New desktop computer

Question

Dear DellForums   I recently bought a new computer and I am finding a some problems.  Because it is so new i can't tell if it is a infection already or setup incorrectly/inefficiently.  There are three main issues i am having.  Firstly when i beginning my work, i find that it slows down often, espsecially when i play music (you can defiently notice it slow down, the music begins to play in slow motion) and using IE slows too.  This surprised me because i have hardware that was (i thought) meant to be able to cope with at least normal work loads (Core2DuoE6300, Intel 965P chipset, 2GBRAM, 512MB graphics). Secondly i am not sure what to look for in terms of pop-up blocking software. I just installed NOD32 to replace Norton 06 as well.  I am kind of scared my computer will get infected easily.  My notebook was fixed by this forum in the past and i am really happy with it so i decided to come back here for help.  Lastly my mouse is moving erratically, i tried fixing it but nothing has worked (its a microsoft basic optical mouse 1.0A) and its begining to annoy me.   After trying to fix my computer, still nothing has improved.  As i said i cant tell if this is a virus/malware that managed to get past NOD32, or i have unintentionally set it up poorly.  All i know is that the Dell hijackthis forum has provided me with good help.  Here is my hijackthis log.   Logfile of HijackThis v1.99.1 Scan saved at 12:56:03 PM, on 16/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Eset
od32krn.exe C:\WINDOWS\system32
vsvc32.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Eset
od32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\iriver\iriver plus\iAgent.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Terry\My Documents\Miscellaneous\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nod32kui] 'C:\Program Files\Eset
od32kui.exe' /WAITSERVICE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] 'C:\Program Files\MSN Messenger\MsnMsgr.Exe' /background O4 - HKCU\..\Run: [iPlusAgent] 'C:\Program Files\iriver\iriver plus\iAgent.exe' O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by138fd.bay138.hotmail.msn.com/resources/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3ED2F249-5417-49CC-8278-A90C277A1EE6}: Domain = vic.bigpond.net.au O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset
od32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe   Regards, GBAMinh PS. I hope this is not too much trouble.

bamajim · Answer

GBAMinh

There are still some section of Norton's remaining that need to go.

1. Go HERE and download and run the Symantec Removal Tool

Pick the right version according to your application

2. *NOTE* CCleaner deletes EVERYTHING out of temp/temporary folders. If you have anything in a temp folder, back it up or move it to a permanent folder prior to running CCleaner!

Download CCleaner from here to clean temp files from your computer.

Double click on the file to start the installation of the program.
Select your language and click OK, then next.
Read the license agreement and click I Agree.
Click next to use the default install location. Click Install then finish to complete installation.
Double click the CCleaner shortcut on the desktop to start the program.
On the "Windows" tab, under "Internet Explorer," uncheck "Cookies" if you do not want them deleted. (If deleted, you will likely need to reenter your passwords at all sites where a cookie is used to recognize you when you visit).
If you use either the Firefox or Mozilla browsers, the box to uncheck for "Cookies" is on the Applications tab, under Firefox/Mozilla.
Click on the "Options" icon at the left side of the window, then click on "Advanced." deselect "Only delete files in Windows Temp folders older than 48 hours."
Click on the "Cleaner" icon on the left side of the window, then click Run Cleaner to run the program.
Caution: It is not recommended that you use the "Issues" feature unless you are very familiar with the registry as it has been known to find legitimate items.
After CCleaner has completed its process, click Exit.

3. Reboot your PC->>Rerun Hijackthis and post a fresh Hiajckthis log. And include an update on how your PC is running?

bamajim Graduate of MRU

CastleCops Instructor

GBAMinh · Answer

Dear bamajim   Thanks again, you've given me some valuable help.  Well i completed those steps and the computer is still running slower at times then expected.  There is one new thing though, when i go to turn off/restart the computer a new popup message appears on the blue XP shut down screen.  It asks me something about my A:drive, however i don't even have an A:drive!  I've no idea what is prompting that.  Well here is my new log.   Regards, GBAMinh   Logfile of HijackThis v1.99.1 Scan saved at 9:58:26 AM, on 17/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Eset
od32krn.exe C:\WINDOWS\system32
vsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\Eset
od32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\iriver\iriver plus\iAgent.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\Terry\My Documents\Miscellaneous\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nod32kui] 'C:\Program Files\Eset
od32kui.exe' /WAITSERVICE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] 'C:\Program Files\MSN Messenger\MsnMsgr.Exe' /background O4 - HKCU\..\Run: [iPlusAgent] 'C:\Program Files\iriver\iriver plus\iAgent.exe' O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by138fd.bay138.hotmail.msn.com/resources/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3ED2F249-5417-49CC-8278-A90C277A1EE6}: Domain = vic.bigpond.net.au O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\ O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset
od32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

bamajim · Answer

GBAMinh

1. Rerun Hijackthis (scan only) and place a check beside the following entry

O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\

Close all other open Windows except Hijackthis and Select " Fix checked"

Close Hijackthis->>Reboot your pc ->>Rerun Hijackthis and post a fresh log

bamajim Graduate of MRU

CastleCops Instructor

GBAMinh · Answer

No real noticable changes so far, as far as i can tell.  Here is the fresh hijackthis log you asked for.   Regards, GBAMinh   Logfile of HijackThis v1.99.1 Scan saved at 6:37:25 PM, on 20/04/2007 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe C:\Program Files\Eset
od32krn.exe C:\WINDOWS\system32
vsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Eset
od32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\iriver\iriver plus\iAgent.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\MSN Messenger\usnsvc.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Terry\My Documents\Miscellaneous\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigpond.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [GBB36X Configure] C:\WINDOWS\system32\JMRaidTool.exe boot O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [VGAUtil] C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [nod32kui] 'C:\Program Files\Eset
od32kui.exe' /WAITSERVICE O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MsnMsgr] 'C:\Program Files\MSN Messenger\MsnMsgr.Exe' /background O4 - HKCU\..\Run: [iPlusAgent] 'C:\Program Files\iriver\iriver plus\iAgent.exe' O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by138fd.bay138.hotmail.msn.com/resources/MsnPUpld.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{3ED2F249-5417-49CC-8278-A90C277A1EE6}: Domain = vic.bigpond.net.au O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:\Program Files\Eset
od32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32
vsvc32.exe

bamajim · Answer

GBAMinh

1. Download this file - combofix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you. Post that log in your next reply

Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall

bamajim Graduate of MRU

CastleCops Instructor

GBAMinh · Answer

Dear, bamajim   I've tried to post this combofix file and i cannot seem to post it.  The message body limit is 20,000 characters, yet it doesn't let me even post under 10,000, i do not know why?  With a total of 40,000+ is there another way for me to post this to you.   Regards, GBAMinh

