Thank you for getting back with me! I appreciate it!
I have hackers who have installed rootkits in my system.. when I bought a new computer.. turning off lans/wans/modems/bluetooth.. all the virus/rootkits transferred to the new system.. I dont know how!
My system is highjack with visual basic stuff.. I used a program like hijackfree giving me tons of info.. I just dont know how to use it properly..
There is some type of system freeze. Where they turn my system back to a certain state. I dont know what program it is.
No one has had access to my computer.
-----------------------------
Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------
-- System Information ----------------------------------------------------------
Microsoft® Windows Vista™ Ultimate (build 6000)
Architecture: X64; Language: English
CPU 0: Intel(R) Core(TM)2 CPU 6320 @ 1.86GHz
Percentage of Memory in Use: 44%
Physical Memory (total/avail): 2037.32 MiB / 1120.81 MiB
Pagefile Memory (total/avail): 4296.21 MiB / 3359.7 MiB
Virtual Memory (total/avail): 4095.88 MiB / 3958.87 MiB
C: is Fixed (NTFS) - 283.2 GiB total, 266.49 GiB free.
D: is Fixed (NTFS) - 14.89 GiB total, 14.8 GiB free.
E: is CDROM (UDF)
F: is Removable (No Media)
G: is Removable (No Media)
H: is Removable (No Media)
I: is Removable (No Media)
\\.\PHYSICALDRIVE0 - ST3320620AS ATA Device - 298.09 GiB - 2 partitions
\PARTITION0 (bootable) - Installable File System - 283.2 GiB - C:
\PARTITION1 - Installable File System - 14.89 GiB - D:
\\.\PHYSICALDRIVE1 - TEAC USB HS-CF Card USB Device
\\.\PHYSICALDRIVE3 - TEAC USB HS-MS Card USB Device
\\.\PHYSICALDRIVE4 - TEAC USB HS-SD Card USB Device
\\.\PHYSICALDRIVE2 - TEAC USB HS-xD/SM USB Device
-- Security Center -------------------------------------------------------------
Windows Internal Firewall is enabled.
AS: Windows Defender v1.1.1505.0 (Microsoft Corporation)
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
[HKLM\System\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
-- Environment Variables -------------------------------------------------------
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Kevie\AppData\Roaming
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=KEVIE-PC
ComSpec=C:\Windows\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Users\Kevie
LOCALAPPDATA=C:\Users\Kevie\AppData\Local
LOGONSERVER=\\KEVIE-PC
NUMBER_OF_PROCESSORS=2
OS=Windows_NT
Path=C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=EM64T Family 6 Model 15 Stepping 6, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=0f06
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PROMPT=$P$G
PUBLIC=C:\Users\Public
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\Kevie\AppData\Local\Temp
TMP=C:\Users\Kevie\AppData\Local\Temp
USERDOMAIN=Kevie-PC
USERNAME=Kevie
USERPROFILE=C:\Users\Kevie
windir=C:\Windows
-- User Profiles ---------------------------------------------------------------
Kevie
-- Add/Remove Programs ---------------------------------------------------------
Adobe Flash Player 9 ActiveX --> C:\Windows\system32\Macromed\Flash\FlashUtil9c.exe -uninstallUnlock
Adobe Flash Player Plugin --> C:\Windows\SysWOW64\Macromed\Flash\uninstall_plugin.exe
AIM Pro --> MsiExec.exe /X{D3A04D2F-28C4-4D9C-8487-DAB75992AE09}
deskPDF 2.5 Standard Edition --> "C:\Program Files (x86)\Docudesk\deskPDF\unins000.exe"
Docudesk GPL Ghostscript 8.15 --> "C:\Program Files (x86)\Docudesk\GPL Ghostscript\unins000.exe"
eFax Messenger 4.3 --> C:\Program Files (x86)\eFax Messenger 4.3\Uninstall.exe
Foxit Editor --> MsiExec.exe /I{0B143533-B58A-48D6-B972-1187F398FC63}
Mozilla Firefox (2.0.0.
