Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Am I safe?

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Am I safe?

Unread postby attilathehun » September 11th, 2008, 8:51 pm

This is my first post and I hope someone can help me.

I had a trojan a few days ago which AVG identified but wouldnt remove as it was "bigger than archive limit". So I just put it in the recycle bin which i then emptied. Although subsequent scans have come up clean I'm worried that because I just deleted it like a file as opposed to disinfecting it, it is still present ready to ruin my system. And I was online for a few hours without anti-virus after disabling it for the kaspersky scan and forgetting about it

So i'd be grateful If some could look through my log please:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:47:37, on 11/09/2008
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\WINDOWS\system32\RAMASST.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Maxthon2\Maxthon.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [THotkey] "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"
O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"
O4 - HKLM\..\Run: [TPSMain] "C:\WINDOWS\system32\TPSMain.exe"
O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
O4 - HKLM\..\Run: [SkyTel] "C:\WINDOWS\SkyTel.EXE"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-01.sun.com/s/ESD44/JSCDL ... 586-jc.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe (file missing)
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11083 bytes
attilathehun
Active Member
 
Posts: 2
Joined: September 11th, 2008, 1:21 pm
Advertisement
Register to Remove

Re: Am I safe?

Unread postby Shaba » September 14th, 2008, 4:56 am

Hi attilathehun

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Am I safe?

Unread postby attilathehun » September 14th, 2008, 7:00 pm

Thank you for your quick reply! The logs requested are posted below:

Logfile of random's system information tool 1.01 (written by random/random)
Run by Rizwan at 2008-09-14 23:47:31
Microsoft Windows XP Professional Service Pack 3, v.3264
System drive C: has 11 GB (55%) free of 20 GB
Total RAM: 2550 MB (77% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:47:51, on 14/09/2008
Platform: Windows XP SP3, v.3264 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Microsoft ActiveSync\Wcescomm.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files\Maxthon2\Maxthon.exe
C:\Documents and Settings\Rizwan\Desktop\RSIT.exe
C:\Program Files\trend micro\Rizwan.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: CmjBrowserHelperObject Object - {07A11D74-9D25-4fea-A833-8B0D76A5577A} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Canon Easy Web Print Helper - {68F9551E-0411-48E4-9AAF-4BC42A6A46BE} - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll
O4 - HKLM\..\Run: [THotkey] "C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe"
O4 - HKLM\..\Run: [igfxtray] "C:\WINDOWS\system32\igfxtray.exe"
O4 - HKLM\..\Run: [igfxhkcmd] "C:\WINDOWS\system32\hkcmd.exe"
O4 - HKLM\..\Run: [igfxpers] "C:\WINDOWS\system32\igfxpers.exe"
O4 - HKLM\..\Run: [TPSMain] "C:\WINDOWS\system32\TPSMain.exe"
O4 - HKLM\..\Run: [RTHDCPL] "C:\WINDOWS\RTHDCPL.EXE"
O4 - HKLM\..\Run: [SkyTel] "C:\WINDOWS\SkyTel.EXE"
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [SmoothView] "C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] "C:\PROGRA~1\AVG\AVG8\avgtray.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [MMReminderService] C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [TOSCDSPD] "C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe"
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Program Files\Microsoft ActiveSync\Wcescomm.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [pdfSaver3] "C:\Program Files\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Toolband.dll/RC_Print.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\WINDOWS\bdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Send to Mindjet MindManager - {941E1A34-C6AF-4baa-A973-224F9C3E04BF} - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan ... stubie.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://www.bitdefender.co.uk/scan_uk/scan8/oscan8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://sdlc-esd.sun.com/ESD44/JSCDL/jdk ... 586-jc.cab
O16 - DPF: {A90A5822-F108-45AD-8482-9BC8B12DD539} (Crucial cpcScan) - http://www.crucial.com/controls/cpcScanner.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: wbsys.dll,avgrsstx.dll
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: KService - Unknown owner - C:\Program Files\Kontiki\KService.exe (file missing)
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
O23 - Service: TOSHIBA Application Service (TAPPSRV) - TOSHIBA Corp. - C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 11471 bytes

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07A11D74-9D25-4fea-A833-8B0D76A5577A}]
CmjBrowserHelperObject Object - C:\Program Files\Mindjet\MindManager 7\Mm7InternetExplorer.dll [2007-05-18 71184]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-08-31 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{68F9551E-0411-48E4-9AAF-4BC42A6A46BE}]
EWPBrowseObject Class - C:\Program Files\Canon\Easy-WebPrint\EWPBrowseLoader.dll [2006-06-09 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{327C2873-E90D-4c37-AA9D-10AC9BABA46C} - Easy-WebPrint - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll [2006-06-09 552960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"THotkey"=C:\Program Files\Toshiba\Toshiba Applet\thotkey.exe [2006-01-05 352256]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2006-03-23 94208]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2006-03-23 77824]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2006-03-23 118784]
"TPSMain"=C:\WINDOWS\system32\TPSMain.exe [2005-08-03 266240]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2006-12-19 16062464]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2006-05-16 2879488]
"IntelZeroConfig"=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-10-08 995328]
"IntelWireless"=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-10-08 1101824]
"SmoothView"=C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [2005-05-12 118784]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-08-31 1235736]
"ZoneAlarm Client"=C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2008-07-09 919016]
"cctray"=C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe [2008-08-30 181488]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"MMReminderService"=C:\Program Files\Mindjet\MindManager 7\MMReminderService.exe [2007-05-18 37392]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2007-11-30 15360]
"TOSCDSPD"=C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2005-04-11 65536]
"H/PC Connection Agent"=C:\Program Files\Microsoft ActiveSync\Wcescomm.exe [2006-11-13 1289000]
"AlcoholAutomount"=C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe [2008-02-22 217544]
"pdfSaver3"=C:\Program Files\Mindjet\MindManager 7\PDF-XChange\pdfSaver\pdfSaver3.exe [2004-09-05 380928]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2007-12-01 1695232]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

C:\Documents and Settings\Rizwan\Start Menu\Programs\Startup
Stardock ObjectDock.lnk - C:\Program Files\Stardock\ObjectDock\ObjectDock.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="wbsys.dll,avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2006-03-23 139264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\MCPClient]
C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll [2005-01-31 49152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WBSrv]
C:\Program Files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll [2008-07-11 184320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~1\COMMON~1\Stardock\MCPCore.dll [2005-05-10 86016]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll, schannel.dll, digest.dll, credssp.dll, msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\FlashGet\flashget.exe"="C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgemc.exe"="C:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe"
"C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe"="C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil_.exe:*:Enabled:BlueSoleil"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft ActiveSync\rapimgr.exe"="C:\Program Files\Microsoft ActiveSync\rapimgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync RAPI Manager"
"C:\Program Files\Microsoft ActiveSync\wcescomm.exe"="C:\Program Files\Microsoft ActiveSync\wcescomm.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Connection Manager"
"C:\Program Files\Microsoft ActiveSync\WCESMgr.exe"="C:\Program Files\Microsoft ActiveSync\WCESMgr.exe:169.254.2.0/255.255.255.0:Enabled:ActiveSync Application"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{13576b04-4e71-11dd-bda4-0019d2367a08}]
shell\AutoRun\command - G:\SSVICHOSST.exe
shell\Open\command - G:\SSVICHOSST.exe


