|
| ||
| Windows XP professional Virus Infection I keep getting a pop up message upon boot up," Windows cannot find logon.exe". I have run complete cleaning process as you directed in your July 16th,2008 posting and am attaching the following four scanlogs as requested. MalwareBytes' Anti-Malware log ESET Online Scanner log Both logs from Deckard's System Scanner Uninstall List Malwarebytes' Anti-Malware 1.38 Database version: 2370 Windows 5.1.2600 Service Pack 3 7/3/2009 10:36:59 PM mbam-log-2009-07-03 (22-36-59).txt Scan type: Full Scan (C:\|) Objects scanned: 176762 Time elapsed: 44 minute(s), 16 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 1 Folders Infected: 0 Files Infected: 3 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Hijack.Shell) -> Bad: (Explorer.exe logon.exe) Good: (Explorer.exe) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\documents and settings\administrator\desktop\programs downloaded\installed\winrar1\winrar.v3.71.1.0\patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\program files\WinRAR\patch.exe (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Program Files\setup.exe (Rogue.Installer) -> Quarantined and deleted successfully. C:\Program Files\Cool Cat Casino\Install.exe a variant of Win32/CasOnline application C:\Program Files\Cool Cat Casino\SmartDownload.exe a variant of Win32/CasOnline application DDS (Ver_09-06-26.01) - NTFSx86 Run by Administrator at 7:53:33.76 on Sat 07/04/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3106 [GMT -4:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe C:\Program Files\Common Files\AOL\1244460923\ee\AOLSoftware.exe C:\WINDOWS\system32\ctfmon.exe svchost.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Netopia\Wireless USB Card\WLANSTA.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PSIService.exe C:\Program Files\Quick ShutDown\qsd.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\Administrator\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.aol.com uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Core Temp] "c:\documents and settings\administrator\desktop\Core Temp.exe" uRun: [Pando] "c:\program files\pando networks\pando\Pando.exe" /Minimized uRun: [<NO NAME>] uRun: [Multi Reminders] "c:\program files\multi reminders\reminder.exe" -c mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Ask and Record FLV Service] "c:\program files\ask & record toolbar\FLVSrvc.exe" /run mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [HostManager] c:\program files\common files\aol\1244460923\ee\AOLSoftware.exe mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\capsun~1.lnk - c:\program files\capsunlock\CapsUnlock.exe StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\quicks~1.lnk - c:\program files\quick shutdown\qsd.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\macroe~1.lnk - c:\program files\macro express3\MacExp.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\netopia\wireless usb card\WLANSTA.exe IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html IE: Create BigJig puzzle - c:\program files\jigmake\jm.htm IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244397036028 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244397143122 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll LSA: Notification Packages = scecli scecli scecli scecli ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-8 327688] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-8 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-8 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-8 906520] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-8 298776] R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2009-6-8 14336] R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2009-6-26 14976] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2009-6-8 39456] S3 Netopia_iphelp;Netopia WLAN IP Utility;c:\program files\netopia\wireless usb card\iphlpsrv.exe [2009-6-25 102400] =============== Created Last 30 ================ 2009-07-03 21:33 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes 2009-07-03 21:33 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-03 21:33 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-07-03 21:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-07-03 21:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-07-03 19:38 <DIR> --d----- c:\program files\Windows Messenger Remover 2009-07-03 19:35 <DIR> --d----- c:\windows\pss 2009-06-30 21:31 <DIR> --d----- c:\program files\Cool Cat Casino 2009-06-29 17:59 1,888,224 a------- c:\windows\system32\VCL40.BPL 2009-06-29 17:59 106,992 a------- c:\windows\system32\vcljpg40.BPL 2009-06-29 17:59 49,664 a------- c:\windows\system32\GTRippleMain.bpl 2009-06-29 17:59 <DIR> --d----- c:\program files\GTDesktop 2009-06-29 13:55 92 a------- c:\windows\MFPD.INI 2009-06-29 13:55 120,832 a------- c:\windows\system32\APFAXCNV.DLL 2009-06-29 13:55 12,288 a------- c:\windows\system32\APFMON40.DLL 2009-06-29 13:55 <DIR> --d----- c:\program files\MightyFax 2009-06-29 10:42 <DIR> --d----- C:\games 2009-06-28 10:19 <DIR> --d----- c:\program files\JigMake 2009-06-28 10:15 <DIR> --d----- c:\program files\BigJig 2009-06-27 18:04 86,016 a------- c:\windows\unvise32.exe 2009-06-27 18:04 <DIR> --d----- c:\program files\Quick ShutDown 2009-06-27 17:52 <DIR> --d----- c:\program files\Pando Networks 2009-06-27 11:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Slapdash Games 2009-06-27 10:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-06-26 18:05 48,128 a----r-- c:\program files\WNASPI32.DLL 2009-06-26 18:05 1,077,248 a------- c:\program files\SWISNIFE.EXE 2009-06-26 18:05 86,358 a------- c:\program files\Warning.dat 2009-06-26 18:05 82,432 a------- c:\program files\ONSCOOLR.DLL 2009-06-26 18:05 14,976 a------- c:\windows\system32\drivers\SBKUPNT.SYS 2009-06-26 18:05 13,312 a------- c:\windows\system32\DEVLOAD.EXE 2009-06-26 18:05 543 a------- c:\windows\SWISV3.INI 2009-06-26 18:05 344 a------- c:\windows\DYNASN.INF 2009-06-26 18:05 995,383 -------- c:\program files\MFC42.DLL 2009-06-26 18:05 282,624 -------- c:\program files\PARTUTIL.DLL 2009-06-26 18:05 102,870 -------- c:\program files\Swishd.dat 2009-06-26 18:05 50,176 -------- c:\program files\ONSDOCKR.DLL 2009-06-26 18:05 24,576 -------- c:\program files\SKUNINST.DLL 2009-06-26 18:05 307 a------- c:\windows\SKNIFE.INI 2009-06-26 18:04 2,799 a------- c:\windows\SKLANG.INI 2009-06-26 18:04 306,688 a------- c:\windows\IsUninst.exe 2009-06-25 22:21 <DIR> --d----- c:\program files\SolSuite 2009-06-25 21:30 <DIR> --d----- c:\program files\AOL Toolbar 2009-06-25 21:29 <DIR> --d----- c:\program files\AOL 9.1a 2009-06-25 21:14 14 a------- c:\windows\popcinfo.dat 2009-06-25 21:09 <DIR> --d----- c:\program files\BookWorm Deluxe 2009-06-25 20:18 163,410 a------- c:\windows\Wave@MP3 Uninstaller.exe 2009-06-25 20:18 <DIR> --d----- c:\program files\River Past 2009-06-25 20:18 <DIR> --d----- c:\program files\common files\River Past 2009-06-25 20:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\River Past G5 2009-06-25 20:18 <DIR> --d----- c:\docume~1\admini~1\applic~1\River Past G5 2009-06-25 12:23 459,520 a------- c:\windows\system32\drivers\rt73.sys 2009-06-25 12:16 <DIR> --d----- c:\program files\Wireless Temp 2009-06-25 12:14 21,419 a------- c:\windows\system32\drivers\AegisP.sys 2009-06-25 12:14 <DIR> --d----- c:\program files\Netopia 2009-06-25 11:52 69 a------- c:\windows\NeroDigital.ini 2009-06-11 05:50 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat 2009-06-10 23:50 <DIR> --d----- c:\windows\system32\XPSViewer 2009-06-10 23:49 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll 2009-06-10 23:49 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-10 23:49 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-10 23:49 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-10 23:49 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2009-06-10 23:49 575,488 -------- c:\windows\system32\xpsshhdr.dll 2009-06-10 23:49 117,760 -------- c:\windows\system32\prntvpt.dll 2009-06-10 22:15 <DIR> --dsh--- c:\documents and settings\administrator\PrivacIE 2009-06-10 22:10 <DIR> --dsh--- c:\documents and settings\administrator\IETldCache 2009-06-10 21:49 11,064,832 -c------ c:\windows\system32\dllcache\ieframe.dll 2009-06-10 21:49 1,985,024 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-06-10 21:49 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-06-10 21:49 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-06-10 21:49 <DIR> --d----- c:\windows\ie8updates 2009-06-10 21:49 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-06-10 21:48 <DIR> -cd-h--- c:\windows\ie8 2009-06-10 21:01 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-06-10 20:20 3,840 a------- c:\windows\system32\drivers\BANTExt.sys 2009-06-10 20:20 <DIR> --d----- c:\program files\Belarc 2009-06-10 14:09 <DIR> --d----- c:\docume~1\admini~1\applic~1\OpenOffice.org 2009-06-10 14:03 188,416 a------- c:\windows\amuninst.exe 2009-06-10 14:03 526 a------- c:\windows\unezmac.ini 2009-06-10 14:03 <DIR> --d----- c:\program files\American Systems 2009-06-10 14:03 36 a------- c:\windows\EZMacros.INI 2009-06-10 11:49 <DIR> --d----- c:\program files\ARM Software 2009-06-10 11:08 <DIR> --d----- c:\program files\macro 2 2009-06-10 11:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DRM 2009-06-10 04:37 221,184 a------- c:\windows\system32\wmpns.dll 2009-06-10 03:04 <DIR> --d----- c:\windows\system32\scripting 2009-06-10 03:04 <DIR> --d----- c:\windows\l2schemas 2009-06-10 03:04 <DIR> --d----- c:\windows\system32\en 2009-06-10 02:59 <DIR> --d----- c:\windows\network diagnostic 2009-06-09 15:50 <DIR> --d----- c:\program files\Multi Reminders 2009-06-09 15:50 <DIR> --d----- c:\docume~1\admini~1\applic~1\SolwaySoftware 2009-06-09 15:43 <DIR> --d----- c:\program files\CapsUnlock 2009-06-09 07:59 <DIR> --d----- c:\documents and settings\administrator\Saved Games 2009-06-09 07:46 <DIR> --d----- c:\program files\Dream Day First Home 2009-06-09 07:45 <DIR> --d----- c:\program files\ReflexiveArcade 2009-06-09 06:35 <DIR> --d----- c:\program files\AskBarDis 2009-06-09 06:35 <DIR> --d----- c:\windows\Ask & Record Toolbar 2009-06-09 06:35 <DIR> --d----- c:\program files\Ask & Record Toolbar 2009-06-09 01:31 <DIR> --d----- c:\windows\NV31444000.TMP 2009-06-09 01:16 1,048,576 a------- c:\windows\0801.BIN 2009-06-09 01:15 545,448 a------- c:\windows\0801.zip 2009-06-09 01:08 1,048,576 a------- C:\SAVED BIOS FILE 2009-06-08 20:39 <DIR> --d----- c:\program files\MSXML 4.0 2009-06-08 20:05 <DIR> --d----- c:\program files\JRE 2009-06-08 20:05 <DIR> --d----- c:\program files\OpenOffice.org 3 2009-06-08 20:05 410,984 a------- c:\windows\system32\deploytk.dll 2009-06-08 20:05 73,728 a------- c:\windows\system32\javacpl.cpl 2009-06-08 20:04 <DIR> --d----- c:\program files\readmes 2009-06-08 20:04 <DIR> --d----- c:\program files\redist 2009-06-08 20:04 <DIR> --d----- c:\program files\licenses 2009-06-08 19:35 <DIR> --d----- c:\program files\PokerStars 2009-06-08 18:39 974 -------- c:\windows\system32\pid.inf 2009-06-08 18:15 272,128 -c------ c:\windows\system32\dllcache\bthport.sys 2009-06-08 18:07 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys 2009-06-08 18:07 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys 2009-06-08 17:39 333,952 -c------ c:\windows\system32\dllcache\srv.sys 2009-06-08 17:38 331,776 -c------ c:\windows\system32\dllcache\msadce.dll 2009-06-08 17:37 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll 2009-06-08 17:31 247,326 -c------ c:\windows\system32\dllcache\strmdll.dll 2009-06-08 17:31 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll 2009-06-08 17:30 1,203,922 -c------ c:\windows\system32\dllcache\sysmain.sdb 2009-06-08 17:30 2,560 -------- c:\windows\system32\xpsp4res.dll 2009-06-08 17:30 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe 2009-06-08 17:12 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-06-08 17:12 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-06-08 17:12 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-06-08 17:12 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-06-08 17:12 <DIR> --d----- c:\docume~1\admini~1\applic~1\AVGTOOLBAR 2009-06-08 17:12 <DIR> --d----- c:\program files\AVG 2009-06-08 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8 2009-06-08 17:09 <DIR> --d----- c:\windows\system32\wbem\AutoRecover 2009-06-08 17:03 2,897,920 -------- c:\windows\system32\xpsp2res.dll 2009-06-08 17:02 19,528 a------- c:\windows\000001_.tmp 2009-06-08 14:16 <DIR> --d----- c:\windows\ServicePackFiles 2009-06-08 14:14 19,528 a------- c:\windows\002728_.tmp 2009-06-08 14:12 1,872,896 a------- c:\windows\system32\mmcndmgr.dll 2009-06-08 08:57 <DIR> --d----- c:\docume~1\admini~1\applic~1\wsInspector 2009-06-08 08:56 <DIR> --d----- c:\program files\Startup Inspector for Windows 2009-06-08 08:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Insight Software Solutions 2009-06-08 08:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Insight Software 2009-06-08 08:44 <DIR> --d----- c:\program files\Macro Express3 2009-06-08 08:44 <DIR> --d----- c:\program files\common files\Insight Software Solutions 2009-06-08 07:57 <DIR> --d----- c:\program files\Jasc Software Inc 2009-06-08 07:53 <DIR> --d----- c:\program files\VS Revo Group 2009-06-08 07:37 <DIR> --d----- c:\docume~1\admini~1\applic~1\AOL 2009-06-08 07:36 <DIR> --d----- c:\program files\Viewpoint 2009-06-08 07:36 <DIR> --d----- c:\program files\common files\Nullsoft 2009-06-08 07:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint 2009-06-08 07:36 <DIR> --d----- c:\program files\common files\Software Update Utility 2009-06-08 07:35 33,588 a----r-- c:\windows\system32\drivers\wanatw4.sys 2009-06-08 07:35 <DIR> --d----- c:\windows\aolshare 2009-06-08 07:35 <DIR> --d----- c:\program files\common files\aolshare 2009-06-08 07:35 <DIR> --d----- c:\program files\common files\aol 2009-06-08 07:35 <DIR> --d----- c:\program files\AOL 9.1 2009-06-08 02:45 351 a------- c:\windows\system32\nvhda.nvu 2009-06-08 02:45 122,880 a----r-- c:\windows\system32\nvcohda.dll 2009-06-08 02:45 453,152 a------- c:\windows\system32\nvuhda.exe 2009-06-08 02:45 39,456 a----r-- c:\windows\system32\drivers\nvhda32.sys 2009-06-08 02:44 <DIR> --d----- c:\windows\NV20602064.TMP 2009-06-08 02:16 10,240 ac------ c:\windows\system32\dllcache\snmpstup.dll 2009-06-08 02:15 7,168 ac------ c:\windows\system32\dllcache\wamregps.dll 2009-06-08 02:15 2,134,528 ac------ c:\windows\system32\dllcache\EXCH_smtpsnap.dll 2009-06-08 02:15 175,104 ac------ c:\windows\system32\dllcache\EXCH_smtpadm.dll 2009-06-08 02:15 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll 2009-06-08 02:15 7,680 ac------ c:\windows\system32\dllcache\inetmgr.exe 2009-06-08 02:15 169,984 ac------ c:\windows\system32\dllcache\iisui.dll 2009-06-08 02:15 14,336 ac------ c:\windows\system32\dllcache\iisreset.exe 2009-06-08 02:15 6,144 ac------ c:\windows\system32\dllcache\ftpsapi2.dll 2009-06-08 02:15 5,632 ac------ c:\windows\system32\dllcache\iisrstap.dll 2009-06-08 02:15 94,720 ac------ c:\windows\system32\dllcache\certmap.ocx 2009-06-08 02:14 488 a---hr-- c:\windows\system32\logonui.exe.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\WindowsShell.Manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\sapi.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\nwc.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest 2009-06-08 02:14 61,440 ac------ c:\windows\system32\dllcache\icwres.dll 2009-06-08 02:14 40,960 ac------ c:\windows\system32\dllcache\trialoc.dll 2009-06-08 02:14 73,728 ac------ c:\windows\system32\dllcache\icwtutor.exe 2009-06-08 02:04 24,661 ac------ c:\windows\system32\dllcache\spxcoins.dll 2009-06-08 02:04 13,312 ac------ c:\windows\system32\dllcache\irclass.dll 2009-06-08 02:04 24,661 a------- c:\windows\system32\spxcoins.dll 2009-06-08 02:04 13,312 a------- c:\windows\system32\irclass.dll 2009-06-08 02:04 797,189 ac------ c:\windows\system32\dllcache\NT5IIS.CAT 2009-06-08 02:04 399,645 ac------ c:\windows\system32\dllcache\MAPIMIG.CAT 2009-06-08 02:04 37,484 ac------ c:\windows\system32\dllcache\MW770.CAT 2009-06-08 02:04 13,472 ac------ c:\windows\system32\dllcache\HPCRDP.CAT 2009-06-08 02:04 8,574 ac------ c:\windows\system32\dllcache\IASNT4.CAT 2009-06-08 02:04 7,382 ac------ c:\windows\system32\dllcache\OEMBIOS.CAT 2009-06-08 02:04 13,608 a----r-- c:\windows\SET56.tmp 2009-06-08 02:04 1,085,913 a----r-- c:\windows\SET4A.tmp 2009-06-08 01:53 940,794 a------- c:\windows\system32\LoopyMusic.wav 2009-06-08 01:53 146,650 a------- c:\windows\system32\BuzzingBee.wav 2009-06-08 01:19 <DIR> --d----- c:\docume~1\admini~1\applic~1\GlarySoft 2009-06-08 01:09 <DIR> --d----- c:\windows\system32\Lang 2009-06-08 01:08 <DIR> --d----- c:\program files\AMD 2009-06-08 01:04 553 -----r-- c:\windows\USetup.iss 2009-06-08 01:04 <DIR> --d----- c:\windows\system32\RTCOM 2009-06-08 01:02 <DIR> --d----- c:\program files\Realtek 2009-06-08 00:54 <DIR> --d----- c:\docume~1\admini~1\applic~1\Symantec 2009-06-08 00:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec 2009-06-08 00:52 <DIR> --d----- c:\program files\common files\Symantec Shared 2009-06-07 20:21 <DIR> --d----- c:\windows\system32\appmgmt 2009-06-07 19:34 88,801 a------- c:\windows\setupapi.old 2009-06-07 19:32 <DIR> --d----- c:\windows\system32\PreInstall 2009-06-07 19:32 <DIR> --d-h--- c:\windows\$hf_mig$ 2009-06-07 15:13 <DIR> --d----- c:\program files\LSI SoftModem 2009-06-07 15:05 <DIR> --d----- c:\program files\Glary Utilities 2009-06-07 14:42 <DIR> --d----- c:\windows\provisioning 2009-06-07 14:42 <DIR> --d----- c:\windows\peernet 2009-06-07 14:40 26,144 a------- c:\windows\system32\spupdsvc.exe 2009-06-07 14:39 <DIR> --d----- c:\windows\EHome 2009-06-07 14:32 7,208 a------- c:\windows\system32\secupd.sig 2009-06-07 14:32 4,569 a------- c:\windows\system32\secupd.dat 2009-06-07 14:32 <DIR> --ds---- c:\windows\system32\Microsoft 2009-06-07 14:27 245,376 a----r-- c:\windows\system32\drivers\rt2500usb.sys 2009-06-07 14:22 <DIR> --d----- c:\program files\ATT-HSI 2009-06-07 14:22 <DIR> --d----- c:\program files\common files\Motive 2009-06-07 14:00 24,576 a------- c:\windows\system32\xpsp1hfm.exe 2009-06-07 14:00 <DIR> -cd-h--- c:\windows\$xpsp1hfm$ 2009-06-07 13:54 <DIR> --d----- c:\windows\system32\bits 2009-06-07 13:53 268,648 a------- c:\windows\system32\mucltui.dll 2009-06-07 13:53 27,496 a------- c:\windows\system32\mucltui.dll.mui 2009-06-07 13:51 31,768 a------- c:\windows\system32\wucltui.dll.mui 2009-06-07 13:51 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui 2009-06-07 13:51 23,576 a------- c:\windows\system32\wuapi.dll.mui 2009-06-07 13:51 18,456 a------- c:\windows\system32\wuaueng.dll.mui 2009-06-07 13:50 <DIR> --ds---- c:\documents and settings\administrator\UserData 2009-06-07 13:16 <DIR> --d----- c:\windows\system32\NtmsData 2009-06-07 12:58 68,096 a------- c:\windows\system32\agrsmdel.exe 2009-06-07 12:58 <DIR> --d----- c:\windows\Options 2009-06-07 12:06 2,984 a--sh--- c:\windows\system32\KGyGaAvL.sys 2009-06-07 12:06 8 ---shr-- c:\windows\system32\A333A765F5.sys 2009-06-07 11:51 <DIR> --d----- c:\program files\sisagp 2009-06-07 11:41 <DIR> --d----- c:\windows\NV14481664.TMP 2009-06-07 11:40 1,204,128 a------- c:\windows\system32\drivers\AGRSM.sys 2009-06-07 11:40 55,816 a------- c:\windows\agrsmdel.exe 2009-06-07 11:40 13,824 a------- c:\windows\system32\agrscoin.dll 2009-06-07 11:31 1,056,768 a------- c:\windows\system32\ROBOEX32.DLL 2009-06-07 11:31 49,152 a------- c:\windows\system32\INETWH32.dll 2009-06-07 11:30 <DIR> --d----- c:\program files\common files\Ulead Systems 2009-06-07 11:30 <DIR> --d----- c:\program files\Ulead Systems 2009-06-07 11:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Corel 2009-06-07 11:19 <DIR> --d-h--- C:\ASUS.000 2009-06-07 11:19 <DIR> --d-h--- C:\ASUS.SYS 2009-06-07 11:19 <DIR> --d----- c:\program files\Downloaded Installations 2009-06-07 11:18 962,612 a------- c:\windows\system32\mfc42d.dll 2009-06-07 11:18 434,252 a------- c:\windows\system32\MSVCRTD.DLL 2009-06-07 11:18 670 a------- c:\windows\setup.iss 2009-06-07 11:18 24,576 a----r-- c:\windows\system32\AsIO.dll 2009-06-07 11:18 12,400 a----r-- c:\windows\system32\drivers\AsIO.sys 2009-06-07 11:18 11,832 a------- c:\windows\system32\drivers\AsInsHelp64.sys 2009-06-07 11:18 10,216 a------- c:\windows\system32\drivers\AsInsHelp32.sys 2009-06-07 11:18 <DIR> --d----- c:\program files\ASUS 2009-06-06 17:35 <DIR> --d----- c:\windows\NV240328.TMP 2009-06-06 17:20 <DIR> --d----- c:\windows\system32\AGEIA 2009-06-06 17:20 <DIR> --d----- c:\program files\common files\Wise Installation Wizard 2009-06-06 17:20 205,739 a------- c:\windows\system32\nvapps.xml 2009-06-06 17:20 453,152 a------- c:\windows\system32\nvudisp.exe 2009-06-06 17:20 19,054 a------- c:\windows\system32\nvdisp.nvu 2009-06-06 17:20 <DIR> --d----- c:\windows\nview 2009-06-06 17:20 4,984 a----r-- c:\windows\system32\drivers\nvphy.bin 2009-06-06 17:20 122,880 a------- c:\windows\system32\NVCOSMU.DLL 2009-06-06 17:20 122,880 a------- c:\windows\system32\NVCOSMB.DLL 2009-06-06 17:19 453,152 a------- c:\windows\system32\NVUNINST.EXE 2009-06-06 17:18 <DIR> --d----- c:\windows\ASUSInstAll 2009-06-06 17:17 30,526 a------- c:\windows\Ascd_log.ini 2009-06-06 17:16 5,810 a----r-- c:\windows\system32\drivers\ASACPI.sys 2009-06-06 17:16 29,687 a------- c:\windows\Ascd_tmp.ini 2009-06-06 17:16 10,296 a------- c:\windows\system32\drivers\ASUSHWIO.SYS 2009-06-06 17:12 <DIR> --d----- c:\program files\Nero 2009-06-06 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero 2009-06-06 17:08 1,106,944 ac------ c:\windows\system32\dllcache\msxml3.dll 2009-06-06 17:08 44,032 ac------ c:\windows\system32\dllcache\msxml3r.dll 2009-06-06 17:08 1,106,944 a------- c:\windows\system32\msxml3.dll 2009-06-06 17:08 44,032 a------- c:\windows\system32\msxml3r.dll 2009-06-06 17:08 <DIR> --d----- c:\windows\RegisteredPackages 2009-06-06 17:07 <DIR> -cd-h--- c:\windows\$MSI30UninstallMSI30-KB884016$ 2009-06-06 16:36 <DIR> --dsh--- c:\windows\Installer 2009-06-06 16:36 <DIR> --d----- c:\documents and settings\Administrator 2009-06-06 16:35 8,192 a------- c:\windows\REGLOCS.OLD 2009-06-06 16:33 <DIR> --dsh--- c:\documents and settings\all users\DRM 2009-06-06 16:32 488 a---hr-- c:\windows\system32\WindowsLogon.manifest 2009-06-06 16:31 <DIR> --d----- c:\program files\common files\MSSoap 2009-06-06 16:31 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-06-06 16:31 <DIR> --d----- c:\program files\Online Services 2009-06-06 16:31 <DIR> --d----- c:\program files\Messenger 2009-06-06 16:30 <DIR> --d----- c:\program files\MSN Gaming Zone 2009-06-06 16:30 <DIR> --d----- c:\program files\Windows NT 2009-06-06 09:11 <DIR> --d----- c:\program files\common files\ODBC 2009-06-06 09:11 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-06-06 09:10 <DIR> --d--r-- c:\documents and settings\all users\Documents ==================== Find3M ==================== 2009-06-26 18:05 31,237 a------- c:\program files\SKUninst.ISU 2009-06-10 03:06 86,665 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-06-08 02:13 23,348 a------- c:\windows\system32\emptyregdb.dat 2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll 2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll 2009-04-24 08:42 133,492,859 a------- c:\program files\openofficeorg1.cab 2009-04-24 08:42 9,815,040 a------- c:\program files\openofficeorg31.msi 2009-04-23 18:36 336 a------- c:\program files\setup.ini 2009-04-17 08:26 1,847,168 a------- c:\windows\system32\win32k.sys 2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll 2009-04-07 09:17 3,735 a------- c:\windows\system32\ASPRTMM7.DLL 2005-12-04 07:18 1,796,476 a------- c:\program files\StepByStep Guide.pdf 2005-12-04 06:20 475,284 -------- c:\program files\SWISMAN.PDF 2005-12-04 06:14 421,023 -------- c:\program files\SWISNIFE.HLP 2005-11-24 04:55 922 -------- c:\program files\SWISNIFE.CNT 2005-11-22 23:37 2,108 a------- c:\program files\README.TXT 2002-03-11 05:06 1,822,520 a------- c:\program files\instmsiw.exe 2002-03-11 04:45 1,708,856 a------- c:\program files\instmsia.exe ============= FINISH: 7:53:41.50 =============== DDS (Ver_09-06-26.01) - NTFSx86 Run by Administrator at 7:53:33.76 on Sat 07/04/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3106 [GMT -4:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe C:\Program Files\Common Files\AOL\1244460923\ee\AOLSoftware.exe C:\WINDOWS\system32\ctfmon.exe svchost.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Netopia\Wireless USB Card\WLANSTA.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PSIService.exe C:\Program Files\Quick ShutDown\qsd.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\Administrator\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.aol.com uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Core Temp] "c:\documents and settings\administrator\desktop\Core Temp.exe" uRun: [Pando] "c:\program files\pando networks\pando\Pando.exe" /Minimized uRun: [<NO NAME>] uRun: [Multi Reminders] "c:\program files\multi reminders\reminder.exe" -c mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Ask and Record FLV Service] "c:\program files\ask & record toolbar\FLVSrvc.exe" /run mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [HostManager] c:\program files\common files\aol\1244460923\ee\AOLSoftware.exe mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\capsun~1.lnk - c:\program files\capsunlock\CapsUnlock.exe StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\quicks~1.lnk - c:\program files\quick shutdown\qsd.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\macroe~1.lnk - c:\program files\macro express3\MacExp.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\netopia\wireless usb card\WLANSTA.exe IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html IE: Create BigJig puzzle - c:\program files\jigmake\jm.htm IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244397036028 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244397143122 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll LSA: Notification Packages = scecli scecli scecli scecli ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-8 327688] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-8 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-8 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-8 906520] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-8 298776] R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2009-6-8 14336] R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2009-6-26 14976] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2009-6-8 39456] S3 Netopia_iphelp;Netopia WLAN IP Utility;c:\program files\netopia\wireless usb card\iphlpsrv.exe [2009-6-25 102400] =============== Created Last 30 ================ 2009-07-03 21:33 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes 2009-07-03 21:33 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-03 21:33 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-07-03 21:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-07-03 21:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-07-03 19:38 <DIR> --d----- c:\program files\Windows Messenger Remover 2009-07-03 19:35 <DIR> --d----- c:\windows\pss 2009-06-30 21:31 <DIR> --d----- c:\program files\Cool Cat Casino 2009-06-29 17:59 1,888,224 a------- c:\windows\system32\VCL40.BPL 2009-06-29 17:59 106,992 a------- c:\windows\system32\vcljpg40.BPL 2009-06-29 17:59 49,664 a------- c:\windows\system32\GTRippleMain.bpl 2009-06-29 17:59 <DIR> --d----- c:\program files\GTDesktop 2009-06-29 13:55 92 a------- c:\windows\MFPD.INI 2009-06-29 13:55 120,832 a------- c:\windows\system32\APFAXCNV.DLL 2009-06-29 13:55 12,288 a------- c:\windows\system32\APFMON40.DLL 2009-06-29 13:55 <DIR> --d----- c:\program files\MightyFax 2009-06-29 10:42 <DIR> --d----- C:\games 2009-06-28 10:19 <DIR> --d----- c:\program files\JigMake 2009-06-28 10:15 <DIR> --d----- c:\program files\BigJig 2009-06-27 18:04 86,016 a------- c:\windows\unvise32.exe 2009-06-27 18:04 <DIR> --d----- c:\program files\Quick ShutDown 2009-06-27 17:52 <DIR> --d----- c:\program files\Pando Networks 2009-06-27 11:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Slapdash Games 2009-06-27 10:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-06-26 18:05 48,128 a----r-- c:\program files\WNASPI32.DLL 2009-06-26 18:05 1,077,248 a------- c:\program files\SWISNIFE.EXE 2009-06-26 18:05 86,358 a------- c:\program files\Warning.dat 2009-06-26 18:05 82,432 a------- c:\program files\ONSCOOLR.DLL 2009-06-26 18:05 14,976 a------- c:\windows\system32\drivers\SBKUPNT.SYS 2009-06-26 18:05 13,312 a------- c:\windows\system32\DEVLOAD.EXE 2009-06-26 18:05 543 a------- c:\windows\SWISV3.INI 2009-06-26 18:05 344 a------- c:\windows\DYNASN.INF 2009-06-26 18:05 995,383 -------- c:\program files\MFC42.DLL 2009-06-26 18:05 282,624 -------- c:\program files\PARTUTIL.DLL 2009-06-26 18:05 102,870 -------- c:\program files\Swishd.dat 2009-06-26 18:05 50,176 -------- c:\program files\ONSDOCKR.DLL 2009-06-26 18:05 24,576 -------- c:\program files\SKUNINST.DLL 2009-06-26 18:05 307 a------- c:\windows\SKNIFE.INI 2009-06-26 18:04 2,799 a------- c:\windows\SKLANG.INI 2009-06-26 18:04 306,688 a------- c:\windows\IsUninst.exe 2009-06-25 22:21 <DIR> --d----- c:\program files\SolSuite 2009-06-25 21:30 <DIR> --d----- c:\program files\AOL Toolbar 2009-06-25 21:29 <DIR> --d----- c:\program files\AOL 9.1a 2009-06-25 21:14 14 a------- c:\windows\popcinfo.dat 2009-06-25 21:09 <DIR> --d----- c:\program files\BookWorm Deluxe 2009-06-25 20:18 163,410 a------- c:\windows\Wave@MP3 Uninstaller.exe 2009-06-25 20:18 <DIR> --d----- c:\program files\River Past 2009-06-25 20:18 <DIR> --d----- c:\program files\common files\River Past 2009-06-25 20:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\River Past G5 2009-06-25 20:18 <DIR> --d----- c:\docume~1\admini~1\applic~1\River Past G5 2009-06-25 12:23 459,520 a------- c:\windows\system32\drivers\rt73.sys 2009-06-25 12:16 <DIR> --d----- c:\program files\Wireless Temp 2009-06-25 12:14 21,419 a------- c:\windows\system32\drivers\AegisP.sys 2009-06-25 12:14 <DIR> --d----- c:\program files\Netopia 2009-06-25 11:52 69 a------- c:\windows\NeroDigital.ini 2009-06-11 05:50 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat 2009-06-10 23:50 <DIR> --d----- c:\windows\system32\XPSViewer 2009-06-10 23:49 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll 2009-06-10 23:49 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-10 23:49 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-10 23:49 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-10 23:49 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2009-06-10 23:49 575,488 -------- c:\windows\system32\xpsshhdr.dll 2009-06-10 23:49 117,760 -------- c:\windows\system32\prntvpt.dll 2009-06-10 22:15 <DIR> --dsh--- c:\documents and settings\administrator\PrivacIE 2009-06-10 22:10 <DIR> --dsh--- c:\documents and settings\administrator\IETldCache 2009-06-10 21:49 11,064,832 -c------ c:\windows\system32\dllcache\ieframe.dll 2009-06-10 21:49 1,985,024 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-06-10 21:49 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-06-10 21:49 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-06-10 21:49 <DIR> --d----- c:\windows\ie8updates 2009-06-10 21:49 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-06-10 21:48 <DIR> -cd-h--- c:\windows\ie8 2009-06-10 21:01 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-06-10 20:20 3,840 a------- c:\windows\system32\drivers\BANTExt.sys 2009-06-10 20:20 <DIR> --d----- c:\program files\Belarc 2009-06-10 14:09 <DIR> --d----- c:\docume~1\admini~1\applic~1\OpenOffice.org 2009-06-10 14:03 188,416 a------- c:\windows\amuninst.exe 2009-06-10 14:03 526 a------- c:\windows\unezmac.ini 2009-06-10 14:03 <DIR> --d----- c:\program files\American Systems 2009-06-10 14:03 36 a------- c:\windows\EZMacros.INI 2009-06-10 11:49 <DIR> --d----- c:\program files\ARM Software 2009-06-10 11:08 <DIR> --d----- c:\program files\macro 2 2009-06-10 11:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DRM 2009-06-10 04:37 221,184 a------- c:\windows\system32\wmpns.dll 2009-06-10 03:04 <DIR> --d----- c:\windows\system32\scripting 2009-06-10 03:04 <DIR> --d----- c:\windows\l2schemas 2009-06-10 03:04 <DIR> --d----- c:\windows\system32\en 2009-06-10 02:59 <DIR> --d----- c:\windows\network diagnostic 2009-06-09 15:50 <DIR> --d----- c:\program files\Multi Reminders 2009-06-09 15:50 <DIR> --d----- c:\docume~1\admini~1\applic~1\SolwaySoftware 2009-06-09 15:43 <DIR> --d----- c:\program files\CapsUnlock 2009-06-09 07:59 <DIR> --d----- c:\documents and settings\administrator\Saved Games 2009-06-09 07:46 <DIR> --d----- c:\program files\Dream Day First Home 2009-06-09 07:45 <DIR> --d----- c:\program files\ReflexiveArcade 2009-06-09 06:35 <DIR> --d----- c:\program files\AskBarDis 2009-06-09 06:35 <DIR> --d----- c:\windows\Ask & Record Toolbar 2009-06-09 06:35 <DIR> --d----- c:\program files\Ask & Record Toolbar 2009-06-09 01:31 <DIR> --d----- c:\windows\NV31444000.TMP 2009-06-09 01:16 1,048,576 a------- c:\windows\0801.BIN 2009-06-09 01:15 545,448 a------- c:\windows\0801.zip 2009-06-09 01:08 1,048,576 a------- C:\SAVED BIOS FILE 2009-06-08 20:39 <DIR> --d----- c:\program files\MSXML 4.0 2009-06-08 20:05 <DIR> --d----- c:\program files\JRE 2009-06-08 20:05 <DIR> --d----- c:\program files\OpenOffice.org 3 2009-06-08 20:05 410,984 a------- c:\windows\system32\deploytk.dll 2009-06-08 20:05 73,728 a------- c:\windows\system32\javacpl.cpl 2009-06-08 20:04 <DIR> --d----- c:\program files\readmes 2009-06-08 20:04 <DIR> --d----- c:\program files\redist 2009-06-08 20:04 <DIR> --d----- c:\program files\licenses 2009-06-08 19:35 <DIR> --d----- c:\program files\PokerStars 2009-06-08 18:39 974 -------- c:\windows\system32\pid.inf 2009-06-08 18:15 272,128 -c------ c:\windows\system32\dllcache\bthport.sys 2009-06-08 18:07 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys 2009-06-08 18:07 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys 2009-06-08 17:39 333,952 -c------ c:\windows\system32\dllcache\srv.sys 2009-06-08 17:38 331,776 -c------ c:\windows\system32\dllcache\msadce.dll 2009-06-08 17:37 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll 2009-06-08 17:31 247,326 -c------ c:\windows\system32\dllcache\strmdll.dll 2009-06-08 17:31 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll 2009-06-08 17:30 1,203,922 -c------ c:\windows\system32\dllcache\sysmain.sdb 2009-06-08 17:30 2,560 -------- c:\windows\system32\xpsp4res.dll 2009-06-08 17:30 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe 2009-06-08 17:12 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-06-08 17:12 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-06-08 17:12 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-06-08 17:12 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-06-08 17:12 <DIR> --d----- c:\docume~1\admini~1\applic~1\AVGTOOLBAR 2009-06-08 17:12 <DIR> --d----- c:\program files\AVG 2009-06-08 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8 2009-06-08 17:09 <DIR> --d----- c:\windows\system32\wbem\AutoRecover 2009-06-08 17:03 2,897,920 -------- c:\windows\system32\xpsp2res.dll 2009-06-08 17:02 19,528 a------- c:\windows\000001_.tmp 2009-06-08 14:16 <DIR> --d----- c:\windows\ServicePackFiles 2009-06-08 14:14 19,528 a------- c:\windows\002728_.tmp 2009-06-08 14:12 1,872,896 a------- c:\windows\system32\mmcndmgr.dll 2009-06-08 08:57 <DIR> --d----- c:\docume~1\admini~1\applic~1\wsInspector 2009-06-08 08:56 <DIR> --d----- c:\program files\Startup Inspector for Windows 2009-06-08 08:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Insight Software Solutions 2009-06-08 08:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Insight Software 2009-06-08 08:44 <DIR> --d----- c:\program files\Macro Express3 2009-06-08 08:44 <DIR> --d----- c:\program files\common files\Insight Software Solutions 2009-06-08 07:57 <DIR> --d----- c:\program files\Jasc Software Inc 2009-06-08 07:53 <DIR> --d----- c:\program files\VS Revo Group 2009-06-08 07:37 <DIR> --d----- c:\docume~1\admini~1\applic~1\AOL 2009-06-08 07:36 <DIR> --d----- c:\program files\Viewpoint 2009-06-08 07:36 <DIR> --d----- c:\program files\common files\Nullsoft 2009-06-08 07:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint 2009-06-08 07:36 <DIR> --d----- c:\program files\common files\Software Update Utility 2009-06-08 07:35 33,588 a----r-- c:\windows\system32\drivers\wanatw4.sys 2009-06-08 07:35 <DIR> --d----- c:\windows\aolshare 2009-06-08 07:35 <DIR> --d----- c:\program files\common files\aolshare 2009-06-08 07:35 <DIR> --d----- c:\program files\common files\aol 2009-06-08 07:35 <DIR> --d----- c:\program files\AOL 9.1 2009-06-08 02:45 351 a------- c:\windows\system32\nvhda.nvu 2009-06-08 02:45 122,880 a----r-- c:\windows\system32\nvcohda.dll 2009-06-08 02:45 453,152 a------- c:\windows\system32\nvuhda.exe 2009-06-08 02:45 39,456 a----r-- c:\windows\system32\drivers\nvhda32.sys 2009-06-08 02:44 <DIR> --d----- c:\windows\NV20602064.TMP 2009-06-08 02:16 10,240 ac------ c:\windows\system32\dllcache\snmpstup.dll 2009-06-08 02:15 7,168 ac------ c:\windows\system32\dllcache\wamregps.dll 2009-06-08 02:15 2,134,528 ac------ c:\windows\system32\dllcache\EXCH_smtpsnap.dll 2009-06-08 02:15 175,104 ac------ c:\windows\system32\dllcache\EXCH_smtpadm.dll 2009-06-08 02:15 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll 2009-06-08 02:15 7,680 ac------ c:\windows\system32\dllcache\inetmgr.exe 2009-06-08 02:15 169,984 ac------ c:\windows\system32\dllcache\iisui.dll 2009-06-08 02:15 14,336 ac------ c:\windows\system32\dllcache\iisreset.exe 2009-06-08 02:15 6,144 ac------ c:\windows\system32\dllcache\ftpsapi2.dll 2009-06-08 02:15 5,632 ac------ c:\windows\system32\dllcache\iisrstap.dll 2009-06-08 02:15 94,720 ac------ c:\windows\system32\dllcache\certmap.ocx 2009-06-08 02:14 488 a---hr-- c:\windows\system32\logonui.exe.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\WindowsShell.Manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\sapi.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\nwc.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest 2009-06-08 02:14 61,440 ac------ c:\windows\system32\dllcache\icwres.dll 2009-06-08 02:14 40,960 ac------ c:\windows\system32\dllcache\trialoc.dll 2009-06-08 02:14 73,728 ac------ c:\windows\system32\dllcache\icwtutor.exe 2009-06-08 02:04 24,661 ac------ c:\windows\system32\dllcache\spxcoins.dll 2009-06-08 02:04 13,312 ac------ c:\windows\system32\dllcache\irclass.dll 2009-06-08 02:04 24,661 a------- c:\windows\system32\spxcoins.dll 2009-06-08 02:04 13,312 a------- c:\windows\system32\irclass.dll 2009-06-08 02:04 797,189 ac------ c:\windows\system32\dllcache\NT5IIS.CAT 2009-06-08 02:04 399,645 ac------ c:\windows\system32\dllcache\MAPIMIG.CAT 2009-06-08 02:04 37,484 ac------ c:\windows\system32\dllcache\MW770.CAT 2009-06-08 02:04 13,472 ac------ c:\windows\system32\dllcache\HPCRDP.CAT 2009-06-08 02:04 8,574 ac------ c:\windows\system32\dllcache\IASNT4.CAT 2009-06-08 02:04 7,382 ac------ c:\windows\system32\dllcache\OEMBIOS.CAT 2009-06-08 02:04 13,608 a----r-- c:\windows\SET56.tmp 2009-06-08 02:04 1,085,913 a----r-- c:\windows\SET4A.tmp 2009-06-08 01:53 940,794 a------- c:\windows\system32\LoopyMusic.wav 2009-06-08 01:53 146,650 a------- c:\windows\system32\BuzzingBee.wav 2009-06-08 01:19 <DIR> --d----- c:\docume~1\admini~1\applic~1\GlarySoft 2009-06-08 01:09 <DIR> --d----- c:\windows\system32\Lang 2009-06-08 01:08 <DIR> --d----- c:\program files\AMD 2009-06-08 01:04 553 -----r-- c:\windows\USetup.iss 2009-06-08 01:04 <DIR> --d----- c:\windows\system32\RTCOM 2009-06-08 01:02 <DIR> --d----- c:\program files\Realtek 2009-06-08 00:54 <DIR> --d----- c:\docume~1\admini~1\applic~1\Symantec 2009-06-08 00:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec 2009-06-08 00:52 <DIR> --d----- c:\program files\common files\Symantec Shared 2009-06-07 20:21 <DIR> --d----- c:\windows\system32\appmgmt 2009-06-07 19:34 88,801 a------- c:\windows\setupapi.old 2009-06-07 19:32 <DIR> --d----- c:\windows\system32\PreInstall 2009-06-07 19:32 <DIR> --d-h--- c:\windows\$hf_mig$ 2009-06-07 15:13 <DIR> --d----- c:\program files\LSI SoftModem 2009-06-07 15:05 <DIR> --d----- c:\program files\Glary Utilities 2009-06-07 14:42 <DIR> --d----- c:\windows\provisioning 2009-06-07 14:42 <DIR> --d----- c:\windows\peernet 2009-06-07 14:40 26,144 a------- c:\windows\system32\spupdsvc.exe 2009-06-07 14:39 <DIR> --d----- c:\windows\EHome 2009-06-07 14:32 7,208 a------- c:\windows\system32\secupd.sig 2009-06-07 14:32 4,569 a------- c:\windows\system32\secupd.dat 2009-06-07 14:32 <DIR> --ds---- c:\windows\system32\Microsoft 2009-06-07 14:27 245,376 a----r-- c:\windows\system32\drivers\rt2500usb.sys 2009-06-07 14:22 <DIR> --d----- c:\program files\ATT-HSI 2009-06-07 14:22 <DIR> --d----- c:\program files\common files\Motive 2009-06-07 14:00 24,576 a------- c:\windows\system32\xpsp1hfm.exe 2009-06-07 14:00 <DIR> -cd-h--- c:\windows\$xpsp1hfm$ 2009-06-07 13:54 <DIR> --d----- c:\windows\system32\bits 2009-06-07 13:53 268,648 a------- c:\windows\system32\mucltui.dll 2009-06-07 13:53 27,496 a------- c:\windows\system32\mucltui.dll.mui 2009-06-07 13:51 31,768 a------- c:\windows\system32\wucltui.dll.mui 2009-06-07 13:51 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui 2009-06-07 13:51 23,576 a------- c:\windows\system32\wuapi.dll.mui 2009-06-07 13:51 18,456 a------- c:\windows\system32\wuaueng.dll.mui 2009-06-07 13:50 <DIR> --ds---- c:\documents and settings\administrator\UserData 2009-06-07 13:16 <DIR> --d----- c:\windows\system32\NtmsData 2009-06-07 12:58 68,096 a------- c:\windows\system32\agrsmdel.exe 2009-06-07 12:58 <DIR> --d----- c:\windows\Options 2009-06-07 12:06 2,984 a--sh--- c:\windows\system32\KGyGaAvL.sys 2009-06-07 12:06 8 ---shr-- c:\windows\system32\A333A765F5.sys 2009-06-07 11:51 <DIR> --d----- c:\program files\sisagp 2009-06-07 11:41 <DIR> --d----- c:\windows\NV14481664.TMP 2009-06-07 11:40 1,204,128 a------- c:\windows\system32\drivers\AGRSM.sys 2009-06-07 11:40 55,816 a------- c:\windows\agrsmdel.exe 2009-06-07 11:40 13,824 a------- c:\windows\system32\agrscoin.dll 2009-06-07 11:31 1,056,768 a------- c:\windows\system32\ROBOEX32.DLL 2009-06-07 11:31 49,152 a------- c:\windows\system32\INETWH32.dll 2009-06-07 11:30 <DIR> --d----- c:\program files\common files\Ulead Systems 2009-06-07 11:30 <DIR> --d----- c:\program files\Ulead Systems 2009-06-07 11:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Corel 2009-06-07 11:19 <DIR> --d-h--- C:\ASUS.000 2009-06-07 11:19 <DIR> --d-h--- C:\ASUS.SYS 2009-06-07 11:19 <DIR> --d----- c:\program files\Downloaded Installations 2009-06-07 11:18 962,612 a------- c:\windows\system32\mfc42d.dll 2009-06-07 11:18 434,252 a------- c:\windows\system32\MSVCRTD.DLL 2009-06-07 11:18 670 a------- c:\windows\setup.iss 2009-06-07 11:18 24,576 a----r-- c:\windows\system32\AsIO.dll 2009-06-07 11:18 12,400 a----r-- c:\windows\system32\drivers\AsIO.sys 2009-06-07 11:18 11,832 a------- c:\windows\system32\drivers\AsInsHelp64.sys 2009-06-07 11:18 10,216 a------- c:\windows\system32\drivers\AsInsHelp32.sys 2009-06-07 11:18 <DIR> --d----- c:\program files\ASUS 2009-06-06 17:35 <DIR> --d----- c:\windows\NV240328.TMP 2009-06-06 17:20 <DIR> --d----- c:\windows\system32\AGEIA 2009-06-06 17:20 <DIR> --d----- c:\program files\common files\Wise Installation Wizard 2009-06-06 17:20 205,739 a------- c:\windows\system32\nvapps.xml 2009-06-06 17:20 453,152 a------- c:\windows\system32\nvudisp.exe 2009-06-06 17:20 19,054 a------- c:\windows\system32\nvdisp.nvu 2009-06-06 17:20 <DIR> --d----- c:\windows\nview 2009-06-06 17:20 4,984 a----r-- c:\windows\system32\drivers\nvphy.bin 2009-06-06 17:20 122,880 a------- c:\windows\system32\NVCOSMU.DLL 2009-06-06 17:20 122,880 a------- c:\windows\system32\NVCOSMB.DLL 2009-06-06 17:19 453,152 a------- c:\windows\system32\NVUNINST.EXE 2009-06-06 17:18 <DIR> --d----- c:\windows\ASUSInstAll 2009-06-06 17:17 30,526 a------- c:\windows\Ascd_log.ini 2009-06-06 17:16 5,810 a----r-- c:\windows\system32\drivers\ASACPI.sys 2009-06-06 17:16 29,687 a------- c:\windows\Ascd_tmp.ini 2009-06-06 17:16 10,296 a------- c:\windows\system32\drivers\ASUSHWIO.SYS 2009-06-06 17:12 <DIR> --d----- c:\program files\Nero 2009-06-06 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero 2009-06-06 17:08 1,106,944 ac------ c:\windows\system32\dllcache\msxml3.dll 2009-06-06 17:08 44,032 ac------ c:\windows\system32\dllcache\msxml3r.dll 2009-06-06 17:08 1,106,944 a------- c:\windows\system32\msxml3.dll 2009-06-06 17:08 44,032 a------- c:\windows\system32\msxml3r.dll 2009-06-06 17:08 <DIR> --d----- c:\windows\RegisteredPackages 2009-06-06 17:07 <DIR> -cd-h--- c:\windows\$MSI30UninstallMSI30-KB884016$ 2009-06-06 16:36 <DIR> --dsh--- c:\windows\Installer 2009-06-06 16:36 <DIR> --d----- c:\documents and settings\Administrator 2009-06-06 16:35 8,192 a------- c:\windows\REGLOCS.OLD 2009-06-06 16:33 <DIR> --dsh--- c:\documents and settings\all users\DRM 2009-06-06 16:32 488 a---hr-- c:\windows\system32\WindowsLogon.manifest 2009-06-06 16:31 <DIR> --d----- c:\program files\common files\MSSoap 2009-06-06 16:31 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-06-06 16:31 <DIR> --d----- c:\program files\Online Services 2009-06-06 16:31 <DIR> --d----- c:\program files\Messenger 2009-06-06 16:30 <DIR> --d----- c:\program files\MSN Gaming Zone 2009-06-06 16:30 <DIR> --d----- c:\program files\Windows NT 2009-06-06 09:11 <DIR> --d----- c:\program files\common files\ODBC 2009-06-06 09:11 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-06-06 09:10 <DIR> --d--r-- c:\documents and settings\all users\Documents ==================== Find3M ==================== 2009-06-26 18:05 31,237 a------- c:\program files\SKUninst.ISU 2009-06-10 03:06 86,665 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-06-08 02:13 23,348 a------- c:\windows\system32\emptyregdb.dat 2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll 2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll 2009-04-24 08:42 133,492,859 a------- c:\program files\openofficeorg1.cab 2009-04-24 08:42 9,815,040 a------- c:\program files\openofficeorg31.msi 2009-04-23 18:36 336 a------- c:\program files\setup.ini 2009-04-17 08:26 1,847,168 a------- c:\windows\system32\win32k.sys 2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll 2009-04-07 09:17 3,735 a------- c:\windows\system32\ASPRTMM7.DLL 2005-12-04 07:18 1,796,476 a------- c:\program files\StepByStep Guide.pdf 2005-12-04 06:20 475,284 -------- c:\program files\SWISMAN.PDF 2005-12-04 06:14 421,023 -------- c:\program files\SWISNIFE.HLP 2005-11-24 04:55 922 -------- c:\program files\SWISNIFE.CNT 2005-11-22 23:37 2,108 a------- c:\program files\README.TXT 2002-03-11 05:06 1,822,520 a------- c:\program files\instmsiw.exe 2002-03-11 04:45 1,708,856 a------- c:\program files\instmsia.exe ============= FINISH: 7:53:41.50 =============== DDS (Ver_09-06-26.01) - NTFSx86 Run by Administrator at 7:53:33.76 on Sat 07/04/2009 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_14 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3582.3106 [GMT -4:00] AV: AVG Anti-Virus Free *On-access scanning enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Ask & Record Toolbar\FLVSrvc.exe C:\Program Files\Common Files\AOL\1244460923\ee\AOLSoftware.exe C:\WINDOWS\system32\ctfmon.exe svchost.exe C:\Program Files\LSI SoftModem\agrsmsvc.exe C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Motive\McciCMService.exe C:\Program Files\Netopia\Wireless USB Card\WLANSTA.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\System32\PSIService.exe C:\Program Files\Quick ShutDown\qsd.exe C:\PROGRA~1\AVG\AVG8\avgemc.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\AVG\AVG8\avgcsrvx.exe C:\WINDOWS\System32\svchost.exe -k HTTPFilter C:\Documents and Settings\Administrator\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.aol.com uURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: IAOLTBSearch Class: {ea756889-2338-43db-8f07-d1ca6fb9c90d} - c:\program files\aol toolbar\aoltb.dll mURLSearchHooks: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: AskBar BHO: {201f27d4-3704-41d6-89c1-aa35e39143ed} - c:\program files\askbardis\bar\bin\askBar.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll BHO: AOL Toolbar Loader: {7c554162-8cb7-45a4-b8f4-8ea1c75885f9} - c:\program files\aol toolbar\aoltb.dll BHO: AVG Security Toolbar BHO: {a3bc75a2-1f87-4686-aa43-5347d756017c} - c:\program files\avg\avg8\toolbar\IEToolbar.dll BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Ask Toolbar: {3041d03e-fd4b-44e0-b742-2d9b88305f98} - c:\program files\askbardis\bar\bin\askBar.dll TB: AOL Toolbar: {de9c389f-3316-41a7-809b-aa305ed9d922} - c:\program files\aol toolbar\aoltb.dll TB: AVG Security Toolbar: {ccc7a320-b3ca-4199-b1a6-9f516dd69829} - c:\program files\avg\avg8\toolbar\IEToolbar.dll EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [Core Temp] "c:\documents and settings\administrator\desktop\Core Temp.exe" uRun: [Pando] "c:\program files\pando networks\pando\Pando.exe" /Minimized uRun: [<NO NAME>] uRun: [Multi Reminders] "c:\program files\multi reminders\reminder.exe" -c mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe mRun: [Ask and Record FLV Service] "c:\program files\ask & record toolbar\FLVSrvc.exe" /run mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [HostManager] c:\program files\common files\aol\1244460923\ee\AOLSoftware.exe mRun: [NBKeyScan] "c:\program files\nero\nero8\nero backitup\NBKeyScan.exe" StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\capsun~1.lnk - c:\program files\capsunlock\CapsUnlock.exe StartupFolder: c:\docume~1\admini~1\startm~1\programs\startup\quicks~1.lnk - c:\program files\quick shutdown\qsd.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\macroe~1.lnk - c:\program files\macro express3\MacExp.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\wirele~1.lnk - c:\program files\netopia\wireless usb card\WLANSTA.exe IE: &AOL Toolbar Search - c:\documents and settings\all users\application data\aol\ietoolbar\resources\en-us\local\search.html IE: Create BigJig puzzle - c:\program files\jigmake\jm.htm IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} - hxxp://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1244397036028 DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1244397143122 DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - c:\program files\belarc\advisor\system\BAVoilaX.dll Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll Notify: avgrsstarter - avgrsstx.dll LSA: Notification Packages = scecli scecli scecli scecli ============= SERVICES / DRIVERS =============== R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-6-8 327688] R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-6-8 27784] R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-6-8 108552] R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-6-8 906520] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-6-8 298776] R2 NwSapAgent;SAP Agent;c:\windows\system32\svchost.exe -k netsvcs [2009-6-8 14336] R2 SBKUPNT;SBKUPNT;c:\windows\system32\drivers\SBKUPNT.SYS [2009-6-26 14976] R3 NVHDA;Service for NVIDIA High Definition Audio Driver;c:\windows\system32\drivers\nvhda32.sys [2009-6-8 39456] S3 Netopia_iphelp;Netopia WLAN IP Utility;c:\program files\netopia\wireless usb card\iphlpsrv.exe [2009-6-25 102400] =============== Created Last 30 ================ 2009-07-03 21:33 <DIR> --d----- c:\docume~1\admini~1\applic~1\Malwarebytes 2009-07-03 21:33 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-03 21:33 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-07-03 21:33 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-07-03 21:33 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-07-03 19:38 <DIR> --d----- c:\program files\Windows Messenger Remover 2009-07-03 19:35 <DIR> --d----- c:\windows\pss 2009-06-30 21:31 <DIR> --d----- c:\program files\Cool Cat Casino 2009-06-29 17:59 1,888,224 a------- c:\windows\system32\VCL40.BPL 2009-06-29 17:59 106,992 a------- c:\windows\system32\vcljpg40.BPL 2009-06-29 17:59 49,664 a------- c:\windows\system32\GTRippleMain.bpl 2009-06-29 17:59 <DIR> --d----- c:\program files\GTDesktop 2009-06-29 13:55 92 a------- c:\windows\MFPD.INI 2009-06-29 13:55 120,832 a------- c:\windows\system32\APFAXCNV.DLL 2009-06-29 13:55 12,288 a------- c:\windows\system32\APFMON40.DLL 2009-06-29 13:55 <DIR> --d----- c:\program files\MightyFax 2009-06-29 10:42 <DIR> --d----- C:\games 2009-06-28 10:19 <DIR> --d----- c:\program files\JigMake 2009-06-28 10:15 <DIR> --d----- c:\program files\BigJig 2009-06-27 18:04 86,016 a------- c:\windows\unvise32.exe 2009-06-27 18:04 <DIR> --d----- c:\program files\Quick ShutDown 2009-06-27 17:52 <DIR> --d----- c:\program files\Pando Networks 2009-06-27 11:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Slapdash Games 2009-06-27 10:01 <DIR> --d----- c:\docume~1\alluse~1\applic~1\AVG Security Toolbar 2009-06-26 18:05 48,128 a----r-- c:\program files\WNASPI32.DLL 2009-06-26 18:05 1,077,248 a------- c:\program files\SWISNIFE.EXE 2009-06-26 18:05 86,358 a------- c:\program files\Warning.dat 2009-06-26 18:05 82,432 a------- c:\program files\ONSCOOLR.DLL 2009-06-26 18:05 14,976 a------- c:\windows\system32\drivers\SBKUPNT.SYS 2009-06-26 18:05 13,312 a------- c:\windows\system32\DEVLOAD.EXE 2009-06-26 18:05 543 a------- c:\windows\SWISV3.INI 2009-06-26 18:05 344 a------- c:\windows\DYNASN.INF 2009-06-26 18:05 995,383 -------- c:\program files\MFC42.DLL 2009-06-26 18:05 282,624 -------- c:\program files\PARTUTIL.DLL 2009-06-26 18:05 102,870 -------- c:\program files\Swishd.dat 2009-06-26 18:05 50,176 -------- c:\program files\ONSDOCKR.DLL 2009-06-26 18:05 24,576 -------- c:\program files\SKUNINST.DLL 2009-06-26 18:05 307 a------- c:\windows\SKNIFE.INI 2009-06-26 18:04 2,799 a------- c:\windows\SKLANG.INI 2009-06-26 18:04 306,688 a------- c:\windows\IsUninst.exe 2009-06-25 22:21 <DIR> --d----- c:\program files\SolSuite 2009-06-25 21:30 <DIR> --d----- c:\program files\AOL Toolbar 2009-06-25 21:29 <DIR> --d----- c:\program files\AOL 9.1a 2009-06-25 21:14 14 a------- c:\windows\popcinfo.dat 2009-06-25 21:09 <DIR> --d----- c:\program files\BookWorm Deluxe 2009-06-25 20:18 163,410 a------- c:\windows\Wave@MP3 Uninstaller.exe 2009-06-25 20:18 <DIR> --d----- c:\program files\River Past 2009-06-25 20:18 <DIR> --d----- c:\program files\common files\River Past 2009-06-25 20:18 <DIR> --d----- c:\docume~1\alluse~1\applic~1\River Past G5 2009-06-25 20:18 <DIR> --d----- c:\docume~1\admini~1\applic~1\River Past G5 2009-06-25 12:23 459,520 a------- c:\windows\system32\drivers\rt73.sys 2009-06-25 12:16 <DIR> --d----- c:\program files\Wireless Temp 2009-06-25 12:14 21,419 a------- c:\windows\system32\drivers\AegisP.sys 2009-06-25 12:14 <DIR> --d----- c:\program files\Netopia 2009-06-25 11:52 69 a------- c:\windows\NeroDigital.ini 2009-06-11 05:50 1,089,593 -c------ c:\windows\system32\dllcache\ntprint.cat 2009-06-10 23:50 <DIR> --d----- c:\windows\system32\XPSViewer 2009-06-10 23:49 1,676,288 -c------ c:\windows\system32\dllcache\xpssvcs.dll 2009-06-10 23:49 597,504 -c------ c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2009-06-10 23:49 575,488 -c------ c:\windows\system32\dllcache\xpsshhdr.dll 2009-06-10 23:49 89,088 -c------ c:\windows\system32\dllcache\filterpipelineprintproc.dll 2009-06-10 23:49 1,676,288 -------- c:\windows\system32\xpssvcs.dll 2009-06-10 23:49 575,488 -------- c:\windows\system32\xpsshhdr.dll 2009-06-10 23:49 117,760 -------- c:\windows\system32\prntvpt.dll 2009-06-10 22:15 <DIR> --dsh--- c:\documents and settings\administrator\PrivacIE 2009-06-10 22:10 <DIR> --dsh--- c:\documents and settings\administrator\IETldCache 2009-06-10 21:49 11,064,832 -c------ c:\windows\system32\dllcache\ieframe.dll 2009-06-10 21:49 1,985,024 -c------ c:\windows\system32\dllcache\iertutil.dll 2009-06-10 21:49 246,272 -c------ c:\windows\system32\dllcache\ieproxy.dll 2009-06-10 21:49 12,800 -c------ c:\windows\system32\dllcache\xpshims.dll 2009-06-10 21:49 <DIR> --d----- c:\windows\ie8updates 2009-06-10 21:49 102,912 -c------ c:\windows\system32\dllcache\iecompat.dll 2009-06-10 21:48 <DIR> -cd-h--- c:\windows\ie8 2009-06-10 21:01 <DIR> --d-h--- C:\$AVG8.VAULT$ 2009-06-10 20:20 3,840 a------- c:\windows\system32\drivers\BANTExt.sys 2009-06-10 20:20 <DIR> --d----- c:\program files\Belarc 2009-06-10 14:09 <DIR> --d----- c:\docume~1\admini~1\applic~1\OpenOffice.org 2009-06-10 14:03 188,416 a------- c:\windows\amuninst.exe 2009-06-10 14:03 526 a------- c:\windows\unezmac.ini 2009-06-10 14:03 <DIR> --d----- c:\program files\American Systems 2009-06-10 14:03 36 a------- c:\windows\EZMacros.INI 2009-06-10 11:49 <DIR> --d----- c:\program files\ARM Software 2009-06-10 11:08 <DIR> --d----- c:\program files\macro 2 2009-06-10 11:02 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DRM 2009-06-10 04:37 221,184 a------- c:\windows\system32\wmpns.dll 2009-06-10 03:04 <DIR> --d----- c:\windows\system32\scripting 2009-06-10 03:04 <DIR> --d----- c:\windows\l2schemas 2009-06-10 03:04 <DIR> --d----- c:\windows\system32\en 2009-06-10 02:59 <DIR> --d----- c:\windows\network diagnostic 2009-06-09 15:50 <DIR> --d----- c:\program files\Multi Reminders 2009-06-09 15:50 <DIR> --d----- c:\docume~1\admini~1\applic~1\SolwaySoftware 2009-06-09 15:43 <DIR> --d----- c:\program files\CapsUnlock 2009-06-09 07:59 <DIR> --d----- c:\documents and settings\administrator\Saved Games 2009-06-09 07:46 <DIR> --d----- c:\program files\Dream Day First Home 2009-06-09 07:45 <DIR> --d----- c:\program files\ReflexiveArcade 2009-06-09 06:35 <DIR> --d----- c:\program files\AskBarDis 2009-06-09 06:35 <DIR> --d----- c:\windows\Ask & Record Toolbar 2009-06-09 06:35 <DIR> --d----- c:\program files\Ask & Record Toolbar 2009-06-09 01:31 <DIR> --d----- c:\windows\NV31444000.TMP 2009-06-09 01:16 1,048,576 a------- c:\windows\0801.BIN 2009-06-09 01:15 545,448 a------- c:\windows\0801.zip 2009-06-09 01:08 1,048,576 a------- C:\SAVED BIOS FILE 2009-06-08 20:39 <DIR> --d----- c:\program files\MSXML 4.0 2009-06-08 20:05 <DIR> --d----- c:\program files\JRE 2009-06-08 20:05 <DIR> --d----- c:\program files\OpenOffice.org 3 2009-06-08 20:05 410,984 a------- c:\windows\system32\deploytk.dll 2009-06-08 20:05 73,728 a------- c:\windows\system32\javacpl.cpl 2009-06-08 20:04 <DIR> --d----- c:\program files\readmes 2009-06-08 20:04 <DIR> --d----- c:\program files\redist 2009-06-08 20:04 <DIR> --d----- c:\program files\licenses 2009-06-08 19:35 <DIR> --d----- c:\program files\PokerStars 2009-06-08 18:39 974 -------- c:\windows\system32\pid.inf 2009-06-08 18:15 272,128 -c------ c:\windows\system32\dllcache\bthport.sys 2009-06-08 18:07 203,136 -c------ c:\windows\system32\dllcache\rmcast.sys 2009-06-08 18:07 455,296 -c------ c:\windows\system32\dllcache\mrxsmb.sys 2009-06-08 17:39 333,952 -c------ c:\windows\system32\dllcache\srv.sys 2009-06-08 17:38 331,776 -c------ c:\windows\system32\dllcache\msadce.dll 2009-06-08 17:37 691,712 -c------ c:\windows\system32\dllcache\inetcomm.dll 2009-06-08 17:31 247,326 -c------ c:\windows\system32\dllcache\strmdll.dll 2009-06-08 17:31 337,408 -c------ c:\windows\system32\dllcache\netapi32.dll 2009-06-08 17:30 1,203,922 -c------ c:\windows\system32\dllcache\sysmain.sdb 2009-06-08 17:30 2,560 -------- c:\windows\system32\xpsp4res.dll 2009-06-08 17:30 215,552 -c------ c:\windows\system32\dllcache\wordpad.exe 2009-06-08 17:12 108,552 a------- c:\windows\system32\drivers\avgtdix.sys 2009-06-08 17:12 11,952 a------- c:\windows\system32\avgrsstx.dll 2009-06-08 17:12 327,688 a------- c:\windows\system32\drivers\avgldx86.sys 2009-06-08 17:12 <DIR> --d----- c:\windows\system32\drivers\Avg 2009-06-08 17:12 <DIR> --d----- c:\docume~1\admini~1\applic~1\AVGTOOLBAR 2009-06-08 17:12 <DIR> --d----- c:\program files\AVG 2009-06-08 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\avg8 2009-06-08 17:09 <DIR> --d----- c:\windows\system32\wbem\AutoRecover 2009-06-08 17:03 2,897,920 -------- c:\windows\system32\xpsp2res.dll 2009-06-08 17:02 19,528 a------- c:\windows\000001_.tmp 2009-06-08 14:16 <DIR> --d----- c:\windows\ServicePackFiles 2009-06-08 14:14 19,528 a------- c:\windows\002728_.tmp 2009-06-08 14:12 1,872,896 a------- c:\windows\system32\mmcndmgr.dll 2009-06-08 08:57 <DIR> --d----- c:\docume~1\admini~1\applic~1\wsInspector 2009-06-08 08:56 <DIR> --d----- c:\program files\Startup Inspector for Windows 2009-06-08 08:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Insight Software Solutions 2009-06-08 08:44 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Insight Software 2009-06-08 08:44 <DIR> --d----- c:\program files\Macro Express3 2009-06-08 08:44 <DIR> --d----- c:\program files\common files\Insight Software Solutions 2009-06-08 07:57 <DIR> --d----- c:\program files\Jasc Software Inc 2009-06-08 07:53 <DIR> --d----- c:\program files\VS Revo Group 2009-06-08 07:37 <DIR> --d----- c:\docume~1\admini~1\applic~1\AOL 2009-06-08 07:36 <DIR> --d----- c:\program files\Viewpoint 2009-06-08 07:36 <DIR> --d----- c:\program files\common files\Nullsoft 2009-06-08 07:36 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint 2009-06-08 07:36 <DIR> --d----- c:\program files\common files\Software Update Utility 2009-06-08 07:35 33,588 a----r-- c:\windows\system32\drivers\wanatw4.sys 2009-06-08 07:35 <DIR> --d----- c:\windows\aolshare 2009-06-08 07:35 <DIR> --d----- c:\program files\common files\aolshare 2009-06-08 07:35 <DIR> --d----- c:\program files\common files\aol 2009-06-08 07:35 <DIR> --d----- c:\program files\AOL 9.1 2009-06-08 02:45 351 a------- c:\windows\system32\nvhda.nvu 2009-06-08 02:45 122,880 a----r-- c:\windows\system32\nvcohda.dll 2009-06-08 02:45 453,152 a------- c:\windows\system32\nvuhda.exe 2009-06-08 02:45 39,456 a----r-- c:\windows\system32\drivers\nvhda32.sys 2009-06-08 02:44 <DIR> --d----- c:\windows\NV20602064.TMP 2009-06-08 02:16 10,240 ac------ c:\windows\system32\dllcache\snmpstup.dll 2009-06-08 02:15 7,168 ac------ c:\windows\system32\dllcache\wamregps.dll 2009-06-08 02:15 2,134,528 ac------ c:\windows\system32\dllcache\EXCH_smtpsnap.dll 2009-06-08 02:15 175,104 ac------ c:\windows\system32\dllcache\EXCH_smtpadm.dll 2009-06-08 02:15 19,968 ac------ c:\windows\system32\dllcache\inetsloc.dll 2009-06-08 02:15 7,680 ac------ c:\windows\system32\dllcache\inetmgr.exe 2009-06-08 02:15 169,984 ac------ c:\windows\system32\dllcache\iisui.dll 2009-06-08 02:15 14,336 ac------ c:\windows\system32\dllcache\iisreset.exe 2009-06-08 02:15 6,144 ac------ c:\windows\system32\dllcache\ftpsapi2.dll 2009-06-08 02:15 5,632 ac------ c:\windows\system32\dllcache\iisrstap.dll 2009-06-08 02:15 94,720 ac------ c:\windows\system32\dllcache\certmap.ocx 2009-06-08 02:14 488 a---hr-- c:\windows\system32\logonui.exe.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\WindowsShell.Manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\wuaucpl.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\sapi.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\nwc.cpl.manifest 2009-06-08 02:14 749 a---hr-- c:\windows\system32\ncpa.cpl.manifest 2009-06-08 02:14 61,440 ac------ c:\windows\system32\dllcache\icwres.dll 2009-06-08 02:14 40,960 ac------ c:\windows\system32\dllcache\trialoc.dll 2009-06-08 02:14 73,728 ac------ c:\windows\system32\dllcache\icwtutor.exe 2009-06-08 02:04 24,661 ac------ c:\windows\system32\dllcache\spxcoins.dll 2009-06-08 02:04 13,312 ac------ c:\windows\system32\dllcache\irclass.dll 2009-06-08 02:04 24,661 a------- c:\windows\system32\spxcoins.dll 2009-06-08 02:04 13,312 a------- c:\windows\system32\irclass.dll 2009-06-08 02:04 797,189 ac------ c:\windows\system32\dllcache\NT5IIS.CAT 2009-06-08 02:04 399,645 ac------ c:\windows\system32\dllcache\MAPIMIG.CAT 2009-06-08 02:04 37,484 ac------ c:\windows\system32\dllcache\MW770.CAT 2009-06-08 02:04 13,472 ac------ c:\windows\system32\dllcache\HPCRDP.CAT 2009-06-08 02:04 8,574 ac------ c:\windows\system32\dllcache\IASNT4.CAT 2009-06-08 02:04 7,382 ac------ c:\windows\system32\dllcache\OEMBIOS.CAT 2009-06-08 02:04 13,608 a----r-- c:\windows\SET56.tmp 2009-06-08 02:04 1,085,913 a----r-- c:\windows\SET4A.tmp 2009-06-08 01:53 940,794 a------- c:\windows\system32\LoopyMusic.wav 2009-06-08 01:53 146,650 a------- c:\windows\system32\BuzzingBee.wav 2009-06-08 01:19 <DIR> --d----- c:\docume~1\admini~1\applic~1\GlarySoft 2009-06-08 01:09 <DIR> --d----- c:\windows\system32\Lang 2009-06-08 01:08 <DIR> --d----- c:\program files\AMD 2009-06-08 01:04 553 -----r-- c:\windows\USetup.iss 2009-06-08 01:04 <DIR> --d----- c:\windows\system32\RTCOM 2009-06-08 01:02 <DIR> --d----- c:\program files\Realtek 2009-06-08 00:54 <DIR> --d----- c:\docume~1\admini~1\applic~1\Symantec 2009-06-08 00:52 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec 2009-06-08 00:52 <DIR> --d----- c:\program files\common files\Symantec Shared 2009-06-07 20:21 <DIR> --d----- c:\windows\system32\appmgmt 2009-06-07 19:34 88,801 a------- c:\windows\setupapi.old 2009-06-07 19:32 <DIR> --d----- c:\windows\system32\PreInstall 2009-06-07 19:32 <DIR> --d-h--- c:\windows\$hf_mig$ 2009-06-07 15:13 <DIR> --d----- c:\program files\LSI SoftModem 2009-06-07 15:05 <DIR> --d----- c:\program files\Glary Utilities 2009-06-07 14:42 <DIR> --d----- c:\windows\provisioning 2009-06-07 14:42 <DIR> --d----- c:\windows\peernet 2009-06-07 14:40 26,144 a------- c:\windows\system32\spupdsvc.exe 2009-06-07 14:39 <DIR> --d----- c:\windows\EHome 2009-06-07 14:32 7,208 a------- c:\windows\system32\secupd.sig 2009-06-07 14:32 4,569 a------- c:\windows\system32\secupd.dat 2009-06-07 14:32 <DIR> --ds---- c:\windows\system32\Microsoft 2009-06-07 14:27 245,376 a----r-- c:\windows\system32\drivers\rt2500usb.sys 2009-06-07 14:22 <DIR> --d----- c:\program files\ATT-HSI 2009-06-07 14:22 <DIR> --d----- c:\program files\common files\Motive 2009-06-07 14:00 24,576 a------- c:\windows\system32\xpsp1hfm.exe 2009-06-07 14:00 <DIR> -cd-h--- c:\windows\$xpsp1hfm$ 2009-06-07 13:54 <DIR> --d----- c:\windows\system32\bits 2009-06-07 13:53 268,648 a------- c:\windows\system32\mucltui.dll 2009-06-07 13:53 27,496 a------- c:\windows\system32\mucltui.dll.mui 2009-06-07 13:51 31,768 a------- c:\windows\system32\wucltui.dll.mui 2009-06-07 13:51 23,576 a------- c:\windows\system32\wuaucpl.cpl.mui 2009-06-07 13:51 23,576 a------- c:\windows\system32\wuapi.dll.mui 2009-06-07 13:51 18,456 a------- c:\windows\system32\wuaueng.dll.mui 2009-06-07 13:50 <DIR> --ds---- c:\documents and settings\administrator\UserData 2009-06-07 13:16 <DIR> --d----- c:\windows\system32\NtmsData 2009-06-07 12:58 68,096 a------- c:\windows\system32\agrsmdel.exe 2009-06-07 12:58 <DIR> --d----- c:\windows\Options 2009-06-07 12:06 2,984 a--sh--- c:\windows\system32\KGyGaAvL.sys 2009-06-07 12:06 8 ---shr-- c:\windows\system32\A333A765F5.sys 2009-06-07 11:51 <DIR> --d----- c:\program files\sisagp 2009-06-07 11:41 <DIR> --d----- c:\windows\NV14481664.TMP 2009-06-07 11:40 1,204,128 a------- c:\windows\system32\drivers\AGRSM.sys 2009-06-07 11:40 55,816 a------- c:\windows\agrsmdel.exe 2009-06-07 11:40 13,824 a------- c:\windows\system32\agrscoin.dll 2009-06-07 11:31 1,056,768 a------- c:\windows\system32\ROBOEX32.DLL 2009-06-07 11:31 49,152 a------- c:\windows\system32\INETWH32.dll 2009-06-07 11:30 <DIR> --d----- c:\program files\common files\Ulead Systems 2009-06-07 11:30 <DIR> --d----- c:\program files\Ulead Systems 2009-06-07 11:26 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Corel 2009-06-07 11:19 <DIR> --d-h--- C:\ASUS.000 2009-06-07 11:19 <DIR> --d-h--- C:\ASUS.SYS 2009-06-07 11:19 <DIR> --d----- c:\program files\Downloaded Installations 2009-06-07 11:18 962,612 a------- c:\windows\system32\mfc42d.dll 2009-06-07 11:18 434,252 a------- c:\windows\system32\MSVCRTD.DLL 2009-06-07 11:18 670 a------- c:\windows\setup.iss 2009-06-07 11:18 24,576 a----r-- c:\windows\system32\AsIO.dll 2009-06-07 11:18 12,400 a----r-- c:\windows\system32\drivers\AsIO.sys 2009-06-07 11:18 11,832 a------- c:\windows\system32\drivers\AsInsHelp64.sys 2009-06-07 11:18 10,216 a------- c:\windows\system32\drivers\AsInsHelp32.sys 2009-06-07 11:18 <DIR> --d----- c:\program files\ASUS 2009-06-06 17:35 <DIR> --d----- c:\windows\NV240328.TMP 2009-06-06 17:20 <DIR> --d----- c:\windows\system32\AGEIA 2009-06-06 17:20 <DIR> --d----- c:\program files\common files\Wise Installation Wizard 2009-06-06 17:20 205,739 a------- c:\windows\system32\nvapps.xml 2009-06-06 17:20 453,152 a------- c:\windows\system32\nvudisp.exe 2009-06-06 17:20 19,054 a------- c:\windows\system32\nvdisp.nvu 2009-06-06 17:20 <DIR> --d----- c:\windows\nview 2009-06-06 17:20 4,984 a----r-- c:\windows\system32\drivers\nvphy.bin 2009-06-06 17:20 122,880 a------- c:\windows\system32\NVCOSMU.DLL 2009-06-06 17:20 122,880 a------- c:\windows\system32\NVCOSMB.DLL 2009-06-06 17:19 453,152 a------- c:\windows\system32\NVUNINST.EXE 2009-06-06 17:18 <DIR> --d----- c:\windows\ASUSInstAll 2009-06-06 17:17 30,526 a------- c:\windows\Ascd_log.ini 2009-06-06 17:16 5,810 a----r-- c:\windows\system32\drivers\ASACPI.sys 2009-06-06 17:16 29,687 a------- c:\windows\Ascd_tmp.ini 2009-06-06 17:16 10,296 a------- c:\windows\system32\drivers\ASUSHWIO.SYS 2009-06-06 17:12 <DIR> --d----- c:\program files\Nero 2009-06-06 17:12 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Nero 2009-06-06 17:08 1,106,944 ac------ c:\windows\system32\dllcache\msxml3.dll 2009-06-06 17:08 44,032 ac------ c:\windows\system32\dllcache\msxml3r.dll 2009-06-06 17:08 1,106,944 a------- c:\windows\system32\msxml3.dll 2009-06-06 17:08 44,032 a------- c:\windows\system32\msxml3r.dll 2009-06-06 17:08 <DIR> --d----- c:\windows\RegisteredPackages 2009-06-06 17:07 <DIR> -cd-h--- c:\windows\$MSI30UninstallMSI30-KB884016$ 2009-06-06 16:36 <DIR> --dsh--- c:\windows\Installer 2009-06-06 16:36 <DIR> --d----- c:\documents and settings\Administrator 2009-06-06 16:35 8,192 a------- c:\windows\REGLOCS.OLD 2009-06-06 16:33 <DIR> --dsh--- c:\documents and settings\all users\DRM 2009-06-06 16:32 488 a---hr-- c:\windows\system32\WindowsLogon.manifest 2009-06-06 16:31 <DIR> --d----- c:\program files\common files\MSSoap 2009-06-06 16:31 <DIR> --d-h--- c:\program files\WindowsUpdate 2009-06-06 16:31 <DIR> --d----- c:\program files\Online Services 2009-06-06 16:31 <DIR> --d----- c:\program files\Messenger 2009-06-06 16:30 <DIR> --d----- c:\program files\MSN Gaming Zone 2009-06-06 16:30 <DIR> --d----- c:\program files\Windows NT 2009-06-06 09:11 <DIR> --d----- c:\program files\common files\ODBC 2009-06-06 09:11 <DIR> --d----- c:\program files\common files\SpeechEngines 2009-06-06 09:10 <DIR> --d--r-- c:\documents and settings\all users\Documents ==================== Find3M ==================== 2009-06-26 18:05 31,237 a------- c:\program files\SKUninst.ISU 2009-06-10 03:06 86,665 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-06-08 02:13 23,348 a------- c:\windows\system32\emptyregdb.dat 2009-05-13 01:15 915,456 a------- c:\windows\system32\wininet.dll 2009-05-07 11:32 345,600 a------- c:\windows\system32\localspl.dll 2009-04-24 08:42 133,492,859 a------- c:\program files\openofficeorg1.cab 2009-04-24 08:42 9,815,040 a------- c:\program files\openofficeorg31.msi 2009-04-23 18:36 336 a------- c:\program files\setup.ini 2009-04-17 08:26 1,847,168 a------- c:\windows\system32\win32k.sys 2009-04-15 10:51 585,216 a------- c:\windows\system32\rpcrt4.dll 2009-04-07 09:17 3,735 a------- c:\windows\system32\ASPRTMM7.DLL 2005-12-04 07:18 1,796,476 a------- c:\program files\StepByStep Guide.pdf 2005-12-04 06:20 475,284 -------- c:\program files\SWISMAN.PDF 2005-12-04 06:14 421,023 -------- c:\program files\SWISNIFE.HLP 2005-11-24 04:55 922 -------- c:\program files\SWISNIFE.CNT 2005-11-22 23:37 2,108 a------- c:\program files\README.TXT 2002-03-11 05:06 1,822,520 a------- c:\program files\instmsiw.exe 2002-03-11 04:45 1,708,856 a------- c:\program files\instmsia.exe ============= FINISH: 7:53:41.50 =============== |
| ||
| Re: Windows XP professional Virus Infection It's what happens when you download dodgy and highly illegal software. Quote:
|
| All times are GMT -4. The time now is 5:33 pm. |
Forum system based on vBulletin Copyright ©2000 - 2009, Jelsoft Enterprises Ltd.
©2003 - 2009 DaniWeb® LLC