GBAMinh · Answer

Here is the combofix log you asked for.  I have to post it in parts though. Regards, GBAminh 'Terry' - 07-04-21 11:55:24    Service Pack 2  ComboFix 07-04-20.3V - Running from: C:\Documents and Settings\Terry\My Documents\Miscellaneous\ (((((((((((((((((((((((((((((((   Files Created from 2007-03-21 to 2007-04-21  )))))))))))))))))))))))))))))))))) 2007-04-17 09:30 d-------- C:\Program Files\CCleaner 2007-04-16 16:34 178,408 --a------ C:\WINDOWS\system32\muweb.dll 2007-04-16 16:34 127,208 --a------ C:\WINDOWS\system32\mucltui.dll 2007-04-16 11:25 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll 2007-04-16 11:25 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll 2007-04-16 11:25 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll 2007-04-16 11:25 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll 2007-04-16 11:25 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll 2007-04-16 11:25 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll 2007-04-16 11:25 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll 2007-04-16 11:25 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll 2007-04-16 09:01 512,096 --a------ C:\WINDOWS\system32\drivers\amon.sys 2007-04-16 09:01 298,104 --a------ C:\WINDOWS\system32\imon.dll 2007-04-16 09:01 15,424 --a------ C:\WINDOWS\system32\drivers
od32drv.sys 2007-04-16 08:55 30,512 --a------ C:\WINDOWS\system32\mdimon.dll 2007-04-16 08:54 d-------- C:\Program Files\Microsoft Works 2007-04-16 08:48 d-------- C:\WINDOWS\SHELLNEW 2007-04-16 08:45 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Microsoft Help 2007-04-16 08:44 dr-h----- C:\MSOCache 2007-04-15 19:45 d-------- C:\WINDOWS\pss 2007-04-14 09:36 9,600 --a------ C:\WINDOWS\system32\drivers\hidusb.sys 2007-04-14 09:36 12,160 --a------ C:\WINDOWS\system32\drivers\mouhid.sys 2007-04-14 09:19 d-------- C:\WINDOWS\system32\appmgmt 2007-04-14 09:10 d-------- C:\WINDOWS\LastGood(2) 2007-04-13 21:33 d---s---- C:\DOCUME~1\Phong\UserData 2007-04-13 20:58 d-------- C:\DOCUME~1\Phong\Contacts 2007-04-13 10:23 d-------- C:\My SyncDirectory 2007-04-13 10:23 d-------- C:\DOCUME~1\Terry\APPLIC~1\iriver 2007-04-13 10:18 d-------- C:\WINDOWS\RegisteredPackages 2007-04-13 10:17 35,840 --a------ C:\WINDOWS\system32\drivers\AFS2K.SYS 2007-04-13 10:17 d-------- C:\Program Files\iriver 2007-04-12 10:33 d----c--- C:\WINDOWS\system32\DRVSTORE 2007-04-12 10:33 d-------- C:\DOCUME~1\Terry\Contacts 2007-04-12 10:32 d-------- C:\Program Files\MSN Messenger 2007-04-12 00:31 d-------- C:\DOCUME~1\Terry\APPLIC~1\Media Player Classic 2007-04-12 00:30 d-------- C:\Program Files\Real Alternative 2007-04-12 00:30 d-------- C:\Program Files\Media Player Classic 2007-04-12 00:30 d-------- C:\DOCUME~1\Terry\APPLIC~1\Real 2007-04-12 00:30 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real 2007-04-05 18:42 d---s---- C:\DOCUME~1\Terry\UserData 2007-04-04 22:46 786,432 --ah----- C:\DOCUME~1\Thao
tuser.dat 2007-04-03 15:21 225,664 --a------ C:\WINDOWS\system32\drivers	cpip6.sys 2007-04-03 15:19 1,843,584 --a------ C:\WINDOWS\system32\win32k.sys 2007-04-03 15:18 262,144 --a------ C:\DOCUME~1\ALLUSE~1
tuser.dat 2007-04-03 15:17 721,920 --a------ C:\WINDOWS\system32\lsasrv.dll 2007-04-03 15:17 132,096 --a------ C:\WINDOWS\system32\wkssvc.dll 2007-04-03 15:15 37,888 --a------ C:\WINDOWS\system32\olecnv32.dll 2007-04-03 15:14 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys 2007-04-03 14:55 d-------- C:\WINDOWS\system32\LogFiles 2007-04-03 12:55 2,084 --a------ C:\WINDOWS\eReg.dat 2007-04-03 12:54 33,792 -ra------ C:\WINDOWS\NPSExec.exe 2007-04-03 12:54 d-------- C:\Program Files\Electronic Arts 2007-04-03 12:51 d-------- C:\Program Files\Maxis 2007-04-03 12:50 d-------- C:\DOCUME~1\Terry\WINDOWS 2007-04-03 12:48 d--h----- C:\WINDOWS\$hf_mig$ 2007-04-03 12:48 d-------- C:\WINDOWS\system32\PreInstall 2007-04-03 11:59 265,856 --a------ C:\WINDOWS\system32\drivers\WG511v2.sys 2007-04-03 11:59 d-------- C:\WINDOWS\Downloaded Installations 2007-04-03 11:59 d-------- C:\Program Files\NETGEAR 2007-04-03 11:55 d-------- C:\WINDOWS\system32\SoftwareDistribution 2007-04-03 11:55 d-------- C:\Program Files\Telstra 2007-04-03 11:55 d-------- C:\DOCUME~1\Terry\APPLIC~1\BigPond 2007-04-03 11:55 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\BigPond 2007-04-03 01:49 57,472 --a------ C:\WINDOWS\system32\driversedbook.sys 2007-04-03 01:49 3,072 --a------ C:\WINDOWS\system32\drivers\audstub.sys 2007-04-03 01:48 8,192 -ra------ C:\WINDOWS\system32\kbdhept.dll 2007-04-03 01:48 74,240 --a------ C:\WINDOWS\system32\usbui.dll 2007-04-03 01:48 6,656 -ra------ C:\WINDOWS\system32\kbdhela3.dll 2007-04-03 01:48 6,144 -ra------ C:\WINDOWS\system32\kbdtuq.dll 2007-04-03 01:48 6,144 -ra------ C:\WINDOWS\system32\kbdtuf.dll 2007-04-03 01:48 6,144 -ra------ C:\WINDOWS\system32\kbdlv1.dll 2007-04-03 01:48 6,144 -ra------ C:\WINDOWS\system32\kbdlv.dll 2007-04-03 01:48 6,144 -ra------ C:\WINDOWS\system32\kbdhela2.dll 2007-04-03 01:48 6,144 -ra------ C:\WINDOWS\system32\kbdgkl.dll 2007-04-03 01:48 6,144 -ra------ C:\WINDOWS\system32\kbdest.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdmon.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdlt1.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdlt.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdkyr.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe319.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe220.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdhe.dll 2007-04-03 01:48 5,632 -ra------ C:\WINDOWS\system32\kbdazel.dll 2007-04-03 01:48 dr------- C:\Program Files 2007-04-03 01:48 d-------- C:\Program Files\Common Files\SpeechEngines 2007-04-03 01:48 d-------- C:\Program Files\Common Files\ODBC 2007-04-03 01:47 9,936 --a------ C:\WINDOWS\system\LZEXPAND.DLL 2007-04-03 01:47 9,008 --a------ C:\WINDOWS\system\VER.DLL 2007-04-03 01:47 85,020 --a------ C:\WINDOWS\system32\dgsetup.dll 2007-04-03 01:47 82,944 --a------ C:\WINDOWS\system\OLECLI.DLL 2007-04-03 01:47 8,704 --a------ C:\WINDOWS\system32\batt.dll 2007-04-03 01:47 74,752 --a------ C:\WINDOWS\system32\storprop.dll 2007-04-03 01:47 7,168 -ra------ C:\WINDOWS\system32\kbdcz.dll 2007-04-03 01:47 69,584 --a------ C:\WINDOWS\system\AVICAP.DLL 2007-04-03 01:47 69,120 --a------ C:\WINDOWS
otepad.exe 2007-04-03 01:47 68,768 --a------ C:\WINDOWS\system\mmsystem.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdycl.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdsl1.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdsl.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdpl.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdhu.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdcz2.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdcz1.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\kbdcr.dll 2007-04-03 01:47 6,656 -ra------ C:\WINDOWS\system32\KBDAL.DLL 2007-04-03 01:47 5,632 -ra------ C:\WINDOWS\system32\kbdro.dll 2007-04-03 01:47 5,632 -ra------ C:\WINDOWS\system32\kbdpl1.dll 2007-04-03 01:47 5,632 -ra------ C:\WINDOWS\system32\kbdhu1.dll 2007-04-03 01:47 5,120 --a------ C:\WINDOWS\system\SHELL.DLL 2007-04-03 01:47 32,816 --a------ C:\WINDOWS\system\COMMDLG.DLL 2007-04-03 01:47 24,661 --a------ C:\WINDOWS\system32\spxcoins.dll 2007-04-03 01:47 24,064 --a------ C:\WINDOWS\system\OLESVR.DLL 2007-04-03 01:47 19,200 --a------ C:\WINDOWS\system\TAPI.DLL 2007-04-03 01:47 176,157 --a------ C:\WINDOWS\system32\dgrpsetu.dll 2007-04-03 01:47 15,360 --a------ C:\WINDOWS\TASKMAN.EXE 2007-04-03 01:47 13,312 --a------ C:\WINDOWS\system32\irclass.dll 2007-04-03 01:47 126,912 --a------ C:\WINDOWS\system\MSVIDEO.DLL 2007-04-03 01:47 11,264 --a------ C:\WINDOWS\system32\drivers\irenum.sys 2007-04-03 01:47 109,456 --a------ C:\WINDOWS\system\AVIFILE.DLL 2007-04-03 01:47 103,424 --a------ C:\WINDOWS\system32\EqnClass.Dll 2007-04-03 01:47 dr------- C:\DOCUME~1\ALLUSE~1\Documents 2007-04-03 01:47 d-------- C:\WINDOWS\system32\CatRoot2 2007-04-03 01:47 d-------- C:\WINDOWS\system32\CatRoot 2007-04-03 01:46 d-------- C:\Documents and Settings 2007-04-03 01:41 dr-hsc--- C:\WINDOWS\system32\dllcache 2007-04-03 01:41 dr--s---- C:\WINDOWS\Fonts 2007-04-03 01:41 dr------- C:\WINDOWS\Web 2007-04-03 01:41 d--h----- C:\WINDOWS\inf 2007-04-03 01:41 d-------- C:\WINDOWS\WinSxS 2007-04-03 01:41 d-------- C:\WINDOWS	wain_32 2007-04-03 01:41 d-------- C:\WINDOWS\system32\wins 2007-04-03 01:41 d-------- C:\WINDOWS\system32\wbem 2007-04-03 01:41 d-------- C:\WINDOWS\system32\usmt 2007-04-03 01:41 d-------- C:\WINDOWS\system32\spool 2007-04-03 01:41 d-------- C:\WINDOWS\system32\ShellExt 2007-04-03 01:41 d-------- C:\WINDOWS\system32\Setup 2007-04-03 01:41 d-------- C:\WINDOWS\system32as 2007-04-03 01:41 d-------- C:\WINDOWS\system32\oobe 2007-04-03 01:41 d-------- C:\WINDOWS\system32
pp 2007-04-03 01:41 d-------- C:\WINDOWS\system32\mui 2007-04-03 01:41 d-------- C:\WINDOWS\system32\inetsrv 2007-04-03 01:41 d-------- C:\WINDOWS\system32\IME 2007-04-03 01:41 d-------- C:\WINDOWS\system32\icsxml 2007-04-03 01:41 d-------- C:\WINDOWS\system32\ias 2007-04-03 01:41 d-------- C:\WINDOWS\system32\export 2007-04-03 01:41 d-------- C:\WINDOWS\system32\drivers\etc 2007-04-03 01:41 d-------- C:\WINDOWS\system32\drivers\disdn 2007-04-03 01:41 d-------- C:\WINDOWS\system32\drivers 2007-04-03 01:41 d-------- C:\WINDOWS\system32\dhcp 2007-04-03 01:41 d-------- C:\WINDOWS\system32\config 2007-04-03 01:41 d-------- C:\WINDOWS\system32\3com_dmi 2007-04-03 01:41 d-------- C:\WINDOWS\system32\3076 2007-04-03 01:41 d-------- C:\WINDOWS\system32\2052 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1054 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1042 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1041 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1037 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1033 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1031 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1028 2007-04-03 01:41 d-------- C:\WINDOWS\system32\1025 2007-04-03 01:41 d-------- C:\WINDOWS\system32 2007-04-03 01:41 d-------- C:\WINDOWS\system 2007-04-03 01:41 d-------- C:\WINDOWS\security 2007-04-03 01:41 d-------- C:\WINDOWS\Resources 2007-04-03 01:41 d-------- C:\WINDOWSepair 2007-04-03 01:41 d-------- C:\WINDOWS\mui 2007-04-03 01:41 d-------- C:\WINDOWS\msapps 2007-04-03 01:41 d-------- C:\WINDOWS\msagent 2007-04-03 01:41 d-------- C:\WINDOWS\Media 2007-04-03 01:41 d-------- C:\WINDOWS\java 2007-04-03 01:41 d-------- C:\WINDOWS\ime 2007-04-03 01:41 d-------- C:\WINDOWS\Help 2007-04-03 01:41 d-------- C:\WINDOWS\Driver Cache 2007-04-03 01:41 d-------- C:\WINDOWS\Debug 2007-04-03 01:41 d-------- C:\WINDOWS\Cursors 2007-04-03 01:41 d-------- C:\WINDOWS\Connection Wizard 2007-04-03 01:41 d-------- C:\WINDOWS\Config 2007-04-03 01:41 d-------- C:\WINDOWS\AppPatch 2007-04-03 01:41 d-------- C:\WINDOWS\addins 2007-04-03 01:41 d-------- C:\WINDOWS 2007-04-02 23:25 271,360 --a------ C:\WINDOWS\system32\drivers\atksgt.sys 2007-04-02 23:25 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll 2007-04-02 23:25 18,048 --a------ C:\WINDOWS\system32\drivers\lirsgt.sys 2007-04-02 23:15 d-------- C:\Program Files\Techland 2007-04-02 22:54 1,048,576 --ah----- C:\DOCUME~1\Phong
tuser.dat 2007-04-02 22:52 5,632 --a------ C:\WINDOWS\system32\ptpusb.dll 2007-04-02 22:52 159,232 --a------ C:\WINDOWS\system32\ptpusd.dll 2007-04-02 22:52 15,104 --a------ C:\WINDOWS\system32\drivers\usbscan.sys 2007-04-02 22:52 d-------- C:\Program Files\KODAK 2007-04-02 22:31 d--hs---- C:\RECYCLER 2007-04-02 21:35 d-------- C:\DOCUME~1\Terry\APPLIC~1\AdobeUM 2007-04-02 21:34 d-------- C:\Program Files\Common Files\Adobe 2007-04-02 21:34 d-------- C:\DOCUME~1\Terry\APPLIC~1\Adobe 2007-04-02 21:24 10,344 --a------ C:\WINDOWS\system32\drivers\symlcbrd.sys 2007-04-02 21:22 d-------- C:\Program Files\Symantec 2007-04-02 21:22 d-------- C:\Program Files\Common Files\Symantec Shared 2007-04-02 21:22 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Symantec 2007-04-02 21:20 983,552 --------- C:\WINDOWS\system32\_000006_.tmp.dll 2007-04-02 21:11 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Adobe 2007-04-02 21:10 d-------- C:\WINDOWS\Cache 2007-04-02 20:56 5,112 --a------ C:\WINDOWS\GPCIDrv.sys 2007-04-02 20:56 17,962 --a------ C:\WINDOWS\system32\drivers\GVTDrv.sys 2007-04-02 20:53 d-------- C:\WINDOWS\NV648640.TMP 2007-04-02 20:45 d-------- C:\WINDOWS\system32\Lang 2007-04-02 20:40 40,960 -r------- C:\WINDOWS\system32\ChCfg.exe 2007-04-02 20:40 143,360 -r------- C:\WINDOWS\system32\RtlCPAPI.dll 2007-04-02 20:39 82,944 --a------ C:\WINDOWS\system32\drivers\wdmaud.sys 2007-04-02 20:39 6,400 --a------ C:\WINDOWS\system32\drivers\splitter.sys 2007-04-02 20:38 7,552 --a------ C:\WINDOWS\system32\drivers\MSKSSRV.sys 2007-04-02 20:38 69,632 -r------- C:\WINDOWS\Alcmtr.exe 2007-04-02 20:38 60,800 --a------ C:\WINDOWS\system32\drivers\sysaudio.sys 2007-04-02 20:38 54,272 --a------ C:\WINDOWS\system32\drivers\swmidi.sys 2007-04-02 20:38 52,864 --a------ C:\WINDOWS\system32\drivers\DMusic.sys 2007-04-02 20:38 5,376 --a------ C:\WINDOWS\system32\drivers\MSPCLOCK.sys 2007-04-02 20:38 4,992 --a------ C:\WINDOWS\system32\drivers\MSPQM.sys 2007-04-02 20:38 364,544 -r------- C:\WINDOWS\RtlUpd.exe 2007-04-02 20:38 2,944 --a------ C:\WINDOWS\system32\drivers\drmkaud.sys 2007-04-02 20:38 2,808,832 -r------- C:\WINDOWS\alcwzrd.exe 2007-04-02 20:38 172,416 --a------ C:\WINDOWS\system32\drivers\kmixer.sys 2007-04-02 20:38 142,464 --a------ C:\WINDOWS\system32\drivers\aec.sys 2007-04-02 20:38 d-------- C:\WINDOWS\system32\RTCOM 2007-04-02 20:37 9,709,568 -r------- C:\WINDOWS\RTLCPL.exe 2007-04-02 20:37 86,016 -r------- C:\WINDOWS\SoundMan.exe 2007-04-02 20:37 60,288 --a------ C:\WINDOWS\system32\drivers\drmk.sys 2007-04-02 20:37 4,353,024 -r------- C:\WINDOWS\system32\drivers\RtkHDAud.Sys 2007-04-02 20:37 4,096 --a------ C:\WINDOWS\system32\ksuser.dll 2007-04-02 20:37 2,879,488 -r------- C:\WINDOWS\SkyTel.exe 2007-04-02 20:37 2,158,592 -r------- C:\WINDOWS\MicCal.exe 2007-04-02 20:37 16,261,632 -r------- C:\WINDOWS\RTHDCPL.exe 2007-04-02 20:33 4,716 --a------ C:\WINDOWS\gdrv.sys 2007-04-02 20:30 306,688 --a------ C:\WINDOWS\IsUninst.exe 2007-04-02 20:30 248,192 --a------ C:\WINDOWS\system32\drivers\yk51x86.sys 2007-04-02 20:30 d-------- C:\Program Files\GIGABYTE 2007-04-02 20:18 6,912 -ra------ C:\WINDOWS\system32\drivers\JGOGO.sys 2007-04-02 20:18 41,728 -ra------ C:\WINDOWS\system32\drivers\jraid.sys 2007-04-02 20:18 356,352 -r------- C:\WINDOWS\system32\JMRaidTool.exe 2007-04-02 20:18 139,264 -r------- C:\WINDOWS\system32\JMRaidAPI.dll 2007-04-02 20:18 d-------- C:\WINDOWS\JM 2007-04-02 19:49 d-------- C:\Program Files\Realtek 2007-04-02 19:47 d--h----- C:\Program Files\InstallShield Installation Information 2007-04-02 19:35 487,424 -r------- C:\WINDOWS\RtlExUpd.dll 2007-04-02 19:31 d-------- C:\Program Files\Intel 2007-04-02 19:25 d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\NVIDIA 2007-04-02 18:54 208,896 --a------ C:\WINDOWS\system32\NVUNINST.EXE 2007-04-02 18:54 208,896 --a------ C:\WINDOWS\system32
vudisp.exe 2007-04-02 18:54 d-------- C:\WINDOWS
view 2007-04-02 18:54 d-------- C:\Program Files\Common Files\InstallShield 2007-04-02 18:50 d-------- C:\WINDOWS\SoftwareDistribution 2007-04-02 18:50 d-------- C:\WINDOWS\Prefetch 2007-04-02 18:43 999,424 --a------ C:\WINDOWS\system32\wmvdmoe2.dll 2007-04-02 18:43 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys 2007-04-02 18:43 937,984 --------- C:\WINDOWS\system32\winbrand.dll 2007-04-02 18:43 936,960 --a------ C:\WINDOWS\system32\wmspdmoe.dll 2007-04-02 18:43 9,728 --------- C:\WINDOWS\system32\comsdupd.exe

GBAMinh · Answer

2007-04-02 18:43 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll2007-04-02 18:43 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll2007-04-02 18:43 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll2007-04-02 18:43 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll2007-04-02 18:43 81,920 --------- C:\WINDOWS\system32\ieencode.dll2007-04-02 18:43 81,408 --------- C:\WINDOWS\system32\wscsvc.dll2007-04-02 18:43 8,192 --------- C:\WINDOWS\system32\smbinst.exe2007-04-02 18:43 8,192 --------- C:\WINDOWS\system32\bitsprx2.dll2007-04-02 18:43 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys2007-04-02 18:43 75,776 --------- C:\WINDOWS\system32\strmfilt.dll2007-04-02 18:43 73,832 --------- C:\WINDOWS\system32\slcoinst.dll2007-04-02 18:43 73,796 --------- C:\WINDOWS\system32\slserv.exe2007-04-02 18:43 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys2007-04-02 18:43 71,680 --------- C:\WINDOWS\system32\blastcln.exe2007-04-02 18:43 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys2007-04-02 18:43 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll2007-04-02 18:43 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll2007-04-02 18:43 7,168 --a------ C:\WINDOWS\system32\hccoin.dll2007-04-02 18:43 7,168 --------- C:\WINDOWS\system32\kbdukx.dll2007-04-02 18:43 7,168 --------- C:\WINDOWS\system32\kbdno1.dll2007-04-02 18:43 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll2007-04-02 18:43 7,168 --------- C:\WINDOWS\system32\bitsprx3.dll2007-04-02 18:43 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys2007-04-02 18:43 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys2007-04-02 18:43 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys2007-04-02 18:43 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys2007-04-02 18:43 60,416 --------- C:\WINDOWS\system32\fwcfg.dll2007-04-02 18:43 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll2007-04-02 18:43 6,656 --------- C:\WINDOWS\system32\kbdinben.dll2007-04-02 18:43 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll2007-04-02 18:43 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll2007-04-02 18:43 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll2007-04-02 18:43 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys2007-04-02 18:43 59,648 --------- C:\WINDOWS\system32\driversfcomm.sys2007-04-02 18:43 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys2007-04-02 18:43 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys2007-04-02 18:43 531,192 --a------ C:\WINDOWS\system32\wmspdmod.dll2007-04-02 18:43 526,848 --------- C:\WINDOWS\system32\p2psvc.dll2007-04-02 18:43 52,224 --a------ C:\WINDOWS\system32\mspmsnsv.dll2007-04-02 18:43 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys2007-04-02 18:43 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll2007-04-02 18:43 50,688 --------- C:\WINDOWS\system32\btpanui.dll2007-04-02 18:43 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll2007-04-02 18:43 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll2007-04-02 18:43 49,152 --------- C:\WINDOWS\system32\powercfg.exe2007-04-02 18:43 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll2007-04-02 18:43 465,176 --a------ C:\WINDOWS\system32\wuapi.dll2007-04-02 18:43 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys2007-04-02 18:43 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys2007-04-02 18:43 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys2007-04-02 18:43 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys2007-04-02 18:43 44,032 --------- C:\WINDOWS\system32	wext.dll2007-04-02 18:43 438,784 --------- C:\WINDOWS\system32\xpob2res.dll2007-04-02 18:43 43,008 --------- C:\WINDOWS\system32\drivers\amdagp.sys2007-04-02 18:43 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys2007-04-02 18:43 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys2007-04-02 18:43 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys2007-04-02 18:43 41,240 --a------ C:\WINDOWS\system32\wups.dll2007-04-02 18:43 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys2007-04-02 18:43 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys2007-04-02 18:43 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys2007-04-02 18:43 4,496,128 --a------ C:\WINDOWS\system32
v4_disp.dll2007-04-02 18:43 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll2007-04-02 18:43 4,096 --------- C:\WINDOWS\system32\dsprpres.dll2007-04-02 18:43 397,056 --------- C:\WINDOWS\system32\s3gnb.dll2007-04-02 18:43 384,512 --------- C:\WINDOWS\system32\mp4sdmod.dll2007-04-02 18:43 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys2007-04-02 18:43 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll2007-04-02 18:43 37,376 --------- C:\WINDOWS\system32\drivers\amdk7.sys2007-04-02 18:43 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys2007-04-02 18:43 36,096 --------- C:\WINDOWS\system32\drivers\intelppm.sys2007-04-02 18:43 351,232 --------- C:\WINDOWS\system32\winhttp.dll2007-04-02 18:43 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys2007-04-02 18:43 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys2007-04-02 18:43 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys2007-04-02 18:43 32,866 --------- C:\WINDOWS\system32\slrundll.exe2007-04-02 18:43 32,866 --------- C:\WINDOWS\slrundll.exe2007-04-02 18:43 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll2007-04-02 18:43 32,768 --------- C:\WINDOWS\system32\asr_pfu.exe2007-04-02 18:43 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll2007-04-02 18:43 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll2007-04-02 18:43 310,272 --------- C:\WINDOWS\system32\mp43dmod.dll2007-04-02 18:43 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys2007-04-02 18:43 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys2007-04-02 18:43 30,208 --------- C:\WINDOWS\system32\bthserv.dll2007-04-02 18:43 30,080 --------- C:\WINDOWS\system32\driversndismpx.sys2007-04-02 18:43 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll2007-04-02 18:43 3,958,496 --a------ C:\WINDOWS\system32\drivers
v4_mini.sys2007-04-02 18:43 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll2007-04-02 18:43 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll2007-04-02 18:43 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll2007-04-02 18:43 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll2007-04-02 18:43 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll2007-04-02 18:43 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll2007-04-02 18:43 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys2007-04-02 18:43 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll2007-04-02 18:43 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys2007-04-02 18:43 286,792 --------- C:\WINDOWS\system32\slextspk.dll2007-04-02 18:43 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys2007-04-02 18:43 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys2007-04-02 18:43 270,848 --------- C:\WINDOWS\system32\sbe.dll2007-04-02 18:43 262,784 --------- C:\WINDOWS\system32\drivers\http.sys2007-04-02 18:43 26,624 --a------ C:\WINDOWS\system32\drivers\usbehci.sys2007-04-02 18:43 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys2007-04-02 18:43 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys2007-04-02 18:43 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys2007-04-02 18:43 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll2007-04-02 18:43 24,576 --------- C:\WINDOWS\system32\httpapi.dll2007-04-02 18:43 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll2007-04-02 18:43 23,040 --a------ C:\WINDOWS\system32\fltmc.exe2007-04-02 18:43 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll2007-04-02 18:43 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys2007-04-02 18:43 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys2007-04-02 18:43 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys2007-04-02 18:43 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll2007-04-02 18:43 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll2007-04-02 18:43 20,992 --------- C:\WINDOWS\system32\bthci.dll2007-04-02 18:43 20,480 --------- C:\WINDOWS\system32\encapi.dll2007-04-02 18:43 2,113,536 --------- C:\WINDOWS\system32\dxdiagn.dll2007-04-02 18:43 194,328 --a------ C:\WINDOWS\system32\wuaueng1.dll2007-04-02 18:43 193,024 --------- C:\WINDOWS\system32\fsquirt.exe2007-04-02 18:43 188,508 --------- C:\WINDOWS\system32\slgen.dll2007-04-02 18:43 187,392 --------- C:\WINDOWS\system32\xpsp1res.dll2007-04-02 18:43 186,368 --------- C:\WINDOWS\system32\encdec.dll2007-04-02 18:43 180,360 --------- C:\WINDOWS\system32\drivers
tmtlfax.sys2007-04-02 18:43 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys2007-04-02 18:43 173,536 --a------ C:\WINDOWS\system32\wuweb.dll2007-04-02 18:43 172,312 --a------ C:\WINDOWS\system32\wuauclt1.exe2007-04-02 18:43 17,408 --------- C:\WINDOWS\system32\winshfhc.dll2007-04-02 18:43 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll2007-04-02 18:43 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys2007-04-02 18:43 168,448 --------- C:\WINDOWS\system32\wmerror.dll2007-04-02 18:43 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys2007-04-02 18:43 16,896 --a------ C:\WINDOWS\system32\fltlib.dll2007-04-02 18:43 159,232 --------- C:\WINDOWS\system32\sbeio.dll2007-04-02 18:43 150,016 --a------ C:\WINDOWS\system32\wmidx.dll2007-04-02 18:43 15,872 --------- C:\WINDOWS\system32\w3ssl.dll2007-04-02 18:43 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys2007-04-02 18:43 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll2007-04-02 18:43 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys2007-04-02 18:43 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys2007-04-02 18:43 14,336 --------- C:\WINDOWS\system32\auditusr.exe2007-04-02 18:43 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll2007-04-02 18:43 134,656 --------- C:\WINDOWS\system32\mssap.dll2007-04-02 18:43 13,824 --------- C:\WINDOWS\system32\wscntfy.exe2007-04-02 18:43 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys2007-04-02 18:43 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys2007-04-02 18:43 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll2007-04-02 18:43 13,776 --------- C:\WINDOWS\system32\driversecagent.sys2007-04-02 18:43 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys2007-04-02 18:43 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys2007-04-02 18:43 129,536 --------- C:\WINDOWS\system32\xmlprov.dll2007-04-02 18:43 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys2007-04-02 18:43 127,256 --a------ C:\WINDOWS\system32\wucltui.dll2007-04-02 18:43 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys2007-04-02 18:43 12,800 --------- C:\WINDOWS\system32\spiisupd.exe2007-04-02 18:43 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys2007-04-02 18:43 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys2007-04-02 18:43 12,416 --------- C:\WINDOWS\system32\drivers	unmp.sys2007-04-02 18:43 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys2007-04-02 18:43 118,784 --------- C:\WINDOWS\system32\msdadiag.dll2007-04-02 18:43 116,224 --------- C:\WINDOWS\system32\p2p.dll2007-04-02 18:43 114,688 --------- C:\WINDOWS\system32\wmpasf.dll2007-04-02 18:43 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys2007-04-02 18:43 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys2007-04-02 18:43 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys2007-04-02 18:43 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys2007-04-02 18:43 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys2007-04-02 18:43 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll2007-04-02 18:43 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll2007-04-02 18:43 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys2007-04-02 18:43 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys2007-04-02 18:43 108,032 --------- C:\WINDOWS\system32\wshbth.dll2007-04-02 18:43 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys2007-04-02 18:43 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys2007-04-02 18:43 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys2007-04-02 18:43 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll2007-04-02 18:43 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll2007-04-02 18:43 1,689,088 --------- C:\WINDOWS\system32\d3d9.dll2007-04-02 18:43 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys2007-04-02 18:43 1,116,160 --a------ C:\WINDOWS\system32\wmsdmoe2.dll2007-04-02 18:43 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys2007-04-02 18:43 d-------- C:\WINDOWS\provisioning 2007-04-02 18:43 d-------- C:\WINDOWS\peernet 2007-04-02 18:42 d-------- C:\WINDOWS\ServicePackFiles 2007-04-02 18:41 22,752 --a------ C:\WINDOWS\system32\spupdsvc.exe 2007-04-02 18:41 2,897,920 --------- C:\WINDOWS\system32\xpsp2res.dll 2007-04-02 18:41 d-------- C:\WINDOWS\system32\ReinstallBackups 2007-04-02 18:40 d-------- C:\WINDOWS\EHome 2007-04-02 18:32 d-------- C:\DOCUME~1\Terry\APPLIC~1\Microsoft Web Folders 2007-04-02 18:10 2,359,296 --ah----- C:\DOCUME~1\Terry
tuser.dat 2007-04-02 18:10 d--hs---- C:\WINDOWS\Installer 2007-04-02 18:08 233,472 --a------ C:\DOCUME~1\NETWOR~1\NTUSER.DAT 2007-04-02 18:08 233,472 --a------ C:\DOCUME~1\LOCALS~1\NTUSER.DAT 2007-04-02 18:08 d--hs---- C:\System Volume Information 2007-04-02 17:59 233,472 ---h----- C:\DOCUME~1\DEFAUL~1\NTUSER.DAT 2007-04-02 17:59 112,128 --a------ C:\WINDOWS\system32\mapi32.dll 2007-04-02 17:59 0 -rahs---- C:\MSDOS.SYS 2007-04-02 17:59 0 -rahs---- C:\IO.SYS 2007-04-02 17:59 0 --a------ C:\CONFIG.SYS 2007-04-02 17:59 0 --a------ C:\AUTOEXEC.BAT 2007-04-02 17:59 d-------- C:\WINDOWS\system32\xircom 2007-04-02 17:59 d-------- C:\Program Files\microsoft frontpage 2007-04-02 17:58 dr------- C:\WINDOWS\Offline Web Pages 2007-04-02 17:58 d--hs---- C:\DOCUME~1\ALLUSE~1\DRM 2007-04-02 17:58 d---s---- C:\WINDOWS\Downloaded Program Files 2007-04-02 17:58 d-------- C:\WINDOWS\system32\Macromed 2007-04-02 17:58 d-------- C:\WINDOWS\system32\DirectX 2007-04-02 17:58 d-------- C:\WINDOWS\srchasst 2007-04-02 17:57 45,568 --a------ C:\WINDOWS\system32\safrslv.dll 2007-04-02 17:57 43,520 --a------ C:\WINDOWS\system32\safrcdlg.dll 2007-04-02 17:57 43,520 --a------ C:\WINDOWS\system32acpldlg.dll

bamajim · Answer

GBAMinh   You can post one half of the log in one reply. And the other half in a second reply   bamajim   Graduate of MRU CastleCops  Instructor

GBAMinh · Answer

and a prohibited item remove the dash to make the word.exe 2007-04-02 17:54 56,832 --a------ C:\WINDOWS\system32\s-ol.exe

GBAMinh · Answer

2007-04-02 17:57 382,464 --a------ C:\WINDOWS\system32\qmgr.dll2007-04-02 17:57 29,696 --a------ C:\WINDOWS\system32\safrdm.dll2007-04-02 17:57 18,944 --a------ C:\WINDOWS\system32\qmgrprxy.dll2007-04-02 17:57 11,264 --a------ C:\WINDOWS\system32\atrace.dll2007-04-02 17:57 d-------- C:\Program Files\Movie Maker 2007-04-02 17:56 81,920 --a------ C:\WINDOWS\system32\isign32.dll 2007-04-02 17:56 81,920 --a------ C:\WINDOWS\system32\ils.dll 2007-04-02 17:56 73,728 --a------ C:\WINDOWS\system32\icwdial.dll 2007-04-02 17:56 73,472 --a------ C:\WINDOWS\system32\drivers\sr.sys 2007-04-02 17:56 69,632 --a------ C:\WINDOWS\system32\msconf.dll 2007-04-02 17:56 679,424 --a------ C:\WINDOWS\system32\inetcomm.dll 2007-04-02 17:56 67,584 --a------ C:\WINDOWS\system32\srclient.dll 2007-04-02 17:56 65,536 --a------ C:\WINDOWS\system32\icwphbk.dll 2007-04-02 17:56 64,512 --a------ C:\WINDOWS\system32\acctres.dll 2007-04-02 17:56 48,128 --a------ C:\WINDOWS\system32\inetres.dll 2007-04-02 17:56 34,560 --a------ C:\WINDOWS\system32\mnmdd.dll 2007-04-02 17:56 32,768 --a------ C:\WINDOWS\system32\mnmsrvc.exe 2007-04-02 17:56 32,768 --a------ C:\WINDOWS\system32\isrdbg32.dll 2007-04-02 17:56 28,672 --a------ C:\WINDOWS\system32
mmkcert.dll 2007-04-02 17:56 274,944 --a------ C:\WINDOWS\system32\mstask.dll 2007-04-02 17:56 274,432 --a------ C:\WINDOWS\system32\inetcfg.dll 2007-04-02 17:56 252,928 --a------ C:\WINDOWS\system32\msoeacct.dll 2007-04-02 17:56 239,104 --a------ C:\WINDOWS\system32\srrstr.dll 2007-04-02 17:56 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll 2007-04-02 17:56 170,496 --a------ C:\WINDOWS\system32\srsvc.dll 2007-04-02 17:56 16,384 --a------ C:\WINDOWS\system32\icfgnt5.dll 2007-04-02 17:56 12,288 --a------ C:\WINDOWS\system32
mevtmsg.dll 2007-04-02 17:56 12,288 --a------ C:\WINDOWS\system32\mstinit.exe 2007-04-02 17:56 105,984 --a------ C:\WINDOWS\system32\msoert2.dll 2007-04-02 17:56 d---s---- C:\WINDOWS\Tasks 2007-04-02 17:56 d-------- C:\WINDOWS\system32\Restore 2007-04-02 17:56 d-------- C:\WINDOWS\PCHEALTH 2007-04-02 17:56 d-------- C:\Program Files\Common Files\MSSoap 2007-04-02 17:55 73,216 --a------ C:\WINDOWS\system32\avwav.dll 2007-04-02 17:55 5,632 --a------ C:\WINDOWS\system32\write.exe 2007-04-02 17:55 44,544 --a------ C:\WINDOWS\system32\hticons.dll 2007-04-02 17:55 35,328 --a------ C:\WINDOWS\system32\winchat.exe 2007-04-02 17:55 347,136 --a------ C:\WINDOWS\system32\hypertrm.dll 2007-04-02 17:55 227,840 --a------ C:\WINDOWS\system32\avtapi.dll 2007-04-02 17:55 21,640 --a------ C:\WINDOWS\system32\emptyregdb.dat 2007-04-02 17:55 183,808 --a------ C:\WINDOWS\system32\accwiz.exe 2007-04-02 17:55 16,384 --a------ C:\WINDOWS\system32\avmeter.dll 2007-04-02 17:55 138,752 --a------ C:\WINDOWS\system32\sndvol32.exe 2007-04-02 17:55 131,584 --a------ C:\WINDOWS\system32\sndrec32.exe 2007-04-02 17:55 123,392 --a------ C:\WINDOWS\system32\mplay32.exe 2007-04-02 17:55 d--h----- C:\Program Files\WindowsUpdate 2007-04-02 17:55 d-------- C:\WINDOWS\Registration 2007-04-02 17:55 d-------- C:\Program Files\Windows NT 2007-04-02 17:55 d-------- C:\Program Files\Online Services 2007-04-02 17:55 d-------- C:\Program Files\MSN Gaming Zone 2007-04-02 17:55 d-------- C:\Program Files\Messenger 2007-04-02 17:54 97,792 --a------ C:\WINDOWS\system32\comrepl.dll 2007-04-02 17:54 956,416 --a------ C:\WINDOWS\system32\msdtctm.dll 2007-04-02 17:54 93,696 --a------ C:\WINDOWS\system32	scfgwmi.dll 2007-04-02 17:54 91,136 --a------ C:\WINDOWS\system32\mtxoci.dll 2007-04-02 17:54 9,728 --a------ C:\WINDOWS\system32eset.exe 2007-04-02 17:54 87,176 --a------ C:\WINDOWS\system32dpwsx.dll 2007-04-02 17:54 85,504 --a------ C:\WINDOWS\system32\catsrvps.dll 2007-04-02 17:54 80,384 --a------ C:\WINDOWS\system32\charmap.exe 2007-04-02 17:54 67,072 --a------ C:\WINDOWS\system32dshost.exe 2007-04-02 17:54 655,360 --a------ C:\WINDOWS\system32\mstscax.dll 2007-04-02 17:54 625,152 --a------ C:\WINDOWS\system32\catsrvut.dll 2007-04-02 17:54 62,464 --a------ C:\WINDOWS\system32dpclip.exe 2007-04-02 17:54 605,696 --a------ C:\WINDOWS\system32\getuname.dll 2007-04-02 17:54 60,416 --a------ C:\WINDOWS\system32emotepg.dll 2007-04-02 17:54 60,416 --a------ C:\WINDOWS\system32\colbact.dll 2007-04-02 17:54 6,656 --a------ C:\WINDOWS\system32\wuauserv.dll 2007-04-02 17:54 6,144 --a------ C:\WINDOWS\system32\msdtc.exe 2007-04-02 17:54 58,880 --a------ C:\WINDOWS\system32\msdtclog.dll 2007-04-02 17:54 58,880 --a------ C:\WINDOWS\system32\licwmi.dll 2007-04-02 17:54 56,320 --a------ C:\WINDOWS\system32\servdeps.dll 2007-04-02 17:54 55,296 --a------ C:\WINDOWS\system32\freecell.exe 2007-04-02 17:54 540,160 --a------ C:\WINDOWS\system32\comuid.dll 2007-04-02 17:54 54,272 --a------ C:\WINDOWS\system32\stclient.dll 2007-04-02 17:54 538,624 --a------ C:\WINDOWS\system32\spider.exe 2007-04-02 17:54 5,120 --a------ C:\WINDOWS\system32\dcomcnfg.exe 2007-04-02 17:54 498,688 --a------ C:\WINDOWS\system32\clbcatq.dll 2007-04-02 17:54 44,544 --a------ C:\WINDOWS\system32	scupgrd.exe 2007-04-02 17:54 426,496 --a------ C:\WINDOWS\system32\msdtcprx.dll 2007-04-02 17:54 407,552 --a------ C:\WINDOWS\system32\mstsc.exe 2007-04-02 17:54 40,840 --a------ C:\WINDOWS\system32\drivers	ermdd.sys 2007-04-02 17:54 4,096 --a------ C:\WINDOWS\system32dpcfgex.dll 2007-04-02 17:54 4,096 --a------ C:\WINDOWS\system32\mtxex.dll 2007-04-02 17:54 38,912 --a------ C:\WINDOWS\system32\cfgbkend.dll 2007-04-02 17:54 343,040 --a------ C:\WINDOWS\system32\mspaint.exe 2007-04-02 17:54 33,792 --a------ C:\WINDOWS\system32egini.exe 2007-04-02 17:54 295,424 --a------ C:\WINDOWS\system32	ermsrv.dll 2007-04-02 17:54 25,600 --a------ C:\WINDOWS\system32\comaddin.dll 2007-04-02 17:54 25,088 --a------ C:\WINDOWS\system32\mtxlegih.dll 2007-04-02 17:54 225,792 --a------ C:\WINDOWS\system32\catsrv.dll 2007-04-02 17:54 22,016 --a------ C:\WINDOWS\system32\qwinsta.exe 2007-04-02 17:54 21,896 --a------ C:\WINDOWS\system32\drivers	dtcp.sys 2007-04-02 17:54 20,992 --a------ C:\WINDOWS\system32\msg.exe 2007-04-02 17:54 20,480 --a------ C:\WINDOWS\system32\qprocess.exe 2007-04-02 17:54 20,480 --a------ C:\WINDOWS\system32\mtxdm.dll 2007-04-02 17:54 196,864 --a------ C:\WINDOWS\system32\driversdpdr.sys 2007-04-02 17:54 19,968 --a------ C:\WINDOWS\system32dpsnd.dll 2007-04-02 17:54 185,344 --a------ C:\WINDOWS\system32\cmprops.dll 2007-04-02 17:54 17,408 --a------ C:\WINDOWS\system32\mmfutil.dll 2007-04-02 17:54 161,280 --a------ C:\WINDOWS\system32\msdtcuiu.dll 2007-04-02 17:54 16,896 --a------ C:\WINDOWS\system32	sshutdn.exe 2007-04-02 17:54 16,896 --a------ C:\WINDOWS\system32\qappsrv.exe 2007-04-02 17:54 16,384 --a------ C:\WINDOWS\system32	skill.exe 2007-04-02 17:54 15,872 --a------ C:\WINDOWS\system32winsta.exe 2007-04-02 17:54 15,872 --a------ C:\WINDOWS\system32\cdmodem.dll 2007-04-02 17:54 15,360 --a------ C:\WINDOWS\system32\logoff.exe 2007-04-02 17:54 147,968 --a------ C:\WINDOWS\system32dchost.dll 2007-04-02 17:54 147,456 --a------ C:\WINDOWS\system32\comsnap.dll 2007-04-02 17:54 140,800 --a------ C:\WINDOWS\system32\sessmgr.exe 2007-04-02 17:54 14,848 --a------ C:\WINDOWS\system32	sdiscon.exe 2007-04-02 17:54 14,848 --a------ C:\WINDOWS\system32	scon.exe 2007-04-02 17:54 14,848 --a------ C:\WINDOWS\system32\shadow.exe 2007-04-02 17:54 139,528 --a------ C:\WINDOWS\system32\driversdpwd.sys 2007-04-02 17:54 13,824 --a------ C:\WINDOWS\system32dsaddin.exe 2007-04-02 17:54 126,976 --a------ C:\WINDOWS\system32\mshearts.exe 2007-04-02 17:54 124,184 --a------ C:\WINDOWS\system32\wuauclt.exe 2007-04-02 17:54 12,040 --a------ C:\WINDOWS\system32\drivers	dpipe.sys 2007-04-02 17:54 119,808 --a------ C:\WINDOWS\system32\winmine.exe 2007-04-02 17:54 114,688 --a------ C:\WINDOWS\system32\calc.exe 2007-04-02 17:54 110,080 --a------ C:\WINDOWS\system32\clbcatex.dll 2007-04-02 17:54 11,776 --a------ C:\WINDOWS\system32\xolehlp.dll 2007-04-02 17:54 11,264 --a------ C:\WINDOWS\system32\icaapi.dll 2007-04-02 17:54 102,912 --a------ C:\WINDOWS\system32\clipbrd.exe 2007-04-02 17:54 1,343,768 --a------ C:\WINDOWS\system32\wuaueng.dll 2007-04-02 17:54 1,267,200 --a------ C:\WINDOWS\system32\comsvcs.dll 2007-04-02 17:54 1,161 --a------ C:\WINDOWS\system32\usrlogon.cmd 2007-04-02 17:54 d-------- C:\WINDOWS\system32\MsDtc 2007-04-02 17:54 d-------- C:\WINDOWS\system32\Com ((((((((((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))) 2007-04-03 14:30 12400 --a------ C:\WINDOWS\system32\drivers\secdrv.sys2007-04-03 01:47 62 --ahs---- C:\DOCUME~1\Terry\APPLIC~1\desktop.ini2007-03-17 23:43 292864 --a------ C:\WINDOWS\system32\winsrv.dll2007-03-09 01:36 577536 --a------ C:\WINDOWS\system32\user32.dll2007-03-09 01:36 40960 --a------ C:\WINDOWS\system32\mf3216.dll2007-03-09 01:36 281600 --a------ C:\WINDOWS\system32\gdi32.dll2007-02-06 06:17 185344 --a------ C:\WINDOWS\system32\upnphost.dll ((((((((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))  *Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects]{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversionun]'NvCplDaemon'='RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup''nwiz'='nwiz.exe /install''GBB36X Configure'='C:\WINDOWS\system32\JMRaidTool.exe boot''SkyTel'='SkyTel.EXE''RTHDCPL'='RTHDCPL.EXE''Alcmtr'='ALCMTR.EXE''VGAUtil'='C:\Program Files\GigaByte\VGA Utility Manager\G-VGA.exe''NvMediaCenter'='RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit''nod32kui'='\'C:\Program Files\Eset\nod32kui.exe\' /WAITSERVICE'[HKEY_CURRENT_USER\software\microsoft\windows\currentversionun]'CTFMON.EXE'='C:\WINDOWS\system32\ctfmon.exe''MsnMsgr'='\'C:\Program Files\MSN Messenger\MsnMsgr.Exe\' /background''iPlusAgent'='\'C:\Program Files\iriver\iriver plus\iAgent.exe\''HKEY_LOCAL_MACHINE\system\currentcontrolset\control\lsa   Authentication Packages REG_MULTI_SZ    msv1_0\0\0   Security Packages REG_MULTI_SZ    kerberos\0msv1_0\0schannel\0wdigest\0\0   Notification Packages REG_MULTI_SZ    scecli\0\0 [HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Svchost]LocalService REG_MULTI_SZ    Alerter\0WebClient\0LmHosts\0RemoteRegistry\0upnphost\0SSDPSRV\0\0NetworkService REG_MULTI_SZ    DnsCache\0\0rpcss REG_MULTI_SZ    RpcSs\0\0imgsvc REG_MULTI_SZ    StiSvc\0\0termsvcs REG_MULTI_SZ    TermService\0\0HTTPFilter REG_MULTI_SZ    HTTPFilter\0\0DcomLaunch REG_MULTI_SZ    DcomLaunch\0TermService\0\0 ********************************************************************catchme 0.2 W2K/XP/Vista - userland rootkit detector by Gmer, 17 October 2006http://www.gmer.netscanning hidden processes ...scanning hidden services ...scanning hidden autostart entries ...scanning hidden files ...scan completed successfullyhidden processes: 0hidden services: 0hidden files: 0********************************************************************Completion time: 07-04-21 11:57:26C:\ComboFix-quarantined-files.txt ... 07-04-21 11:57

bamajim · Answer

GBAMinh   That's quite a lot on a PC. But I don't see anything spyware/malware related   bamajim   Graduate of MRU CastleCops  Instructor

GBAMinh · Answer

Dear, bamajim   Well that is excellent to hear, thanks for looking at that for me.  I guess i have to keep looking else where to fix these problems im having.  Thanks again.   Regards, GBAMinh

bamajim · Answer

GBAMinh   You may want to post on the XP software board here at Dell. Some of those guys are pretty sharp.   bamajim   Graduate of MRU CastleCops Instructor

Virus & Spyware

Was this post helpful?