Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Trojan Horse SHeur.CLZE

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Trojan Horse SHeur.CLZE

Unread postby Nishua » September 30th, 2008, 8:10 pm

I probably got this trojan from Lime wire which I just uninstalled because of it. Anyhow I every time I try to install the winamp program after its finished, when I attempt to launch it crashes. THe program was working fine until I tried to download a song off of limewire and then run it on winamp. I thought it was odd that the song had no audio coming from it. I'm not a PC noobie but I'm not that technical savy.. AVG tells me that I have the Trojan listed above. Here is my log.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:09:11 PM, on 9/30/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ideazon\ZEngine\Zboard.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\AVG\AVG8\avgui.exe
C:\Program Files\Vuze\Azureus.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2306145780
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7469 bytes



If someone wouldn't mind going into a little bit more detaila bout whats going on it would be appreciated. I would like a solution but I would also like to learn from this.
Nishua
Active Member
 
Posts: 6
Joined: September 30th, 2008, 7:47 pm
Advertisement
Register to Remove

Re: Trojan Horse SHeur.CLZE

Unread postby Shaba » October 2nd, 2008, 3:50 am

Hi Nishua

To access the Uninstall Manager you would do the following:

1. Start HijackThis
2. Click on the Config button
3. Click on the Misc Tools button
4. Click on the Open Uninstall Manager button.

You will now be presented with a screen similar to the one below:

Image

5. Click on the Save list... button and specify where you would like to save this file. When you press Save button a notepad will open with the contents of that file. Simply copy and paste the contents of that notepad here on your next reply.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Trojan Horse SHeur.CLZE

Unread postby Nishua » October 3rd, 2008, 12:30 am

As requested....


2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 9
Age of Conan - Hyborian Adventures
AIM 6
AIM Search
AIM Toolbar 5.0
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
AVG 8.0
Bonjour
Digital Media Reader
Easy CD-DA Extractor 11
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
ImgBurn
iTunes
Java(TM) 6 Update 7
Microsoft .NET Framework 2.0
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.3)
Nero 7 Ultra Edition
NVIDIA Drivers
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio 2007 (KB947590)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
System Requirements Lab
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb956080)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Viewpoint Media Player
VLC media player 0.9.2
Vuze
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR archiver
Z Engine
Nishua
Active Member
 
Posts: 6
Joined: September 30th, 2008, 7:47 pm

Re: Trojan Horse SHeur.CLZE

Unread postby Shaba » October 3rd, 2008, 3:46 am

IMPORTANT I notice there are signs of one or more P2P (Peer to Peer) File Sharing Programs on your computer.

Vuze

I'd like you to read the this thread.

Please go to Control Panel > Add/Remove Programs and uninstall the programs listed above (in red).

Uninstall also this:

Ask Toolbar

Please post a fresh uninstall list.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Trojan Horse SHeur.CLZE

Unread postby Nishua » October 3rd, 2008, 6:48 pm

2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
2007 Microsoft Office Suite Service Pack 1 (SP1)
Acrobat.com
Acrobat.com
Adobe AIR
Adobe AIR
Adobe Flash Player ActiveX
Adobe Flash Player Plugin
Adobe Reader 9
Age of Conan - Hyborian Adventures
AIM 6
AIM Search
AIM Toolbar 5.0
Apple Mobile Device Support
Apple Software Update
Ask Toolbar
AVG 8.0
Bonjour
Digital Media Reader
Easy CD-DA Extractor 11
HijackThis 2.0.2
Hotfix for Windows XP (KB952287)
ImgBurn
iTunes
Java(TM) 6 Update 7
Microsoft .NET Framework 2.0
Microsoft Expression Web
Microsoft Expression Web
Microsoft Expression Web MUI (English)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Expression Web Service Pack 1 (SP1)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio 2007 Service Pack 1 (SP1)
Microsoft Office Visio MUI (English) 2007
Microsoft Office Visio Professional 2007
Microsoft Office Visio Professional 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 Redistributable
Mozilla Firefox (3.0.3)
Nero 7 Ultra Edition
NVIDIA Drivers
QuickTime
Realtek High Definition Audio Driver
Security Update for 2007 Microsoft Office System (KB951596)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for 2007 Microsoft Office System (KB951944)
Security Update for Microsoft Office Excel 2007 (KB951546)
Security Update for Microsoft Office OneNote 2007 (KB950130)
Security Update for Microsoft Office PowerPoint 2007 (KB951338)
Security Update for Microsoft Office Publisher 2007 (KB950114)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB951808)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office system 2007 (KB954326)
Security Update for Microsoft Office Visio 2007 (KB947590)
Security Update for Microsoft Office Word 2007 (KB950113)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953838)
Security Update for Windows XP (KB953839)
System Requirements Lab
Update for Microsoft Office Outlook 2007 (KB952142)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Office 2007 (KB946691)
Update for Outlook 2007 Junk Email Filter (kb956080)
Update for Windows XP (KB951072-v2)
Update for Windows XP (KB951978)
Viewpoint Media Player
VLC media player 0.9.2
Windows Media Format Runtime
Windows XP Service Pack 3
WinRAR archiver
Z Engine

I removed the P2P program ask instructed.
Nishua
Active Member
 
Posts: 6
Joined: September 30th, 2008, 7:47 pm

Re: Trojan Horse SHeur.CLZE

Unread postby Shaba » October 4th, 2008, 4:37 am

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Trojan Horse SHeur.CLZE

Unread postby Nishua » October 5th, 2008, 3:37 pm

Logfile of random's system information tool 1.04 (written by random/random)
Run by Naijshua Thomas at 2008-10-05 15:36:30
Microsoft Windows XP Professional Service Pack 3
System drive C: has 51 GB (78%) free of 66 GB
Total RAM: 2046 MB (75% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 3:36:41 PM, on 10/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ideazon\ZEngine\Zboard.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Naijshua Thomas\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Naijshua Thomas.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O2 - BHO: Ask Toolbar BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: Ask Toolbar - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2306145780
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7429 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-09-28 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22}]
AOLSearchHook Class - C:\Program Files\AIM Search\AOLSearch.dll [2008-08-06 111912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7C554162-8CB7-45A4-B8F4-8EA1C75885F9}]
AOL Toolbar Launcher - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA}]
Ask Toolbar BHO - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-09-26 262144]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - Ask Toolbar - C:\Program Files\AskSBar\bar\1.bin\ASKSBAR.DLL [2008-09-26 262144]
{DE9C389F-3316-41A7-809B-AA305ED9D922} - AIM Toolbar - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll [2008-03-07 1090912]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"readericon"=C:\Program Files\Digital Media Reader\readericon45G.exe [2005-12-09 139264]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-09-09 16851968]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-10 289576]
"Zboard"=C:\Program Files\Ideazon\ZEngine\Zboard.exe [2007-07-25 57344]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe []
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-09-28 1235736]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MSMSGS"=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-11-16 139264]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Aim6"= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE"="C:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Program Files\Microsoft Office\Office12\GROOVE.EXE"="C:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2008-10-05 15:36:30 ----D---- C:\rsit
2008-09-30 19:36:13 ----D---- C:\Program Files\Trend Micro
2008-09-30 18:56:38 ----HD---- C:\$AVG8.VAULT$
2008-09-29 23:53:11 ----D---- C:\Program Files\Microsoft Silverlight
2008-09-28 03:11:18 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-09-28 03:10:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-09-28 01:58:36 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\LimeWire
2008-09-28 01:58:12 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-28 01:58:12 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-28 01:58:12 ----A---- C:\WINDOWS\system32\java.exe
2008-09-28 01:57:24 ----D---- C:\Program Files\Java
2008-09-28 01:56:55 ----D---- C:\Program Files\Common Files\Java
2008-09-28 01:23:28 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\WinRAR
2008-09-28 01:22:17 ----D---- C:\Program Files\WinRAR
2008-09-28 00:49:51 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-09-28 00:49:32 ----D---- C:\Program Files\AVG
2008-09-28 00:49:31 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-09-27 10:45:21 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\dvdcss
2008-09-27 02:30:14 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\acccore
2008-09-27 02:28:29 ----D---- C:\Program Files\AOL
2008-09-27 02:28:27 ----D---- C:\Program Files\AIM Search
2008-09-27 02:28:25 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-09-27 02:28:23 ----D---- C:\Program Files\Viewpoint
2008-09-27 02:28:23 ----D---- C:\Documents and Settings\All Users\Application Data\acccore
2008-09-27 02:28:15 ----D---- C:\Documents and Settings\All Users\Application Data\AOL OCP
2008-09-27 02:28:15 ----D---- C:\Documents and Settings\All Users\Application Data\AOL
2008-09-27 02:27:59 ----D---- C:\Program Files\Common Files\AOL
2008-09-27 02:27:50 ----D---- C:\Program Files\AIM6
2008-09-27 01:08:50 ----D---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-27 01:08:42 ----D---- C:\WINDOWS\Easy CD-DA Extractor 11.0.3
2008-09-27 01:08:42 ----D---- C:\Program Files\Easy CD-DA Extractor 11
2008-09-27 01:04:46 ----A---- C:\WINDOWS\system32\muweb.dll
2008-09-27 01:04:46 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-09-27 01:04:46 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-09-27 00:59:14 ----D---- C:\Program Files\Microsoft Expression
2008-09-27 00:53:20 ----A---- C:\WINDOWS\ODBC.INI
2008-09-27 00:49:15 ----A---- C:\WINDOWS\system32\msonpmon.dll
2008-09-27 00:46:23 ----D---- C:\Program Files\Microsoft Works
2008-09-27 00:46:09 ----D---- C:\Program Files\MSBuild
2008-09-27 00:45:42 ----D---- C:\Program Files\Microsoft Visual Studio
2008-09-27 00:45:42 ----D---- C:\Program Files\Common Files\DESIGNER
2008-09-27 00:44:57 ----D---- C:\Program Files\Microsoft.NET
2008-09-27 00:42:46 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-09-27 00:41:58 ----D---- C:\WINDOWS\SHELLNEW
2008-09-27 00:41:47 ----A---- C:\WINDOWS\NeroDigital.ini
2008-09-27 00:41:30 ----D---- C:\Program Files\Microsoft Office
2008-09-27 00:41:29 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-27 00:41:11 ----RHD---- C:\MSOCache
2008-09-27 00:36:53 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Ahead
2008-09-27 00:35:20 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-09-27 00:35:19 ----D---- C:\Program Files\Nero
2008-09-27 00:35:19 ----D---- C:\Program Files\Common Files\Ahead
2008-09-27 00:29:42 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\vlc
2008-09-27 00:28:39 ----D---- C:\Program Files\VideoLAN
2008-09-26 22:53:16 ----D---- C:\WINDOWS\RegisteredPackages
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\vxblock.dll
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxwave.dll
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxsfs.dll
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxmas.dll
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxinsa64.exe
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxdrv.dll
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxcpya64.exe
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\pxafs.dll
2008-09-26 22:52:40 ----N---- C:\WINDOWS\system32\px.dll
2008-09-26 06:58:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-26 01:18:39 ----D---- C:\Documents and Settings\All Users\Application Data\Azureus
2008-09-26 01:18:37 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Azureus
2008-09-26 01:18:32 ----D---- C:\Program Files\AskSBar
2008-09-25 23:40:37 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Ideazon
2008-09-25 23:35:05 ----D---- C:\Program Files\Ideazon
2008-09-25 23:27:57 ----RSD---- C:\WINDOWS\assembly
2008-09-25 23:27:37 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-25 19:59:42 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-09-25 19:59:42 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-09-25 19:59:42 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-09-25 19:59:42 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-09-25 19:59:42 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-09-25 19:59:41 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-09-25 19:59:41 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-09-25 19:59:41 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-09-25 19:59:41 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-09-25 19:59:41 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-09-25 19:59:40 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-09-25 19:59:40 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-09-25 19:59:40 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-09-25 19:59:40 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-09-25 19:59:39 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-09-25 19:59:39 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-09-25 19:59:39 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-09-25 19:59:39 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-09-25 19:59:39 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-09-25 19:59:38 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-09-25 19:59:36 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-09-25 19:59:35 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-09-25 19:59:35 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-09-25 19:59:32 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-09-25 19:59:32 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-09-25 19:59:32 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-09-25 19:59:31 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-09-25 19:59:31 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-09-25 19:59:31 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-09-25 19:59:31 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-09-25 19:59:30 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-09-25 19:59:30 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-09-25 19:59:30 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-09-25 19:59:30 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-09-25 19:59:29 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-09-25 19:59:29 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-09-25 19:59:29 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-09-25 19:59:29 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-09-25 19:59:29 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-09-25 19:59:28 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-09-25 19:59:28 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-09-25 19:59:27 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-09-25 19:59:27 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-09-25 19:59:27 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-09-25 19:59:26 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-09-25 19:59:14 ----D---- C:\Documents and Settings\All Users\Application Data\media center programs
2008-09-25 18:38:20 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Apple Computer
2008-09-25 18:38:13 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-09-25 18:38:01 ----D---- C:\Program Files\iPod
2008-09-25 18:38:00 ----D---- C:\Program Files\iTunes
2008-09-25 18:38:00 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-09-25 18:37:52 ----D---- C:\Program Files\Bonjour
2008-09-25 18:37:27 ----D---- C:\Program Files\QuickTime
2008-09-25 18:37:26 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-25 18:37:16 ----D---- C:\Program Files\Apple Software Update
2008-09-25 18:37:11 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-25 18:36:58 ----D---- C:\Program Files\Common Files\Apple
2008-09-25 18:36:58 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-09-25 18:26:06 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Mozilla
2008-09-25 18:26:02 ----D---- C:\Program Files\Mozilla Firefox
2008-09-25 18:23:35 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-09-25 18:23:10 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-09-25 18:23:05 ----D---- C:\Program Files\Common Files\Adobe
2008-09-25 18:23:05 ----D---- C:\Program Files\Adobe
2008-09-25 18:22:04 ----D---- C:\Program Files\NOS
2008-09-25 18:22:04 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-09-25 17:56:39 ----D---- C:\Documents and Settings\All Users\Application Data\Funcom
2008-09-25 00:03:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-25 00:03:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-25 00:03:50 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-25 00:03:47 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-09-25 00:03:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-25 00:03:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-09-25 00:03:28 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-09-25 00:03:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-09-25 00:03:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-25 00:03:17 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-25 00:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-09-25 00:03:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-25 00:03:01 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-24 23:57:38 ----D---- C:\WINDOWS\nview
