Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Need Help Reading This Log Please

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 7:15 am

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2010-08-08 07:14:30
Microsoft Windows XP Professional Service Pack 3
System drive C: has 197 GB (83%) free of 238 GB
Total RAM: 3062 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:14:37 AM, on 8/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\OSK.exe
C:\WINDOWS\system32\MSSWCHX.EXE
C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe
C:\Documents and Settings\user\Application Data\IMVUClient\IMVUClient.exe
C:\Documents and Settings\user\Application Data\IMVUClient\IMVUQualityAgent.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Adobe\Adobe Photoshop CS2\Photoshop.exe
C:\DOCUME~1\user\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
C:\DOCUME~1\user\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\msiexec.exe
C:\Documents and Settings\user\My Documents\Downloads\RSIT(2).exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://toolbar.ask.com/toolbarv/askRedi ... t=&gc=1&q=
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [AntiVirus_ProNEScheduler] C:\Program Files\AntiVirus_Pro\AntiVirus_Pro.exe SCHEDULER
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\user\Start Menu\Programs\IMVU\Run IMVU.lnk
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 7400 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL [2010-02-03 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-19 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AntiVirus_ProNEScheduler"=C:\Program Files\AntiVirus_Pro\AntiVirus_Pro.exe SCHEDULER []
"DriverCure"=C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cdloader"=C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe [2010-02-26 50520]

C:\Documents and Settings\user\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\DNA\btdna.exe"="C:\Program Files\DNA\btdna.exe:*:Enabled:DNA"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\FrostWire\FrostWire.exe"="C:\Program Files\FrostWire\FrostWire.exe:*:Enabled:FrostWire"
"C:\Program Files\Vuze\Azureus.exe"="C:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe"="C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe:*:Enabled:1VivoxVoice"
"C:\Program Files\Paltalk Messenger\paltalk.exe"="C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 3 months======

2010-08-08 07:14:30 ----DC---- C:\rsit
2010-08-08 07:10:52 ----SHDC---- C:\Config.Msi
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files\Java
2010-08-07 20:30:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\java.exe
2010-08-07 14:43:11 ----DC---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2010-08-03 13:07:40 ----D---- C:\WINDOWS\Prefetch
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ieencode.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slgen.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slserv.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\slrundll.exe
2010-08-03 13:01:52 ----D---- C:\WINDOWS\system32\bits
2010-08-03 13:01:52 ----D---- C:\Program Files\msn
2010-08-03 12:58:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-08-03 12:57:55 ----A---- C:\WINDOWS\000001_.tmp
2010-08-03 12:20:36 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-03 11:53:31 ----D---- C:\Program Files\Trend Micro
2010-07-29 10:28:08 ----DC---- C:\Documents and Settings\user\Application Data\IMVU-Products
2010-07-25 12:29:57 ----D---- C:\Program Files\Common Files\Skype
2010-07-22 08:09:29 ----DC---- C:\Documents and Settings\user\Application Data\Help
2010-07-22 08:07:52 ----DC---- C:\Documents and Settings\user\Application Data\Brother
2010-07-13 17:46:55 ----DC---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-07-13 17:46:35 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DSETUP.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\nvport.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DolbyHph.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\atl71.dll
2010-07-11 19:55:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-11 09:43:43 ----D---- C:\Program Files\QuickTime
2010-07-11 09:43:42 ----DC---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2010-07-11 09:12:50 ----DC---- C:\Documents and Settings\user\Application Data\Tific
2010-07-09 13:55:33 ----D---- C:\Program Files\Common Files\Windows Live
2010-07-08 17:31:04 ----D---- C:\Program Files\Build In Time
2010-07-08 14:00:13 ----DC---- C:\Documents and Settings\user\Application Data\Gamers Digital
2010-07-08 14:00:13 ----DC---- C:\Documents and Settings\All Users\Application Data\Gamers Digital
2010-07-08 08:38:45 ----D---- C:\WINDOWS\system32\N360_BACKUP
2010-06-30 15:35:44 ----DC---- C:\Documents and Settings\All Users\Application Data\Yahoo! Companion
2010-06-30 12:59:38 ----DC---- C:\Documents and Settings\user\Application Data\KompoZer
2010-06-30 11:23:24 ----DC---- C:\Documents and Settings\user\Application Data\Nvu
2010-06-29 08:55:56 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-06-25 14:05:29 ----RDC---- C:\Sandbox
2010-06-24 06:54:05 ----A---- C:\WINDOWS\system32\igfxres.dll
2010-06-23 22:28:23 ----D---- C:\Program Files\Microsoft.NET
2010-06-23 22:26:32 ----D---- C:\WINDOWS\system32\WindowsPowerShell
2010-06-23 22:26:31 ----D---- C:\WINDOWS\system32\winrm
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2F2.tmp
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2F1.tmp
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2F0.tmp
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2ED.tmp
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2EC.tmp
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2EB.tmp
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2E8.tmp
2010-06-23 22:21:17 ----N---- C:\WINDOWS\system32\SET2E7.tmp
2010-06-23 22:21:11 ----D---- C:\WINDOWS\ie8updates
2010-06-23 22:20:33 ----D---- C:\WINDOWS\WBEM
2010-06-23 22:18:30 ----HDC---- C:\WINDOWS\ie8
2010-06-23 22:13:35 ----D---- C:\WINDOWS\system32\GroupPolicy
2010-06-23 22:13:35 ----D---- C:\Program Files\Windows Desktop Search
2010-06-23 22:11:48 ----A---- C:\WINDOWS\system32\SET1C5.tmp
2010-06-23 22:09:32 ----D---- C:\WINDOWS\system32\URTTEMP
2010-06-23 18:34:18 ----D---- C:\Program Files\NOS
2010-06-16 10:03:21 ----DC---- C:\Documents and Settings\user\Application Data\IMVU
2010-06-16 10:02:54 ----DC---- C:\Documents and Settings\user\Application Data\IMVUClient
2010-06-14 16:58:36 ----RA---- C:\WINDOWS\system32\GEARAspi.dll
2010-06-14 16:58:36 ----RA---- C:\WINDOWS\system32\drivers\GEARAspiWDM.sys
2010-06-14 16:58:07 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2010-06-14 16:58:06 ----D---- C:\Program Files\Symantec
2010-06-14 16:58:06 ----D---- C:\Program Files\Common Files\Symantec Shared
2010-06-14 16:58:06 ----A---- C:\WINDOWS\system32\drivers\SYMEVENT.SYS
2010-06-14 16:57:32 ----D---- C:\WINDOWS\system32\drivers\N360
2010-06-14 16:57:29 ----D---- C:\Program Files\Windows Sidebar
2010-06-14 16:57:29 ----D---- C:\Program Files\Norton 360
2010-06-14 16:56:32 ----N---- C:\WINDOWS\SchedLgU.Txt
2010-06-14 16:52:43 ----DC---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2010-06-14 16:52:43 ----D---- C:\Program Files\NortonInstaller
2010-06-14 16:49:50 ----DC---- C:\Documents and Settings\All Users\Application Data\Norton
2010-06-14 11:45:31 ----D---- C:\Program Files\CCleaner
2010-06-14 08:08:32 ----D---- C:\WINDOWS\pss
2010-06-14 07:43:40 ----DC---- C:\Documents and Settings\user\Application Data\Malwarebytes
2010-06-14 07:43:30 ----A---- C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2010-06-14 07:43:29 ----DC---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2010-06-14 07:43:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-14 07:43:29 ----A---- C:\WINDOWS\system32\drivers\mbam.sys
2010-06-14 07:39:00 ----A---- C:\WINDOWS\Sandboxie.ini
2010-06-14 07:38:47 ----D---- C:\Program Files\Sandboxie
2010-06-10 17:03:05 ----DC---- C:\Documents and Settings\user\Application Data\Youdagames
2010-06-10 17:03:05 ----DC---- C:\Documents and Settings\All Users\Application Data\Youdagames
2010-06-09 14:08:41 ----D---- C:\Program Files\Enlight
2010-06-08 23:18:24 ----DC---- C:\Documents and Settings\All Users\Application Data\Legacy Interactive
2010-06-06 08:32:49 ----DC---- C:\Documents and Settings\user\Application Data\iWin_generic
2010-06-06 08:32:49 ----DC---- C:\Documents and Settings\All Users\Application Data\iWin_generic
2010-06-06 08:32:22 ----D---- C:\Program Files\Kelly Green Garden Queen
2010-06-05 13:48:05 ----DC---- C:\Documents and Settings\user\Application Data\NevoSoft Games
2010-06-03 20:30:41 ----DC---- C:\Documents and Settings\All Users\Application Data\FarmFrenzy3_Russia
2010-06-03 13:20:59 ----D---- C:\Program Files\PokerStars
2010-05-31 17:21:47 ----DC---- C:\Documents and Settings\user\Application Data\Jane s Hotel Family Hero
2010-05-31 07:46:15 ----D---- C:\Program Files\Alice Greenfingers 2
2010-05-30 19:49:17 ----DC---- C:\Documents and Settings\All Users\Application Data\SugarGames
2010-05-30 18:20:20 ----DC---- C:\Documents and Settings\All Users\Application Data\rionix
2010-05-29 15:45:46 ----DC---- C:\Documents and Settings\All Users\Application Data\VirtualFarm
2010-05-29 15:04:34 ----DC---- C:\Documents and Settings\user\Application Data\Bigfish JanesZOO
2010-05-29 10:04:56 ----DC---- C:\Documents and Settings\user\Application Data\PetShowCraze
2010-05-26 16:25:51 ----DC---- C:\Documents and Settings\user\Application Data\My Games
2010-05-26 15:53:25 ----DC---- C:\Documents and Settings\All Users\Application Data\MumboJumbo
2010-05-20 18:05:52 ----DC---- C:\Documents and Settings\user\Application Data\BeachPartyCraze
2010-05-18 12:45:49 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2010-05-16 12:54:35 ----DC---- C:\Documents and Settings\All Users\Application Data\Sun
2010-05-16 12:54:14 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-05-14 16:13:11 ----D---- C:\Program Files\SilverCreekCommonFiles
2010-05-14 16:13:06 ----D---- C:\Program Files\Hardwood Spades
2010-05-10 18:40:14 ----A---- C:\WINDOWS\system32\1a78.vbs
2010-05-10 18:35:08 ----DC---- C:\Documents and Settings\user\Application Data\Paltalk