--> C:\Program Files (x86)\Mozilla Firefox\uninstall\helper.exe
-- Application Event Log -------------------------------------------------------
Event Record #/Type181 / Error
Event Submitted/Written: 10/20/2007 09:26:25 AM
Event ID/Source: 1000 / Application Error
Event Description:
Faulting application iexplore.exe, version 7.0.6000.16386, time stamp 0x4549b133, faulting module Flash9d.ocx, version 9.0.47.0, time stamp 0x466daac0, exception code 0xc0000005, fault offset 0x00187d7b,
process id 0x66c, application start time 0xiexplore.exe0.
Event Record #/Type166 / Warning
Event Submitted/Written: 10/20/2007 05:37:39 AM
Event ID/Source: 6006 / Wlclntfy
Event Description:
The winlogon notification subscriber <TrustedInstaller> took 115 second(s) to handle the notification event (CreateSession).
Event Record #/Type157 / Warning
Event Submitted/Written: 10/20/2007 05:36:44 AM
Event ID/Source: 6005 / Wlclntfy
Event Description:
The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).
Event Record #/Type152 / Success
Event Submitted/Written: 10/20/2007 05:35:47 AM
Event ID/Source: 5617 / WinMgmt
Event Description:
Event Record #/Type150 / Success
Event Submitted/Written: 10/20/2007 05:35:42 AM
Event ID/Source: 902 / Software Licensing Service
Event Description:
The Software Licensing service has started.
-- Security Event Log ----------------------------------------------------------
No Errors/Warnings found.
-- System Event Log ------------------------------------------------------------
Event Record #/Type6170 / Warning
Event Submitted/Written: 10/20/2007 00:17:39 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{EE0596D3-6EF9-4050-B50D-7D30D292313A}Kevie-PCKevieS-1-5-21-558279349-1058300214-961749347-1000Unknown%%832service:xpdt0%%807
Event Record #/Type6169 / Warning
Event Submitted/Written: 10/20/2007 00:17:39 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{502E0632-2F7C-489D-81B9-0886115522D8}Kevie-PCKevieS-1-5-21-558279349-1058300214-961749347-1000Unknown%%832driver:xpdt0%%807
Event Record #/Type6168 / Warning
Event Submitted/Written: 10/20/2007 00:17:39 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{9487A100-BC80-43A7-8DA9-63826643F398}Kevie-PCKevieS-1-5-21-558279349-1058300214-961749347-1000Unknown%%832driver:huy320%%807
Event Record #/Type6167 / Warning
Event Submitted/Written: 10/20/2007 00:17:37 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{69F2304F-6124-4D77-B441-4D7C061FC4CB}Kevie-PCKevieS-1-5-21-558279349-1058300214-961749347-1000Unknown%%832service:lzx320%%807
Event Record #/Type6166 / Warning
Event Submitted/Written: 10/20/2007 00:17:37 PM
Event ID/Source: 3004 / WinDefend
Event Description:
%%8271.1.1505.0{CC4EDF65-3AAA-46F5-B76D-FD66E78EAE84}Kevie-PCKevieS-1-5-21-558279349-1058300214-961749347-1000Unknown%%832service:huy320%%807
-- End of Deckard's System Scanner: finished at 2007-10-20 12:17:45 ------------
Deckard's System Scanner v20071014.68
Run by Kevie on 2007-10-23 22:58:12
Computer is in Normal Mode.
--------------------------------------------------------------------------------
-- HijackThis (run as Kevie.exe) -----------------------------------------------
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:58:18 PM, on 10/23/2007
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16386)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
C:\Program Files (x86)\Common Files\AOL\1193098959\ee\aolsoftware.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Internet Explorer\IEUser.exe
C:\Program Files (x86)\Common Files\Real\Update_OB\realsched.exe
C:\Users\Kevie\Desktop\dss(2).exe
C:\PROGRA~2\TRENDM~1\HIJACK~1\Kevie.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: Shell=C:\WINDOWS\EXPLORER.EXE
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O4 - HKLM\..\Run: [RegRun WinBait] C:\Windows\winbait.exe
O4 - HKLM\..\Run: [@RegRunOnSecure] C:\PROGRA~2\Greatis\REGRUN~1\OnSecure.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Regrun2] C:\PROGRA~2\Greatis\REGRUN~1\WatchDog.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User '?')