2008-09-24 23:57:38 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-09-24 23:57:25 ----D---- C:\NVIDIA
2008-09-24 23:55:11 ----SHD---- C:\RECYCLER
2008-09-24 23:54:07 ----D---- C:\Program Files\SystemRequirementsLab
2008-09-24 23:53:19 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Adobe
2008-09-24 23:53:14 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Macromedia
2008-09-24 23:49:12 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\ImgBurn
2008-09-24 23:36:27 ----D---- C:\Program Files\ImgBurn
2008-09-24 23:01:20 ----D---- C:\WINDOWS\system32\Lang
2008-09-24 22:59:39 ----D---- C:\WINDOWS\system32\RTCOM
2008-09-24 22:59:37 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-09-24 22:59:32 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2008-09-24 22:59:32 ----A---- C:\WINDOWS\SkyTel.exe
2008-09-24 22:59:32 ----A---- C:\WINDOWS\RtlUpd.exe
2008-09-24 22:59:31 ----A---- C:\WINDOWS\RTLCPL.EXE
2008-09-24 22:59:30 ----A---- C:\WINDOWS\RTHDCPL.EXE
2008-09-24 22:59:30 ----A---- C:\WINDOWS\MicCal.exe
2008-09-24 22:59:29 ----D---- C:\Program Files\Realtek
2008-09-24 22:59:29 ----A---- C:\WINDOWS\ALCWZRD.EXE
2008-09-24 22:59:29 ----A---- C:\WINDOWS\ALCMTR.EXE
2008-09-24 22:58:33 ----A---- C:\WINDOWS\RtlExUpd.dll
2008-09-24 22:58:33 ----A---- C:\WINDOWS\HideWin.exe
2008-09-24 22:52:32 ----D---- C:\WINDOWS\Prefetch
2008-09-24 22:01:25 ----D---- C:\WINDOWS\system32\scripting
2008-09-24 22:01:25 ----D---- C:\WINDOWS\system32\en-us
2008-09-24 22:01:25 ----D---- C:\WINDOWS\l2schemas
2008-09-24 22:01:24 ----D---- C:\WINDOWS\system32\en
2008-09-24 21:57:55 ----D---- C:\WINDOWS\network diagnostic
2008-09-24 21:54:07 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-09-24 21:54:06 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-09-24 21:54:05 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-09-24 21:54:04 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-24 21:54:03 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-09-24 21:54:03 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-09-24 21:54:03 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-09-24 21:54:02 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-09-24 21:54:02 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-24 21:54:02 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-24 21:53:58 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-24 21:53:57 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-24 21:53:57 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-24 21:53:57 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-24 21:53:57 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-24 21:53:56 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-24 21:53:56 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-24 21:53:56 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-09-24 21:53:56 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-24 21:53:54 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-24 21:53:54 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-24 21:53:54 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-24 21:53:54 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-09-24 21:53:54 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-24 21:53:53 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-24 21:53:53 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-24 21:53:50 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-24 21:53:49 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-24 21:53:49 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-24 21:53:49 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-24 21:53:47 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-24 21:53:47 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-24 21:53:47 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-24 21:53:47 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-24 21:53:47 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-24 21:53:47 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-24 21:53:45 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-24 21:53:45 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-24 21:53:42 ----A---- C:\WINDOWS\005394_.tmp
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-24 21:53:41 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-24 21:53:40 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-24 21:53:40 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-24 21:53:40 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-24 21:53:40 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-24 21:53:38 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-24 21:53:38 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-24 21:53:37 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-24 21:47:30 ----D---- C:\WINDOWS\system32\PreInstall
2008-09-24 21:47:29 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-09-24 21:47:29 ----HD---- C:\WINDOWS\$hf_mig$
2008-09-24 21:45:30 ----A---- C:\WINDOWS\system32\MRT.exe
2008-09-24 21:39:47 ----D---- C:\WINDOWS\provisioning
2008-09-24 21:39:47 ----D---- C:\WINDOWS\peernet
2008-09-24 21:38:59 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-24 21:37:20 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-09-24 21:36:26 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-24 21:36:25 ----D---- C:\WINDOWS\EHome
2008-09-24 21:35:05 ----SD---- C:\WINDOWS\system32\Microsoft
2008-09-24 21:29:49 ----A---- C:\WINDOWS\system32\wpa.bak
2008-09-24 21:29:23 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-09-24 21:24:25 ----N---- C:\WINDOWS\system32\spnpinst.exe
2008-09-24 21:17:03 ----D---- C:\WINDOWS\system32\bits
2008-09-24 21:16:58 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-09-24 21:16:57 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2008-09-24 21:16:48 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2008-09-24 21:16:48 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2008-09-24 21:16:48 ----A---- C:\WINDOWS\system32\xpob2res.dll
2008-09-24 21:16:48 ----A---- C:\WINDOWS\system32\winhttp.dll
2008-09-24 21:16:48 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-09-24 21:15:39 ----A---- C:\WINDOWS\system32\wups2.dll
2008-09-24 21:15:39 ----A---- C:\WINDOWS\system32\wups.dll
2008-09-24 21:15:38 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-09-24 21:15:38 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-09-24 21:15:38 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-09-24 21:15:38 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-09-24 21:15:38 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-09-24 21:15:20 ----D---- C:\WINDOWS\SoftwareDistribution
2008-09-24 21:12:49 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-24 21:12:31 ----D---- C:\Program Files\Digital Media Reader
2008-09-24 21:12:26 ----D---- C:\WINDOWS\Downloaded Installations
2008-09-24 21:12:02 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2008-09-24 21:12:02 ----RA---- C:\WINDOWS\system32\fdco1.dll
2008-09-24 21:12:01 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2008-09-24 21:12:01 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2008-09-24 21:12:01 ----RA---- C:\WINDOWS\system32\bdco1.dll
2008-09-24 21:12:01 ----D---- C:\WINDOWS\NV840868.TMP
2008-09-24 21:12:01 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-09-24 21:12:00 ----RA---- C:\WINDOWS\system32\nvusmb.exe
2008-09-24 21:11:53 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-24 21:11:49 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-09-24 21:11:48 ----D---- C:\Program Files\Common Files\InstallShield
2008-09-24 21:11:42 ----D---- C:\DriversApps
2008-09-24 09:21:00 ----SHD---- C:\WINDOWS\Installer
2008-09-24 09:20:58 ----D---- C:\Documents and Settings\Naijshua Thomas\Application Data\Identities
2008-09-24 09:20:56 ----HD---- C:\Program Files\Uninstall Information
2008-09-24 09:20:54 ----ASH---- C:\Documents and Settings\Naijshua Thomas\Application Data\desktop.ini
2008-09-24 09:20:53 ----SD---- C:\Documents and Settings\Naijshua Thomas\Application Data\Microsoft
2008-09-24 09:13:39 ----SHD---- C:\System Volume Information
2008-09-24 09:13:38 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-09-24 09:10:09 ----D---- C:\WINDOWS\system32\xircom
2008-09-24 09:10:09 ----D---- C:\Program Files\xerox
2008-09-24 09:10:09 ----D---- C:\Program Files\microsoft frontpage
2008-09-24 09:09:58 ----A---- C:\WINDOWS\control.ini
2008-09-24 09:09:58 ----A---- C:\AUTOEXEC.BAT
2008-09-24 09:09:53 ----A---- C:\WINDOWS\OEWABLog.txt
2008-09-24 09:09:51 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-09-24 09:09:20 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-09-24 09:09:20 ----RD---- C:\WINDOWS\Offline Web Pages
2008-09-24 09:09:20 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-09-24 09:09:16 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-09-24 09:09:03 ----D---- C:\WINDOWS\srchasst
2008-09-24 09:08:56 ----D---- C:\WINDOWS\system32\Macromed
2008-09-24 09:08:56 ----D---- C:\WINDOWS\system32\DirectX
2008-09-24 09:08:42 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-09-24 09:08:40 ----D---- C:\Program Files\Movie Maker
2008-09-24 09:08:25 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-09-24 09:08:25 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-09-24 09:08:25 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-09-24 09:08:25 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-09-24 09:08:24 ----A---- C:\WINDOWS\system32\atrace.dll
2008-09-24 09:08:19 ----A---- C:\WINDOWS\system32\desktop.ini
2008-09-24 09:08:19 ----A---- C:\WINDOWS\desktop.ini
2008-09-24 09:08:12 ----D---- C:\WINDOWS\system32\Restore
2008-09-24 09:08:12 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-09-24 09:08:12 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-09-24 09:08:12 ----A---- C:\WINDOWS\system32\srclient.dll
2008-09-24 09:08:11 ----D---- C:\Program Files\Windows Media Player
2008-09-24 09:08:10 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-09-24 09:08:10 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-09-24 09:08:10 ----A---- C:\WINDOWS\system32\msconf.dll
2008-09-24 09:08:10 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-09-24 09:08:10 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-09-24 09:08:10 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-09-24 09:08:10 ----A---- C:\WINDOWS\system32\ils.dll
2008-09-24 09:08:06 ----D---- C:\WINDOWS\PCHEALTH
2008-09-24 09:08:06 ----D---- C:\Program Files\NetMeeting
2008-09-24 09:08:06 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-09-24 09:08:05 ----D---- C:\Program Files\Common Files\Services
2008-09-24 09:08:05 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-09-24 09:08:05 ----A---- C:\WINDOWS\system32\acctres.dll
2008-09-24 09:08:03 ----A---- C:\WINDOWS\system32\inetres.dll
2008-09-24 09:08:03 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-09-24 09:07:59 ----SD---- C:\WINDOWS\Tasks
2008-09-24 09:07:59 ----D---- C:\Program Files\Outlook Express
2008-09-24 09:07:59 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-09-24 09:07:59 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-09-24 09:07:59 ----A---- C:\WINDOWS\system32\mstask.dll
2008-09-24 09:07:58 ----A---- C:\WINDOWS\system32\isign32.dll
2008-09-24 09:07:58 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-09-24 09:07:58 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-09-24 09:07:58 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-09-24 09:07:58 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-09-24 09:07:55 ----D---- C:\Program Files\Common Files\MSSoap
2008-09-24 09:07:51 ----D---- C:\Program Files\Common Files\System
2008-09-24 09:07:49 ----D---- C:\Program Files\Internet Explorer
2008-09-24 09:07:30 ----D---- C:\Program Files\ComPlus Applications
2008-09-24 09:07:29 ----A---- C:\WINDOWS\vbaddin.ini
2008-09-24 09:07:29 ----A---- C:\WINDOWS\vb.ini
2008-09-24 09:07:26 ----D---- C:\WINDOWS\Registration
2008-09-24 09:07:22 ----HD---- C:\Program Files\WindowsUpdate
2008-09-24 09:07:22 ----D---- C:\Program Files\Online Services
2008-09-24 09:07:18 ----D---- C:\Program Files\Messenger
2008-09-24 09:07:11 ----D---- C:\Program Files\MSN
2008-09-24 09:07:07 ----D---- C:\Program Files\MSN Gaming Zone
2008-09-24 09:07:07 ----A---- C:\WINDOWS\system32\write.exe
2008-09-24 09:07:00 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-09-24 09:07:00 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-09-24 09:07:00 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-09-24 09:07:00 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-09-24 09:07:00 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-09-24 09:06:59 ----A---- C:\WINDOWS\system32\hticons.dll
2008-09-24 09:06:59 ----A---- C:\WINDOWS\system32\avwav.dll
2008-09-24 09:06:59 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-09-24 09:06:59 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-09-24 09:06:58 ----D---- C:\Program Files\Windows NT
2008-09-24 09:06:58 ----A---- C:\WINDOWS\system32\winchat.exe
2008-09-24 09:06:57 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-09-24 09:06:53 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-09-24 09:06:52 ----A---- C:\WINDOWS\system32\getuname.dll
2008-09-24 09:06:52 ----A---- C:\WINDOWS\system32\charmap.exe
2008-09-24 09:06:51 ----A---- C:\WINDOWS\system32\spider.exe
2008-09-24 09:06:51 ----A---- C:\WINDOWS\system32\calc.exe
2008-09-24 09:06:50 ----A---- C:\WINDOWS\system32\winmine.exe
2008-09-24 09:06:50 ----A---- C:\WINDOWS\system32\sol.exe
2008-09-24 09:06:50 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-09-24 09:06:50 ----A---- C:\WINDOWS\system32\freecell.exe
2008-09-24 09:06:49 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-09-24 09:06:49 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-09-24 09:06:49 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-09-24 09:06:49 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\reset.exe
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-09-24 09:06:48 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\tskill.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\tscon.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\shadow.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\regini.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-09-24 09:06:47 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-09-24 09:06:46 ----D---- C:\WINDOWS\system32\MsDtc
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\msg.exe
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\logoff.exe
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-09-24 09:06:46 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-09-24 09:06:45 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-09-24 09:06:45 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-09-24 09:06:45 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-09-24 09:06:45 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-09-24 09:06:45 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-09-24 09:06:45 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-09-24 09:06:43 ----D---- C:\WINDOWS\system32\Com
2008-09-24 09:06:43 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-09-24 09:06:43 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-09-24 09:06:43 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-09-24 09:06:43 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-09-24 09:06:43 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-09-24 09:06:43 ----A---- C:\WINDOWS\system32\colbact.dll
2008-09-24 09:06:42 ----A---- C:\WINDOWS\system32\stclient.dll
2008-09-24 09:06:42 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-09-24 09:06:42 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-09-24 09:06:42 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-09-24 09:06:42 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-09-24 09:06:41 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-09-24 09:06:41 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-09-24 09:06:40 ----A---- C:\WINDOWS\system32\comuid.dll
2008-09-24 09:06:40 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-09-24 09:06:40 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-09-24 09:06:31 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-09-24 09:06:31 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-09-24 09:06:30 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-09-24 09:06:30 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-09-24 09:06:30 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-09-24 05:04:04 ----A---- C:\WINDOWS\system32\h323log.txt
2008-09-24 04:59:12 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-09-24 04:57:10 ----A---- C:\WINDOWS\system32\usbui.dll
2008-09-24 04:56:22 ----A---- C:\WINDOWS\imsins.BAK
2008-09-24 04:56:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-09-24 04:56:18 ----D---- C:\Program Files\Common Files\ODBC
2008-09-24 04:56:18 ----A---- C:\WINDOWS\ODBCINST.INI
2008-09-24 04:56:15 ----RD---- C:\Program Files
2008-09-24 04:56:15 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-09-24 04:56:15 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-09-24 04:56:15 ----D---- C:\Program Files\Common Files
2008-09-24 04:56:13 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-09-24 04:56:13 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-09-24 04:56:13 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-09-24 04:56:11 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-09-24 04:56:11 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-09-24 04:56:11 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-09-24 04:56:11 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-09-24 04:56:11 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-09-24 04:56:11 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-09-24 04:56:11 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-09-24 04:56:10 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-09-24 04:56:10 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-09-24 04:56:10 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-09-24 04:56:10 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-09-24 04:56:10 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-09-24 04:56:08 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-09-24 04:56:08 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-09-24 04:56:08 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-09-24 04:56:08 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-09-24 04:56:08 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-09-24 04:56:08 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-09-24 04:56:08 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-09-24 04:56:07 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-09-24 04:56:07 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-09-24 04:56:07 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-09-24 04:56:07 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-09-24 04:56:07 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-09-24 04:56:05 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-09-24 04:56:05 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-09-24 04:56:05 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-09-24 04:56:05 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-09-24 04:56:05 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-09-24 04:56:04 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-09-24 04:56:02 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-09-24 04:56:02 ----A---- C:\WINDOWS\system32\irclass.dll
2008-09-24 04:56:02 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-09-24 04:56:02 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-09-24 04:56:02 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-09-24 04:56:02 ----A---- C:\WINDOWS\system32\batt.dll
2008-09-24 04:55:59 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-09-24 04:55:59 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-09-24 04:55:59 ----A---- C:\WINDOWS\system32\storprop.dll
2008-09-24 04:55:59 ----A---- C:\WINDOWS\notepad.exe
2008-09-24 04:55:54 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-09-24 04:55:52 ----RA---- C:\WINDOWS\SET7.tmp
2008-09-24 04:55:49 ----RA---- C:\WINDOWS\SET3.tmp
2008-09-24 04:55:45 ----D---- C:\WINDOWS\system32\CatRoot2
2008-09-24 04:55:45 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-24 04:55:40 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-24 04:55:30 ----A---- C:\WINDOWS\setuplog.txt
2008-09-24 04:55:25 ----D---- C:\Documents and Settings
2008-09-24 04:53:39 ----ASH---- C:\boot.ini
2008-09-24 04:49:05 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-09-24 04:49:05 ----RSD---- C:\WINDOWS\Fonts
2008-09-24 04:49:05 ----RD---- C:\WINDOWS\Web
2008-09-24 04:49:05 ----HD---- C:\WINDOWS\inf
2008-09-24 04:49:05 ----D---- C:\WINDOWS\WinSxS
2008-09-24 04:49:05 ----D---- C:\WINDOWS\twain_32
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Temp
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\wins
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\wbem
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\usmt
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\spool
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\ShellExt
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\Setup
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\ras
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\oobe
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\npp
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\mui
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\IME
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\icsxml
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\ias
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\export
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\drivers
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\dhcp
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\config
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\3com_dmi
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\3076
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\2052
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1054
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1042
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1041
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1037
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1033
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1031
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1028
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32\1025
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system32
2008-09-24 04:49:05 ----D---- C:\WINDOWS\system
2008-09-24 04:49:05 ----D---- C:\WINDOWS\security
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Resources
2008-09-24 04:49:05 ----D---- C:\WINDOWS\repair
2008-09-24 04:49:05 ----D---- C:\WINDOWS\mui
2008-09-24 04:49:05 ----D---- C:\WINDOWS\msapps
2008-09-24 04:49:05 ----D---- C:\WINDOWS\msagent
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Media
2008-09-24 04:49:05 ----D---- C:\WINDOWS\java
2008-09-24 04:49:05 ----D---- C:\WINDOWS\ime
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Help
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Driver Cache
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Debug
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Cursors
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Connection Wizard
2008-09-24 04:49:05 ----D---- C:\WINDOWS\Config
2008-09-24 04:49:05 ----D---- C:\WINDOWS\AppPatch
2008-09-24 04:49:05 ----D---- C:\WINDOWS\addins
2008-09-24 04:49:05 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2008-09-28 03:07:12 ----A---- C:\WINDOWS\win.ini
2008-09-24 21:37:50 ----RASH---- C:\NTDETECT.COM
2008-09-24 04:56:14 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-09-28 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-09-28 26824]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\System32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-09-28 76040]
R3 Alpham1;Ideazon Merc USB Human Interface Device; C:\WINDOWS\system32\DRIVERS\Alpham1.sys [2007-07-23 42624]
R3 Alpham2;Ideazon Merc MM USB Human Interface Device; C:\WINDOWS\system32\DRIVERS\Alpham2.sys [2007-03-20 18432]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\System32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-09-09 4813824]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-23 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\System32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\System32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-10 116040]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-28 231704]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-09-10 536872]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-11-10 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------





info.txt logfile of random's system information tool 1.04 2008-10-05 15:36:42

======Uninstall list======

-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Age of Conan - Hyborian Adventures-->"X:\Program Files\Age of Conan\unins000.exe"
AIM 6-->C:\Program Files\AIM6\uninst.exe
AIM Search-->C:\Program Files\AIM Search\uninstaller.exe AIM Search
AIM Toolbar 5.0-->"C:\Program Files\AOL\AIM Toolbar 5.0\uninstall.exe"
Apple Mobile Device Support-->MsiExec.exe /I{AA9768AA-FF0B-4C66-A085-31E934F77841}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Ask Toolbar-->rundll32 C:\PROGRA~1\AskSBar\bar\1.bin\AskSBar.dll,O
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Digital Media Reader-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875} /l1033
Easy CD-DA Extractor 11-->"C:\WINDOWS\Easy CD-DA Extractor 11.0.3\uninstall.exe" "/U:C:\Program Files\Easy CD-DA Extractor 11\irunin.xml"
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
ImgBurn-->"C:\Program Files\ImgBurn\uninstall.exe"
iTunes-->MsiExec.exe /I{41B9E2CF-0B3F-442A-B5B3-592A4A355634}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Expression Web MUI (English)-->MsiExec.exe /X{90120000-0026-0409-0000-0000000FF1CE}
Microsoft Expression Web Service Pack 1 (SP1)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {9037FDA8-8383-4B6F-859D-D49C3C625225}
Microsoft Expression Web Service Pack 1 (SP1)-->msiexec /package {90120000-0026-0409-0000-0000000FF1CE} /uninstall {DA3B8FC6-8B1D-447A-A5EE-B226DCC10662}
Microsoft Expression Web-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall WEBDESIGNER /dll ESETUP.DLL
Microsoft Expression Web-->MsiExec.exe /X{90120000-0026-0000-0000-0000000FF1CE}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {AA4F2610-5FF1-4DCD-A6FB-BCA2D09A6443}
Microsoft Office Visio 2007 Service Pack 1 (SP1)-->msiexec /package {90120000-0054-0409-0000-0000000FF1CE} /uninstall {EA35370F-586C-45E1-AC6C-A4E275C6B762}
Microsoft Office Visio MUI (English) 2007-->MsiExec.exe /X{90120000-0054-0409-0000-0000000FF1CE}
Microsoft Office Visio Professional 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall VISPRO /dll OSETUP.DLL
Microsoft Office Visio Professional 2007-->MsiExec.exe /X{90120000-0051-0000-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.3)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Nero 7 Ultra Edition-->MsiExec.exe /I{235BBFC6-D863-4066-A01A-3BD504C31033}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office Visio 2007 (KB947590)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {199018BD-578E-44BD-A28F-7F944931CABD}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Security Update for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Security Update for Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
System Requirements Lab-->C:\Program Files\SystemRequirementsLab\Uninstall.exe
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0026-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0051-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb956080)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456}
Update for Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Viewpoint Media Player-->C:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
VLC media player 0.9.2-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Z Engine-->MsiExec.exe /X{D5F9FF84-6349-4BE6-94AA-F71975412E4A}

======Security center information======

AV: AVG Anti-Virus

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 35 Stepping 2, AuthenticAMD
"PROCESSOR_REVISION"=2302
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"FP_NO_HOST_CHECK"=NO
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
Nishua
Active Member
 
Posts: 6
Joined: September 30th, 2008, 7:47 pm

Re: Trojan Horse SHeur.CLZE

Unread postby Shaba » October 5th, 2008, 3:42 pm

Uninstall via add/remove programs:

Ask Toolbar

Please go to Kaspersky website and perform an online antivirus scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  1. Read through the requirements and privacy statement and click on Accept button.
  2. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  3. When the downloads have finished, click on Settings.
  4. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
      Spyware, Adware, Dialers, and other potentially dangerous programs
      Archives
  5. Click on My Computer under Scan.
  6. Once the scan is complete, it will display the results. Click on View Scan Report.
  7. You will see a list of infected items there. Click on Save Report As....
  8. Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  9. Please post this log in your next reply along with a fresh HijackThis log.

If you need a tutorial, see here
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Trojan Horse SHeur.CLZE

Unread postby Nishua » October 6th, 2008, 7:12 am

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, October 6, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, October 06, 2008 01:33:37
Records in database: 1293893
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\
X:\

Scan statistics:
Files scanned: 289099
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 05:53:45

No malware has been detected. The scan area is clean.

The selected area was scanned.




Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:11:59 AM, on 10/6/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Digital Media Reader\readericon45G.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Ideazon\ZEngine\Zboard.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\notepad.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: AOLTBSearch Class - {EA756889-2338-43DB-8F07-D1CA6FB9C90D} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AIM Search\AOLSearch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: AOL Toolbar Launcher - {7C554162-8CB7-45A4-B8F4-8EA1C75885F9} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O3 - Toolbar: AIM Toolbar - {DE9C389F-3316-41A7-809B-AA305ED9D922} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O4 - HKLM\..\Run: [readericon] C:\Program Files\Digital Media Reader\readericon45G.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Zboard] C:\Program Files\Ideazon\ZEngine\Zboard.exe
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: &AIM Search - c:\program files\aol\aim toolbar 5.0\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: AIM Toolbar - {3369AF0D-62E9-4bda-8103-B4C75499B578} - C:\Program Files\AOL\AIM Toolbar 5.0\aoltb.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MIC273~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262E} (System Requirements Lab) - http://www.nvidia.com/content/DriverDow ... eqlab3.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 2306145780
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 7196 bytes
Nishua
Active Member
 
Posts: 6
Joined: September 30th, 2008, 7:47 pm

Re: Trojan Horse SHeur.CLZE

Unread postby Shaba » October 6th, 2008, 8:25 am

Logs look fine.

Still problems with Winamp?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Trojan Horse SHeur.CLZE

Unread postby Nishua » October 9th, 2008, 7:11 pm

Not having any problems anymore but I would like to know what you did to fix it ? Or what i did to fix it ? What was the cause ?
Nishua
Active Member
 
Posts: 6
Joined: September 30th, 2008, 7:47 pm

Re: Trojan Horse SHeur.CLZE

Unread postby Shaba » October 10th, 2008, 3:57 am

Well we have only uninstalled Ask Toolbar so that might have been a reason.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Trojan Horse SHeur.CLZE

Unread postby Shaba » October 15th, 2008, 4:08 am

Nishua this topic is now closed.

We are pleased we could help you resolve your computer's malware issues.

If you would like to make a comment or leave a compliment regarding the help you have received, please see Feedback for Our Helpers - Say "Thanks" Here.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 45 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware