PDA

View Full Version : i have a good laptop, running very slow defonate viruses/malware



mikeybloom123
2008-10-17, 19:31
hello i have very slow computer, it is Dell inspiron 1520

2.0ghz
2gig ram

and is running extremely slow, sometimes it will do things i didnt do, eg zoom right out on my documents and explorer, and i am at wits end

i am doing kaspersky scan and here is hijackthis below

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:30:25, on 17/10/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16711)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/SmileyCentralFWBInitialSetup1.0.1.0.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\Windows\System32\ZoneLabs\vsmon.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8194 bytes

mikeybloom123
2008-10-17, 21:06
ok for some reason it will not save the log anywere. when i click save, then check the location i saved it to, it is not there. and when i search for it with windows search it cannot be found. it said there was one threat and one suspicious activity. the threat is:

not-a-virus:AdTool.Win32.MyWebSearch.cj

thanks for any help

mikeybloom123
2008-10-22, 20:02
hello, i have sinced changed my system slightly, got rid of previous anti-virus and got AVG internet security complete suite going. I did a scan and it did find some things.

i will post a new hijack this.....

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:02:25, on 22/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/SmileyCentralFWBInitialSetup1.0.1.0.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8071 bytes

katana
2008-10-22, 21:18
Please note that all instructions given are customised for this computer only, the tools used may cause damage if used on a computer with different infections.

If you think you have similar problems, please post a log in the HJT forum and wait for help.

Hello and welcome to the forums

My name is Katana and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:
1. If you don't know, stop and ask! Don't keep going on.
2. Please reply to this thread. Do not start a new topic.
3. Please continue to respond until I give you the "All Clear"
(Just because you can't see a problem doesn't mean it isn't there)

If you can do those three things, everything should go smoothly :D

Please Note, your security programs may give warnings for some of the tools I will ask you to use.
Be assured, any links I give are safe
----------------------------------------------------------------------------------------


Download and Run RSIT

Please download Random's System Information Tool by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open:

log.txt will be opened maximized.
info.txt will be opened minimized.

Please post the contents of both log.txt and info.txt.

mikeybloom123
2008-10-24, 17:12
Logfile of random's system information tool 1.04 (written by random/random)
Run by mike at 2008-10-24 15:08:25
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 180 GB (80%) free of 225 GB
Total RAM: 2045 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09:20, on 24/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\mike\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\mike.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/SmileyCentralFWBInitialSetup1.0.1.0.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 8194 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\User_Feed_Synchronization-{8A8B8FC5-326F-4FB2-A742-3DC4622D402D}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-10-17 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - c:\Program Files\Java\jre1.6.0\bin\ssv.dll [2008-01-20 501384]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-05-23 2549368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2008-01-20 325048]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-05-23 2549368]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
""= []
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-04-28 857648]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-10-17 1235736]
"SigmatelSysTrayApp"=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-07 405504]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-10-04 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-10-04 8497696]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-10-04 81920]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2007-10-04 86016]
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe [2007-08-29 36864]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\windows sidebar\sidebar.exe [2008-01-19 1233920]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-01-20 68856]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0960dd8-43ad-11dd-895c-001d09c05999}]
shell\AutoRun\command - F:\setupSNK.exe