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~2\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User '?')
O4 - HKUS\S-1-5-21-558279349-1058300214-961749347-1000\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe (User '?')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~2\Grisoft\AVG7\avgw.exe /RUNONCE (User '?')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~2\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: QuickBooks Update Agent.lnk = C:\Program Files (x86)\Common Files\Intuit\QuickBooks\QBUpdate\qbupdate.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG7 Resident Shield Service (AvgCoreSvc) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgrssvc.exe
O23 - Service: AVG Firewall Service (AVGFw2kv) - GRISOFT, s.r.o. - C:\PROGRA~2\Grisoft\AVG7\avgfw2kv.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ManageEngine Security Manager Plus (Security Manager Plus) - Unknown owner - C:\AdventNet\SecurityManager\bin\wrapper.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 7028 bytes
-- Files created between 2007-09-23 and 2007-10-23 -----------------------------
2007-10-23 22:42:12 0 d-------- C:\Program Files (x86)\MSXML 4.0
2007-10-23 22:04:38 22528 --a------ C:\Windows\system32\Partizan.exe <Not Verified; Greatis Software; RegRun Security Suite>
2007-10-23 22:04:38 31170 --a------ C:\Windows\system32\drivers\Partizan.sys <Not Verified; Greatis Software; RegRun Security Suite>
2007-10-23 21:18:45 0 d-------- C:\Program Files (x86)\DesktopCentral
2007-10-23 21:15:21 32512 --a------ C:\Windows\system32\drivers\npf.sys <Not Verified; CACE Technologies; WinPcap Netgroup Packet Filter Driver>
2007-10-23 21:14:33 0 d--h----- C:\Program Files (x86)\InstallShield Installation Information
2007-10-23 21:14:33 0 d-------- C:\AdventNet
2007-10-23 19:25:19 0 dr-h----- C:\$VAULT$.AVG
2007-10-23 17:30:36 0 d-------- C:\Users\Kevie\Application Data\AVG7
2007-10-23 17:29:49 0 d-------- C:\Users\All Users\avg7
2007-10-23 17:29:49 0 d-------- C:\Users\All Users\Application Data\avg7
2007-10-23 17:07:44 0 d-------- C:\Users\All Users\Grisoft
2007-10-23 17:07:44 0 d-------- C:\Users\All Users\Application Data\Grisoft
2007-10-23 16:08:21 25773 --a------ C:\Windows\system32\drivers\regguard.sys <Not Verified; Greatis Software; RegRun Security Suite>
2007-10-23 16:08:20 2 -rahs-o-t C:\Windows\winstart.bat
2007-10-23 16:04:43 16384 --a------ C:\Windows\WinBait.exe
2007-10-23 16:04:43 441856 --a------ C:\Windows\RunGuard.exe <Not Verified; Greatis Software; RegRun Security Suite>
2007-10-23 16:04:40 0 d-------- C:\Program Files (x86)\Greatis
2007-10-23 15:54:01 0 d-------- C:\RootkitNO
2007-10-23 15:43:49 0 d-a------ C:\Users\All Users\TEMP
2007-10-23 15:43:49 0 d-a------ C:\Users\All Users\Application Data\TEMP
2007-10-22 23:29:03 0 d-------- C:\SAV32CLI
2007-10-22 22:23:18 0 d-------- C:\!KillBox
2007-10-22 21:37:08 0 d-------- C:\Program Files (x86)\Safer Networking
2007-10-22 21:36:04 0 d-------- C:\Users\All Users\Spybot - Search & Destroy
2007-10-22 21:36:04 0 d-------- C:\Users\All Users\Application Data\Spybot - Search & Destroy
2007-10-22 17:24:41 0 d-------- C:\Users\Kevie\Application Data\AOL
2007-10-22 17:24:39 0 d-------- C:\Users\All Users\Macromedia
2007-10-22 17:24:39 0 d-------- C:\Users\All Users\Application Data\Macromedia
