Avast Mail scanner pop-ups

[hassan5482]

Here is the fresh log following system scan, fix checked & reboot, many thanks...

Logfile of random's system information tool 1.05 (written by random/random)
Run by Hassan at 2009-01-05 18:11:13
Microsoft Windows XP Professional Service Pack 3
System drive C: has 38 GB (79%) free of 48 GB
Total RAM: 1791 MB (72% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11:26, on 05/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast\aswUpdSv.exe
C:\Program Files\Avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Avast\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Avast\ashMaiSv.exe
C:\Program Files\Avast\ashWebSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\3\3Connect\Wilog.exe
C:\Documents and Settings\Hassan\Desktop\HJT\RSIT.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Hassan\Desktop\HJT\Hassan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://my3.three.co.uk/
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth Manager.lnk.disabled
O4 - Global Startup: Update Agent.lnk.disabled
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1230241525031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1230241783187
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 5802 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\cvmqlmbs.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-25 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-26 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-25 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\Avast\ashDisp.exe [2008-11-26 81000]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2006-10-31 7634944]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2006-10-31 86016]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-26 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2008-05-20 2474031]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk.disabled - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Update Agent.lnk.disabled - C:\Program Files\3\3Connect\AutoUpdateSrv.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\windefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\windefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{252f0f5c-d216-11dd-82dc-001fd0367303}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{252f0f5e-d216-11dd-82dc-001fd0367303}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53a46f4c-d35d-11dd-82ea-001fd0367303}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53a46f4e-d35d-11dd-82ea-001fd0367303}]
shell\AutoRun\command - F:\AutoRun.exe


======List of files/folders created in the last 1 months======

2009-01-03 21:47:29 ----D---- C:\Program Files\trend micro
2009-01-03 21:39:59 ----D---- C:\_OTMoveIt
2009-01-02 19:18:10 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-01-02 19:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2009-01-02 19:01:10 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-31 22:23:10 ----D---- C:\rsit
2008-12-29 22:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-29 22:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-29 21:57:24 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-29 19:33:51 ----D---- C:\Documents and Settings\Hassan\Application Data\Birdstep Technology
2008-12-29 19:32:17 ----D---- C:\Program Files\3
2008-12-29 00:12:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-28 21:47:56 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-28 21:47:24 ----D---- C:\WINDOWS\Prefetch
2008-12-28 21:46:54 ----D---- C:\WINDOWS\Minidump
2008-12-28 21:41:23 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-12-28 21:41:23 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-12-28 21:41:20 ----A---- C:\WINDOWS\system32\smtpapi.dll
2008-12-28 21:41:20 ----A---- C:\WINDOWS\system32\rwnh.dll
2008-12-28 21:41:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-28 21:41:16 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-12-28 21:41:16 ----D---- C:\WINDOWS\system32\scripting
2008-12-28 21:41:15 ----D---- C:\WINDOWS\system32\en
2008-12-28 21:41:15 ----D---- C:\WINDOWS\system32\bits
2008-12-28 21:41:15 ----D---- C:\WINDOWS\l2schemas
2008-12-28 21:41:15 ----D---- C:\Program Files\msn
2008-12-28 21:38:51 ----D---- C:\WINDOWS\network diagnostic
2008-12-28 21:38:11 ----A---- C:\WINDOWS\005578_.tmp
2008-12-28 17:23:44 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-28 17:23:41 ----SHD---- C:\Config.Msi
2008-12-28 17:15:53 ----D---- C:\WINDOWS\Sun
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\java.exe
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-28 17:14:07 ----D---- C:\Program Files\Java
2008-12-28 16:38:25 ----D---- C:\Documents and Settings\Hassan\Application Data\Sun
2008-12-28 15:37:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-28 15:36:30 ----D---- C:\WINDOWS\ie7updates
2008-12-28 15:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2008-12-27 17:47:36 ----D---- C:\Documents and Settings\Hassan\Application Data\Malwarebytes
2008-12-27 17:47:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-27 17:47:30 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-27 17:04:32 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-27 16:52:30 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-27 16:51:19 ----D---- C:\WINDOWS\Sdold
2008-12-27 11:22:03 ----SH---- C:\WINDOWS\system32\dsilbgep.ini
2008-12-26 23:49:46 ----D---- C:\Program Files\xp-AntiSpy
2008-12-26 23:38:22 ----D---- C:\Program Files\HijackThis
2008-12-26 22:59:01 ----A---- C:\WINDOWS\WirelessFTP.INI
2008-12-26 22:37:00 ----A---- C:\WINDOWS\tosOBEX.INI
2008-12-26 22:33:57 ----D---- C:\Documents and Settings\Hassan\Application Data\TOSHIBA
2008-12-26 22:33:13 ----D---- C:\Program Files\Toshiba
2008-12-26 22:16:35 ----D---- C:\Documents and Settings\Hassan\Application Data\Macromedia
2008-12-26 21:54:06 ----A---- C:\WINDOWS\system32\73656653-.txt
2008-12-26 21:47:49 ----D---- C:\Downloads
2008-12-26 21:34:50 ----D---- C:\Documents and Settings\Hassan\Application Data\Software Informer
2008-12-26 21:34:25 ----D---- C:\Program Files\Software Informer
2008-12-26 21:34:23 ----D---- C:\Documents and Settings\Hassan\Application Data\Free Download Manager
2008-12-26 21:34:20 ----D---- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-12-26 21:34:19 ----D---- C:\Program Files\Free Download Manager
2008-12-26 21:23:12 ----D---- C:\WINDOWS\pss
2008-12-26 20:41:50 ----A---- C:\WINDOWS\system32\wshirda.dll
2008-12-26 20:41:50 ----A---- C:\WINDOWS\system32\irmon.dll
2008-12-26 20:41:50 ----A---- C:\WINDOWS\system32\irftp.exe
2008-12-26 15:24:44 ----A---- C:\WINDOWS\system32\TaskKeyHook.dll
2008-12-26 15:11:33 ----D---- C:\Program Files\KB 600
2008-12-26 14:57:16 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2008-12-26 03:06:35 ----D---- C:\Documents and Settings\All Users\Application Data\DriverScanner
2008-12-26 03:00:37 ----D---- C:\Program Files\ExtractNow
2008-12-26 02:56:37 ----D---- C:\Documents and Settings\Hassan\Application Data\uTorrent
2008-12-26 02:17:00 ----D---- C:\Documents and Settings\Hassan\Application Data\uniblue
2008-12-26 02:16:24 ----D---- C:\Program Files\SpeedUpMyPC
2008-12-26 02:14:47 ----D---- C:\Program Files\Reference Assemblies
2008-12-26 02:13:53 ----D---- C:\WINDOWS\assembly
2008-12-26 02:13:40 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-26 02:11:48 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-12-26 02:11:30 ----RHD---- C:\AHCache
2008-12-26 01:34:00 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-12-26 01:29:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-26 01:29:00 ----D---- C:\Program Files\Common Files\Adobe
2008-12-26 01:29:00 ----D---- C:\Program Files\Adobe Reader 8.0
2008-12-26 01:29:00 ----D---- C:\Program Files\Adobe
2008-12-26 01:18:46 ----D---- C:\WINDOWS\Cache
2008-12-26 01:18:41 ----A---- C:\WINDOWS\RTacDbg.txt
2008-12-26 01:17:57 ----D---- C:\Program Files\REALTEK RTL8185 Wireless LAN Driver and Utility
2008-12-26 01:02:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-26 00:12:22 ----D---- C:\Documents and Settings\Hassan\Application Data\Google
2008-12-25 23:58:06 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-25 23:44:19 ----D---- C:\Program Files\Google
2008-12-25 23:38:55 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-12-25 23:38:53 ----D---- C:\Program Files\Windows Live
2008-12-25 23:38:47 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-25 23:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2008-12-25 23:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2008-12-25 23:16:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-25 23:16:57 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-12-25 23:16:48 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-25 23:16:42 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-25 23:16:17 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-25 23:16:03 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-25 23:15:59 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-12-25 23:10:14 ----D---- C:\WINDOWS\WBEM
2008-12-25 23:10:13 ----D---- C:\WINDOWS\system32\en-US
2008-12-25 23:09:54 ----HDC---- C:\WINDOWS\ie7
2008-12-25 23:09:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-25 23:09:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-25 23:09:20 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-25 23:09:19 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-12-25 22:36:39 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2008-12-25 22:36:38 ----D---- C:\Documents and Settings\Hassan\Application Data\MSN6
2008-12-25 22:16:47 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-25 22:16:45 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-25 22:16:45 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-25 21:54:30 ----D---- C:\Program Files\Registry Mechanic
2008-12-25 21:50:56 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-25 21:50:56 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-25 21:44:55 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-25 20:56:15 ----D---- C:\WINDOWS\system32\NtmsData
2008-12-25 11:51:34 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-12-25 11:37:35 ----D---- C:\Documents and Settings\Hassan\Application Data\OpenOffice.org
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\setupempdrv03.exe
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\SectorCopy.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\ResizeNTFS.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\Partition.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSLib.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSFormat.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSFileSystemAnalyser.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSCopy.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\Fixup.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FileSystemCheck.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FileSystemAnalyser.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatResizeMove.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatLib.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatFormat.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FATFileSystemAnalyser.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatCopy.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\EuEpmGdi.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\DeviceManager.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\DeviceAdapter.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\Device.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\CallbackOperator.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\BootMan.exe
2008-12-25 00:47:23 ----D---- C:\Program Files\Partition Manager
2008-12-25 00:46:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-25 00:46:13 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-25 00:01:01 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2008-12-25 00:00:26 ----D---- C:\Documents and Settings\Hassan\Application Data\Adobe
2008-12-24 23:59:45 ----D---- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
2008-12-24 23:58:43 ----D---- C:\Program Files\Huawei Modems
2008-12-24 23:58:43 ----A---- C:\WINDOWS\Huawei ModemsUninstall.exe
2008-12-24 23:39:11 ----D---- C:\Program Files\OpenOffice.org 3
2008-12-24 23:38:31 ----D---- C:\OpenOffice.org 3.0 Installation Files
2008-12-24 23:36:20 ----SHD---- C:\RECYCLER
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-24 23:31:19 ----D---- C:\Program Files\Avast
2008-12-24 23:18:03 ----D---- C:\Program Files\CCleaner
2008-12-24 23:13:51 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bthci.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\wmerror.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\twext.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slserv.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slgen.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2p.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-24 23:13:44 ----N---- C:\WINDOWS\slrundll.exe
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmpasf.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmp.dll
2008-12-24 23:13:42 ----D---- C:\WINDOWS\peernet
2008-12-24 23:13:41 ----D---- C:\WINDOWS\provisioning
2008-12-24 23:13:22 ----A---- C:\WINDOWS\system32\evntcmd.exe
2008-12-24 23:13:18 ----A---- C:\WINDOWS\system32\evntwin.exe
2008-12-24 23:13:15 ----A---- C:\WINDOWS\system32\snmpmib.dll
2008-12-24 23:13:12 ----A---- C:\WINDOWS\system32\hostmib.dll
2008-12-24 23:13:04 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-24 23:12:58 ----A---- C:\WINDOWS\system32\snmptrap.exe
2008-12-24 23:12:58 ----A---- C:\WINDOWS\system32\snmp.exe
2008-12-24 23:12:40 ----A---- C:\WINDOWS\system32\lmmib2.dll
2008-12-24 23:12:36 ----A---- C:\WINDOWS\system32\evntagnt.dll
2008-12-24 23:12:35 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-24 23:11:38 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-12-24 23:11:03 ----A---- C:\WINDOWS\002263_.tmp
2008-12-24 23:10:20 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-24 23:10:18 ----D---- C:\WINDOWS\EHome
2008-12-24 23:03:55 ----D---- C:\Program Files\Gigabyte
2008-12-24 23:03:49 ----A---- C:\WINDOWS\IsUninst.exe
2008-12-24 23:02:24 ----D---- C:\WINDOWS\NV960964.TMP
2008-12-24 22:57:10 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-12-24 22:56:04 ----D---- C:\WINDOWS\system32\Lang
2008-12-24 22:55:02 ----RA---- C:\WINDOWS\system32\ChCfg.exe
2008-12-24 22:54:43 ----D---- C:\WINDOWS\system32\RTCOM
2008-12-24 22:54:41 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-24 22:54:39 ----R---- C:\WINDOWS\SoundMan.exe
2008-12-24 22:54:38 ----R---- C:\WINDOWS\SkyTel.exe
2008-12-24 22:54:37 ----R---- C:\WINDOWS\RtlUpd.exe
2008-12-24 22:54:35 ----R---- C:\WINDOWS\RTLCPL.exe
2008-12-24 22:54:27 ----R---- C:\WINDOWS\RTHDCPL.exe
2008-12-24 22:54:26 ----R---- C:\WINDOWS\MicCal.exe
2008-12-24 22:54:24 ----R---- C:\WINDOWS\Alcmtr.exe
2008-12-24 22:54:23 ----R---- C:\WINDOWS\alcwzrd.exe
2008-12-24 22:54:23 ----D---- C:\Program Files\Realtek
2008-12-24 22:54:22 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-24 22:54:18 ----R---- C:\WINDOWS\RtlExUpd.dll
2008-12-24 22:54:18 ----A---- C:\WINDOWS\HideWin.exe
2008-12-24 22:54:02 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-24 22:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXP$
2008-12-24 22:51:37 ----D---- C:\WINDOWS\nview
2008-12-24 22:51:37 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-24 22:51:20 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-24 22:50:16 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-24 22:50:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-24 22:50:08 ----A---- C:\WINDOWS\system32\nvuide.exe
2008-12-24 22:50:06 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-24 22:50:03 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-24 22:50:02 ----D---- C:\Documents and Settings\Hassan\Application Data\InstallShield
2008-12-24 22:33:45 ----SHD---- C:\WINDOWS\Installer
2008-12-24 22:33:43 ----D---- C:\Documents and Settings\Hassan\Application Data\Identities
2008-12-24 22:33:40 ----HD---- C:\Program Files\Uninstall Information
2008-12-24 22:33:38 ----SD---- C:\Documents and Settings\Hassan\Application Data\Microsoft
2008-12-24 22:33:38 ----ASH---- C:\Documents and Settings\Hassan\Application Data\desktop.ini
2008-12-24 22:32:51 ----SHD---- C:\System Volume Information
2008-12-24 22:32:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-24 22:30:26 ----D---- C:\WINDOWS\system32\xircom
2008-12-24 22:30:26 ----D---- C:\Program Files\xerox
2008-12-24 22:30:26 ----D---- C:\Program Files\microsoft frontpage
2008-12-24 22:30:16 ----A---- C:\WINDOWS\control.ini
2008-12-24 22:30:16 ----A---- C:\AUTOEXEC.BAT
2008-12-24 22:30:09 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-24 22:29:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-24 22:29:38 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-24 22:29:38 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-24 22:29:34 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-24 22:29:20 ----D---- C:\WINDOWS\system32\DirectX
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-24 22:28:51 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-24 22:28:51 ----A---- C:\WINDOWS\desktop.ini
2008-12-24 22:28:44 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-24 22:28:44 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-24 22:28:43 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-24 22:28:42 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-24 22:28:41 ----D---- C:\Program Files\Common Files\Services
2008-12-24 22:28:41 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-24 22:28:37 ----SD---- C:\WINDOWS\Tasks
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-24 22:28:34 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-24 22:28:30 ----D---- C:\WINDOWS\srchasst
2008-12-24 22:28:29 ----D---- C:\WINDOWS\system32\Macromed
2008-12-24 22:28:28 ----D---- C:\Program Files\Movie Maker
2008-12-24 22:28:28 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-24 22:28:28 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-24 22:28:24 ----D---- C:\WINDOWS\PCHealth
2008-12-24 22:28:23 ----D---- C:\WINDOWS\system32\Restore
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-24 22:28:22 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-24 22:28:22 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-24 22:28:22 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-24 22:28:20 ----D---- C:\Program Files\NetMeeting
2008-12-24 22:28:20 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-24 22:28:20 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-24 22:28:19 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-24 22:28:18 ----D---- C:\Program Files\Outlook Express
2008-12-24 22:28:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-24 22:28:18 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-24 22:28:18 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-24 22:28:12 ----D---- C:\Program Files\Internet Explorer
2008-12-24 22:28:12 ----D---- C:\Program Files\Common Files\System
2008-12-24 22:27:59 ----D---- C:\Program Files\ComPlus Applications
2008-12-24 22:27:58 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-24 22:27:58 ----A---- C:\WINDOWS\vb.ini
2008-12-24 22:27:57 ----D---- C:\WINDOWS\Registration
2008-12-24 22:27:55 ----HD---- C:\Program Files\WindowsUpdate
2008-12-24 22:27:55 ----D---- C:\Program Files\Online Services
2008-12-24 22:27:54 ----D---- C:\Program Files\Windows Media Player
2008-12-24 22:27:51 ----D---- C:\Program Files\Messenger
2008-12-24 22:27:46 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-24 22:27:23 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-24 22:27:23 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-24 22:27:23 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-24 22:27:16 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-24 22:27:15 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-24 22:27:15 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-24 22:27:15 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-12-24 22:27:10 ----D---- C:\Program Files\Windows NT
2008-12-24 22:27:09 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-24 22:27:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-24 22:27:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-24 22:27:07 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-24 22:27:06 ----D---- C:\WINDOWS\system32\Com
2008-12-24 22:27:06 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-24 22:27:06 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-24 22:27:03 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-24 22:26:37 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-24 22:21:42 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-24 22:21:22 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-24 22:20:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-24 22:20:52 ----D---- C:\Program Files\Common Files\ODBC
2008-12-24 22:20:52 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-24 22:20:50 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-24 22:20:49 ----RD---- C:\Program Files
2008-12-24 22:20:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-24 22:20:49 ----D---- C:\Program Files\Common Files
2008-12-24 22:20:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-24 22:20:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-24 22:20:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-24 22:20:42 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-24 22:20:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-24 22:20:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-24 22:20:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-24 22:20:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-24 22:20:35 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-24 22:20:35 ----A---- C:\WINDOWS\notepad.exe
2008-12-24 22:20:34 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-24 22:20:34 ----A---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-24 22:20:34 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-24 22:20:31 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-24 22:20:29 ----RA---- C:\WINDOWS\SETA.tmp
2008-12-24 22:20:26 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-24 22:20:22 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-24 22:20:16 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-24 22:19:27 ----D---- C:\Documents and Settings
2008-12-24 22:13:23 ----RASH---- C:\boot.ini
2008-12-24 22:09:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-24 22:09:29 ----RD---- C:\WINDOWS\Web
2008-12-24 22:09:29 ----D---- C:\WINDOWS\WinSxS
2008-12-24 22:09:29 ----D---- C:\WINDOWS\twain_32
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Temp
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\wbem
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\usmt
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\Setup
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\oobe
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\npp
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\mui
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\IME
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\icsxml
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\ias
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\export
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\3076
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\2052
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1054
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1042
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1041
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1037
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1033
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1031
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1028
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1025
2008-12-24 22:09:29 ----D---- C:\WINDOWS\security
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Resources
2008-12-24 22:09:29 ----D---- C:\WINDOWS\mui
2008-12-24 22:09:29 ----D---- C:\WINDOWS\msapps
2008-12-24 22:09:29 ----D---- C:\WINDOWS\ime
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Driver Cache
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Debug
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Connection Wizard
2008-12-24 22:09:29 ----D---- C:\WINDOWS\AppPatch
2008-12-24 22:09:29 ----D---- C:\WINDOWS\addins
2008-12-24 22:09:28 ----RSD---- C:\WINDOWS\Fonts
2008-12-24 22:09:28 ----HD---- C:\WINDOWS\inf
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\wins
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\spool
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\ras
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\drivers
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\dhcp
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\config
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system
2008-12-24 22:09:28 ----D---- C:\WINDOWS\repair
2008-12-24 22:09:28 ----D---- C:\WINDOWS\msagent
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Media
2008-12-24 22:09:28 ----D---- C:\WINDOWS\java
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Help
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Cursors
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Config
2008-12-24 22:09:28 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2008-12-25 23:16:51 ----A---- C:\WINDOWS\win.ini
2008-12-24 23:11:31 ----RASH---- C:\NTDETECT.COM
2008-12-24 22:22:27 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-26 21035]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2006-11-15 38144]
R2 mdvrmng;Mobile IP Route Manager; \??\C:\WINDOWS\system32\drivers\mdvrmng.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2005-01-13 7168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-03-30 41856]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 273024]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 ET5Drv;ET5Drv; \??\C:\WINDOWS\system32\Drivers\ET5Drv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
S3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rtl8185.sys [2006-11-23 304896]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast\ashServ.exe [2008-11-26 155160]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-28 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-10-31 155715]
R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast\ashWebSv.exe [2008-11-26 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-26 137200]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

[Shaba]

• Please double-click OTMoveIt3.exe to run it. (Note: If you are running on Vista, right-click on the file and choose Run As Administrator).
• Copy the lines in the codebox below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  Code:

  :files
  C:\WINDOWS\tasks\cvmqlmbs.job
  
  :commands
  [EmptyTemp]
  [reboot]

• Return to OTMoveIt3, right click in the "Paste List of Files/Folders to Move" window (under the yellow bar) and choose Paste.
  
• Click the red Moveit! button.
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
• Close OTMoveIt3

Note: If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes. In this case, after the reboot, open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTMoveIt\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Re-run rsit.

Post:

- rsit log (only log.txt will appear)
- otmoveit3 log

[hassan5482]

Here is what you requested...

Logfile of random's system information tool 1.05 (written by random/random)
Run by Hassan at 2009-01-05 18:42:28
Microsoft Windows XP Professional Service Pack 3
System drive C: has 38 GB (79%) free of 48 GB
Total RAM: 1791 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:49:31, on 05/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast\aswUpdSv.exe
C:\Program Files\Avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Avast\ashMaiSv.exe
C:\Program Files\Avast\ashWebSv.exe
C:\WINDOWS\notepad.exe
C:\PROGRA~1\Avast\ashDisp.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Free Download Manager\fdm.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\3\3Connect\Wilog.exe
C:\Program Files\3\3Connect\AutoUpdateSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Hassan\Desktop\HJT\RSIT.exe
C:\Documents and Settings\Hassan\Desktop\HJT\Hassan.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://my3.three.co.uk/
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth Manager.lnk.disabled
O4 - Global Startup: Update Agent.lnk.disabled
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1230241525031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1230241783187
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1269238-8A13-44D1-9754-7B082745F44D}: NameServer = 4.2.2.3 4.2.2.4
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 5897 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-25 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll [2008-12-26 657904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-25 251504]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\Avast\ashDisp.exe [2008-11-26 81000]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2006-10-31 7634944]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]
"NvMediaCenter"=C:\WINDOWS\System32\NvMcTray.dll [2006-10-31 86016]
"nwiz"=nwiz.exe /install []
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-07-05 16380416]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-06-15 1826816]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-12-26 39408]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Free Download Manager"=C:\Program Files\Free Download Manager\fdm.exe [2008-05-20 2474031]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth Manager.lnk.disabled - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
Update Agent.lnk.disabled - C:\Program Files\3\3Connect\AutoUpdateSrv.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\windefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\windefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{252f0f5c-d216-11dd-82dc-001fd0367303}]
shell\AutoRun\command - E:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{252f0f5e-d216-11dd-82dc-001fd0367303}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53a46f4c-d35d-11dd-82ea-001fd0367303}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{53a46f4e-d35d-11dd-82ea-001fd0367303}]
shell\AutoRun\command - F:\AutoRun.exe


======List of files/folders created in the last 1 months======

2009-01-03 21:47:29 ----D---- C:\Program Files\trend micro
2009-01-03 21:39:59 ----D---- C:\_OTMoveIt
2009-01-02 19:18:10 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-01-02 19:01:16 ----D---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2009-01-02 19:01:10 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-12-31 22:23:10 ----D---- C:\rsit
2008-12-29 22:20:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-29 22:20:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-12-29 21:57:24 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-29 19:33:51 ----D---- C:\Documents and Settings\Hassan\Application Data\Birdstep Technology
2008-12-29 19:32:17 ----D---- C:\Program Files\3
2008-12-29 00:12:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-28 21:47:56 ----A---- C:\WINDOWS\system32\wmpns.dll
2008-12-28 21:47:24 ----D---- C:\WINDOWS\Prefetch
2008-12-28 21:46:54 ----D---- C:\WINDOWS\Minidump
2008-12-28 21:41:23 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-12-28 21:41:23 ----A---- C:\WINDOWS\system32\msxml6.dll
2008-12-28 21:41:20 ----A---- C:\WINDOWS\system32\smtpapi.dll
2008-12-28 21:41:20 ----A---- C:\WINDOWS\system32\rwnh.dll
2008-12-28 21:41:19 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-28 21:41:18 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-28 21:41:17 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-28 21:41:16 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-12-28 21:41:16 ----D---- C:\WINDOWS\system32\scripting
2008-12-28 21:41:15 ----D---- C:\WINDOWS\system32\en
2008-12-28 21:41:15 ----D---- C:\WINDOWS\system32\bits
2008-12-28 21:41:15 ----D---- C:\WINDOWS\l2schemas
2008-12-28 21:41:15 ----D---- C:\Program Files\msn
2008-12-28 21:38:51 ----D---- C:\WINDOWS\network diagnostic
2008-12-28 21:38:11 ----A---- C:\WINDOWS\005578_.tmp
2008-12-28 17:23:44 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-28 17:23:41 ----SHD---- C:\Config.Msi
2008-12-28 17:15:53 ----D---- C:\WINDOWS\Sun
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\java.exe
2008-12-28 17:14:19 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-28 17:14:07 ----D---- C:\Program Files\Java
2008-12-28 16:38:25 ----D---- C:\Documents and Settings\Hassan\Application Data\Sun
2008-12-28 15:37:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-28 15:36:30 ----D---- C:\WINDOWS\ie7updates
2008-12-28 15:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$
2008-12-27 17:47:36 ----D---- C:\Documents and Settings\Hassan\Application Data\Malwarebytes
2008-12-27 17:47:30 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-27 17:47:30 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-27 17:04:32 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-27 16:52:30 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-27 16:51:19 ----D---- C:\WINDOWS\Sdold
2008-12-27 11:22:03 ----SH---- C:\WINDOWS\system32\dsilbgep.ini
2008-12-26 23:49:46 ----D---- C:\Program Files\xp-AntiSpy
2008-12-26 23:38:22 ----D---- C:\Program Files\HijackThis
2008-12-26 22:59:01 ----A---- C:\WINDOWS\WirelessFTP.INI
2008-12-26 22:37:00 ----A---- C:\WINDOWS\tosOBEX.INI
2008-12-26 22:33:57 ----D---- C:\Documents and Settings\Hassan\Application Data\TOSHIBA
2008-12-26 22:33:13 ----D---- C:\Program Files\Toshiba
2008-12-26 22:16:35 ----D---- C:\Documents and Settings\Hassan\Application Data\Macromedia
2008-12-26 21:54:06 ----A---- C:\WINDOWS\system32\73656653-.txt
2008-12-26 21:47:49 ----D---- C:\Downloads
2008-12-26 21:34:50 ----D---- C:\Documents and Settings\Hassan\Application Data\Software Informer
2008-12-26 21:34:25 ----D---- C:\Program Files\Software Informer
2008-12-26 21:34:23 ----D---- C:\Documents and Settings\Hassan\Application Data\Free Download Manager
2008-12-26 21:34:20 ----D---- C:\Documents and Settings\All Users\Application Data\FreeDownloadManager.ORG
2008-12-26 21:34:19 ----D---- C:\Program Files\Free Download Manager
2008-12-26 21:23:12 ----D---- C:\WINDOWS\pss
2008-12-26 20:41:50 ----A---- C:\WINDOWS\system32\wshirda.dll
2008-12-26 20:41:50 ----A---- C:\WINDOWS\system32\irmon.dll
2008-12-26 20:41:50 ----A---- C:\WINDOWS\system32\irftp.exe
2008-12-26 15:24:44 ----A---- C:\WINDOWS\system32\TaskKeyHook.dll
2008-12-26 15:11:33 ----D---- C:\Program Files\KB 600
2008-12-26 14:57:16 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2008-12-26 03:06:35 ----D---- C:\Documents and Settings\All Users\Application Data\DriverScanner
2008-12-26 03:00:37 ----D---- C:\Program Files\ExtractNow
2008-12-26 02:56:37 ----D---- C:\Documents and Settings\Hassan\Application Data\uTorrent
2008-12-26 02:17:00 ----D---- C:\Documents and Settings\Hassan\Application Data\uniblue
2008-12-26 02:16:24 ----D---- C:\Program Files\SpeedUpMyPC
2008-12-26 02:14:47 ----D---- C:\Program Files\Reference Assemblies
2008-12-26 02:13:53 ----D---- C:\WINDOWS\assembly
2008-12-26 02:13:40 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-26 02:11:48 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-12-26 02:11:30 ----RHD---- C:\AHCache
2008-12-26 01:34:00 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-12-26 01:29:07 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-26 01:29:00 ----D---- C:\Program Files\Common Files\Adobe
2008-12-26 01:29:00 ----D---- C:\Program Files\Adobe Reader 8.0
2008-12-26 01:29:00 ----D---- C:\Program Files\Adobe
2008-12-26 01:18:46 ----D---- C:\WINDOWS\Cache
2008-12-26 01:18:41 ----A---- C:\WINDOWS\RTacDbg.txt
2008-12-26 01:17:57 ----D---- C:\Program Files\REALTEK RTL8185 Wireless LAN Driver and Utility
2008-12-26 01:02:56 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-26 00:12:22 ----D---- C:\Documents and Settings\Hassan\Application Data\Google
2008-12-25 23:58:06 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-12-25 23:44:19 ----D---- C:\Program Files\Google
2008-12-25 23:38:55 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-12-25 23:38:53 ----D---- C:\Program Files\Windows Live
2008-12-25 23:38:47 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-25 23:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB942288-v3$
2008-12-25 23:17:04 ----HDC---- C:\WINDOWS\$NtUninstallKB926239$
2008-12-25 23:16:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-25 23:16:57 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-12-25 23:16:48 ----D---- C:\Program Files\Windows Media Connect 2
2008-12-25 23:16:42 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-25 23:16:17 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-25 23:16:03 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-25 23:15:59 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-12-25 23:10:14 ----D---- C:\WINDOWS\WBEM
2008-12-25 23:10:13 ----D---- C:\WINDOWS\system32\en-US
2008-12-25 23:09:54 ----HDC---- C:\WINDOWS\ie7
2008-12-25 23:09:44 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-25 23:09:33 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-25 23:09:20 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-25 23:09:19 ----A---- C:\WINDOWS\system32\xmllite.dll
2008-12-25 22:36:39 ----D---- C:\Documents and Settings\All Users\Application Data\MSN6
2008-12-25 22:36:38 ----D---- C:\Documents and Settings\Hassan\Application Data\MSN6
2008-12-25 22:16:47 ----D---- C:\WINDOWS\system32\PreInstall
2008-12-25 22:16:45 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-12-25 22:16:45 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-25 21:54:30 ----D---- C:\Program Files\Registry Mechanic
2008-12-25 21:50:56 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-12-25 21:50:56 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-12-25 21:44:55 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-25 20:56:15 ----D---- C:\WINDOWS\system32\NtmsData
2008-12-25 11:51:34 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-12-25 11:37:35 ----D---- C:\Documents and Settings\Hassan\Application Data\OpenOffice.org
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\setupempdrv03.exe
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\SectorCopy.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\ResizeNTFS.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\Partition.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSLib.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSFormat.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSFileSystemAnalyser.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\NTFSCopy.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\Fixup.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FileSystemCheck.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FileSystemAnalyser.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatResizeMove.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatLib.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatFormat.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FATFileSystemAnalyser.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\FatCopy.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\EuEpmGdi.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\DeviceManager.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\DeviceAdapter.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\Device.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\CallbackOperator.dll
2008-12-25 00:47:27 ----A---- C:\WINDOWS\system32\BootMan.exe
2008-12-25 00:47:23 ----D---- C:\Program Files\Partition Manager
2008-12-25 00:46:15 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-25 00:46:13 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-25 00:01:01 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2008-12-25 00:00:26 ----D---- C:\Documents and Settings\Hassan\Application Data\Adobe
2008-12-24 23:59:45 ----D---- C:\Documents and Settings\All Users\Application Data\Birdstep Technology
2008-12-24 23:58:43 ----D---- C:\Program Files\Huawei Modems
2008-12-24 23:58:43 ----A---- C:\WINDOWS\Huawei ModemsUninstall.exe
2008-12-24 23:39:11 ----D---- C:\Program Files\OpenOffice.org 3
2008-12-24 23:38:31 ----D---- C:\OpenOffice.org 3.0 Installation Files
2008-12-24 23:36:20 ----SHD---- C:\RECYCLER
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-12-24 23:31:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-24 23:31:19 ----D---- C:\Program Files\Avast
2008-12-24 23:18:03 ----D---- C:\Program Files\CCleaner
2008-12-24 23:13:51 ----A---- C:\WINDOWS\system32\comsdupd.exe
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\d3d9.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\cmsetacl.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\btpanui.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bthserv.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bthci.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\blastcln.exe
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\auditusr.exe
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-24 23:13:47 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\mspmsnsv.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\msdadiag.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\MP4SDMOD.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\MP43DMOD.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdukx.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdsmsno.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdsmsfi.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdno1.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdmlt48.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdmlt47.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdmaori.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdinmal.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdinben.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdinbe1.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\kbdfi1.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir50_qcx.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir50_qc.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir50_32.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir41_qcx.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ir41_qc.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\ieencode.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\httpapi.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fwcfg.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fsquirt.exe
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-12-24 23:13:46 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\wmidx.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\wmerror.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\winshfhc.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\w3ssl.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\twext.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\strmfilt.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\smbinst.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slserv.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slrundll.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slgen.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slextspk.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\slcoinst.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\sdhcinst.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\s3gnb.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\powercfg.exe
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\pnrpnsp.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2psvc.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2pnetsh.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2pgraph.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2pgasvc.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\p2p.dll
2008-12-24 23:13:45 ----A---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-24 23:13:44 ----N---- C:\WINDOWS\slrundll.exe
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\xmlprovi.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\xmlprov.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wshbth.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wscsvc.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wscntfy.exe
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmvdmoe2.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\WMSPDMOE.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\WMSPDMOD.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmsdmoe2.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmpdxm.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmpasf.dll
2008-12-24 23:13:44 ----A---- C:\WINDOWS\system32\wmp.dll
2008-12-24 23:13:42 ----D---- C:\WINDOWS\peernet
2008-12-24 23:13:41 ----D---- C:\WINDOWS\provisioning
2008-12-24 23:13:22 ----A---- C:\WINDOWS\system32\evntcmd.exe
2008-12-24 23:13:18 ----A---- C:\WINDOWS\system32\evntwin.exe
2008-12-24 23:13:15 ----A---- C:\WINDOWS\system32\snmpmib.dll
2008-12-24 23:13:12 ----A---- C:\WINDOWS\system32\hostmib.dll
2008-12-24 23:13:04 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-24 23:12:58 ----A---- C:\WINDOWS\system32\snmptrap.exe
2008-12-24 23:12:58 ----A---- C:\WINDOWS\system32\snmp.exe
2008-12-24 23:12:40 ----A---- C:\WINDOWS\system32\lmmib2.dll
2008-12-24 23:12:36 ----A---- C:\WINDOWS\system32\evntagnt.dll
2008-12-24 23:12:35 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-24 23:11:38 ----A---- C:\WINDOWS\system32\xpsp2res.dll
2008-12-24 23:11:03 ----A---- C:\WINDOWS\002263_.tmp
2008-12-24 23:10:20 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-24 23:10:18 ----D---- C:\WINDOWS\EHome
2008-12-24 23:03:55 ----D---- C:\Program Files\Gigabyte
2008-12-24 23:03:49 ----A---- C:\WINDOWS\IsUninst.exe
2008-12-24 23:02:24 ----D---- C:\WINDOWS\NV960964.TMP
2008-12-24 22:57:10 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2008-12-24 22:56:04 ----D---- C:\WINDOWS\system32\Lang
2008-12-24 22:55:02 ----RA---- C:\WINDOWS\system32\ChCfg.exe
2008-12-24 22:54:43 ----D---- C:\WINDOWS\system32\RTCOM
2008-12-24 22:54:41 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-24 22:54:39 ----R---- C:\WINDOWS\SoundMan.exe
2008-12-24 22:54:38 ----R---- C:\WINDOWS\SkyTel.exe
2008-12-24 22:54:37 ----R---- C:\WINDOWS\RtlUpd.exe
2008-12-24 22:54:35 ----R---- C:\WINDOWS\RTLCPL.exe
2008-12-24 22:54:27 ----R---- C:\WINDOWS\RTHDCPL.exe
2008-12-24 22:54:26 ----R---- C:\WINDOWS\MicCal.exe
2008-12-24 22:54:24 ----R---- C:\WINDOWS\Alcmtr.exe
2008-12-24 22:54:23 ----R---- C:\WINDOWS\alcwzrd.exe
2008-12-24 22:54:23 ----D---- C:\Program Files\Realtek
2008-12-24 22:54:22 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-24 22:54:18 ----R---- C:\WINDOWS\RtlExUpd.dll
2008-12-24 22:54:18 ----A---- C:\WINDOWS\HideWin.exe
2008-12-24 22:54:02 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-24 22:54:01 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXP$
2008-12-24 22:51:37 ----D---- C:\WINDOWS\nview
2008-12-24 22:51:37 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-24 22:51:20 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-24 22:50:16 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-24 22:50:08 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-24 22:50:08 ----A---- C:\WINDOWS\system32\nvuide.exe
2008-12-24 22:50:06 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-12-24 22:50:03 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-12-24 22:50:02 ----D---- C:\Documents and Settings\Hassan\Application Data\InstallShield
2008-12-24 22:33:45 ----SHD---- C:\WINDOWS\Installer
2008-12-24 22:33:43 ----D---- C:\Documents and Settings\Hassan\Application Data\Identities
2008-12-24 22:33:40 ----HD---- C:\Program Files\Uninstall Information
2008-12-24 22:33:38 ----SD---- C:\Documents and Settings\Hassan\Application Data\Microsoft
2008-12-24 22:33:38 ----ASH---- C:\Documents and Settings\Hassan\Application Data\desktop.ini
2008-12-24 22:32:51 ----SHD---- C:\System Volume Information
2008-12-24 22:32:50 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-24 22:30:26 ----D---- C:\WINDOWS\system32\xircom
2008-12-24 22:30:26 ----D---- C:\Program Files\xerox
2008-12-24 22:30:26 ----D---- C:\Program Files\microsoft frontpage
2008-12-24 22:30:16 ----A---- C:\WINDOWS\control.ini
2008-12-24 22:30:16 ----A---- C:\AUTOEXEC.BAT
2008-12-24 22:30:09 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-24 22:29:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-24 22:29:38 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-24 22:29:38 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-24 22:29:34 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-24 22:29:20 ----D---- C:\WINDOWS\system32\DirectX
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-24 22:28:54 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-24 22:28:51 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-24 22:28:51 ----A---- C:\WINDOWS\desktop.ini
2008-12-24 22:28:44 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-24 22:28:44 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-24 22:28:43 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-24 22:28:42 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-24 22:28:41 ----D---- C:\Program Files\Common Files\Services
2008-12-24 22:28:41 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-24 22:28:37 ----SD---- C:\WINDOWS\Tasks
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-24 22:28:37 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-24 22:28:34 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-24 22:28:30 ----D---- C:\WINDOWS\srchasst
2008-12-24 22:28:29 ----D---- C:\WINDOWS\system32\Macromed
2008-12-24 22:28:28 ----D---- C:\Program Files\Movie Maker
2008-12-24 22:28:28 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-24 22:28:28 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-24 22:28:24 ----D---- C:\WINDOWS\PCHealth
2008-12-24 22:28:23 ----D---- C:\WINDOWS\system32\Restore
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-24 22:28:23 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-24 22:28:22 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-24 22:28:22 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-24 22:28:22 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-24 22:28:20 ----D---- C:\Program Files\NetMeeting
2008-12-24 22:28:20 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-24 22:28:20 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-24 22:28:19 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-24 22:28:18 ----D---- C:\Program Files\Outlook Express
2008-12-24 22:28:18 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-24 22:28:18 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-24 22:28:18 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-24 22:28:12 ----D---- C:\Program Files\Internet Explorer
2008-12-24 22:28:12 ----D---- C:\Program Files\Common Files\System
2008-12-24 22:27:59 ----D---- C:\Program Files\ComPlus Applications
2008-12-24 22:27:58 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-24 22:27:58 ----A---- C:\WINDOWS\vb.ini
2008-12-24 22:27:57 ----D---- C:\WINDOWS\Registration
2008-12-24 22:27:55 ----HD---- C:\Program Files\WindowsUpdate
2008-12-24 22:27:55 ----D---- C:\Program Files\Online Services
2008-12-24 22:27:54 ----D---- C:\Program Files\Windows Media Player
2008-12-24 22:27:51 ----D---- C:\Program Files\Messenger
2008-12-24 22:27:46 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-24 22:27:28 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-24 22:27:27 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-24 22:27:26 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-24 22:27:25 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-24 22:27:24 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-24 22:27:23 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-24 22:27:23 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-24 22:27:23 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-24 22:27:16 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-24 22:27:15 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-24 22:27:15 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-24 22:27:15 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-12-24 22:27:10 ----D---- C:\Program Files\Windows NT
2008-12-24 22:27:09 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-24 22:27:09 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-24 22:27:09 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-24 22:27:08 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-24 22:27:07 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-24 22:27:07 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-24 22:27:06 ----D---- C:\WINDOWS\system32\Com
2008-12-24 22:27:06 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-24 22:27:06 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-24 22:27:03 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-24 22:26:37 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-24 22:21:42 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-24 22:21:22 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-24 22:20:53 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-24 22:20:52 ----D---- C:\Program Files\Common Files\ODBC
2008-12-24 22:20:52 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-24 22:20:50 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-24 22:20:49 ----RD---- C:\Program Files
2008-12-24 22:20:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-24 22:20:49 ----D---- C:\Program Files\Common Files
2008-12-24 22:20:47 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-24 22:20:47 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-24 22:20:47 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-24 22:20:45 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-24 22:20:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-24 22:20:42 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-24 22:20:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-24 22:20:41 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-24 22:20:41 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-24 22:20:41 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-24 22:20:39 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-24 22:20:37 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-24 22:20:35 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-24 22:20:35 ----A---- C:\WINDOWS\notepad.exe
2008-12-24 22:20:34 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-24 22:20:34 ----A---- C:\WINDOWS\system32\CONFIG.TMP
2008-12-24 22:20:34 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-24 22:20:31 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-24 22:20:29 ----RA---- C:\WINDOWS\SETA.tmp
2008-12-24 22:20:26 ----RA---- C:\WINDOWS\SET3.tmp
2008-12-24 22:20:22 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-24 22:20:16 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-24 22:19:27 ----D---- C:\Documents and Settings
2008-12-24 22:13:23 ----RASH---- C:\boot.ini
2008-12-24 22:09:29 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-24 22:09:29 ----RD---- C:\WINDOWS\Web
2008-12-24 22:09:29 ----D---- C:\WINDOWS\WinSxS
2008-12-24 22:09:29 ----D---- C:\WINDOWS\twain_32
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Temp
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\wbem
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\usmt
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\Setup
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\oobe
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\npp
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\mui
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\IME
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\icsxml
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\ias
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\export
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\3076
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\2052
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1054
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1042
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1041
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1037
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1033
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1031
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1028
2008-12-24 22:09:29 ----D---- C:\WINDOWS\system32\1025
2008-12-24 22:09:29 ----D---- C:\WINDOWS\security
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Resources
2008-12-24 22:09:29 ----D---- C:\WINDOWS\mui
2008-12-24 22:09:29 ----D---- C:\WINDOWS\msapps
2008-12-24 22:09:29 ----D---- C:\WINDOWS\ime
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Driver Cache
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Debug
2008-12-24 22:09:29 ----D---- C:\WINDOWS\Connection Wizard
2008-12-24 22:09:29 ----D---- C:\WINDOWS\AppPatch
2008-12-24 22:09:29 ----D---- C:\WINDOWS\addins
2008-12-24 22:09:28 ----RSD---- C:\WINDOWS\Fonts
2008-12-24 22:09:28 ----HD---- C:\WINDOWS\inf
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\wins
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\spool
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\ras
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\drivers
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\dhcp
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32\config
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system32
2008-12-24 22:09:28 ----D---- C:\WINDOWS\system
2008-12-24 22:09:28 ----D---- C:\WINDOWS\repair
2008-12-24 22:09:28 ----D---- C:\WINDOWS\msagent
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Media
2008-12-24 22:09:28 ----D---- C:\WINDOWS\java
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Help
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Cursors
2008-12-24 22:09:28 ----D---- C:\WINDOWS\Config
2008-12-24 22:09:28 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2008-12-25 23:16:51 ----A---- C:\WINDOWS\win.ini
2008-12-24 23:11:31 ----RASH---- C:\NTDETECT.COM
2008-12-24 22:22:27 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-12-26 21035]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R2 EAPPkt;Realtek EAPPkt Protocol; C:\WINDOWS\system32\DRIVERS\EAPPkt.sys [2006-11-15 38144]
R2 mdvrmng;Mobile IP Route Manager; \??\C:\WINDOWS\system32\drivers\mdvrmng.sys []
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 genmcmnUSB;USB Scroll Mouse Driver; C:\WINDOWS\system32\DRIVERS\gflmouhid.sys [2005-01-13 7168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\System32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2008-03-17 101376]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-07-18 4547584]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2006-10-31 3964256]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2006-11-27 58368]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2006-11-27 19968]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-10 41600]
R3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-02-22 113920]
R3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-20 36480]
R3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2007-03-01 73728]
R3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
R3 tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-03-30 41856]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-14 17152]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-14 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-14 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-04-14 273024]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys []
S3 ET5Drv;ET5Drv; \??\C:\WINDOWS\system32\Drivers\ET5Drv.sys []
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys []
S3 gdrv;gdrv; \??\C:\WINDOWS\gdrv.sys []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-14 59136]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2001-08-23 5888]
S3 rtl8185;Realtek RTL8185 54M Wireless LAN Network Adapter Driver; C:\WINDOWS\system32\DRIVERS\rtl8185.sys [2006-11-23 304896]
S3 TosRfSnd;Bluetooth Audio; C:\WINDOWS\system32\drivers\tosrfsnd.sys [2007-01-22 53376]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Avast\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Avast\ashServ.exe [2008-11-26 155160]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-28 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\System32\nvsvc32.exe [2006-10-31 155715]
R2 SNMP;SNMP Service; C:\WINDOWS\System32\snmp.exe [2008-04-14 33280]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-02-25 125048]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Avast\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Avast\ashWebSv.exe [2008-11-26 352920]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-30 69632]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-12-26 137200]
S3 SNMPTRAP;SNMP Trap Service; C:\WINDOWS\System32\snmptrap.exe [2008-04-14 8704]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]