======List of files/folders created in the last 1 months======

2008-10-24 15:08:25 ----D---- C:\rsit
2008-10-22 13:41:23 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-22 13:37:52 ----A---- C:\Windows\system32\EncDec.dll
2008-10-22 13:37:51 ----A---- C:\Windows\system32\psisdecd.dll
2008-10-22 13:37:44 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-10-22 13:37:43 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-10-22 13:37:43 ----A---- C:\Windows\system32\gameux.dll
2008-10-22 13:16:45 ----D---- C:\PerfLogs
2008-10-20 13:15:22 ----A---- C:\Windows\system32\WSDApi.dll
2008-10-20 13:15:17 ----A---- C:\Windows\system32\TsWpfWrp.exe
2008-10-20 13:15:16 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2008-10-20 13:15:15 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2008-10-20 13:15:15 ----A---- C:\Windows\system32\PresentationHost.exe
2008-10-20 13:15:13 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2008-10-20 13:15:10 ----A---- C:\Windows\system32\msshsq.dll
2008-10-20 13:15:04 ----A---- C:\Windows\system32\infocardapi.dll
2008-10-20 13:15:03 ----A---- C:\Windows\system32\icardres.dll
2008-10-20 13:15:03 ----A---- C:\Windows\system32\icardagt.exe
2008-10-20 13:15:00 ----A---- C:\Windows\system32\umb.dll
2008-10-20 13:14:50 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2008-10-20 13:14:50 ----A---- C:\Windows\system32\PNPXAssoc.dll
2008-10-20 13:14:48 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2008-10-20 13:14:47 ----A---- C:\Windows\system32\wfapigp.dll
2008-10-20 13:14:47 ----A---- C:\Windows\system32\MPSSVC.dll
2008-10-20 13:14:46 ----A---- C:\Windows\system32\icfupgd.dll
2008-10-20 13:14:46 ----A---- C:\Windows\system32\FirewallAPI.dll
2008-10-20 13:14:43 ----A---- C:\Windows\system32\fwcfg.dll
2008-10-20 13:14:43 ----A---- C:\Windows\system32\authfwcfg.dll
2008-10-20 13:14:42 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2008-10-20 13:14:42 ----A---- C:\Windows\system32\AuthFWGP.dll
2008-10-20 13:14:29 ----A---- C:\Windows\system32\mscories.dll
2008-10-20 13:14:28 ----A---- C:\Windows\system32\mscorier.dll
2008-10-20 13:14:28 ----A---- C:\Windows\system32\mscoree.dll
2008-10-20 13:14:25 ----A---- C:\Windows\system32\dfshim.dll
2008-10-20 13:14:12 ----A---- C:\Windows\system32\NAPHLPR.DLL
2008-10-20 13:14:12 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2008-10-20 13:14:09 ----A---- C:\Windows\system32\winhttp.dll
2008-10-20 13:14:08 ----A---- C:\Windows\system32\McxDriv.dll
2008-10-20 13:14:07 ----A---- C:\Windows\system32\wpd_ci.dll
2008-10-20 13:14:07 ----A---- C:\Windows\system32\procinst.dll
2008-10-20 13:14:07 ----A---- C:\Windows\system32\dispci.dll
2008-10-20 13:14:07 ----A---- C:\Windows\system32\bthci.dll
2008-10-20 13:14:06 ----A---- C:\Windows\system32\batt.dll
2008-10-20 13:13:41 ----A---- C:\Windows\system32\zipfldr.dll
2008-10-20 13:13:40 ----A---- C:\Windows\system32\xwtpw32.dll
2008-10-20 13:13:40 ----A---- C:\Windows\system32\xwizards.dll
2008-10-20 13:13:40 ----A---- C:\Windows\system32\xmllite.dll
2008-10-20 13:13:39 ----A---- C:\Windows\system32\xcopy.exe
2008-10-20 13:13:38 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2008-10-20 13:13:38 ----A---- C:\Windows\system32\CertEnroll.dll
2008-10-20 13:13:37 ----A---- C:\Windows\system32\wusa.exe
2008-10-20 13:13:37 ----A---- C:\Windows\system32\CertEnrollUI.dll
2008-10-20 13:13:36 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2008-10-20 13:13:36 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2008-10-20 13:13:36 ----A---- C:\Windows\system32\wpdshext.dll
2008-10-20 13:13:36 ----A---- C:\Windows\system32\sfc.exe
2008-10-20 13:13:35 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2008-10-20 13:13:35 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2008-10-20 13:13:35 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-10-20 13:13:34 ----A---- C:\Windows\system32\wpdbusenum.dll
2008-10-20 13:13:34 ----A---- C:\Windows\system32\mswmdm.dll
2008-10-20 13:13:34 ----A---- C:\Windows\system32\cewmdm.dll
2008-10-20 13:13:33 ----A---- C:\Windows\system32\WMVXENCD.DLL
2008-10-20 13:13:33 ----A---- C:\Windows\system32\wkssvc.dll
2008-10-20 13:13:32 ----A---- C:\Windows\system32\WMVSENCD.DLL
2008-10-20 13:13:31 ----A---- C:\Windows\system32\WMVSDECD.DLL
2008-10-20 13:13:31 ----A---- C:\Windows\system32\VIDRESZR.DLL
2008-10-20 13:13:31 ----A---- C:\Windows\system32\COLORCNV.DLL
2008-10-20 13:13:30 ----A---- C:\Windows\system32\WMVENCOD.DLL
2008-10-20 13:13:30 ----A---- C:\Windows\system32\wmvdspa.dll
2008-10-20 13:13:30 ----A---- C:\Windows\system32\WMVDECOD.DLL
2008-10-20 13:13:29 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2008-10-20 13:13:29 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2008-10-20 13:13:22 ----A---- C:\Windows\system32\provthrd.dll
2008-10-20 13:13:18 ----A---- C:\Windows\system32\ncobjapi.dll
2008-10-20 13:13:15 ----A---- C:\Windows\system32\framedynos.dll
2008-10-20 13:13:15 ----A---- C:\Windows\system32\framedyn.dll
2008-10-20 13:13:11 ----A---- C:\Windows\system32\wbemcomn.dll
2008-10-20 13:13:02 ----A---- C:\Windows\system32\wmicmiplugin.dll
2008-10-20 13:13:02 ----A---- C:\Windows\system32\WMADMOE.DLL
2008-10-20 13:13:01 ----A---- C:\Windows\system32\WMADMOD.DLL
2008-10-20 13:13:01 ----A---- C:\Windows\system32\wlanui.dll
2008-10-20 13:12:58 ----A---- C:\Windows\system32\WlanMM.dll
2008-10-20 13:12:58 ----A---- C:\Windows\system32\wlangpui.dll
2008-10-20 13:12:57 ----A---- C:\Windows\system32\wlgpclnt.dll
2008-10-20 13:12:56 ----A---- C:\Windows\system32\WLanHC.dll
2008-10-20 13:12:56 ----A---- C:\Windows\system32\wlandlg.dll
2008-10-20 13:12:56 ----A---- C:\Windows\system32\winusb.dll
2008-10-20 13:12:55 ----A---- C:\Windows\system32\wintrust.dll
2008-10-20 13:12:54 ----A---- C:\Windows\system32\wsock32.dll
2008-10-20 13:12:54 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2008-10-20 13:12:54 ----A---- C:\Windows\system32\wship6.dll
2008-10-20 13:12:54 ----A---- C:\Windows\system32\wscmisetup.dll
2008-10-20 13:12:54 ----A---- C:\Windows\system32\winsrv.dll
2008-10-20 13:12:53 ----A---- C:\Windows\system32\winrsmgr.dll
2008-10-20 13:12:53 ----A---- C:\Windows\system32\winrshost.exe
2008-10-20 13:12:52 ----A---- C:\Windows\system32\winrscmd.dll
2008-10-20 13:12:52 ----A---- C:\Windows\system32\winrs.exe
2008-10-20 13:12:51 ----A---- C:\Windows\system32\winlogon.exe
2008-10-20 13:12:48 ----A---- C:\Windows\system32\wininit.exe
2008-10-20 13:12:47 ----A---- C:\Windows\system32\winethc.dll
2008-10-20 13:12:46 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-10-20 13:12:44 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-10-20 13:12:43 ----A---- C:\Windows\system32\wiaaut.dll
2008-10-20 13:12:43 ----A---- C:\Windows\system32\whealogr.dll
2008-10-20 13:12:43 ----A---- C:\Windows\system32\WebClnt.dll
2008-10-20 13:12:43 ----A---- C:\Windows\system32\fphc.dll
2008-10-20 13:12:40 ----A---- C:\Windows\system32\wcncsvc.dll
2008-10-20 13:12:39 ----A---- C:\Windows\system32\fdWCN.dll
2008-10-20 13:12:37 ----A---- C:\Windows\system32\waitfor.exe
2008-10-20 13:12:36 ----A---- C:\Windows\system32\audiodev.dll
2008-10-20 13:12:35 ----A---- C:\Windows\system32\WinSAT.exe
2008-10-20 13:12:31 ----A---- C:\Windows\system32\wiashext.dll
2008-10-20 13:12:31 ----A---- C:\Windows\system32\wiadss.dll
2008-10-20 13:12:31 ----A---- C:\Windows\system32\sti_ci.dll
2008-10-20 13:12:30 ----A---- C:\Windows\system32\wiaservc.dll
2008-10-20 13:12:30 ----A---- C:\Windows\system32\wiarpc.dll
2008-10-20 13:12:30 ----A---- C:\Windows\system32\wiadefui.dll
2008-10-20 13:12:30 ----A---- C:\Windows\system32\wiaacmgr.exe
2008-10-20 13:12:28 ----A---- C:\Windows\system32\wmiprop.dll
2008-10-20 13:12:27 ----A---- C:\Windows\system32\chsbrkr.dll
2008-10-20 13:12:24 ----A---- C:\Windows\system32\ws2_32.dll
2008-10-20 13:12:24 ----A---- C:\Windows\system32\wpdwcn.dll
2008-10-20 13:12:22 ----A---- C:\Windows\system32\wmpmde.dll
2008-10-20 13:12:20 ----A---- C:\Windows\system32\wcnwiz.dll
2008-10-20 13:12:19 ----A---- C:\Windows\system32\WsmWmiPl.dll
2008-10-20 13:12:19 ----A---- C:\Windows\system32\WsmSvc.dll
2008-10-20 13:12:18 ----A---- C:\Windows\system32\WsmRes.dll
2008-10-20 13:12:18 ----A---- C:\Windows\system32\WsmProv.dll
2008-10-20 13:12:18 ----A---- C:\Windows\system32\WsmCl.dll
2008-10-20 13:12:18 ----A---- C:\Windows\system32\WsmAuto.dll
2008-10-20 13:12:18 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2008-10-20 13:12:18 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2008-10-20 13:12:17 ----A---- C:\Windows\system32\winrm.vbs
2008-10-20 13:12:17 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2008-10-20 13:12:16 ----A---- C:\Windows\system32\WinSATAPI.dll
2008-10-20 13:12:16 ----A---- C:\Windows\system32\korwbrkr.dll
2008-10-20 13:12:15 ----A---- C:\Windows\system32\WPDSp.dll
2008-10-20 13:12:15 ----A---- C:\Windows\system32\WlanMmHC.dll
2008-10-20 13:12:15 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2008-10-20 13:12:14 ----A---- C:\Windows\system32\mswsock.dll
2008-10-20 13:12:13 ----A---- C:\Windows\system32\chtbrkr.dll
2008-10-20 13:12:12 ----A---- C:\Windows\system32\swprv.dll
2008-10-20 13:12:11 ----A---- C:\Windows\system32\VSSVC.exe
2008-10-20 13:12:09 ----A---- C:\Windows\system32\vss_ps.dll
2008-10-20 13:12:08 ----A---- C:\Windows\system32\vsstrace.dll
2008-10-20 13:12:08 ----A---- C:\Windows\system32\vssapi.dll
2008-10-20 13:12:07 ----A---- C:\Windows\system32\eventcls.dll
2008-10-20 13:12:06 ----A---- C:\Windows\system32\vssadmin.exe
2008-10-20 13:12:05 ----A---- C:\Windows\system32\vdsutil.dll
2008-10-20 13:12:05 ----A---- C:\Windows\system32\vdsldr.exe
2008-10-20 13:12:05 ----A---- C:\Windows\system32\vds_ps.dll
2008-10-20 13:12:05 ----A---- C:\Windows\system32\vds.exe
2008-10-20 13:12:04 ----A---- C:\Windows\system32\msvidc32.dll
2008-10-20 13:12:03 ----A---- C:\Windows\system32\version.dll
2008-10-20 13:12:03 ----A---- C:\Windows\system32\verifier.dll
2008-10-20 13:12:03 ----A---- C:\Windows\system32\msvfw32.dll
2008-10-20 13:12:03 ----A---- C:\Windows\system32\avifil32.dll
2008-10-20 13:12:02 ----A---- C:\Windows\system32\VAN.dll
2008-10-20 13:12:01 ----A---- C:\Windows\system32\vdsbas.dll
2008-10-20 13:12:00 ----A---- C:\Windows\system32\vdsdyn.dll
2008-10-20 13:11:59 ----A---- C:\Windows\system32\uxtheme.dll
2008-10-20 13:11:58 ----A---- C:\Windows\system32\Utilman.exe
2008-10-20 13:11:58 ----A---- C:\Windows\system32\usp10.dll
2008-10-20 13:11:57 ----A---- C:\Windows\system32\powrprof.dll
2008-10-20 13:11:56 ----A---- C:\Windows\system32\winnsi.dll
2008-10-20 13:11:56 ----A---- C:\Windows\system32\userinit.exe
2008-10-20 13:11:56 ----A---- C:\Windows\system32\userenv.dll
2008-10-20 13:11:56 ----A---- C:\Windows\system32\nsisvc.dll
2008-10-20 13:11:56 ----A---- C:\Windows\system32\nsi.dll
2008-10-20 13:11:55 ----A---- C:\Windows\system32\usercpl.dll
2008-10-20 13:11:54 ----A---- C:\Windows\system32\user32.dll
2008-10-20 13:11:53 ----A---- C:\Windows\system32\usbui.dll
2008-10-20 13:11:53 ----A---- C:\Windows\system32\usbperf.dll
2008-10-20 13:11:52 ----A---- C:\Windows\system32\ssdpsrv.dll
2008-10-20 13:11:51 ----A---- C:\Windows\system32\upnphost.dll
2008-10-20 13:11:51 ----A---- C:\Windows\system32\upnpcont.exe
2008-10-20 13:11:51 ----A---- C:\Windows\system32\upnp.dll
2008-10-20 13:11:50 ----A---- C:\Windows\system32\serialui.dll
2008-10-20 13:11:50 ----A---- C:\Windows\system32\modemui.dll
2008-10-20 13:11:49 ----A---- C:\Windows\system32\unbcl.dll
2008-10-20 13:11:49 ----A---- C:\Windows\system32\unattendedjoin.exe
2008-10-20 13:11:49 ----A---- C:\Windows\system32\mdminst.dll
2008-10-20 13:11:48 ----A---- C:\Windows\system32\UIAutomationCore.dll
2008-10-20 13:11:47 ----A---- C:\Windows\system32\trkwks.dll
2008-10-20 13:11:47 ----A---- C:\Windows\system32\cbsra.exe
2008-10-20 13:11:46 ----A---- C:\Windows\system32\tdh.dll
2008-10-20 13:11:46 ----A---- C:\Windows\system32\ktmw32.dll
2008-10-20 13:11:45 ----A---- C:\Windows\system32\TpmInit.exe
2008-10-20 13:11:45 ----A---- C:\Windows\system32\tbssvc.dll
2008-10-20 13:11:45 ----A---- C:\Windows\system32\tbs.dll
2008-10-20 13:11:44 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2008-10-20 13:11:43 ----A---- C:\Windows\system32\w32tm.exe
2008-10-20 13:11:43 ----A---- C:\Windows\system32\w32time.dll
2008-10-20 13:11:42 ----A---- C:\Windows\system32\thumbcache.dll
2008-10-20 13:11:42 ----A---- C:\Windows\system32\themeui.dll
2008-10-20 13:11:41 ----A---- C:\Windows\system32\TSTheme.exe
2008-10-20 13:11:41 ----A---- C:\Windows\system32\themecpl.dll
2008-10-20 13:11:39 ----A---- C:\Windows\system32\termmgr.dll
2008-10-20 13:11:37 ----A---- C:\Windows\system32\tcpipcfg.dll
2008-10-20 13:11:36 ----A---- C:\Windows\system32\netiougc.exe
2008-10-20 13:11:35 ----A---- C:\Windows\system32\ROUTE.EXE
2008-10-20 13:11:35 ----A---- C:\Windows\system32\netiohlp.dll
2008-10-20 13:11:32 ----A---- C:\Windows\system32\schedsvc.dll
2008-10-20 13:11:30 ----A---- C:\Windows\system32\taskschd.dll
2008-10-20 13:11:30 ----A---- C:\Windows\system32\taskeng.exe
2008-10-20 13:11:29 ----A---- C:\Windows\system32\taskmgr.exe
2008-10-20 13:11:28 ----A---- C:\Windows\system32\tasklist.exe
2008-10-20 13:11:28 ----A---- C:\Windows\system32\taskkill.exe
2008-10-20 13:11:27 ----A---- C:\Windows\system32\tapisrv.dll
2008-10-20 13:11:27 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2008-10-20 13:11:26 ----A---- C:\Windows\system32\wavemsp.dll
2008-10-20 13:11:25 ----A---- C:\Windows\system32\UIHub.dll
2008-10-20 13:11:25 ----A---- C:\Windows\system32\takeown.exe
2008-10-20 13:11:24 ----A---- C:\Windows\system32\SnippingTool.exe
2008-10-20 13:11:14 ----A---- C:\Windows\system32\cfgbkend.dll
2008-10-20 13:11:13 ----A---- C:\Windows\system32\termsrv.dll
2008-10-20 13:11:12 ----A---- C:\Windows\system32\mscandui.dll
2008-10-20 13:11:12 ----A---- C:\Windows\system32\input.dll
2008-10-20 13:11:10 ----A---- C:\Windows\system32\wtsapi32.dll
2008-10-20 13:11:10 ----A---- C:\Windows\system32\SessEnv.dll
2008-10-20 13:11:10 ----A---- C:\Windows\system32\remotepg.dll
2008-10-20 13:11:09 ----A---- C:\Windows\system32\rdpdd.dll
2008-10-20 13:11:08 ----A---- C:\Windows\system32\tsgqec.dll
2008-10-20 13:11:08 ----A---- C:\Windows\system32\rdpencom.dll
2008-10-20 13:11:07 ----A---- C:\Windows\system32\regapi.dll
2008-10-20 13:11:07 ----A---- C:\Windows\system32\perfts.dll
2008-10-20 13:11:07 ----A---- C:\Windows\system32\mstscax.dll
2008-10-20 13:11:07 ----A---- C:\Windows\system32\aaclient.dll
2008-10-20 13:10:58 ----A---- C:\Windows\system32\wisptis.exe
2008-10-20 13:10:55 ----A---- C:\Windows\system32\mstask.dll
2008-10-20 13:10:50 ----A---- C:\Windows\system32\winsta.dll
2008-10-20 13:10:50 ----A---- C:\Windows\system32\utildll.dll
2008-10-20 13:10:49 ----A---- C:\Windows\system32\icaapi.dll
2008-10-20 13:10:48 ----A---- C:\Windows\system32\tscupgrd.exe
2008-10-20 13:10:48 ----A---- C:\Windows\system32\mstsc.exe
2008-10-20 13:10:47 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2008-10-20 13:10:47 ----A---- C:\Windows\system32\lsm.exe
2008-10-20 13:10:46 ----A---- C:\Windows\system32\RDPENCDD.dll
2008-10-20 13:10:43 ----A---- C:\Windows\system32\rdpwsx.dll
2008-10-20 13:10:42 ----A---- C:\Windows\system32\msutb.dll
2008-10-20 13:10:41 ----A---- C:\Windows\system32\msctf.dll
2008-10-20 13:10:37 ----A---- C:\Windows\system32\softkbd.dll
2008-10-20 13:10:37 ----A---- C:\Windows\system32\msctfui.dll
2008-10-20 13:10:29 ----A---- C:\Windows\system32\taskcomp.dll
2008-10-20 13:10:28 ----A---- C:\Windows\system32\rdpcfgex.dll
2008-10-20 13:10:28 ----A---- C:\Windows\system32\msimtf.dll
2008-10-20 13:10:26 ----A---- C:\Windows\system32\mstlsapi.dll
2008-10-20 13:10:24 ----A---- C:\Windows\system32\lsmproxy.dll
2008-10-20 13:10:19 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2008-10-20 13:10:17 ----A---- C:\Windows\system32\tsddd.dll
2008-10-20 13:10:13 ----A---- C:\Windows\system32\systemcpl.dll
2008-10-20 13:10:11 ----A---- C:\Windows\system32\syssetup.dll
2008-10-20 13:10:11 ----A---- C:\Windows\system32\spopk.dll
2008-10-20 13:10:11 ----A---- C:\Windows\system32\spbcd.dll
2008-10-20 13:10:10 ----A---- C:\Windows\system32\systeminfo.exe
2008-10-20 13:10:09 ----A---- C:\Windows\system32\syncui.dll
2008-10-20 13:10:08 ----A---- C:\Windows\system32\sxstrace.exe
2008-10-20 13:10:07 ----A---- C:\Windows\system32\sxs.dll
2008-10-20 13:10:06 ----A---- C:\Windows\system32\sxsstore.dll
2008-10-20 13:10:05 ----A---- C:\Windows\system32\sud.dll
2008-10-20 13:10:03 ----A---- C:\Windows\system32\sbeio.dll
2008-10-20 13:10:02 ----A---- C:\Windows\system32\Storprop.dll
2008-10-20 13:10:02 ----A---- C:\Windows\system32\sbe.dll
2008-10-20 13:09:56 ----A---- C:\Windows\system32\vga64k.dll
2008-10-20 13:09:56 ----A---- C:\Windows\system32\vga256.dll
2008-10-20 13:09:56 ----A---- C:\Windows\system32\stobject.dll
2008-10-20 13:09:55 ----A---- C:\Windows\system32\vga.dll
2008-10-20 13:09:55 ----A---- C:\Windows\system32\framebuf.dll
2008-10-20 13:09:53 ----A---- C:\Windows\system32\sqmapi.dll
2008-10-20 13:09:51 ----A---- C:\Windows\system32\sqlcese30.dll
2008-10-20 13:09:50 ----A---- C:\Windows\system32\sqlceqp30.dll
2008-10-20 13:09:34 ----A---- C:\Windows\system32\wsnmp32.dll
2008-10-20 13:09:33 ----A---- C:\Windows\system32\inetmib1.dll
2008-10-20 13:09:31 ----A---- C:\Windows\system32\smss.exe
2008-10-20 13:09:30 ----A---- C:\Windows\system32\SmiInstaller.dll
2008-10-20 13:09:29 ----A---- C:\Windows\system32\SmiEngine.dll
2008-10-20 13:09:26 ----A---- C:\Windows\system32\srvsvc.dll
2008-10-20 13:09:24 ----A---- C:\Windows\system32\xactsrv.dll
2008-10-20 13:09:23 ----A---- C:\Windows\system32\SMBHelperClass.dll
2008-10-20 13:09:20 ----A---- C:\Windows\system32\SCardSvr.dll
2008-10-20 13:09:20 ----A---- C:\Windows\system32\certprop.dll
2008-10-20 13:09:17 ----A---- C:\Windows\system32\scksp.dll
2008-10-20 13:09:17 ----A---- C:\Windows\system32\basecsp.dll
2008-10-20 13:09:12 ----A---- C:\Windows\system32\shwebsvc.dll
2008-10-20 13:09:12 ----A---- C:\Windows\system32\shutdown.exe
2008-10-20 13:09:11 ----A---- C:\Windows\system32\shsvcs.dll
2008-10-20 13:09:10 ----A---- C:\Windows\system32\shlwapi.dll
2008-10-20 13:09:10 ----A---- C:\Windows\system32\shimgvw.dll
2008-10-20 13:09:09 ----A---- C:\Windows\system32\shgina.dll
2008-10-20 13:08:44 ----A---- C:\Windows\system32\shsetup.dll
2008-10-20 13:08:43 ----A---- C:\Windows\system32\prevhost.exe
2008-10-20 13:08:42 ----A---- C:\Windows\system32\comctl32.dll
2008-10-20 13:08:40 ----A---- C:\Windows\system32\shdocvw.dll
2008-10-20 13:08:39 ----A---- C:\Windows\system32\ipnathlp.dll
2008-10-20 13:08:39 ----A---- C:\Windows\system32\icsunattend.exe
2008-10-20 13:08:38 ----A---- C:\Windows\system32\shacct.dll
2008-10-20 13:08:38 ----A---- C:\Windows\system32\sfc_os.dll
2008-10-20 13:08:38 ----A---- C:\Windows\system32\setupcl.exe
2008-10-20 13:08:36 ----A---- C:\Windows\system32\setupapi.dll
2008-10-20 13:08:33 ----A---- C:\Windows\system32\unattend.dll
2008-10-20 13:08:33 ----A---- C:\Windows\system32\lnkstub.exe
2008-10-20 13:08:27 ----A---- C:\Windows\system32\ActionQueue.dll
2008-10-20 13:08:26 ----A---- C:\Windows\system32\sethc.exe
2008-10-20 13:08:25 ----A---- C:\Windows\system32\UI0Detect.exe
2008-10-20 13:08:23 ----A---- C:\Windows\system32\svchost.exe
2008-10-20 13:08:23 ----A---- C:\Windows\system32\osblprov.dll
2008-10-20 13:08:23 ----A---- C:\Windows\system32\osbaseln.dll
2008-10-20 13:08:22 ----A---- C:\Windows\system32\Sens.dll
2008-10-20 13:08:22 ----A---- C:\Windows\system32\sendmail.dll
2008-10-20 13:08:21 ----A---- C:\Windows\system32\wscsvc.dll
2008-10-20 13:08:21 ----A---- C:\Windows\system32\wscproxystub.dll
2008-10-20 13:08:21 ----A---- C:\Windows\system32\wscisvif.dll
2008-10-20 13:08:21 ----A---- C:\Windows\system32\wscapi.dll
2008-10-20 13:08:20 ----A---- C:\Windows\system32\syskey.exe
2008-10-20 13:08:20 ----A---- C:\Windows\system32\SecEdit.exe
2008-10-20 13:08:20 ----A---- C:\Windows\system32\schannel.dll
2008-10-20 13:08:18 ----A---- C:\Windows\system32\msv1_0.dll
2008-10-20 13:08:16 ----A---- C:\Windows\system32\slwmi.dll
2008-10-20 13:08:16 ----A---- C:\Windows\system32\netlogon.dll
2008-10-20 13:08:15 ----A---- C:\Windows\system32\slwga.dll
2008-10-20 13:08:14 ----A---- C:\Windows\system32\SLsvc.exe
2008-10-20 13:08:11 ----A---- C:\Windows\system32\slcinst.dll
2008-10-20 13:08:10 ----A---- C:\Windows\system32\kerberos.dll
2008-10-20 13:08:09 ----A---- C:\Windows\system32\wdigest.dll
2008-10-20 13:08:09 ----A---- C:\Windows\system32\TSpkg.dll
2008-10-20 13:08:09 ----A---- C:\Windows\system32\credssp.dll
2008-10-20 13:08:08 ----A---- C:\Windows\system32\seclogon.dll
2008-10-20 13:08:08 ----A---- C:\Windows\system32\schtasks.exe
2008-10-20 13:08:05 ----A---- C:\Windows\system32\wshcon.dll
2008-10-20 13:08:05 ----A---- C:\Windows\system32\wscript.exe
2008-10-20 13:08:05 ----A---- C:\Windows\system32\scrrun.dll
2008-10-20 13:08:04 ----A---- C:\Windows\system32\scrobj.dll
2008-10-20 13:08:04 ----A---- C:\Windows\system32\dispex.dll
2008-10-20 13:08:03 ----A---- C:\Windows\system32\vbscript.dll
2008-10-20 13:08:03 ----A---- C:\Windows\system32\cscript.exe
2008-10-20 13:08:02 ----A---- C:\Windows\system32\jscript.dll
2008-10-20 13:08:01 ----A---- C:\Windows\system32\loghours.dll
2008-10-20 13:07:58 ----A---- C:\Windows\system32\pidgenx.dll
2008-10-20 13:07:56 ----A---- C:\Windows\system32\scecli.dll
2008-10-20 13:07:55 ----A---- C:\Windows\system32\wscntfy.dll
2008-10-20 13:07:55 ----A---- C:\Windows\system32\psbase.dll
2008-10-20 13:07:54 ----A---- C:\Windows\system32\SLUINotify.dll
2008-10-20 13:07:54 ----A---- C:\Windows\system32\SLUI.exe
2008-10-20 13:07:53 ----A---- C:\Windows\system32\SLLUA.exe
2008-10-20 13:07:53 ----A---- C:\Windows\system32\SLCommDlg.dll
2008-10-20 13:07:47 ----A---- C:\Windows\system32\secproc.dll
2008-10-20 13:07:45 ----A---- C:\Windows\system32\RMActivate.exe
2008-10-20 13:07:41 ----A---- C:\Windows\system32\services.exe
2008-10-20 13:07:38 ----A---- C:\Windows\system32\slcc.dll
2008-10-20 13:07:37 ----A---- C:\Windows\system32\wsecedit.dll
2008-10-20 13:07:37 ----A---- C:\Windows\system32\srwmi.dll
2008-10-20 13:07:26 ----A---- C:\Windows\fveupdate.exe
2008-10-20 13:07:25 ----A---- C:\Windows\system32\secproc_ssp.dll
2008-10-20 13:07:24 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2008-10-20 13:07:21 ----A---- C:\Windows\system32\spwizres.dll
2008-10-20 13:07:19 ----A---- C:\Windows\system32\spwizimg.dll
2008-10-20 13:07:19 ----A---- C:\Windows\system32\spwizeng.dll
2008-10-20 13:07:14 ----A---- C:\Windows\system32\SLCExt.dll
2008-10-20 13:07:09 ----A---- C:\Windows\system32\secproc_isv.dll
2008-10-20 13:07:07 ----A---- C:\Windows\system32\RMActivate_isv.exe
2008-10-20 13:07:04 ----A---- C:\Windows\system32\sysmain.dll
2008-10-20 13:06:51 ----A---- C:\Windows\system32\slmgr.vbs
2008-10-20 13:06:50 ----A---- C:\Windows\system32\wshext.dll
2008-10-20 13:06:47 ----A---- C:\Windows\system32\SLC.dll
2008-10-20 13:06:46 ----A---- C:\Windows\system32\dfrgifc.exe
2008-10-20 13:06:41 ----A---- C:\Windows\system32\srrstr.dll
2008-10-20 13:06:39 ----A---- C:\Windows\system32\ntmarta.dll
2008-10-20 13:06:38 ----A---- C:\Windows\system32\authz.dll
2008-10-20 13:06:30 ----A---- C:\Windows\system32\scesrv.dll
2008-10-20 13:06:25 ----A---- C:\Windows\system32\WinSCard.dll
2008-10-20 13:06:23 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2008-10-20 13:06:23 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2008-10-20 13:06:19 ----A---- C:\Windows\system32\runonce.exe
2008-10-20 13:06:18 ----A---- C:\Windows\system32\rsaenh.dll
2008-10-20 13:06:18 ----A---- C:\Windows\system32\RpcPing.exe
2008-10-20 13:06:16 ----A---- C:\Windows\system32\rpcrt4.dll
2008-10-20 13:06:13 ----A---- C:\Windows\system32\rpchttp.dll
2008-10-20 13:06:11 ----A---- C:\Windows\system32\Robocopy.exe
2008-10-20 13:06:08 ----A---- C:\Windows\system32\riched32.dll
2008-10-20 13:06:08 ----A---- C:\Windows\system32\riched20.dll
2008-10-20 13:06:06 ----A---- C:\Windows\system32\RstrtMgr.dll
2008-10-20 13:06:04 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2008-10-20 13:06:03 ----A---- C:\Windows\system32\regsvc.dll
2008-10-20 13:06:02 ----A---- C:\Windows\system32\sdchange.exe
2008-10-20 13:06:01 ----A---- C:\Windows\system32\msra.exe
2008-10-20 13:06:00 ----A---- C:\Windows\regedit.exe
2008-10-20 13:05:59 ----A---- C:\Windows\system32\regini.exe
2008-10-20 13:05:58 ----A---- C:\Windows\system32\RegCtrl.dll
2008-10-20 13:05:57 ----A---- C:\Windows\system32\msrdc.dll
2008-10-20 13:05:55 ----A---- C:\Windows\system32\rastls.dll
2008-10-20 13:05:55 ----A---- C:\Windows\system32\rastapi.dll
2008-10-20 13:05:54 ----A---- C:\Windows\system32\rtm.dll
2008-10-20 13:05:54 ----A---- C:\Windows\system32\mprdim.dll
2008-10-20 13:05:53 ----A---- C:\Windows\system32\rasppp.dll
2008-10-20 13:05:53 ----A---- C:\Windows\system32\iprtrmgr.dll
2008-10-20 13:05:53 ----A---- C:\Windows\system32\iprtprio.dll
2008-10-20 13:05:51 ----A---- C:\Windows\system32\rasplap.dll
2008-10-20 13:05:51 ----A---- C:\Windows\system32\mprddm.dll
2008-10-20 13:05:50 ----A---- C:\Windows\system32\rasmontr.dll
2008-10-20 13:05:49 ----A---- C:\Windows\system32\RASMM.dll
2008-10-20 13:05:49 ----A---- C:\Windows\system32\rasmans.dll
2008-10-20 13:05:49 ----A---- C:\Windows\system32\rasman.dll
2008-10-20 13:05:48 ----A---- C:\Windows\system32\ifmon.dll
2008-10-20 13:05:47 ----A---- C:\Windows\system32\rasgcw.dll
2008-10-20 13:05:45 ----A---- C:\Windows\system32\rasdlg.dll
2008-10-20 13:05:44 ----A---- C:\Windows\system32\rasctrs.dll
2008-10-20 13:05:43 ----A---- C:\Windows\system32\cmutil.dll
2008-10-20 13:05:43 ----A---- C:\Windows\system32\cmstplua.dll
2008-10-20 13:05:43 ----A---- C:\Windows\system32\cmstp.exe
2008-10-20 13:05:43 ----A---- C:\Windows\system32\cmpbk32.dll
2008-10-20 13:05:43 ----A---- C:\Windows\system32\cmmon32.exe
2008-10-20 13:05:42 ----A---- C:\Windows\system32\cmlua.dll
2008-10-20 13:05:42 ----A---- C:\Windows\system32\cmdl32.exe
2008-10-20 13:05:42 ----A---- C:\Windows\system32\cmcfg32.dll
2008-10-20 13:05:41 ----A---- C:\Windows\system32\cmdial32.dll
2008-10-20 13:05:39 ----A---- C:\Windows\system32\rasphone.exe
2008-10-20 13:05:38 ----A---- C:\Windows\system32\raschap.dll
2008-10-20 13:05:37 ----A---- C:\Windows\system32\rasdiag.dll
2008-10-20 13:05:37 ----A---- C:\Windows\system32\rascfg.dll
2008-10-20 13:05:34 ----A---- C:\Windows\system32\sstpsvc.dll
2008-10-20 13:05:31 ----A---- C:\Windows\system32\rasauto.dll
2008-10-20 13:05:31 ----A---- C:\Windows\system32\rasapi32.dll
2008-10-20 13:05:26 ----A---- C:\Windows\system32\raserver.exe
2008-10-20 13:05:21 ----A---- C:\Windows\system32\rasqec.dll
2008-10-20 13:05:20 ----A---- C:\Windows\system32\RelMon.dll
2008-10-20 13:05:19 ----A---- C:\Windows\system32\RacEngn.dll
2008-10-20 13:05:17 ----A---- C:\Windows\system32\msdrm.dll
2008-10-20 13:05:13 ----A---- C:\Windows\system32\RacAgent.exe
2008-10-20 13:05:12 ----A---- C:\Windows\system32\reg.exe
2008-10-20 13:05:10 ----A---- C:\Windows\system32\PSHED.DLL
2008-10-20 13:05:09 ----A---- C:\Windows\system32\propsys.dll
2008-10-20 13:05:06 ----A---- C:\Windows\system32\profsvc.dll
2008-10-20 13:05:06 ----A---- C:\Windows\system32\profprov.dll
2008-10-20 13:04:58 ----A---- C:\Windows\system32\spoolsv.exe
2008-10-20 13:04:57 ----A---- C:\Windows\system32\xpssvcs.dll
2008-10-20 13:04:54 ----A---- C:\Windows\system32\oleprn.dll
2008-10-20 13:04:53 ----A---- C:\Windows\system32\usbmon.dll
2008-10-20 13:04:53 ----A---- C:\Windows\system32\localui.dll
2008-10-20 13:04:52 ----A---- C:\Windows\system32\powercpl.dll
2008-10-20 13:04:49 ----A---- C:\Windows\system32\PnPutil.exe
2008-10-20 13:04:48 ----A---- C:\Windows\system32\sppnp.dll
2008-10-20 13:04:48 ----A---- C:\Windows\system32\pnpui.dll
2008-10-20 13:04:46 ----A---- C:\Windows\system32\cmipnpinstall.dll
2008-10-20 13:04:44 ----A---- C:\Windows\system32\pnpsetup.dll
2008-10-20 13:04:42 ----A---- C:\Windows\system32\dmocx.dll
2008-10-20 13:04:42 ----A---- C:\Windows\system32\devmgr.dll
2008-10-20 13:04:41 ----A---- C:\Windows\system32\PlaySndSrv.dll
2008-10-20 13:04:40 ----A---- C:\Windows\system32\PING.EXE
2008-10-20 13:04:33 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-10-20 13:04:20 ----A---- C:\Windows\system32\photowiz.dll
2008-10-20 13:04:19 ----A---- C:\Windows\system32\wvc.dll
2008-10-20 13:04:19 ----A---- C:\Windows\system32\WMPhoto.dll
2008-10-20 13:04:18 ----A---- C:\Windows\system32\wdc.dll
2008-10-20 13:04:17 ----A---- C:\Windows\system32\perfmon.msc
2008-10-20 13:04:17 ----A---- C:\Windows\system32\perfmon.exe
2008-10-20 13:04:17 ----A---- C:\Windows\system32\pdhui.dll
2008-10-20 13:04:16 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2008-10-20 13:04:15 ----A---- C:\Windows\system32\pnrpnsp.dll
2008-10-20 13:04:15 ----A---- C:\Windows\system32\p2phost.exe
2008-10-20 13:04:15 ----A---- C:\Windows\system32\P2PGraph.dll
2008-10-20 13:04:14 ----A---- C:\Windows\system32\p2psvc.dll
2008-10-20 13:04:12 ----A---- C:\Windows\system32\P2P.dll
2008-10-20 13:04:11 ----A---- C:\Windows\system32\p2pnetsh.dll
2008-10-20 13:04:10 ----A---- C:\Windows\system32\wpccpl.dll
2008-10-20 13:04:09 ----A---- C:\Windows\system32\wpclsp.dll
2008-10-20 13:04:09 ----A---- C:\Windows\system32\wdscore.dll
2008-10-20 13:04:08 ----A---- C:\Windows\system32\SSShim.dll
2008-10-20 13:04:08 ----A---- C:\Windows\system32\PkgMgr.exe
2008-10-20 13:04:07 ----A---- C:\Windows\system32\unlodctr.exe
2008-10-20 13:04:07 ----A---- C:\Windows\system32\lodctr.exe
2008-10-20 13:04:07 ----A---- C:\Windows\system32\loadperf.dll
2008-10-20 13:04:06 ----A---- C:\Windows\system32\p2pcollab.dll
2008-10-20 13:04:01 ----A---- C:\Windows\system32\WSDMon.dll
2008-10-20 13:04:01 ----A---- C:\Windows\system32\PnPUnattend.exe
2008-10-20 13:03:58 ----A---- C:\Windows\system32\Wpc.dll
2008-10-20 13:03:57 ----A---- C:\Windows\system32\tcpmon.ini
2008-10-20 13:03:57 ----A---- C:\Windows\system32\tcpmon.dll
2008-10-20 13:03:55 ----A---- C:\Windows\system32\wpnpinst.exe
2008-10-20 13:03:55 ----A---- C:\Windows\system32\inetppui.dll
2008-10-20 13:03:55 ----A---- C:\Windows\system32\inetpp.dll
2008-10-20 13:03:51 ----A---- C:\Windows\system32\pla.dll
2008-10-20 13:03:46 ----A---- C:\Windows\system32\pdh.dll
2008-10-20 13:03:42 ----A---- C:\Windows\system32\printui.dll
2008-10-20 13:03:40 ----A---- C:\Windows\system32\ntprint.dll
2008-10-20 13:03:38 ----A---- C:\Windows\system32\prnntfy.dll
2008-10-20 13:03:37 ----A---- C:\Windows\system32\spoolss.dll
2008-10-20 13:03:36 ----A---- C:\Windows\system32\win32spl.dll
2008-10-20 13:03:36 ----A---- C:\Windows\system32\pnpts.dll
2008-10-20 13:03:36 ----A---- C:\Windows\system32\perfnet.dll
2008-10-20 13:03:35 ----A---- C:\Windows\system32\printcom.dll
2008-10-20 13:03:33 ----A---- C:\Windows\system32\localspl.dll
2008-10-20 13:03:31 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2008-10-20 13:03:29 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2008-10-20 13:03:23 ----A---- C:\Windows\system32\wpcao.dll
2008-10-20 13:03:20 ----A---- C:\Windows\system32\wpcsvc.dll
2008-10-20 13:03:18 ----A---- C:\Windows\system32\tracerpt.exe
2008-10-20 13:03:18 ----A---- C:\Windows\system32\logman.exe
2008-10-20 13:03:15 ----A---- C:\Windows\system32\puiobj.dll
2008-10-20 13:03:15 ----A---- C:\Windows\system32\pots.dll
2008-10-20 13:03:14 ----A---- C:\Windows\system32\puiapi.dll
2008-10-20 13:03:14 ----A---- C:\Windows\system32\findnetprinters.dll
2008-10-20 13:03:14 ----A---- C:\Windows\system32\compstui.dll
2008-10-20 13:03:06 ----A---- C:\Windows\system32\prntvpt.dll
2008-10-20 13:03:02 ----A---- C:\Windows\system32\XPSSHHDR.dll
2008-10-20 13:02:37 ----A---- C:\Windows\system32\OptionalFeatures.exe
2008-10-20 13:02:27 ----A---- C:\Windows\system32\ogldrv.dll
2008-10-20 13:02:22 ----A---- C:\Windows\system32\onex.dll
2008-10-20 13:02:19 ----A---- C:\Windows\system32\oleacc.dll
2008-10-20 13:02:17 ----A---- C:\Windows\system32\oleaut32.dll
2008-10-20 13:02:12 ----A---- C:\Windows\system32\olepro32.dll
2008-10-20 13:02:10 ----A---- C:\Windows\system32\ocsetup.exe
2008-10-20 13:02:09 ----A---- C:\Windows\system32\objsel.dll
2008-10-20 13:02:06 ----A---- C:\Windows\system32\cscdll.dll
2008-10-20 13:02:06 ----A---- C:\Windows\system32\cscapi.dll
2008-10-20 13:02:00 ----A---- C:\Windows\system32\vdmdbg.dll
2008-10-20 13:01:59 ----A---- C:\Windows\system32\wow32.dll
2008-10-20 13:01:59 ----A---- C:\Windows\system32\vdmredir.dll
2008-10-20 13:01:58 ----A---- C:\Windows\system32\ntvdm.exe
2008-10-20 13:01:57 ----A---- C:\Windows\system32\graftabl.com
2008-10-20 13:01:56 ----A---- C:\Windows\system32\csrstub.exe
2008-10-20 13:01:55 ----A---- C:\Windows\system32\ntshrui.dll
2008-10-20 13:01:54 ----A---- C:\Windows\system32\ntlanman.dll
2008-10-20 13:01:51 ----A---- C:\Windows\system32\txfw32.dll
2008-10-20 13:01:51 ----A---- C:\Windows\system32\ntdll.dll
2008-10-20 13:01:48 ----A---- C:\Windows\system32\nslookup.exe
2008-10-20 13:01:48 ----A---- C:\Windows\system32\nshhttp.dll
2008-10-20 13:01:48 ----A---- C:\Windows\system32\notepad.exe
2008-10-20 13:01:47 ----A---- C:\Windows\system32\nlasvc.dll
2008-10-20 13:01:47 ----A---- C:\Windows\system32\nlaapi.dll
2008-10-20 13:01:47 ----A---- C:\Windows\system32\ncsi.dll
2008-10-20 13:01:47 ----A---- C:\Windows\notepad.exe
2008-10-20 13:01:46 ----A---- C:\Windows\system32\newdev.dll
2008-10-20 13:01:45 ----A---- C:\Windows\system32\xmlprovi.dll
2008-10-20 13:01:45 ----A---- C:\Windows\system32\lltdsvc.dll
2008-10-20 13:01:45 ----A---- C:\Windows\system32\lltdapi.dll
2008-10-20 13:01:44 ----A---- C:\Windows\system32\NetProjW.dll
2008-10-20 13:01:44 ----A---- C:\Windows\system32\netprofm.dll
2008-10-20 13:01:43 ----A---- C:\Windows\system32\networkmap.dll
2008-10-20 13:01:43 ----A---- C:\Windows\system32\networkitemfactory.dll
2008-10-20 13:01:42 ----A---- C:\Windows\system32\networkexplorer.dll
2008-10-20 13:01:38 ----A---- C:\Windows\system32\netcenter.dll
2008-10-20 13:01:37 ----A---- C:\Windows\system32\hnetmon.dll
2008-10-20 13:01:37 ----A---- C:\Windows\system32\bridgeunattend.exe
2008-10-20 13:01:36 ----A---- C:\Windows\system32\IKEEXT.DLL
2008-10-20 13:01:36 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2008-10-20 13:01:35 ----A---- C:\Windows\system32\BFE.DLL
2008-10-20 13:01:34 ----A---- C:\Windows\system32\pnidui.dll
2008-10-20 13:01:33 ----A---- C:\Windows\system32\netshell.dll
2008-10-20 13:01:32 ----A---- C:\Windows\system32\netprof.dll
2008-10-20 13:01:31 ----A---- C:\Windows\system32\Netplwiz.exe
2008-10-20 13:01:31 ----A---- C:\Windows\system32\netplwiz.dll
2008-10-20 13:01:31 ----A---- C:\Windows\system32\netman.dll
2008-10-20 13:01:30 ----A---- C:\Windows\system32\netevent.dll
2008-10-20 13:01:30 ----A---- C:\Windows\system32\netcorehc.dll
2008-10-20 13:01:29 ----A---- C:\Windows\system32\netcfg.exe
2008-10-20 13:01:29 ----A---- C:\Windows\system32\netbtugc.exe
2008-10-20 13:01:29 ----A---- C:\Windows\system32\nci.dll
2008-10-20 13:01:28 ----A---- C:\Windows\system32\netapi32.dll
2008-10-20 13:01:28 ----A---- C:\Windows\system32\net1.exe
2008-10-20 13:01:28 ----A---- C:\Windows\system32\net.exe
2008-10-20 13:01:27 ----A---- C:\Windows\system32\netcfgx.dll
2008-10-20 13:01:27 ----A---- C:\Windows\system32\ncryptui.dll
2008-10-20 13:01:26 ----A---- C:\Windows\system32\ncrypt.dll
2008-10-20 13:01:26 ----A---- C:\Windows\system32\NcdProp.dll
2008-10-20 13:01:25 ----A---- C:\Windows\system32\nbtstat.exe
2008-10-20 13:00:44 ----A---- C:\Windows\system32\iashlpr.dll
2008-10-20 13:00:42 ----A---- C:\Windows\system32\iassdo.dll
2008-10-20 13:00:41 ----A---- C:\Windows\system32\iassam.dll
2008-10-20 13:00:41 ----A---- C:\Windows\system32\iasnap.dll
2008-10-20 13:00:39 ----A---- C:\Windows\system32\QUTIL.DLL
2008-10-20 13:00:39 ----A---- C:\Windows\system32\KMSVC.DLL
2008-10-20 13:00:38 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2008-10-20 13:00:37 ----A---- C:\Windows\system32\QSHVHOST.DLL
2008-10-20 13:00:36 ----A---- C:\Windows\system32\ipsmsnap.dll
2008-10-20 13:00:34 ----A---- C:\Windows\system32\ipsecsnp.dll
2008-10-20 13:00:32 ----A---- C:\Windows\system32\NAPSTAT.EXE
2008-10-20 13:00:31 ----A---- C:\Windows\system32\nshipsec.dll
2008-10-20 13:00:29 ----A---- C:\Windows\system32\IasMigPlugin.dll
2008-10-20 13:00:28 ----A---- C:\Windows\system32\sdohlp.dll
2008-10-20 13:00:28 ----A---- C:\Windows\system32\iasrecst.dll
2008-10-20 13:00:27 ----A---- C:\Windows\system32\iashost.exe
2008-10-20 13:00:27 ----A---- C:\Windows\system32\iasdatastore.dll
2008-10-20 13:00:27 ----A---- C:\Windows\system32\iasads.dll
2008-10-20 13:00:26 ----A---- C:\Windows\system32\ndfapi.dll
2008-10-20 13:00:23 ----A---- C:\Windows\system32\iasrad.dll
2008-10-20 13:00:22 ----A---- C:\Windows\system32\iaspolcy.dll
2008-10-20 13:00:22 ----A---- C:\Windows\system32\iasacct.dll
2008-10-20 13:00:21 ----A---- C:\Windows\system32\iassvcs.dll
2008-10-20 13:00:21 ----A---- C:\Windows\system32\ias.dll
2008-10-20 13:00:19 ----A---- C:\Windows\system32\NapiNSP.dll
2008-10-20 13:00:18 ----A---- C:\Windows\system32\netdiagfx.dll
2008-10-20 13:00:18 ----A---- C:\Windows\system32\ndfetw.dll
2008-10-20 13:00:18 ----A---- C:\Windows\system32\napdsnap.dll
2008-10-20 13:00:16 ----A---- C:\Windows\system32\QCLIPROV.DLL
2008-10-20 13:00:16 ----A---- C:\Windows\system32\NAPMONTR.DLL
2008-10-20 13:00:15 ----A---- C:\Windows\system32\QAGENTRT.DLL
2008-10-20 13:00:15 ----A---- C:\Windows\system32\QAGENT.DLL
2008-10-20 13:00:13 ----A---- C:\Windows\system32\nlmgp.dll
2008-10-20 13:00:13 ----A---- C:\Windows\system32\napipsec.dll
2008-10-20 13:00:08 ----A---- C:\Windows\system32\mydocs.dll
2008-10-20 13:00:07 ----A---- C:\Windows\system32\mcbuilder.exe
2008-10-20 13:00:06 ----A---- C:\Windows\system32\msxml6.dll
2008-10-20 13:00:04 ----A---- C:\Windows\system32\msxml3.dll
2008-10-20 12:59:59 ----A---- C:\Windows\system32\msvcrt.dll
2008-10-20 12:59:55 ----A---- C:\Windows\system32\msvbvm60.dll
2008-10-20 12:59:54 ----A---- C:\Windows\system32\mspaint.exe
2008-10-20 12:59:45 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2008-10-20 12:59:44 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2008-10-20 12:59:42 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2008-10-20 12:59:41 ----A---- C:\Windows\system32\msls31.dll
2008-10-20 12:59:41 ----A---- C:\Windows\system32\msinfo32.exe
2008-10-20 12:59:38 ----A---- C:\Windows\system32\msieftp.dll
2008-10-20 12:59:37 ----A---- C:\Windows\system32\msidle.dll
2008-10-20 12:59:36 ----A---- C:\Windows\system32\msident.dll
2008-10-20 12:59:36 ----A---- C:\Windows\system32\msftedit.dll
2008-10-20 12:59:35 ----A---- C:\Windows\system32\msdt.exe
2008-10-20 12:59:35 ----A---- C:\Windows\system32\msdt.dll
2008-10-20 12:59:34 ----A---- C:\Windows\system32\msconfig.exe
2008-10-20 12:59:33 ----A---- C:\Windows\system32\msobjs.dll
2008-10-20 12:59:33 ----A---- C:\Windows\system32\auditpol.exe
2008-10-20 12:59:33 ----A---- C:\Windows\system32\adtschema.dll
2008-10-20 12:59:32 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2008-10-20 12:59:32 ----A---- C:\Windows\system32\msaatext.dll
2008-10-20 12:59:32 ----A---- C:\Windows\system32\mprmsg.dll
2008-10-20 12:59:32 ----A---- C:\Windows\system32\mpr.dll
2008-10-20 12:59:31 ----A---- C:\Windows\system32\mprapi.dll
2008-10-20 12:59:31 ----A---- C:\Windows\system32\MPG4DECD.DLL
2008-10-20 12:59:31 ----A---- C:\Windows\system32\MP4SDECD.DLL
2008-10-20 12:59:30 ----A---- C:\Windows\system32\MP43DECD.DLL
2008-10-20 12:59:29 ----A---- C:\Windows\system32\MP3DMOD.DLL
2008-10-20 12:59:26 ----A---- C:\Windows\system32\TMM.dll
2008-10-20 12:59:26 ----A---- C:\Windows\system32\msmmsp.dll
2008-10-20 12:59:26 ----A---- C:\Windows\system32\mountvol.exe
2008-10-20 12:59:25 ----A---- C:\Windows\system32\MMDevAPI.dll
2008-10-20 12:59:24 ----A---- C:\Windows\system32\mmcss.dll
2008-10-20 12:59:24 ----A---- C:\Windows\system32\avrt.dll
2008-10-20 12:59:23 ----A---- C:\Windows\system32\mlang.dll
2008-10-20 12:59:12 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2008-10-20 12:59:11 ----A---- C:\Windows\system32\mfvdsp.dll
2008-10-20 12:59:11 ----A---- C:\Windows\system32\mfplat.dll
2008-10-20 12:59:09 ----A---- C:\Windows\system32\mfc42u.dll
2008-10-20 12:59:08 ----A---- C:\Windows\system32\mfc42.dll
2008-10-20 12:59:07 ----A---- C:\Windows\system32\wmdrmnet.dll
2008-10-20 12:59:06 ----A---- C:\Windows\system32\wmdrmdev.dll
2008-10-20 12:59:05 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-10-20 12:59:04 ----A---- C:\Windows\system32\wmpsrcwp.dll
2008-10-20 12:59:03 ----A---- C:\Windows\system32\wmpshell.dll
2008-10-20 12:59:02 ----A---- C:\Windows\system32\WMPEncEn.dll
2008-10-20 12:58:58 ----A---- C:\Windows\system32\wmpdxm.dll
2008-10-20 12:58:58 ----A---- C:\Windows\system32\wmpcm.dll
2008-10-20 12:58:57 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-10-20 12:58:56 ----A---- C:\Windows\system32\WMASF.DLL
2008-10-20 12:58:55 ----A---- C:\Windows\system32\unregmp2.exe
2008-10-20 12:58:54 ----A---- C:\Windows\system32\wmidx.dll
2008-10-20 12:58:54 ----A---- C:\Windows\system32\logagent.exe
2008-10-20 12:58:53 ----A---- C:\Windows\system32\wmdrmsdk.dll
2008-10-20 12:58:53 ----A---- C:\Windows\system32\msscp.dll
2008-10-20 12:58:53 ----A---- C:\Windows\system32\msnetobj.dll
2008-10-20 12:58:52 ----A---- C:\Windows\system32\drmv2clt.dll
2008-10-20 12:58:52 ----A---- C:\Windows\system32\drmmgrtn.dll
2008-10-20 12:58:52 ----A---- C:\Windows\system32\blackbox.dll
2008-10-20 12:58:49 ----A---- C:\Windows\system32\wmploc.DLL
2008-10-20 12:58:48 ----A---- C:\Windows\system32\wmp.dll
2008-10-20 12:58:46 ----A---- C:\Windows\system32\spwmp.dll
2008-10-20 12:58:46 ----A---- C:\Windows\system32\dxmasf.dll
2008-10-20 12:58:44 ----A---- C:\Windows\system32\rrinstaller.exe
2008-10-20 12:58:44 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2008-10-20 12:58:43 ----A---- C:\Windows\system32\mfps.dll
2008-10-20 12:58:43 ----A---- C:\Windows\system32\mfpmp.exe
2008-10-20 12:58:42 ----A---- C:\Windows\system32\mf.dll
2008-10-20 12:58:41 ----A---- C:\Windows\system32\makecab.exe
2008-10-20 12:58:39 ----A---- C:\Windows\system32\msoert2.dll
2008-10-20 12:58:38 ----A---- C:\Windows\system32\msoeacct.dll
2008-10-20 12:58:32 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2008-10-20 12:58:31 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2008-10-20 12:58:30 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2008-10-20 12:58:26 ----A---- C:\Windows\system32\migisol.dll
2008-10-20 12:58:24 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2008-10-20 12:58:23 ----A---- C:\Windows\system32\msjtes40.dll
2008-10-20 12:58:23 ----A---- C:\Windows\system32\dbnetlib.dll
2008-10-20 12:58:22 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2008-10-20 12:58:21 ----A---- C:\Windows\system32\odbccu32.dll
2008-10-20 12:58:16 ----A---- C:\Windows\system32\odbcconf.dll
2008-10-20 12:58:16 ----A---- C:\Windows\system32\msjetoledb40.dll
2008-10-20 12:58:12 ----A---- C:\Windows\system32\PresentationSettings.exe