List of files/folders created in the last three months

2008-09-14 23:47:31 ----D---- C:\rsit
2008-09-13 21:34:27 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-13 21:34:27 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-13 21:34:27 ----A---- C:\WINDOWS\system32\java.exe
2008-09-12 18:24:18 ----A---- C:\WINDOWS\system32\locate.com
2008-09-12 18:23:29 ----D---- C:\MGtools
2008-09-12 18:13:05 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-09-12 17:45:43 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-09-12 17:31:58 ----A---- C:\Program Files\spybotsd160.exe
2008-09-12 17:24:19 ----A---- C:\SASlog12th.txt
2008-09-12 16:24:49 ----A---- C:\Program Files\mb.exe
2008-09-12 16:24:26 ----A---- C:\MGtools.exe
2008-09-12 16:11:21 ----D---- C:\Program Files\CCleaner
2008-09-11 15:38:23 ----SHD---- C:\RECYCLER
2008-09-11 15:34:35 ----D---- C:\WINDOWS\temp
2008-09-11 15:34:33 ----A---- C:\ComboFix.txt
2008-09-11 15:31:58 ----A---- C:\Boot.bak
2008-09-11 15:31:53 ----D---- C:\cmdcons
2008-09-11 15:30:36 ----D---- C:\WINDOWS\erdnt
2008-09-11 15:29:57 ----D---- C:\QooBox
2008-09-11 15:29:54 ----A---- C:\WINDOWS\Nircmd.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\zip.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\VFind.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\swxcacls.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\swsc.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\swreg.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\sed.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\grep.exe
2008-09-11 15:29:53 ----A---- C:\WINDOWS\fdsv.exe
2008-09-10 06:47:27 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-09-10 01:20:18 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-09 19:31:10 ----D---- C:\Program Files\Common Files\Scanner
2008-09-09 19:31:08 ----HD---- C:\Config.msi
2008-09-09 19:30:57 ----D---- C:\Documents and Settings\All Users\Application Data\CA
2008-09-09 19:30:53 ----D---- C:\Program Files\CA
2008-09-09 19:30:28 ----A---- C:\caisslog.txt
2008-09-09 10:52:03 ----D---- C:\WINDOWS\BDOSCAN8
2008-09-05 14:22:39 ----D---- C:\Documents and Settings\Rizwan\Application Data\SecondLife
2008-09-05 14:22:09 ----D---- C:\Program Files\SecondLife
2008-08-31 17:14:01 ----D---- C:\control
2008-08-14 23:08:31 ----D---- C:\Program Files\IKEA HomePlanner
2008-08-14 01:18:55 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-14 01:18:50 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-14 01:18:46 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-14 01:18:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-14 01:17:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-14 01:17:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-14 01:16:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-12 12:59:43 ----D---- C:\Program Files\Kontiki
2008-08-12 12:59:43 ----D---- C:\Documents and Settings\All Users\Application Data\Kontiki
2008-08-12 12:59:41 ----D---- C:\logs3
2008-08-06 19:44:47 ----D---- C:\Documents and Settings\All Users\Application Data\Bluetooth
2008-08-06 19:40:52 ----D---- C:\Program Files\IVT Corporation
2008-07-27 14:11:20 ----A---- C:\WINDOWS\ODBC.INI
2008-07-27 14:10:52 ----A---- C:\WINDOWS\system32\mdimon.dll
2008-07-27 14:08:11 ----D---- C:\Program Files\Common Files\DESIGNER
2008-07-27 14:07:40 ----D---- C:\WINDOWS\SHELLNEW
2008-07-27 14:06:00 ----D---- C:\Program Files\Microsoft.NET
2008-07-27 14:05:59 ----D---- C:\Program Files\Microsoft Office
2008-07-24 11:03:37 ----HD---- C:\$AVG8.VAULT$
2008-07-24 10:19:22 ----D---- C:\Program Files\SpeedFan
2008-07-23 12:05:55 ----D---- C:\Documents and Settings\Rizwan\Application Data\dvdcss
2008-07-17 23:58:52 ----D---- C:\Documents and Settings\Rizwan\Application Data\Malwarebytes
2008-07-17 23:58:47 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-16 14:39:49 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-07-16 14:39:25 ----D---- C:\Program Files\SUPERAntiSpyware
2008-07-16 14:39:25 ----D---- C:\Documents and Settings\Rizwan\Application Data\SUPERAntiSpyware.com
2008-07-16 14:39:07 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-07-13 20:15:58 ----D---- C:\Downloads
2008-07-13 19:59:26 ----D---- C:\Documents and Settings\Rizwan\Application Data\Dexpot
2008-07-13 19:59:20 ----D---- C:\Program Files\Dexpot
2008-07-13 18:39:51 ----D---- C:\Program Files\Thoosje Sidebar V2.3
2008-07-13 18:03:20 ----D---- C:\Documents and Settings\Rizwan\Application Data\ViStart
2008-07-13 18:03:18 ----D---- C:\Program Files\ViStart
2008-07-12 17:02:44 ----D---- C:\Program Files\Trend Micro
2008-07-12 16:01:29 ----D---- C:\Program Files\EsetOnlineScanner
2008-07-11 21:20:13 ----D---- C:\Program Files\Avira GmbH
2008-07-11 19:54:39 ----D---- C:\Program Files\Alcohol Soft
2008-07-11 15:24:00 ----D---- C:\Documents and Settings\Rizwan\Application Data\Media Player Classic
2008-07-11 13:11:22 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-07-11 13:11:07 ----D---- C:\Program Files\AVG
2008-07-11 13:07:23 ----A---- C:\WINDOWS\system32\vsregexp.dll
2008-07-11 13:07:23 ----A---- C:\WINDOWS\system32\libeay32_0.9.6l.dll
2008-07-11 13:07:22 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2008-07-11 13:07:22 ----A---- C:\WINDOWS\system32\zlcomm.dll
2008-07-11 13:07:18 ----A---- C:\WINDOWS\system32\vswmi.dll
2008-07-11 13:07:17 ----D---- C:\WINDOWS\system32\ZoneLabs
2008-07-11 13:07:17 ----D---- C:\Program Files\Zone Labs
2008-07-11 13:07:17 ----A---- C:\WINDOWS\system32\zpeng24.dll
2008-07-11 13:07:17 ----A---- C:\WINDOWS\system32\vsxml.dll
2008-07-11 13:07:17 ----A---- C:\WINDOWS\system32\vspubapi.dll
2008-07-11 13:07:17 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2008-07-11 13:06:52 ----A---- C:\WINDOWS\system32\vsutil.dll
2008-07-11 13:06:52 ----A---- C:\WINDOWS\system32\vsinit.dll
2008-07-11 13:06:52 ----A---- C:\WINDOWS\system32\vsdata.dll
2008-07-11 12:33:45 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2008-07-11 12:27:56 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-07-11 02:42:12 ----D---- C:\WINDOWS\pss
2008-07-10 12:43:51 ----D---- C:\Documents and Settings\Rizwan\Application Data\Canon
2008-07-10 12:42:44 ----D---- C:\Documents and Settings\Rizwan\Application Data\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2008-07-10 12:41:03 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-07-10 12:40:09 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-07-10 12:37:58 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-07-10 12:37:52 ----D---- C:\Program Files\NOS
2008-07-10 12:16:59 ----D---- C:\Program Files\ArcSoft
2008-07-10 12:16:59 ----A---- C:\WINDOWS\PCDLIB32.DLL
2008-07-10 12:13:30 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-07-10 12:12:37 ----HD---- C:\Documents and Settings\All Users\Application Data\CanonBJ
2008-07-10 12:12:29 ----A---- C:\WINDOWS\system32\CNMLM81.DLL
2008-07-10 12:12:26 ----HD---- C:\WINDOWS\system32\CanonIJ Uninstaller Information
2008-07-10 12:12:19 ----A---- C:\WINDOWS\system32\cnco460.dll
2008-07-10 12:12:18 ----A---- C:\WINDOWS\system32\CNCL460.DLL