2007-10-22 17:24:18 0 d-------- C:\Windows\Downloaded Installations
2007-10-22 17:23:40 0 d-------- C:\Program Files (x86)\Viewpoint
2007-10-22 17:22:38 0 d-------- C:\Users\All Users\Application Data\AOL
2007-10-22 17:22:38 0 d-------- C:\Users\All Users\AOL
2007-10-22 17:22:38 0 d-------- C:\Program Files (x86)\Common Files\aolshare
2007-10-22 17:22:38 0 d-------- C:\Program Files (x86)\Common Files\aol
2007-10-22 17:22:38 0 d-------- C:\Program Files (x86)\AOL 9.0
2007-10-22 15:30:48 1650688 --a------ C:\Windows\system32\cdintf250.dll <Not Verified; Amyuni Technologies
http://www.amyuni.com; Amyuni Common Driver Interface>
2007-10-22 15:25:59 0 d-------- C:\Program Files (x86)\Common Files\AnswerWorks 4.0
2007-10-22 15:25:02 0 d-------- C:\Users\All Users\Intuit
2007-10-22 15:25:02 0 d-------- C:\Users\All Users\Application Data\Intuit
2007-10-22 15:25:02 0 d-------- C:\Program Files (x86)\Intuit
2007-10-22 15:25:02 0 d-------- C:\Program Files (x86)\Common Files\Intuit
2007-10-22 15:19:02 0 d-------- C:\Windows\system32\URTTEMP
2007-10-22 15:18:14 0 d-------- C:\Program Files (x86)\Common Files\SWF Studio
2007-10-22 08:22:13 0 d-------- C:\Program Files (x86)\Java
2007-10-22 08:22:13 0 d-------- C:\Program Files (x86)\Common Files\Java
2007-10-21 21:55:30 0 d-------- C:\Windows\system32\x64
2007-10-21 18:09:32 0 d-------- C:\Users\All Users\Application Data\Apple Computer
2007-10-21 18:09:32 0 d-------- C:\Users\All Users\Apple Computer
2007-10-21 18:09:32 0 d-------- C:\Program Files (x86)\QuickTime
2007-10-21 18:08:56 0 d-------- C:\Users\All Users\Application Data\Apple
2007-10-21 18:08:56 0 d-------- C:\Users\All Users\Apple
2007-10-21 18:08:56 0 d-------- C:\Program Files (x86)\Apple Software Update
2007-10-21 18:01:38 0 d-------- C:\Program Files (x86)\Common Files\xing shared
2007-10-21 18:01:37 0 d-------- C:\Program Files (x86)\Real
2007-10-21 18:01:14 0 d-------- C:\Users\Kevie\Application Data\Real
2007-10-21 18:01:14 0 d-------- C:\Program Files (x86)\Common Files\Real
2007-10-21 05:47:04 0 d-------- C:\Program Files (x86)\GPLGS
2007-10-21 05:45:05 0 d-------- C:\Program Files (x86)\Acro Software
2007-10-21 04:29:32 0 d-------- C:\Program Files (x86)\a-squared HiJackFree
2007-10-20 23:25:43 0 d-------- C:\Program Files (x86)\Microsoft Works
2007-10-20 23:24:26 0 d-------- C:\Windows\PCHEALTH
2007-10-20 23:24:26 0 d-------- C:\Program Files (x86)\Microsoft.NET
2007-10-20 23:21:00 0 d-------- C:\Users\All Users\Microsoft Help
2007-10-20 23:21:00 0 d-------- C:\Users\All Users\Application Data\Microsoft Help
2007-10-20 23:20:33 0 dr-h----- C:\MSOCache
2007-10-20 23:08:31 0 d-------- C:\Users\Kevie\Application Data\Adobe
2007-10-20 23:07:08 0 d-------- C:\Users\All Users\Application Data\Adobe
2007-10-20 23:07:08 0 d-------- C:\Users\All Users\Adobe
2007-10-20 23:07:00 0 d-------- C:\Program Files (x86)\Common Files\Adobe
2007-10-20 21:03:53 0 d-------- C:\Users\Kevie\Application Data\G7PS
2007-10-20 21:03:22 0 d-------- C:\Users\All Users\G7PS
2007-10-20 21:03:22 0 d-------- C:\Users\All Users\Application Data\G7PS
2007-10-20 21:02:59 0 d-------- C:\Program Files (x86)\gs
2007-10-20 21:02:59 0 d-------- C:\Program Files (x86)\Common Files\G7PS
2007-10-20 21:02:33 0 d-------- C:\Program Files (x86)\G7PS
2007-10-20 21:01:40 0 d-------- C:\Program Files (x86)\Common Files\InstallShield
2007-10-20 21:01:39 0 d--hs---- C:\Windows\Installer
2007-10-20 14:33:29 0 d-------- C:\Program Files (x86)\WinClamAVShield
2007-10-20 14:23:14 0 d-------- C:\Program Files (x86)\Crawler
2007-10-20 14:23:02 0 d-------- C:\Users\Kevie\Application Data\Application Data
2007-10-20 13:50:58 0 d-------- C:\Users\Kevie\Application Data\Desktop Mechanic
2007-10-20 13:42:08 506368 --a------ C:\Windows\system32\msxml.dll <Not Verified; Microsoft Corporation; Microsoft XML Core Services>
2007-10-20 13:42:05 0 d-------- C:\Program Files (x86)\Desktop Maestro
2007-10-20 13:20:07 0 d-------- C:\Program Files (x86)\FileASSASSIN
2007-10-20 12:17:16 0 d-------- C:\Program Files (x86)\Trend Micro
2007-10-20 10:16:25 0 d-------- C:\Program Files (x86)\Foxit Software
2007-10-20 09:07:53 0 d-------- C:\Users\Kevie\Application Data\eFax Messenger
2007-10-20 09:07:50 0 d-------- C:\Users\All Users\eFax Messenger 4.3 Output
2007-10-20 09:07:50 0 d-------- C:\Users\All Users\Application Data\eFax Messenger 4.3 Output
2007-10-20 09:07:49 0 d-------- C:\Users\All Users\eFax Messenger 4.3 Setup
2007-10-20 09:07:49 0 d-------- C:\Users\All Users\Application Data\eFax Messenger 4.3 Setup
2007-10-20 09:07:46 0 d-------- C:\Program Files (x86)\eFax Messenger 4.3
2007-10-20 08:54:06 0 d-------- C:\Users\Kevie\Application Data\deskPDF
2007-10-20 08:52:32 0 d-------- C:\Program Files (x86)\Docudesk
2007-10-20 04:40:50 0 d-------- C:\Windows\Panther
2007-10-20 04:40:42 0 d--hs---- C:\Boot
2007-10-20 04:16:05 0 d-------- C:\Users\Kevie\Application Data\Macromedia
2007-10-20 04:15:58 0 d-------- C:\Windows\system32\Macromed
2007-10-20 04:12:05 0 d-------- C:\Users\Kevie\Application Data\acccore
2007-10-20 04:12:04 0 d-------- C:\Users\Kevie\Application Data\AIMPro
2007-10-20 04:11:04 0 d-------- C:\Users\Kevie\Application Data\Talkback
2007-10-20 04:10:24 0 d-------- C:\Program Files (x86)\Common Files\Nullsoft
2007-10-20 04:10:21 0 d-------- C:\Program Files (x86)\AIM
2007-10-20 04:10:13 0 d-------- C:\Users\Kevie\Application Data\AIM
2007-10-20 04:10:05 335 --a------ C:\Windows\nsreg.dat
2007-10-20 04:10:03 0 d-------- C:\Users\Kevie\Application Data\Mozilla
2007-10-20 04:04:27 0 d-------- C:\Users\All Users\Application Data\AOL Downloads
2007-10-20 04:04:27 0 d-------- C:\Users\All Users\AOL Downloads
2007-10-20 03:56:01 0 dr------- C:\Users\Kevie\Searches
2007-10-20 03:55:52 0 d-------- C:\Users\Kevie\Application Data\Identities
2007-10-20 03:55:48 0 dr------- C:\Users\Kevie\Contacts
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\Templates
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\Start Menu
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\SendTo
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\Recent
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\PrintHood
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\NetHood
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\My Documents
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\Local Settings
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\Cookies
2007-10-20 03:55:16 0 d--hs---- C:\Users\Kevie\Application Data
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Videos
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Saved Games
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Pictures
2007-10-20 03:55:14 3407872 --ahs---- C:\Users\Kevie\ntuser.dat
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Music
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Links
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Favorites
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Downloads
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Documents
2007-10-20 03:55:14 0 dr------- C:\Users\Kevie\Desktop
2007-10-20 03:55:14 0 d---s---- C:\Users\Kevie\Application Data\Microsoft
2007-10-20 03:55:14 0 d-------- C:\Users\Kevie\Application Data\Media Center Programs
2007-10-20 03:55:14 0 d--h----- C:\Users\Kevie\AppData
2007-10-20 03:46:29 0 d-------- C:\Windows\SoftwareDistribution
2007-10-20 03:45:38 0 d-------- C:\Windows\Debug
2007-10-20 03:45:37 0 d-------- C:\Windows\CSC
2007-10-20 03:44:29 0 d-------- C:\Windows\Prefetch
2007-10-20 03:44:13 0 d--hs---- C:\System Volume Information
-- Find3M Report ---------------------------------------------------------------
2007-10-23 21:31:03 0 d-------- C:\Users\Kevie\AppData\Roaming\AVG7
2007-10-23 21:19:41 0 d-------- C:\Users\Kevie\AppData\Roaming\Application Data
2007-10-22 17:56:25 0 d-------- C:\Users\Kevie\AppData\Roaming\AOL
2007-10-22 17:22:38 0 d-------- C:\Program Files (x86)\Common Files
2007-10-22 17:22:17 0 d-------- C:\Users\Kevie\AppData\Roaming\Mozilla
2007-10-21 18:05:55 0 d-------- C:\Users\Kevie\AppData\Roaming\Real
2007-10-20 23:08:42 0 d-------- C:\Users\Kevie\AppData\Roaming\Adobe
2007-10-20 21:03:53 0 d-------- C:\Users\Kevie\AppData\Roaming\G7PS
2007-10-20 13:50:58 0 d-------- C:\Users\Kevie\AppData\Roaming\Desktop Mechanic
2007-10-20 09:11:08 0 d-------- C:\Users\Kevie\AppData\Roaming\eFax Messenger
2007-10-20 08:54:06 0 d-------- C:\Users\Kevie\AppData\Roaming\deskPDF
2007-10-20 05:37:25 174 --ahs---- C:\Program Files (x86)\desktop.ini
2007-10-20 05:34:17 0 d-------- C:\Program Files (x86)\Windows Mail
2007-10-20 05:34:17 0 d-------- C:\Program Files (x86)\Windows Calendar
2007-10-20 04:31:22 0 d-------- C:\Users\Kevie\AppData\Roaming\AIMPro
2007-10-20 04:16:05 0 d-------- C:\Users\Kevie\AppData\Roaming\Macromedia
2007-10-20 04:12:06 0 d-------- C:\Users\Kevie\AppData\Roaming\acccore
2007-10-20 04:11:04 0 d-------- C:\Users\Kevie\AppData\Roaming\Talkback
2007-10-20 04:10:13 0 d-------- C:\Users\Kevie\AppData\Roaming\AIM
2007-10-20 03:55:52 0 d-------- C:\Users\Kevie\AppData\Roaming\Identities
2007-08-24 19:41:44 1238832 --a------ C:\Windows\system32\igmedkrn.dll
2007-08-24 19:41:44 104636 --a------ C:\Windows\system32\igmedcompkrn.dll
2007-08-24 19:39:54 2494464 --a------ C:\Windows\system32\igdumd32.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows Vista(R)>
2007-08-24 19:35:08 1585152 --a------ C:\Windows\system32\ig4dev32.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows Vista(R)>
2007-08-24 19:34:54 2408448 --a------ C:\Windows\system32\ig4icd32.dll <Not Verified; Intel Corporation; Intel Graphics Accelerator Drivers for Windows Vista(R)>
2007-08-24 19:27:42 69632 --a------ C:\Windows\system32\oemdspif.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
2007-08-24 19:26:50 204800 --a------ C:\Windows\system32\igfxdv32.dll <Not Verified; Intel Corporation; Intel(R) Common User Interface>
-- Registry Dump ---------------------------------------------------------------
-- End of Deckard's System Scanner: finished at 2007-10-23 22:58:38 ------------