mikeybloom123
2008-10-24, 17:13
2008-10-20 12:58:08 ----A---- C:\Windows\system32\sqlsrv32.dll
2008-10-20 12:58:03 ----A---- C:\Windows\system32\msdart.dll
2008-10-20 12:58:02 ----A---- C:\Windows\system32\msxbde40.dll
2008-10-20 12:58:01 ----A---- C:\Windows\system32\mspbde40.dll
2008-10-20 12:57:56 ----A---- C:\Windows\system32\odbcbcp.dll
2008-10-20 12:57:56 ----A---- C:\Windows\system32\MigAutoPlay.exe
2008-10-20 12:57:55 ----A---- C:\Windows\system32\ucsvc.exe
2008-10-20 12:57:55 ----A---- C:\Windows\system32\msltus40.dll
2008-10-20 12:57:50 ----A---- C:\Windows\system32\msdadiag.dll
2008-10-20 12:57:49 ----A---- C:\Windows\system32\mcmde.dll
2008-10-20 12:57:48 ----A---- C:\Windows\system32\mblctr.exe
2008-10-20 12:57:41 ----A---- C:\Windows\system32\odbctrac.dll
2008-10-20 12:57:38 ----A---- C:\Windows\system32\MdSched.exe
2008-10-20 12:57:36 ----A---- C:\Windows\system32\odbccr32.dll
2008-10-20 12:57:35 ----A---- C:\Windows\system32\mmcndmgr.dll
2008-10-20 12:57:32 ----A---- C:\Windows\system32\msexcl40.dll
2008-10-20 12:57:31 ----A---- C:\Windows\system32\msorcl32.dll
2008-10-20 12:57:30 ----A---- C:\Windows\system32\odbc32.dll
2008-10-20 12:57:27 ----A---- C:\Windows\system32\odbccp32.dll
2008-10-20 12:57:26 ----A---- C:\Windows\system32\odbcjt32.dll
2008-10-20 12:57:23 ----A---- C:\Windows\system32\mmcshext.dll
2008-10-20 12:57:23 ----A---- C:\Windows\system32\mmcbase.dll
2008-10-20 12:57:22 ----A---- C:\Windows\system32\mmc.exe
2008-10-20 12:57:20 ----A---- C:\Windows\system32\cic.dll
2008-10-20 12:57:18 ----A---- C:\Windows\system32\mstext40.dll
2008-10-20 12:57:16 ----A---- C:\Windows\system32\msrepl40.dll
2008-10-20 12:57:14 ----A---- C:\Windows\system32\msjet40.dll
2008-10-20 12:57:11 ----A---- C:\Windows\system32\msrd3x40.dll
2008-10-20 12:57:07 ----A---- C:\Windows\system32\consent.exe
2008-10-20 12:57:07 ----A---- C:\Windows\system32\appinfo.dll
2008-10-20 12:57:06 ----A---- C:\Windows\system32\luainstall.dll
2008-10-20 12:57:03 ----A---- C:\Windows\system32\secur32.dll
2008-10-20 12:57:02 ----A---- C:\Windows\system32\lsass.exe
2008-10-20 12:57:01 ----A---- C:\Windows\system32\lsasrv.dll
2008-10-20 12:56:55 ----A---- C:\Windows\system32\lpremove.exe
2008-10-20 12:56:55 ----A---- C:\Windows\system32\lpksetup.exe
2008-10-20 12:56:55 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2008-10-20 12:56:51 ----A---- C:\Windows\system32\Wldap32.dll
2008-10-20 12:56:51 ----A---- C:\Windows\system32\cdd.dll
2008-10-20 12:56:47 ----A---- C:\Windows\system32\l2gpstore.dll
2008-10-20 12:56:41 ----A---- C:\Windows\system32\L2SecHC.dll
2008-10-20 12:56:16 ----A---- C:\Windows\system32\ktmutil.exe
2008-10-20 12:56:15 ----A---- C:\Windows\system32\keymgr.dll
2008-10-20 12:56:12 ----A---- C:\Windows\system32\kernel32.dll
2008-10-20 12:56:07 ----A---- C:\Windows\system32\ipconfig.exe
2008-10-20 12:56:05 ----A---- C:\Windows\system32\nlsbres.dll
2008-10-20 12:56:04 ----A---- C:\Windows\system32\Nlsdl.dll
2008-10-20 12:56:04 ----A---- C:\Windows\system32\MuiUnattend.exe
2008-10-20 12:56:04 ----A---- C:\Windows\system32\idndl.dll
2008-10-20 12:56:03 ----A---- C:\Windows\system32\msisip.dll
2008-10-20 12:56:03 ----A---- C:\Windows\system32\msihnd.dll
2008-10-20 12:56:02 ----A---- C:\Windows\system32\msiexec.exe
2008-10-20 12:56:01 ----A---- C:\Windows\system32\msi.dll
2008-10-20 12:55:58 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2008-10-20 12:55:57 ----A---- C:\Windows\system32\imm32.dll
2008-10-20 12:55:50 ----A---- C:\Windows\system32\imapi.dll
2008-10-20 12:55:49 ----A---- C:\Windows\system32\imapi2.dll
2008-10-20 12:55:47 ----A---- C:\Windows\system32\imagesp1.dll
2008-10-20 12:55:43 ----A---- C:\Windows\system32\dbghelp.dll
2008-10-20 12:55:42 ----A---- C:\Windows\system32\dbgeng.dll
2008-10-20 12:54:57 ----A---- C:\Windows\system32\url.dll
2008-10-20 12:54:56 ----A---- C:\Windows\system32\WinFXDocObj.exe
2008-10-20 12:54:55 ----A---- C:\Windows\system32\inseng.dll
2008-10-20 12:54:55 ----A---- C:\Windows\system32\iesetup.dll
2008-10-20 12:54:55 ----A---- C:\Windows\system32\iernonce.dll
2008-10-20 12:54:55 ----A---- C:\Windows\system32\ie4uinit.exe
2008-10-20 12:54:53 ----A---- C:\Windows\system32\webcheck.dll
2008-10-20 12:54:53 ----A---- C:\Windows\system32\msrating.dll
2008-10-20 12:54:52 ----A---- C:\Windows\system32\occache.dll
2008-10-20 12:54:51 ----A---- C:\Windows\system32\icardie.dll
2008-10-20 12:54:50 ----A---- C:\Windows\system32\wextract.exe
2008-10-20 12:54:50 ----A---- C:\Windows\system32\imgutil.dll
2008-10-20 12:54:50 ----A---- C:\Windows\system32\iexpress.exe
2008-10-20 12:54:45 ----A---- C:\Windows\system32\mshtmled.dll
2008-10-20 12:54:44 ----A---- C:\Windows\system32\ieencode.dll
2008-10-20 12:54:43 ----A---- C:\Windows\system32\mshta.exe
2008-10-20 12:54:42 ----A---- C:\Windows\system32\msfeedssync.exe
2008-10-20 12:54:41 ----A---- C:\Windows\system32\msfeedsbs.dll
2008-10-20 12:54:41 ----A---- C:\Windows\system32\msfeeds.dll
2008-10-20 12:54:40 ----A---- C:\Windows\system32\extmgr.dll
2008-10-20 12:54:39 ----A---- C:\Windows\system32\dxtrans.dll
2008-10-20 12:54:38 ----A---- C:\Windows\system32\dxtmsft.dll
2008-10-20 12:54:37 ----A---- C:\Windows\system32\licmgr10.dll
2008-10-20 12:54:37 ----A---- C:\Windows\system32\iepeers.dll
2008-10-20 12:54:36 ----A---- C:\Windows\system32\ieapfltr.dll
2008-10-20 12:54:35 ----A---- C:\Windows\system32\ieaksie.dll
2008-10-20 12:54:34 ----A---- C:\Windows\system32\ieakeng.dll
2008-10-20 12:54:34 ----A---- C:\Windows\system32\admparse.dll
2008-10-20 12:54:32 ----A---- C:\Windows\system32\iedkcs32.dll
2008-10-20 12:54:31 ----A---- C:\Windows\system32\colorui.dll
2008-10-20 12:54:30 ----A---- C:\Windows\system32\mscms.dll
2008-10-20 12:54:30 ----A---- C:\Windows\system32\icm32.dll
2008-10-20 12:54:29 ----A---- C:\Windows\system32\icacls.exe
2008-10-20 12:54:14 ----A---- C:\Windows\system32\corpol.dll
2008-10-20 12:54:04 ----A---- C:\Windows\system32\iphlpsvc.dll
2008-10-20 12:53:55 ----A---- C:\Windows\system32\KBDKOR.DLL
2008-10-20 12:53:55 ----A---- C:\Windows\system32\KBDJPN.DLL
2008-10-20 12:53:54 ----A---- C:\Windows\system32\iscsiwmi.dll
2008-10-20 12:53:54 ----A---- C:\Windows\system32\iscsium.dll
2008-10-20 12:53:54 ----A---- C:\Windows\system32\iscsiexe.dll
2008-10-20 12:53:53 ----A---- C:\Windows\system32\iscsied.dll
2008-10-20 12:53:52 ----A---- C:\Windows\system32\f3ahvoas.dll
2008-10-20 12:53:46 ----A---- C:\Windows\system32\WINSRPC.DLL
2008-10-20 12:53:42 ----A---- C:\Windows\system32\hnetcfg.dll
2008-10-20 12:53:39 ----A---- C:\Windows\system32\pngfilt.dll
2008-10-20 12:53:38 ----A---- C:\Windows\system32\imapi2fs.dll
2008-10-20 12:53:36 ----A---- C:\Windows\system32\httpapi.dll
2008-10-20 12:53:35 ----A---- C:\Windows\system32\itss.dll
2008-10-20 12:53:35 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2008-10-20 12:53:34 ----A---- C:\Windows\system32\hlink.dll
2008-10-20 12:53:33 ----A---- C:\Windows\system32\apss.dll
2008-10-20 12:53:32 ----A---- C:\Windows\system32\apircl.dll
2008-10-20 12:53:30 ----A---- C:\Windows\system32\apds.dll
2008-10-20 12:53:28 ----A---- C:\Windows\HelpPane.exe
2008-10-20 12:53:27 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2008-10-20 12:53:27 ----A---- C:\Windows\system32\hbaapi.dll
2008-10-20 12:53:25 ----A---- C:\Windows\system32\gpsvc.dll
2008-10-20 12:53:23 ----A---- C:\Windows\system32\gpapi.dll
2008-10-20 12:53:21 ----A---- C:\Windows\system32\getmac.exe
2008-10-20 12:53:20 ----A---- C:\Windows\system32\lpk.dll
2008-10-20 12:53:20 ----A---- C:\Windows\system32\fontsub.dll
2008-10-20 12:53:20 ----A---- C:\Windows\system32\connect.dll
2008-10-20 12:53:19 ----A---- C:\Windows\system32\atmfd.dll
2008-10-20 12:53:13 ----A---- C:\Windows\system32\gacinstall.dll
2008-10-20 12:53:10 ----A---- C:\Windows\system32\gpupdate.exe
2008-10-20 12:53:10 ----A---- C:\Windows\system32\gpresult.exe
2008-10-20 12:53:08 ----A---- C:\Windows\system32\gpedit.dll
2008-10-20 12:52:59 ----A---- C:\Windows\system32\ftp.exe
2008-10-20 12:52:59 ----A---- C:\Windows\system32\fsutil.exe
2008-10-20 12:52:58 ----A---- C:\Windows\system32\fontext.dll
2008-10-20 12:52:57 ----A---- C:\Windows\system32\t2embed.dll
2008-10-20 12:52:56 ----A---- C:\Windows\system32\fmifs.dll
2008-10-20 12:52:56 ----A---- C:\Windows\system32\findstr.exe
2008-10-20 12:52:54 ----A---- C:\Windows\system32\wersvc.dll
2008-10-20 12:52:54 ----A---- C:\Windows\system32\feclient.dll
2008-10-20 12:52:54 ----A---- C:\Windows\system32\fde.dll
2008-10-20 12:52:53 ----A---- C:\Windows\system32\fdeploy.dll
2008-10-20 12:52:52 ----A---- C:\Windows\system32\resutils.dll
2008-10-20 12:52:52 ----A---- C:\Windows\system32\clusapi.dll
2008-10-20 12:52:51 ----A---- C:\Windows\system32\ulib.dll
2008-10-20 12:52:51 ----A---- C:\Windows\system32\uexfat.dll
2008-10-20 12:52:51 ----A---- C:\Windows\system32\ifsutil.dll
2008-10-20 12:52:50 ----A---- C:\Windows\system32\uudf.dll
2008-10-20 12:52:49 ----A---- C:\Windows\system32\untfs.dll
2008-10-20 12:52:46 ----A---- C:\Windows\system32\ufat.dll
2008-10-20 12:52:46 ----A---- C:\Windows\system32\extrac32.exe
2008-10-20 12:52:46 ----A---- C:\Windows\system32\cmifw.dll
2008-10-20 12:52:45 ----A---- C:\Windows\explorer.exe
2008-10-20 12:52:41 ----A---- C:\Windows\system32\ExplorerFrame.dll
2008-10-20 12:52:41 ----A---- C:\Windows\system32\els.dll
2008-10-20 12:52:40 ----A---- C:\Windows\system32\wevtsvc.dll
2008-10-20 12:52:39 ----A---- C:\Windows\system32\wevtutil.exe
2008-10-20 12:52:39 ----A---- C:\Windows\system32\wevtfwd.dll
2008-10-20 12:52:39 ----A---- C:\Windows\system32\wevtapi.dll
2008-10-20 12:52:38 ----A---- C:\Windows\system32\wecutil.exe
2008-10-20 12:52:38 ----A---- C:\Windows\system32\wecsvc.dll
2008-10-20 12:52:38 ----A---- C:\Windows\system32\wecapi.dll
2008-10-20 12:52:37 ----A---- C:\Windows\system32\wermgr.exe
2008-10-20 12:52:37 ----A---- C:\Windows\system32\WerFaultSecure.exe
2008-10-20 12:52:37 ----A---- C:\Windows\system32\WerFault.exe
2008-10-20 12:52:37 ----A---- C:\Windows\system32\Faultrep.dll
2008-10-20 12:52:36 ----A---- C:\Windows\system32\werdiagcontroller.dll
2008-10-20 12:52:36 ----A---- C:\Windows\system32\wer.dll
2008-10-20 12:52:35 ----A---- C:\Windows\system32\wercplsupport.dll
2008-10-20 12:52:35 ----A---- C:\Windows\system32\wercon.exe
2008-10-20 12:52:33 ----A---- C:\Windows\system32\evr.dll
2008-10-20 12:52:32 ----A---- C:\Windows\system32\msdri.dll
2008-10-20 12:52:16 ----A---- C:\Windows\system32\Mcx2Svc.dll
2008-10-20 12:52:14 ----A---- C:\Windows\system32\efsadu.dll
2008-10-20 12:52:13 ----A---- C:\Windows\system32\rekeywiz.exe
2008-10-20 12:52:13 ----A---- C:\Windows\system32\esentprf.dll
2008-10-20 12:52:12 ----A---- C:\Windows\system32\eapsvc.dll
2008-10-20 12:52:12 ----A---- C:\Windows\system32\DWWIN.EXE
2008-10-20 12:52:09 ----A---- C:\Windows\system32\esent.dll
2008-10-20 12:52:07 ----A---- C:\Windows\system32\emdmgmt.dll
2008-10-20 12:52:04 ----A---- C:\Windows\system32\esentutl.exe
2008-10-20 12:52:03 ----A---- C:\Windows\system32\eappprxy.dll
2008-10-20 12:52:03 ----A---- C:\Windows\system32\eapphost.dll
2008-10-20 12:52:03 ----A---- C:\Windows\system32\eappgnui.dll
2008-10-20 12:52:03 ----A---- C:\Windows\system32\eappcfg.dll
2008-10-20 12:52:02 ----A---- C:\Windows\system32\EAPQEC.DLL
2008-10-20 12:52:02 ----A---- C:\Windows\system32\eapp3hst.dll
2008-10-20 12:51:58 ----A---- C:\Windows\system32\duser.dll
2008-10-20 12:51:57 ----A---- C:\Windows\system32\dssec.dll
2008-10-20 12:51:56 ----A---- C:\Windows\system32\dsquery.dll
2008-10-20 12:51:54 ----A---- C:\Windows\system32\dskquoui.dll
2008-10-20 12:51:54 ----A---- C:\Windows\system32\dskquota.dll
2008-10-20 12:51:53 ----A---- C:\Windows\system32\verifier.exe
2008-10-20 12:51:53 ----A---- C:\Windows\system32\drvstore.dll
2008-10-20 12:51:53 ----A---- C:\Windows\system32\driverquery.exe
2008-10-20 12:51:52 ----A---- C:\Windows\system32\DpiScaling.exe
2008-10-20 12:51:52 ----A---- C:\Windows\system32\dpapimig.exe
2008-10-20 12:51:50 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2008-10-20 12:51:50 ----A---- C:\Windows\system32\dot3ui.dll
2008-10-20 12:51:50 ----A---- C:\Windows\system32\dot3svc.dll
2008-10-20 12:51:49 ----A---- C:\Windows\system32\dot3msm.dll
2008-10-20 12:51:49 ----A---- C:\Windows\system32\dot3dlg.dll
2008-10-20 12:51:49 ----A---- C:\Windows\system32\dot3api.dll
2008-10-20 12:51:47 ----A---- C:\Windows\system32\dot3gpui.dll
2008-10-20 12:51:45 ----A---- C:\Windows\system32\dot3gpclnt.dll
2008-10-20 12:51:45 ----A---- C:\Windows\system32\dot3cfg.dll
2008-10-20 12:51:42 ----A---- C:\Windows\system32\dnshc.dll
2008-10-20 12:51:41 ----A---- C:\Windows\system32\dnsrslvr.dll
2008-10-20 12:51:41 ----A---- C:\Windows\system32\dnscacheugc.exe
2008-10-20 12:51:41 ----A---- C:\Windows\system32\dnsapi.dll
2008-10-20 12:51:37 ----A---- C:\Windows\system32\dispdiag.exe
2008-10-20 12:51:35 ----A---- C:\Windows\system32\diskraid.exe
2008-10-20 12:51:32 ----A---- C:\Windows\system32\diskpart.exe
2008-10-20 12:51:29 ----A---- C:\Windows\system32\dmutil.dll
2008-10-20 12:51:28 ----A---- C:\Windows\system32\dmdskres2.dll
2008-10-20 12:51:27 ----A---- C:\Windows\system32\dmdlgs.dll
2008-10-20 12:51:24 ----A---- C:\Windows\system32\dmdskmgr.dll
2008-10-20 12:51:23 ----A---- C:\Windows\system32\rgb9rast.dll
2008-10-20 12:51:22 ----A---- C:\Windows\system32\dxgi.dll
2008-10-20 12:51:22 ----A---- C:\Windows\system32\dpnet.dll
2008-10-20 12:51:20 ----A---- C:\Windows\system32\ddraw.dll
2008-10-20 12:51:19 ----A---- C:\Windows\system32\d3dim700.dll
2008-10-20 12:51:19 ----A---- C:\Windows\system32\d3dim.dll
2008-10-20 12:51:18 ----A---- C:\Windows\system32\d3dxof.dll
2008-10-20 12:51:17 ----A---- C:\Windows\system32\d3d9.dll
2008-10-20 12:51:14 ----A---- C:\Windows\system32\d3d8.dll
2008-10-20 12:51:12 ----A---- C:\Windows\system32\d3d10core.dll
2008-10-20 12:51:12 ----A---- C:\Windows\system32\d3d10.dll
2008-10-20 12:51:11 ----A---- C:\Windows\system32\d3d10_1core.dll
2008-10-20 12:51:11 ----A---- C:\Windows\system32\d3d10_1.dll
2008-10-20 12:51:10 ----A---- C:\Windows\system32\vfwwdm32.dll
2008-10-20 12:51:10 ----A---- C:\Windows\system32\amstream.dll
2008-10-20 12:51:09 ----A---- C:\Windows\system32\qdv.dll
2008-10-20 12:51:08 ----A---- C:\Windows\system32\qdvd.dll
2008-10-20 12:51:08 ----A---- C:\Windows\system32\msdmo.dll
2008-10-20 12:51:08 ----A---- C:\Windows\system32\devenum.dll
2008-10-20 12:51:06 ----A---- C:\Windows\system32\qcap.dll
2008-10-20 12:51:06 ----A---- C:\Windows\system32\qasf.dll
2008-10-20 12:51:05 ----A---- C:\Windows\system32\samsrv.dll
2008-10-20 12:51:04 ----A---- C:\Windows\system32\samlib.dll
2008-10-20 12:51:04 ----A---- C:\Windows\system32\dimsroam.dll
2008-10-20 12:51:04 ----A---- C:\Windows\system32\dimsjob.dll
2008-10-20 12:51:03 ----A---- C:\Windows\system32\dsauth.dll
2008-10-20 12:51:03 ----A---- C:\Windows\system32\diantz.exe
2008-10-20 12:51:03 ----A---- C:\Windows\system32\dhcpsapi.dll
2008-10-20 12:51:03 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2008-10-20 12:51:02 ----A---- C:\Windows\system32\dhcpcsvc.dll
2008-10-20 12:51:02 ----A---- C:\Windows\system32\DfsShlEx.dll
2008-10-20 12:51:01 ----A---- C:\Windows\system32\dfsr.exe
2008-10-20 12:51:00 ----A---- C:\Windows\system32\setupugc.exe
2008-10-20 12:51:00 ----A---- C:\Windows\system32\dpx.dll
2008-10-20 12:50:59 ----A---- C:\Windows\system32\mspatcha.dll
2008-10-20 12:50:59 ----A---- C:\Windows\system32\msdelta.dll
2008-10-20 12:50:58 ----A---- C:\Windows\system32\shrink.dll
2008-10-20 12:50:58 ----A---- C:\Windows\system32\DfrgNtfs.exe
2008-10-20 12:50:58 ----A---- C:\Windows\system32\dfrgfat.exe
2008-10-20 12:50:57 ----A---- C:\Windows\system32\Defrag.exe
2008-10-20 12:50:56 ----A---- C:\Windows\system32\dxdiagn.dll
2008-10-20 12:50:56 ----A---- C:\Windows\system32\dfrgui.exe
2008-10-20 12:50:55 ----A---- C:\Windows\system32\dxdiag.exe
2008-10-20 12:50:54 ----A---- C:\Windows\system32\dxva2.dll
2008-10-20 12:50:53 ----A---- C:\Windows\system32\IMJP10K.DLL
2008-10-20 12:50:51 ----A---- C:\Windows\system32\uxsms.dll
2008-10-20 12:50:51 ----A---- C:\Windows\system32\uDWM.dll
2008-10-20 12:50:51 ----A---- C:\Windows\system32\dwmredir.dll
2008-10-20 12:50:51 ----A---- C:\Windows\system32\dwm.exe
2008-10-20 12:50:50 ----A---- C:\Windows\system32\ntdsapi.dll
2008-10-20 12:50:50 ----A---- C:\Windows\system32\DFDWiz.exe
2008-10-20 12:50:49 ----A---- C:\Windows\system32\milcore.dll
2008-10-20 12:50:47 ----A---- C:\Windows\system32\dwmapi.dll
2008-10-20 12:50:38 ----A---- C:\Windows\system32\dmvdsitf.dll
2008-10-20 12:50:36 ----A---- C:\Windows\system32\wdi.dll
2008-10-20 12:50:36 ----A---- C:\Windows\system32\dps.dll
2008-10-20 12:50:35 ----A---- C:\Windows\system32\WUDFx.dll
2008-10-20 12:50:35 ----A---- C:\Windows\system32\WUDFSvc.dll
2008-10-20 12:50:35 ----A---- C:\Windows\system32\WUDFPlatform.dll
2008-10-20 12:50:34 ----A---- C:\Windows\system32\WUDFHost.exe
2008-10-20 12:50:34 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2008-10-20 12:50:15 ----A---- C:\Windows\system32\dssenh.dll
2008-10-20 12:50:13 ----A---- C:\Windows\system32\dfdts.dll
2008-10-20 12:50:07 ----A---- C:\Windows\system32\localsec.dll
2008-10-20 12:50:05 ----A---- C:\Windows\system32\DHCPQEC.DLL
2008-10-20 12:50:04 ----A---- C:\Windows\system32\csrss.exe
2008-10-20 12:50:04 ----A---- C:\Windows\system32\csrsrv.dll
2008-10-20 12:50:03 ----A---- C:\Windows\system32\cryptui.dll
2008-10-20 12:50:01 ----A---- C:\Windows\system32\cryptsvc.dll
2008-10-20 12:50:00 ----A---- C:\Windows\system32\cmicryptinstall.dll
2008-10-20 12:49:59 ----A---- C:\Windows\system32\cryptnet.dll
2008-10-20 12:49:59 ----A---- C:\Windows\system32\cryptdll.dll
2008-10-20 12:49:58 ----A---- C:\Windows\system32\crypt32.dll
2008-10-20 12:49:56 ----A---- C:\Windows\system32\credui.dll
2008-10-20 12:49:55 ----A---- C:\Windows\system32\umpnpmgr.dll
2008-10-20 12:49:55 ----A---- C:\Windows\system32\cofiredm.dll
2008-10-20 12:49:54 ----A---- C:\Windows\system32\imagehlp.dll
2008-10-20 12:49:54 ----A---- C:\Windows\system32\drvinst.exe
2008-10-20 12:49:54 ----A---- C:\Windows\system32\cfgmgr32.dll
2008-10-20 12:49:53 ----A---- C:\Windows\system32\convert.exe
2008-10-20 12:49:53 ----A---- C:\Windows\system32\autoconv.exe
2008-10-20 12:49:52 ----A---- C:\Windows\system32\rtffilt.dll
2008-10-20 12:49:51 ----A---- C:\Windows\system32\xmlfilter.dll
2008-10-20 12:49:51 ----A---- C:\Windows\system32\offfilt.dll
2008-10-20 12:49:51 ----A---- C:\Windows\system32\nlhtml.dll
2008-10-20 12:49:51 ----A---- C:\Windows\system32\mimefilt.dll
2008-10-20 12:49:50 ----A---- C:\Windows\system32\netid.dll
2008-10-20 12:49:50 ----A---- C:\Windows\system32\conime.exe
2008-10-20 12:49:50 ----A---- C:\Windows\system32\ComputerDefaults.exe
2008-10-20 12:49:49 ----A---- C:\Windows\system32\cmd.exe
2008-10-20 12:49:49 ----A---- C:\Windows\system32\clfsw32.dll
2008-10-20 12:49:48 ----A---- C:\Windows\system32\comdlg32.dll
2008-10-20 12:49:41 ----A---- C:\Windows\system32\oledlg.dll
2008-10-20 12:49:40 ----A---- C:\Windows\system32\olethk32.dll
2008-10-20 12:49:40 ----A---- C:\Windows\system32\olesvr32.dll
2008-10-20 12:49:40 ----A---- C:\Windows\system32\olecli32.dll
2008-10-20 12:49:40 ----A---- C:\Windows\system32\msdtckrm.dll
2008-10-20 12:49:39 ----A---- C:\Windows\system32\msdtctm.dll
2008-10-20 12:49:39 ----A---- C:\Windows\system32\msdtc.exe
2008-10-20 12:49:38 ----A---- C:\Windows\system32\mtxoci.dll
2008-10-20 12:49:38 ----A---- C:\Windows\system32\msdtcuiu.dll
2008-10-20 12:49:38 ----A---- C:\Windows\system32\msdtclog.dll
2008-10-20 12:49:37 ----A---- C:\Windows\system32\xolehlp.dll
2008-10-20 12:49:37 ----A---- C:\Windows\system32\msdtcprx.dll
2008-10-20 12:49:37 ----A---- C:\Windows\system32\comres.dll
2008-10-20 12:49:35 ----A---- C:\Windows\system32\mtstocom.exe
2008-10-20 12:49:35 ----A---- C:\Windows\system32\comuid.dll
2008-10-20 12:49:35 ----A---- C:\Windows\system32\comsnap.dll
2008-10-20 12:49:34 ----A---- C:\Windows\system32\mfcsubs.dll
2008-10-20 12:49:34 ----A---- C:\Windows\system32\comrepl.dll
2008-10-20 12:49:33 ----A---- C:\Windows\system32\rpcss.dll
2008-10-20 12:49:32 ----A---- C:\Windows\system32\ole32.dll
2008-10-20 12:49:24 ----A---- C:\Windows\system32\cipher.exe
2008-10-20 12:49:23 ----A---- C:\Windows\system32\certutil.exe
2008-10-20 12:49:22 ----A---- C:\Windows\system32\certreq.exe
2008-10-20 12:49:22 ----A---- C:\Windows\system32\cdosys.dll
2008-10-20 12:49:17 ----A---- C:\Windows\system32\capisp.dll
2008-10-20 12:49:17 ----A---- C:\Windows\system32\cabview.dll
2008-10-20 12:49:17 ----A---- C:\Windows\system32\cabinet.dll
2008-10-20 12:49:16 ----A---- C:\Windows\system32\mtxlegih.dll
2008-10-20 12:49:16 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2008-10-20 12:49:16 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2008-10-20 12:49:16 ----A---- C:\Windows\system32\certcli.dll
2008-10-20 12:49:15 ----A---- C:\Windows\system32\txflog.dll
2008-10-20 12:49:15 ----A---- C:\Windows\system32\mycomput.dll
2008-10-20 12:49:15 ----A---- C:\Windows\system32\mtxdm.dll
2008-10-20 12:49:14 ----A---- C:\Windows\system32\comsvcs.dll
2008-10-20 12:49:14 ----A---- C:\Windows\system32\catsrvut.dll
2008-10-20 12:49:13 ----A---- C:\Windows\system32\Query.dll
2008-10-20 12:49:12 ----A---- C:\Windows\system32\mtxclu.dll
2008-10-20 12:49:11 ----A---- C:\Windows\system32\colbact.dll
2008-10-20 12:49:11 ----A---- C:\Windows\system32\clbcatq.dll
2008-10-20 12:49:09 ----A---- C:\Windows\system32\catsrv.dll
2008-10-20 12:49:04 ----A---- C:\Windows\system32\certmgr.dll
2008-10-20 12:49:01 ----A---- C:\Windows\system32\btpanui.dll
2008-10-20 12:49:00 ----A---- C:\Windows\system32\browseui.dll
2008-10-20 12:48:57 ----A---- C:\Windows\system32\browser.dll
2008-10-20 12:48:56 ----A---- C:\Windows\system32\BOOTVID.DLL
2008-10-20 12:48:56 ----A---- C:\Windows\system32\bootcfg.exe
2008-10-20 12:48:54 ----A---- C:\Windows\system32\qmgr.dll
2008-10-20 12:48:54 ----A---- C:\Windows\system32\bitsigd.dll
2008-10-20 12:48:52 ----A---- C:\Windows\system32\bitsadmin.exe
2008-10-20 12:48:51 ----A---- C:\Windows\system32\expand.exe
2008-10-20 12:48:51 ----A---- C:\Windows\system32\bcrypt.dll
2008-10-20 12:48:50 ----A---- C:\Windows\system32\basesrv.dll