2008-07-10 12:12:18 ----A---- C:\WINDOWS\system32\CNCI460.DLL
2008-07-10 12:12:18 ----A---- C:\WINDOWS\system32\CNCC460.DLL
2008-07-10 12:12:07 ----HD---- C:\Program Files\CanonBJ
2008-07-10 12:11:29 ----D---- C:\Program Files\Canon
2008-07-10 10:05:55 ----D---- C:\WINDOWS\system32\appmgmt
2008-07-08 22:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-07-08 22:05:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-07-01 15:44:07 ----D---- C:\Documents and Settings\Rizwan\Application Data\vlc
2008-07-01 13:57:40 ----D---- C:\Documents and Settings\Rizwan\Application Data\LimeWire
2008-07-01 13:57:39 ----D---- C:\WINDOWS\Sun
2008-07-01 13:57:39 ----D---- C:\Documents and Settings\Rizwan\Application Data\Sun
2008-07-01 13:56:23 ----D---- C:\Program Files\Java
2008-07-01 13:55:54 ----D---- C:\Program Files\Common Files\Java
2008-07-01 13:52:28 ----D---- C:\Program Files\LimeWire
2008-06-30 22:07:57 ----A---- C:\shoplist.txt
2008-06-30 22:05:26 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-06-30 22:05:26 ----A---- C:\WINDOWS\system32\atl71.dll
2008-06-30 21:03:46 ----A---- C:\Documents and Settings\Rizwan\Application Data\burnaware.ini
2008-06-30 18:55:35 ----A---- C:\WINDOWS\_MSRSTRT.EXE
2008-06-30 18:17:59 ----N---- C:\WINDOWS\WB.ini
2008-06-30 18:10:54 ----D---- C:\Stardock
2008-06-30 18:10:53 ----N---- C:\WINDOWS\system32\wbsys.dll
2008-06-30 13:37:46 ----HD---- C:\WINDOWS\system32\GroupPolicy
2008-06-30 00:37:12 ----D---- C:\Program Files\Sure Delete
2008-06-30 00:32:34 ----D---- C:\Program Files\VideoLAN
2008-06-29 20:22:28 ----D---- C:\Documents and Settings\Rizwan\Application Data\Mozilla
2008-06-29 20:22:20 ----D---- C:\Program Files\Mozilla Firefox
2008-06-29 20:19:43 ----D---- C:\MxDownload
2008-06-29 20:05:21 ----D---- C:\Documents and Settings\Rizwan\Application Data\MyPhoneExplorer
2008-06-29 01:45:01 ----A---- C:\WINDOWS\system32\Smab.dll
2008-06-29 01:45:00 ----A---- C:\WINDOWS\system32\devil.dll
2008-06-29 01:44:59 ----A---- C:\WINDOWS\system32\avisynth.dll
2008-06-29 01:44:57 ----A---- C:\WINDOWS\MOTA113.exe
2008-06-29 01:44:56 ----A---- C:\WINDOWS\system32\AVSredirect.dll
2008-06-29 01:44:55 ----A---- C:\WINDOWS\system32\i420vfw.dll
2008-06-29 01:44:53 ----A---- C:\WINDOWS\system32\x.264.exe
2008-06-29 01:44:51 ----A---- C:\WINDOWS\x2.64.exe
2008-06-29 01:44:50 ----D---- C:\Program Files\AviSynth 2.5
2008-06-29 01:44:50 ----A---- C:\WINDOWS\meta4.exe
2008-06-29 01:04:26 ----A---- C:\WINDOWS\ReplacerUndo.txt
2008-06-28 23:51:31 ----D---- C:\Program Files\MSN Messenger
2008-06-28 18:42:19 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-06-28 18:13:24 ----D---- C:\Documents and Settings\Rizwan\Application Data\MxBoost
2008-06-28 18:09:16 ----D---- C:\Program Files\Maxthon2
2008-06-27 22:42:49 ----D---- C:\Documents and Settings\Rizwan\Application Data\Conceptworld
2008-06-27 16:59:21 ----A---- C:\WINDOWS\system32\pxc25pm.dll
2008-06-27 16:59:04 ----D---- C:\Documents and Settings\All Users\Application Data\Mindjet
2008-06-27 16:59:03 ----D---- C:\Program Files\Mindjet
2008-06-27 16:54:13 ----D---- C:\WINDOWS\Downloaded Installations
2008-06-27 16:51:56 ----RSD---- C:\WINDOWS\assembly
2008-06-27 16:51:24 ----D---- C:\WINDOWS\Microsoft.NET
2008-06-27 16:50:01 ----SH---- C:\WINDOWS\system32\Smab0.dll
2008-06-27 16:50:00 ----RSH---- C:\WINDOWS\system32\msfDX.dll
2008-06-27 16:50:00 ----RSH---- C:\WINDOWS\system32\flvDX.dll
2008-06-27 16:49:57 ----D---- C:\Program Files\eRightSoft
2008-06-27 16:49:46 ----D---- C:\Program Files\Pidgin
2008-06-27 16:49:42 ----D---- C:\Program Files\Conceptworld
2008-06-27 16:49:36 ----D---- C:\Program Files\Common Files\GTK
2008-06-27 16:49:03 ----D---- C:\Documents and Settings\Rizwan\Application Data\AD ON Multimedia
2008-06-27 16:48:58 ----D---- C:\Program Files\MyPhoneExplorer
2008-06-27 16:48:41 ----D---- C:\Program Files\MIKSOFT
2008-06-27 16:48:27 ----D---- C:\Program Files\Common Files\Stardock
2008-06-27 16:48:26 ----D---- C:\Program Files\Stardock
2008-06-27 16:47:41 ----A---- C:\WINDOWS\system32\rmoc3260.dll
2008-06-27 16:47:41 ----A---- C:\WINDOWS\system32\pndx5032.dll
2008-06-27 16:47:41 ----A---- C:\WINDOWS\system32\pndx5016.dll
2008-06-27 16:47:41 ----A---- C:\WINDOWS\system32\pncrt.dll
2008-06-27 16:47:40 ----A---- C:\WINDOWS\system32\unrar.dll
2008-06-27 16:47:39 ----A---- C:\WINDOWS\system32\yv12vfw.dll
2008-06-27 16:47:38 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2008-06-27 16:47:38 ----A---- C:\WINDOWS\system32\xvidcore.dll
2008-06-27 16:47:38 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-06-27 16:47:38 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-06-27 16:47:38 ----A---- C:\WINDOWS\system32\divx.dll
2008-06-27 16:47:37 ----A---- C:\WINDOWS\system32\ff_vfw.dll.manifest
2008-06-27 16:47:37 ----A---- C:\WINDOWS\system32\ff_vfw.dll
2008-06-27 16:47:36 ----D---- C:\Program Files\K-Lite Codec Pack
2008-06-27 16:47:36 ----D---- C:\Documents and Settings\Rizwan\Application Data\Real
2008-06-27 16:47:36 ----D---- C:\Documents and Settings\All Users\Application Data\Real
2008-06-27 16:47:36 ----A---- C:\WINDOWS\system32\msvcr71.dll
2008-06-27 16:47:36 ----A---- C:\WINDOWS\system32\msvcp71.dll
2008-06-27 16:46:07 ----D---- C:\Program Files\IZArc
2008-06-27 16:44:18 ----D---- C:\Program Files\IrfanView
2008-06-27 16:43:37 ----D---- C:\Program Files\Plugins
2008-06-27 16:42:48 ----D---- C:\Program Files\FlashGet
2008-06-27 16:42:00 ----D---- C:\Program Files\Free Hide Folder
2008-06-27 16:41:07 ----A---- C:\WINDOWS\system32\ifsdrives.dll
2008-06-27 16:40:14 ----A---- C:\WINDOWS\iun6002.exe
2008-06-27 16:38:13 ----D---- C:\Program Files\Microsoft ActiveSync
2008-06-27 16:37:36 ----D---- C:\Program Files\7-Zip
2008-06-27 16:36:51 ----D---- C:\Program Files\BurnAware Free Edition
2008-06-27 16:35:55 ----D---- C:\Program Files\Common Files\Adobe
2008-06-27 16:35:32 ----D---- C:\Program Files\Adobe
2008-06-26 13:01:12 ----D---- C:\Documents and Settings\Rizwan\Application Data\Macromedia
2008-06-26 12:59:51 ----D---- C:\Documents and Settings\Rizwan\Application Data\Adobe
2008-06-25 23:57:23 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-06-25 23:56:25 ----D---- C:\WINDOWS\ie7updates
2008-06-25 23:56:04 ----D---- C:\WINDOWS\WBEM
2008-06-25 23:54:54 ----HDC---- C:\WINDOWS\ie7
2008-06-25 23:54:41 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-06-25 23:54:28 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-06-25 23:53:17 ----A---- C:\WINDOWS\system32\MRT.exe
2008-06-25 23:50:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-06-25 23:50:24 ----HDC---- C:\WINDOWS\$NtUninstallKB942763$
2008-06-25 23:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-06-25 23:50:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-06-25 23:50:07 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2008-06-25 23:42:18 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-06-25 23:42:18 ----D---- C:\WINDOWS\system32\PreInstall
2008-06-25 23:42:18 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-06-25 23:42:16 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-06-25 23:42:16 ----HD---- C:\WINDOWS\$hf_mig$
2008-06-25 23:38:01 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-06-25 23:10:05 ----D---- C:\WINDOWS\system32\Lang
2008-06-25 23:09:52 ----A---- C:\WINDOWS\system32\igfxres.dll
2008-06-25 23:03:39 ----D---- C:\WINDOWS\Internet Logs
2008-06-25 22:58:39 ----D---- C:\Documents and Settings\Rizwan\Application Data\Intel
2008-06-25 22:58:37 ----A---- C:\WINDOWS\system32\results.txt
2008-06-25 22:58:32 ----A---- C:\WINDOWS\system32\AegisI5Installer.exe
2008-06-25 22:58:08 ----D---- C:\Documents and Settings\All Users\Application Data\Intel
2008-06-25 22:57:17 ----A---- C:\WINDOWS\system32\NETw4r32.dll
2008-06-25 22:57:17 ----A---- C:\WINDOWS\system32\NETw4c32.dll
2008-06-25 22:57:16 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-06-25 22:56:29 ----A---- C:\WINDOWS\system32\ChCfg.exe
2008-06-25 22:56:09 ----D---- C:\WINDOWS\system32\RTCOM
2008-06-25 22:56:06 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-06-25 22:55:46 ----A---- C:\WINDOWS\SoundMan.exe
2008-06-25 22:55:45 ----A---- C:\WINDOWS\SkyTel.exe
2008-06-25 22:55:43 ----A---- C:\WINDOWS\RtlUpd.exe
2008-06-25 22:55:41 ----A---- C:\WINDOWS\RTLCPL.exe
2008-06-25 22:55:38 ----A---- C:\WINDOWS\RTHDCPL.exe
2008-06-25 22:55:37 ----D---- C:\Program Files\Realtek
2008-06-25 22:55:37 ----A---- C:\WINDOWS\MicCal.exe
2008-06-25 22:55:37 ----A---- C:\WINDOWS\alcwzrd.exe
2008-06-25 22:55:37 ----A---- C:\WINDOWS\Alcmtr.exe
2008-06-25 22:55:32 ----A---- C:\WINDOWS\RtlExUpd.dll
2008-06-25 22:55:07 ----D---- C:\WINDOWS\system32\SDA
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPwrReg.dll
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPwrCfg.dll
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPSTrace.dll
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPSMainCtl.dll
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPSMain.exe
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPSDel.dll
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPSBattM.exe
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\TPSAddin.dll
2008-06-25 22:54:35 ----A---- C:\WINDOWS\system32\CpuPerf.dll
2008-06-25 22:54:29 ----A---- C:\WINDOWS\IsUninst.exe
2008-06-25 22:52:43 ----D---- C:\WINDOWS\tiinst
2008-06-25 22:51:31 ----D---- C:\Program Files\DVD-RAM
2008-06-25 22:51:31 ----A---- C:\WINDOWS\system32\RAMASST.exe
2008-06-25 22:51:31 ----A---- C:\WINDOWS\system32\DVDRAMSV.exe
2008-06-25 22:51:31 ----A---- C:\WINDOWS\system32\DVDMenu.dll
2008-06-25 22:49:55 ----D---- C:\Program Files\Intel
2008-06-25 22:49:39 ----HD---- C:\Program Files\InstallShield Installation Information
2008-06-25 22:49:20 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-06-25 22:46:12 ----D---- C:\Program Files\TOSHIBA
2008-06-25 22:46:12 ----A---- C:\WINDOWS\system32\TSBWLS.dll
2008-06-25 22:46:12 ----A---- C:\WINDOWS\system32\TPeculiarity.dll
2008-06-25 22:46:12 ----A---- C:\WINDOWS\system32\TCtrlIO.dll
2008-06-25 22:46:12 ----A---- C:\WINDOWS\system32\TCMSVR.dll
2008-06-25 22:46:12 ----A---- C:\WINDOWS\system32\DLLVGA.dll
2008-06-25 22:46:03 ----D---- C:\Program Files\Common Files\InstallShield
2008-06-25 20:04:25 ----A---- C:\WINDOWS\system32\h323log.txt
2008-06-25 19:53:57 ----A---- C:\WINDOWS\system32\usbui.dll
2008-06-25 19:52:51 ----SHD---- C:\WINDOWS\Installer
2008-06-25 19:52:51 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-06-25 19:52:50 ----D---- C:\Program Files\Common Files\ODBC
2008-06-25 19:52:50 ----A---- C:\WINDOWS\ODBCINST.INI
2008-06-25 19:52:46 ----RD---- C:\Program Files
2008-06-25 19:52:46 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-06-25 19:52:46 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-06-25 19:52:46 ----D---- C:\Program Files\Common Files
2008-06-25 19:52:43 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-06-25 19:52:43 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-06-25 19:52:43 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-06-25 19:52:41 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-06-25 19:52:41 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-06-25 19:52:41 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-06-25 19:52:41 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-06-25 19:52:40 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-06-25 19:52:38 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-06-25 19:52:38 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-06-25 19:52:38 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-06-25 19:52:38 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-06-25 19:52:38 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-06-25 19:52:38 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-06-25 19:52:38 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-06-25 19:52:36 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-06-25 19:52:36 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-06-25 19:52:36 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-06-25 19:52:36 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-06-25 19:52:36 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-06-25 19:52:34 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-06-25 19:52:32 ----A---- C:\WINDOWS\system32\irclass.dll
2008-06-25 19:52:31 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-06-25 19:52:31 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-06-25 19:52:31 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-06-25 19:52:31 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-06-25 19:52:29 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-06-25 19:52:28 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-06-25 19:52:28 ----A---- C:\WINDOWS\system32\batt.dll
2008-06-25 19:52:27 ----A---- C:\WINDOWS\system32\storprop.dll
2008-06-25 19:52:27 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-06-25 19:52:18----ASH----C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-06-25 19:52:13 ----RA---- C:\WINDOWS\SET8.tmp
2008-06-25 19:52:11 ----RA---- C:\WINDOWS\SET4.tmp
2008-06-25 19:52:09 ----RA---- C:\WINDOWS\SET3.tmp
2008-06-25 19:52:04 ----D---- C:\WINDOWS\system32\CatRoot2
2008-06-25 19:52:03 ----D---- C:\WINDOWS\system32\CatRoot
2008-06-25 19:51:58 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-06-25 19:51:28 ----D---- C:\Documents and Settings
2008-06-25 19:51:00 ----RASH---- C:\boot.ini
2008-06-25 19:50:08 ----SHD---- C:\System Volume Information
2008-06-25 19:46:31 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-06-25 19:46:31 ----RSD---- C:\WINDOWS\Fonts
2008-06-25 19:46:31 ----RD---- C:\WINDOWS\Web
2008-06-25 19:46:31 ----HD---- C:\WINDOWS\inf
2008-06-25 19:46:31 ----D---- C:\WINDOWS\WinSxS
2008-06-25 19:46:31 ----D---- C:\WINDOWS\twain_32
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\wins
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\wbem
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\usmt
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\spool
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\ShellExt
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\Setup
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\ras
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\oobe
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\npp
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\mui
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\inetsrv
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\IME
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\icsxml
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\ias
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\export
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\en
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\drivers
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\dhcp
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\config
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\3com_dmi
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\3076
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\2052
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1054
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1042
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1041
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1037
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1033
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1031
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1028
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32\1025
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system32
2008-06-25 19:46:31 ----D---- C:\WINDOWS\system
2008-06-25 19:46:31 ----D---- C:\WINDOWS\security
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Resources
2008-06-25 19:46:31 ----D---- C:\WINDOWS\repair
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Provisioning
2008-06-25 19:46:31 ----D---- C:\WINDOWS\PeerNet
2008-06-25 19:46:31 ----D---- C:\WINDOWS\pchealth
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Network Diagnostic
2008-06-25 19:46:31 ----D---- C:\WINDOWS\mui
2008-06-25 19:46:31 ----D---- C:\WINDOWS\msapps
2008-06-25 19:46:31 ----D---- C:\WINDOWS\msagent
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Media
2008-06-25 19:46:31 ----D---- C:\WINDOWS\L2Schemas
2008-06-25 19:46:31 ----D---- C:\WINDOWS\java
2008-06-25 19:46:31 ----D---- C:\WINDOWS\ime
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Help
2008-06-25 19:46:31 ----D---- C:\WINDOWS\ehome
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Driver Cache
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Debug
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Cursors
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Connection Wizard
2008-06-25 19:46:31 ----D---- C:\WINDOWS\Config
2008-06-25 19:46:31 ----D---- C:\WINDOWS\AppPatch
2008-06-25 19:46:31 ----D---- C:\WINDOWS\addins
2008-06-25 19:46:31 ----D---- C:\WINDOWS
2008-06-25 19:18:10 ----D---- C:\Documents and Settings\Rizwan\Application Data\Identities
2008-06-25 19:18:09 ----HD---- C:\Program Files\Uninstall Information
2008-06-25 19:18:02 ----ASH---- C:\Documents and Settings\Rizwan\Application Data\desktop.ini
2008-06-25 19:18:01 ----SD---- C:\Documents and Settings\Rizwan\Application Data\Microsoft
2008-06-25 19:17:06 ----D---- C:\WINDOWS\SoftwareDistribution
2008-06-25 19:17:04 ----D---- C:\WINDOWS\Prefetch
2008-06-25 19:17:03 ----SD---- C:\WINDOWS\system32\Microsoft
2008-06-25 19:17:03 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-06-25 19:13:06 ----D---- C:\WINDOWS\system32\xircom
2008-06-25 19:13:06 ----D---- C:\Program Files\xerox
2008-06-25 19:13:06 ----D---- C:\Program Files\microsoft frontpage
2008-06-25 19:12:45 ----A---- C:\WINDOWS\control.ini
2008-06-25 19:12:45 ----A---- C:\AUTOEXEC.BAT
2008-06-25 19:12:31 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-06-25 19:11:39 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-06-25 19:11:39 ----RD---- C:\WINDOWS\Offline Web Pages
2008-06-25 19:11:39 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-06-25 19:11:33 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-06-25 19:11:29 ----HD---- C:\Program Files\WindowsUpdate
2008-06-25 19:11:07 ----D---- C:\WINDOWS\system32\DirectX
2008-06-25 19:11:00 ----A---- C:\WINDOWS\system32\atrace.dll
2008-06-25 19:10:57 ----A---- C:\WINDOWS\system32\desktop.ini
2008-06-25 19:10:57 ----A---- C:\WINDOWS\desktop.ini
2008-06-25 19:10:48 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-06-25 19:10:46 ----D---- C:\Program Files\Common Files\Services
2008-06-25 19:10:46 ----A---- C:\WINDOWS\system32\acctres.dll
2008-06-25 19:10:43 ----SD---- C:\WINDOWS\Tasks
2008-06-25 19:10:43 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-06-25 19:10:41 ----D---- C:\Program Files\Common Files\MSSoap
2008-06-25 19:10:37 ----D---- C:\WINDOWS\srchasst
2008-06-25 19:10:36 ----D---- C:\WINDOWS\system32\Macromed
2008-06-25 19:10:33 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-06-25 19:10:33 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-06-25 19:10:33 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-06-25 19:10:33 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-06-25 19:10:33 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\wups.dll
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\bitsprx4.dll
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-06-25 19:10:32 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-06-25 19:10:31 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-06-25 19:10:27 ----D---- C:\Program Files\Movie Maker
2008-06-25 19:10:08 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-06-25 19:10:07 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-06-25 19:10:07 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-06-25 19:10:07 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-06-25 19:10:03 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-06-25 19:10:03 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-06-25 19:10:02 ----D---- C:\WINDOWS\system32\Restore
2008-06-25 19:10:02 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-06-25 19:10:02 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-06-25 19:10:02 ----A---- C:\WINDOWS\system32\srclient.dll
2008-06-25 19:10:01 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-06-25 19:10:01 ----A---- C:\WINDOWS\system32\msconf.dll
2008-06-25 19:10:01 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-06-25 19:10:01 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-06-25 19:10:01 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-06-25 19:10:01 ----A---- C:\WINDOWS\system32\ils.dll
2008-06-25 19:09:57 ----D---- C:\Program Files\NetMeeting
2008-06-25 19:09:57 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-06-25 19:09:57 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-06-25 19:09:56 ----A---- C:\WINDOWS\system32\inetres.dll
2008-06-25 19:09:56 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-06-25 19:09:54 ----D---- C:\Program Files\Outlook Express
2008-06-25 19:09:54 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-06-25 19:09:54 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-06-25 19:09:54 ----A---- C:\WINDOWS\system32\mstask.dll
2008-06-25 19:09:53 ----A---- C:\WINDOWS\system32\isign32.dll
2008-06-25 19:09:53 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-06-25 19:09:53 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-06-25 19:09:53 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-06-25 19:09:46 ----D---- C:\Program Files\Common Files\System
2008-06-25 19:09:42 ----D---- C:\Program Files\Internet Explorer
2008-06-25 19:09:05 ----D---- C:\Program Files\ComPlus Applications
2008-06-25 19:09:03 ----A---- C:\WINDOWS\vbaddin.ini
2008-06-25 19:09:03 ----A---- C:\WINDOWS\vb.ini
2008-06-25 19:08:57 ----D---- C:\WINDOWS\Registration
2008-06-25 19:08:49 ----D---- C:\Program Files\Windows Media Player
2008-06-25 19:08:49 ----D---- C:\Program Files\Online Services
2008-06-25 19:08:40 ----D---- C:\Program Files\Messenger
2008-06-25 19:08:35 ----D---- C:\Program Files\MSN Gaming Zone
2008-06-25 19:08:35 ----A---- C:\WINDOWS\system32\write.exe
2008-06-25 19:08:26 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-06-25 19:08:26 ----A---- C:\WINDOWS\system32\hticons.dll
2008-06-25 19:08:26 ----A---- C:\WINDOWS\system32\avwav.dll
2008-06-25 19:08:26 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-06-25 19:08:25 ----A---- C:\WINDOWS\system32\winchat.exe
2008-06-25 19:08:25 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-06-25 19:08:18 ----A---- C:\WINDOWS\system32\getuname.dll
2008-06-25 19:08:17 ----A---- C:\WINDOWS\system32\sol.exe
2008-06-25 19:08:17 ----A---- C:\WINDOWS\system32\charmap.exe
2008-06-25 19:08:17 ----A---- C:\WINDOWS\system32\calc.exe
2008-06-25 19:08:16 ----A---- C:\WINDOWS\system32\winmine.exe
2008-06-25 19:08:16 ----A---- C:\WINDOWS\system32\reset.exe
2008-06-25 19:08:16 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-06-25 19:08:16 ----A---- C:\WINDOWS\system32\freecell.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\tskill.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\tscon.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\shadow.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\regini.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-06-25 19:08:15 ----A---- C:\WINDOWS\system32\msg.exe
2008-06-25 19:08:14 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-06-25 19:08:14 ----A---- C:\WINDOWS\system32\logoff.exe
2008-06-25 19:08:14 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-06-25 19:08:08 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-06-25 19:07:54 ----D---- C:\Program Files\MSN
2008-06-25 19:07:53 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-06-25 19:07:52 ----D---- C:\Program Files\Windows NT
2008-06-25 19:07:52 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-06-25 19:07:52 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-06-25 19:07:52 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-06-25 19:07:51 ----A---- C:\WINDOWS\system32\spider.exe
2008-06-25 19:07:51 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-06-25 19:07:51 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-06-25 19:07:50 ----D---- C:\WINDOWS\system32\en-US
2008-06-25 19:07:49 ----A---- C:\WINDOWS\system32\tsgqec.dll
2008-06-25 19:07:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-06-25 19:07:49 ----A---- C:\WINDOWS\system32\rhttpaa.dll
2008-06-25 19:07:49 ----A---- C:\WINDOWS\system32\aaclient.dll
2008-06-25 19:07:48 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-06-25 19:07:48 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-06-25 19:07:47 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-06-25 19:07:46 ----D---- C:\WINDOWS\system32\MsDtc
2008-06-25 19:07:46 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-06-25 19:07:46 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-06-25 19:07:46 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-06-25 19:07:46 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-06-25 19:07:46 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-06-25 19:07:45 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-06-25 19:07:45 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-06-25 19:07:45 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-06-25 19:07:45 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-06-25 19:07:45 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-06-25 19:07:44 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-06-25 19:07:44 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-06-25 19:07:44 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-06-25 19:07:44 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-06-25 19:07:43 ----D---- C:\WINDOWS\system32\Com
2008-06-25 19:07:43 ----A---- C:\WINDOWS\system32\stclient.dll
2008-06-25 19:07:43 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-06-25 19:07:43 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-06-25 19:07:43 ----A---- C:\WINDOWS\system32\colbact.dll
2008-06-25 19:07:43 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-06-25 19:07:43 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-06-25 19:07:42 ----A---- C:\WINDOWS\system32\comuid.dll
2008-06-25 19:07:42 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-06-25 19:07:42 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-06-25 19:07:42 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-06-25 19:07:41 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-06-25 19:07:41 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-06-25 19:07:34 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-06-25 19:07:34 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-06-25 19:07:34 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-06-25 19:07:34 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-06-22 20:44:05 ----A---- C:\WINDOWS\system32\iglicd32.dll
2008-06-22 20:44:04 ----A---- C:\WINDOWS\system32\igldev32.dll
2008-06-22 20:44:04 ----A---- C:\WINDOWS\system32\igfxzoom.exe
2008-06-22 20:44:04 ----A---- C:\WINDOWS\system32\igfxtray.exe
2008-06-22 20:44:04 ----A---- C:\WINDOWS\system32\igfxsrvc.exe
2008-06-22 20:44:04 ----A---- C:\WINDOWS\system32\igfxsrvc.dll
2008-06-22 20:44:04 ----A---- C:\WINDOWS\system32\igfxress.dll
2008-06-22 20:44:04 ----A---- C:\WINDOWS\system32\igfxpph.dll
2008-06-22 20:44:03 ----A---- C:\WINDOWS\system32\igfxpers.exe
2008-06-22 20:44:03 ----A---- C:\WINDOWS\system32\igfxext.exe
2008-06-22 20:44:03 ----A---- C:\WINDOWS\system32\igfxexps.dll
2008-06-22 20:44:03 ----A---- C:\WINDOWS\system32\igfxdo.dll
2008-06-22 20:44:03 ----A---- C:\WINDOWS\system32\igfxdev.dll
2008-06-22 20:44:03 ----A---- C:\WINDOWS\system32\igfxcfg.exe
2008-06-22 20:44:01 ----A---- C:\WINDOWS\system32\ialmrnt5.dll
2008-06-22 20:44:01 ----A---- C:\WINDOWS\system32\ialmrem.dll
2008-06-22 20:44:01 ----A---- C:\WINDOWS\system32\ialmdnt5.dll
2008-06-22 20:44:00 ----A---- C:\WINDOWS\system32\ialmdev5.dll
2008-06-22 20:44:00 ----A---- C:\WINDOWS\system32\ialmdd5.dll
2008-06-22 20:44:00 ----A---- C:\WINDOWS\system32\iAlmCoIn_v4543.dll
2008-06-22 20:44:00 ----A---- C:\WINDOWS\system32\hkcmd.exe
2008-06-22 20:44:00 ----A---- C:\WINDOWS\system32\hccutils.dll

List of drivers

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-08-31 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-07-17 26824]
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2007-03-22 43584]
R1 Ext2fs;Ext2fs; C:\WINDOWS\system32\DRIVERS\ext2fs.sys [2008-01-20 179584]
R1 IfsMount;IfsMount; C:\WINDOWS\system32\DRIVERS\ifsmount.sys [2007-12-29 49536]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2007-11-30 36352]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-02 102384]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-05 28352]
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2008-07-09 394952]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-06-25 21361]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-07-17 76040]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-08-27 12288]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-03-18 60800]
R3 BlueletAudio;Bluetooth Audio Service; C:\WINDOWS\system32\DRIVERS\blueletaudio.sys [2007-05-11 34704]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\WINDOWS\system32\DRIVERS\BlueletSCOAudio.sys [2007-03-05 27792]
R3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2007-11-30 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-03-18 135168]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2006-03-23 1166972]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-12-21 4405248]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-09-26 2236032]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-03-18 61824]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\WINDOWS\System32\Drivers\RootMdm.sys [2004-08-04 5888]
R3 sdbus;sdbus; C:\WINDOWS\system32\DRIVERS\sdbus.sys [2007-11-30 79232]
R3 tifm21;tifm21; C:\WINDOWS\system32\drivers\tifm21.sys [2005-11-30 162560]
R3 TVALD;Toshiba Mobile PC Service; C:\WINDOWS\system32\DRIVERS\NBSMI.sys [2005-10-20 6144]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2007-11-30 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2007-11-30 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2007-11-30 20608]
R3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
S3 asjjd69u;asjjd69u; C:\WINDOWS\system32\drivers\asjjd69u.sys []
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\WINDOWS\System32\Drivers\btcusb.sys [2007-05-09 36496]
S3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys []
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys []
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 sffdisk;SFF Storage Class Driver; C:\WINDOWS\system32\DRIVERS\sffdisk.sys [2007-11-30 11904]
S3 sffp_sd;SFF Storage Protocol Driver for SDBus; C:\WINDOWS\system32\DRIVERS\sffp_sd.sys [2007-11-30 11008]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2007-11-30 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2007-11-30 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2007-11-30 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2007-11-30 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

List of services

R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-08-31 875288]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-08-31 231704]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-28 110592]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-10-08 794624]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-10-08 483328]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-10-08 1183744]
R2 StarWindServiceAE;StarWind AE Service; C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe [2007-05-28 275968]
R2 TAPPSRV;TOSHIBA Application Service; C:\Program Files\TOSHIBA\TOSHIBA Applet\TAPPSRV.exe [2005-12-20 35328]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2008-07-09 75304]
R3 CaCCProvSP;CaCCProvSP; C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe [2008-08-30 214256]
S2 KService;KService; C:\Program Files\Kontiki\KService.exe []
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 PPCtlPriv;PPCtlPriv; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe [2008-08-27 185584]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]

-----------------EOF-----------------






info.txt logfile of random's system information tool 1.01 2008-09-14 23:47:55

Uninstall list

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
7-Zip 4.57-->"C:\Program Files\7-Zip\Uninstall.exe"
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Alt-Tab Task Switcher Powertoy for Windows XP-->MsiExec.exe /I{A7050037-F0EA-4BAB-BCD5-FC05507D6147}
ArcSoft PhotoStudio 5.5-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{85309D89-7BE9-4094-BB17-24999C6118FC}\SETUP.EXE" -l0x9
AVG Free 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Avira RootKit Detection-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1FD25FCD-6F39-4686-AFBB-7056EBAE5E68}\setup.exe" -l0x9
Bluesoleil2.6.0.8 Release 070517-->MsiExec.exe /X{438BB9B4-65FE-4626-91D9-A8F57B18001D}
BurnAware Free Edition 1.2.9-->"C:\Program Files\BurnAware Free Edition\unins000.exe"
Canon MP Navigator 3.0-->"C:\Program Files\Canon\MP Navigator 3.0\Maint.exe" /UninstallRemove C:\Program Files\Canon\MP Navigator 3.0\uninst.ini
Canon MP460 User Registration-->C:\Program Files\Canon\IJEREG\MP460\UNINST.EXE
Canon MP460-->"C:\WINDOWS\system32\CanonIJ Uninstaller Information\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460\DelDrv.exe" /U:{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP460 /L0x0009
Canon Utilities Easy-PhotoPrint-->C:\Program Files\Canon\Easy-PhotoPrint\uninst.exe uninst.ini
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\Setup.exe" -l0x9
ClearType Tuning Control Panel Applet-->MsiExec.exe /I{C9E4932C-8417-4E4C-A0E3-EE534810AB4D}
DesktopX-->C:\PROGRA~1\Stardock\OBJECT~2\DesktopX\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~2\DesktopX\INSTALL.LOG
Dexpot 1.4-->"C:\Program Files\Dexpot\uninstall.exe"
DVD-RAM Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9D765FA6-F2BC-40AF-8145-50808F9BDF4E}\setup.exe" -l0x9 DVD-RAM Driver
Easy-WebPrint-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\Canon\Easy-WebPrint\Uninst.isu"
ESET Online Scanner-->C:\WINDOWS\system32\OnlineScannerUninstaller.exe
Ext2 IFS 1.11 for Windows XP-->RunDll32 setupapi.dll,InstallHinfSection DefaultUninstall 130 Ext2Ifs_for_NT501.inf
FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
Free Hide Folder-->C:\PROGRA~1\FREEHI~1\UNWISE.EXE C:\PROGRA~1\FREEHI~1\INSTALL.LOG
GTK+ Runtime 2.12.8 rev a (remove only)-->C:\Program Files\Common Files\GTK\2.0\uninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
IKEA Home Planner-->MsiExec.exe /I{A987FEC8-5616-49BD-BCA6-ACFFFE7403FE}
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_27A6 PCI\VEN_8086&DEV_27A2
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
IrfanView (remove only)-->C:\Program Files\IrfanView\iv_uninstall.exe
IZArc 3.81-->"C:\Program Files\IZArc\unins000.exe"
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Mega Codec Pack 3.9.5-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LimeWire PRO 4.18.2-->"C:\Program Files\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Maxthon2 Browser (remove only)-->C:\Program Files\Maxthon2\MaxthonUINST.exe
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft ActiveSync-->MsiExec.exe /I{99052DB7-9592-4522-A558-5417BBAD48EE}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Project Professional 2003-->MsiExec.exe /I{903B0409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Visio Professional 2003-->MsiExec.exe /I{90510409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
MIKSOFT Mobile AMR converter-->"C:\Program Files\MIKSOFT\Mobile AMR converter\unins000.exe"
Mindjet MindManager Pro 7-->MsiExec.exe /I{95868E9A-0225-4960-8266-99EDBD1CD3FF}
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (3.0.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
MSXML 6.0 Parser-->MsiExec.exe /I{AEB9948B-4FF2-47C9-990E-47014492A0FE}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
MyPhoneExplorer-->C:\Program Files\MyPhoneExplorer\uninstall.exe
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
ObjectDock-->C:\PROGRA~1\Stardock\OBJECT~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\INSTALL.LOG
Panda ActiveScan 2.0-->C:\Program Files\Panda Security\ActiveScan 2.0\as2uninst.exe
PDF-XChange 3.0-->"C:\Program Files\Mindjet\MindManager 7\PDF-XChange\unins000.exe"
Pidgin-->C:\Program Files\Pidgin\pidgin-uninst.exe
Piky Basket 2.0-->"C:\Program Files\Conceptworld\Piky\unins000.exe"
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
SecondLife (remove only)-->"C:\Program Files\SecondLife\uninst.exe" /P="SecondLife"
Security Update for Microsoft .NET Framework 2.0 (KB928365)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB950759)-->"C:\WINDOWS\ie7updates\KB950759-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB953838)-->"C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950759)-->"C:\WINDOWS\$NtUninstallKB950759$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPER © Version 2008.bld.30 (Mar 22, 2008)-->C:\PROGRA~1\ERIGHT~1\SUPER\Setup.exe /remove /q0
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Sure Delete 5.1.1-->"C:\Program Files\Sure Delete\unins000.exe"
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{4497AFF6-98C4-4F49-B073-F48F42BCBF9E} /l1033
Thoosje Sidebar V2.3-->C:\Program Files\Thoosje Sidebar V2.3\Uninstall.exe
TOSHIBA Hotkey Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64DD71BC-3109-4C88-9AD3-D5422644B722}\setup.exe" -l0x9
TOSHIBA Power Saver-->C:\WINDOWS\IsUninst.exe -f"C:\Program Files\TOSHIBA\Power Saver\Uninst.isu" -c"C:\WINDOWS\system32\TPSDel.dll"
TOSHIBA SD Memory Card Format-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{48CF9A66-5F03-4025-ABD0-B3A3FA095A59}\Setup.exe" -l0x9
TOSHIBA Utilities-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{78C68CB9-3DF5-44F3-AB9D-FA305C5EB85C}\setup.exe" -l0x9
TOSHIBA Zooming Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{64212898-097F-4F3F-AECA-6D34A7EF82DF}\setup.exe"
Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update for Windows XP (KB942763)-->"C:\WINDOWS\$NtUninstallKB942763$\spuninst\spuninst.exe"
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
VideoLAN VLC media player 0.8.6h-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Virtual Desktop Manager Powertoy for Windows XP-->MsiExec.exe /I{F251B999-08A9-4704-999C-9962F0DFD88E}
WindowBlinds-->C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~2\WINDOW~1\INSTALL.LOG
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Live Messenger-->MsiExec.exe /I{571700F0-DB9D-4B3A-B03D-35A14BB5939F}
ZoneAlarm Pro-->C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe

Hosts File

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

Security center information

AV: AVG Anti-Virus Free
AV: Webroot AntiVirus with AntiSpyware (disabled)
FW: ZoneAlarm Pro Firewall

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"tvdumpflags"=8

-----------------EOF-----------------
attilathehun
Active Member
 
Posts: 2
Joined: September 11th, 2008, 1:21 pm

Re: Am I safe?

Unread postby Shaba » September 15th, 2008, 5:13 am

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

LimeWire PRO 4.18.2

I'd like you to read the MRU policy for P2P Programs.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Delete info.txt in C:\RSIT folder

Re-run RSIT.

Post:

- RSIT logs
- contents of C:\ComboFix.txt
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Am I safe?

Unread postby NonSuch » September 20th, 2008, 3:52 am

Due to lack of response, this topic is now closed.

If you still require help, please open a new thread in the Infected? Virus, malware, adware, ransomware, oh my! forum, include a fresh FRST log, and wait for a new helper.
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 293 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware