If you can do me a favor, open control panel, open folder options, then select VIEW tab, go down to where it says "automaticaly search for network shares/printers" if your computer is not a server, and you do not connect to a printer or print server or remote shared hard drive via local area networking, turn this off... then scrol down to view, and place a check next to "SHOW HIDDEN AND SYSTEM FILES" then UNCHECK "HIDE EXTENSIONS OF KNOWN FILE TYPES" it may not be the exact wording but you will know it when you see it in the VIEW tab.
Click on OK, then go to C:\WINDOWS\SYSTEM32\ select from the folder view menu "arange icons by date" [edit] in windows xp I think it's called "modified" then scroll down to the bottom of the system32 folder, you should see the files listed oldest to newest, with the most recently accessed/modified/created at the very bottom. Make a list of all the file names and extensions that have been created recently or are newer than say, one or 2 weeks.

I want to see this list of file names, these may be obfuscated viruses "encrypted" by the packer and not getting Identified by the Antivirus application.

I also would like to see the same lists for the new/recent files created in C:\windows\system\ and C:\windows\
as well as C:\Documents and Settings\All Users\Application Data\wdczahsb\
And C:\Program Files\AIM\Sysfiles\

IF there are hundreds of "NEW" files in these folder, and they apear to have random file names and extensions they are probly viruses, no need to list hundreds of files, unless you can COPY/PASTE aranged by date list somehow.

Have you tried trendmicro housecall Antivirus scanner yet? probly takes AGES if you dial in, but I remember that their AV scan would catch things that AVG and bit defender didn't catch. Now it apears that they are not catching a few things on purpose, so the files remain on the drive... for "strange purposes" because conspiring minds need to know..... LOL


Do you use any adobe applications besides acrobat reader?

Do you like google-toolbar? do you like aol toolbar? If you find that you do not use these applications for anything on a daily bassis, you don't need them, unless your internet service provider only allows you access to email or login, or brows the net through their internet explorer addon, you won't need aol toolbar, or google toolbar, or googlewebaccellorator.. These extra processes can take up additional memory and may slow down your computer if you don't have alot of free resources, they can also be the source of targetted "advertisements" based on browsing habits, they may use them for their own internal advertisment placement you know, like google sponsered ads you see after searching for something.... Choice is your's on the toolbar thing.. I don't like them personally. there's enough tools built into firefox or opera to look on the internet for stuff, everything else seams to be geared towards being able to present you with personalised advertisements..

edit, removed refiebar comment, I was confusing that with searchassistant



O23 - Service: Plug and Play Device Manager ($sys$DRMServer) - Unknown owner - C:\WINDOWS\system32\$sys$filesystem\$sys$DRMServer .exe (file missing) ~this is probly digital rights managment for ipod/iphone or other mobile media player/phone etc.. If you uninstalled the application related to the mobile device, you can have hijack this fix this entry. Plug and Play Device Manager should not be showing up in hijackthis, If you are using a mobile/removable media player, you may have to re-install it's application, but I suspect those applications will be bloated and resource hogs..

Do you own/print with an epson printer? It's suspect for the printer spool driver to be copying a .tmp file to the sysem32 folder.


If it were my computer, I'd be interested in having alot of those entries disapear..


If you want to try to reduce the number of applications running at startup, go through your application list in the start menu, open up the applications, go to their tools/options/configuration menus, think of which ones you use on a daily basis, or which ones you find that you don't like at all, and are un-necessary and just taking up space and time on your computer... Then set about finding their configuration options, looking for anything that has a checkbox option to not allow the application to run when windows starts, not allow to check for shared folders/files, not allowed to check automatically for updates, and or just uninstall the ones you don't like/don't use.

It's important to remember to manually update the applications that you have elected to turn off automatic updates for.. If you don't turn off that applications automatic update, the automatic update thing will run in the background, waiting for something on the internet to say "HEY, I HAVE THE UPDATE" and this can come from ANYWHERE.. It's not safe networking...

Ideally, you should be able to log into a secure portion of the application authors website and download updates to their software..