======List of files/folders modified in the last 3 months======

2010-08-08 07:13:50 ----D---- C:\WINDOWS\Temp
2010-08-08 07:11:03 ----D---- C:\WINDOWS\WinSxS
2010-08-08 07:10:52 ----SHD---- C:\WINDOWS\Installer
2010-08-08 07:09:58 ----D---- C:\Program Files\Utherverse Digital Inc
2010-08-08 06:36:22 ----D---- C:\WINDOWS
2010-08-08 06:36:20 ----D---- C:\WINDOWS\Debug
2010-08-08 04:51:54 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files
2010-08-07 20:30:23 ----D---- C:\WINDOWS\system32
2010-08-07 20:30:17 ----D---- C:\Program Files\Java
2010-08-07 20:20:12 ----DC---- C:\Documents and Settings\user\Application Data\mjusbsp
2010-08-07 20:19:10 ----SHD---- C:\System Volume Information
2010-08-07 16:42:06 ----DC---- C:\Documents and Settings\user\Application Data\BitTorrent
2010-08-07 16:28:01 ----D---- C:\Program Files\Adobe
2010-08-07 16:23:53 ----DC---- C:\Documents and Settings\user\Application Data\Adobe
2010-08-07 16:21:19 ----D---- C:\Program Files\PeerGuardian2
2010-08-07 16:20:14 ----RD---- C:\Program Files
2010-08-07 16:19:55 ----D---- C:\Program Files\CyberPower Audio Editing Lab
2010-08-07 05:59:31 ----DC---- C:\Documents and Settings\user\Application Data\Skype
2010-08-07 05:53:10 ----DC---- C:\Documents and Settings\user\Application Data\skypePM
2010-08-04 03:02:26 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-04 03:00:59 ----HD---- C:\WINDOWS\inf
2010-08-04 03:00:58 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-03 13:15:54 ----D---- C:\Program Files\Messenger
2010-08-03 13:09:26 ----A---- C:\WINDOWS\win.ini
2010-08-03 13:06:38 ----D---- C:\WINDOWS\security
2010-08-03 13:02:53 ----D---- C:\WINDOWS\system32\drivers
2010-08-03 13:01:57 ----D---- C:\WINDOWS\system32\inetsrv
2010-08-03 13:01:57 ----D---- C:\WINDOWS\Help
2010-08-03 12:57:44 ----D---- C:\WINDOWS\ehome
2010-08-03 12:32:08 ----SDC---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-08-03 12:31:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-03 12:27:34 ----SD---- C:\WINDOWS\Tasks
2010-08-03 04:14:10 ----HD---- C:\WINDOWS\$hf_mig$
2010-07-30 07:47:55 ----A---- C:\WINDOWS\BRWMARK.INI
2010-07-26 23:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 17:12:03 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-07-25 12:29:58 ----RD---- C:\Program Files\Skype
2010-07-25 12:29:53 ----DC---- C:\Documents and Settings\All Users\Application Data\Skype
2010-07-24 11:41:31 ----D---- C:\Program Files\Mozilla Firefox
2010-07-13 17:46:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-13 08:52:49 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-11 13:37:56 ----RSD---- C:\WINDOWS\assembly
2010-07-11 13:37:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-11 08:56:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-11 08:39:41 ----RSD---- C:\WINDOWS\Fonts
2010-07-11 08:07:39 ----DC---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2010-07-11 08:07:39 ----D---- C:\Program Files\Yahoo!
2010-07-09 14:08:05 ----SDC---- C:\Documents and Settings\user\Application Data\Microsoft
2010-07-08 16:20:28 ----DC---- C:\Documents and Settings\user\Application Data\Macromedia
2010-07-02 12:39:06 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-30 15:37:30 ----DC---- C:\Documents and Settings\user\Application Data\Yahoo!
2010-06-29 08:55:27 ----D---- C:\Program Files\Windows Media Connect 2
2010-06-29 08:55:26 ----D---- C:\Program Files\Windows Media Player
2010-06-29 08:54:33 ----D---- C:\WINDOWS\system32\drivers\umdf
2010-06-28 22:45:19 ----DC---- C:\Documents and Settings\user\Application Data\DNA
2010-06-28 17:14:47 ----D---- C:\Program Files\DNA
2010-06-26 12:32:33 ----DC---- C:\Documents and Settings\user\Application Data\GameInvest
2010-06-24 15:17:56 ----DC---- C:\Documents and Settings\user\Application Data\PlayFirst
2010-06-24 15:17:56 ----DC---- C:\Documents and Settings\All Users\Application Data\PlayFirst
2010-06-24 07:12:53 ----D---- C:\WINDOWS\Registration
2010-06-24 07:06:23 ----D---- C:\WINDOWS\system32\en-US
2010-06-24 07:03:33 ----D---- C:\WINDOWS\system32\wbem
2010-06-24 07:01:52 ----D---- C:\Program Files\Internet Explorer
2010-06-24 06:53:19 ----D---- C:\WINDOWS\system32\config
2010-06-23 22:20:17 ----D---- C:\WINDOWS\Media
2010-06-23 22:11:28 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-23 18:40:07 ----DC---- C:\Documents and Settings\All Users\Application Data\NOS
2010-06-16 09:29:43 ----SHC---- C:\boot.ini
2010-06-16 09:29:43 ----A---- C:\WINDOWS\system.ini
2010-06-16 09:19:55 ----D---- C:\WINDOWS\system32\Restore
2010-06-14 16:58:33 ----DC---- C:\WINDOWS\system32\DRVSTORE
2010-06-14 15:57:52 ----D---- C:\WINDOWS\system32\LogFiles
2010-06-14 11:49:16 ----D---- C:\WINDOWS\Minidump
2010-06-09 14:27:51 ----D---- C:\Program Files\Seamless Texture Creator
2010-05-20 19:06:28 ----DC---- C:\Documents and Settings\user\Application Data\GamesCafe
2010-05-18 12:47:45 ----D---- C:\Program Files\Common Files\Adobe
2010-05-12 23:48:52 ----D---- C:\Program Files\Outlook Express
2010-05-10 18:43:12 ----DC---- C:\Documents and Settings\user\Application Data\FrostWire

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-13 721904]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS [2010-02-03 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-28 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS [2010-05-05 361904]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100805.004\IDSxpx86.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100807.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100807.004\NAVEX15.SYS []
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-22 260224]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2004-06-12 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2004-01-10 11648]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-25 126392]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2010-04-17 73960]
R3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-18 72704]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-10 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm
Advertisement
Register to Remove

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 7:16 am

info.txt logfile of random's system information tool 1.08 2010-08-08 07:14:43

======Uninstall list======

-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
3dsmax ancillary install-->MsiExec.exe /I{7C8B5E63-821A-4DFB-BDFA-19854D88EC5C}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge 1.0-->MsiExec.exe /I{B74D4E10-1033-0000-0000-000000000001}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->C:\Program Files\Common Files\Adobe\Installers\6c8e2cb4fd241c55406016127a6ab2e\Setup.exe
Adobe Color Common Settings-->MsiExec.exe /I{6D4AC5A4-4CF9-4F90-8111-B9B53CE257BF}
Adobe Color EU Extra Settings-->MsiExec.exe /I{51846830-E7B2-4218-8968-B77F0FF475B8}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Recommended Settings-->MsiExec.exe /I{95655ED4-7CA5-46DF-907F-7144877A32E5}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe Download Manager-->"C:\WINDOWS\system32\rundll32.exe" "C:\Program Files\NOS\bin\getPlus_Helper.dll",Uninstall /IE2883E8F-472F-4fb0-9522-AC9BF37916A7 /Get1
Adobe ExtendScript Toolkit 2-->C:\Program Files\Common Files\Adobe\Installers\3e054d2218e7aa282c2369d939e58ff\Setup.exe
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{24D7346D-D4B4-45E8-98EA-75EC14B42DD8}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_ActiveX.exe -maintain activex
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\FlashUtil10h_Plugin.exe -maintain plugin
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Center 1.0-->MsiExec.exe /I{E9787678-1033-0000-8E67-000000000001}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Reader 9.3.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A93000000001}
Adobe Setup-->MsiExec.exe /I{64C1FA9A-FA94-4B6E-B3E4-8573738E4AD1}
Adobe Setup-->MsiExec.exe /I{B3C02EC1-A7B0-4987-9A43-8789426AAA7D}
Adobe Setup-->MsiExec.exe /I{D1BB4446-AE9C-4256-9A7F-4D46604D2462}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Alice Greenfingers 2-->"C:\Program Files\Alice Greenfingers 2\Uninstall.exe"
Big Fish Games: Game Manager-->C:\Program Files\bfgclient\Uninstall.exe
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{7E369B27-13E2-41A5-9879-358EE1C8B5AD}
Build In Time-->"C:\Program Files\Build In Time\Uninstall.exe"
Cache Cleaner 4.1.0.0-->C:\Documents and Settings\user\Application Data\IMVU-Products\CacheCleaner\Uninstall.exe
CCleaner-->"C:\Program Files\CCleaner\uninst.exe"
DivX Plus Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Hardwood Spades-->C:\Program Files\Hardwood Spades\Spades.exe -Uninstall
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB915800-v4)-->"C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB961118)-->"C:\WINDOWS\$NtUninstallKB961118$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB981793)-->"C:\WINDOWS\$NtUninstallKB981793$\spuninst\spuninst.exe"
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2782 PCI\VEN_8086&DEV_2582
Java(TM) 6 Update 21-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Security Update (KB979906)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M979906\M979906Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 2-->MsiExec.exe /I{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}
Microsoft .NET Framework 3.0 Service Pack 2-->MsiExec.exe /I{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}
Microsoft .NET Framework 3.5 SP1-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft .NET Framework 4 Client Profile-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Client\Setup.exe /repair /x86 /parameterfolder Client
Microsoft .NET Framework 4 Client Profile-->MsiExec.exe /X{3C3901C5-3455-3E0A-A214-0B093A5070A6}
Microsoft .NET Framework 4 Extended-->C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SetupCache\Extended\Setup.exe /repair /x86 /parameterfolder Extended
Microsoft .NET Framework 4 Extended-->MsiExec.exe /X{0A0CADCF-78DA-33C4-A350-CD51849B9702}
Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Mozilla Firefox (3.6.8)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
MSXML 4.0-->MsiExec.exe /I{428102E6-8A39-48B9-8389-847F5A44A600}
MSXML 4.0-->MsiExec.exe /I{54BB0384-1C33-488F-A95B-877E480D3EDC}
Norton 360-->C:\Program Files\NortonInstaller\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360\562C4DD5\4.2.0.12\InstStub.exe /X
NVIDIA PureVideo Decoder-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{055FEF8E-4B86-400F-A5C6-8FAC0042DCD9}\setup.exe" -l0x9 -uninstall
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
QuickTime-->MsiExec.exe /I{28BE306E-5DA6-4F9C-BDB0-DBA3C8C6FFFD}
RAR File Open Knife - Free Opener-->C:\Program Files\RAR File Open Knife - Free Opener\uninstall.exe
Sally's Spa-->"C:\Program Files\Sally's Spa\Uninstall.exe"
Sandboxie 3.442-->"C:\WINDOWS\Installer\SandboxieInstall32.exe" /remove
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB978695)-->"C:\WINDOWS\$NtUninstallKB978695_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2229593)-->"C:\WINDOWS\$NtUninstallKB2229593$\spuninst\spuninst.exe"
Security Update for Windows XP (KB2286198)-->"C:\WINDOWS\$NtUninstallKB2286198$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958690)-->"C:\WINDOWS\$NtUninstallKB958690$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960715)-->"C:\WINDOWS\$NtUninstallKB960715$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961371)-->"C:\WINDOWS\$NtUninstallKB961371$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961373)-->"C:\WINDOWS\$NtUninstallKB961373$\spuninst\spuninst.exe"
Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe"
Security Update for Windows XP (KB963027)-->"C:\WINDOWS\$NtUninstallKB963027$\spuninst\spuninst.exe"
Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969897)-->"C:\WINDOWS\$NtUninstallKB969897$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969898)-->"C:\WINDOWS\$NtUninstallKB969898$\spuninst\spuninst.exe"
Security Update for Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe"
Security Update for Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe"
Security Update for Windows XP (KB971961)-->"C:\WINDOWS\$NtUninstallKB971961$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe"
Security Update for Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973525)-->"C:\WINDOWS\$NtUninstallKB973525$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe"
Security Update for Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe"
Security Update for Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975562)-->"C:\WINDOWS\$NtUninstallKB975562$\spuninst\spuninst.exe"
Security Update for Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe"
Security Update for Windows XP (KB976325)-->"C:\WINDOWS\$NtUninstallKB976325$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977165)-->"C:\WINDOWS\$NtUninstallKB977165$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe"
Security Update for Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978251)-->"C:\WINDOWS\$NtUninstallKB978251$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe"
Security Update for Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979482)-->"C:\WINDOWS\$NtUninstallKB979482$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979559)-->"C:\WINDOWS\$NtUninstallKB979559$\spuninst\spuninst.exe"
Security Update for Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980195)-->"C:\WINDOWS\$NtUninstallKB980195$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980218)-->"C:\WINDOWS\$NtUninstallKB980218$\spuninst\spuninst.exe"
Security Update for Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe"
Security Update for Windows XP (KB981349)-->"C:\WINDOWS\$NtUninstallKB981349$\spuninst\spuninst.exe"
Security Update for Windows XP (KB982381)-->"C:\WINDOWS\$NtUninstallKB982381$\spuninst\spuninst.exe"
Skype™ 4.2-->MsiExec.exe /X{D103C4BA-F905-437A-8049-DB24763BBE36}
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\WINDOWS\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
Update for Microsoft Windows (KB971513)-->"C:\WINDOWS\$NtUninstallKB971513$\spuninst\spuninst.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe"
Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe"
Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe"
Update for Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe"
Update for Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe"
Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe"
Update for Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe"
VC80CRTRedist - 8.0.50727.4053-->MsiExec.exe /I{5EE7D259-D137-4438-9A5F-42F432EC0421}
VisNova's PoseCentral-->msiexec /qb /x {896510CC-BAF4-5AFA-7A08-49DD042A9D84}
VisNova's PoseCentral-->MsiExec.exe /I{896510CC-BAF4-5AFA-7A08-49DD042A9D84}
Visual C++ 8.0 CRT (x86) WinSXS MSM-->MsiExec.exe /I{98CB24AD-52FB-DB5F-FF1F-C8B3B9A1E18E}
Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\UNYT_W~1.EXE

======Hosts File======

127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com

======Security center information======

AV: Norton 360
FW: Norton 360

======System event log======

Computer Name: USER-51F139C22A
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.

Record Number: 1711
Source Name: Tcpip
Time Written: 20100527073257.000000-420
Event Type: warning
User:

Computer Name: USER-51F139C22A
Event Code: 7000
Message: The adfs service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 1688
Source Name: Service Control Manager
Time Written: 20100527064815.000000-420
Event Type: error
User:

Computer Name: USER-51F139C22A
Event Code: 7000
Message: The adfs service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 1660
Source Name: Service Control Manager
Time Written: 20100526092150.000000-420
Event Type: error
User:

Computer Name: USER-51F139C22A
Event Code: 36
Message: The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Record Number: 1636
Source Name: W32Time
Time Written: 20100524104132.000000-420
Event Type: warning
User:

Computer Name: USER-51F139C22A
Event Code: 7000
Message: The adfs service failed to start due to the following error:
The system cannot find the file specified.


Record Number: 1616
Source Name: Service Control Manager
Time Written: 20100523210220.000000-420
Event Type: error
User:

=====Application event log=====

Computer Name: USER-51F139C22A
Event Code: 8
Message: Failed auto update retrieval of third-party root list sequence number from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootseq.txt> with error: This operation returned because the timeout period expired.


Record Number: 78
Source Name: crypt32
Time Written: 20100621200731.000000-420
Event Type: error
User:

Computer Name: USER-51F139C22A
Event Code: 5
Message: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25.crt> with error: The specified server cannot perform the requested operation.


Record Number: 18
Source Name: crypt32
Time Written: 20100614214923.000000-420
Event Type: error
User:

Computer Name: USER-51F139C22A
Event Code: 5
Message: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25.crt> with error: This operation returned because the timeout period expired.


Record Number: 17
Source Name: crypt32
Time Written: 20100614214923.000000-420
Event Type: error
User:

Computer Name: USER-51F139C22A
Event Code: 5
Message: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25.crt> with error: The specified server cannot perform the requested operation.


Record Number: 16
Source Name: crypt32
Time Written: 20100614210259.000000-420
Event Type: error
User:

Computer Name: USER-51F139C22A
Event Code: 5
Message: Failed auto update retrieval of third-party root certificate from: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25.crt> with error: This operation returned because the timeout period expired.


Record Number: 15
Source Name: crypt32
Time Written: 20100614210259.000000-420
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Autodesk Shared\;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 1, GenuineIntel
"PROCESSOR_REVISION"=0401
"NUMBER_OF_PROCESSORS"=1
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"PSModulePath"=C:\WINDOWS\system32\WindowsPowerShell\v1.0\Modules\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby Cypher » August 8th, 2010, 12:43 pm

Hi sanshark.
Continue with the instructions below then let me know how you're PC is performing.

Reset Host File

  • Open Notepad.
  • Copy and Paste everything from the Code Box below into Notepad: (Do not include the word Code:)
    Code: Select all
    @Echo off
    pushd\windows\system32\drivers\etc
    attrib -h -s -r hosts
    echo 127.0.0.1 localhost>HOSTS
    attrib +r +h +s hosts
    popd
    del %0
  • Go to File >> Save As
  • Save File name as FixHosts.bat
  • Change Save as Type to All Files and save the file to your Desktop.
Now double click on the desktop FixHosts.bat to run the batch file. It will self-delete when completed.


Next.

Back Up registry with ERUNT

  • Please use the following link and download ERUNT to your desktop. HERE
  • Click on the erunt-setup.exe
  • Follow the prompts to install ERUNT
  • Choose language
  • A set up window will pop up. It will ask: Create ERUNT entry in to the Start up folder, answer NO

    Image
  • Backup your registry to the default location

Note: To restore your registry (if needed), go to the folder and start ERDNT.exe


Next.

Download and run OTM

Download OTM.exe by Old Timer and save it to your Desktop.
  • Double-click OTM.exe to run it.
  • Right-click then copy the following code, Do not include the word Code.
    Code: Select all
    :Reg
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Search]
    "Default_Search_URL"=-
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyOverride"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    [-HKEY_CLASSES_ROOT\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
    "AntiVirus_ProNEScheduler"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Extensions\{d9288080-1baa-4bc4-9cf8-a92d743db949}]
    [-HKEY_CLASSES_ROOT\CLSID\{d9288080-1baa-4bc4-9cf8-a92d743db949}]
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\DNA\btdna.exe"=-
    "C:\Program Files\FrostWire\FrostWire.exe"=-
    "C:\Program Files\Vuze\Azureus.exe"=-
    
    :Files
    C:\Program Files\AntiVirus_Pro
    C:\Program Files\DNA
    C:\Program Files\BitTorrent
    C:\Program Files\FrostWire
    C:\Program Files\Vuze
    C:\WINDOWS\000001_.tmp
    C:\WINDOWS\system32\SET2F2.tmp
    C:\WINDOWS\system32\SET2F1.tmp
    C:\WINDOWS\system32\SET2F0.tmp
    C:\WINDOWS\system32\SET2ED.tmp
    C:\WINDOWS\system32\SET2EC.tmp
    C:\WINDOWS\system32\SET2EB.tmp
    C:\WINDOWS\system32\SET2E8.tmp
    C:\WINDOWS\system32\SET2E7.tmp
    C:\WINDOWS\system32\SET1C5.tmp
    C:\Documents and Settings\user\Application Data\IMVU
    C:\Documents and Settings\user\Application Data\IMVUClient
    C:\WINDOWS\system32\1a78.vbs
    C:\Documents and Settings\user\Application Data\BitTorrent
    C:\Documents and Settings\user\Application Data\DNA
    C:\Documents and Settings\user\Application Data\FrostWire
    C:\DOCUME~1\user\LOCALS~1\Temp\Adobelm_Cleanup.0001
    C:\DOCUME~1\user\LOCALS~1\Temp\Adobelm_Cleanup.0001
    C:\Documents and Settings\user\Start Menu\Programs\IMVU
    
    :Commands
    [emptytemp]
    [start explorer]
    [Reboot]
    

    • Return to OTM, right-click then paste the code into the blank box below Image
    • Next click on the large Image button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.


Next.

Re-run - RSIT (Random's System Information Tool)

You should still have this program on your desktop.
  • Double click on RSIT.exe to run it.
  • Please read the disclaimer... click on Continue.
  • RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. (it will be maximized)
  • Please post ONLY the "log.txt", file contents in your next reply.
    (This log can be lengthy, so a separate post may be needed.)



Logs/Information to Post in your Next Reply

  • OTM log.
  • RSIT log.txt.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 1:39 pm

ok i followed you up to move it /paste it. my pc rebooted. loaded much faster than it normally does. but that as far as i got. i followed the next set of instructions and all i got was chicken scratch. i did see before it restarted that it cleared all of some boxes. i'm a novice with pcs and i don't understand any of this stuff but i will proceed to the next set of instructions. thanks for helping me :)
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 1:40 pm

here is what i see


regfiÔ iÔ ¼¦mx57Ë   0x  S Y S T E M šÄù
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 1:43 pm

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2010-08-08 13:42:17
Microsoft Windows XP Professional Service Pack 3
System drive C: has 199 GB (83%) free of 238 GB
Total RAM: 3062 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 1:42:22 PM, on 8/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\WINDOWS\notepad.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Program Files\Sandboxie\SbieCtrl.exe
C:\Documents and Settings\user\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 6356 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL [2010-02-03 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-19 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DriverCure"=C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cdloader"=C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe [2010-02-26 50520]

C:\Documents and Settings\user\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe"="C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe:*:Enabled:1VivoxVoice"
"C:\Program Files\Paltalk Messenger\paltalk.exe"="C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-08 13:16:10 ----DC---- C:\_OTM
2010-08-08 13:08:29 ----D---- C:\Program Files\ERUNT
2010-08-08 13:07:17 ----D---- C:\WINDOWS\ERDNT
2010-08-08 07:31:37 ----A---- C:\WINDOWS\imsins.BAK
2010-08-08 07:14:30 ----DC---- C:\rsit
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files\Java
2010-08-07 20:30:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\java.exe
2010-08-07 14:43:11 ----DC---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2010-08-03 13:07:40 ----D---- C:\WINDOWS\Prefetch
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slgen.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slserv.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\slrundll.exe
2010-08-03 13:01:52 ----D---- C:\WINDOWS\system32\bits
2010-08-03 13:01:52 ----D---- C:\Program Files\msn
2010-08-03 12:58:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-08-03 12:20:36 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-03 11:53:31 ----D---- C:\Program Files\Trend Micro
2010-07-29 10:28:08 ----DC---- C:\Documents and Settings\user\Application Data\IMVU-Products
2010-07-25 12:29:57 ----D---- C:\Program Files\Common Files\Skype
2010-07-22 08:09:29 ----DC---- C:\Documents and Settings\user\Application Data\Help
2010-07-22 08:07:52 ----DC---- C:\Documents and Settings\user\Application Data\Brother
2010-07-13 17:46:55 ----DC---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-07-13 17:46:35 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DSETUP.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\nvport.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DolbyHph.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\atl71.dll
2010-07-11 19:55:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-11 09:43:43 ----D---- C:\Program Files\QuickTime
2010-07-11 09:12:50 ----DC---- C:\Documents and Settings\user\Application Data\Tific
2010-07-09 13:55:33 ----D---- C:\Program Files\Common Files\Windows Live

======List of files/folders modified in the last 1 months======

2010-08-08 13:42:12 ----D---- C:\WINDOWS\Temp
2010-08-08 13:32:31 ----D---- C:\WINDOWS
2010-08-08 13:32:31 ----A---- C:\WINDOWS\Sandboxie.ini
2010-08-08 13:26:00 ----DC---- C:\Documents and Settings\user\Application Data\mjusbsp
2010-08-08 13:24:19 ----SHD---- C:\System Volume Information
2010-08-08 13:23:10 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-08 13:17:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-08 13:16:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-08 13:16:56 ----D---- C:\WINDOWS\system32
2010-08-08 13:16:17 ----RD---- C:\Program Files
2010-08-08 07:37:03 ----SHD---- C:\WINDOWS\Installer
2010-08-08 07:34:00 ----HD---- C:\WINDOWS\inf
2010-08-08 07:34:00 ----D---- C:\WINDOWS\Help
2010-08-08 07:34:00 ----D---- C:\Program Files\Internet Explorer
2010-08-08 07:32:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-08 07:31:41 ----HDC---- C:\WINDOWS\ie8
2010-08-08 07:31:35 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-08 07:29:50 ----D---- C:\WINDOWS\system32\en-US
2010-08-08 07:26:32 ----D---- C:\WINDOWS\Debug
2010-08-08 07:11:03 ----D---- C:\WINDOWS\WinSxS
2010-08-08 07:09:58 ----D---- C:\Program Files\Utherverse Digital Inc
2010-08-08 06:55:03 ----D---- C:\Program Files\CCleaner
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files
2010-08-07 20:30:17 ----D---- C:\Program Files\Java
2010-08-07 16:28:01 ----D---- C:\Program Files\Adobe
2010-08-07 16:23:53 ----DC---- C:\Documents and Settings\user\Application Data\Adobe
2010-08-07 16:21:19 ----D---- C:\Program Files\PeerGuardian2
2010-08-07 16:19:55 ----D---- C:\Program Files\CyberPower Audio Editing Lab
2010-08-07 05:59:31 ----DC---- C:\Documents and Settings\user\Application Data\Skype
2010-08-07 05:53:10 ----DC---- C:\Documents and Settings\user\Application Data\skypePM
2010-08-03 13:15:54 ----D---- C:\Program Files\Messenger
2010-08-03 13:09:26 ----A---- C:\WINDOWS\win.ini
2010-08-03 13:06:38 ----D---- C:\WINDOWS\security
2010-08-03 13:02:53 ----D---- C:\WINDOWS\system32\drivers
2010-08-03 13:01:57 ----D---- C:\WINDOWS\system32\inetsrv
2010-08-03 12:57:44 ----D---- C:\WINDOWS\ehome
2010-08-03 12:32:08 ----SDC---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-08-03 12:31:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-03 12:27:34 ----SD---- C:\WINDOWS\Tasks
2010-07-30 07:47:55 ----A---- C:\WINDOWS\BRWMARK.INI
2010-07-26 23:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 17:12:03 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-07-25 16:44:35 ----D---- C:\Program Files\Build In Time
2010-07-25 12:29:58 ----RD---- C:\Program Files\Skype
2010-07-25 12:29:53 ----DC---- C:\Documents and Settings\All Users\Application Data\Skype
2010-07-24 11:41:31 ----D---- C:\Program Files\Mozilla Firefox
2010-07-17 05:00:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-13 17:46:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-13 08:52:49 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-11 13:37:56 ----RSD---- C:\WINDOWS\assembly
2010-07-11 13:37:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-11 08:56:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-11 08:39:41 ----RSD---- C:\WINDOWS\Fonts
2010-07-11 08:07:39 ----DC---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2010-07-11 08:07:39 ----D---- C:\Program Files\Yahoo!
2010-07-09 14:08:05 ----SDC---- C:\Documents and Settings\user\Application Data\Microsoft
2010-07-09 08:02:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-13 721904]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS [2010-02-03 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-28 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS [2010-05-05 361904]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100805.004\IDSxpx86.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100807.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100807.004\NAVEX15.SYS []
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-22 260224]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2004-06-12 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2004-01-10 11648]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-25 126392]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2010-04-17 73960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-10 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby Cypher » August 8th, 2010, 2:00 pm

Hi sanshark.
thanks for helping me.
i'm a novice with pcs and i don't understand any of this stuff

You're welcome and you're doing fine :)
The OTM fix seems to have worked but we need to run it again.
I need you to run a further scan also so continue with the instructions below.

Re-run OTM
  • Double-click OTM.exe to run it.
  • Right-click then copy the following code, Do not include the word Code.
    Code: Select all
    :Reg
    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "C:\Program Files\BitTorrent\bittorrent.exe"=-
    
    :Files
    C:\Program Files\BitTorrent
    C:\Documents and Settings\user\Application Data\IMVU-Products
    
    :Commands
    [emptytemp]
    [start explorer]
    [Reboot]
    

    • Return to OTM, right-click then paste the code into the blank box below Image
    • Next click on the largeImage button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Next.

Re-run - RSIT (Random's System Information Tool)

You should still have this program on your desktop.
  • Double click on RSIT.exe to run it.
  • Please read the disclaimer... click on Continue.
  • RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. (it will be maximized)
  • Please post ONLY the "log.txt", file contents in your next reply.
    (This log can be lengthy, so a separate post may be needed.)

Next.

Disable Norton 360

  • Right-click the Norton 360 icon in the system tray and select Open Tasks and
    Settings Window.
  • On the right side, under Settings, click on Change advanced settings.
  • Next, click on the Virus & Spyware Protection Settings.
  • Uncheck Turn on Auto-Protect and select Apply.
  • You will be asked to select a time for Norton to reactivate.
  • Choose Until I turn it back on.
  • Note: Don't forget to Re-enable it after the below scan.

Next.

ESET online scannner

Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • Hold down Control then click on the following link to open a new window to ESET online scannner
  • Then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.


Logs/Information to Post in your Next Reply

  • OTM log.
  • RSIT log.txt.
  • ESET log.
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 2:28 pm

All processes killed
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list\\C:\Program Files\BitTorrent\bittorrent.exe deleted successfully.
========== FILES ==========
File/Folder C:\Program Files\BitTorrent not found.
C:\Documents and Settings\user\Application Data\IMVU-Products\CacheCleaner\Main folder moved successfully.
C:\Documents and Settings\user\Application Data\IMVU-Products\CacheCleaner\devcredits folder moved successfully.
C:\Documents and Settings\user\Application Data\IMVU-Products\CacheCleaner\cln folder moved successfully.
C:\Documents and Settings\user\Application Data\IMVU-Products\CacheCleaner\Childs folder moved successfully.
C:\Documents and Settings\user\Application Data\IMVU-Products\CacheCleaner\cassiopeian folder moved successfully.
C:\Documents and Settings\user\Application Data\IMVU-Products\CacheCleaner folder moved successfully.
C:\Documents and Settings\user\Application Data\IMVU-Products folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: LocalService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: user
->Temp folder emptied: 24384 bytes
->Temporary Internet Files folder emptied: 7507801 bytes
->Java cache emptied: 0 bytes
->FireFox cache emptied: 21879046 bytes
->Flash cache emptied: 615 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 16867 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 28.00 mb


OTM by OldTimer - Version 3.1.15.0 log created on 08082010_142050

Files moved on Reboot...
File C:\WINDOWS\temp\Perflib_Perfdata_104.dat not found!

Registry entries deleted on Reboot...
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 2:33 pm

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2010-08-08 14:32:42
Microsoft Windows XP Professional Service Pack 3
System drive C: has 198 GB (83%) free of 238 GB
Total RAM: 3062 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 2:32:45 PM, on 8/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Application Data\mjusbsp\st00000\mjsetup.exe
C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\cidaemon.exe
C:\Documents and Settings\user\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 6424 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL [2010-02-03 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-19 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DriverCure"=C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cdloader"=C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe [2010-02-26 50520]

C:\Documents and Settings\user\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe"="C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe:*:Enabled:1VivoxVoice"
"C:\Program Files\Paltalk Messenger\paltalk.exe"="C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-08 13:48:32 ----DC---- C:\Documents and Settings\user\Application Data\IMVU
2010-08-08 13:16:10 ----DC---- C:\_OTM
2010-08-08 13:08:29 ----D---- C:\Program Files\ERUNT
2010-08-08 13:07:17 ----D---- C:\WINDOWS\ERDNT
2010-08-08 07:31:37 ----A---- C:\WINDOWS\imsins.BAK
2010-08-08 07:14:30 ----DC---- C:\rsit
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files\Java
2010-08-07 20:30:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\java.exe
2010-08-07 14:43:11 ----DC---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2010-08-03 13:07:40 ----D---- C:\WINDOWS\Prefetch
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slgen.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slserv.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\slrundll.exe
2010-08-03 13:01:52 ----D---- C:\WINDOWS\system32\bits
2010-08-03 13:01:52 ----D---- C:\Program Files\msn
2010-08-03 12:58:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-08-03 12:20:36 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-03 11:53:31 ----D---- C:\Program Files\Trend Micro
2010-07-25 12:29:57 ----D---- C:\Program Files\Common Files\Skype
2010-07-22 08:09:29 ----DC---- C:\Documents and Settings\user\Application Data\Help
2010-07-22 08:07:52 ----DC---- C:\Documents and Settings\user\Application Data\Brother
2010-07-13 17:46:55 ----DC---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-07-13 17:46:35 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DSETUP.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\nvport.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DolbyHph.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\atl71.dll
2010-07-11 19:55:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-11 09:43:43 ----D---- C:\Program Files\QuickTime
2010-07-11 09:12:50 ----DC---- C:\Documents and Settings\user\Application Data\Tific
2010-07-09 13:55:33 ----D---- C:\Program Files\Common Files\Windows Live

======List of files/folders modified in the last 1 months======

2010-08-08 14:28:54 ----DC---- C:\Documents and Settings\user\Application Data\mjusbsp
2010-08-08 14:25:01 ----D---- C:\WINDOWS\Temp
2010-08-08 14:23:50 ----SHD---- C:\System Volume Information
2010-08-08 14:22:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-08 13:32:31 ----D---- C:\WINDOWS
2010-08-08 13:32:31 ----A---- C:\WINDOWS\Sandboxie.ini
2010-08-08 13:17:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-08 13:16:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-08 13:16:56 ----D---- C:\WINDOWS\system32
2010-08-08 13:16:17 ----RD---- C:\Program Files
2010-08-08 07:37:03 ----SHD---- C:\WINDOWS\Installer
2010-08-08 07:34:00 ----HD---- C:\WINDOWS\inf
2010-08-08 07:34:00 ----D---- C:\WINDOWS\Help
2010-08-08 07:34:00 ----D---- C:\Program Files\Internet Explorer
2010-08-08 07:32:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-08 07:31:41 ----HDC---- C:\WINDOWS\ie8
2010-08-08 07:31:35 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-08 07:29:50 ----D---- C:\WINDOWS\system32\en-US
2010-08-08 07:26:32 ----D---- C:\WINDOWS\Debug
2010-08-08 07:11:03 ----D---- C:\WINDOWS\WinSxS
2010-08-08 07:09:58 ----D---- C:\Program Files\Utherverse Digital Inc
2010-08-08 06:55:03 ----D---- C:\Program Files\CCleaner
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files
2010-08-07 20:30:17 ----D---- C:\Program Files\Java
2010-08-07 16:28:01 ----D---- C:\Program Files\Adobe
2010-08-07 16:23:53 ----DC---- C:\Documents and Settings\user\Application Data\Adobe
2010-08-07 16:21:19 ----D---- C:\Program Files\PeerGuardian2
2010-08-07 16:19:55 ----D---- C:\Program Files\CyberPower Audio Editing Lab
2010-08-07 05:59:31 ----DC---- C:\Documents and Settings\user\Application Data\Skype
2010-08-07 05:53:10 ----DC---- C:\Documents and Settings\user\Application Data\skypePM
2010-08-03 13:15:54 ----D---- C:\Program Files\Messenger
2010-08-03 13:09:26 ----A---- C:\WINDOWS\win.ini
2010-08-03 13:06:38 ----D---- C:\WINDOWS\security
2010-08-03 13:02:53 ----D---- C:\WINDOWS\system32\drivers
2010-08-03 13:01:57 ----D---- C:\WINDOWS\system32\inetsrv
2010-08-03 12:57:44 ----D---- C:\WINDOWS\ehome
2010-08-03 12:32:08 ----SDC---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-08-03 12:31:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-03 12:27:34 ----SD---- C:\WINDOWS\Tasks
2010-07-30 07:47:55 ----A---- C:\WINDOWS\BRWMARK.INI
2010-07-26 23:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 17:12:03 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-07-25 16:44:35 ----D---- C:\Program Files\Build In Time
2010-07-25 12:29:58 ----RD---- C:\Program Files\Skype
2010-07-25 12:29:53 ----DC---- C:\Documents and Settings\All Users\Application Data\Skype
2010-07-24 11:41:31 ----D---- C:\Program Files\Mozilla Firefox
2010-07-17 05:00:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-13 17:46:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-13 08:52:49 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-11 13:37:56 ----RSD---- C:\WINDOWS\assembly
2010-07-11 13:37:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-11 08:56:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-11 08:39:41 ----RSD---- C:\WINDOWS\Fonts
2010-07-11 08:07:39 ----DC---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2010-07-11 08:07:39 ----D---- C:\Program Files\Yahoo!
2010-07-09 14:08:05 ----SDC---- C:\Documents and Settings\user\Application Data\Microsoft
2010-07-09 08:02:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-13 721904]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS [2010-02-03 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-28 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS [2010-05-05 361904]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100805.004\IDSxpx86.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100807.004\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100807.004\NAVEX15.SYS []
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-22 260224]
R3 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS [2010-04-21 325680]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2004-06-12 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2004-01-10 11648]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-25 126392]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2010-04-17 73960]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-10 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby Cypher » August 8th, 2010, 3:16 pm

Good work :)
Post the results of the ESET scan when ready.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 7:20 pm

C:\Documents and Settings\user\My Documents\Incomplete\CORRUPT-0-George Benson - Lady love me.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan
E:\MY DOWNLOADED SONGS\many tears has to fall(Disk 1).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan
E:\MY DOWNLOADED SONGS\stylistics extended version.mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan
E:\MY DOWNLOADED SONGS\[iTunes] many tears has to fall(long edition).mp3 a variant of WMA/TrojanDownloader.GetCodec.gen trojan
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby sanshark » August 8th, 2010, 7:40 pm

*found all and removed ran this report again*

Logfile of random's system information tool 1.08 (written by random/random)
Run by user at 2010-08-08 19:40:00
Microsoft Windows XP Professional Service Pack 3
System drive C: has 198 GB (83%) free of 238 GB
Total RAM: 3062 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:40:07 PM, on 8/8/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\cisvc.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Sandboxie\SbieSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\WINDOWS\system32\cidaemon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\_OTM\MovedFiles\08082010_131610\C_Documents and Settings\user\Application Data\IMVUClient\IMVUClient.exe
C:\_OTM\MovedFiles\08082010_131610\C_Documents and Settings\user\Application Data\IMVUClient\IMVUQualityAgent.exe
C:\Documents and Settings\user\My Documents\Downloads\RSIT.exe
C:\Program Files\trend micro\user.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/def ... .yahoo.com
R3 - URLSearchHook: (no name) - {C94E154B-1459-4A47-966B-4B843BEFC7DB} - (no file)
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [DriverCure] C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan
O4 - HKCU\..\Run: [Search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cdloader] "C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe" MAGICJACK
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Norton 360 (N360) - Symantec Corporation - C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe
O23 - Service: Sandboxie Service (SbieSvc) - tzuk - C:\Program Files\Sandboxie\SbieSvc.exe

--
End of file - 6514 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton 360\Engine\4.2.0.12\IPSBHO.DLL [2010-02-03 79224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-07-17 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-07-17 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll [2009-09-19 158008]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton 360\Engine\4.2.0.12\coIEPlg.dll [2010-05-12 394608]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2009-09-19 1172280]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Synchronization Manager"=C:\WINDOWS\system32\mobsync.exe [2008-04-14 143360]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2007-01-13 135168]
"igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2007-01-13 163840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-05-14 248552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DriverCure"=C:\Program Files\ParetoLogic\DriverCure\DriverCure.exe -scan []
"Search Protection"=C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe []
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cdloader"=C:\Documents and Settings\user\Application Data\mjusbsp\cdloader2.exe [2010-02-26 50520]

C:\Documents and Settings\user\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2009-01-30 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\WINDOWS\system32\usmt\migwiz.exe"="C:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Disabled:Firefox"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Java\jre6\bin\java.exe"="C:\Program Files\Java\jre6\bin\java.exe:*:Enabled:Java(TM) Platform SE binary"
"C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe"="C:\Documents and Settings\user\Application Data\IMVUClient\1VivoxVoice.exe:*:Enabled:1VivoxVoice"
"C:\Program Files\Paltalk Messenger\paltalk.exe"="C:\Program Files\Paltalk Messenger\paltalk.exe:*:Enabled:PaltalkScene"
"C:\Program Files\Skype\Plugin Manager\skypePM.exe"="C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
"C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe"="C:\Documents and Settings\user\Application Data\mjusbsp\magicJack.exe:*:Enabled:magicJack"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

======List of files/folders created in the last 1 months======

2010-08-08 14:55:07 ----D---- C:\Program Files\ESET
2010-08-08 13:48:32 ----DC---- C:\Documents and Settings\user\Application Data\IMVU
2010-08-08 13:16:10 ----DC---- C:\_OTM
2010-08-08 13:08:29 ----D---- C:\Program Files\ERUNT
2010-08-08 13:07:17 ----D---- C:\WINDOWS\ERDNT
2010-08-08 07:31:37 ----A---- C:\WINDOWS\imsins.BAK
2010-08-08 07:14:30 ----DC---- C:\rsit
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files\Java
2010-08-07 20:30:23 ----A---- C:\WINDOWS\system32\javaws.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\javaw.exe
2010-08-07 20:30:22 ----A---- C:\WINDOWS\system32\java.exe
2010-08-07 14:43:11 ----DC---- C:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
2010-08-03 13:07:40 ----D---- C:\WINDOWS\Prefetch
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\smtpapi.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\rwnh.dll
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\drivers\irbus.sys
2010-08-03 13:01:58 ----N---- C:\WINDOWS\system32\comsdupd.exe
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3duag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2010-08-03 13:01:57 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2010-08-03 13:01:56 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slgen.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slextspk.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\slcoinst.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\s3gnb.dll
2010-08-03 13:01:55 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slserv.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\system32\slrundll.exe
2010-08-03 13:01:54 ----N---- C:\WINDOWS\slrundll.exe
2010-08-03 13:01:52 ----D---- C:\WINDOWS\system32\bits
2010-08-03 13:01:52 ----D---- C:\Program Files\msn
2010-08-03 12:58:45 ----D---- C:\WINDOWS\ServicePackFiles
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1snxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1raxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\ati1btxx.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\amdagp.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\alim1541.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agpcpq.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\agp440.sys
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv11nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv09nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv08nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv07nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv05nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv02nt5.dll
2010-08-03 12:58:42 ----N---- C:\WINDOWS\system32\drivers\adv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv04nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv02nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atv01nt5.dll
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinxbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atintuxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinttxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinsnxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinrvxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinraxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinpdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinmdxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\atinbtxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtag.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2010-08-03 12:58:41 ----N---- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidir.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\hidbth.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\gagp30kx.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthusb.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthprint.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthpan.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthmodem.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\bthenum.sys
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv10nt5.dll
2010-08-03 12:58:40 ----N---- C:\WINDOWS\system32\drivers\atv06nt5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\sisagp.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\siint5.dll
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\s3gnbm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rndismpx.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\rfcomm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\recagent.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\nv4_mini.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mutohpen.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtxparhm.sys
2010-08-03 12:58:39 ----N---- C:\WINDOWS\system32\drivers\mtlstrm.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\usb8023x.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\uagp35.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\smbali.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slwdmsup.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnthal.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slntamr.sys
2010-08-03 12:58:38 ----N---- C:\WINDOWS\system32\drivers\slnt7554.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv08nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wadv07nt.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\wacompen.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\viaagp.sys
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\vchnt5.dll
2010-08-03 12:58:37 ----N---- C:\WINDOWS\system32\drivers\usbvideo.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv10nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\watv06nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv11nt.sys
2010-08-03 12:58:36 ----N---- C:\WINDOWS\system32\drivers\wadv09nt.sys
2010-08-03 12:20:36 ----A---- C:\WINDOWS\IsUninst.exe
2010-08-03 11:53:31 ----D---- C:\Program Files\Trend Micro
2010-07-25 12:29:57 ----D---- C:\Program Files\Common Files\Skype
2010-07-22 08:09:29 ----DC---- C:\Documents and Settings\user\Application Data\Help
2010-07-22 08:07:52 ----DC---- C:\Documents and Settings\user\Application Data\Brother
2010-07-13 17:46:55 ----DC---- C:\Documents and Settings\All Users\Application Data\NVIDIA Corporation
2010-07-13 17:46:35 ----D---- C:\Program Files\NVIDIA Corporation
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DSETUP.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\pfc.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\drivers\nvport.sys
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\DolbyHph.dll
2010-07-13 17:46:35 ----A---- C:\WINDOWS\system32\atl71.dll
2010-07-11 19:55:24 ----D---- C:\Program Files\Microsoft Silverlight
2010-07-11 09:43:43 ----D---- C:\Program Files\QuickTime
2010-07-11 09:12:50 ----DC---- C:\Documents and Settings\user\Application Data\Tific
2010-07-09 13:55:33 ----D---- C:\Program Files\Common Files\Windows Live

======List of files/folders modified in the last 1 months======

2010-08-08 17:43:32 ----D---- C:\WINDOWS\Temp
2010-08-08 14:55:07 ----RD---- C:\Program Files
2010-08-08 14:28:54 ----DC---- C:\Documents and Settings\user\Application Data\mjusbsp
2010-08-08 14:23:50 ----SHD---- C:\System Volume Information
2010-08-08 14:22:23 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-08-08 13:32:31 ----D---- C:\WINDOWS
2010-08-08 13:32:31 ----A---- C:\WINDOWS\Sandboxie.ini
2010-08-08 13:17:22 ----D---- C:\WINDOWS\system32\CatRoot2
2010-08-08 13:16:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-08-08 13:16:56 ----D---- C:\WINDOWS\system32
2010-08-08 07:37:03 ----SHD---- C:\WINDOWS\Installer
2010-08-08 07:34:00 ----HD---- C:\WINDOWS\inf
2010-08-08 07:34:00 ----D---- C:\WINDOWS\Help
2010-08-08 07:34:00 ----D---- C:\Program Files\Internet Explorer
2010-08-08 07:32:33 ----HD---- C:\WINDOWS\$hf_mig$
2010-08-08 07:31:41 ----HDC---- C:\WINDOWS\ie8
2010-08-08 07:31:35 ----D---- C:\WINDOWS\system32\CatRoot
2010-08-08 07:29:50 ----D---- C:\WINDOWS\system32\en-US
2010-08-08 07:26:32 ----D---- C:\WINDOWS\Debug
2010-08-08 07:11:03 ----D---- C:\WINDOWS\WinSxS
2010-08-08 07:09:58 ----D---- C:\Program Files\Utherverse Digital Inc
2010-08-08 06:55:03 ----D---- C:\Program Files\CCleaner
2010-08-07 20:32:05 ----D---- C:\Program Files\Common Files
2010-08-07 20:30:17 ----D---- C:\Program Files\Java
2010-08-07 16:28:01 ----D---- C:\Program Files\Adobe
2010-08-07 16:23:53 ----DC---- C:\Documents and Settings\user\Application Data\Adobe
2010-08-07 16:21:19 ----D---- C:\Program Files\PeerGuardian2
2010-08-07 16:19:55 ----D---- C:\Program Files\CyberPower Audio Editing Lab
2010-08-07 05:59:31 ----DC---- C:\Documents and Settings\user\Application Data\Skype
2010-08-07 05:53:10 ----DC---- C:\Documents and Settings\user\Application Data\skypePM
2010-08-03 13:15:54 ----D---- C:\Program Files\Messenger
2010-08-03 13:09:26 ----A---- C:\WINDOWS\win.ini
2010-08-03 13:06:38 ----D---- C:\WINDOWS\security
2010-08-03 13:02:53 ----D---- C:\WINDOWS\system32\drivers
2010-08-03 13:01:57 ----D---- C:\WINDOWS\system32\inetsrv
2010-08-03 12:57:44 ----D---- C:\WINDOWS\ehome
2010-08-03 12:32:08 ----SDC---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-08-03 12:31:09 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-08-03 12:27:34 ----SD---- C:\WINDOWS\Tasks
2010-07-30 07:47:55 ----A---- C:\WINDOWS\BRWMARK.INI
2010-07-26 23:30:35 ----A---- C:\WINDOWS\system32\shell32.dll
2010-07-25 17:12:03 ----ADC---- C:\Documents and Settings\All Users\Application Data\TEMP
2010-07-25 16:44:35 ----D---- C:\Program Files\Build In Time
2010-07-25 12:29:58 ----RD---- C:\Program Files\Skype
2010-07-25 12:29:53 ----DC---- C:\Documents and Settings\All Users\Application Data\Skype
2010-07-24 11:41:31 ----D---- C:\Program Files\Mozilla Firefox
2010-07-17 05:00:04 ----A---- C:\WINDOWS\system32\deployJava1.dll
2010-07-13 17:46:35 ----HD---- C:\Program Files\InstallShield Installation Information
2010-07-13 08:52:49 ----D---- C:\WINDOWS\system32\NtmsData
2010-07-11 13:37:56 ----RSD---- C:\WINDOWS\assembly
2010-07-11 13:37:56 ----D---- C:\WINDOWS\Microsoft.NET
2010-07-11 08:56:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-07-11 08:39:41 ----RSD---- C:\WINDOWS\Fonts
2010-07-11 08:07:39 ----DC---- C:\Documents and Settings\All Users\Application Data\Yahoo!
2010-07-11 08:07:39 ----D---- C:\Program Files\Yahoo!
2010-07-09 14:08:05 ----SDC---- C:\Documents and Settings\user\Application Data\Microsoft
2010-07-09 08:02:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 sptd;sptd; C:\WINDOWS\System32\Drivers\sptd.sys [2009-09-13 721904]
R0 SymDS;Symantec Data Store; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMDS.SYS [2010-02-03 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\WINDOWS\system32\drivers\N360\0402000.00C\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\BASHDefs\20100719.001\BHDrvx86.sys []
R1 ccHP;Symantec Hash Provider; C:\WINDOWS\system32\drivers\N360\0402000.00C\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 nvport;NVIDIA PORT IO Control Driver; \??\C:\WINDOWS\system32\Drivers\nvport.sys []
R1 SRTSP;Symantec Real Time Storage Protection; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SRTSP.SYS [2010-04-21 325680]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\WINDOWS\system32\drivers\N360\0402000.00C\SRTSPX.SYS [2010-04-21 43696]
R1 SymIRON;Symantec Iron Driver; C:\WINDOWS\system32\drivers\N360\0402000.00C\Ironx86.SYS [2010-04-28 116784]
R1 SYMTDI;Symantec Network Dispatch Driver; C:\WINDOWS\System32\Drivers\N360\0402000.00C\SYMTDI.SYS [2010-05-05 361904]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2006-05-10 156160]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812]
R3 IDSxpx86;IDSxpx86; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\IPSDefs\20100805.004\IDSxpx86.sys []
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100808.003\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\Documents and Settings\All Users\Application Data\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_4.1.0.32\Definitions\VirusDefs\20100808.003\NAVEX15.SYS []
R3 pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2006-03-29 9856]
R3 SbieDrv;SbieDrv; \??\C:\Program Files\Sandboxie\SbieDrv.sys []
R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-03-22 260224]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-14 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S2 adfs;adfs; C:\WINDOWS\system32\drivers\adfs.sys []
S3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
S3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\WINDOWS\System32\Drivers\BrSerIf.sys [2004-06-12 51712]
S3 BrUsbSer;Brother MFC USB Serial WDM Driver; C:\WINDOWS\System32\Drivers\BrUsbSer.sys [2004-01-10 11648]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys []
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-07-17 153376]
R2 N360;Norton 360; C:\Program Files\Norton 360\Engine\4.2.0.12\ccSvcHst.exe [2010-02-25 126392]
R2 SbieSvc;Sandboxie Service; C:\Program Files\Sandboxie\SbieSvc.exe [2010-04-17 73960]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-11 57344]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2010-05-18 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2010-03-18 35160]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-05-10 655624]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlusHelper;getPlus(R) Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2009-01-30 913408]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2010-03-18 124240]

-----------------EOF-----------------
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby Cypher » August 9th, 2010, 4:46 am

Hi sanshark.
found all and removed

Do you mean you removed those items that the ESET scan found from you're PC?
How is you're PC performing are you having any problems?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Need Help Reading This Log Please

Unread postby sanshark » August 9th, 2010, 5:35 am

yes i found & removed those items. it's running a bit smoother. i don't understand why my rams jumped up from 76% free to 67 % though ?
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm

Re: Need Help Reading This Log Please

Unread postby sanshark » August 9th, 2010, 5:44 am

btw it's taking quite a long time for my pc to start thought you should know
sanshark
Regular Member
 
Posts: 23
Joined: August 3rd, 2010, 12:01 pm
Advertisement
Register to Remove

PreviousNext

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 291 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware