Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33

Thread: Just Checking

  1. 2008-10-06, 17:08 #11
    jmj3000
    jmj3000 is offline
    Junior Member
    Join Date
    Aug 2008
    Posts
    23

    Default

    and here is the rsit log

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Administrator at 2008-10-06 11:06:34
    Microsoft Windows XP Professional Service Pack 3
    System drive C: has 62 GB (81%) free of 76 GB
    Total RAM: 382 MB (21% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:07:01 AM, on 10/6/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\BCMSMMSG.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MySpace\IM\MySpaceIM.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\MySpace\IM\MySpaceIM.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Windows Media Player\wmplayer.exe
    C:\Program Files\Windows Media Player\WMPNSCFG.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\WINDOWS\system32\NOTEPAD.EXE
    C:\Documents and Settings\Administrator\Desktop\Joey\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\Administrator.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKCU\..\RunOnce: [MPlayer2_FixUp] C:\WINDOWS\inf\unregmp2.exe /Fixups
    O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
    O4 - Startup: iWin Desktop Alerts.lnk = C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

    --
    End of file - 7610 bytes

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-05-15 817936]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-08-16 2403392]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-08-16 2403392]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL []
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll [2008-05-15 817936]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
    "Sony Ericsson PC Suite"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2007-03-28 593920]
    "SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-09-06 413696]
    "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
    "Malwarebytes Anti-Malware (reboot)"=C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe [2008-09-10 1253040]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Aim6"= []
    "MsnMsgr"=C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]
    "MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
    "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "MySpaceIM"=C:\Program Files\MySpace\IM\MySpaceIM.exe [2008-04-17 9117696]
    "Messenger (Yahoo!)"=C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [2008-09-19 4347120]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "MPlayer2_FixUp"=C:\WINDOWS\inf\unregmp2.exe [2006-11-01 315904]

    C:\Documents and Settings\Administrator\Start Menu\Programs\Startup
    iWin Desktop Alerts.lnk - C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
    C:\WINDOWS\system32\igfxsrvc.dll [2004-02-25 339968]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-04-10 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername"=0
    "legalnoticecaption"=
    "legalnoticetext"=
    "shutdownwithoutlogon"=1
    "undockwithoutlogon"=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun"=145
    "NoDrives"=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun"=
    "NoDriveTypeAutoRun"=
    "NoDrives"=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
    "C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
    "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
    "C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
    "C:\Program Files\Hasbro Interactive\Clue\Clue.exe"="C:\Program Files\Hasbro Interactive\Clue\Clue.exe:*:Enabled:Clue"
    "C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
    "C:\Program Files\MySpace\IM\MySpaceIM.exe"="C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger"

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
    "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
    "C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
    "C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

    ======List of files/folders created in the last 3 months======

    2008-10-06 11:03:16 ----A---- C:\Program Files\mmpphld.txt
    2008-10-06 10:25:04 ----D---- C:\_OTMoveIt
    2008-10-06 09:50:41 ----D---- C:\rsit
    2008-10-06 07:09:13 ----N---- C:\WINDOWS\system32\spmsg.dll
    2008-10-06 07:07:40 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
    2008-10-06 06:51:40 ----D---- C:\Program Files\Windows Media Connect 2
    2008-10-06 06:48:56 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
    2008-10-06 06:35:45 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
    2008-10-06 06:28:59 ----A---- C:\WINDOWS\imsins.BAK
    2008-10-06 06:26:12 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
    2008-10-06 06:22:02 ----D---- C:\WINDOWS\LastGood
    2008-10-06 05:42:40 ----A---- C:\WINDOWS\system32\aswBoot.exe
    2008-10-06 05:42:37 ----D---- C:\Program Files\Alwil Software
    2008-10-04 05:50:56 ----D---- C:\Program Files\Broadcom
    2008-09-30 03:02:32 ----D---- C:\Documents and Settings\Administrator\Application Data\Yahoo!
    2008-09-30 03:00:00 ----A---- C:\WINDOWS\system32\thxcfg.ini
    2008-09-28 23:07:54 ----D---- C:\Documents and Settings\Administrator\Application Data\MySpace
    2008-09-28 23:07:42 ----D---- C:\Program Files\MySpace
    2008-09-28 03:05:41 ----D---- C:\Program Files\iWin.com
    2008-09-28 03:01:13 ----D---- C:\Documents and Settings\Administrator\Application Data\iWinArcade
    2008-09-28 03:01:01 ----D---- C:\Documents and Settings\All Users\Application Data\iWin Games
    2008-09-28 03:00:44 ----D---- C:\Program Files\iWin Games
    2008-09-28 01:19:13 ----D---- C:\WINDOWS\system32\Adobe
    2008-09-25 07:19:27 ----A---- C:\WINDOWS\system32\_packet.dlluninstall
    2008-09-25 07:19:19 ----D---- C:\Program Files\CACE Technologies
    2008-09-25 06:42:45 ----D---- C:\Program Files\Cain
    2008-09-25 06:24:32 ----A---- C:\WINDOWS\Awpr.ini
    2008-09-25 06:24:04 ----D---- C:\Program Files\ElcomSoft
    2008-09-25 04:58:26 ----D---- C:\Program Files\Hasbro Interactive
    2008-09-25 04:25:37 ----A---- C:\WINDOWS\system32\CmdLineExt03.dll
    2008-09-25 03:03:39 ----D---- C:\UT2004
    2008-09-23 22:33:21 ----D---- C:\Program Files\Wonderland Online
    2008-09-23 07:43:28 ----D---- C:\WINDOWS\Prefetch
    2008-09-23 07:29:30 ----D---- C:\WINDOWS\system32\scripting
    2008-09-23 07:29:29 ----D---- C:\WINDOWS\l2schemas
    2008-09-23 07:29:28 ----D---- C:\WINDOWS\system32\en
    2008-09-23 07:29:27 ----D---- C:\WINDOWS\system32\bits
    2008-09-23 07:25:42 ----D---- C:\WINDOWS\ServicePackFiles
    2008-09-23 07:19:24 ----D---- C:\WINDOWS\system32\ReinstallBackups
    2008-09-23 07:14:19 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-09-23 06:42:02 ----A---- C:\wl_setup_2.0.3.exe
    2008-09-23 06:00:56 ----D---- C:\WINDOWS\ie7updates
    2008-09-23 05:59:38 ----D---- C:\WINDOWS\WBEM
    2008-09-23 05:55:43 ----HDC---- C:\WINDOWS\ie7
    2008-09-23 05:54:24 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
    2008-09-23 05:51:06 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
    2008-09-23 05:50:02 ----D---- C:\Program Files\Common Files\Apple
    2008-09-23 05:49:02 ----D---- C:\Program Files\QuickTime
    2008-09-23 05:48:57 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-09-23 05:47:11 ----D---- C:\Program Files\Apple Software Update
    2008-09-23 05:47:06 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
    2008-09-23 05:46:34 ----N---- C:\WINDOWS\system32\xmllite.dll
    2008-09-23 05:36:15 ----D---- C:\WINDOWS\network diagnostic
    2008-09-19 03:56:48 ----D---- C:\Program Files\PopCap Games
    2008-09-19 00:26:12 ----D---- C:\Program Files\LucasArts
    2008-09-06 21:27:05 ----A---- C:\WINDOWS\system32\DellSys.dll
    2008-09-06 21:26:50 ----D---- C:\Program Files\Dell
    2008-09-06 07:14:10 ----D---- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org2
    2008-09-06 07:09:19 ----D---- C:\Program Files\OpenOffice.org 2.4
    2008-09-06 07:09:00 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-09-06 07:09:00 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-09-06 07:09:00 ----A---- C:\WINDOWS\system32\java.exe
    2008-09-05 18:24:12 ----D---- C:\Program Files\MSBuild
    2008-09-05 18:24:00 ----D---- C:\WINDOWS\system32\XPSViewer
    2008-09-05 18:23:43 ----D---- C:\WINDOWS\system32\en-us
    2008-09-05 18:23:41 ----D---- C:\Program Files\Reference Assemblies
    2008-09-05 18:21:53 ----N---- C:\WINDOWS\system32\spmsg2.dll
    2008-09-05 18:18:02 ----RSD---- C:\WINDOWS\assembly
    2008-09-05 18:15:20 ----D---- C:\WINDOWS\Microsoft.NET
    2008-09-05 18:11:06 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
    2008-09-05 18:10:55 ----D---- C:\Program Files\MSXML 6.0
    2008-09-05 03:00:48 ----D---- C:\Program Files\MSXML 4.0
    2008-09-05 02:20:53 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
    2008-09-05 02:19:47 ----A---- C:\WINDOWS\system32\Vb6stkit.dll
    2008-09-05 02:19:34 ----D---- C:\Program Files\eGames
    2008-09-05 01:32:40 ----SHD---- C:\RECYCLER
    2008-09-05 01:14:27 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2008-09-05 01:14:21 ----N---- C:\WINDOWS\system32\verclsid.exe
    2008-09-05 01:14:16 ----N---- C:\WINDOWS\system32\tspkg.dll
    2008-09-05 01:14:16 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2008-09-05 01:14:06 ----N---- C:\WINDOWS\system32\spupdwxp.exe
    2008-09-05 01:14:05 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
    2008-09-05 01:14:03 ----N---- C:\WINDOWS\system32\slserv.exe
    2008-09-05 01:14:03 ----N---- C:\WINDOWS\system32\slrundll.exe
    2008-09-05 01:14:03 ----N---- C:\WINDOWS\system32\slgen.dll
    2008-09-05 01:14:03 ----N---- C:\WINDOWS\system32\slextspk.dll
    2008-09-05 01:14:03 ----N---- C:\WINDOWS\system32\slcoinst.dll
    2008-09-05 01:14:03 ----N---- C:\WINDOWS\slrundll.exe
    2008-09-05 01:13:58 ----N---- C:\WINDOWS\system32\setupn.exe
    2008-09-05 01:13:55 ----N---- C:\WINDOWS\system32\s3gnb.dll
    2008-09-05 01:13:54 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2008-09-05 01:13:52 ----N---- C:\WINDOWS\system32\rasqec.dll
    2008-09-05 01:13:52 ----N---- C:\WINDOWS\system32\qutil.dll
    2008-09-05 01:13:50 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2008-09-05 01:13:50 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2008-09-05 01:13:50 ----N---- C:\WINDOWS\system32\qagent.dll
    2008-09-05 01:13:45 ----N---- C:\WINDOWS\system32\onex.dll
    2008-09-05 01:13:39 ----N---- C:\WINDOWS\system32\nv4_disp.dll
    2008-09-05 01:13:26 ----N---- C:\WINDOWS\system32\napstat.exe
    2008-09-05 01:13:26 ----N---- C:\WINDOWS\system32\napmontr.dll
    2008-09-05 01:13:26 ----N---- C:\WINDOWS\system32\napipsec.dll
    2008-09-05 01:13:25 ----N---- C:\WINDOWS\system32\mtxparhd.dll
    2008-09-05 01:13:21 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2008-09-05 01:13:21 ----N---- C:\WINDOWS\system32\mssha.dll
    2008-09-05 01:13:00 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2008-09-05 01:12:59 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2008-09-05 01:12:59 ----N---- C:\WINDOWS\system32\mmcex.dll
    2008-09-05 01:12:58 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2008-09-05 01:12:57 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
    2008-09-05 01:12:43 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2008-09-05 01:12:43 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2008-09-05 01:12:42 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2008-09-05 01:12:42 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2008-09-05 01:12:42 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2008-09-05 01:12:42 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2008-09-05 01:12:27 ----N---- C:\WINDOWS\system32\smtpapi.dll
    2008-09-05 01:12:27 ----N---- C:\WINDOWS\system32\rwnh.dll
    2008-09-05 01:12:19 ----N---- C:\WINDOWS\system32\comsdupd.exe
    2008-09-05 01:12:08 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
    2008-09-05 01:11:56 ----N---- C:\WINDOWS\system32\faxpatch.exe
    2008-09-05 01:11:56 ----A---- C:\WINDOWS\003080_.tmp
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eapqec.dll
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eapphost.dll
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2008-09-05 01:11:53 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2008-09-05 01:11:50 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2008-09-05 01:11:50 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2008-09-05 01:11:50 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2008-09-05 01:11:50 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2008-09-05 01:11:50 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2008-09-05 01:11:50 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2008-09-05 01:11:50 ----N---- C:\WINDOWS\system32\dot3api.dll
    2008-09-05 01:11:48 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2008-09-05 01:11:48 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2008-09-05 01:11:47 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2008-09-05 01:11:44 ----N---- C:\WINDOWS\system32\credssp.dll
    2008-09-05 01:11:37 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2008-09-05 01:11:37 ----N---- C:\WINDOWS\system32\azroles.dll
    2008-09-05 01:11:35 ----N---- C:\WINDOWS\system32\ativvaxx.dll
    2008-09-05 01:11:35 ----N---- C:\WINDOWS\system32\ativtmxx.dll
    2008-09-05 01:11:35 ----N---- C:\WINDOWS\system32\ati3duag.dll
    2008-09-05 01:11:35 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
    2008-09-05 01:11:34 ----N---- C:\WINDOWS\system32\ati2dvag.dll
    2008-09-05 01:11:34 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
    2008-09-05 01:11:34 ----N---- C:\WINDOWS\system32\ati2cqag.dll
    2008-09-05 01:11:26 ----N---- C:\WINDOWS\system32\aaclient.dll
    2008-09-04 23:14:10 ----A---- C:\WINDOWS\mngui.INI
    2008-09-04 23:04:12 ----D---- C:\Documents and Settings\Administrator\Application Data\Teleca
    2008-09-04 23:03:20 ----D---- C:\Documents and Settings\Administrator\Application Data\Sony Ericsson
    2008-09-04 22:59:39 ----D---- C:\Documents and Settings\All Users\Application Data\Sony Ericsson
    2008-09-04 22:59:08 ----D---- C:\Program Files\Common Files\Sony Ericsson Shared
    2008-09-04 22:58:58 ----D---- C:\Program Files\Common Files\Teleca Shared
    2008-09-04 22:58:53 ----D---- C:\Program Files\Sony Ericsson
    2008-09-04 22:58:53 ----D---- C:\Documents and Settings\All Users\Application Data\Teleca
    2008-09-04 22:58:32 ----D---- C:\WINDOWS\Downloaded Installations
    2008-09-04 22:53:34 ----A---- C:\WINDOWS\system32\msxml3a.dll
    2008-09-04 22:53:32 ----D---- C:\Program Files\MAUS Software
    2008-08-22 15:34:01 ----D---- C:\ComboFix
    2008-08-22 06:16:02 ----D---- C:\WINDOWS\temp
    2008-08-22 06:15:59 ----A---- C:\ComboFix.txt
    2008-08-22 06:04:01 ----D---- C:\WINDOWS\erdnt
    2008-08-22 05:19:13 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2008-08-22 01:30:12 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-08-22 00:15:52 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-08-21 19:25:09 ----D---- C:\Documents and Settings\Administrator\Application Data\TrojanHunter
    2008-08-21 19:20:57 ----R---- C:\WINDOWS\system32\streamhlp.dll
    2008-08-21 19:20:57 ----D---- C:\Program Files\TrojanHunter 5.0
    2008-08-21 19:13:27 ----D---- C:\Documents and Settings\Administrator\Application Data\Malwarebytes
    2008-08-21 19:13:13 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-08-21 19:13:13 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-08-21 17:59:12 ----D---- C:\Program Files\EsetOnlineScanner
    2008-08-21 04:40:49 ----D---- C:\Program Files\CCleaner
    2008-08-21 00:02:43 ----A---- C:\WINDOWS\system32\ir50_lcs.dll
    2008-08-21 00:02:43 ----A---- C:\WINDOWS\system32\iacenc.dll
    2008-08-21 00:02:42 ----A---- C:\WINDOWS\system32\Iyvu9_32.dll
    2008-08-20 23:58:04 ----A---- C:\WINDOWS\system32\vp3clean.exe
    2008-08-20 23:57:50 ----A---- C:\WINDOWS\system32\ica2.dll
    2008-08-20 23:57:44 ----A---- C:\WINDOWS\system32\324aud32.dll
    2008-08-20 23:57:32 ----D---- C:\Program Files\Common Files\Intel Shared
    2008-08-20 23:56:34 ----A---- C:\WINDOWS\uninst.exe
    2008-08-20 23:53:06 ----A---- C:\WINDOWS\system32\inetwh32.dll
    2008-08-20 23:52:33 ----A---- C:\WINDOWS\system32\LTTWN80N.DLL
    2008-08-20 23:52:33 ----A---- C:\WINDOWS\system32\LTKRN80N.DLL
    2008-08-20 23:52:33 ----A---- C:\WINDOWS\system32\LTIMG80N.DLL
    2008-08-20 23:52:33 ----A---- C:\WINDOWS\system32\LTFIL80N.DLL
    2008-08-20 23:52:33 ----A---- C:\WINDOWS\system32\LTEFX80N.DLL
    2008-08-20 23:52:33 ----A---- C:\WINDOWS\system32\LFTIF80N.DLL
    2008-08-20 23:52:32 ----A---- C:\WINDOWS\system32\LFMSP80N.DLL
    2008-08-20 23:52:32 ----A---- C:\WINDOWS\system32\LFLMB80N.DLL
    2008-08-20 23:52:32 ----A---- C:\WINDOWS\system32\LFLMA80N.DLL
    2008-08-20 23:52:31 ----A---- C:\WINDOWS\system32\LFKODAK.DLL
    2008-08-20 23:52:31 ----A---- C:\WINDOWS\system32\LFFPX80N.DLL
    2008-08-20 23:52:31 ----A---- C:\WINDOWS\system32\LFFPX7.DLL
    2008-08-20 23:52:30 ----A---- C:\WINDOWS\system32\LFFAX80N.DLL
    2008-08-20 23:52:30 ----A---- C:\WINDOWS\system32\LFCMP80N.DLL
    2008-08-20 23:52:29 ----A---- C:\WINDOWS\system32\LFCAL80N.DLL
    2008-08-20 23:52:29 ----A---- C:\WINDOWS\system32\LFBMP80N.DLL
    2008-08-20 23:52:27 ----D---- C:\Galleries
    2008-08-20 23:52:15 ----A---- C:\WINDOWS\system32\VARIETYPACKLOCALIZATION.DLL
    2008-08-20 23:52:15 ----A---- C:\WINDOWS\system32\RFVPS.dll
    2008-08-20 23:52:15 ----A---- C:\WINDOWS\system32\RFVPPTB.dll
    2008-08-20 23:52:14 ----A---- C:\WINDOWS\system32\RFVPB.dll
    2008-08-20 23:52:14 ----A---- C:\WINDOWS\system32\rfutils.dll
    2008-08-20 23:52:14 ----A---- C:\WINDOWS\system32\rfnullvideo.dll
    2008-08-20 23:52:14 ----A---- C:\WINDOWS\system32\RFInstallRoutines.dll
    2008-08-20 23:52:14 ----A---- C:\WINDOWS\system32\GenericVFW.dll
    2008-08-20 23:50:26 ----A---- C:\WINDOWS\system32\icam4com.dll
    2008-08-20 23:50:25 ----A---- C:\WINDOWS\system32\icam4ext.dll
    2008-08-20 23:50:24 ----A---- C:\WINDOWS\system32\SCALE_EN.DLL
    2008-08-20 23:50:24 ----A---- C:\WINDOWS\system32\icam2ext.dll
    2008-08-20 23:46:44 ----A---- C:\WINDOWS\system32\LMRTREND.dll
    2008-08-20 23:46:24 ----A---- C:\WINDOWS\system32\dxtmsft3.dll
    2008-08-20 23:45:57 ----A---- C:\WINDOWS\system32\unam4ie.exe
    2008-08-20 23:45:46 ----A---- C:\WINDOWS\system32\vidx16.dll
    2008-08-20 23:45:46 ----A---- C:\WINDOWS\system32\qcut.dll
    2008-08-20 23:45:42 ----A---- C:\WINDOWS\system32\w95inf32.dll
    2008-08-20 23:45:42 ----A---- C:\WINDOWS\system32\w95inf16.dll
    2008-08-20 23:45:37 ----D---- C:\Program Files\Intel
    2008-08-20 23:43:56 ----D---- C:\Documents and Settings\Administrator\Application Data\Help
    2008-08-20 23:43:12 ----A---- C:\WINDOWS\IsUninst.exe
    2008-08-20 15:23:24 ----D---- C:\Documents and Settings\Administrator\Application Data\WinRAR
    2008-08-20 15:22:45 ----D---- C:\Program Files\WinRAR
    2008-08-20 02:07:54 ----A---- C:\WINDOWS\system32\Icam3EXT.dll
    2008-08-20 02:07:46 ----A---- C:\WINDOWS\system32\vfwwdm32.dll
    2008-08-19 22:02:27 ----D---- C:\Program Files\Trend Micro
    2008-08-18 14:28:45 ----D---- C:\Program Files\Safer Networking
    2008-08-18 10:21:03 ----A---- C:\WINDOWS\wininit.ini
    2008-08-18 03:04:00 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-08-18 03:04:00 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-08-18 02:53:46 ----D---- C:\Program Files\Lavasoft
    2008-08-18 02:53:44 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-08-18 02:52:46 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
    2008-08-17 05:16:22 ----D---- C:\Program Files\Common Files\Adobe AIR
    2008-08-17 04:54:57 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
    2008-08-17 04:53:20 ----D---- C:\Program Files\Common Files\Adobe
    2008-08-17 04:53:18 ----D---- C:\Program Files\Adobe
    2008-08-17 03:41:42 ----A---- C:\WINDOWS\system32\wmpns.dll
    2008-08-17 03:24:18 ----A---- C:\WINDOWS\system32\LuResult.txt
    2008-08-17 03:08:30 ----D---- C:\Config.Msi
    2008-08-16 21:22:39 ----D---- C:\WINDOWS\system32\LogFiles
    2008-08-16 20:50:49 ----A---- C:\WINDOWS\system32\capicom.dll
    2008-08-16 20:49:54 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
    2008-08-16 20:49:40 ----D---- C:\Program Files\Common Files\Symantec Shared
    2008-08-16 10:51:57 ----D---- C:\Documents and Settings\Administrator\Application Data\AVGTOOLBAR
    2008-08-16 10:51:45 ----D---- C:\Program Files\AVG
    2008-08-16 10:51:44 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
    2008-08-16 06:21:26 ----SHD---- C:\WINDOWS\CSC
    2008-08-16 06:02:25 ----D---- C:\Temp
    2008-08-16 05:00:35 ----A---- C:\WINDOWS\system32\ksuser.dll
    2008-08-16 05:00:03 ----D---- C:\Program Files\SigmaTel
    2008-08-16 05:00:02 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-08-16 04:03:47 ----D---- C:\Documents and Settings\Administrator\Application Data\Pogo Games
    2008-08-16 04:03:39 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
    2008-08-16 03:59:16 ----D---- C:\Program Files\Oberon Media
    2008-08-16 03:33:03 ----D---- C:\WINDOWS\Sun
    2008-08-16 03:33:03 ----D---- C:\Documents and Settings\Administrator\Application Data\Sun
    2008-08-16 03:32:15 ----D---- C:\Program Files\Java
    2008-08-16 03:31:28 ----D---- C:\Program Files\Common Files\Java
    2008-08-16 01:51:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
    2008-08-16 01:50:52 ----D---- C:\Program Files\Mozilla Firefox
    2008-08-16 01:49:09 ----D---- C:\Documents and Settings\All Users\Application Data\Yahoo!
    2008-08-16 01:48:51 ----A---- C:\YServer.txt
    2008-08-16 01:48:42 ----D---- C:\Program Files\Yahoo!
    2008-08-16 01:42:11 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-08-16 01:41:37 ----D---- C:\Program Files\MSN Messenger
    2008-08-16 01:36:47 ----D---- C:\Documents and Settings\Administrator\Application Data\Google
    2008-08-16 01:34:51 ----D---- C:\Documents and Settings\Administrator\Application Data\Macromedia
    2008-08-16 01:34:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
    2008-08-16 01:34:48 ----D---- C:\Documents and Settings\All Users\Application Data\Google
    2008-08-16 01:34:39 ----D---- C:\Program Files\Google
    2008-08-16 01:31:54 ----D---- C:\Documents and Settings\Administrator\Application Data\acccore
    2008-08-16 01:30:19 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
    2008-08-16 01:30:17 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
    2008-08-16 01:29:43 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
    2008-08-16 01:29:42 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
    2008-08-16 01:29:07 ----D---- C:\Program Files\Common Files\AOL
    2008-08-16 01:28:53 ----D---- C:\Program Files\AIM6
    2008-08-16 01:23:21 ----D---- C:\WINDOWS\system32\PreInstall
    2008-08-16 01:23:20 ----A---- C:\WINDOWS\system32\spupdsvc.exe
    2008-08-16 01:23:19 ----HD---- C:\WINDOWS\$hf_mig$
    2008-08-16 01:16:45 ----D---- C:\WINDOWS\system32\SoftwareDistribution
    2008-08-16 01:15:41 ----A---- C:\WINDOWS\system32\igfxres.dll
    2008-08-16 01:14:26 ----D---- C:\WINDOWS\Drivers
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\oemdspif.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxzoom.exe
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxtray.exe
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxress.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxpph.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxhk.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxext.exe
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxexps.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxeud.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxdo.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxdiag.exe
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxdgps.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxdev.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\igfxcfg.exe
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\ialmrnt5.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\ialmrem.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\ialmgicd.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\ialmgdev.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\ialmdnt5.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\ialmdev5.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\ialmdd5.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\iAlmCoIn_v3775.dll
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\hkcmd.exe
    2008-08-16 01:14:26 ----A---- C:\WINDOWS\system32\hccutils.dll
    2008-08-16 01:09:27 ----N---- C:\WINDOWS\system32\WLTRYSVC.EXE
    2008-08-16 01:09:27 ----N---- C:\WINDOWS\system32\BCMWLTRY.EXE
    2008-08-16 01:09:27 ----N---- C:\WINDOWS\system32\BCMLogon.dll
    2008-08-16 01:09:27 ----N---- C:\WINDOWS\system32\AegisI5.exe
    2008-08-16 01:09:27 ----N---- C:\WINDOWS\system32\AegisE5.dll
    2008-08-16 01:09:16 ----N---- C:\WINDOWS\system32\BCMWLU00.EXE
    2008-08-16 01:09:16 ----N---- C:\WINDOWS\system32\BCMWLD2K.EXE
    2008-08-16 01:09:06 ----D---- C:\Program Files\Common Files\InstallShield
    2008-08-16 01:09:02 ----D---- C:\Dell
    2008-08-15 23:13:33 ----D---- C:\Documents and Settings\Administrator\Application Data\Identities
    2008-08-15 23:13:32 ----HD---- C:\Program Files\Uninstall Information
    2008-08-15 23:13:24 ----ASH---- C:\Documents and Settings\Administrator\Application Data\desktop.ini
    2008-08-15 23:13:23 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
    2008-08-15 23:13:12 ----D---- C:\WINDOWS\SoftwareDistribution
    2008-08-15 23:13:09 ----SD---- C:\WINDOWS\system32\Microsoft
    2008-08-15 23:12:49 ----SHD---- C:\System Volume Information
    2008-08-15 23:06:41 ----D---- C:\WINDOWS\system32\xircom
    2008-08-15 23:06:41 ----D---- C:\Program Files\xerox
    2008-08-15 23:06:41 ----D---- C:\Program Files\microsoft frontpage
    2008-08-15 23:05:58 ----A---- C:\WINDOWS\control.ini
    2008-08-15 23:05:58 ----A---- C:\AUTOEXEC.BAT
    2008-08-15 23:05:29 ----A---- C:\WINDOWS\system32\mapi32.dll
    2008-08-15 23:03:49 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-08-15 23:03:49 ----RD---- C:\WINDOWS\Offline Web Pages
    2008-08-15 23:03:48 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
    2008-08-15 23:03:36 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
    2008-08-15 23:03:29 ----HD---- C:\Program Files\WindowsUpdate
    2008-08-15 23:03:00 ----D---- C:\WINDOWS\system32\DirectX
    2008-08-15 23:02:36 ----A---- C:\WINDOWS\system32\atrace.dll
    2008-08-15 23:02:33 ----A---- C:\WINDOWS\system32\desktop.ini
    2008-08-15 23:02:33 ----A---- C:\WINDOWS\desktop.ini
    2008-08-15 23:02:25 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
    2008-08-15 23:02:24 ----A---- C:\WINDOWS\system32\acctres.dll
    2008-08-15 23:02:23 ----D---- C:\Program Files\Common Files\Services
    2008-08-15 23:02:20 ----SD---- C:\WINDOWS\Tasks
    2008-08-15 23:02:20 ----A---- C:\WINDOWS\system32\icfgnt5.dll
    2008-08-15 23:02:19 ----D---- C:\Program Files\Common Files\MSSoap
    2008-08-15 23:02:15 ----D---- C:\WINDOWS\srchasst
    2008-08-15 23:02:14 ----D---- C:\WINDOWS\system32\Macromed
    2008-08-15 23:02:10 ----A---- C:\WINDOWS\system32\wuweb.dll
    2008-08-15 23:02:10 ----A---- C:\WINDOWS\system32\wucltui.dll
    2008-08-15 23:02:10 ----A---- C:\WINDOWS\system32\wuauserv.dll
    2008-08-15 23:02:10 ----A---- C:\WINDOWS\system32\wuaueng1.dll
    2008-08-15 23:02:10 ----A---- C:\WINDOWS\system32\wuaueng.dll
    2008-08-15 23:02:09 ----A---- C:\WINDOWS\system32\wups.dll
    2008-08-15 23:02:09 ----A---- C:\WINDOWS\system32\wuauclt1.exe
    2008-08-15 23:02:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
    2008-08-15 23:02:09 ----A---- C:\WINDOWS\system32\wuapi.dll
    2008-08-15 23:02:09 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
    2008-08-15 23:02:09 ----A---- C:\WINDOWS\system32\bitsprx3.dll
    2008-08-15 23:02:09 ----A---- C:\WINDOWS\system32\bitsprx2.dll
    2008-08-15 23:02:08 ----A---- C:\WINDOWS\system32\qmgr.dll
    2008-08-15 23:02:04 ----D---- C:\Program Files\Movie Maker
    2008-08-15 23:01:59 ----A---- C:\WINDOWS\system32\safrslv.dll
    2008-08-15 23:01:59 ----A---- C:\WINDOWS\system32\safrdm.dll
    2008-08-15 23:01:59 ----A---- C:\WINDOWS\system32\safrcdlg.dll
    2008-08-15 23:01:59 ----A---- C:\WINDOWS\system32\racpldlg.dll
    2008-08-15 23:01:55 ----D---- C:\WINDOWS\system32\Restore
    2008-08-15 23:01:55 ----A---- C:\WINDOWS\system32\srrstr.dll
    2008-08-15 23:01:55 ----A---- C:\WINDOWS\system32\fltmc.exe
    2008-08-15 23:01:55 ----A---- C:\WINDOWS\system32\fltlib.dll
    2008-08-15 23:01:54 ----A---- C:\WINDOWS\system32\srsvc.dll
    2008-08-15 23:01:54 ----A---- C:\WINDOWS\system32\srclient.dll
    2008-08-15 23:01:54 ----A---- C:\WINDOWS\system32\isrdbg32.dll
    2008-08-15 23:01:54 ----A---- C:\WINDOWS\system32\ils.dll
    2008-08-15 23:01:53 ----A---- C:\WINDOWS\system32\nmmkcert.dll
    2008-08-15 23:01:53 ----A---- C:\WINDOWS\system32\msconf.dll
    2008-08-15 23:01:53 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
    2008-08-15 23:01:53 ----A---- C:\WINDOWS\system32\mnmdd.dll
    2008-08-15 23:01:51 ----D---- C:\Program Files\NetMeeting
    2008-08-15 23:01:51 ----A---- C:\WINDOWS\system32\msoert2.dll
    2008-08-15 23:01:50 ----A---- C:\WINDOWS\system32\msoeacct.dll
    2008-08-15 23:01:49 ----A---- C:\WINDOWS\system32\inetres.dll
    2008-08-15 23:01:49 ----A---- C:\WINDOWS\system32\inetcomm.dll
    2008-08-15 23:01:47 ----D---- C:\Program Files\Outlook Express
    2008-08-15 23:01:47 ----A---- C:\WINDOWS\system32\schedsvc.dll
    2008-08-15 23:01:47 ----A---- C:\WINDOWS\system32\mstinit.exe
    2008-08-15 23:01:47 ----A---- C:\WINDOWS\system32\mstask.dll
    2008-08-15 23:01:47 ----A---- C:\WINDOWS\system32\icwphbk.dll
    2008-08-15 23:01:46 ----A---- C:\WINDOWS\system32\isign32.dll
    2008-08-15 23:01:46 ----A---- C:\WINDOWS\system32\inetcfg.dll
    2008-08-15 23:01:46 ----A---- C:\WINDOWS\system32\icwdial.dll
    2008-08-15 23:01:41 ----D---- C:\Program Files\Common Files\System
    2008-08-15 23:01:35 ----D---- C:\Program Files\Internet Explorer
    2008-08-15 23:00:36 ----D---- C:\Program Files\ComPlus Applications
    2008-08-15 23:00:33 ----A---- C:\WINDOWS\vbaddin.ini
    2008-08-15 23:00:33 ----A---- C:\WINDOWS\vb.ini
    2008-08-15 23:00:27 ----D---- C:\WINDOWS\Registration
    2008-08-15 23:00:16 ----D---- C:\Program Files\Windows Media Player
    2008-08-15 23:00:16 ----D---- C:\Program Files\Online Services
    2008-08-15 23:00:07 ----D---- C:\Program Files\Messenger
    2008-08-15 23:00:03 ----D---- C:\Program Files\MSN Gaming Zone
    2008-08-15 23:00:03 ----A---- C:\WINDOWS\system32\write.exe
    2008-08-15 22:59:54 ----A---- C:\WINDOWS\system32\sndvol32.exe
    2008-08-15 22:59:54 ----A---- C:\WINDOWS\system32\hticons.dll
    2008-08-15 22:59:54 ----A---- C:\WINDOWS\system32\avwav.dll
    2008-08-15 22:59:54 ----A---- C:\WINDOWS\system32\avtapi.dll
    2008-08-15 22:59:54 ----A---- C:\WINDOWS\system32\avmeter.dll
    2008-08-15 22:59:53 ----A---- C:\WINDOWS\system32\winchat.exe
    2008-08-15 22:59:47 ----A---- C:\WINDOWS\system32\getuname.dll
    2008-08-15 22:59:47 ----A---- C:\WINDOWS\system32\charmap.exe
    2008-08-15 22:59:46 ----A---- C:\WINDOWS\system32\winmine.exe
    2008-08-15 22:59:46 ----A---- C:\WINDOWS\system32\sol.exe
    2008-08-15 22:59:46 ----A---- C:\WINDOWS\system32\mshearts.exe
    2008-08-15 22:59:46 ----A---- C:\WINDOWS\system32\calc.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\tsshutdn.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\tslabels.ini
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\tskill.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\tsdiscon.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\tscon.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\shadow.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\rwinsta.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\reset.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\regini.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\qwinsta.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\qappsrv.exe
    2008-08-15 22:59:45 ----A---- C:\WINDOWS\system32\freecell.exe
    2008-08-15 22:59:44 ----A---- C:\WINDOWS\system32\msg.exe
    2008-08-15 22:59:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini
    2008-08-15 22:59:44 ----A---- C:\WINDOWS\system32\logoff.exe
    2008-08-15 22:59:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\stclient.dll
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\mtxlegih.dll
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\mtxex.dll
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\mtxdm.dll
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\comsnap.dll
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\comrepl.dll
    2008-08-15 22:59:43 ----A---- C:\WINDOWS\system32\comaddin.dll
    2008-08-15 22:59:38 ----A---- C:\WINDOWS\system32\wmimgmt.msc
    2008-08-15 22:59:29 ----D---- C:\Program Files\MSN
    2008-08-15 22:59:28 ----A---- C:\WINDOWS\system32\sndrec32.exe
    2008-08-15 22:59:28 ----A---- C:\WINDOWS\system32\mplay32.exe
    2008-08-15 22:59:28 ----A---- C:\WINDOWS\system32\hypertrm.dll
    2008-08-15 22:59:28 ----A---- C:\WINDOWS\system32\accwiz.exe
    2008-08-15 22:59:27 ----D---- C:\Program Files\Windows NT
    2008-08-15 22:59:27 ----A---- C:\WINDOWS\system32\spider.exe
    2008-08-15 22:59:27 ----A---- C:\WINDOWS\system32\mspaint.exe
    2008-08-15 22:59:27 ----A---- C:\WINDOWS\system32\clipbrd.exe
    2008-08-15 22:59:26 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
    2008-08-15 22:59:26 ----A---- C:\WINDOWS\system32\remotepg.dll
    2008-08-15 22:59:26 ----A---- C:\WINDOWS\system32\rdshost.exe
    2008-08-15 22:59:26 ----A---- C:\WINDOWS\system32\rdsaddin.exe
    2008-08-15 22:59:26 ----A---- C:\WINDOWS\system32\mstscax.dll
    2008-08-15 22:59:26 ----A---- C:\WINDOWS\system32\mstsc.exe
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\tscupgrd.exe
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\termsrv.dll
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\sessmgr.exe
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\rdpwsx.dll
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\rdpsnd.dll
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\rdpclip.exe
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\rdchost.dll
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\qprocess.exe
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\icaapi.dll
    2008-08-15 22:59:25 ----A---- C:\WINDOWS\system32\cfgbkend.dll
    2008-08-15 22:59:24 ----D---- C:\WINDOWS\system32\MsDtc
    2008-08-15 22:59:24 ----A---- C:\WINDOWS\system32\xolehlp.dll
    2008-08-15 22:59:24 ----A---- C:\WINDOWS\system32\mtxoci.dll
    2008-08-15 22:59:24 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
    2008-08-15 22:59:24 ----A---- C:\WINDOWS\system32\msdtctm.dll
    2008-08-15 22:59:24 ----A---- C:\WINDOWS\system32\msdtcprx.dll
    2008-08-15 22:59:24 ----A---- C:\WINDOWS\system32\msdtclog.dll
    2008-08-15 22:59:23 ----D---- C:\WINDOWS\system32\Com
    2008-08-15 22:59:23 ----A---- C:\WINDOWS\system32\msdtc.exe
    2008-08-15 22:59:23 ----A---- C:\WINDOWS\system32\colbact.dll
    2008-08-15 22:59:23 ----A---- C:\WINDOWS\system32\clbcatex.dll
    2008-08-15 22:59:23 ----A---- C:\WINDOWS\system32\catsrvps.dll
    2008-08-15 22:59:22 ----A---- C:\WINDOWS\system32\comuid.dll
    2008-08-15 22:59:22 ----A---- C:\WINDOWS\system32\comsvcs.dll
    2008-08-15 22:59:22 ----A---- C:\WINDOWS\system32\catsrvut.dll
    2008-08-15 22:59:22 ----A---- C:\WINDOWS\system32\catsrv.dll
    2008-08-15 22:59:21 ----A---- C:\WINDOWS\system32\clbcatq.dll
    2008-08-15 22:59:16 ----A---- C:\WINDOWS\system32\servdeps.dll
    2008-08-15 22:59:16 ----A---- C:\WINDOWS\system32\mmfutil.dll
    2008-08-15 22:59:16 ----A---- C:\WINDOWS\system32\licwmi.dll
    2008-08-15 22:59:16 ----A---- C:\WINDOWS\system32\cmprops.dll
    2008-08-15 22:56:54 ----A---- C:\WINDOWS\system32\h323log.txt
    2008-08-15 22:53:16 ----A---- C:\WINDOWS\system32\usbui.dll
    2008-08-15 22:51:14 ----SHD---- C:\WINDOWS\Installer
    2008-08-15 22:51:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-08-15 22:51:13 ----D---- C:\Program Files\Common Files\ODBC
    2008-08-15 22:51:13 ----A---- C:\WINDOWS\ODBCINST.INI
    2008-08-15 22:51:09 ----D---- C:\Program Files\Common Files\SpeechEngines
    2008-08-15 22:51:08 ----RD---- C:\Program Files
    2008-08-15 22:51:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2008-08-15 22:51:08 ----D---- C:\Program Files\Common Files
    2008-08-15 22:51:04 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
    2008-08-15 22:51:04 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
    2008-08-15 22:51:04 ----RA---- C:\WINDOWS\system32\kbdazel.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdycc.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbduzb.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdur.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdtat.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdru1.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdru.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdmon.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdbu.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdblr.dll
    2008-08-15 22:51:02 ----RA---- C:\WINDOWS\system32\kbdaze.dll
    2008-08-15 22:51:00 ----RA---- C:\WINDOWS\system32\kbdhept.dll
    2008-08-15 22:51:00 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
    2008-08-15 22:51:00 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
    2008-08-15 22:51:00 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
    2008-08-15 22:51:00 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
    2008-08-15 22:51:00 ----RA---- C:\WINDOWS\system32\kbdhe.dll
    2008-08-15 22:51:00 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
    2008-08-15 22:50:58 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
    2008-08-15 22:50:58 ----RA---- C:\WINDOWS\system32\kbdlv.dll
    2008-08-15 22:50:58 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
    2008-08-15 22:50:58 ----RA---- C:\WINDOWS\system32\kbdlt.dll
    2008-08-15 22:50:58 ----RA---- C:\WINDOWS\system32\kbdest.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdsl.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdro.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdpl.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdhu.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdcz.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\kbdcr.dll
    2008-08-15 22:50:56 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
    2008-08-15 22:50:55 ----RA---- C:\WINDOWS\system32\kbdycl.dll
    2008-08-15 22:50:52 ----A---- C:\WINDOWS\system32\spxcoins.dll
    2008-08-15 22:50:52 ----A---- C:\WINDOWS\system32\irclass.dll
    2008-08-15 22:50:52 ----A---- C:\WINDOWS\system32\EqnClass.Dll
    2008-08-15 22:50:52 ----A---- C:\WINDOWS\system32\dgsetup.dll
    2008-08-15 22:50:52 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
    2008-08-15 22:50:50 ----A---- C:\WINDOWS\TASKMAN.EXE
    2008-08-15 22:50:49 ----N---- C:\WINDOWS\system32\CONFIG.TMP
    2008-08-15 22:50:49 ----A---- C:\WINDOWS\system32\batt.dll
    2008-08-15 22:50:48 ----A---- C:\WINDOWS\notepad.exe
    2008-08-15 22:50:46 ----A---- C:\WINDOWS\system32\storprop.dll
    2008-08-15 22:50:31 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
    2008-08-15 22:50:27 ----RA---- C:\WINDOWS\SET8.tmp
    2008-08-15 22:50:24 ----RA---- C:\WINDOWS\SET4.tmp
    2008-08-15 22:50:22 ----RA---- C:\WINDOWS\SET3.tmp
    2008-08-15 22:50:16 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-08-15 22:50:16 ----D---- C:\WINDOWS\system32\CatRoot
    2008-08-15 22:50:10 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
    2008-08-15 22:49:48 ----D---- C:\Documents and Settings
    2008-08-15 22:46:40 ----SH---- C:\boot.ini
    2008-08-15 22:37:39 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-08-15 22:37:39 ----RSD---- C:\WINDOWS\Fonts
    2008-08-15 22:37:39 ----RD---- C:\WINDOWS\Web
    2008-08-15 22:37:39 ----HD---- C:\WINDOWS\inf
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\WinSxS
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\twain_32
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\wins
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\wbem
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\usmt
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\spool
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\ShellExt
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\Setup
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\ras
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\oobe
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\npp
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\mui
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\inetsrv
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\IME
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\icsxml
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\ias
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\export
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\drivers
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\dhcp
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\config
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\3com_dmi
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\3076
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\2052
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1054
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1042
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1041
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1037
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1033
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1031
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1028
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32\1025
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system32
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\system
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\security
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Resources
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\repair
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Provisioning
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\PeerNet
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\pchealth
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\mui
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\msapps
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\msagent
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Media
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\java
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\ime
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Help
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\ehome
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Driver Cache
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Debug
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Cursors
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Connection Wizard
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\Config
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\AppPatch
    2008-08-15 22:37:39 ----D---- C:\WINDOWS\addins
    2008-08-15 22:37:39 ----D---- C:\WINDOWS
    2008-07-14 07:09:18 ----N---- C:\WINDOWS\system32\tzchange.exe

    ======List of files/folders modified in the last 3 months======

    2008-10-06 06:56:43 ----A---- C:\WINDOWS\win.ini
    2008-08-22 06:10:34 ----A---- C:\WINDOWS\system.ini
    2008-07-18 22:10:48 ----A---- C:\WINDOWS\system32\cdm.dll
    2008-07-18 22:10:40 ----A---- C:\WINDOWS\system32\wups2.dll
    2008-07-18 22:10:24 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
    2008-07-18 22:09:42 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
    2008-07-18 22:08:34 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
    2008-07-07 16:26:58 ----A---- C:\WINDOWS\system32\es.dll

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-07-19 26944]
    R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-07-19 78416]
    R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-07-19 42912]
    R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-08-16 96520]
    R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
    R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2002-10-15 17153]
    R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
    R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-07-19 94416]
    R2 AvgTdiX;AVG Free8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-08-16 76040]
    R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.7; C:\WINDOWS\system32\DRIVERS\mdc8021x.sys [2008-08-16 15781]
    R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-07-19 23152]
    R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2004-06-25 315392]
    R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2003-09-26 44032]
    R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\system32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-02-25 681629]
    R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2004-11-15 264440]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
    S1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-08-16 26824]
    S3 b57w2k;3Com 3C940 10/100/1000 LOM; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2001-08-17 96640]
    S3 BCM42XX;Broadcom iLine10(tm) Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcm42xx5.sys [2001-08-17 54271]
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 ICAM3NT5;Intel USB Video Camera III; C:\WINDOWS\System32\Drivers\Icam3.sys [2001-08-17 141056]
    S3 mauswlan;MAUS Software WLAN helper; C:\WINDOWS\system32\DRIVERS\mauswlan.sys [2004-10-20 54144]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-08-18 611664]
    R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
    R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
    R2 WLTRYSVC;WLTRYSVC; C:\WINDOWS\System32\wltrysvc.exe [2004-06-25 45056]
    R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
    R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
    S2 spupdsvc;Windows Service Pack Installer update service; C:\WINDOWS\system32\spupdsvc.exe [2007-08-10 26488]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
    S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-08-16 138168]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
    S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    S4 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-16 231192]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

    -----------------EOF-----------------
  2. 2008-10-06, 17:11 #12
    Shaba
    Shaba is offline
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Do you recognize this file?

    C:\Program Files\mmpphld.txt
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006
  3. 2008-10-06, 17:12 #13
    jmj3000
    jmj3000 is offline
    Junior Member
    Join Date
    Aug 2008
    Posts
    23

    Default

    no, i don't actually, but it was made 9 minutes ago
  4. 2008-10-06, 17:13 #14
    Shaba
    Shaba is offline
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Go to start - run

    Type notepad C:\Program Files\mmpphld.txt and click ok.

    Post back contents of Notepad, please.
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006
  5. 2008-10-06, 17:15 #15
    jmj3000
    jmj3000 is offline
    Junior Member
    Join Date
    Aug 2008
    Posts
    23

    Default

    Files to delete:
    C:\_OTMoveIt\MovedFiles\10062008_102504\WINDOWS\system32\unt\NTrem034.exe
    C:\_OTMoveIt\MovedFiles\10062008_102845\WINDOWS\system32\unt\NTrem034.exe
  6. 2008-10-06, 17:18 #16
    Shaba
    Shaba is offline
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    OK, then that is fine.

    Open HijackThis, click do a system scan only and checkmark these:

    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL (file missing)
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll (file missing)

    Close all windows including browser and press fix checked.

    Reboot.

    Please go to Kaspersky website and perform an online antivirus scan.

    Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

    1. Read through the requirements and privacy statement and click on Accept button.
    2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
    3. When the downloads have finished, click on Settings.
    4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      • Spyware, Adware, Dialers, and other potentially dangerous programs
        Archives
    5. Click on My Computer under Scan.
    6. Once the scan is complete, it will display the results. Click on View Scan Report.
    7. You will see a list of infected items there. Click on Save Report As....
    8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
    9. Please post this log in your next reply along with a fresh HijackThis log.


    If you need a tutorial, see here
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006
  7. 2008-10-08, 05:02 #17
    jmj3000
    jmj3000 is offline
    Junior Member
    Join Date
    Aug 2008
    Posts
    23

    Default

    here is the hijackthis log, the kaspersky report has over 3 million characters

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 10:46:48 PM, on 10/7/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.16705)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\wltrysvc.exe
    C:\WINDOWS\System32\bcmwltry.exe
    C:\WINDOWS\BCMSMMSG.exe
    C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\MSN Messenger\MsnMsgr.Exe
    C:\Program Files\Messenger\msmsgs.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\MySpace\IM\MySpaceIM.exe
    C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\MySpace\IM\MySpaceIM.exe
    C:\Program Files\Common Files\Teleca Shared\Generic.exe
    C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
    C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
    C:\Program Files\MSN Messenger\usnsvc.exe
    C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn0\yt.dll
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
    O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
    O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet
    O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
    O4 - Startup: iWin Desktop Alerts.lnk = C:\Documents and Settings\All Users\Application Data\iWin Games\DesktopAlerts\DesktopAlerts.exe
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
    O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary...n.cab56986.cab
    O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary...o.cab56649.cab
    O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary...t.cab56907.cab
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

    --
    End of file - 6707 bytes
  8. 2008-10-08, 05:23 #18
    jmj3000
    jmj3000 is offline
    Junior Member
    Join Date
    Aug 2008
    Posts
    23

    Default

    what do you want me to do with the kaspersky log?
  9. 2008-10-08, 10:45 #19
    Shaba
    Shaba is offline
    Security Expert: Emeritus
    Join Date
    Oct 2006
    Location
    Finland
    Posts
    29,374

    Default

    Please upload it to rapidshare.com and post back link here
    Microsoft MVP Consumer Security 2008-2011

    Member of ASAP and UNITE since 2006
  10. 2008-10-08, 12:02 #20
    jmj3000
    jmj3000 is offline
    Junior Member
    Join Date
    Aug 2008
    Posts
    23

    Default

    i zipped it and then uploaded it because when i tried to upload it as a .txt file it acted up
    http://rapidshare.com/files/151998224/Kaspersky.zip
« Previous Thread | Next Thread »

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules