|
Arne
Thank you for responding.
Initially I was getting pop ups saying I had 55 critical errors on my system and telling me to go to regfixit.com and other sites that don't exist. Now the machine is slow and it keeps freezing with the mouse not working.
Since I posted this log I have downloaded Drweb-cureit which I ran in safe mode. It found the following
| A0005331.exe;C:\System Volume Information\_restore{872476FD-9B4D-4792-9FA6-A2E3B1B5AA7F}\RP18;Trojan.Starman;Deleted.; |
| A0012281.exe;C:\System Volume Information\_restore{872476FD-9B4D-4792-9FA6-A2E3B1B5AA7F}\RP93;Trojan.Starman;Deleted.; |
| A0012303.exe;C:\System Volume Information\_restore{872476FD-9B4D-4792-9FA6-A2E3B1B5AA7F}\RP93;Win32.HLLW.Zurenie;Deleted.; |
| setup_23637.exe;C:\WINDOWS\system32;Win32.HLLW.MyBot;Deleted.; |
|
|
|
|
|
|
These were deleted but since then AVG has found SDBOT2 again.
I have downloaded the programme you asked and here is the log
"steve" - 07-02-07 19:37:26 Service Pack 2
ComboFix 07-02-07 - Running from: "C:\Documents and Settings\steve\Desktop"
((((((((((((((((((((((((((((((( Files Created from 2007-01-07 to 2007-02-07 ))))))))))))))))))))))))))))))))))
2007-02-07 17:41 21,312 --a------ C:\WINDOWS\choice.exe
2007-02-06 21:09 <DIR> d-------- C:\DOCUME~1\carl\Application Data\Sun
2007-02-06 16:56 <DIR> d-------- C:\ie-spyad
2007-02-06 13:37 <DIR> d-------- C:\DOCUME~1\steve\DoctorWeb
2007-02-06 13:13 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-02-06 13:13 <DIR> d-------- C:\Program Files\Common Files\Wise Installation Wizard
2007-02-06 13:13 <DIR> d-------- C:\DOCUME~1\steve\Application Data\SUPERAntiSpyware.com
2007-02-06 13:13 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\SUPERAntiSpyware.com
2007-02-06 12:36 <DIR> d-------- C:\Program Files\Lavasoft
2007-02-06 12:36 <DIR> d-------- C:\DOCUME~1\steve\Application Data\Lavasoft
2007-02-05 06:33 <DIR> d-------- C:\WINDOWS\ShellNew
2007-02-05 06:32 <DIR> d-------- C:\DOCUME~1\steve\Application Data\Microsoft Web Folders
2007-02-04 21:32 <DIR> d-------- C:\DOCUME~1\carl\Application Data\Google
2007-02-04 09:55 <DIR> d-------- C:\DOCUME~1\elaine\Application Data\Google
2007-02-04 09:52 786,432 --ah----- C:\DOCUME~1\elaine\NTUSER.DAT
2007-02-04 09:52 <DIR> d-------- C:\DOCUME~1\elaine\Application Data\AVG7
2007-02-04 06:10 221,184 --a------ C:\WINDOWS\system32\wmpns.dll
2007-02-03 11:14 <DIR> dr-h----- C:\$VAULT$.AVG
2007-02-03 10:24 552 --a------ C:\WINDOWS\system32\d3d8caps.dat
2007-02-03 08:38 12,288,463 --------- C:\AVG7QT.DAT
2007-02-03 08:00 816,672 --a------ C:\WINDOWS\system32\drivers\avg7core.sys
2007-02-03 08:00 4,960 --a------ C:\WINDOWS\system32\drivers\avgtdi.sys
2007-02-03 08:00 4,224 --a------ C:\WINDOWS\system32\drivers\avg7rsw.sys
2007-02-03 08:00 3,968 --a------ C:\WINDOWS\system32\drivers\avgclean.sys
2007-02-03 08:00 28,416 --a------ C:\WINDOWS\system32\drivers\avg7rsxp.sys
2007-02-03 08:00 18,240 --a------ C:\WINDOWS\system32\drivers\avgmfx86.sys
2007-02-03 08:00 <DIR> d-------- C:\DOCUME~1\steve\Application Data\AVG7
2007-02-03 08:00 <DIR> d-------- C:\DOCUME~1\LOCALS~1\Application Data\AVG7
2007-02-03 08:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Grisoft
2007-02-03 08:00 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\avg7
2007-02-03 06:38 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Google
2007-02-03 06:15 <DIR> d-------- C:\DOCUME~1\steve\.housecall6.6
2007-02-03 06:14 <DIR> d-------- C:\WINDOWS\Sun
2007-02-03 06:14 <DIR> d-------- C:\DOCUME~1\steve\Application Data\Sun
2007-02-03 06:13 <DIR> d-------- C:\Program Files\Google
2007-02-03 06:13 <DIR> d-------- C:\DOCUME~1\steve\Application Data\Google
2007-02-03 06:12 <DIR> d-------- C:\Program Files\Java
2007-02-03 06:10 <DIR> d-------- C:\Program Files\Common Files\Java
2007-02-03 05:59 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-02-02 14:45 <DIR> d--h----- C:\WINDOWS\PIF
2007-02-01 20:12 127,208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-02-01 18:37 <DIR> d-------- C:\WINDOWS\WBEM
2007-02-01 18:37 <DIR> d-------- C:\WINDOWS\system32\en-US
2007-02-01 18:36 <DIR> d--h-c--- C:\WINDOWS\ie7
2007-02-01 18:35 121,856 --------- C:\WINDOWS\system32\xmllite.dll
2007-02-01 18:34 <DIR> d-------- C:\WINDOWS\network diagnostic
2007-02-01 18:02 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
2007-02-01 17:58 <DIR> d-------- C:\WINDOWS\Prefetch
2007-02-01 16:51 <DIR> d-------- C:\WINDOWS\provisioning
2007-02-01 16:51 <DIR> d-------- C:\WINDOWS\peernet
2007-02-01 16:48 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-02-01 16:43 <DIR> d-------- C:\WINDOWS\system32\ReinstallBackups
2007-02-01 16:40 <DIR> d-------- C:\WINDOWS\EHome
2007-02-01 16:32 896,512 --------- C:\WINDOWS\system32\wmspdmoe.dll
2007-02-01 16:32 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2007-02-01 16:32 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-02-01 16:32 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2007-02-01 16:32 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2007-02-01 16:32 484,864 --------- C:\WINDOWS\system32\wmspdmod.dll
2007-02-01 16:32 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2007-02-01 16:32 44,032 --------- C:\WINDOWS\system32\twext.dll
2007-02-01 16:32 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2007-02-01 16:32 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-02-01 16:32 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll
2007-02-01 16:32 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-02-01 16:32 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2007-02-01 16:32 168,448 --------- C:\WINDOWS\system32\wmerror.dll
2007-02-01 16:32 151,552 --------- C:\WINDOWS\system32\wmidx.dll
2007-02-01 16:32 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2007-02-01 16:32 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2007-02-01 16:32 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-02-01 16:32 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2007-02-01 16:32 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-02-01 16:32 114,688 --------- C:\WINDOWS\system32\wmpasf.dll
2007-02-01 16:32 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-02-01 16:32 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-02-01 16:32 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-02-01 16:32 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-02-01 16:32 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-02-01 16:32 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2007-02-01 16:32 1,119,744 --------- C:\WINDOWS\system32\wmsdmoe2.dll
2007-02-01 16:32 1,001,472 --------- C:\WINDOWS\system32\wmvdmoe2.dll
2007-02-01 16:31 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-02-01 16:31 9,216 --------- C:\WINDOWS\system32\proxycfg.exe
2007-02-01 16:31 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2007-02-01 16:31 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2007-02-01 16:31 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-02-01 16:31 8,192 --a------ C:\WINDOWS\system32\spdwnwxp.exe
2007-02-01 16:31 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2007-02-01 16:31 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-02-01 16:31 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-02-01 16:31 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2007-02-01 16:31 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-02-01 16:31 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-02-01 16:31 59,392 --------- C:\WINDOWS\system32\logman.exe
2007-02-01 16:31 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2007-02-01 16:31 52,224 --------- C:\WINDOWS\system32\mspmsnsv.dll
2007-02-01 16:31 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2007-02-01 16:31 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2007-02-01 16:31 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-02-01 16:31 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2007-02-01 16:31 4,569 --------- C:\WINDOWS\system32\secupd.dat
2007-02-01 16:31 4,274,816 --------- C:\WINDOWS\system32\nv4_disp.dll
2007-02-01 16:31 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2007-02-01 16:31 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll
2007-02-01 16:31 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2007-02-01 16:31 32,866 --------- C:\WINDOWS\slrundll.exe
2007-02-01 16:31 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2007-02-01 16:31 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll
2007-02-01 16:31 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-02-01 16:31 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2007-02-01 16:31 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2007-02-01 16:31 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2007-02-01 16:31 21,504 --------- C:\WINDOWS\system32\spupdwxp.exe
2007-02-01 16:31 188,508 --------- C:\WINDOWS\system32\slgen.dll
2007-02-01 16:31 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-02-01 16:31 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-02-01 16:31 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-02-01 16:31 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2007-02-01 16:31 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-02-01 16:31 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-02-01 16:31 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-02-01 16:31 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-02-01 16:31 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2007-02-01 16:31 116,224 --------- C:\WINDOWS\system32\p2p.dll
2007-02-01 16:31 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-02-01 16:31 11,776 --------- C:\WINDOWS\system32\spnpinst.exe
2007-02-01 16:31 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-02-01 16:31 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-02-01 16:31 1,897,408 --------- C:\WINDOWS\system32\drivers\nv4_mini.sys
2007-02-01 16:31 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2007-02-01 16:31 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-02-01 16:30 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-02-01 16:30 78,336 --a------ C:\WINDOWS\system32\ieencode.dll
2007-02-01 16:30 755,200 --------- C:\WINDOWS\system32\ir50_32.dll
2007-02-01 16:30 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-02-01 16:30 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2007-02-01 16:30 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-02-01 16:30 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2007-02-01 16:30 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2007-02-01 16:30 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2007-02-01 16:30 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2007-02-01 16:30 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2007-02-01 16:30 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-02-01 16:30 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-02-01 16:30 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-02-01 16:30 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2007-02-01 16:30 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2007-02-01 16:30 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2007-02-01 16:30 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2007-02-01 16:30 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2007-02-01 16:30 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2007-02-01 16:30 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-02-01 16:30 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-02-01 16:30 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-02-01 16:30 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2007-02-01 16:30 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2007-02-01 16:30 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2007-02-01 16:30 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-02-01 16:30 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2007-02-01 16:30 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys
2007-02-01 16:30 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2007-02-01 16:30 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2007-02-01 16:30 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-02-01 16:30 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-02-01 16:30 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-02-01 16:30 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-02-01 16:30 36,096 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2007-02-01 16:30 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2007-02-01 16:30 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-02-01 16:30 338,432 --------- C:\WINDOWS\system32\ir41_qcx.dll
2007-02-01 16:30 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-02-01 16:30 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2007-02-01 16:30 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2007-02-01 16:30 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-02-01 16:30 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-02-01 16:30 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2007-02-01 16:30 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-02-01 16:30 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-02-01 16:30 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-02-01 16:30 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-02-01 16:30 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-02-01 16:30 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-02-01 16:30 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-02-01 16:30 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2007-02-01 16:30 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-02-01 16:30 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2007-02-01 16:30 262,784 --------- C:\WINDOWS\system32\drivers\http.sys
2007-02-01 16:30 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-02-01 16:30 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2007-02-01 16:30 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-02-01 16:30 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2007-02-01 16:30 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-02-01 16:30 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2007-02-01 16:30 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-02-01 16:30 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-02-01 16:30 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-02-01 16:30 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-02-01 16:30 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2007-02-01 16:30 20,992 --------- C:\WINDOWS\system32\faxpatch.exe
2007-02-01 16:30 20,992 --------- C:\WINDOWS\system32\bthci.dll
2007-02-01 16:30 2,113,536 --------- C:\WINDOWS\system32\dxdiagn.dll
2007-02-01 16:30 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2007-02-01 16:30 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2007-02-01 16:30 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2007-02-01 16:30 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-02-01 16:30 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2007-02-01 16:30 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-02-01 16:30 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-02-01 16:30 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-02-01 16:30 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-02-01 16:30 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2007-02-01 16:30 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-02-01 16:30 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-02-01 16:30 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-02-01 16:30 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2007-02-01 16:30 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2007-02-01 16:30 120,320 --------- C:\WINDOWS\system32\ir41_qc.dll
2007-02-01 16:30 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-02-01 16:30 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-02-01 16:30 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-02-01 16:30 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-02-01 16:30 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2007-02-01 16:30 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2007-02-01 16:30 1,689,088 --------- C:\WINDOWS\system32\d3d9.dll
2007-02-01 16:30 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-02-01 15:14 614,912 --a------ C:\WINDOWS\system32\h323msp.dll
2007-02-01 15:14 39,936 --a------ C:\WINDOWS\system32\mf3216.dll
2007-02-01 15:14 331,264 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-02-01 15:14 26,112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-02-01 15:13 947,472 --a------ C:\WINDOWS\system32\msjava.dll
2007-02-01 15:13 63,248 --a------ C:\WINDOWS\system32\javaprxy.dll
2007-02-01 15:13 6,550 --a------ C:\WINDOWS\jautoexp.dat
2007-02-01 15:13 49,424 --a------ C:\WINDOWS\system32\clspack.exe
2007-02-01 15:13 46,352 --a------ C:\WINDOWS\setdebug.exe
2007-02-01 15:13 404,752 --a------ C:\WINDOWS\system32\javart.dll
2007-02-01 15:13 313,856 --a------ C:\WINDOWS\system32\dx3j.dll
2007-02-01 15:13 286,992 --a------ C:\WINDOWS\system32\vmhelper.dll
2007-02-01 15:13 21,264 --a------ C:\WINDOWS\system32\msjdbc10.dll
2007-02-01 15:13 187,152 --a------ C:\WINDOWS\system32\javacypt.dll
2007-02-01 15:13 172,304 --a------ C:\WINDOWS\system32\jview.exe
2007-02-01 15:13 171,792 --a------ C:\WINDOWS\system32\wjview.exe
2007-02-01 15:13 171,280 --a------ C:\WINDOWS\system32\jit.dll
2007-02-01 15:13 154,384 --a------ C:\WINDOWS\system32\msawt.dll
2007-02-01 15:13 15,120 --a------ C:\WINDOWS\system32\jdbgmgr.exe
2007-02-01 15:13 139,536 --a------ C:\WINDOWS\system32\javaee.dll
2007-02-01 15:13 113 --a------ C:\WINDOWS\system32\zonedon.reg
2007-02-01 15:13 113 --a------ C:\WINDOWS\system32\zonedoff.reg
2007-02-01 14:47 1,082,368 --a------ C:\WINDOWS\system32\esent.dll
2007-02-01 14:14 <DIR> d-------- C:\DOCUME~1\steve\Application Data\Help
2007-02-01 14:13 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-02-01 14:13 <DIR> d--h----- C:\WINDOWS\$hf_mig$
2007-02-01 14:13 <DIR> d-------- C:\WINDOWS\system32\PreInstall
2007-02-01 14:12 <DIR> d-------- C:\WINDOWS\system32\bits
2007-02-01 13:35 <DIR> d-------- C:\DOCUME~1\DEFAUL~1\Application Data\AVG7
2007-02-01 13:33 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-02-01 13:33 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-02-01 13:29 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-02-01 13:29 13,312 --a------ C:\WINDOWS\system32\irclass.dll
2007-02-01 13:21 638,366 --a------ C:\WINDOWS\system32\drivers\ctxs51.sys
2007-02-01 13:21 <DIR> d-------- C:\WINDOWS\setup.pss
2007-02-01 13:08 <DIR> d-------- C:\Program Files\Ahead
2007-02-01 09:04 <DIR> d-------- C:\DOCUME~1\mark\Application Data\AVG7
2007-02-01 07:09 <DIR> d-------- C:\DOCUME~1\carl\Application Data\AVG7
2007-01-31 20:02 786,432 --ah----- C:\DOCUME~1\mark\NTUSER.DAT
2007-01-31 19:21 3,968 --a------ C:\WINDOWS\system32\drivers\AvgAsCln.sys
2007-01-31 19:21 <DIR> d-------- C:\Program Files\Grisoft
2007-01-31 17:45 524,288 --ah----- C:\DOCUME~1\ADMINI~1\NTUSER.DAT
2007-01-31 17:34 <DIR> d-------- C:\WINDOWS\pss
2007-01-31 16:25 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Windows Genuine Advantage
2007-01-31 15:04 1,310,720 --ah----- C:\DOCUME~1\carl\NTUSER.DAT
2007-01-31 15:01 73,728 -ra------ C:\WINDOWS\system32\CNMCP53.exe
2007-01-31 15:01 100,352 --a------ C:\WINDOWS\system32\CNMLM53.DLL
2007-01-31 15:00 5,632 --a------ C:\WINDOWS\system32\CNMVS53.DLL
2007-01-31 15:00 <DIR> d--h----- C:\BJPrinter
2007-01-31 14:10 25,856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-01-31 13:24 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\Application Data\Spybot - Search & Destroy
2007-01-31 13:13 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll
2007-01-31 13:13 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll
2007-01-31 13:13 351,232 --a------ C:\WINDOWS\system32\winhttp.dll
2007-01-31 13:13 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-01-31 12:40 465,176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-01-31 12:40 41,240 --a------ C:\WINDOWS\system32\wups.dll
2007-01-31 12:40 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-01-31 12:40 18,200 --a------ C:\WINDOWS\system32\wups2.dll
2007-01-31 12:40 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-01-31 12:40 127,256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-01-31 12:40 <DIR> d-------- C:\WINDOWS\SoftwareDistribution
2007-01-31 06:23 5,606 --a------ C:\WINDOWS\system32\stci.dll
2007-01-31 05:56 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-01-31 05:56 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-01-31 05:38 <DIR> d--hs---- C:\DOCUME~1\steve\UserData
2007-01-31 05:37 <DIR> d--hs---- C:\RECYCLER
2007-01-31 05:33 70,688 --a------ C:\WINDOWS\system32\drivers\alcaudsl.sys
2007-01-31 05:33 53,600 --a------ C:\WINDOWS\system32\drivers\alcan5wn.sys
2007-01-31 05:33 5,280 --a------ C:\WINDOWS\system32\drivers\alcawh.sys
2007-01-31 05:33 3,968 --a------ C:\WINDOWS\system32\drivers\alcacr.sys
2007-01-31 05:33 <DIR> d--h----- C:\Program Files\InstallShield Installation Information
2007-01-31 05:33 <DIR> d-------- C:\Program Files\Thomson
2007-01-31 05:32 <DIR> d-------- C:\Program Files\Common Files\InstallShield
2007-01-31 05:31 5,505,024 --ah----- C:\DOCUME~1\steve\NTUSER.DAT
2007-01-31 05:31 <DIR> d--hs---- C:\WINDOWS\Installer
2007-01-31 05:29 229,376 --ah----- C:\DOCUME~1\NETWOR~1\NTUSER.DAT
2007-01-31 05:29 229,376 --ah----- C:\DOCUME~1\LOCALS~1\NTUSER.DAT
2007-01-31 05:29 <DIR> d--hs---- C:\System Volume Information
2007-01-31 05:26 245,760 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT
2007-01-31 05:26 112,128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-01-31 05:26 0 -rahs---- C:\MSDOS.SYS
2007-01-31 05:26 0 -rahs---- C:\IO.SYS
2007-01-31 05:26 0 --a------ C:\CONFIG.SYS
2007-01-31 05:26 0 --a------ C:\AUTOEXEC.BAT
2007-01-31 05:26 <DIR> d-------- C:\WINDOWS\system32\xircom
2007-01-31 05:26 <DIR> d-------- C:\Program Files\microsoft frontpage
2007-01-31 05:25 <DIR> dr------- C:\WINDOWS\Offline Web Pages
2007-01-31 05:25 <DIR> d--hs---- C:\DOCUME~1\ALLUSE~1\DRM
2007-01-31 05:25 <DIR> d---s---- C:\WINDOWS\Downloaded Program Files
2007-01-31 05:24 81,920 --a------ C:\WINDOWS\system32\isign32.dll
2007-01-31 05:24 81,920 --a------ C:\WINDOWS\system32\ils.dll
2007-01-31 05:24 73,728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-01-31 05:24 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-01-31 05:24 69,632 --a------ C:\WINDOWS\system32\msconf.dll
2007-01-31 05:24 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-01-31 05:24 67,584 --a------ C:\WINDOWS\system32\srclient.dll
2007-01-31 05:24 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll
2007-01-31 05:24 64,512 --a------ C:\WINDOWS\system32\acctres.dll
2007-01-31 05:24 48,128 --a------ C:\WINDOWS\system32\inetres.dll
2007-01-31 05:24 45,568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-01-31 05:24 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-01-31 05:24 43,520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-01-31 05:24 382,464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-01-31 05:24 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-01-31 05:24 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-01-31 05:24 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-01-31 05:24 29,696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-01-31 05:24 28,672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-01-31 05:24 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-01-31 05:24 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-01-31 05:24 239,104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-01-31 05:24 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-01-31 05:24 170,496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-01-31 05:24 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-01-31 05:24 12,288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-01-31 05:24 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-01-31 05:24 11,264 --a------ C:\WINDOWS\system32\atrace.dll
2007-01-31 05:24 105,984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-01-31 05:24 <DIR> d---s---- C:\WINDOWS\Tasks
2007-01-31 05:24 <DIR> d-------- C:\WINDOWS\system32\Restore
2007-01-31 05:24 <DIR> d-------- C:\WINDOWS\system32\Macromed
2007-01-31 05:24 <DIR> d-------- C:\WINDOWS\system32\DirectX
2007-01-31 05:24 <DIR> d-------- C:\WINDOWS\srchasst
2007-01-31 05:24 <DIR> d-------- C:\WINDOWS\PCHealth
2007-01-31 05:24 <DIR> d-------- C:\Program Files\Movie Maker
2007-01-31 05:24 <DIR> d-------- C:\Program Files\Common Files\MSSoap
2007-01-31 05:23 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2007-01-31 05:23 22,720 --a------ C:\WINDOWS\system32\emptyregdb.dat
2007-01-31 05:23 <DIR> d--h----- C:\Program Files\WindowsUpdate
2007-01-31 05:23 <DIR> d-------- C:\WINDOWS\Registration
2007-01-31 05:23 <DIR> d-------- C:\Program Files\Online Services
2007-01-31 05:22 97,792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-01-31 05:22 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-01-31 05:22 93,696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-01-31 05:22 9,728 --a------ C:\WINDOWS\system32\reset.exe
2007-01-31 05:22 87,176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-01-31 05:22 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-01-31 05:22 80,384 --a------ C:\WINDOWS\system32\charmap.exe
2007-01-31 05:22 73,216 --a------ C:\WINDOWS\system32\avwav.dll
2007-01-31 05:22 67,072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-01-31 05:22 655,360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-01-31 05:22 62,464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-01-31 05:22 605,696 --a------ C:\WINDOWS\system32\getuname.dll
2007-01-31 05:22 60,416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-01-31 05:22 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-01-31 05:22 6,144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-01-31 05:22 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-01-31 05:22 58,880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-01-31 05:22 56,832 --a------ C:\WINDOWS\system32\sol.exe
2007-01-31 05:22 56,320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-01-31 05:22 55,296 --a------ C:\WINDOWS\system32\freecell.exe
2007-01-31 05:22 540,160 --a------ C:\WINDOWS\system32\comuid.dll
2007-01-31 05:22 54,272 --a------ C:\WINDOWS\system32\stclient.dll
2007-01-31 05:22 538,624 --a------ C:\WINDOWS\system32\spider.exe
2007-01-31 05:22 5,632 --a------ C:\WINDOWS\system32\write.exe
2007-01-31 05:22 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-01-31 05:22 44,544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-01-31 05:22 44,544 --a------ C:\WINDOWS\system32\hticons.dll
2007-01-31 05:22 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-01-31 05:22 407,552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-01-31 05:22 40,840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-01-31 05:22 4,096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-01-31 05:22 4,096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-01-31 05:22 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-01-31 05:22 35,328 --a------ C:\WINDOWS\system32\winchat.exe
2007-01-31 05:22 343,040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-01-31 05:22 33,792 --a------ C:\WINDOWS\system32\regini.exe
2007-01-31 05:22 295,424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-01-31 05:22 25,600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-01-31 05:22 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-01-31 05:22 227,840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-01-31 05:22 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-01-31 05:22 21,896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-01-31 05:22 20,992 --a------ C:\WINDOWS\system32\msg.exe
2007-01-31 05:22 20,480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-01-31 05:22 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-01-31 05:22 196,864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-01-31 05:22 19,968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-01-31 05:22 185,344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-01-31 05:22 183,808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-01-31 05:22 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-01-31 05:22 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-01-31 05:22 16,896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-01-31 05:22 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-01-31 05:22 16,384 --a------ C:\WINDOWS\system32\tskill.exe
2007-01-31 05:22 16,384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-01-31 05:22 15,872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-01-31 05:22 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-01-31 05:22 15,360 --a------ C:\WINDOWS\system32\logoff.exe
2007-01-31 05:22 147,968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-01-31 05:22 147,456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-01-31 05:22 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-01-31 05:22 14,848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-01-31 05:22 14,848 --a------ C:\WINDOWS\system32\tscon.exe
2007-01-31 05:22 14,848 --a------ C:\WINDOWS\system32\shadow.exe
2007-01-31 05:22 139,528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-01-31 05:22 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-01-31 05:22 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-01-31 05:22 13,824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-01-31 05:22 126,976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-01-31 05:22 123,392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-01-31 05:22 12,040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-01-31 05:22 119,808 --a------ C:\WINDOWS\system32\winmine.exe
2007-01-31 05:22 114,688 --a------ C:\WINDOWS\system32\calc.exe
2007-01-31 05:22 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-01-31 05:22 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-01-31 05:22 11,264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-01-31 05:22 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-01-31 05:22 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-01-31 05:22 <DIR> d-------- C:\WINDOWS\system32\MsDtc
2007-01-31 05:22 <DIR> d-------- C:\WINDOWS\system32\Com
2007-01-31 05:22 <DIR> d-------- C:\Program Files\Windows NT
2007-01-31 05:22 <DIR> d-------- C:\Program Files\MSN Gaming Zone
2007-01-31 05:22 <DIR> d-------- C:\Program Files\Messenger
2007-01-30 21:45 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-01-30 21:45 57,472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-01-30 21:45 52,864 --a------ C:\WINDOWS\system32\drivers\dmusic.sys
2007-01-30 21:45 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys
2007-01-30 21:44 6,400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-01-30 21:44 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-01-30 21:44 32,768 --a------ C:\WINDOWS\system32\drivers\sisnic.sys
2007-01-30 21:44 2,944 --a------ C:\WINDOWS\system32\drivers\msmpu401.sys
2007-01-30 21:43 74,752 --a------ C:\WINDOWS\system32\storprop.dll
2007-01-30 21:43 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-01-30 21:43 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-01-30 21:43 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-01-30 21:43 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-01-30 21:43 <DIR> dr------- C:\Program Files
2007-01-30 21:43 <DIR> d-------- C:\Program Files\Common Files\SpeechEngines
2007-01-30 21:43 <DIR> d-------- C:\Program Files\Common Files\ODBC
2007-01-30 21:42 <DIR> dr------- C:\DOCUME~1\ALLUSE~1\Documents
2007-01-30 21:42 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-01-30 21:42 <DIR> d-------- C:\WINDOWS\system32\CatRoot
2007-01-30 21:42 <DIR> d-------- C:\Documents and Settings
2007-01-30 21:38 <DIR> dr-hsc--- C:\WINDOWS\system32\dllcache
2007-01-30 21:38 <DIR> dr--s---- C:\WINDOWS\Fonts
2007-01-30 21:38 <DIR> dr------- C:\WINDOWS\Web
2007-01-30 21:38 <DIR> d--h----- C:\WINDOWS\inf
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\WinSxS
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\twain_32
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\wins
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\wbem
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\usmt
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\spool
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\ShellExt
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\Setup
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\ras
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\oobe
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\npp
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\mui
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\inetsrv
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\IME
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\icsxml
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\ias
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\export
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\drivers\etc
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\drivers\disdn
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\drivers
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\dhcp
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\config
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\3com_dmi
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\3076
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\2052
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1054
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1042
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1041
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1037
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1033
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1031
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1028
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32\1025
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system32
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\system
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\security
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Resources
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\repair
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\mui
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\msapps
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\msagent
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Media
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\java
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\ime
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Help
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Driver Cache
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Debug
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Cursors
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Connection Wizard
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\Config
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\AppPatch
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS\addins
2007-01-30 21:38 <DIR> d-------- C:\WINDOWS
(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))
2007-02-06 16:43 15360 --a------ C:\WINDOWS\system32\ctfmon.exe
2007-02-06 12:36 -------- d---s---- C:\DOCUME~1\steve\Application Data\microsoft
2007-02-01 22:37 -------- d-------- C:\DOCUME~1\steve\Application Data\macromedia
2007-01-31 05:31 -------- d-------- C:\DOCUME~1\steve\Application Data\identities
2007-01-30 21:42 62 --ahs---- C:\DOCUME~1\steve\Application Data\desktop.ini
2006-12-07 17:02 2174976 --a------ C:\WINDOWS\system32\wmvcore.dll
2006-11-07 21:03 6049280 --------- C:\WINDOWS\system32\ieframe.dll
2006-11-07 21:03 50688 --------- C:\WINDOWS\system32\msfeedsbs.dll
2006-11-07 21:03 458752 --------- C:\WINDOWS\system32\msfeeds.dll
2006-11-07 21:03 413696 --a------ C:\WINDOWS\system32\vbscript.dll
2006-11-07 21:03 231424 --a------ C:\WINDOWS\system32\webcheck.dll
2006-11-07 21:03 180736 --------- C:\WINDOWS\system32\ieui.dll
2006-11-07 21:03 156160 --a------ C:\WINDOWS\system32\msls31.dll
2006-11-07 03:27 382976 --a------ C:\WINDOWS\system32\iedkcs32.dll
2006-11-07 03:27 229376 --a------ C:\WINDOWS\system32\ieaksie.dll
2006-11-07 03:26 71680 --a------ C:\WINDOWS\system32\admparse.dll
2006-11-07 03:26 55296 --a------ C:\WINDOWS\system32\iesetup.dll
2006-11-07 03:26 54784 --a------ C:\WINDOWS\system32\ie4uinit.exe
2006-11-07 03:26 43008 --a------ C:\WINDOWS\system32\iernonce.dll
2006-11-07 03:26 152064 --a------ C:\WINDOWS\system32\ieakeng.dll
2006-11-07 03:26 13312 --a------ C:\WINDOWS\system32\ieudinit.exe
2006-11-07 03:26 123904 --a------ C:\WINDOWS\system32\advpack.dll
2006-11-07 03:25 161792 --a------ C:\WINDOWS\system32\ieakui.dll
(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"SUPERAntiSpyware"="C:\\Program Files\\SUPERAntiSpyware\\SUPERAntiSpyware.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NeroCheck"="C:\\WINDOWS\\System32\\NeroCheck.exe"
"SunJavaUpdateSched"="\"C:\\Program Files\\Java\\jre1.5.0_10\\bin\\jusched.exe\""
"AVG7_CC"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgcc.exe /STARTUP"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"NoChange"="1"
"Installed"="1"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"MSMSGS"="\"C:\\Program Files\\Messenger\\MSMSGS.EXE\" /background"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="msmsgs"
"hkey"="HKCU"
"command"="\"C:\\Program Files\\Messenger\\msmsgs.exe\" /background"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpeedTouch USB Diagnostics]
"key"="SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run"
"item"="Dragdiag"
"hkey"="HKLM"
"command"="\"C:\\Program Files\\Thomson\\SpeedTouch USB\\Dragdiag.exe\" /icon"
"inimapping"="0"
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="AVG Anti-Spyware 7.5"
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=""
[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\run]
"AVG7_Run"="C:\\PROGRA~1\\Grisoft\\AVGFRE~1\\avgw.exe /RUNONCE"
HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
LocalService REG_MULTI_SZ Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService REG_MULTI_SZ DnsCache\0\0
rpcss REG_MULTI_SZ RpcSs\0\0
imgsvc REG_MULTI_SZ StiSvc\0\0
termsvcs REG_MULTI_SZ TermService\0\0
HTTPFilter REG_MULTI_SZ HTTPFilter\0\0
DcomLaunch REG_MULTI_SZ DcomLaunch\0TermService\0\0
********************************************************************
scanning hidden processes ...
scanning hidden services ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0
********************************************************************
Completion time: 07-02-07 19:39:11
My main concern is I don't know what this Malware does and I don't want to log into any sites incase someone has access to my passwords.
I appreciate it will take some time for you to look through the above but I will respond asap to any instructions you post.
Thanks again
|
|