CustomXML.exe and HJT [Archive] - Safer-Networking Forums

Sniksder69

2009-09-29, 07:26

this is my first time in this forum and first ran SBSD after downloading updates and immunizing(No Problems Found). Then downloaded HJT 2.02 for Vista and ran it as well. Now I'm wondering what I can delete from HJT. Most of them I recognize but some of them look suspect. Here is the log file from HJT. I would also like to know how I can remove CustomXML.exe. It's not in Programs and Features(Control Panel) and I tried deleting the folder from Program Files as the logged in user as well as logged in as Administrator(I activated the Admin log in from the command prompt)

Thanks,
Sniksder69

==========================================================
This reply by Shaba

Hi Sniksder69

Download at your desktop DDS from one of the links below:

Link 1
Link 2

* Double click the tool to run it.
* A black Screen will open, just read the contents and do nothing.
* When the tool finish it will open 2 reports.
* Copy/paste both reports back here and remove DDS from your desktop.

__________________
Microsoft MVP Consumer Security 2008 2009

Member of ASAP and UNITE since 2006

Please don't use PMs for requesting help. The Forums are there for a reason.

==========================================================
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:33:12 AM, on 9/20/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Compaq Connections\3572475\Program\Compaq Connections.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\Dave\Desktop\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ARIO&pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [VistaStartMenu] "C:\Program Files\Vista Start Menu\VistaStartMenu.exe"
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'NETWORK SERVICE')
O4 - Global Startup: Compaq Connections.lnk = C:\Program Files\Compaq Connections\3572475\Program\Compaq Connections.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: HP Health Check Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD Basic v9\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6360 bytes
==========================================================

DDS (Ver_09-09-29.01) - NTFSx86
Run by Dave at 1:07:07.13 on Tue 09/29/2009
Internet Explorer: 8.0.6001.18813 BrowserJavaVersion: 1.6.0_16
Microsoft® Windows Vista™ Home Basic 6.0.6000.0.1252.1.1033.18.478.78 [GMT -4:00]

AV: avast! antivirus 4.8.1351 [VPS 090921-0] *On-access scanning enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}
SP: Spybot - Search and Destroy *enabled* (Outdated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: avast! antivirus 4.8.1351 [VPS 090921-0] *enabled* (Outdated) {7591DB91-41F0-48A3-B128-1A293FD8233D}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\rundll32.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Vista Start Menu\VistaStartMenu.exe
C:\Program Files\Compaq Connections\3572475\Program\Compaq Connections.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\PROGRA~1\HEWLET~1\Shared\HPQTOA~1.EXE
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dave\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=PRESARIO&pf=laptop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=PRESARIO&pf=laptop
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
uRun: [ISUSPM Startup] c:\progra~1\common~1\instal~1\update~1\isuspm.exe -startup
uRun: [SpybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe
uRun: [VistaStartMenu] "c:\program files\vista start menu\VistaStartMenu.exe"
mRun: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
mRun: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\compaq~1.lnk - c:\program files\compaq connections\3572475\program\Compaq Connections.exe
mPolicies-system: EnableLUA = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files\pokerstars\PokerStarsUpdate.exe
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files\windows live\writer\WriterBrowserExtension.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_04-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab

================= FIREFOX ===================

FF - ProfilePath - c:\users\dave\appdata\roaming\mozilla\firefox\profiles\59ss3wqj.default\
FF - prefs.js: browser.search.selectedEngine -
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/firefox
FF - plugin: c:\program files\windows live\photo gallery\NPWLPG.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}
FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

============= SERVICES / DRIVERS ===============

R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2008-6-11 114768]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2008-6-11 20560]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2008-6-11 53328]
S3 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr.sys [2009-8-10 55280]

=============== Created Last 30 ================

2009-09-19 10:54 <DIR> --d----- c:\program files\Audacity
2009-09-19 09:43 <DIR> --d----- c:\program files\delaydots
2009-09-18 17:31 <DIR> --d----- c:\users\dave\appdata\roaming\Any Video Converter
2009-09-18 17:31 <DIR> --d----- c:\program files\Any Video Converter
2009-09-18 17:04 <DIR> --d----- c:\program files\VideoLAN
2009-09-18 17:02 <DIR> --d----- c:\program files\Atrinsic
2009-09-15 08:52 <DIR> --d----- c:\users\dave\appdata\roaming\Vista Start Menu
2009-09-15 08:51 <DIR> --d----- c:\program files\Vista Start Menu
2009-09-15 08:37 <DIR> --d----- c:\program files\EnhanceMyVista
2009-09-14 22:37 <DIR> --d----- c:\program files\EnhanceMyVistaFree
2009-09-14 22:05 <DIR> --d----- c:\users\dave\appdata\roaming\OpenOffice.org
2009-09-14 11:09 <DIR> --d----- c:\program files\JRE
2009-09-14 11:08 <DIR> --d----- c:\program files\OpenOffice.org 3
2009-09-14 10:32 411,368 a------- c:\windows\system32\deploytk.dll
2009-09-14 07:38 <DIR> --d----- c:\program files\OpenOffice.org 2.4
2009-09-06 14:47 2,048 a------- c:\windows\system32\tzres.dll
2009-09-06 14:36 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-09-06 14:36 109,056 a------- c:\windows\system32\iesysprep.dll
2009-09-06 14:36 1,469,440 a------- c:\windows\system32\inetcpl.cpl
2009-09-06 14:34 109,568 a------- c:\windows\system32\PDMSetup.exe
2009-09-06 14:34 107,008 a------- c:\windows\system32\SetIEInstalledDate.exe
2009-09-06 14:33 313,344 a------- c:\windows\system32\wmpdxm.dll
2009-09-06 14:33 7,680 a------- c:\windows\system32\spwmp.dll
2009-09-06 14:33 4,096 a------- c:\windows\system32\msdxm.ocx
2009-09-06 14:33 4,096 a------- c:\windows\system32\dxmasf.dll
2009-09-06 14:33 8,147,968 a------- c:\windows\system32\wmploc.DLL
2009-09-06 14:33 43,520 a------- c:\windows\system32\msdxm.tlb
2009-09-06 14:33 18,432 a------- c:\windows\system32\amcompat.tlb
2009-09-06 14:32 494,592 a------- c:\windows\system32\kerberos.dll
2009-09-06 14:32 216,576 a------- c:\windows\system32\msv1_0.dll
2009-09-06 14:32 175,104 a------- c:\windows\system32\wdigest.dll
2009-09-06 14:32 1,233,920 a------- c:\windows\system32\lsasrv.dll
2009-09-06 14:32 408,136 a------- c:\windows\system32\drivers\ksecdd.sys
2009-09-06 14:32 272,384 a------- c:\windows\system32\schannel.dll
2009-09-06 14:32 72,704 a------- c:\windows\system32\secur32.dll
2009-09-06 14:32 7,680 a------- c:\windows\system32\lsass.exe
2009-09-06 14:31 156,160 a------- c:\windows\system32\wkssvc.dll
2009-09-06 14:31 1,686,528 a------- c:\windows\system32\gameux.dll
2009-09-06 14:31 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-09-06 14:31 4,247,552 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-09-06 14:30 1,871,872 a------- c:\windows\system32\mstscax.dll
2009-09-06 14:30 116,736 a------- c:\windows\system32\aaclient.dll
2009-09-06 14:30 36,352 a------- c:\windows\system32\tsgqec.dll
2009-09-06 14:30 71,680 a------- c:\windows\system32\atl.dll
2009-09-06 14:30 88,576 a------- c:\windows\system32\avifil32.dll
2009-09-06 14:30 123,904 a------- c:\windows\system32\msvfw32.dll
2009-09-06 14:30 65,024 a------- c:\windows\system32\avicap32.dll
2009-09-06 14:30 82,944 a------- c:\windows\system32\mciavi32.dll
2009-09-06 14:30 31,232 a------- c:\windows\system32\msvidc32.dll
2009-09-06 14:30 12,800 a------- c:\windows\system32\msrle32.dll

==================== Find3M ====================

2009-09-28 20:00 150,116 a------- c:\programdata\nvModes.dat
2009-09-28 20:00 150,116 a------- c:\progra~2\nvModes.dat
2009-08-28 23:40 449,024 a------- c:\windows\apppatch\AcSpecfc.dll
2009-08-28 23:40 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-08-28 23:40 2,143,744 a------- c:\windows\apppatch\AcGenral.dll
2009-08-28 23:40 537,600 a------- c:\windows\apppatch\AcLayers.dll
2009-08-28 19:15 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-08-17 12:05 53,328 a------- c:\windows\system32\drivers\aswMonFlt.sys
2009-07-21 17:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 17:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-18 08:10 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-05-12 09:49 86,016 a------- c:\windows\inf\infstrng.dat
2009-05-12 09:49 51,200 a------- c:\windows\inf\infpub.dat
2009-05-12 09:49 86,016 a------- c:\windows\inf\infstor.dat
2008-12-25 11:38 174 a--sh--- c:\program files\desktop.ini
2008-07-26 23:56 665,600 a------- c:\windows\inf\drvindex.dat
2008-02-27 13:57 41,520 a------- c:\users\dave\appdata\roaming\nvModes.dat
2007-07-18 22:34 2,288 a------- c:\program files\INSTALL.LOG
2007-06-25 03:26 0 a------- c:\users\dave\appdata\roaming\wklnhst.dat
2006-11-02 08:39 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 08:39 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 08:39 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 08:39 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 05:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 05:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2001-09-28 20:00 164,864 a------- c:\program files\UNWISE.EXE
2008-04-25 16:45 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\history\history.ie5\index.dat
2008-04-25 16:45 32,768 a--sh--- c:\windows\serviceprofiles\localservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat
2008-04-25 16:45 16,384 a--sh--- c:\windows\serviceprofiles\localservice\appdata\roaming\microsoft\windows\cookies\index.dat

============= FINISH: 1:10:26.35 ===============

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-09-29.01)

Microsoft® Windows Vista™ Home Basic
Boot Device: \Device\HarddiskVolume1
Install Date: 6/25/2007 12:25:56 PM
System Uptime: 9/28/2009 7:55:50 PM (6 hours ago)

Motherboard: Quanta | | 30D3
Processor: Mobile AMD Sempron(tm) Processor 3500+ | Socket S1 | 800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 87 GiB total, 22.962 GiB free.
D: is FIXED (NTFS) - 6 GiB total, 0.467 GiB free.
E: is CDROM ()

==== Disabled Device Manager Items =============

==== System Restore Points ===================

==== Installed Programs ======================

Activation Assistant for the 2007 Microsoft Office suites
Adobe Acrobat 5.0
Adobe Flash Player 10 Plugin
Adobe Flash Player 9 ActiveX
Adobe Flash Player ActiveX
Adobe Photoshop 7.0
Adobe Reader 9.1.3
Any Video Converter 2.7.2
ASL_HS_Installer32
Audacity 1.2.6
Auslogics Disk Defrag
AutoUpdate
avast! Antivirus
Before You Know It 3.6
Choice Guard
CodeStuff Starter
Compaq Connections (remove only)
Conexant HD Audio
Crystal Reports for .NET Framework 2.0 (x86)
DivX
EnhanceMyVista
HDAUDIO Soft Data Fax Modem with SmartCP
Hewlett-Packard Active Check for Health Check
Hewlett-Packard Asset Agent for Health Check
HijackThis 2.0.2
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Customer Experience Enhancements
HP DVD Play 3.0
HP Easy Setup - Core
HP Easy Setup - Frontend
HP Help and Support
HP Quick Launch Buttons 6.10 B9
HP Total Care Advisor
HP Update
HP User Guide 0041
HP Wireless Assistant
HPNetworkAssistant
Java(TM) 6 Update 16
Java(TM) 6 Update 4
Java(TM) SE Runtime Environment 6
Junk Mail filter update
Microsoft .NET Framework 3.5 SP1
Microsoft Application Error Reporting
Microsoft Office 2000 Disc 2
Microsoft Office 2000 Premium
Microsoft PhotoDraw 2000
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Word 2000 SR-1
Microsoft Works
Microsoft XML Parser
Mozilla Firefox (3.5.3)
MSVCRT
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
muvee autoProducer 5.0
NVIDIA Drivers
OpenOffice.org 3.1
PDFLIB
PDFlib 4.0.1
PokerStars
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
ScanSoft PaperPort Viewer 7.0
Security Update for CAPICOM (KB931906)
Sonic Activation Module
Spybot - Search & Destroy
Synaptics Pointing Device Driver
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
VideoLAN VLC media player 0.8.6f
Vista Start Menu 3.21
Winamp
Windows Live Communications Platform
Windows Live Essentials
Windows Live Family Safety
Windows Live Mail
Windows Live Movie Maker Beta
Windows Live Photo Gallery
Windows Live Sign-in Assistant
Windows Live Sync
Windows Live Upload Tool
Windows Live Writer
Works Suite OS Pack

==== End Of File ===========================

http://forums.spybot.info/showthread.php?t=52027