-----------------EOF-----------------

========== FILES ==========
C:\WINDOWS\tasks\cvmqlmbs.job moved successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Hassan\LOCALS~1\Temp\~DF7007.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Hassan\LOCALS~1\Temp\~DF7019.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
File delete failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_3fc.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_594.dat scheduled to be deleted on reboot.
File delete failed. C:\WINDOWS\temp\Perflib_Perfdata_63c.dat scheduled to be deleted on reboot.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01052009_183232

Files moved on Reboot...
File C:\DOCUME~1\Hassan\LOCALS~1\Temp\~DF7007.tmp not found!
File C:\DOCUME~1\Hassan\LOCALS~1\Temp\~DF7019.tmp not found!
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.
File move failed. C:\WINDOWS\temp\_avast4_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\Perflib_Perfdata_3fc.dat not found!
C:\WINDOWS\temp\Perflib_Perfdata_594.dat moved successfully.
File move failed. C:\WINDOWS\temp\Perflib_Perfdata_63c.dat scheduled to be moved on reboot.

[Shaba]

Please go to Kaspersky website and perform an online antivirus scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

1. Read through the requirements and privacy statement and click on Accept button.
2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
3. When the downloads have finished, click on Settings.
4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
   • Spyware, Adware, Dialers, and other potentially dangerous programs
     Archives
     
5. Click on My Computer under Scan.
6. Once the scan is complete, it will display the results. Click on View Scan Report.
7. You will see a list of infected items there. Click on Save Report As....
8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
9. Please post this log in your next reply along with a fresh HijackThis log.

If you need a tutorial, see here

[hassan5482]

Please find as requested below, many thanks

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Tuesday, January 6, 2009
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, January 05, 2009 23:06:40
Records in database: 1566760
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan statistics:
Files scanned: 30772
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 00:30:18

No malware has been detected. The scan area is clean.

The selected area was scanned.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 03:53:16, on 06/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Avast\aswUpdSv.exe
C:\Program Files\Avast\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Avast\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\snmp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\3\3Connect\Wilog.exe
C:\Program Files\3\3Connect\AutoUpdateSrv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Avast\ashMaiSv.exe
C:\Program Files\Avast\ashWebSv.exe
C:\Documents and Settings\Hassan\Desktop\HJT\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://go.microsoft.com/fwlink/?LinkId=54843
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://my3.three.co.uk/
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Bluetooth Manager.lnk.disabled
O4 - Global Startup: Update Agent.lnk.disabled
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {fb5f1910-f110-11d2-bb9e-00c04f795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1230241525031
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1230241783187
O17 - HKLM\System\CCS\Services\Tcpip\..\{D1269238-8A13-44D1-9754-7B082745F44D}: NameServer = 4.2.2.4 4.2.2.3
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Avast\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe

--
End of file - 5774 bytes

[Shaba]

That looks good

Still problems?

[hassan5482]

I still have a couple of problems whereby My Internet Explorer Home Page does not load when starting the application - I always get the following link and it will NOT save the setings when applied - I just get a constant hanging screen

http://runonce.msn.com/runonce3.aspx

In addition I don't know if its related to the connection problem I have to the Internet whereby after a few minutes online, my Internet speed slows down dramatically

Hoping you can help me to beat this problem

Many thanks

[Shaba]

Those are not likely malware related issues.

I can redirect you to some windows forum if you like to?

[hassan5482]

Yes that would be great!!

I've aslo got some problems within Windows whereby I've some of my games folder applications missing as well as some of my Entertainment folder applications

Please could you help me?

Many thanks once again

[Shaba]

Do you mean that shortcuts are missing from start menu?