Author Topic: Help! I need somebody! Anybody! (Read 15492 times)

Militant Agnostic · « **Reply #15 on:** April 22, 2007, 12:43:57 AM »

Systems<ADOBES~1>
2007-04-19 19:24:56 0 d-------- C:\Program Files\a-squared Free<A-SQUA~1>
2007-04-19 17:27:42 0 d-------- C:\Program Files\IObit
2007-04-19 17:18:39 687 --a------ C:\WINDOWS\VFLog.dat
2007-04-19 16:20:23 0 d-------- C:\Program Files\SDFix
2007-04-19 16:05:56 0 d-------- C:\Documents and Settings\Enter\Application Data\U3
2007-04-19 15:40:01 0 dr-h----- C:\Documents and Settings\Natalie\Application Data\SecuROM
2007-04-18 20:02:26 178408 --a------ C:\WINDOWS\system32\muweb.dll
2007-04-18 20:02:26 127208 --a------ C:\WINDOWS\system32\mucltui.dll
2007-04-18 20:01:38 0 d-------- C:\Documents and Settings\Enter\Application Data\Apple Computer<APPLEC~1>
2007-04-18 19:45:22 0 d-------- C:\Program Files\Microsoft Works<MICROS~4>
2007-04-18 19:43:40 0 d-------- C:\Program Files\Microsoft.NET<MICROS~1.NET>
2007-04-18 19:40:57 0 d-------- C:\WINDOWS\SHELLNEW
2007-04-18 19:40:19 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Help<MICROS~3>
2007-04-18 19:39:53 0 dr-h----- C:\MSOCache
2007-04-18 19:32:13 0 d-------- C:\Documents and Settings\Enter\Application Data\Google
2007-04-18 19:29:58 0 d-------- C:\Program Files\Google
2007-04-18 19:14:41 60416 --a------ C:\WINDOWS\ALCFDRTM.EXE
2007-04-18 19:14:32 0 d-------- C:\WINDOWS\system32\Lang
2007-04-18 19:04:50 43176 --a------ C:\WINDOWS\system32\drivers\aswTdi.sys
2007-04-18 19:04:50 23416 --a------ C:\WINDOWS\system32\drivers\aswRdr.sys
2007-04-18 19:04:50 26888 --a------ C:\WINDOWS\system32\drivers\aavmker4.sys
2007-04-18 19:04:49 94552 --a------ C:\WINDOWS\system32\drivers\aswmon2.sys
2007-04-18 19:04:49 85952 --a------ C:\WINDOWS\system32\drivers\aswmon.sys
2007-04-18 19:04:46 90112 --a------ C:\WINDOWS\system32\AVASTSS.scr
2007-04-18 19:04:46 733824 --a------ C:\WINDOWS\system32\aswBoot.exe
2007-04-18 19:04:43 0 d-------- C:\Program Files\Alwil Software<ALWILS~1>
2007-04-18 16:55:59 0 dr-h----- C:\Documents and Settings\Enter\Application Data\SecuROM
2007-04-18 16:55:57 98304 --a------ C:\WINDOWS\system32\CmdLineExt.dll<CMDLIN~1.DLL>
2007-04-18 16:50:58 0 d-------- C:\Program Files\iPod
2007-04-18 16:50:56 0 d-------- C:\Program Files\iTunes
2007-04-18 16:46:33 0 d-------- C:\Program Files\Sierra
2007-04-18 15:43:26 0 d-------- C:\Documents and Settings\Enter\Application Data\Ahead
2007-04-18 15:42:43 0 d-------- C:\Documents and Settings\Enter\Application Data\uTorrent
2007-04-18 15:42:41 0 d-------- C:\Program Files\uTorrent
2007-04-18 15:32:06 0 d-------- C:\Program Files\MSXML 4.0<MSXML4~1.0>
2007-04-18 15:30:57 0 d-------- C:\Program Files\THQ
2007-04-18 15:30:23 0 d-------- C:\Program Files\Starcraft<STARCR~1>
2007-04-18 15:29:27 0 d-------- C:\Program Files\Quake III Arena<QUAKEI~1>
2007-04-18 15:11:46 5504 --a------ C:\WINDOWS\system32\drivers\MSTEE.sys
2007-04-18 15:11:41 10880 --a------ C:\WINDOWS\system32\drivers\NdisIP.sys
2007-04-18 15:11:40 15360 --a------ C:\WINDOWS\system32\drivers\StreamIP.sys
2007-04-18 15:11:39 11136 --a------ C:\WINDOWS\system32\drivers\SLIP.sys
2007-04-18 15:11:37 19328 --a------ C:\WINDOWS\system32\drivers\WSTCODEC.SYS
2007-04-18 15:11:36 85376 --a------ C:\WINDOWS\system32\drivers\NABTSFEC.sys
2007-04-18 15:11:31 17024 --a------ C:\WINDOWS\system32\drivers\CCDECODE.sys
2007-04-18 15:11:18 53760 --a------ C:\WINDOWS\system32\vfwwdm32.dll
2007-04-18 15:11:18 51328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2007-04-18 15:11:13 38912 --a------ C:\WINDOWS\system32\drivers\avc.sys
2007-04-18 15:11:08 48128 --a------ C:\WINDOWS\system32\drivers\61883.sys
2007-04-18 09:10:47 0 d---s---- C:\Documents and Settings\Natalie\UserData
2007-04-18 08:30:31 0 d-------- C:\Documents and Settings\Natalie\Application Data\Sun
2007-04-18 08:24:52 0 d-------- C:\Documents and Settings\Natalie\Application Data\Microsoft Games<MICROS~2>
2007-04-18 08:19:41 0 d-------- C:\Documents and Settings\Natalie\Application Data\Skype
2007-04-18 08:12:28 0 d-------- C:\Documents and Settings\Natalie\Application Data\Adobe
2007-04-17 18:35:48 0 d-------- C:\Documents and Settings\Susanne\Application Data\Adobe
2007-04-17 18:33:20 0 d-------- C:\Documents and Settings\Enter\Application Data\AdobeUM
2007-04-17 18:33:20 0 d-------- C:\Documents and Settings\Enter\Application Data\AdobeAUM
2007-04-17 18:33:06 0 d-------- C:\Documents and Settings\Enter\Application Data\Adobe
2007-04-17 18:33:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Adobe
2007-04-17 18:16:42 0 d-------- C:\Documents and Settings\Susanne\Application Data\Talkback
2007-04-17 18:13:55 0 d-------- C:\Program Files\Steam
2007-04-17 18:06:48 0 -ra------ C:\logwmemory.bin<LOGWME~1.BIN>
2007-04-17 18:06:02 0 d-------- C:\Soldat
2007-04-17 17:35:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Google
2007-04-17 17:26:10 0 d-------- C:\Program Files\proDAD
2007-04-17 17:10:01 401408 --a------ C:\WINDOWS\system32\pvmjpg30.dll
2007-04-17 17:10:01 466624 --a------ C:\WINDOWS\system32\LTRPR13n.DLL
2007-04-17 17:10:01 194248 --a------ C:\WINDOWS\system32\LTRFD13n.DLL
2007-04-17 17:09:56 82432 --a------ C:\WINDOWS\system32\msxml4r.dll
2007-04-17 17:09:56 44544 --a------ C:\WINDOWS\system32\msxml4a.dll
2007-04-17 17:09:54 185856 --a------ C:\WINDOWS\system32\lfpng13s.dll
2007-04-17 17:09:53 74752 --a------ C:\WINDOWS\system32\lfgif13s.dll
2007-04-17 17:09:53 79360 --a------ C:\WINDOWS\system32\lfeps13s.dll
2007-04-17 17:09:22 184320 --a------ C:\WINDOWS\system32\RALMain.dll
2007-04-17 17:09:22 73728 --a------ C:\WINDOWS\system32\MMAviAx.dll
2007-04-17 17:09:22 32768 --a------ C:\WINDOWS\system32\MLPagAx.dll
2007-04-17 17:09:22 126976 --a------ C:\WINDOWS\system32\AVIPrAx.dll
2007-04-17 17:09:16 1013248 -----n--- C:\WINDOWS\system32\Ltwvc13n.dll
2007-04-17 17:09:16 306352 -----n--- C:\WINDOWS\system32\Ltrio13n.dll
2007-04-17 17:09:16 930992 -----n--- C:\WINDOWS\system32\Ltr13n.dll
2007-04-17 17:09:16 453120 -----n--- C:\WINDOWS\system32\ltkrn13n.dll
2007-04-17 17:09:16 153088 -----n--- C:\WINDOWS\system32\ltfil13n.DLL
2007-04-17 17:09:16 2079232 -----n--- C:\WINDOWS\system32\LTCLR13s.dll
2007-04-17 17:09:16 1693696 -----n--- C:\WINDOWS\system32\LTCLR13n.dll
2007-04-17 17:09:16 884736 -----n--- C:\WINDOWS\system32\LMUIRes.dll
2007-04-17 17:09:16 12288 -----n--- C:\WINDOWS\system32\LMLRes.dll
2007-04-17 17:09:16 80896 -----n--- C:\WINDOWS\system32\lfwmf13s.dll
2007-04-17 17:09:16 76800 -----n--- C:\WINDOWS\system32\Lfwmf13n.dll
2007-04-17 17:09:16 167936 -----n--- C:\WINDOWS\system32\lftif13s.dll
2007-04-17 17:09:16 143360 -----n--- C:\WINDOWS\system32\lftif13n.dll
2007-04-17 17:09:16 64512 -----n--- C:\WINDOWS\system32\lftga13s.dll
2007-04-17 17:09:16 24576 -----n--- C:\WINDOWS\system32\lftga13n.dll
2007-04-17 17:09:16 110080 -----n--- C:\WINDOWS\system32\lfpsd13s.dll
2007-04-17 17:09:16 65536 -----n--- C:\WINDOWS\system32\lfpcx13s.dll
2007-04-17 17:09:16 105984 -----n--- C:\WINDOWS\system32\lfpct13s.dll
2007-04-17 17:09:16 65536 -----n--- C:\WINDOWS\system32\Lfpct13n.dll
2007-04-17 17:09:16 59904 -----n--- C:\WINDOWS\system32\lfpcd13s.dll
2007-04-17 17:09:16 283648 -----n--- C:\WINDOWS\system32\LFJ2K13s.dll
2007-04-17 17:09:16 278016 -----n--- C:\WINDOWS\system32\LFJ2K13n.dll
2007-04-17 17:09:16 116224 -----n--- C:\WINDOWS\system32\lffax13s.dll
2007-04-17 17:09:16 73728 -----n--- C:\WINDOWS\system32\lffax13n.dll
2007-04-17 17:09:16 409600 -----n--- C:\WINDOWS\system32\LFCMP13s.DLL
2007-04-17 17:09:16 393216 -----n--- C:\WINDOWS\system32\LFCMP13n.DLL
2007-04-17 17:09:16 70144 -----n--- C:\WINDOWS\system32\lfbmp13s.dll
2007-04-17 17:09:16 30208 -----n--- C:\WINDOWS\system32\lfbmp13n.dll
2007-04-17 17:08:06 0 d-------- C:\WINDOWS\Cache
2007-04-17 17:02:49 0 d-------- C:\Program Files\SmartSound Software<SMARTS~1>
2007-04-17 17:02:05 0 d-------- C:\Program Files\QuickTime<QUICKT~1>
2007-04-17 17:02:01 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple

Militant Agnostic · « **Reply #16 on:** April 22, 2007, 12:44:50 AM »

Computer<APPLEC~1>
2007-04-17 17:01:39 89088 --a------ C:\WINDOWS\system32\atl71.dll
2007-04-17 17:01:39 84992 --a------ C:\WINDOWS\system32\ATL70.DLL
2007-04-17 17:01:36 138752 --a------ C:\WINDOWS\system32\mase32.dll
2007-04-17 17:01:36 57856 --a------ C:\WINDOWS\system32\masd32.dll
2007-04-17 17:01:36 136192 --a------ C:\WINDOWS\system32\mamc32.dll
2007-04-17 17:01:36 196096 --a------ C:\WINDOWS\system32\macd32.dll
2007-04-17 17:01:36 27648 --a------ C:\WINDOWS\system32\ma32.dll
2007-04-17 17:01:30 171008 --a------ C:\WINDOWS\system32\drivers\MarvinBus.sys<MARVIN~1.SYS>
2007-04-17 17:01:27 41219 --a------ C:\WINDOWS\RSETPATH.exe
2007-04-17 17:00:43 0 d-------- C:\WINDOWS\Downloaded Installations<DOWNLO~2>
2007-04-17 17:00:42 344064 --a------ C:\WINDOWS\system32\MSVCR70.DLL
2007-04-17 17:00:42 487424 --a------ C:\WINDOWS\system32\MSVCP70.DLL
2007-04-17 17:00:42 54784 --a------ C:\WINDOWS\system32\MSVCI70.DLL
2007-04-17 17:00:42 1047552 --a------ C:\WINDOWS\system32\MFC71u.DLL
2007-04-17 17:00:41 49152 --a------ C:\WINDOWS\system32\PCLEGetGuid.dll<PCLEGE~1.DLL>
2007-04-17 17:00:41 49152 --a------ C:\WINDOWS\system32\MFC71KOR.DLL
2007-04-17 17:00:41 49152 --a------ C:\WINDOWS\system32\MFC71JPN.DLL
2007-04-17 17:00:41 61440 --a------ C:\WINDOWS\system32\MFC71ITA.DLL
2007-04-17 17:00:41 61440 --a------ C:\WINDOWS\system32\MFC71FRA.DLL
2007-04-17 17:00:41 61440 --a------ C:\WINDOWS\system32\MFC71ESP.DLL
2007-04-17 17:00:41 57344 --a------ C:\WINDOWS\system32\MFC71ENU.DLL
2007-04-17 17:00:41 65536 --a------ C:\WINDOWS\system32\MFC71DEU.DLL
2007-04-17 17:00:41 45056 --a------ C:\WINDOWS\system32\MFC71CHT.DLL
2007-04-17 17:00:41 40960 --a------ C:\WINDOWS\system32\MFC71CHS.DLL
2007-04-17 17:00:41 1060864 --a------ C:\WINDOWS\system32\MFC71.DLL
2007-04-17 17:00:41 964608 --a------ C:\WINDOWS\system32\MFC70U.DLL
2007-04-17 17:00:41 974848 --a------ C:\WINDOWS\system32\MFC70.DLL
2007-04-17 16:59:22 14165 --a------ C:\WINDOWS\system32\drivers\Pclepci.sys
2007-04-17 16:08:23 0 d-------- C:\Program Files\Common Files\The Shield Firewall<THESHI~1>
2007-04-17 15:57:10 0 d--hs---- C:\WINDOWS\V3JpZ2h0
2007-04-17 15:46:02 105434 --a------ C:\WINDOWS\VTTC.exe
2007-04-17 15:45:59 11264 -----n--- C:\WINDOWS\system32\SPORDER.DLL
2007-04-17 15:45:58 72320 --a------ C:\WINDOWS\system32\drivers\core.sys
2007-04-17 15:45:57 0 d-------- C:\WINDOWS\system32\micro1
2007-04-17 15:45:47 2 --a------ C:\WINDOWS\system32\wtstr32.exe
2007-04-17 15:37:30 0 d-------- C:\Documents and Settings\Natalie\Application Data\Ahead
2007-04-17 15:21:17 0 d-------- C:\Documents and Settings\Natalie\Application Data\Talkback
2007-04-17 15:20:18 1310720 --ah----- C:\Documents and Settings\Natalie\NTUSER.DAT
2007-04-17 15:17:30 0 d--hs---- C:\Documents and Settings\Enter\Complete
2007-04-17 15:12:33 0 d-------- C:\Documents and Settings\Enter\Incomplete<INCOMP~1>
2007-04-17 15:12:26 0 d-------- C:\Documents and Settings\Enter\.limewire<LIMEWI~1>
2007-04-17 15:11:56 0 d-------- C:\Documents and Settings\Enter\Application Data\Sun
2007-04-17 15:11:46 0 d-------- C:\Program Files\Java
2007-04-17 15:04:22 0 d-------- C:\Program Files\LimeWire
2007-04-17 14:54:34 0 d-------- C:\Program Files\Unreal Tournament<UNREAL~1>
2007-04-17 14:53:53 0 d-------- C:\Program Files\Pinnacle
2007-04-17 14:26:05 0 d---s---- C:\Documents and Settings\Susanne\UserData
2007-04-17 14:21:21 1048576 --ah----- C:\Documents and Settings\Susanne\NTUSER.DAT
2007-04-16 17:52:50 0 d-------- C:\Program Files\LucasArts<LUCASA~1>
2007-04-16 17:44:28 0 d-------- C:\Documents and Settings\Enter\Owner
2007-04-16 17:39:38 107132 --a------ C:\WINDOWS\UninstallFirefox.exe<UNINST~1.EXE>
2007-04-16 17:39:31 3438 --a------ C:\WINDOWS\mozver.dat
2007-04-16 16:53:43 5248 --a------ C:\WINDOWS\system32\drivers\a347scsi.sys
2007-04-16 16:53:43 160640 --a------ C:\WINDOWS\system32\drivers\a347bus.sys
2007-04-16 16:53:42 0 d-------- C:\Program Files\Alcohol Soft<ALCOHO~1>
2007-04-16 16:49:04 2297552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-04-16 16:36:08 0 d-------- C:\Program Files\Electronic Arts<ELECTR~1>
2007-04-16 16:26:36 0 d-------- C:\Documents and Settings\Enter\Application

Militant Agnostic · « **Reply #17 on:** April 22, 2007, 12:45:23 AM »

Data\Greyfirst<GREYFI~1>
2007-04-16 16:03:02 0 --a------ C:\WINDOWS\nsreg.dat
2007-04-16 16:02:32 0 d-------- C:\Documents and Settings\Enter\Application Data\Lavasoft
2007-04-16 15:51:00 0 d-------- C:\Program Files\AP Tuner<APTUNE~1>
2007-04-16 15:51:00 0 d-------- C:\Program Files\Analog Devices<ANALOG~1>
2007-04-16 15:51:00 0 d-------- C:\Program Files\Airbear Software<AIRBEA~1>
2007-04-16 15:50:59 0 d-------- C:\Program Files\AdorageI-SAL<ADORAG~2>
2007-04-16 15:49:15 0 d-------- C:\Program Files\AdorageI-GfxDatas<ADORAG~1>
2007-04-16 15:48:23 0 d-------- C:\Program Files\Adesso Systems<ADESSO~1>
2007-04-16 15:48:22 0 d-------- C:\Program Files\Ad-Aware SE Plus<AD-AWA~1>
2007-04-16 15:44:25 0 d-------- C:\Documents and Settings\Enter\Application Data\Skype
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\MSN6
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\MotiveSysIDs<MOTIVE~1>
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Motive
2007-04-16 15:42:43 0 d-------- C:\Documents and Settings\All Users\Application Data\Microsoft Games<MICROS~2>
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\QuickTime<QUICKT~1>
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Pure Networks<PURENE~1>
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle
2007-04-16 15:42:42 0 d-------- C:\Documents and Settings\All Users\Application Data\Pinnacle Studio<PINNAC~1>
2007-04-16 15:42:37 0 d-------- C:\Documents and Settings\All Users\Application Data\Skype
2007-04-16 15:42:19 0 d-------- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc<SMARTS~1>
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Viewpoint<VIEWPO~1>
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\U3
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Trymedia
2007-04-16 15:42:17 0 d-a------ C:\Documents and Settings\All Users\Application Data\TEMP
2007-04-16 15:42:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Symantec
2007-04-16 15:42:17 4190 --a------ C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache<QTSBAN~1>
2007-04-16 15:41:45 0 d-------- C:\Program Files\CONEXANT
2007-04-16 15:41:43 0 d-------- C:\Program Files\Common Files\AOL
2007-04-16 15:41:43 0 d-------- C:\Program Files\Common Files\Adobe
2007-04-16 15:41:43 0 d-------- C:\Program Files\Common Files\Adobe Systems Shared<ADOBES~1>
2007-04-16 15:41:30 0 d-------- C:\Program Files\Common Files\Java
2007-04-16 15:41:20 0 d-------- C:\Program Files\Common Files\Motive
2007-04-16 15:41:19 0 d-------- C:\Program Files\Common Files\Nullsoft
2007-04-16 15:41:16 0 d-------- C:\Program Files\Common Files\Skype
2007-04-16 15:41:16 0 d-------- C:\Program Files\Common Files\Real
2007-04-16 15:40:52 0 d-------- C:\Program Files\Common Files\Symantec Shared<SYMANT~1>
2007-04-16 15:40:06 0 d-------- C:\Program Files\Common Files\xing shared<XINGSH~1>
2007-04-16 15:39:30 0 d-------- C:\Potato gun<POTATO~1>
2007-04-16 15:39:30 0 d-------- C:\Picasa Exports<PICASA~1>
2007-04-16 15:39:30 0 d-------- C:\My Skype Pictures<MYSKYP~2>
2007-04-16 15:39:29 0 d-------- C:\My Skype Content<MYSKYP~1>
2007-04-16 15:39:14 0 d-------- C:\GUP
2007-04-16 15:39:03 0 d-------- C:\Gop
2007-04-16 15:38:55 0 d-------- C:\Program Files\Celtx
2007-04-16 15:38:55 0 d-------- C:\Google Earth<GOOGLE~2>
2007-04-16 15:38:52 0 d-------- C:\Google Desktop Search<GOOGLE~1>
2007-04-16 15:36:56 0 d-------- C:\Program Files\Canon
2007-04-16 15:36:54 0 d-------- C:\Program Files\Blaze Media Pro<BLAZEM~1>
2007-04-16 15:36:42 0 d-------- C:\Program Files\BitTorrent<BITTOR~1>
2007-04-16 15:36:35 0 d-------- C:\Program Files\BigFix
2007-04-16 15:36:28 0 d-------- C:\Program Files\Audacity
2007-04-16 15:36:04 0 d-------- C:\Program Files\Apple Software Update<APPLES~1>
2007-04-16 15:30:54 25856 --a------ C:\WINDOWS\system32\drivers\usbprint.sys
2007-04-16 13:30:10 0 d-------- C:\Documents and Settings\All Users\Application Data\CyberLink<CYBERL~1>
2007-04-16 13:30:01 0 d-------- C:\Program Files\CyberLink<CYBERL~1>
2007-04-16 09:48:25 0 d--hs---- C:\RECYCLER
2007-04-16 09:39:19 0 d-------- C:\Program Files\Nero
2007-04-16 09:39:19 0 d-------- C:\Program Files\Common Files\Ahead
2007-04-16 08:50:16 0 d-------- C:\Program Files\Windows Defender<WIFD1F~1>
2007-04-13 14:41:07 0 d-------- C:\Program Files\MSBuild
2007-04-13 14:38:54 0 d-------- C:\WINDOWS\system32\XPSViewer<XPSVIE~1>
2007-04-13 14:38:39 0 d-------- C:\Program Files\Reference Assemblies<REFERE~1>
2007-04-13 14:38:21 14048 -----n--- C:\WINDOWS\system32\spmsg2.dll
2007-04-13 14:38:14 0 d-------- C:\9d3351bf3a8aba4264f485bbc4cf<9D3351~1>
2007-04-13 14:38:01 0 d-------- C:\Program Files\Windows Media Connect 2<WINDOW~4>
2007-04-13 14:37:31 0 d-------- C:\WINDOWS\system32\LogFiles
2007-04-13 14:37:31 0 d-------- C:\WINDOWS\system32\drivers\UMDF
2007-04-13 14:33:22 0 d-------- C:\WINDOWS\RegisteredPackages<REGIST~2>
2007-04-13 14:32:35 0 d-------- C:\WINDOWS\system32\URTTemp
2007-04-13 14:07:54 0 d-------- C:\Documents and Settings\All Users\Application Data\Windows

Militant Agnostic · « **Reply #18 on:** April 22, 2007, 12:45:54 AM »

Genuine Advantage<WINDOW~1>
2007-04-13 13:35:44 0 d---s---- C:\Documents and Settings\Enter\UserData
2007-04-13 13:01:09 262144 --a------ C:\Documents and Settings\All Users\ntuser.dat
2007-04-13 12:53:54 520192 -----n--- C:\WINDOWS\system32\ati2sgag.exe
2007-04-13 12:53:35 0 d-------- C:\ATI
2007-04-13 12:49:06 49152 --a------ C:\WINDOWS\system32\ChCfg.exe
2007-04-13 12:49:02 82944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys
2007-04-13 12:49:02 6400 --a------ C:\WINDOWS\system32\drivers\splitter.sys
2007-04-13 12:49:01 52864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys
2007-04-13 12:48:58 54272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys
2007-04-13 12:48:57 172416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys
2007-04-13 12:48:57 142464 --a------ C:\WINDOWS\system32\drivers\aec.sys
2007-04-13 12:48:56 60800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys
2007-04-13 12:48:56 2944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys
2007-04-13 12:48:55 7552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys
2007-04-13 12:48:54 4992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys
2007-04-13 12:48:54 5376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys
2007-04-13 12:48:51 4096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-13 12:48:51 145792 --a------ C:\WINDOWS\system32\drivers\portcls.sys
2007-04-13 12:48:51 60288 --a------ C:\WINDOWS\system32\drivers\drmk.sys
2007-04-13 12:44:50 10528768 --a------ C:\WINDOWS\system32\RTLCPL.exe
2007-04-13 12:44:50 0 d-------- C:\Program Files\Realtek AC97<REALTE~1>
2007-04-13 12:44:48 147456 --a------ C:\WINDOWS\system32\RtlCPAPI.dll
2007-04-13 12:44:48 4025984 --a------ C:\WINDOWS\system32\drivers\alcxwdm.sys
2007-04-13 12:44:48 577536 --a------ C:\WINDOWS\soundman.exe
2007-04-13 12:44:48 315392 --a------ C:\WINDOWS\alcupd.exe
2007-04-13 12:44:48 217088 --a------ C:\WINDOWS\Alcrmv.exe
2007-04-13 12:44:48 0 d--h----- C:\Program Files\InstallShield Installation

Information<INSTAL~1>
2007-04-13 12:27:27 23856 --a------ C:\WINDOWS\system32\spupdsvc.exe
2007-04-13 12:27:27 0 d-------- C:\WINDOWS\system32\PreInstall<PREINS~1>
2007-04-13 12:05:13 172032 --a------ C:\WINDOWS\system32\nvuide.exe
2007-04-13 12:02:30 172032 --a------ C:\WINDOWS\system32\nvunrm.exe
2007-04-13 12:02:29 172032 --a------ C:\WINDOWS\system32\nvusmb.exe
2007-04-13 12:02:29 172032 --a------ C:\WINDOWS\system32\NVUNINST.EXE
2007-04-13 12:02:27 0 d-------- C:\WINDOWS\system32\ReinstallBackups<REINST~1>
2007-04-13 12:02:27 172032 --a------ C:\WINDOWS\system32\nvugart.exe
2007-04-13 11:52:38 0 d-------- C:\Program Files\Common Files\InstallShield<INSTAL~1>
2007-04-13 11:35:36 0 d-------- C:\Program Files\Setup Files<SETUPF~1>
2007-04-13 11:24:45 0 d-------- C:\Program Files\MSI
2007-04-13 11:15:08 0 d-------- C:\WINDOWS\system32\SoftwareDistribution<SOFTWA~1>
2007-04-13 11:13:53 32384 --a------ C:\WINDOWS\system32\drivers\usb101et.sys
2007-04-13 11:10:38 2621440 --ah----- C:\Documents and Settings\Enter\NTUSER.DAT
2007-04-13 11:03:36 0 d-------- C:\WINDOWS\SoftwareDistribution<SOFTWA~1>
2007-04-13 11:03:34 0 d-------- C:\WINDOWS\Prefetch
2007-04-13 11:03:33 262144 --ah----- C:\Documents and Settings\LocalService\NTUSER.DAT
2007-04-13 11:03:27 262144 --ah----- C:\Documents and Settings\NetworkService\NTUSER.DAT
2007-04-13 11:01:11 0 d-------- C:\WINDOWS\system32\xircom
2007-04-13 11:01:11 0 d-------- C:\Program Files\microsoft frontpage<MICROS~1>
2007-04-13 11:01:09 225280 ---h----- C:\Documents and Settings\Default User\NTUSER.DAT
2007-04-13 11:01:01 0 d--h----- C:\WINDOWS\$hf_mig$
2007-04-13 11:00:53 0 -rahs---- C:\MSDOS.SYS
2007-04-13 11:00:53 0 -rahs---- C:\IO.SYS
2007-04-13 11:00:53 0 --a------ C:\CONFIG.SYS
2007-04-13 11:00:53 95 --a------ C:\AUTOEXEC.BAT
2007-04-13 11:00:37 112128 --a------ C:\WINDOWS\system32\mapi32.dll
2007-04-13 11:00:08 0 d--hs---- C:\Documents and Settings\All Users\DRM
2007-04-13 11:00:01 0 dr------- C:\WINDOWS\Offline Web Pages<OFFLIN~1>
2007-04-13 11:00:01 0 d---s---- C:\WINDOWS\Downloaded Program Files<DOWNLO~1>
2007-04-13 10:59:53 0 d--h----- C:\Program Files\WindowsUpdate<WINDOW~3>
2007-04-13 10:59:40 0 d-------- C:\WINDOWS\system32\DirectX
2007-04-13 10:59:25 11264 --a------ C:\WINDOWS\system32\atrace.dll
2007-04-13 10:59:18 12288 --a------ C:\WINDOWS\system32\nmevtmsg.dll
2007-04-13 10:59:17 64512 --a------ C:\WINDOWS\system32\acctres.dll
2007-04-13 10:59:15 0 d---s---- C:\WINDOWS\Tasks
2007-04-13 10:59:15 16384 --a------ C:\WINDOWS\system32\icfgnt5.dll
2007-04-13 10:59:14 0 d-------- C:\Program Files\Common Files\MSSoap
2007-04-13 10:59:12 0 d-------- C:\WINDOWS\srchasst
2007-04-13 10:59:11 0 d-------- C:\WINDOWS\system32\Macromed
2007-04-13 10:59:09 173536 --a------ C:\WINDOWS\system32\wuweb.dll
2007-04-13 10:59:09 41240 --a------ C:\WINDOWS\system32\wups.dll
2007-04-13 10:59:09 127256 --a------ C:\WINDOWS\system32\wucltui.dll
2007-04-13 10:59:09 6656 --a------ C:\WINDOWS\system32\wuauserv.dll
2007-04-13 10:59:09 194328 --a------ C:\WINDOWS\system32\wuaueng1.dll
2007-04-13 10:59:09 1343768 --a------ C:\WINDOWS\system32\wuaueng.dll
2007-04-13 10:59:09 172312 --a------ C:\WINDOWS\system32\wuauclt1.exe
2007-04-13 10:59:09 124184 --a------ C:\WINDOWS\system32\wuauclt.exe
2007-04-13 10:59:09 465176 --a------ C:\WINDOWS\system32\wuapi.dll
2007-04-13 10:59:09 18944 --a------ C:\WINDOWS\system32\qmgrprxy.dll
2007-04-13 10:59:09 7168 --a------ C:\WINDOWS\system32\bitsprx3.dll
2007-04-13 10:59:09 8192 --a------ C:\WINDOWS\system32\bitsprx2.dll
2007-04-13 10:59:08 382464 --a------ C:\WINDOWS\system32\qmgr.dll
2007-04-13 10:59:06 0 d-------- C:\Program Files\Movie Maker<MOVIEM~1>
2007-04-13 10:59:03 45568 --a------ C:\WINDOWS\system32\safrslv.dll
2007-04-13 10:59:03 29696 --a------ C:\WINDOWS\system32\safrdm.dll
2007-04-13 10:59:03 43520 --a------ C:\WINDOWS\system32\safrcdlg.dll
2007-04-13 10:59:03 43520 --a------ C:\WINDOWS\system32\racpldlg.dll
2007-04-13 10:59:01 23040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-04-13 10:59:01 16896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-04-13 10:59:01 128896 --a------ C:\WINDOWS\system32\drivers\fltmgr.sys
2007-04-13 10:59:00 170496 --a------ C:\WINDOWS\system32\srsvc.dll
2007-04-13 10:59:00 239104 --a------ C:\WINDOWS\system32\srrstr.dll
2007-04-13 10:59:00 67584 --a------ C:\WINDOWS\system32\srclient.dll
2007-04-13 10:59:00 0 d-------- C:\WINDOWS\system32\Restore
2007-04-13 10:59:00 28672 --a------ C:\WINDOWS\system32\nmmkcert.dll
2007-04-13 10:59:00 34560 --a------ C:\WINDOWS\system32\mnmdd.dll
2007-04-13 10:59:00 32768 --a------ C:\WINDOWS\system32\isrdbg32.dll
2007-04-13 10:59:00 81920 --a------ C:\WINDOWS\system32\ils.dll
2007-04-13 10:59:00 73472 --a------ C:\WINDOWS\system32\drivers\sr.sys
2007-04-13 10:58:59 69632 --a------ C:\WINDOWS\system32\msconf.dll
2007-04-13 10:58:59 32768 --a------ C:\WINDOWS\system32\mnmsrvc.exe
2007-04-13 10:58:57 105984 --a------ C:\WINDOWS\system32\msoert2.dll
2007-04-13 10:58:57 252928 --a------ C:\WINDOWS\system32\msoeacct.dll
2007-04-13 10:58:57 48128 --a------ C:\WINDOWS\system32\inetres.dll
2007-04-13 10:58:57 679424 --a------ C:\WINDOWS\system32\inetcomm.dll
2007-04-13 10:58:55 190976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-13 10:58:55 12288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-13 10:58:55 274944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-13 10:58:55 81920 --a------ C:\WINDOWS\system32\isign32.dll
2007-04-13 10:58:55 274432 --a------ C:\WINDOWS\system32\inetcfg.dll
2007-04-13 10:58:55 65536 --a------ C:\WINDOWS\system32\icwphbk.dll

Militant Agnostic · « **Reply #19 on:** April 22, 2007, 12:46:23 AM »

2007-04-13 10:58:55 73728 --a------ C:\WINDOWS\system32\icwdial.dll
2007-04-13 10:58:47 21640 --a------ C:\WINDOWS\system32\emptyregdb.dat<EMPTYR~1.DAT>
2007-04-13 10:58:37 0 d-------- C:\WINDOWS\Registration<REGIST~1>
2007-04-13 10:58:16 0 d-------- C:\Program Files\Online Services<ONLINE~1>
2007-04-13 10:58:13 0 d-------- C:\Program Files\Messenger<MESSEN~1>
2007-04-13 10:58:10 5632 --a------ C:\WINDOWS\system32\write.exe
2007-04-13 10:58:10 0 d-------- C:\Program Files\MSN Gaming Zone<MSNGAM~1>
2007-04-13 10:58:03 138752 --a------ C:\WINDOWS\system32\sndvol32.exe
2007-04-13 10:58:03 44544 --a------ C:\WINDOWS\system32\hticons.dll
2007-04-13 10:58:03 73216 --a------ C:\WINDOWS\system32\avwav.dll
2007-04-13 10:58:03 227840 --a------ C:\WINDOWS\system32\avtapi.dll
2007-04-13 10:58:03 16384 --a------ C:\WINDOWS\system32\avmeter.dll
2007-04-13 10:58:02 35328 --a------ C:\WINDOWS\system32\winchat.exe
2007-04-13 10:57:58 605696 --a------ C:\WINDOWS\system32\getuname.dll
2007-04-13 10:57:57 119808 --a------ C:\WINDOWS\system32\winmine.exe
2007-04-13 10:57:57 56832 --a------ C:\WINDOWS\system32\sol.exe
2007-04-13 10:57:57 126976 --a------ C:\WINDOWS\system32\mshearts.exe
2007-04-13 10:57:57 55296 --a------ C:\WINDOWS\system32\freecell.exe
2007-04-13 10:57:57 80384 --a------ C:\WINDOWS\system32\charmap.exe
2007-04-13 10:57:57 114688 --a------ C:\WINDOWS\system32\calc.exe
2007-04-13 10:57:56 1161 --a------ C:\WINDOWS\system32\usrlogon.cmd
2007-04-13 10:57:56 16896 --a------ C:\WINDOWS\system32\tsshutdn.exe
2007-04-13 10:57:56 16384 --a------ C:\WINDOWS\system32\tskill.exe
2007-04-13 10:57:56 14848 --a------ C:\WINDOWS\system32\tsdiscon.exe
2007-04-13 10:57:56 14848 --a------ C:\WINDOWS\system32\tscon.exe
2007-04-13 10:57:56 14848 --a------ C:\WINDOWS\system32\shadow.exe
2007-04-13 10:57:56 15872 --a------ C:\WINDOWS\system32\rwinsta.exe
2007-04-13 10:57:56 9728 --a------ C:\WINDOWS\system32\reset.exe
2007-04-13 10:57:56 33792 --a------ C:\WINDOWS\system32\regini.exe
2007-04-13 10:57:56 4096 --a------ C:\WINDOWS\system32\rdpcfgex.dll
2007-04-13 10:57:56 22016 --a------ C:\WINDOWS\system32\qwinsta.exe
2007-04-13 10:57:56 16896 --a------ C:\WINDOWS\system32\qappsrv.exe
2007-04-13 10:57:56 20992 --a------ C:\WINDOWS\system32\msg.exe
2007-04-13 10:57:56 15360 --a------ C:\WINDOWS\system32\logoff.exe
2007-04-13 10:57:56 15872 --a------ C:\WINDOWS\system32\cdmodem.dll
2007-04-13 10:57:55 25088 --a------ C:\WINDOWS\system32\mtxlegih.dll
2007-04-13 10:57:55 4096 --a------ C:\WINDOWS\system32\mtxex.dll
2007-04-13 10:57:55 20480 --a------ C:\WINDOWS\system32\mtxdm.dll
2007-04-13 10:57:55 5120 --a------ C:\WINDOWS\system32\dcomcnfg.exe
2007-04-13 10:57:55 97792 --a------ C:\WINDOWS\system32\comrepl.dll
2007-04-13 10:57:55 25600 --a------ C:\WINDOWS\system32\comaddin.dll
2007-04-13 10:57:54 54272 --a------ C:\WINDOWS\system32\stclient.dll
2007-04-13 10:57:54 147456 --a------ C:\WINDOWS\system32\comsnap.dll
2007-04-13 10:57:43 131584 --a------ C:\WINDOWS\system32\sndrec32.exe
2007-04-13 10:57:43 123392 --a------ C:\WINDOWS\system32\mplay32.exe
2007-04-13 10:57:43 347136 --a------ C:\WINDOWS\system32\hypertrm.dll
2007-04-13 10:57:43 183808 --a------ C:\WINDOWS\system32\accwiz.exe
2007-04-13 10:57:42 538624 --a------ C:\WINDOWS\system32\spider.exe
2007-04-13 10:57:42 343040 --a------ C:\WINDOWS\system32\mspaint.exe
2007-04-13 10:57:42 21896 --a------ C:\WINDOWS\system32\drivers\tdtcp.sys
2007-04-13 10:57:42 12040 --a------ C:\WINDOWS\system32\drivers\tdpipe.sys
2007-04-13 10:57:42 139528 --a------ C:\WINDOWS\system32\drivers\rdpwd.sys
2007-04-13 10:57:42 102912 --a------ C:\WINDOWS\system32\clipbrd.exe
2007-04-13 10:57:42 0 d-------- C:\Program Files\Windows NT<WINDOW~1>
2007-04-13 10:57:41 44544 --a------ C:\WINDOWS\system32\tscupgrd.exe
2007-04-13 10:57:41 93696 --a------ C:\WINDOWS\system32\tscfgwmi.dll
2007-04-13 10:57:41 295424 --a------ C:\WINDOWS\system32\termsrv.dll
2007-04-13 10:57:41 140800 --a------ C:\WINDOWS\system32\sessmgr.exe
2007-04-13 10:57:41 60416 --a------ C:\WINDOWS\system32\remotepg.dll
2007-04-13 10:57:41 67072 --a------ C:\WINDOWS\system32\rdshost.exe
2007-04-13 10:57:41 13824 --a------ C:\WINDOWS\system32\rdsaddin.exe
2007-04-13 10:57:41 87176 --a------ C:\WINDOWS\system32\rdpwsx.dll
2007-04-13 10:57:41 19968 --a------ C:\WINDOWS\system32\rdpsnd.dll
2007-04-13 10:57:41 62464 --a------ C:\WINDOWS\system32\rdpclip.exe
2007-04-13 10:57:41 147968 --a------ C:\WINDOWS\system32\rdchost.dll
2007-04-13 10:57:41 655360 --a------ C:\WINDOWS\system32\mstscax.dll
2007-04-13 10:57:41 407552 --a------ C:\WINDOWS\system32\mstsc.exe
2007-04-13 10:57:40 11776 --a------ C:\WINDOWS\system32\xolehlp.dll
2007-04-13 10:57:40 20480 --a------ C:\WINDOWS\system32\qprocess.exe
2007-04-13 10:57:40 91136 --a------ C:\WINDOWS\system32\mtxoci.dll
2007-04-13 10:57:40 161280 --a------ C:\WINDOWS\system32\msdtcuiu.dll
2007-04-13 10:57:40 956416 --a------ C:\WINDOWS\system32\msdtctm.dll
2007-04-13 10:57:40 426496 --a------ C:\WINDOWS\system32\msdtcprx.dll
2007-04-13 10:57:40 0 d-------- C:\WINDOWS\system32\MsDtc
2007-04-13 10:57:40 11264 --a------ C:\WINDOWS\system32\icaapi.dll
2007-04-13 10:57:40 38912 --a------ C:\WINDOWS\system32\cfgbkend.dll
2007-04-13 10:57:39 58880 --a------ C:\WINDOWS\system32\msdtclog.dll
2007-04-13 10:57:39 6144 --a------ C:\WINDOWS\system32\msdtc.exe
2007-04-13 10:57:39 0 d-------- C:\WINDOWS\system32\Com
2007-04-13 10:57:39 60416 --a------ C:\WINDOWS\system32\colbact.dll
2007-04-13 10:57:39 110080 --a------ C:\WINDOWS\system32\clbcatex.dll
2007-04-13 10:57:39 625152 --a------ C:\WINDOWS\system32\catsrvut.dll
2007-04-13 10:57:39 85504 --a------ C:\WINDOWS\system32\catsrvps.dll
2007-04-13 10:57:39 225792 --a------ C:\WINDOWS\system32\catsrv.dll
2007-04-13 10:57:38 540160 --a------ C:\WINDOWS\system32\comuid.dll
2007-04-13 10:57:38 1267200 --a------ C:\WINDOWS\system32\comsvcs.dll
2007-04-13 10:57:38 498688 --a------ C:\WINDOWS\system32\clbcatq.dll
2007-04-13 10:57:34 56320 --a------ C:\WINDOWS\system32\servdeps.dll
2007-04-13 10:57:34 17408 --a------ C:\WINDOWS\system32\mmfutil.dll
2007-04-13 10:57:34 58880 --a------ C:\WINDOWS\system32\licwmi.dll
2007-04-13 10:57:34 185344 --a------ C:\WINDOWS\system32\cmprops.dll
2007-04-13 10:57:29 40840 --a------ C:\WINDOWS\system32\drivers\termdd.sys
2007-04-13 10:57:29 196864 --a------ C:\WINDOWS\system32\drivers\rdpdr.sys
2007-04-13 03:47:26 3072 --a------ C:\WINDOWS\system32\drivers\audstub.sys

Militant Agnostic · « **Reply #20 on:** April 22, 2007, 12:46:44 AM »

2007-04-13 03:46:54 57472 --a------ C:\WINDOWS\system32\drivers\redbook.sys
2007-04-13 03:46:42 6400 --a------ C:\WINDOWS\system32\drivers\enum1394.sys
2007-04-13 03:46:33 1972224 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-04-13 03:46:33 1288960 --a------ C:\WINDOWS\system32\ativvaxx.dll
2007-04-13 03:46:33 2824512 --a------ C:\WINDOWS\system32\ati3duag.dll
2007-04-13 03:46:33 870784 --a------ C:\WINDOWS\system32\ati3d1ag.dll
2007-04-13 03:46:33 265728 --a------ C:\WINDOWS\system32\ati2dvag.dll
2007-04-13 03:46:33 348160 --a------ C:\WINDOWS\system32\ati2cqag.dll
2007-04-13 03:46:17 74240 --a------ C:\WINDOWS\system32\usbui.dll
2007-04-13 03:45:37 0 d--hs---- C:\WINDOWS\Installer<INSTAL~1>
2007-04-13 03:45:36 0 d-------- C:\Program Files\Common Files\ODBC
2007-04-13 03:45:34 0 d-a------ C:\Program Files<PROGRA~1>
2007-04-13 03:45:34 0 d-------- C:\Program Files\Common Files\SpeechEngines<SPEECH~1>
2007-04-13 03:45:32 6144 -ra------ C:\WINDOWS\system32\kbdtuq.dll
2007-04-13 03:45:32 6144 -ra------ C:\WINDOWS\system32\kbdtuf.dll
2007-04-13 03:45:32 5632 -ra------ C:\WINDOWS\system32\kbdazel.dll
2007-04-13 03:45:30 5632 -ra------ C:\WINDOWS\system32\kbdmon.dll
2007-04-13 03:45:30 5632 -ra------ C:\WINDOWS\system32\kbdkyr.dll
2007-04-13 03:45:28 8192 -ra------ C:\WINDOWS\system32\kbdhept.dll
2007-04-13 03:45:28 6656 -ra------ C:\WINDOWS\system32\kbdhela3.dll
2007-04-13 03:45:28 6144 -ra------ C:\WINDOWS\system32\kbdhela2.dll
2007-04-13 03:45:28 5632 -ra------ C:\WINDOWS\system32\kbdhe319.dll
2007-04-13 03:45:28 5632 -ra------ C:\WINDOWS\system32\kbdhe220.dll
2007-04-13 03:45:28 5632 -ra------ C:\WINDOWS\system32\kbdhe.dll
2007-04-13 03:45:28 6144 -ra------ C:\WINDOWS\system32\kbdgkl.dll
2007-04-13 03:45:27 6144 -ra------ C:\WINDOWS\system32\kbdlv1.dll
2007-04-13 03:45:27 6144 -ra------ C:\WINDOWS\system32\kbdlv.dll
2007-04-13 03:45:27 5632 -ra------ C:\WINDOWS\system32\kbdlt1.dll
2007-04-13 03:45:27 5632 -ra------ C:\WINDOWS\system32\kbdlt.dll
2007-04-13 03:45:27 6144 -ra------ C:\WINDOWS\system32\kbdest.dll
2007-04-13 03:45:26 6656 -ra------ C:\WINDOWS\system32\kbdsl1.dll
2007-04-13 03:45:26 6656 -ra------ C:\WINDOWS\system32\kbdsl.dll
2007-04-13 03:45:26 5632 -ra------ C:\WINDOWS\system32\kbdro.dll
2007-04-13 03:45:25 6656 -ra------ C:\WINDOWS\system32\kbdycl.dll
2007-04-13 03:45:25 5632 -ra------ C:\WINDOWS\system32\kbdpl1.dll
2007-04-13 03:45:25 6656 -ra------ C:\WINDOWS\system32\kbdpl.dll
2007-04-13 03:45:25 5632 -ra------ C:\WINDOWS\system32\kbdhu1.dll
2007-04-13 03:45:25 6656 -ra------ C:\WINDOWS\system32\kbdhu.dll
2007-04-13 03:45:25 6656 -ra------ C:\WINDOWS\system32\kbdcz2.dll
2007-04-13 03:45:25 6656 -ra------ C:\WINDOWS\system32\kbdcz1.dll
2007-04-13 03:45:25 7168 -ra------ C:\WINDOWS\system32\kbdcz.dll
2007-04-13 03:45:25 6656 -ra------ C:\WINDOWS\system32\kbdcr.dll
2007-04-13 03:45:25 6656 -ra------ C:\WINDOWS\system32\KBDAL.DLL
2007-04-13 03:45:23 24661 --a------ C:\WINDOWS\system32\spxcoins.dll
2007-04-13 03:45:23 13312 --a------ C:\WINDOWS\system32\irclass.dll
2007-04-13 03:45:23 103424 --a------ C:\WINDOWS\system32\EqnClass.Dll
2007-04-13 03:45:23 85020 --a------ C:\WINDOWS\system32\dgsetup.dll
2007-04-13 03:45:23 176157 --a------ C:\WINDOWS\system32\dgrpsetu.dll
2007-04-13 03:45:23 9008 --a------ C:\WINDOWS\system\VER.DLL
2007-04-13 03:45:23 19200 --a------ C:\WINDOWS\system\TAPI.DLL
2007-04-13 03:45:22 5120 --a------ C:\WINDOWS\system\SHELL.DLL
2007-04-13 03:45:22 24064 --a------ C:\WINDOWS\system\OLESVR.DLL
2007-04-13 03:45:22 82944 --a------ C:\WINDOWS\system\OLECLI.DLL
2007-04-13 03:45:22 126912 --a------ C:\WINDOWS\system\MSVIDEO.DLL
2007-04-13 03:45:22 9936 --a------ C:\WINDOWS\system\LZEXPAND.DLL
2007-04-13 03:45:22 32816 --a------ C:\WINDOWS\system\COMMDLG.DLL
2007-04-13 03:45:21 15360 --a------ C:\WINDOWS\TASKMAN.EXE
2007-04-13 03:45:21 11264 --a------ C:\WINDOWS\system32\drivers\irenum.sys
2007-04-13 03:45:21 8704 --a------ C:\WINDOWS\system32\batt.dll
2007-04-13 03:45:21 109456 --a------ C:\WINDOWS\system\AVIFILE.DLL
2007-04-13 03:45:21 69584 --a------ C:\WINDOWS\system\AVICAP.DLL
2007-04-13 03:45:20 68768 --a------ C:\WINDOWS\system\MMSYSTEM.DLL
2007-04-13 03:45:20 69120 --a------ C:\WINDOWS\NOTEPAD.EXE
2007-04-13 03:45:17 74752 --a------ C:\WINDOWS\system32\storprop.dll
2007-04-13 03:45:11 0 dr------- C:\Documents and Settings\All Users\Documents<DOCUME~1>
2007-04-13 03:43:20 0 d-------- C:\WINDOWS\system32\CatRoot2
2007-04-13 03:43:20 0 d-------- C:\WINDOWS\system32\CatRoot
2007-04-13 03:42:56 0 d-------- C:\Documents and Settings<DOCUME~1>
2007-04-13 03:42:55 0 d--hs---- C:\System Volume Information<SYSTEM~1>
2007-04-13 03:37:16 0 d-------- C:\WINDOWS
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\WinSxS
2007-04-13 03:37:16 0 dr------- C:\WINDOWS\Web
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\twain_32
2007-04-13 03:37:16 0 d--hs---- C:\WINDOWS\system32
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\wins
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\wbem
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\usmt
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\spool
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\ShellExt
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\Setup
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\ras
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\oobe
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\npp
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\mui
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\inetsrv
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\IME
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\icsxml
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\ias
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\export
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\drivers
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\drivers\etc
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\drivers\disdn
2007-04-13 03:37:16 0 dr-hs--c- C:\WINDOWS\system32\dllcache
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\dhcp
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\config
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\3com_dmi
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\3076
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\2052
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1054
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1042
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1041
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1037
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1033
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1031
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1028

Militant Agnostic · « **Reply #21 on:** April 22, 2007, 12:47:22 AM »

2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system32\1025
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\system
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\security
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Resources<RESOUR~1>
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\repair
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Provisioning<PROVIS~1>
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\PeerNet
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\pchealth
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\mui
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\msapps
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\msagent
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Media
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\java
2007-04-13 03:37:16 0 d--h----- C:\WINDOWS\inf
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\ime
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Help
2007-04-13 03:37:16 0 dr--s---- C:\WINDOWS\Fonts
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Driver Cache<DRIVER~1>
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Debug
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Cursors
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Connection Wizard<CONNEC~1>
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\Config
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\AppPatch
2007-04-13 03:37:16 0 d-------- C:\WINDOWS\addins

-- Find3M Report ---------------------------------------------------------------

2007-04-20 19:28:59 0 d---s---- C:\Documents and Settings\Enter\Application Data\Microsoft<MICROS~1>
2007-04-16 17:51:17 0 d-------- C:\Program Files\Common Files\Macromedia<MACROM~1>
2007-04-16 17:51:13 0 d-------- C:\Program Files\Macromedia<MACROM~1>
2007-04-16 16:09:14 0 d-------- C:\Documents and Settings\Enter\Application Data\Macromedia<MACROM~1>
2007-04-16 16:02:59 0 d-------- C:\Documents and Settings\Enter\Application Data\Mozilla
2007-04-13 11:10:49 0 d-------- C:\Documents and Settings\Enter\Application Data\Identities<IDENTI~1>
2007-04-13 03:45:11 62 --ahs---- C:\Documents and Settings\Enter\Application Data\desktop.ini
2007-03-17 06:43:01 292864 --a------ C:\WINDOWS\system32\winsrv.dll
2007-03-08 08:36:28 577536 --a------ C:\WINDOWS\system32\user32.dll
2007-03-08 08:36:28 40960 --a------ C:\WINDOWS\system32\mf3216.dll
2007-03-08 08:36:28 281600 --a------ C:\WINDOWS\system32\gdi32.dll
2007-03-08 06:47:48 1843584 --a------ C:\WINDOWS\system32\win32k.sys
2007-03-02 13:57:04 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2007-03-02 13:54:35 307200 --a------ C:\WINDOWS\system32\ATIDEMGX.dll
2007-03-02 13:47:51 118784 --a------ C:\WINDOWS\system32\atipdlxx.dll
2007-03-02 13:47:42 110592 --a------ C:\WINDOWS\system32\Oemdspif.dll
2007-03-02 13:47:35 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2007-03-02 13:47:30 42496 --a------ C:\WINDOWS\system32\ati2edxx.dll
2007-03-02 13:47:19 110592 --a------ C:\WINDOWS\system32\ati2evxx.dll
2007-03-02 13:46:12 446464 --a------ C:\WINDOWS\system32\ati2evxx.exe
2007-03-02 13:45:32 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2007-03-02 13:29:08 3107788 --a------ C:\WINDOWS\system32\ativvaxx.dat
2007-03-02 13:21:15 5398528 --a------ C:\WINDOWS\system32\atioglxx.dll
2007-03-02 13:17:37 258048 --a------ C:\WINDOWS\system32\atikvmag.dll
2007-03-02 13:16:23 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
2007-02-26 08:44:06 147685 --a------ C:\WINDOWS\system32\atiicdxx.dat
2007-02-05 13:17:02 185344 --a------ C:\WINDOWS\system32\upnphost.dll

-- Registry Dump ---------------------------------------------------------------

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"AWMON"="\"E:\\Program Files\\Lavasoft\\Ad-Aware SE Plus\\Ad-Watch.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"NWEReboot"=""
"SoundMan"="SOUNDMAN.EXE"
"Windows Defender"="\"C:\\Program Files\\Windows Defender\\MSASCui.exe\" -hide"
"NeroFilterCheck"="C:\\Program Files\\Common Files\\Ahead\\Lib\\NeroCheck.exe"
"RemoteControl"="\"C:\\Program Files\\CyberLink\\PowerDVD\\PDVDServ.exe\""

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"="Microsoft AntiMalware ShellExecuteHook"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\shellserviceobjectdelayload]
"WPDShServiceObj"="{AAA288BA-9A4C-45B0-95D7-94D524869DB5}"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"="msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll"

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]
HTTPFilter   REG_MULTI_SZ     HTTPFilter\0\0
LocalService   REG_MULTI_SZ     Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0
NetworkService   REG_MULTI_SZ     DnsCache\0\0
DcomLaunch   REG_MULTI_SZ     DcomLaunch\0TermService\0\0
rpcss   REG_MULTI_SZ     RpcSs\0\0
imgsvc   REG_MULTI_SZ     StiSvc\0\0
termsvcs   REG_MULTI_SZ     TermService\0\0
WudfServiceGroup   REG_MULTI_SZ     WUDFSvc\0\0

[HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H]
Shell\AutoRun\command   H:\LaunchU3.exe
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_CMDAGENT
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_CMDMON
*newlycreated* - HKEY_LOCAL_MACHINE\system\currentcontrolset\enum\root\LEGACY_INSPECT

-- End of Deckard's System Scanner: finished at 2007-04-21 at 15:38:19 ---------

mauserme · « **Reply #22 on:** April 22, 2007, 01:15:55 AM »

Did you already run SDFix against this?? If you did, what did it show?

Well, download and install the latest version of Java

http://www.java.com/en/download/manual.jsp

After installation and reboot (if called for), open Add/Remove Programs in the Control Panel and uninstall any version of Java older than Version 6 Update 1.

Now download VundoFix.exe to your desktop.

Double-click VundoFix.exe to run it.
When VundoFix re-opens, click the Scan for Vundo button.
Once it's done scanning, click the Remove Vundo button.
You will receive a prompt asking if you want to remove the files, click YES
Once you click yes, your desktop will go blank as it starts removing Vundo.
When completed, it will prompt that it will reboot your computer, click OK.

Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the
Scan for Vundo button." when VundoFix appears at reboot.

A log will be produced which you can post in your next response.

Also, check C:\Program Files\Messenger\mesofip.dll at Virus Total and post the results

http://www.virustotal.com/en/indexf.html

FreewheelinFrank · « **Reply #23 on:** April 22, 2007, 09:13:50 AM »

Hi Militant Agnostic,

You have not tried AVG Anti-Spyware, as recommended by Tech. This is an effective scanner and is definitely worth trying.

As there seems to be nothing in your HijackThis! log, it would be worth running some anti-rootkit scans to check for hidden malware:

http://free.grisoft.com/doc/avg-anti-rootkit-free/lng/us/tpl/v5

http://research.pandasoftware.com/blogs/research/archive/2007/04/02/Panda-AntiRootkit-Released.aspx

http://www.f-secure.com/blacklight/

Militant Agnostic · « **Reply #24 on:** April 24, 2007, 02:07:07 AM »

After running VundoFIX, the program gave me a message saying "No infected files were found."

Here's the report from virustotal:
AhnLab-V3   2007.4.24.0   04.23.2007   no virus found
AntiVir   7.4.0.14   04.23.2007   ADSPY/TTC.A.2
Authentium   4.93.8   04.23.2007   no virus found
Avast   4.7.981.0   04.23.2007   no virus found
AVG   7.5.0.464   04.23.2007   Adware Generic2.GG
BitDefender   7.2   04.24.2007   Adware.TTC.A
CAT-QuickHeal   9.00   04.23.2007   no virus found
ClamAV   devel-20070416   04.24.2007   no virus found
DrWeb   4.33   04.23.2007   no virus found
eSafe   7.0.15.0   04.23.2007   no virus found
eTrust-Vet   30.7.3589   04.23.2007   no virus found
Ewido   4.0   04.23.2007   Adware.TTC
FileAdvisor   1   04.24.2007   No threat detected
Fortinet   2.85.0.0   04.23.2007   no virus found
F-Prot   4.3.2.48   04.23.2007   no virus found
F-Secure   6.70.13030.0   04.24.2007   no virus found
Ikarus   T3.1.1.5   04.23.2007   no virus found
Kaspersky   4.0.2.24   04.24.2007   not-a-virus:AdWare.Win32.TTC.a
McAfee   5015   04.23.2007   Generic Downloader.ab
Microsoft   1.2405   04.24.2007   no virus found
NOD32v2   2213   04.23.2007   no virus found
Norman   5.80.02   04.23.2007   W32/TTC.C
Panda   9.0.0.4   04.23.2007   Adware/TTC
Prevx1   V2   04.24.2007   no virus found
Sophos   4.16.0   04.23.2007   no virus found
Sunbelt   2.2.907.0   04.19.2007   no virus found
Symantec   10   04.24.2007   no virus found
TheHacker   6.1.6.095   04.15.2007   no virus found
VBA32   3.11.4   04.23.2007   no virus found
VirusBuster   4.3.7:9   04.23.2007   no virus found
Webwasher-Gateway   6.0.1   04.23.2007   Ad-Spyware.TTC.A.2

Author Topic: Help! I need somebody! Anybody! (Read 15492 times)

Militant Agnostic

Re: Help! I need somebody! Anybody!

Militant Agnostic

Re: Help! I need somebody! Anybody!

Militant Agnostic

Re: Help! I need somebody! Anybody!

Militant Agnostic

Re: Help! I need somebody! Anybody!

Militant Agnostic

Re: Help! I need somebody! Anybody!

Militant Agnostic

Re: Help! I need somebody! Anybody!

Militant Agnostic

Re: Help! I need somebody! Anybody!

mauserme

Re: Help! I need somebody! Anybody!

FreewheelinFrank

Re: Help! I need somebody! Anybody!

Militant Agnostic

Re: Help! I need somebody! Anybody!