2008-10-20 12:48:50 ----A---- C:\Windows\bfsvc.exe
2008-10-20 12:48:46 ----A---- C:\Windows\system32\bcdsrv.dll
2008-10-20 12:48:39 ----A---- C:\Windows\system32\bcdprov.dll
2008-10-20 12:48:26 ----A---- C:\Windows\system32\bcdedit.exe
2008-10-20 12:48:25 ----A---- C:\Windows\system32\kdcom.dll
2008-10-20 12:48:22 ----A---- C:\Windows\system32\bootstr.dll
2008-10-20 12:48:20 ----A---- C:\Windows\system32\kdusb.dll
2008-10-20 12:48:12 ----A---- C:\Windows\system32\AzSqlExt.dll
2008-10-20 12:48:12 ----A---- C:\Windows\system32\azroles.dll
2008-10-20 12:48:10 ----A---- C:\Windows\system32\autoplay.dll
2008-10-20 12:48:09 ----A---- C:\Windows\system32\autofmt.exe
2008-10-20 12:48:06 ----A---- C:\Windows\system32\azroleui.dll
2008-10-20 12:48:06 ----A---- C:\Windows\system32\autochk.exe
2008-10-20 12:48:05 ----A---- C:\Windows\system32\LogonUI.exe
2008-10-20 12:48:04 ----A---- C:\Windows\system32\authui.dll
2008-10-20 12:48:00 ----A---- C:\Windows\system32\SndVol.exe
2008-10-20 12:48:00 ----A---- C:\Windows\system32\midimap.dll
2008-10-20 12:47:59 ----A---- C:\Windows\system32\winmm.dll
2008-10-20 12:47:59 ----A---- C:\Windows\system32\msacm32.dll
2008-10-20 12:47:58 ----A---- C:\Windows\system32\dsound.dll
2008-10-20 12:47:58 ----A---- C:\Windows\system32\dsdmo.dll
2008-10-20 12:47:57 ----A---- C:\Windows\system32\dmusic.dll
2008-10-20 12:47:57 ----A---- C:\Windows\system32\dmsynth.dll
2008-10-20 12:47:57 ----A---- C:\Windows\system32\dmscript.dll
2008-10-20 12:47:57 ----A---- C:\Windows\system32\dmloader.dll
2008-10-20 12:47:56 ----A---- C:\Windows\system32\EncDump.dll
2008-10-20 12:47:56 ----A---- C:\Windows\system32\dmime.dll
2008-10-20 12:47:55 ----A---- C:\Windows\system32\audiosrv.dll
2008-10-20 12:47:55 ----A---- C:\Windows\system32\AudioSes.dll
2008-10-20 12:47:55 ----A---- C:\Windows\system32\AUDIOKSE.dll
2008-10-20 12:47:54 ----A---- C:\Windows\system32\AudioEng.dll
2008-10-20 12:47:53 ----A---- C:\Windows\system32\audiodg.exe
2008-10-20 12:47:53 ----A---- C:\Windows\system32\at.exe
2008-10-20 12:47:52 ----A---- C:\Windows\system32\atl.dll
2008-10-20 12:47:52 ----A---- C:\Windows\system32\AtBroker.exe
2008-10-20 12:47:51 ----A---- C:\Windows\system32\alg.exe
2008-10-20 12:47:48 ----A---- C:\Windows\system32\advpack.dll
2008-10-20 12:47:48 ----A---- C:\Windows\system32\advapi32.dll
2008-10-20 12:47:45 ----A---- C:\Windows\system32\actxprxy.dll
2008-10-20 12:47:44 ----A---- C:\Windows\system32\rshx32.dll
2008-10-20 12:47:44 ----A---- C:\Windows\system32\cacls.exe
2008-10-20 12:47:44 ----A---- C:\Windows\system32\aclui.dll
2008-10-20 12:47:43 ----A---- C:\Windows\system32\accessibilitycpl.dll
2008-10-20 12:47:40 ----A---- C:\Windows\system32\adsldpc.dll
2008-10-20 12:47:39 ----A---- C:\Windows\system32\pcaui.dll
2008-10-20 12:47:39 ----A---- C:\Windows\system32\adsldp.dll
2008-10-20 12:47:38 ----A---- C:\Windows\system32\CompatUI.dll
2008-10-20 12:47:34 ----A---- C:\Windows\system32\apilogen.dll
2008-10-20 12:47:34 ----A---- C:\Windows\system32\amxread.dll
2008-10-20 12:47:33 ----A---- C:\Windows\system32\adsnt.dll
2008-10-20 12:47:33 ----A---- C:\Windows\system32\activeds.dll
2008-10-20 12:47:26 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2008-10-20 12:47:26 ----A---- C:\Windows\system32\apphelp.dll
2008-10-20 12:47:26 ----A---- C:\Windows\system32\adsmsext.dll
2008-10-20 12:47:23 ----A---- C:\Windows\system32\IPBusEnum.dll
2008-10-20 12:47:21 ----A---- C:\Windows\system32\GuidedHelp.dll
2008-10-20 12:47:20 ----A---- C:\Windows\system32\fundisc.dll
2008-10-20 12:47:20 ----A---- C:\Windows\system32\fdWSD.dll
2008-10-20 12:47:20 ----A---- C:\Windows\system32\fdSSDP.dll
2008-10-20 12:47:20 ----A---- C:\Windows\system32\fdPHost.dll
2008-10-20 12:47:17 ----A---- C:\Windows\system32\dsuiext.dll
2008-10-20 12:47:17 ----A---- C:\Windows\system32\dsprop.dll
2008-10-20 12:47:16 ----A---- C:\Windows\system32\oobefldr.dll
2008-10-20 12:47:15 ----A---- C:\Windows\system32\srchadmin.dll
2008-10-20 12:47:11 ----A---- C:\Windows\system32\ACW.exe
2008-10-20 12:47:10 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2008-10-18 11:37:30 ----HD---- C:\$AVG8.VAULT$
2008-10-17 21:22:13 ----A---- C:\Windows\system32\avgrsstx.dll
2008-10-17 21:21:49 ----D---- C:\Program Files\AVG
2008-10-17 19:14:23 ----D---- C:\Program Files\Zone Labs
2008-10-17 17:09:59 ----D---- C:\ProgramData\Avg8
2008-10-16 21:53:43 ----A---- C:\rollback.ini
2008-10-16 20:27:41 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-10-16 20:27:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-10-16 20:27:07 ----A---- C:\Windows\system32\ieframe.dll
2008-10-16 20:26:40 ----A---- C:\Windows\system32\mshtml.dll
2008-10-16 20:26:34 ----A---- C:\Windows\system32\iertutil.dll
2008-10-16 20:26:27 ----A---- C:\Windows\system32\urlmon.dll
2008-10-16 20:26:22 ----A---- C:\Windows\system32\wininet.dll
2008-10-16 20:26:12 ----A---- C:\Windows\system32\mstime.dll
2008-10-16 20:26:09 ----A---- C:\Windows\system32\jsproxy.dll
2008-10-15 11:50:10 ----D---- C:\98e6cd4ae5503bb130
2008-10-14 18:54:57 ----D---- C:\ProgramData\MailFrontier
2008-10-14 18:51:01 ----D---- C:\Windows\system32\ZoneLabs
2008-10-10 10:45:21 ----D---- C:\Program Files\iPod
2008-10-10 10:45:18 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-10 10:45:18 ----D---- C:\Program Files\iTunes
======List of files/folders modified in the last 1 months======

2008-10-24 15:09:33 ----SHD---- C:\System Volume Information
2008-10-24 15:09:20 ----D---- C:\Windows\Temp
2008-10-24 15:08:40 ----D---- C:\Windows\Prefetch
2008-10-22 18:16:02 ----D---- C:\Windows\system32\catroot
2008-10-22 18:16:01 ----D---- C:\Windows\winsxs
2008-10-22 18:15:57 ----D---- C:\Windows\system32\catroot2
2008-10-22 18:05:22 ----D---- C:\Windows\System32
2008-10-22 18:05:22 ----D---- C:\Windows\inf
2008-10-22 18:05:22 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-10-22 15:39:41 ----D---- C:\Windows\Logs
2008-10-22 14:56:45 ----D---- C:\ProgramData\NVIDIA
2008-10-22 14:40:47 ----D---- C:\Windows
2008-10-22 14:39:42 ----D---- C:\Windows\AppPatch
2008-10-22 13:46:57 ----D---- C:\Windows\rescache
2008-10-22 13:42:29 ----D---- C:\Windows\Microsoft.NET
2008-10-22 13:42:09 ----D---- C:\Windows\ehome
2008-10-22 13:42:01 ----D---- C:\Program Files\Windows Mail
2008-10-22 13:41:53 ----D---- C:\Windows\system32\drivers
2008-10-22 13:41:38 ----SHD---- C:\Windows\Installer
2008-10-22 13:41:23 ----RD---- C:\Program Files
2008-10-22 13:35:26 ----RSD---- C:\Windows\assembly
2008-10-22 13:29:52 ----SHD---- C:\Boot
2008-10-22 13:29:45 ----ASH---- C:\Program Files\desktop.ini
2008-10-22 13:21:44 ----D---- C:\Program Files\Windows Calendar
2008-10-22 13:21:43 ----D---- C:\Program Files\Windows Sidebar
2008-10-22 13:21:43 ----D---- C:\Program Files\Movie Maker
2008-10-22 13:21:39 ----D---- C:\Program Files\Internet Explorer
2008-10-22 13:21:38 ----D---- C:\Program Files\Windows Media Player
2008-10-22 13:21:37 ----D---- C:\Program Files\Windows Collaboration
2008-10-22 13:21:35 ----D---- C:\Program Files\Windows Journal
2008-10-22 13:21:34 ----D---- C:\Program Files\Windows Photo Gallery
2008-10-22 13:21:19 ----D---- C:\Program Files\Common Files\System
2008-10-22 13:21:18 ----D---- C:\Program Files\Windows Defender
2008-10-22 13:21:16 ----D---- C:\Windows\servicing
2008-10-22 13:20:46 ----D---- C:\Windows\MSAgent
2008-10-22 13:20:45 ----D---- C:\Windows\DigitalLocker
2008-10-22 13:20:44 ----D---- C:\Windows\L2Schemas
2008-10-22 13:20:44 ----D---- C:\Windows\IME
2008-10-22 13:20:43 ----D---- C:\Windows\system32\XPSViewer
2008-10-22 13:20:43 ----D---- C:\Windows\system32\com
2008-10-22 13:20:43 ----D---- C:\Windows\PolicyDefinitions
2008-10-22 13:20:42 ----D---- C:\Windows\system32\ko-KR
2008-10-22 13:20:42 ----D---- C:\Windows\system32\da-DK
2008-10-22 13:20:41 ----D---- C:\Windows\system32\en-US
2008-10-22 13:20:40 ----D---- C:\Windows\system32\de-DE
2008-10-22 13:20:39 ----D---- C:\Windows\system32\oobe
2008-10-22 13:20:39 ----D---- C:\Windows\system32\it-IT
2008-10-22 13:20:39 ----D---- C:\Windows\system32\el-GR
2008-10-22 13:20:37 ----D---- C:\Windows\system32\sysprep
2008-10-22 13:20:37 ----D---- C:\Windows\system32\migration
2008-10-22 13:20:29 ----D---- C:\Windows\system32\AdvancedInstallers
2008-10-22 13:20:28 ----D---- C:\Windows\system32\sv-SE
2008-10-22 13:20:28 ----D---- C:\Windows\system32\SLUI
2008-10-22 13:20:28 ----D---- C:\Windows\system32\setup
2008-10-22 13:20:28 ----D---- C:\Windows\system32\ru-RU
2008-10-22 13:20:28 ----D---- C:\Windows\system32\pt-PT
2008-10-22 13:20:28 ----D---- C:\Windows\system32\ias
2008-10-22 13:20:28 ----D---- C:\Windows\system32\hu-HU
2008-10-22 13:20:28 ----D---- C:\Windows\system32\he-IL
2008-10-22 13:20:28 ----D---- C:\Windows\system32\fr-FR
2008-10-22 13:20:28 ----D---- C:\Windows\system32\fi-FI
2008-10-22 13:20:28 ----D---- C:\Windows\system32\cs-CZ
2008-10-22 13:20:26 ----D---- C:\Windows\system32\zh-TW
2008-10-22 13:20:26 ----D---- C:\Windows\system32\zh-CN
2008-10-22 13:20:26 ----D---- C:\Windows\system32\pl-PL
2008-10-22 13:20:26 ----D---- C:\Windows\system32\manifeststore
2008-10-22 13:20:26 ----D---- C:\Windows\system32\ja-JP
2008-10-22 13:20:26 ----D---- C:\Windows\system32\es-ES
2008-10-22 13:20:26 ----D---- C:\Windows\system32\en
2008-10-22 13:20:25 ----D---- C:\Windows\system32\ro-RO
2008-10-22 13:20:18 ----D---- C:\Windows\system32\wbem
2008-10-22 13:20:18 ----D---- C:\Windows\system32\tr-TR
2008-10-22 13:20:12 ----D---- C:\Windows\system32\nl-NL
2008-10-22 13:20:12 ----D---- C:\Windows\system32\nb-NO
2008-10-22 13:20:11 ----D---- C:\Windows\system32\ar-SA
2008-10-22 13:20:07 ----D---- C:\Windows\system32\migwiz
2008-10-22 13:20:05 ----D---- C:\Windows\system32\pt-BR
2008-10-22 13:16:53 ----D---- C:\Windows\Boot
2008-10-22 13:16:49 ----D---- C:\Windows\system32\Boot
2008-10-22 13:00:22 ----A---- C:\Windows\system32\ifxcardm.dll
2008-10-22 13:00:21 ----A---- C:\Windows\system32\axaltocm.dll
2008-10-21 14:39:59 ----D---- C:\Windows\Tasks
2008-10-21 14:39:59 ----D---- C:\Windows\system32\Tasks
2008-10-20 15:07:18 ----HD---- C:\ProgramData
2008-10-20 15:07:18 ----HD---- C:\Program Files\InstallShield Installation Information
2008-10-20 15:07:18 ----D---- C:\Program Files\Dell
2008-10-17 21:04:50 ----D---- C:\ProgramData\Microsoft Help
2008-10-17 21:03:17 ----D---- C:\Windows\Debug
2008-10-17 20:57:40 ----D---- C:\Program Files\Windows Live
2008-10-17 20:50:03 ----D---- C:\Program Files\Common Files
2008-10-17 19:29:09 ----D---- C:\Program Files\WinRAR
2008-10-17 19:14:23 ----D---- C:\Windows\Internet Logs
2008-10-17 17:12:18 ----D---- C:\Program Files\Google
2008-10-17 17:08:54 ----D---- C:\Program Files\Mozilla Firefox
2008-10-17 17:00:48 ----D---- C:\Program Files\DivX
2008-10-17 16:54:18 ----SD---- C:\Users\mike\AppData\Roaming\Microsoft
2008-10-16 23:54:23 ----D---- C:\Windows\Minidump
2008-10-07 12:19:42 ----A---- C:\Windows\system32\mrt.exe
2008-10-06 09:17:05 ----D---- C:\Windows\system32\WDI

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-10-17 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-10-17 26824]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2006-11-27 32256]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2006-11-27 43520]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2006-11-27 37376]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-08-05 8192]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-12-12 1044984]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-21 45568]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-11-03 986624]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-11-03 206848]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-10-04 7628608]
R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-29 7424]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-19 88576]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-09-07 330240]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-04-28 182456]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-11-03 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-02-18 30464]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 wrssweep;Webroots Volume Access Driver; \??\C:\Program Files\Webroot\Washer\wrssweep.sys [2007-11-26 21832]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-08-29 73728]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-17 231704]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-10-17 1220888]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-07 102400]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-12-12 24064]
R2 wwEngineSvc;Window Washer Engine; C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-11-26 598856]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-08-05 386560]
S2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-01-20 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]

-----------------EOF-----------------

mikeybloom123
2008-10-24, 17:13
info.txt logfile of random's system information tool 1.04 2008-10-24 15:10:03

======Uninstall list======

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe Flash Player ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Adobe Shockwave Player-->C:\Windows\System32\Adobe\SHOCKW~1\UNWISE.EXE C:\Windows\System32\Adobe\SHOCKW~1\Install.log
Advanced Audio FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9 /remove
Apple Mobile Device Support-->MsiExec.exe /I{976C2B2A-CE59-4AB3-83FB-BF895E28F2E6}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom Management Programs-->MsiExec.exe /I{C99C0593-3B48-41D9-B42F-6E035B320449}
Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
Cisco EAP-FAST Module-->MsiExec.exe /I{BF53252E-4AB2-4C7F-A0FD-6100755745E3}
Cisco LEAP Module-->MsiExec.exe /I{76F9CF97-FC4B-4E20-B363-D127C888448F}
Cisco PEAP Module-->MsiExec.exe /I{4E5386F5-C0F6-4532-A54A-374865AEAB71}
Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000fz.inf
Dell Touchpad-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Dell Webcam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9 /remove
Dell Webcam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9 /remove
Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
Digital Line Detect-->C:\Program Files\InstallShield Installation Information\{E646DCF0-5A68-11D5-B229-002078017FBF}\setup.exe -runfromtemp -l0x0009 -removeonly
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
iTunes-->MsiExec.exe /I{DDDE0BE3-0CBE-4BF6-B75A-E3F69C947843}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Laptop Integrated Webcam Driver (1.04.01.1011) -->C:\Windows\CtDrvIns.exe -uninstall -script OEM002.uns -plugin OEM02Pin.dll -pluginres OEM02Pin.crl -nodisconprompt -langid 0x0409
Live! Cam Avatar Creator-->C:\Program Files\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Live! Cam Avatar v1.0-->C:\Program Files\InstallShield Installation Information\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Ultimate 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ULTIMATER /dll OSETUP.DLL
Microsoft Office Ultimate 2007-->MsiExec.exe /X{91120000-002E-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RollerCoaster Tycoon 2-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{72DF62BD-FF36-424E-AA5F-D89BAFF2C249}\setup.exe" -l0x9
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD DE-->MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for 2007 Microsoft Office System (KB955936)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {1D94099C-2BBA-440E-BD5E-093BBDF8F028}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office Excel 2007 (KB955470)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {6E8637D8-10D6-4568-AA06-E2706F31685E}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Visio 2007 (KB947590)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {6BAD036C-261F-4BEF-96CF-C20678D07A41}
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
TuneUp Utilities 2007-->MsiExec.exe /I{C8BB4912-12D9-42AE-B571-E580D8CD1B5B}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb957258)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {E070CDA4-A8DD-47FA-89A0-F5DA5D5DDFF9}
Update for Outlook 2007 Junk Email Filter (kb957258)-->msiexec /package {91120000-002E-0000-0000-0000000FF1CE} /uninstall {E070CDA4-A8DD-47FA-89A0-F5DA5D5DDFF9}
User's Guides-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
Window Washer-->C:\Windows\Unwash6.exe
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Mobile Device Center Driver Update-->MsiExec.exe /X{E7044E25-3038-4A76-9064-344AC038043E}
Windows Mobile Device Center-->MsiExec.exe /X{904CCF62-818D-4675-BC76-D37EB399F917}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Security center information======

AV: AVG Internet Security
FW: AVG Firewall
AS: AVG Internet Security (disabled)
AS: Windows Defender

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0\lib\ext\QTJava.zip

-----------------EOF-----------------

katana
2008-10-24, 17:31
Malwarebytes' Anti-Malware

Please download Malwarebytes' Anti-Malware (http://www.besttechie.net/tools/mbam-setup.exe) to your desktop.

Double-click mbam-setup.exe and follow the prompts to install the program.
At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware
and Launch Malwarebytes' Anti-Malware
then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select Perform full scan, then click Scan.
When the scan is complete, click OK, then Show Results to view the results.
Be sure that everything is checked, and click Remove Selected.
When completed, a log will open in Notepad. please copy and paste the log into your next reply
If you accidently close it, the log file is saved here and will be named like this:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt





Active Scan
Your Antivirus and/or Antispyware may give a warning during the scan. This is perfectly normal
NOTE:- Vista users should start IE by Start(Vista Orb) >> Internet Explorer >> Right-Click Run As Admin
Please go to this site Link >> ActiveScan (http://www.pandasecurity.com/activescan/index/) << LINK

Click the Scan Now button
Follow the prompts to install the Active X if necessary
Go and make a cup of tea/coffee/beverage of your choice and watch some TV :)
When the scan is finished, a report will be generated
Next to Scan Details click the small Save button and save the report to your desktop.
Please post the report in your reply.

mikeybloom123
2008-10-24, 17:38
ok i am getting both scans underway as we speak...many thanks :)

mikeybloom123
2008-10-25, 01:44
Malwarebytes' Anti-Malware 1.30
Database version: 1313
Windows 6.0.6001 Service Pack 1

24/10/2008 23:43:54
mbam-log-2008-10-24 (23-43-54).txt

Scan type: Full Scan (C:\|D:\|E:\|)
Objects scanned: 137712
Time elapsed: 4 hour(s), 29 minute(s), 39 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 22
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
HKEY_CLASSES_ROOT\Interface\{2e9937fc-cf2f-4f56-af54-5a6a3dd375cc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Code Store Database\Distribution Units\{1d4db7d2-6ec9-47a3-bd87-1e41684e07bb} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWay) -> Quarantined and deleted successfully.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
C:\Program Files\Windows Live\Messenger\riched20.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

mikeybloom123
2008-10-25, 01:45
;***********************************************************************************************************************************************************************************
ANALYSIS: 2008-10-24 23:44:52
PROTECTIONS: 1
MALWARE: 2
SUSPECTS: 0
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Windows Defender 1.1.4005.0 No No
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Users\mike\AppData\Roaming\Microsoft\Windows\Cookies\mike@atdmt[1].txt
00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Users\mike\AppData\Roaming\Microsoft\Windows\Cookies\mike@tradedoubler[2].txt
;===================================================================================================================================================================================
SUSPECTS
Sent Location �q�`�
s5,
;===================================================================================================================================================================================
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description �q�`�
s5,
;===================================================================================================================================================================================
;===================================================================================================================================================================================

katana
2008-10-25, 02:24
Download and Run ComboFix (by sUBs)
Please visit this webpage for instructions for downloading and running ComboFix:

Bleeping Computer ComboFix Tutorial (http://www.bleepingcomputer.com/combofix/how-to-use-combofix)

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.

A word of warning: Neither I nor sUBs are responsible for any damage you may have caused your machine by running ComboFix on your own.
This tool is not a toy and not for everyday use.
ComboFix SHOULD NOT be used unless requested by a forum helper

mikeybloom123
2008-10-25, 17:07
ComboFix 08-10-24.02 - mike 2008-10-25 14:57:37.1 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1165 [GMT 1:00]
Running from: C:\Users\mike\Downloads\ComboFix.exe
* Created a new restore point
.

((((((((((((((((((((((((( Files Created from 2008-09-25 to 2008-10-25 )))))))))))))))))))))))))))))))
.

The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235f in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x235b in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
The system . cannot C:\ComboFix\find message text for message number 0x2339 in the message file for Application
2008-10-25 15:04 . The C:\Windows\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-24 15:39 . The C:\Program Files\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-24 15:39 . 2008-06-19 17:24 28,544 --a------ C:\Windows\System32\drivers\pavboot.sys
2008-10-24 15:36 . The C:\Users\mike\AppData\Roaming\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-24 15:36 . The C:\Users\All Users\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-24 15:36 . The C:\ProgramData\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-24 15:36 . The C:\Program Files\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-24 15:36 . 2008-10-22 16:10 38,496 --a------ C:\Windows\System32\drivers\mbamswissarmy.sys
2008-10-24 15:36 . 2008-10-22 16:10 15,504 --a------ C:\Windows\System32\drivers\mbam.sys
2008-10-24 15:10 . 2008-10-24 15:10 90,632 --a------ C:\Windows\System32\drivers\avgtdix.sys
2008-10-24 15:10 . 2008-10-24 15:10 23,832 --a------ C:\Windows\System32\drivers\avgfwd6x.sys
2008-10-24 15:08 . The C:\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-22 13:41 . The C:\Program Files\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-22 13:41 . 2008-10-22 13:41 27,240 --a------ C:\Users\mike\AppData\Roaming\nvModes.dat
2008-10-22 13:37 . 2008-07-31 02:13 4,240,384 --a------ C:\Windows\System32\GameUXLegacyGDFs.dll
2008-10-22 13:37 . 2008-03-08 05:21 1,695,744 --a------ C:\Windows\System32\gameux.dll
2008-10-22 13:37 . 2008-08-05 10:49 428,544 --a------ C:\Windows\System32\EncDec.dll
2008-10-22 13:37 . 2008-08-05 10:49 293,376 --a------ C:\Windows\System32\psisdecd.dll
2008-10-22 13:37 . 2008-08-05 10:48 217,088 --a------ C:\Windows\System32\psisrndr.ax
2008-10-22 13:37 . 2008-08-05 10:48 177,664 --a------ C:\Windows\System32\mpg2splt.ax
2008-10-22 13:37 . 2008-08-05 10:48 80,896 --a------ C:\Windows\System32\MSNP.ax
2008-10-22 13:37 . 2008-04-23 05:41 57,856 --a------ C:\Windows\System32\MSDvbNP.ax
2008-10-22 13:37 . 2008-07-31 04:32 28,160 --a------ C:\Windows\System32\Apphlpdm.dll
2008-10-22 13:16 . The C:\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-20 13:14 . 2008-01-19 08:38 4,595,712 --a------ C:\Windows\System32\AuthFWSnapin.dll
2008-10-20 13:13 . 2008-01-19 08:37 2,537,472 --a------ C:\Windows\System32\wpdshext.dll
2008-10-20 13:12 . 2008-01-19 08:34 6,103,040 --a------ C:\Windows\System32\chtbrkr.dll
2008-10-20 13:11 . 2008-01-19 08:36 2,588,160 --a------ C:\Windows\System32\UIHub.dll
2008-10-20 13:10 . 2008-01-19 08:36 1,224,192 --a------ C:\Windows\System32\sud.dll
2008-10-20 13:09 . 2008-01-19 08:36 704,512 --a------ C:\Windows\System32\SmiEngine.dll
2008-10-20 13:08 . 2008-01-19 08:33 2,623,488 --a------ C:\Windows\System32\SLsvc.exe
2008-10-20 13:07 . 2008-01-19 06:31 8,322,048 --a------ C:\Windows\System32\spwizimg.dll
2008-10-20 13:06 . 2008-01-19 08:36 785,408 --a------ C:\Windows\System32\rpcrt4.dll
2008-10-20 13:05 . 2008-01-19 08:36 975,360 --a------ C:\Windows\System32\RASMM.dll
2008-10-20 13:04 . 2008-01-19 08:37 1,675,264 --a------ C:\Windows\System32\xpssvcs.dll
2008-10-20 13:03 . 2008-01-19 08:36 1,502,208 --a------ C:\Windows\System32\pla.dll
2008-10-20 13:02 . 2008-01-19 08:36 1,541,120 --a------ C:\Windows\System32\onex.dll
2008-10-20 13:01 . 2008-01-19 08:35 3,173,376 --a------ C:\Windows\System32\netshell.dll
2008-10-20 13:00 . 2008-01-19 08:35 1,332,224 --a------ C:\Windows\System32\msxml6.dll
2008-10-20 12:57 . 2008-01-19 08:34 2,167,808 --a------ C:\Windows\System32\mmcndmgr.dll
2008-10-20 12:56 . 2008-01-19 08:32 5,714,432 --a------ C:\Windows\System32\logon.scr
2008-10-20 12:55 . 2008-01-19 08:34 1,855,488 --a------ C:\Windows\System32\dbgeng.dll
2008-10-20 12:55 . 2008-01-19 08:34 798,208 --a------ C:\Windows\System32\dbghelp.dll
2008-10-20 12:55 . 2008-01-19 08:29 705,536 --a------ C:\Windows\System32\imagesp1.dll
2008-10-20 12:55 . 2008-01-19 08:29 413,184 --a------ C:\Windows\System32\imkr80.ime
2008-10-20 12:55 . 2008-01-19 08:34 320,512 --a------ C:\Windows\System32\imapi2.dll
2008-10-20 12:55 . 2008-01-19 08:34 114,688 --a------ C:\Windows\System32\imm32.dll
2008-10-20 12:55 . 2008-01-19 08:34 105,984 --a------ C:\Windows\System32\imapi.dll
2008-10-20 12:55 . 2008-01-19 08:33 11,776 --a------ C:\Windows\System32\InfDefaultInstall.exe
2008-10-20 12:53 . 2008-01-19 08:33 1,730,560 --a------ C:\Windows\System32\apds.dll
2008-10-20 12:52 . 2008-01-19 08:33 2,927,104 --a------ C:\Windows\explorer.exe
2008-10-20 12:51 . 2008-01-19 08:33 2,091,520 --a------ C:\Windows\System32\dfsr.exe
2008-10-20 12:50 . 2008-01-19 08:34 2,011,648 --a------ C:\Windows\System32\milcore.dll
2008-10-20 12:49 . 2008-01-19 08:33 1,502,720 --a------ C:\Windows\System32\certmgr.dll
2008-10-20 12:48 . 2008-01-19 08:33 1,985,024 --a------ C:\Windows\System32\authui.dll
2008-10-20 12:47 . 2008-01-19 08:33 2,515,968 --a------ C:\Windows\System32\accessibilitycpl.dll
2008-10-18 11:37 . The C:\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-17 21:22 . The C:\Windows\System32\drivers\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-17 21:22 . 2008-10-17 21:22 97,928 --a------ C:\Windows\System32\drivers\avgldx86.sys
2008-10-17 21:22 . 2008-10-17 21:22 12,936 --a------ C:\Windows\System32\drivers\avgrkx86.sys
2008-10-17 21:22 . 2008-10-17 21:22 10,520 --a------ C:\Windows\System32\avgrsstx.dll
2008-10-17 21:21 . The C:\Program Files\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-17 19:14 . The C:\Program Files\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-17 17:09 . The C:\Users\All Users\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-17 17:09 . The C:\ProgramData\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-16 21:53 . 2008-10-17 16:51 959 --a------ C:\rollback.ini
2008-10-16 21:18 . 2008-09-18 03:16 2,032,640 --a------ C:\Windows\System32\win32k.sys
2008-10-16 21:08 . 2008-08-27 02:06 288,768 --a------ C:\Windows\System32\drivers\srv.sys
2008-10-16 20:27 . 2008-09-18 06:09 3,601,464 --a------ C:\Windows\System32\ntkrnlpa.exe
2008-10-16 20:27 . 2008-09-18 06:09 3,549,240 --a------ C:\Windows\System32\ntoskrnl.exe
2008-10-16 20:26 . 2008-10-02 02:32 1,383,424 --a------ C:\Windows\System32\mshtml.tlb
2008-10-16 20:26 . 2008-10-02 04:49 827,392 --a------ C:\Windows\System32\wininet.dll
2008-10-15 11:50 . The C:\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-15 11:37 . 2008-10-16 23:53 233,401,535 --a------ C:\Windows\MEMORY.DMP
2008-10-14 18:54 . The C:\Users\All Users\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-14 18:54 . The C:\ProgramData\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-14 18:51 . The C:\Windows\System32\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-10 10:45 . The C:\Users\All Users\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-10 10:45 . The C:\ProgramData\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-10 10:45 . The C:\Program Files\system cannot find message text for message number 0x2373 in the message file for Application
2008-10-10 10:45 . The C:\Program Files\system cannot find message text for message number 0x2373 in the message file for Application

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-24 22:43 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-10-24 14:39 --------- d-----w C:\Program Files\Panda Security
2008-10-24 14:36 --------- d-----w C:\Users\mike\AppData\Roaming\Malwarebytes
2008-10-24 14:36 --------- d-----w C:\ProgramData\Malwarebytes
2008-10-22 13:56 --------- d-----w C:\ProgramData\NVIDIA
2008-10-22 12:42 --------- d-----w C:\Program Files\Windows Mail
2008-10-22 12:41 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-10-22 12:29 174 --sha-w C:\Program Files\desktop.ini
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Sidebar
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Journal
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Defender
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Collaboration
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Calendar
2008-10-22 12:00 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-10-22 12:00 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-10-20 14:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-20 14:07 --------- d-----w C:\Program Files\Dell
2008-10-17 20:21 --------- d-----w C:\ProgramData\Avg8
2008-10-17 20:21 --------- d-----w C:\Program Files\AVG
2008-10-17 20:04 --------- d-----w C:\ProgramData\Microsoft Help
2008-10-17 19:57 --------- d-----w C:\Program Files\Windows Live
2008-10-17 18:14 --------- d-----w C:\Program Files\Zone Labs
2008-10-17 16:12 --------- d-----w C:\Program Files\Google
2008-10-17 16:00 --------- d-----w C:\Program Files\DivX
2008-10-14 17:54 --------- d-----w C:\ProgramData\MailFrontier
2008-10-10 09:45 --------- d-----w C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-10 09:45 --------- d-----w C:\Program Files\iTunes
2008-10-10 09:45 --------- d-----w C:\Program Files\iPod
2008-09-24 08:58 12,796 ----a-w C:\Users\mike\AppData\Roaming\wklnhst.dat
2008-09-16 08:21 --------- d-----w C:\Users\mike\AppData\Roaming\Template
2008-09-12 09:33 --------- d-----w C:\Program Files\Bonjour
2008-09-12 09:32 --------- d-----w C:\Program Files\QuickTime
2008-09-12 09:32 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-10 08:33 --------- d-----w C:\Program Files\Microsoft Works
2008-09-02 12:24 --------- d-----w C:\Users\mike\AppData\Roaming\aAvgApi
2008-08-29 09:18 87,336 ----a-w C:\Windows\System32\dns-sd.exe
2008-08-29 08:53 61,440 ----a-w C:\Windows\System32\dnssd.dll
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-01-20 12:25 76 --sh--r C:\Windows\CT4CET.bin
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\windows sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-20 68856]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-28 857648]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-24 1235736]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-07 405504]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-10-04 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-10-04 81920]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-10-04 86016]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-08-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"Window Washer"=C:\Program Files\Webroot\Washer\wwDisp.exe
"ehTray.exe"=C:\Windows\ehome\ehTray.exe
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
"Sidebar"=C:\Program Files\windows sidebar\sidebar.exe /autoRun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe
"ECenter"=C:\Dell\E-Center\EULALauncher.exe
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
"NvSvc"=RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
"NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
"NVHotkey"=rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
"NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
"SigmatelSysTrayApp"=%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{36ED5C11-DA98-443C-976E-B636EBE92E59}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{A1C7C9CA-5B26-4832-B7F6-B44C29B24E62}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{0F9092ED-94C7-46D6-8537-5CF3160BF4B3}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{5B9E5D93-9054-4881-A7CB-F401EDCCD720}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0ED79A4A-400C-4706-950A-3CF74BF6C88B}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4ABDE435-215B-4BF0-B798-214F6854D1AF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{04007829-21B5-4879-A87C-612D1DFB3C78}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire
"{4EE366AA-8934-4BC9-9882-5B7DAB6CA310}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire
"{C62D3FCF-2AC4-4E93-A08E-6ABA2FA08697}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{8B694DD0-224B-4064-A0E3-EEBE8E454EB5}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{5499A2D2-4468-4544-9054-87A5EADA21EB}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{3A08EEE6-1326-4436-8D3F-49964EB99697}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{823BEE64-D638-4876-8EBF-95167A6E35C8}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{64C76AC7-B3C4-432A-84A3-3F1EFAD00A83}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{A83184D7-0232-444C-B893-BC8F9886E770}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{2C01766D-A44A-4201-885B-1C0B008FEE1E}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\avgrkx86.sys [2008-10-17 12936]
R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot.sys [2008-06-19 28544]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6x.sys [2008-10-24 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-10-17 97928]
R1 AvgTdiX;AVG8 Network Redirector;C:\Windows\system32\Drivers\avgtdix.sys [2008-10-24 90632]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-08-29 73728]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-17 231704]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-10-24 1224984]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-11-26 598856]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-29 7424]
S3 wrssweep;Webroots Volume Access Driver;C:\Program Files\Webroot\Washer\wrssweep.sys [2007-11-26 21832]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0960dd8-43ad-11dd-895c-001d09c05999}]
\shell\AutoRun\command - F:\setupSNK.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PAVBOOT
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-10-24 C:\Windows\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 22:51]

2008-10-24 C:\Windows\Tasks\User_Feed_Synchronization-{8A8B8FC5-326F-4FB2-A742-3DC4622D402D}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-19 08:33]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\n0riapv1.default\
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava11.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava12.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava13.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava14.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava32.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npoji610.dll
FF -: plugin - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 15:04:19
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\Windows\Explorer.exe
-> ?:\Windows\system32\ExplorerFrame.dll
.
Completion time: 2008-10-25 15:06:12
ComboFix-quarantined-files.txt 2008-10-25 14:05:57

Pre-Run: 184,109,547,520 bytes free
Post-Run: 183,919,304,704 bytes free

295 --- E O F --- 2008-10-25 14:00:26

mikeybloom123
2008-10-25, 17:09
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:09:02, on 25/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Windows\system32\Taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7814 bytes

mikeybloom123
2008-10-25, 17:11
it says it can't find a lot of stuff? should i have run it as an admin?

mikeybloom123
2008-10-25, 17:58
ComboFix 08-10-24.02 - mike 2008-10-25 15:15:45.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.1.1033.18.1108 [GMT 1:00]
Running from: C:\Users\mike\Desktop\ComboFix.exe
.

((((((((((((((((((((((((( Files Created from 2008-09-25 to 2008-10-25 )))))))))))))))))))))))))))))))
.

No new files created in this timespan

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-10-24 22:43 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-10-24 14:39 --------- d-----w C:\Program Files\Panda Security
2008-10-24 14:36 --------- d-----w C:\Users\mike\AppData\Roaming\Malwarebytes
2008-10-24 14:36 --------- d-----w C:\ProgramData\Malwarebytes
2008-10-24 14:10 90,632 ----a-w C:\Windows\system32\drivers\avgtdix.sys
2008-10-24 14:10 23,832 ----a-w C:\Windows\system32\drivers\avgfwd6x.sys
2008-10-22 15:10 38,496 ----a-w C:\Windows\system32\drivers\mbamswissarmy.sys
2008-10-22 15:10 15,504 ----a-w C:\Windows\system32\drivers\mbam.sys
2008-10-22 13:56 --------- d-----w C:\ProgramData\NVIDIA
2008-10-22 12:42 --------- d-----w C:\Program Files\Windows Mail
2008-10-22 12:41 27,240 ----a-w C:\Users\mike\AppData\Roaming\nvModes.dat
2008-10-22 12:41 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-10-22 12:29 174 --sha-w C:\Program Files\desktop.ini
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Sidebar
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Photo Gallery
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Journal
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Defender
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Collaboration
2008-10-22 12:21 --------- d-----w C:\Program Files\Windows Calendar
2008-10-22 12:00 82,432 ----a-w C:\Windows\System32\axaltocm.dll
2008-10-22 12:00 101,888 ----a-w C:\Windows\System32\ifxcardm.dll
2008-10-20 14:07 --------- d--h--w C:\Program Files\InstallShield Installation Information
2008-10-20 14:07 --------- d-----w C:\Program Files\Dell
2008-10-17 20:22 97,928 ----a-w C:\Windows\system32\drivers\avgldx86.sys
2008-10-17 20:22 12,936 ----a-w C:\Windows\system32\drivers\avgrkx86.sys
2008-10-17 20:22 10,520 ----a-w C:\Windows\System32\avgrsstx.dll
2008-10-17 20:21 --------- d-----w C:\ProgramData\Avg8
2008-10-17 20:21 --------- d-----w C:\Program Files\AVG
2008-10-17 20:04 --------- d-----w C:\ProgramData\Microsoft Help
2008-10-17 19:57 --------- d-----w C:\Program Files\Windows Live
2008-10-17 18:14 --------- d-----w C:\Program Files\Zone Labs
2008-10-17 16:12 --------- d-----w C:\Program Files\Google
2008-10-17 16:00 --------- d-----w C:\Program Files\DivX
2008-10-14 17:54 --------- d-----w C:\ProgramData\MailFrontier
2008-10-10 09:45 --------- d-----w C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-10 09:45 --------- d-----w C:\Program Files\iTunes
2008-10-10 09:45 --------- d-----w C:\Program Files\iPod
2008-10-02 03:49 827,392 ----a-w C:\Windows\System32\wininet.dll
2008-09-24 08:58 12,796 ----a-w C:\Users\mike\AppData\Roaming\wklnhst.dat
2008-09-18 05:09 3,601,464 ----a-w C:\Windows\System32\ntkrnlpa.exe
2008-09-18 05:09 3,549,240 ----a-w C:\Windows\System32\ntoskrnl.exe
2008-09-18 02:16 2,032,640 ----a-w C:\Windows\System32\win32k.sys
2008-09-16 08:21 --------- d-----w C:\Users\mike\AppData\Roaming\Template
2008-09-12 09:33 --------- d-----w C:\Program Files\Bonjour
2008-09-12 09:32 --------- d-----w C:\Program Files\QuickTime
2008-09-12 09:32 --------- d-----w C:\Program Files\Common Files\Apple
2008-09-10 08:33 --------- d-----w C:\Program Files\Microsoft Works
2008-09-02 12:24 --------- d-----w C:\Users\mike\AppData\Roaming\aAvgApi
2008-08-29 09:18 87,336 ----a-w C:\Windows\System32\dns-sd.exe
2008-08-29 08:53 61,440 ----a-w C:\Windows\System32\dnssd.dll
2008-08-27 01:06 288,768 ----a-w C:\Windows\system32\drivers\srv.sys
2008-08-05 09:49 428,544 ----a-w C:\Windows\System32\EncDec.dll
2008-08-05 09:49 293,376 ----a-w C:\Windows\System32\psisdecd.dll
2008-08-02 03:26 36,864 ----a-w C:\Windows\System32\cdd.dll
2008-07-31 03:32 460,288 ----a-w C:\Windows\AppPatch\AcSpecfc.dll
2008-07-31 03:32 28,160 ----a-w C:\Windows\System32\Apphlpdm.dll
2008-07-31 03:32 2,154,496 ----a-w C:\Windows\AppPatch\AcGenral.dll
2008-07-31 03:32 173,056 ----a-w C:\Windows\AppPatch\AcXtrnal.dll
2008-07-31 01:13 4,240,384 ----a-w C:\Windows\System32\GameUXLegacyGDFs.dll
2008-01-20 12:25 76 --sh--r C:\Windows\CT4CET.bin
.

((((((((((((((((((((((((((((( snapshot@2008-10-25_15.05.04.84 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-10-25 14:15:35 6,225,920 ----a-w C:\Windows\ERDNT\Hiv-backup\schema.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="C:\Program Files\windows sidebar\sidebar.exe" [2008-01-19 1233920]
"ehTray.exe"="C:\Windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2008-01-20 68856]
"msnmsgr"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe" [2007-10-18 5724184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2007-04-28 857648]
"AVG8_TRAY"="C:\PROGRA~1\AVG\AVG8\avgtray.exe" [2008-10-24 1235736]
"SigmatelSysTrayApp"="C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe" [2007-09-07 405504]
"NvSvc"="C:\Windows\system32\nvsvc.dll" [2007-10-04 86016]
"NvCplDaemon"="C:\Windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NvMediaCenter"="C:\Windows\system32\NvMcTray.dll" [2007-10-04 81920]
"NVHotkey"="C:\Windows\system32\nvHotkey.dll" [2007-10-04 86016]
"OEM02Mon.exe"="C:\Windows\OEM02Mon.exe" [2007-08-29 36864]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"WindowsWelcomeCenter"=rundll32.exe oobefldr.dll,ShowWelcomeCenter
"Window Washer"=C:\Program Files\Webroot\Washer\wwDisp.exe
"ehTray.exe"=C:\Windows\ehome\ehTray.exe
"MsnMsgr"="C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
"Sidebar"=C:\Program Files\windows sidebar\sidebar.exe /autoRun

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
"DELL Webcam Manager"="C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe
"ECenter"=C:\Dell\E-Center\EULALauncher.exe
"SunJavaUpdateSched"="c:\Program Files\Java\jre1.6.0\bin\jusched.exe"
"OEM02Mon.exe"=C:\Windows\OEM02Mon.exe
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
"NvSvc"=RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
"NvCplDaemon"=RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
"NVHotkey"=rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
"NvMediaCenter"=RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
"RoxWatchTray"="C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe"
"SigmatelSysTrayApp"=%ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
"Windows Defender"=%ProgramFiles%\Windows Defender\MSASCui.exe -hide
"Windows Mobile Device Center"=%windir%\WindowsMobile\wmdc.exe
"QuickTime Task"="C:\Program Files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe"
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\DomainProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{36ED5C11-DA98-443C-976E-B636EBE92E59}"= TCP:6004|C:\Program Files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{A1C7C9CA-5B26-4832-B7F6-B44C29B24E62}"= UDP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{0F9092ED-94C7-46D6-8537-5CF3160BF4B3}"= TCP:C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{5B9E5D93-9054-4881-A7CB-F401EDCCD720}"= UDP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{0ED79A4A-400C-4706-950A-3CF74BF6C88B}"= TCP:C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{4ABDE435-215B-4BF0-B798-214F6854D1AF}"= C:\Program Files\Windows Live\Messenger\livecall.exe:Windows Live Messenger (Phone)
"{04007829-21B5-4879-A87C-612D1DFB3C78}"= UDP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire
"{4EE366AA-8934-4BC9-9882-5B7DAB6CA310}"= TCP:C:\Program Files\FrostWire\FrostWire.exe:LimeWire
"{C62D3FCF-2AC4-4E93-A08E-6ABA2FA08697}"= UDP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{8B694DD0-224B-4064-A0E3-EEBE8E454EB5}"= TCP:C:\Program Files\LimeWire\LimeWire.exe:LimeWire
"{5499A2D2-4468-4544-9054-87A5EADA21EB}"= UDP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{3A08EEE6-1326-4436-8D3F-49964EB99697}"= TCP:C:\Program Files\Bonjour\mDNSResponder.exe:Bonjour
"{823BEE64-D638-4876-8EBF-95167A6E35C8}"= UDP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{64C76AC7-B3C4-432A-84A3-3F1EFAD00A83}"= TCP:C:\Program Files\iTunes\iTunes.exe:iTunes
"{A83184D7-0232-444C-B893-BC8F9886E770}"= C:\Program Files\AVG\AVG8\avgupd.exe:avgupd.exe
"{2C01766D-A44A-4201-885B-1C0B008FEE1E}"= C:\Program Files\AVG\AVG8\avgnsx.exe:avgnsx.exe

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\PublicProfile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile]
"EnableFirewall"= 0 (0x0)

R0 AvgRkx86;avgrkx86.sys;C:\Windows\system32\Drivers\avgrkx86.sys [2008-10-17 12936]
R0 pavboot;pavboot;C:\Windows\system32\drivers\pavboot.sys [2008-06-19 28544]
R1 Avgfwfd;AVG network filter service;C:\Windows\system32\DRIVERS\avgfwd6x.sys [2008-10-24 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86;C:\Windows\system32\Drivers\avgldx86.sys [2008-10-17 97928]
R1 AvgTdiX;AVG8 Network Redirector;C:\Windows\system32\Drivers\avgtdix.sys [2008-10-24 90632]
R2 AESTFilters;Andrea ST Filters Service;C:\Windows\system32\aestsrv.exe [2007-08-29 73728]
R2 avg8wd;AVG8 WatchDog;C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-10-17 231704]
R2 avgfws8;AVG8 Firewall;C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2008-10-24 1224984]
R2 UxTuneUp;TuneUp Theme Extension;C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 wwEngineSvc;Window Washer Engine;C:\Program Files\Webroot\Washer\WasherSvc.exe [2007-11-26 598856]
R3 OEM02Dev;Creative Camera OEM002 Driver;C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-29 7424]
S3 wrssweep;Webroots Volume Access Driver;C:\Program Files\Webroot\Washer\wrssweep.sys [2007-11-26 21832]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
bthsvcs REG_MULTI_SZ BthServ
WindowsMobile REG_MULTI_SZ wcescomm rapimgr
LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c0960dd8-43ad-11dd-895c-001d09c05999}]
\shell\AutoRun\command - F:\setupSNK.exe

*Newly Created Service* - CATCHME
*Newly Created Service* - PAVBOOT
*Newly Created Service* - PROCEXP90
.
Contents of the 'Scheduled Tasks' folder

2008-10-24 C:\Windows\Tasks\1-Click Maintenance.job
- C:\Program Files\TuneUp Utilities 2007\SystemOptimizer.exe [2007-04-26 22:51]

2008-10-24 C:\Windows\Tasks\User_Feed_Synchronization-{8A8B8FC5-326F-4FB2-A742-3DC4622D402D}.job
- C:\Windows\system32\msfeedssync.exe [2008-01-19 08:33]
.
.
------- Supplementary Scan -------
.
FireFox -: Profile - C:\Users\mike\AppData\Roaming\Mozilla\Firefox\Profiles\n0riapv1.default\
FF -: plugin - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava11.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava12.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava13.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava14.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjava32.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
FF -: plugin - c:\Program Files\Java\jre1.6.0\bin\npoji610.dll
FF -: plugin - c:\Program Files\Microsoft Silverlight\2.0.31005.0\npctrl.dll
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-10-25 15:19:33
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
Completion time: 2008-10-25 15:21:45
ComboFix-quarantined-files.txt 2008-10-25 14:21:13
ComboFix2.txt 2008-10-25 14:06:13

Pre-Run: The system cannot find message text for message number 0x2379 in the message file for Application.
Post-Run: 182,329,249,792 bytes free

208 --- E O F --- 2008-10-25 14:00:26

mikeybloom123
2008-10-25, 18:04
ok so i didnt read the instructions fully the first time, i posted the second log above that should be correct....

mikeybloom123
2008-10-25, 18:05
Here is fresh hijackthis log incase that makes difference

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:05:22, on 25/10/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Windows\OEM02Mon.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\System32\rundll32.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\wuauclt.exe
C:\Windows\Explorer.exe
C:\Windows\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\windows sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL,avgrsstx.dll
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
O23 - Service: Window Washer Engine (wwEngineSvc) - Webroot Software, Inc. - C:\Program Files\Webroot\Washer\WasherSvc.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 7860 bytes

mikeybloom123
2008-10-25, 19:00
ok potential problems created here....

just had blue screen....

Problem signature:
Problem Event Name: BlueScreen
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 2057

Additional information about the problem:
BCCode: a
BCP1: 00000000
BCP2: 00000002
BCP3: 00000001
BCP4: 81E8F80C
OS Version: 6_0_6001
Service Pack: 1_0
Product: 768_1

Files that help describe the problem:
C:\Windows\Minidump\Mini102508-01.dmp
C:\Users\mike\AppData\Local\Temp\WER-2279642-0.sysdata.xml
C:\Users\mike\AppData\Local\Temp\WER483.tmp.version.txt

mikeybloom123
2008-10-25, 19:02
and it has also disabled my AVG anti-spam component?

katana
2008-10-25, 19:23
There is no malware that is causing your problems.
Please reboot and see if AVG sorts itself out.

mikeybloom123
2008-10-25, 19:29
ok so i rebooted, AVG is still the same.

new error

Problem signature:
Problem Event Name: APPCRASH
Application Name: bcmwltry.exe
Application Version: 4.170.25.12
Application Timestamp: 46f3437a
Fault Module Name: StackHash_3f5b
Fault Module Version: 0.0.0.0
Fault Module Timestamp: 00000000
Exception Code: c0000005
Exception Offset: 01b587c2
OS Version: 6.0.6001.2.1.0.768.3
Locale ID: 2057
Additional Information 1: 3f5b
Additional Information 2: 162df88e6567977739dd570d57b11a89
Additional Information 3: bbcf
Additional Information 4: a6506f9c1500b737a14ff0c366f2e74a

Read our privacy statement:
http://go.microsoft.com/fwlink/?linkid=50163&clcid=0x0409


DELL wireless being disabled or something, but i stil have internet

mikeybloom123
2008-10-25, 19:40
ok i have to go to work will be back in five hours if you will be online then?

many thanks

katana
2008-10-25, 19:43
bcmwltry.exe is related to Broadcom Corporation Wireless Network Tray Applet.

It is not showing in any of your logs at all.
You appear to have some system stability issues,
Unfortunately you are now outside my area of knowledge, so I'm going to have to recommend that you visit one of the tech forums for assistance.

http://www.techsupportforum.com/
http://www.bleepingcomputer.com/forums/
http://forums.whatthetech.com/forums.html

All the forums above have good support for software/OS problems, and I'm sure they will be able to help.

When you start your thread, explain what the problem is and let them know that you have been checked for malware.
Give them the following link, so they can see the logs if needed

http://forums.spybot.info/showthread.php?p=244679#post244679

katana
2008-11-11, 18:04
Since this issue appears to be resolved ... this Topic has been closed. Glad I could help.

Note:If it has been five days or more since your last post, and the helper assisting you posted a response to that post to which you did not reply, your topic will not be reopened. At that point, if you still require help, please start a new topic and include a fresh HijackThis log and a link to your previous thread.

If it has been less than five days since your last response and you need the thread re-opened, please send me or MOD a private message (pm). A valid, working link to the closed topic is required.