\system32\drivers\BIOS.sys
2007-04-20 09:12 <DIR> d-------- C:\Program Files\MSXML 4.0
2007-04-20 08:46 <DIR> d-------- C:\Program Files\Microsoft Games
2007-04-20 08:44 <DIR> d-------- C:\DOCUME~1\Jon\APPLIC~1\ATI
2007-04-20 08:40 <DIR> d-------- C:\Program Files\Common Files\ATI Technologies
2007-04-20 08:37 520,192 --------- C:\WINDOWS\system32\ati2sgag.exe
2007-04-20 08:37 307,200 -ra------ C:\WINDOWS\system32\atiiiexx.dll
2007-04-20 08:37 3,107,788 -ra------ C:\WINDOWS\system32\ativvaxx.dat
2007-04-20 08:37 142,347 -ra------ C:\WINDOWS\system32\atiicdxx.dat
2007-04-20 08:36 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-04-20 08:36 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-04-20 08:36 <DIR> d-------- C:\Program Files\ATI Technologies
2007-04-20 08:33 2,097,152 --ah----- C:\DOCUME~1\Jon\NTUSER.DAT
2007-04-20 08:32 262,144 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-04-20 08:32 <DIR> d-------- C:\WINDOWS\Prefetch
2007-04-20 07:59 262,144 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-04-20 07:56 233,472 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-04-20 07:56 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-20 07:56 0 -rahs---- C:\MSDOS.SYS
2007-04-20 07:56 0 -rahs---- C:\IO.SYS
2007-04-20 07:56 0 --a------ C:\CONFIG.SYS
2007-04-20 07:56 0 --a------ C:\AUTOEXEC.BAT
2007-04-20 07:56 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-04-20 07:56 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-04-20 07:55 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-04-20 07:55 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-04-20 07:55 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-04-20 07:54 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-20 07:54 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-20 07:54 8,192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-20 07:54 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-20 07:54 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-20 07:54 7,168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-20 07:54 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-20 07:54 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-20 07:54 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-20 07:54 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-04-20 07:54 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-20 07:54 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-20 07:54 465,368 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-20 07:54 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-20 07:54 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-20 07:54 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-20 07:54 41,432 --a------ C:\WINDOWS\system32\wups.dll
2007-04-20 07:54 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-20 07:54 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-20 07:54 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-20 07:54 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-20 07:54 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-20 07:54 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-20 07:54 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-20 07:54 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-20 07:54 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-20 07:54 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-20 07:54 23,040 --a------ C:\WINDOWS\system32\fltMc.exe
2007-04-20 07:54 194,520 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-20 07:54 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-20 07:54 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-20 07:54 18,392 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-20 07:54 174,040 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-20 07:54 172,504 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-20 07:54 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-20 07:54 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-20 07:54 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-20 07:54 128,768 --a------ C:\WINDOWS\system32\drivers\fltMgr.sys
2007-04-20 07:54 127,448 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-20 07:54 124,376 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-20 07:54 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-20 07:54 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-20 07:54 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-20 07:54 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-20 07:54 1,353,688 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-20 07:54 <DIR> d---s---- C:\WINDOWS\Tasks
2007-04-20 07:54 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-04-20 07:54 <DIR> d-------- C:\WINDOWS\srchasst
2007-04-20 07:54 <DIR> d-------- C:\Program Files\Movie Maker
2007-04-20 07:54 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-04-20 07:53 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-04-20 07:53 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-04-20 07:53 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-04-20 07:53 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-04-20 07:53 <DIR> d-------- C:\WINDOWS\Registration
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Windows Media Connect 2
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Online Services
2007-04-20 07:53 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-04-20 07:53 <DIR> d-------- C:\Program Files\Messenger
2007-04-20 07:52 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-20 07:52 956,928 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-20 07:52 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-20 07:52 91,648 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-20 07:52 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-20 07:52 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-20 07:52 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-20 07:52 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-20 07:52 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-20 07:52 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-20 07:52 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-20 07:52 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-20 07:52 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-20 07:52 600,576 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-20 07:52 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-20 07:52 60,416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-20 07:52 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-20 07:52 59,392 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-20 07:52 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-20 07:52 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-20 07:52 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-20 07:52 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-20 07:52 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-20 07:52 539,648 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-20 07:52 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-20 07:52 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-20 07:52 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-20 07:52 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-20 07:52 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-20 07:52 427,520 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-20 07:52 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-20 07:52 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-20 07:52 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-20 07:52 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-20 07:52 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-20 07:52 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-20 07:52 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-20 07:52 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-20 07:52 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-20 07:52 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-20 07:52 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-20 07:52 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-20 07:52 225,792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-20 07:52 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-20 07:52 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-20 07:52 20,992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-20 07:52 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-20 07:52 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-20 07:52 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-20 07:52 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-20 07:52 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-20 07:52 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-20 07:52 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-20 07:52 161,792 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-20 07:52 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-20 07:52 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-20 07:52 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-20 07:52 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-20 07:52 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-20 07:52 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-20 07:52 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-20 07:52 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-20 07:52 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-20 07:52 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-20 07:52 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-20 07:52 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-20 07:52 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-20 07:52 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-20 07:52 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-20 07:52 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-20 07:52 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-20 07:52 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-20 07:52 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-20 07:52 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-20 07:52 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-20 07:52 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-20 07:52 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-20 07:52 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-20 07:52 1,866,240 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-20 07:52 1,269,248 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-20 07:52 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-20 07:52 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-04-20 07:52 <DIR> d-------- C:\WINDOWS\system32\Com
2007-04-20 07:52 <DIR> d-------- C:\Program Files\Windows NT
2007-04-19 18:41 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-19 18:41 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-04-19 18:40 74,240 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-19 18:39 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-19 18:39 9,008 --a------ C:\WINDOWS\system\VER.DLL
2007-04-19 18:39 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-19 18:39 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-19 18:39 8,704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-19 18:39 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-19 18:39 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-19 18:39 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-04-19 18:39 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-19 18:39 69,120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-04-19 18:39 68,768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-04-19 18:39 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-19 18:39 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-19 18:39 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-19 18:39 5,120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-19 18:39 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-19 18:39 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-19 18:39 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-19 18:39 19,200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-19 18:39 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-19 18:39 15,360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-19 18:39 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-19 18:39 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-19 18:39 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-19 18:39 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-19 18:39 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-19 18:39 <DIR> dr------- C:\Program Files
2007-04-19 18:39 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2007-04-19 18:39 <DIR> d--hs---- C:\WINDOWS\Installer
2007-04-19 18:39 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-04-19 18:39 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-04-19 18:38 <DIR> d--hs---- C:\System Volume Information
2007-04-19 18:38 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-19 18:38 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-04-19 18:38 <DIR> d-------- C:\Documents and Settings
2007-04-19 18:34 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-04-19 18:34 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-04-19 18:34 <DIR> dr------- C:\WINDOWS\Web
2007-04-19 18:34 <DIR> d--h----- C:\WINDOWS\inf
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\WinSxS
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\twain_32
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\wins
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\spool
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ras
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\npp
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\mui
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\IME
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\ias
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\export
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\config
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\3076
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\2052
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1054
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1042
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1041
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1037
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1033
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1031
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1028
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32\1025
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system32
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\system
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\security
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Resources
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\repair
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Provisioning
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\PeerNet
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\pchealth
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Network Diagnostic
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\mui
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\msapps
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\msagent
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Media
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\l2schemas
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\ime
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Help
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\ehome
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Debug
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Cursors
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\Config
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\AppPatch
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS\addins
2007-04-19 18:34 <DIR> d-------- C:\WINDOWS

#13 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 04 May 2007 - 10:47 PM

And here's the end of the ComboFix Report:


(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2007-04-19 18:39 62 --ahs---- C:\DOCUME~1\Jon\APPLIC~1\desktop.ini
2007-03-21 05:18 86073 --a------ C:\WINDOWS\system32\usrfaxa.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\tsbyuv.dll
2007-03-21 05:18 8192 --a------ C:\WINDOWS\system32\streamci.dll
2007-03-21 05:18 80128 --a------ C:\WINDOWS\system32\drivers\parport.sys
2007-03-21 05:18 77891 --a------ C:\WINDOWS\system32\usrmlnka.exe
2007-03-21 05:18 77890 --a------ C:\WINDOWS\system32\usrdpa.dll
2007-03-21 05:18 77883 --a------ C:\WINDOWS\system32\usrrtosa.dll
2007-03-21 05:18 72192 --a------ C:\WINDOWS\system32\sprio800.dll
2007-03-21 05:18 70656 --a------ C:\WINDOWS\system32\sprio600.dll
2007-03-21 05:18 69700 --a------ C:\WINDOWS\system32\usrshuta.exe
2007-03-21 05:18 69699 --a------ C:\WINDOWS\system32\usrcoina.dll
2007-03-21 05:18 69632 --a------ C:\WINDOWS\system32\spnike.dll
2007-03-21 05:18 63744 --a------ C:\WINDOWS\system32\drivers\mf.sys
2007-03-21 05:18 61824 --a------ C:\WINDOWS\system32\drivers\nic1394.sys
2007-03-21 05:18 61508 --a------ C:\WINDOWS\system32\usrprbda.exe
2007-03-21 05:18 61500 --a------ C:\WINDOWS\system32\usrcntra.dll
2007-03-21 05:18 60800 --a------ C:\WINDOWS\system32\drivers\arp1394.sys
2007-03-21 05:18 58112 --a------ C:\WINDOWS\system32\drivers\vdmindvd.sys
2007-03-21 05:18 55296 --a------ C:\WINDOWS\system32\dvdplay.exe
2007-03-21 05:18 53305 --a------ C:\WINDOWS\system32\usrlbva.dll
2007-03-21 05:18 52736 --a------ C:\WINDOWS\system32\wzcsapi.dll
2007-03-21 05:18 52224 --a------ C:\WINDOWS\system32\dmutil.dll
2007-03-21 05:18 51712 --a------ C:\WINDOWS\system32\drivers\tosdvd.sys
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrvpa.dll
2007-03-21 05:18 49211 --a------ C:\WINDOWS\system32\usrsdpia.dll
2007-03-21 05:18 49209 --a------ C:\WINDOWS\system32\usrv80a.dll
2007-03-21 05:18 476160 --a------ C:\WINDOWS\system32\wzcsvc.dll
2007-03-21 05:18 47616 --a------ C:\WINDOWS\system32\iyuv_32.dll
2007-03-21 05:18 47104 --a------ C:\WINDOWS\system32\cnbjmon.dll
2007-03-21 05:18 45116 --a------ C:\WINDOWS\system32\usrvoica.dll
2007-03-21 05:18 4352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2007-03-21 05:18 42496 --a------ C:\WINDOWS\system32\drivers\p3.sys
2007-03-21 05:18 41019 --a------ C:\WINDOWS\system32\usrsvpia.dll
2007-03-21 05:18 37376 --a------ C:\WINDOWS\system32\drivers\amdk7.sys
2007-03-21 05:18 36992 --a------ C:\WINDOWS\system32\drivers\amdk6.sys
2007-03-21 05:18 36480 --a------ C:\WINDOWS\system32\drivers\crusoe.sys
2007-03-21 05:18 35456 --a------ C:\WINDOWS\system32\drivers\processr.sys
2007-03-21 05:18 35328 --a------ C:\WINDOWS\system32\pid.dll
2007-03-21 05:18 323641 --a------ C:\WINDOWS\system32\usrdtea.dll
2007-03-21 05:18 3200 --a------ C:\WINDOWS\system32\wowfax.dll
2007-03-21 05:18 30080 --a------ C:\WINDOWS\system32\drivers\modem.sys
2007-03-21 05:18 262528 --a------ C:\WINDOWS\system32\drivers\cinemst2.sys
2007-03-21 05:18 25472 --a------ C:\WINDOWS\system32\drivers\sonydcam.sys
2007-03-21 05:18 23936 --a------ C:\WINDOWS\system32\drivers\usbcamd2.sys
2007-03-21 05:18 23808 --a------ C:\WINDOWS\system32\drivers\usbcamd.sys
2007-03-21 05:18 23040 --a------ C:\WINDOWS\system32\drivers\mouclass.sys
2007-03-21 05:18 21376 --a------ C:\WINDOWS\system32\drivers\tsbvcap.sys
2007-03-21 05:18 20992 --a------ C:\WINDOWS\system32\hid.dll
2007-03-21 05:18 18688 --a------ C:\WINDOWS\system32\drivers\cdaudio.sys
2007-03-21 05:18 17408 --a------ C:\WINDOWS\system32\msyuv.dll
2007-03-21 05:18 16000 --a------ C:\WINDOWS\system32\drivers\usbintel.sys
2007-03-21 05:18 157696 --a------ C:\WINDOWS\system32\paqsp.dll
2007-03-21 05:18 15488 --a------ C:\WINDOWS\system32\drivers\mssmbios.sys
2007-03-21 05:18 15360 --a------ C:\WINDOWS\system32\pjlmon.dll
2007-03-21 05:18 147968 --a------ C:\WINDOWS\system32\mdwmdmsp.dll
2007-03-21 05:18 14592 --a------ C:\WINDOWS\system32\drivers\ndisuio.sys
2007-03-21 05:18 13824 --a------ C:\WINDOWS\system32\wowfaxui.dll
2007-03-21 05:18 12416 --a------ C:\WINDOWS\system32\drivers\tunmp.sys
2007-03-21 05:18 12160 --a------ C:\WINDOWS\system32\drivers\fsvga.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\riodrv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\rio8drv.sys
2007-03-21 05:18 12032 --a------ C:\WINDOWS\system32\drivers\nikedrv.sys
2007-03-21 05:18 11776 --a------ C:\WINDOWS\system32\drivers\cpqdap01.sys
2007-03-21 05:18 102457 --a------ C:\WINDOWS\system32\usrv42a.dll
2007-03-21 05:12 99840 --a------ C:\WINDOWS\system32\wmpshell.dll
2007-03-21 05:12 95344 --a------ C:\WINDOWS\system32\wudfcoinstaller.dll
2007-03-21 05:12 82944 --a------ C:\WINDOWS\system32\drivers\wudfrd.sys
2007-03-21 05:12 8231936 --a------ C:\WINDOWS\system32\wmploc.dll
2007-03-21 05:12 77568 --a------ C:\WINDOWS\system32\drivers\wudfpf.sys
2007-03-21 05:12 767488 --a------ C:\WINDOWS\system32\wmvsencd.dll
2007-03-21 05:12 656896 --a------ C:\WINDOWS\system32\wmvxencd.dll
2007-03-21 05:12 63488 --a------ C:\WINDOWS\system32\wpdmtpus.dll
2007-03-21 05:12 629760 --a------ C:\WINDOWS\system32\wpd_ci.dll
2007-03-21 05:12 613376 --a------ C:\WINDOWS\system32\wmpmde.dll
2007-03-21 05:12 603648 --a------ C:\WINDOWS\system32\wmspdmod.dll
2007-03-21 05:12 55808 --a------ C:\WINDOWS\system32\wudfsvc.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvdmod.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadve.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmvadvd.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2007-03-21 05:12 4096 --a------ C:\WINDOWS\system32\wmsdmod.dll
2007-03-21 05:12 38528 --a------ C:\WINDOWS\system32\drivers\wpdusb.sys
2007-03-21 05:12 38400 --a------ C:\WINDOWS\system32\wpdshextres.dll
2007-03-21 05:12 35840 --a------ C:\WINDOWS\system32\wpdconns.dll
2007-03-21 05:12 356352 --a------ C:\WINDOWS\system32\wpdsp.dll
2007-03-21 05:12 316416 --a------ C:\WINDOWS\system32\wudfx.dll
2007-03-21 05:12 2603008 --a------ C:\WINDOWS\system32\wpdshext.dll
2007-03-21 05:12 204288 --a------ C:\WINDOWS\system32\wmpsrcwp.dll
2007-03-21 05:12 17408 --a------ C:\WINDOWS\system32\wpdshextautoplay.exe
2007-03-21 05:12 165376 --a------ C:\WINDOWS\system32\wudfplatform.dll
2007-03-21 05:12 1574912 --a------ C:\WINDOWS\system32\wmvencod.dll
2007-03-21 05:12 154624 --a------ C:\WINDOWS\system32\wpdmtp.dll
2007-03-21 05:12 1543680 --a------ C:\WINDOWS\system32\wmvdecod.dll
2007-03-21 05:12 146432 --a------ C:\WINDOWS\system32\wudfhost.exe
2007-03-21 05:12 1382912 --a------ C:\WINDOWS\system32\wmvsdecd.dll
2007-03-21 05:12 133632 --a------ C:\WINDOWS\system32\wpdshserviceobj.dll
2007-03-21 05:12 1329152 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2007-03-21 05:12 130048 --a------ C:\WINDOWS\system32\wmpps.dll
2007-03-21 05:11 991744 --a------ C:\WINDOWS\system32\drmv2clt.dll
2007-03-21 05:11 937984 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\wdfmgr.exe
2007-03-21 05:11 8704 --a------ C:\WINDOWS\system32\uwdf.exe
2007-03-21 05:11 78336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-03-21 05:11 757248 --a------ C:\WINDOWS\system32\wmadmod.dll
2007-03-21 05:11 71680 --a------ C:\WINDOWS\system32\admparse.dll
2007-03-21 05:11 7168 --a------ C:\WINDOWS\system32\asferror.dll
2007-03-21 05:11 68888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-03-21 05:11 62744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-03-21 05:11 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2007-03-21 05:11 542720 --a------ C:\WINDOWS\system32\blackbox.dll
2007-03-21 05:11 534528 --a------ C:\WINDOWS\system32\wmdrmsdk.dll
2007-03-21 05:11 48128 --a------ C:\WINDOWS\system32\mshtmler.dll
2007-03-21 05:11 45568 --a------ C:\WINDOWS\system32\mshta.exe
2007-03-21 05:11 429056 --a------ C:\WINDOWS\system32\wmdrmdev.dll
2007-03-21 05:11 414720 --a------ C:\WINDOWS\system32\msscp.dll
2007-03-21 05:11 40960 --a------ C:\WINDOWS\system32\licmgr10.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\wdfapi.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2007-03-21 05:11 4096 --a------ C:\WINDOWS\system32\mp43dmod.dll
2007-03-21 05:11 37376 --a------ C:\WINDOWS\system32\wmdmps.dll
2007-03-21 05:11 348672 --a------ C:\WINDOWS\system32\wmdrmnet.dll
2007-03-21 05:11 3426072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-03-21 05:11 33792 --a------ C:\WINDOWS\system32\wmdmlog.dll
2007-03-21 05:11 321536 --a------ C:\WINDOWS\system32\mswmdm.dll
2007-03-21 05:11 317440 --a------ C:\WINDOWS\system32\mp4sdecd.dll
2007-03-21 05:11 314880 --a------ C:\WINDOWS\system32\wmpdxm.dll
2007-03-21 05:11 312128 --a------ C:\WINDOWS\system32\msdelta.dll
2007-03-21 05:11 295936 --a------ C:\WINDOWS\system32\wmpeffects.dll
2007-03-21 05:11 284160 --a------ C:\WINDOWS\system32\portabledeviceapi.dll
2007-03-21 05:11 276992 --a------ C:\WINDOWS\system32\audiodev.dll
2007-03-21 05:11 27136 --a------ C:\WINDOWS\system32\mspmsnsv.dll
2007-03-21 05:11 26112 --a------ C:\WINDOWS\system32\idndl.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mpg4decd.dll
2007-03-21 05:11 259072 --a------ C:\WINDOWS\system32\mp43decd.dll
2007-03-21 05:11 255848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-03-21 05:11 251672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-03-21 05:11 249856 --a------ C:\WINDOWS\system32\drmupgds.exe
2007-03-21 05:11 24576 --a------ C:\WINDOWS\system32\nlsdl.dll
2007-03-21 05:11 242688 --a------ C:\WINDOWS\system32\wmpasf.dll
2007-03-21 05:11 2414360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-03-21 05:11 237848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-03-21 05:11 236824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-03-21 05:11 23552 --a------ C:\WINDOWS\system32\normaliz.dll
2007-03-21 05:11 229376 --a------ C:\WINDOWS\system32\cewmdm.dll
2007-03-21 05:11 227328 --a------ C:\WINDOWS\system32\wmerror.dll
2007-03-21 05:11 222208 --a------ C:\WINDOWS\system32\wmasf.dll
2007-03-21 05:11 212992 --a------ C:\WINDOWS\system32\mfplat.dll
2007-03-21 05:11 211456 --a------ C:\WINDOWS\system32\qasf.dll
2007-03-21 05:11 199168 --a------ C:\WINDOWS\system32\portabledevicewmdrm.dll
2007-03-21 05:11 179712 --a------ C:\WINDOWS\system32\msnetobj.dll
2007-03-21 05:11 175616 --a------ C:\WINDOWS\system32\mspmsp.dll
2007-03-21 05:11 17408 --a------ C:\WINDOWS\system32\corpol.dll
2007-03-21 05:11 166912 --a------ C:\WINDOWS\system32\portabledevicetypes.dll
2007-03-21 05:11 1661440 --a------ C:\WINDOWS\system32\wmpencen.dll
2007-03-21 05:11 157184 --a------ C:\WINDOWS\system32\wmidx.dll
2007-03-21 05:11 156160 --a------ C:\WINDOWS\system32\msls31.dll
2007-03-21 05:11 15128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-03-21 05:11 132096 --a------ C:\WINDOWS\system32\portabledevicewiacompat.dll
2007-03-21 05:11 11264 --a------ C:\WINDOWS\system32\laprxy.dll
2007-03-21 05:11 1117696 --a------ C:\WINDOWS\system32\wmadmoe.dll
2007-03-21 05:11 101888 --a------ C:\WINDOWS\system32\portabledeviceclassextension.dll
2007-03-21 05:11 100864 --a------ C:\WINDOWS\system32\logagent.exe
2007-03-21 05:10 985088 --a------ C:\WINDOWS\system32\setupapi.dll
2007-03-21 05:10 96768 --a------ C:\WINDOWS\system32\srvsvc.dll
2007-03-21 05:10 81664 --a------ C:\WINDOWS\system32\drivers\videoprt.sys
2007-03-21 05:10 80896 --a------ C:\WINDOWS\system32\wscsvc.dll
2007-03-21 05:10 713216 --a------ C:\WINDOWS\system32\sxs.dll
2007-03-21 05:10 69120 --a------ C:\WINDOWS\system32\wlanapi.dll
2007-03-21 05:10 68096 --a------ C:\WINDOWS\system32\webclnt.dll
2007-03-21 05:10 65536 --a------ C:\WINDOWS\system32\wshext.dll
2007-03-21 05:10 62336 --a------ C:\WINDOWS\system32\drivers\rspndr.sys
2007-03-21 05:10 59264 --a------ C:\WINDOWS\system32\drivers\usbhub.sys
2007-03-21 05:10 582656 --a------ C:\WINDOWS\system32\rpcrt4.dll
2007-03-21 05:10 57856 --a------ C:\WINDOWS\system32\spoolsv.exe
2007-03-21 05:10 55808 --a------ C:\WINDOWS\system32\twext.dll
2007-03-21 05:10 531568 --a------ C:\WINDOWS\system32\rmactivate_isv.exe
2007-03-21 05:10 519280 --a------ C:\WINDOWS\system32\secproc_isv.dll
2007-03-21 05:10 518768 --a------ C:\WINDOWS\system32\secproc.dll
2007-03-21 05:10 50176 --a------ C:\WINDOWS\system32\utilman.exe
2007-03-21 05:10 49152 --a------ C:\WINDOWS\system32\wdigest.dll
2007-03-21 05:10 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2007-03-21 05:10 399360 --a------ C:\WINDOWS\system32\rpcss.dll
2007-03-21 05:10 383488 --a------ C:\WINDOWS\system32\wzcdlg.dll
2007-03-21 05:10 36352 --a------ C:\WINDOWS\system32\tsgqec.dll
2007-03-21 05:10 360704 --a------ C:\WINDOWS\system32\drivers\tcpip.sys
2007-03-21 05:10 35840 --a------ C:\WINDOWS\system32\umandlg.dll
2007-03-21 05:10 358000 --a------ C:\WINDOWS\system32\rmactivate_ssp.exe
2007-03-21 05:10 354416 --a------ C:\WINDOWS\system32\rmactivate_ssp_isv.exe
2007-03-21 05:10 332928 --a------ C:\WINDOWS\system32\drivers\srv.sys
2007-03-21 05:10 30208 --a------ C:\WINDOWS\system32\drivers\usbehci.sys
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\wshcon.dll
2007-03-21 05:10 28672 --a------ C:\WINDOWS\system32\verclsid.exe
2007-03-21 05:10 26624 --a------ C:\WINDOWS\system32\verifier.dll
2007-03-21 05:10 249344 --a------ C:\WINDOWS\system32\tapisrv.dll
2007-03-21 05:10 246814 --a------ C:\WINDOWS\system32\strmdll.dll
2007-03-21 05:10 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-03-21 05:10 225664 --a------ C:\WINDOWS\system32\drivers\tcpip6.sys
2007-03-21 05:10 218624 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-03-21 05:10 209280 --a------ C:\WINDOWS\system32\drivers\update.sys
2007-03-21 05:10 202496 --a------ C:\WINDOWS\system32\drivers\RMCast.sys
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp_isv.dll
2007-03-21 05:10 192624 --a------ C:\WINDOWS\system32\secproc_ssp.dll
2007-03-21 05:10 18392 --a------ C:\WINDOWS\system32\wups2.dll
2007-03-21 05:10 17152 --a------ C:\WINDOWS\system32\drivers\usbohci.sys
2007-03-21 05:10 163644 --a------ C:\WINDOWS\system32\drivers\secdrv.sys
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrrun.dll
2007-03-21 05:10 151552 --a------ C:\WINDOWS\system32\scrobj.dll
2007-03-21 05:10 143488 --a------ C:\WINDOWS\system32\drivers\usbport.sys
2007-03-21 05:10 132096 --a------ C:\WINDOWS\system32\wkssvc.dll
2007-03-21 05:10 123392 --a------ C:\WINDOWS\system32\umpnpmgr.dll
2007-03-21 05:10 117760 --a------ C:\WINDOWS\system32\t2embed.dll
2007-03-21 05:10 114688 --a------ C:\WINDOWS\system32\wscript.exe
2007-03-21 05:10 10752 --a------ C:\WINDOWS\system32\rspndr.exe
2007-03-21 05:10 101376 --a------ C:\WINDOWS\system32\txflog.dll
2007-03-21 05:09 981760 --a------ C:\WINDOWS\system32\mfc42u.dll
2007-03-21 05:09 927504 --a------ C:\WINDOWS\system32\mfc40u.dll
2007-03-21 05:09 884736 --a------ C:\WINDOWS\system32\msimsg.dll
2007-03-21 05:09 84480 --a------ C:\WINDOWS\system32\pintool.exe
2007-03-21 05:09 838360 --a------ C:\WINDOWS\system32\mswdat10.dll
2007-03-21 05:09 82432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-03-21 05:09 79872 --a------ C:\WINDOWS\system32\msxml6r.dll
2007-03-21 05:09 78848 --a------ C:\WINDOWS\system32\msiexec.exe
2007-03-21 05:09 74752 --a------ C:\WINDOWS\system32\olecli32.dll
2007-03-21 05:09 73728 --a------ C:\WINDOWS\system32\mscms.dll
2007-03-21 05:09 72704 --a------ C:\WINDOWS\system32\magnify.exe
2007-03-21 05:09 726528 --a------ C:\WINDOWS\system32\lsasrv.dll
2007-03-21 05:09 701440 --a------ C:\WINDOWS\system32\msxml2.dll
2007-03-21 05:09 66560 --a------ C:\WINDOWS\system32\mtxclu.dll
2007-03-21 05:09 65536 --a------ C:\WINDOWS\system32\nwwks.dll
2007-03-21 05:09 64000 --a------ C:\WINDOWS\system32\nwapi32.dll
2007-03-21 05:09 621272 --a------ C:\WINDOWS\system32\mswstr10.dll
2007-03-21 05:09 61440 --a------ C:\WINDOWS\system32\mmcshext.dll
2007-03-21 05:09 58880 --a------ C:\WINDOWS\system32\pnrpnsp.dll
2007-03-21 05:09 586240 --a------ C:\WINDOWS\system32\mlang.dll
2007-03-21 05:09 553984 --a------ C:\WINDOWS\system32\p2psvc.dll
2007-03-21 05:09 53760 --a------ C:\WINDOWS\system32\narrator.exe
2007-03-21 05:09 523376 --a------ C:\WINDOWS\system32\rmactivate.exe
2007-03-21 05:09 454656 --a------ C:\WINDOWS\system32\drivers\mrxsmb.sys
2007-03-21 05:09 43520 --a------ C:\WINDOWS\system32\ntlanman.dll
2007-03-21 05:09 397312 --a------ C:\WINDOWS\system32\mmcex.dll
2007-03-21 05:09 386048 --a------ C:\WINDOWS\system32\qdvd.dll
2007-03-21 05:09 37376 --a------ C:\WINDOWS\system32\olecnv32.dll
2007-03-21 05:09 35840 --a------ C:\WINDOWS\system32\qfecheck.exe
2007-03-21 05:09 343040 --a------ C:\WINDOWS\system32\msvcrt.dll
2007-03-21 05:09 33792 --a------ C:\WINDOWS\system32\mmcperf.exe
2007-03-21 05:09 323696 --a------ C:\WINDOWS\system32\msdrm.dll
2007-03-21 05:09 313344 --a------ C:\WINDOWS\system32\p2pgraph.dll
2007-03-21 05:09 298496 --a------ C:\WINDOWS\system32\kerberos.dll
2007-03-21 05:09 297472 --a------ C:\WINDOWS\system32\msctf.dll
2007-03-21 05:09 288768 --a------ C:\WINDOWS\system32\rhttpaa.dll
2007-03-21 05:09 2854400 --a------ C:\WINDOWS\system32\msi.dll
2007-03-21 05:09 271360 --a------ C:\WINDOWS\system32\msihnd.dll
2007-03-21 05:09 270336 --a------ C:\WINDOWS\system32\oakley.dll
2007-03-21 05:09 247808 --a------ C:\WINDOWS\system32\newdev.dll
2007-03-21 05:09 215552 --a------ C:\WINDOWS\system32\osk.exe
2007-03-21 05:09 19968 --a------ C:\WINDOWS\system32\linkinfo.dll
2007-03-21 05:09 197632 --a------ C:\WINDOWS\system32\netman.dll
2007-03-21 05:09 192512 --a------ C:\WINDOWS\system32\qcap.dll
2007-03-21 05:09 1913344 --a------ C:\WINDOWS\system32\mmcndmgr.dll
2007-03-21 05:09 184320 --a------ C:\WINDOWS\system32\microsoft.managementconsole.dll
2007-03-21 05:09 178408 --a------ C:\WINDOWS\system32\muweb.dll
2007-03-21 05:09 174592 --a------ C:\WINDOWS\system32\drivers\rdbss.sys
2007-03-21 05:09 1705472 --a------ C:\WINDOWS\system32\netshell.dll
2007-03-21 05:09 163456 --a------ C:\WINDOWS\system32\drivers\nwrdr.sys
2007-03-21 05:09 163328 --a------ C:\WINDOWS\system32\mmcbase.dll
2007-03-21 05:09 15360 --a------ C:\WINDOWS\system32\msisip.dll
2007-03-21 05:09 153088 --a------ C:\WINDOWS\system32\p2p.dll
2007-03-21 05:09 1435648 --a------ C:\WINDOWS\system32\query.dll
2007-03-21 05:09 142336 --a------ C:\WINDOWS\system32\nwprovau.dll
2007-03-21 05:09 1354752 --a------ C:\WINDOWS\system32\mmc.exe
2007-03-21 05:09 1317648 --a------ C:\WINDOWS\system32\msxml6.dll
2007-03-21 05:09 1287680 --a------ C:\WINDOWS\system32\quartz.dll
2007-03-21 05:09 1286656 --a------ C:\WINDOWS\system32\ole32.dll
2007-03-21 05:09 1245696 --a------ C:\WINDOWS\system32\msxml4.dll
2007-03-21 05:09 122880 --a------ C:\WINDOWS\system32\oledlg.dll
2007-03-21 05:09 115712 --a------ C:\WINDOWS\system32\p2pnetsh.dll
2007-03-21 05:09 1084416 --a------ C:\WINDOWS\system32\msxml3.dll
2007-03-21 05:09 106496 --a------ C:\WINDOWS\system32\mmcfxcommon.dll
2007-03-21 05:09 105088 --a------ C:\WINDOWS\system32\drivers\mup.sys
2007-03-21 05:09 104960 --a------ C:\WINDOWS\system32\p2pgasvc.dll
2007-03-21 05:08 98304 --a------ C:\WINDOWS\system32\cscript.exe
2007-03-21 05:08 96792 --a------ C:\WINDOWS\system32\basecsp.dll
2007-03-21 05:08 80896 --a------ C:\WINDOWS\system32\fontsub.dll
2007-03-21 05:08 77824 --a------ C:\WINDOWS\system32\browser.dll
2007-03-21 05:08 75736 --a------ C:\WINDOWS\system32\cdm.dll
2007-03-21 05:08 72704 --a------ C:\WINDOWS\system32\hlink.dll
2007-03-21 05:08 69120 --a------ C:\WINDOWS\system32\ciodm.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\cryptsvc.dll
2007-03-21 05:08 62464 --a------ C:\WINDOWS\system32\authz.dll
2007-03-21 05:08 61952 --a------ C:\WINDOWS\system32\hdashcut.exe
2007-03-21 05:08 617472 --a------ C:\WINDOWS\system32\comctl32.dll
2007-03-21 05:08 5120 --a------ C:\WINDOWS\system32\hdaudres.dll
2007-03-21 05:08 498742 --a------ C:\WINDOWS\system32\dxmasf.dll
2007-03-21 05:08 49536 --a------ C:\WINDOWS\system32\drivers\classpnp.sys
2007-03-21 05:08 42496 --a------ C:\WINDOWS\system32\ftp.exe
2007-03-21 05:08 41984 --a------ C:\WINDOWS\system32\drivers\imapi.sys
2007-03-21 05:08 41472 --a------ C:\WINDOWS\system32\hhsetup.dll
2007-03-21 05:08 36921 --a------ C:\WINDOWS\system32\imeshare.dll
2007-03-21 05:08 36864 --a------ C:\WINDOWS\system32\drivers\hidclass.sys
2007-03-21 05:08 36096 --a------ C:\WINDOWS\system32\drivers\intelppm.sys
2007-03-21 05:08 28672 --a------ C:\WINDOWS\system32\dispex.dll
2007-03-21 05:08 262656 --a------ C:\WINDOWS\system32\drivers\http.sys
2007-03-21 05:08 25600 --a------ C:\WINDOWS\system32\bcsprsrc.dll
2007-03-21 05:08 254976 --a------ C:\WINDOWS\system32\icm32.dll
2007-03-21 05:08 25088 --a------ C:\WINDOWS\system32\hdaprop.dll
2007-03-21 05:08 243200 --a------ C:\WINDOWS\system32\es.dll
2007-03-21 05:08 2068480 --a------ C:\WINDOWS\system32\cdosys.dll
2007-03-21 05:08 198616 --a------ C:\WINDOWS\system32\iuengine.dll
2007-03-21 05:08 183808 --a------ C:\WINDOWS\system32\ipsecsvc.dll
2007-03-21 05:08 155136 --a------ C:\WINDOWS\system32\itircl.dll
2007-03-21 05:08 151552 --a------ C:\WINDOWS\system32\ifxcardm.dll
2007-03-21 05:08 148480 --a------ C:\WINDOWS\system32\cic.dll
2007-03-21 05:08 145920 --a------ C:\WINDOWS\system32\drivers\hdaudio.sys
2007-03-21 05:08 138752 --a------ C:\WINDOWS\system32\drivers\hdaudbus.sys
2007-03-21 05:08 137216 --a------ C:\WINDOWS\system32\itss.dll
2007-03-21 05:08 136320 --a------ C:\WINDOWS\system32\drivers\ipnat.sys
2007-03-21 05:08 133120 --a------ C:\WINDOWS\system32\axaltocm.dll
2007-03-21 05:08 123392 --a------ C:\WINDOWS\system32\input.dll
2007-03-21 05:08 116736 --a------ C:\WINDOWS\system32\aaclient.dll
2007-03-21 05:08 1082368 --a------ C:\WINDOWS\system32\esent.dll
2007-03-21 05:08 10752 --a------ C:\WINDOWS\hh.exe
2007-03-21 05:08 1033216 --a------ C:\WINDOWS\explorer.exe
2007-03-21 05:08 100352 --a------ C:\WINDOWS\system32\6to4svc.dll
2007-03-17 08:45 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-14 19:27 972336 --a------ C:\WINDOWS\unrecode.exe
2007-03-14 19:20 133168 --a------ C:\WINDOWS\system32\drivers\imagesrv.sys
2007-03-14 19:20 11568 --a------ C:\WINDOWS\system32\drivers\imagedrv.sys
2007-03-14 19:19 972336 --a------ C:\WINDOWS\unnerobackitup.exe
2007-03-14 19:19 95864 --a------ C:\WINDOWS\system32\neroco.dll
2007-03-12 13:51 972336 --a------ C:\WINDOWS\unneromediahome.exe
2007-03-08 10:48 578048 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 10:48 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 10:48 282112 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 08:49 1843968 --a------ C:\WINDOWS\system32\win32k.sys
2007-02-28 20:53 972336 --a------ C:\WINDOWS\unnerovision.exe
2007-02-28 15:41 972336 --a------ C:\WINDOWS\unneroshowtime.exe
2007-02-28 12:50 777216 --a------ C:\WINDOWS\system32\the_lost_watch_3d_screensaver.scr
2007-02-28 12:50 776192 --a------ C:\WINDOWS\system32\mechanical_clock_3d_screensaver.scr
2007-02-28 12:50 2948608 --a------ C:\WINDOWS\system32\the lost watch 3d screensaver.exe
2007-02-28 12:50 2414592 --a------ C:\WINDOWS\system32\mechanical clock 3d screensaver.exe
2007-02-10 21:18 36352 --a------ C:\WINDOWS\system32\imgutil.dll
2007-02-05 15:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))


*Note* empty entries & legit default entries are not shown

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]
{53707962-6F74-2D53-2644-206D7942484F} C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
{AA58ED58-01DD-4d91-8333-CF10577473F7} c:\program files\google\googletoolbar1.dll
{AF69DE43-7D58-4638-B6FA-CE66B5AD205D} C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.5672\swg.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NVMixerTray"="\"C:\\Program Files\\NVIDIA Corporation\\NvMixer\\NVMixerTray.exe\""
"ZoneAlarm Client"="\"C:\\Program Files\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.6.0_01\\bin\\jusched.exe\""
"!AVG Anti-Spyware"="\"C:\\Program Files\\Grisoft\\AVG Anti-Spyware 7.5\\avgas.exe\" /minimized"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"swg"="C:\\Program Files\\Google\\GoogleToolbarNotifier\\GoogleToolbarNotifier.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\runonce\Setup]
"Registrando Panda ActiveX"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\as.dll"
"Registrando Panda Almacen"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\pavpz.dll"
"Registering ActiveScan controles"="C:\\WINDOWS\\system32\\regsvr32.exe /s C:\\WINDOWS\\system32\\ActiveScan\\ascontrol.dll"

[HKEY_USERS\.default\software\microsoft\windows\currentversion\runonce]
"ShowDeskFix"="regsvr32 /s /n /i:u shell32"
"IE7-11"=hex(2):72,75,6e,64,6c,6c,33,32,20,61,64,76,70,61,63,6b,2e,64,6c,6c,2c,\
4c,61,75,6e,63,68,49,4e,46,53,65,63,74,69,6f,6e,20,4e,52,5f,49,45,37,65,6e,\
2e,69,6e,66,2c,41,66,74,65,72,55,73,65,72,53,74,61,72,74,00

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{3CF9ECE0-1A9F-11D2-8C73-00C06C2005DE}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"

HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa
Authentication Packages REG_MULTI_SZ msv1_0\0\0
Security Packages REG_MULTI_SZ kerberos\0msv1_0\0schannel\0wdigest\0\0
Notification Packages REG_MULTI_SZ scecli\0\0


[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="\"C:\\Program Files\\Common Files\\Ahead\\Lib\\NMBgMonitor.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"ATICCC"="\"C:\\Program Files\\ATI Technologies\\ATI.ACE\\CLIStart.exe\""

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
WudfServiceGroup REG_MULTI_SZ WUDFSvc\0\0

hklm\software\Microsoft\Windows NT\CurrentVersion\Svchost *netsvcs*
UxTuneUp



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job

********************************************************************

catchme 0.3.660 W2K/XP/Vista - userland rootkit detector by Gmer, http://www.gmer.net
Rootkit scan 2007-05-04 22:14:58
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


********************************************************************

Completion time: 07-05-04 22:15:07
C:\ComboFix-quarantined-files.txt ... 07-05-04 22:15
C:\ComboFix2.txt ... 07-05-04 14:39

#14 Jintan

Jintan

  • Malware Response Team
  • 531 posts
  • OFFLINE
  •  
  • Local time:05:06 PM

Posted 05 May 2007 - 08:32 AM

DEALIOKIT = Dealio! You had lost me there for sure on that. Shown here for now as a legitimate item, but you have an installer file by the same name shown here as a potential source of bundled adware. You can see by the info on that site your problems opting to remove Dealio from your system is again tied to a screensaver you have most likely installed. So removal of the screensaver would be required for removal of anything that came bundled with it. And a fresh start new system install as well. Let's see about fresh starts - did you pay for ANY of these many, many screensavers you have showing in these log files, or were all free trials and/or just free? I think you are catching the gist of this - free screensavers are high on the list of methods to introduce adware/search hijacks on systems.


Let's see what is there - open Hijackthis.
Click Config - Misc Tools - Open Uninstall Manager.
A list of the entries in Add/Remove programs will appear.
Click on Save List...
The list will be saved as 'Uninstall_list.txt'
Copy & Paste the contents back here for review.
Ad eundum quo no duck ante iit

#15 MrSly

MrSly
  • Topic Starter

  • Members
  • 32 posts
  • OFFLINE
  •  
  • Local time:03:06 PM

Posted 05 May 2007 - 09:56 AM

Actually I've paid for several of the screensavers from 3Planesoft (Ancient Castle and Watermill are the best!), but most of them are demos from the same company. I believe that all of the rest are demos as well, but I may be mistaken, some MAY be "free". I've only ever had like 4 screensavers before, and thought it'd be nice to see something different for a change. Guess not... :flowers:

I've uninstalled a few since yesterday. They were crap, so probably "free"...

You're right, I should know better. :thumbsup:

Anyway, here's the log you asked for, and thanks for all your help:


3D Galaxy Journey Screensaver
3D Solar System Screensaver
3Planesoft Screensaver Manager 1.1
Ad-Aware SE Personal
Adobe Reader 8
Ancient Castle 3D Screensaver 1.1
Aqua Real
Astro Gemini Screensaver Manager 1.2
ATI - Software Uninstall Utility
ATI Catalyst Control Center
ATI Display Driver
ATI HYDRAVISION
ATI Parental Control & Encoder
ATI Problem Report Wizard
AVG Anti-Spyware 7.5
AVIVO Codecs
Christmas 3D Screensaver 1.0
Clock Tower 3D Screensaver 1.1
Coral Clock 3D Screensaver 1.0
Discovery 3D Screensaver 1.1
Earth 3D Screensaver 1.0
ePrompter
Fantasy Moon 3D Screensaver 1.3
Fireplace 3D Screensaver 1.0
Flag 3D Screensaver 1.0
FSX Sirocco GTX 132 ft. Motoryacht
Galleon 3D Screensaver 1.3
Google Toolbar for Internet Explorer
Google Toolbar for Internet Explorer
Google Updater
GPSoftware Directory Opus
Halloween 3D Screensaver 1.1
HijackThis 1.99.1
Ice Clock 3D Screensaver 1.0
Japanese Garden 3D Screensaver 1.0
Java™ SE Runtime Environment 6 Update 1
Lagoon 3D Screensaver 1.0
Lantern 3D Screensaver 1.0
Magic Ball 2 New Worlds
Magic Ball 3
Mechanical Clock 3D Screensaver 1.0
Microsoft .NET Framework 2.0
Microsoft Flight Simulator X
Microsoft Office Professional Edition 2003
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (2.0.0.3)
MSXML 4.0 SP2 Parser and SDK
Nature 3D Screensaver 1.1
Nautilus 3D Screensaver 1.2
Nero 7 Ultra Edition
neroxml
NVIDIA Drivers
NvMixer
Panda ActiveScan
PrimoPDF
PrimoPDF Redistribution Package
Rainy Screensaver 2.2.10
Security Update for Microsoft .NET Framework 2.0 (KB917283)
Security Update for Microsoft .NET Framework 2.0 (KB922770)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Snood for Windows version 3.52-W
Space Plasma 3D Screensaver (remove only)
Spirit of Fire 3D Screensaver 2.4
Spybot - Search & Destroy 1.4
The Lost Watch 3D Screensaver 1.0
The One Ring 3D Screensaver 1.0
Trillian
Tropical Fish 3D Screensaver 1.0
TuneUp Utilities 2007
Voyage of Columbus 3D Screensaver 1.0
Watermill 3D Screensaver 2.0
Windows Installer 3.1 (KB893803)
WinRAR archiver
ZoneAlarm Security Suite




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users