Hey Cypher,so far so good PC is running much better,faster than before. Here's the log.txt Logfile of random's system information tool 1.08 (written by random/random)
Run by owner at 2010-09-10 11:44:48
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 64 GB (45%) free of 143 GB
Total RAM: 1015 MB (24% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:45:23 AM, on 9/10/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18943)
Boot mode: Normal
Running processes:
C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\RtHDVCpl.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Users\owner\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\msfeedssync.exe
C:\Program Files\trend micro\owner.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Symantec NCO BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [PCDrProfiler] "C:\Program Files\PC-Doctor for Windows\RunProfiler.exe" -r
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe view=DOCKVIEW,SYSTRAY
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner.exe" /AUTO
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-18\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background (User 'Default user')
O4 - Startup: OpenOffice.org 3.2.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {5E92F538-B50B-46C5-9C5F-C6EECED3F6C6} -
http://www.infospace.com/mypoints.main/ ... sSetup.exeO16 - DPF: {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} (WorldWinner ActiveX Launcher Control) -
http://www.worldwinner.com/games/launch ... wwload.cabO16 - DPF: {B1E2B96C-12FE-45E2-BEF1-44A219113CDD} -
http://www.superadblocker.com/activex/sabspx.cabO16 - DPF: {D8AA889B-2C65-47C3-8C16-3DCD4EF76A47} -
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} -
http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: CopySafe Helper Service (CSHelper) - Unknown owner - C:\Windows\system32\CSHelper.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: McciCMService - Motive Communications, Inc. - C:\Program Files\Common Files\Motive\McciCMService.exe
O23 - Service: Norton Internet Security (NIS) - Symantec Corporation - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 7791 bytes
======Scheduled tasks folder======
C:\Windows\tasks\User_Feed_Synchronization-{0136BB30-DFED-4D45-AA05-8FD5B8221A94}.job
C:\Windows\tasks\User_Feed_Synchronization-{7A2413BB-1A36-47B5-A626-D134742D3CAA}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-06-19 75200]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
Symantec NCO BHO - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-12 394608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\IPSBHO.DLL [2010-05-13 79224]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2010-08-11 325408]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-08-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Norton Toolbar - C:\Program Files\Norton Internet Security\Engine\17.7.0.12\coIEPlg.dll [2010-05-12 394608]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-06-19 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-06-09 976832]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-08-10 421888]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-09-01 421160]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"PCDrProfiler"=C:\Program Files\PC-Doctor for Windows\RunProfiler.exe [2008-09-09 77824]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2009-08-05 1644088]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"ccleaner"=C:\Program Files\CCleaner\CCleaner.exe [2010-08-26 1779512]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\Users\owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 3.2.lnk - C:\Program Files\OpenOffice.org 3\program\quickstart.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-03-25 204800]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0
"NoViewOnDrive"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-09-10 11:44:48 ----D---- C:\rsit
2010-09-09 17:02:01 ----A---- C:\Windows\system32\REN9F3.tmp
2010-09-09 17:02:01 ----A---- C:\Windows\system32\REN9F2.tmp
2010-09-09 17:02:01 ----A---- C:\Windows\system32\REN9F1.tmp
2010-09-09 02:32:04 ----D---- C:\Program Files\Trend Micro
2010-09-08 20:18:37 ----D---- C:\ProgramData\Trymedia
2010-09-08 20:18:10 ----D---- C:\Program Files\IWON Games
2010-09-08 20:15:15 ----D---- C:\ProgramData\NeoEdge Networks
2010-09-07 10:52:15 ----D---- C:\Program Files\iPod
2010-09-07 10:52:03 ----D---- C:\Program Files\iTunes
2010-09-06 07:19:55 ----D---- C:\Windows\system32\WindowsPowerShell
2010-09-06 07:18:16 ----A---- C:\Windows\system32\winrsmgr.dll
2010-09-06 07:17:59 ----A---- C:\Windows\system32\wsmprovhost.exe
2010-09-06 07:17:59 ----A---- C:\Windows\system32\winrshost.exe
2010-09-06 07:17:59 ----A---- C:\Windows\system32\winrs.exe
2010-09-06 07:17:57 ----A---- C:\Windows\system32\wsmplpxy.dll
2010-09-06 07:17:57 ----A---- C:\Windows\system32\winrssrv.dll
2010-09-06 07:17:56 ----A---- C:\Windows\system32\wecapi.dll
2010-09-06 07:17:55 ----A---- C:\Windows\system32\WsmRes.dll
2010-09-06 07:17:55 ----A---- C:\Windows\system32\wevtfwd.dll
2010-09-06 07:17:55 ----A---- C:\Windows\system32\wecutil.exe
2010-09-06 07:17:55 ----A---- C:\Windows\system32\wecsvc.dll
2010-09-06 07:17:55 ----A---- C:\Windows\system32\pwrshplugin.dll
2010-09-06 07:17:49 ----A---- C:\Windows\system32\winrm.vbs
2010-09-06 07:17:45 ----A---- C:\Windows\system32\WsmWmiPl.dll
2010-09-06 07:17:45 ----A---- C:\Windows\system32\WsmAuto.dll
2010-09-06 07:17:45 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2010-09-06 07:17:45 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2010-09-06 07:17:45 ----A---- C:\Windows\system32\winrscmd.dll
2010-09-06 07:17:44 ----A---- C:\Windows\system32\WsmSvc.dll
2010-09-04 16:32:24 ----A---- C:\Program Files\0904201016322390.bat
2010-09-03 00:54:11 ----D---- C:\ProgramData\Media Center Programs
2010-09-03 00:26:31 ----A---- C:\Program Files\090320100263066.bat
2010-09-02 18:20:13 ----A---- C:\Program Files\0902201018201310.bat
2010-09-02 18:00:25 ----D---- C:\ProgramData\Oberon Media
2010-09-02 18:00:23 ----D---- C:\Program Files\MSN Games
2010-08-17 12:25:07 ----D---- C:\Program Files\QuickTime
2010-08-12 01:56:09 ----A---- C:\Windows\system32\mshtml.dll
2010-08-12 01:56:09 ----A---- C:\Windows\system32\iertutil.dll
2010-08-12 01:56:08 ----A---- C:\Windows\system32\ieframe.dll
2010-08-12 01:56:07 ----A---- C:\Windows\system32\urlmon.dll
2010-08-12 01:56:06 ----A---- C:\Windows\system32\wininet.dll
2010-08-12 01:56:06 ----A---- C:\Windows\system32\mstime.dll
2010-08-12 01:56:06 ----A---- C:\Windows\system32\msfeeds.dll
2010-08-12 01:56:06 ----A---- C:\Windows\system32\iedkcs32.dll
2010-08-12 01:56:06 ----A---- C:\Windows\system32\ie4uinit.exe
2010-08-12 01:56:05 ----A---- C:\Windows\system32\occache.dll
2010-08-12 01:56:05 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-08-12 01:56:05 ----A---- C:\Windows\system32\ieUnatt.exe
2010-08-12 01:56:05 ----A---- C:\Windows\system32\ieui.dll
2010-08-12 01:56:05 ----A---- C:\Windows\system32\iesysprep.dll
2010-08-12 01:56:05 ----A---- C:\Windows\system32\iesetup.dll
2010-08-12 01:56:05 ----A---- C:\Windows\system32\iepeers.dll
2010-08-12 01:56:04 ----A---- C:\Windows\system32\msfeedssync.exe
2010-08-12 01:56:04 ----A---- C:\Windows\system32\jsproxy.dll
2010-08-12 01:56:04 ----A---- C:\Windows\system32\iernonce.dll
2010-08-12 01:55:59 ----A---- C:\Windows\system32\iccvid.dll
2010-08-12 01:55:56 ----A---- C:\Windows\system32\schannel.dll
2010-08-12 01:55:48 ----A---- C:\Windows\system32\win32k.sys
2010-08-12 01:55:12 ----A---- C:\Windows\system32\rtutils.dll
2010-08-12 01:54:29 ----A---- C:\Windows\system32\ntkrnlpa.exe
2010-08-12 01:54:28 ----A---- C:\Windows\system32\ntoskrnl.exe
2010-08-12 01:54:25 ----A---- C:\Windows\system32\msxml3.dll
2010-08-12 01:54:21 ----A---- C:\Windows\system32\drivers\srv2.sys
2010-08-12 01:54:21 ----A---- C:\Windows\system32\drivers\srv.sys
2010-08-12 01:54:16 ----A---- C:\Windows\system32\drivers\tcpip.sys
2010-08-11 16:02:24 ----D---- C:\ProgramData\WorldWinner.com
2010-08-11 14:45:22 ----A---- C:\Windows\system32\javaws.exe
2010-08-11 14:45:22 ----A---- C:\Windows\system32\javaw.exe
2010-08-11 14:45:22 ----A---- C:\Windows\system32\java.exe
======List of files/folders modified in the last 1 months======
2010-09-10 11:45:20 ----D---- C:\Windows\Prefetch
2010-09-10 11:44:14 ----D---- C:\Windows\Temp
2010-09-10 10:48:30 ----SHD---- C:\System Volume Information
2010-09-10 10:10:33 ----D---- C:\Windows\system32\LogFiles
2010-09-09 17:03:38 ----D---- C:\Program Files
2010-09-09 17:02:23 ----SHD---- C:\Windows\Installer
2010-09-09 17:02:16 ----D---- C:\Program Files\Java
2010-09-09 17:02:14 ----D---- C:\Program Files\Common Files\Java
2010-09-09 17:02:01 ----D---- C:\Windows\System32
2010-09-09 17:01:23 ----D---- C:\Windows\system32\catroot2
2010-09-09 14:40:51 ----D---- C:\Windows
2010-09-09 12:45:25 ----RD---- C:\Users
2010-09-09 01:34:31 ----D---- C:\Windows\tracing
2010-09-08 23:40:54 ----D---- C:\Windows\security
2010-09-08 23:40:52 ----D---- C:\Windows\system32\drivers
2010-09-08 23:27:11 ----D---- C:\5c6bab1dfe7cd89c0ce950834f
2010-09-08 20:18:37 ----HD---- C:\ProgramData
2010-09-08 16:47:29 ----AD---- C:\ProgramData\TEMP
2010-09-08 16:47:15 ----D---- C:\Program Files\SpywareBlaster
2010-09-08 14:31:43 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-09-08 10:51:13 ----D---- C:\Program Files\Mozilla Firefox
2010-09-07 19:12:30 ----D---- C:\Program Files\NortonInstaller
2010-09-07 11:14:19 ----SD---- C:\Windows\Downloaded Program Files
2010-09-07 10:52:14 ----D---- C:\Program Files\Common Files\Apple
2010-09-07 10:52:03 ----D---- C:\ProgramData\Apple Computer
2010-09-07 10:47:02 ----D---- C:\Windows\system32\catroot
2010-09-07 10:47:01 ----D---- C:\Windows\inf
2010-09-06 07:49:31 ----D---- C:\Windows\rescache
2010-09-06 07:30:41 ----D---- C:\Program Files\Microsoft Silverlight
2010-09-06 07:25:37 ----D---- C:\Windows\Microsoft.NET
2010-09-06 07:24:08 ----RSD---- C:\Windows\assembly
2010-09-06 07:20:05 ----D---- C:\Windows\winsxs
2010-09-06 07:19:59 ----D---- C:\Windows\system32\en-US
2010-09-06 07:19:59 ----D---- C:\Windows\PolicyDefinitions
2010-09-05 08:09:05 ----D---- C:\Program Files\CCleaner
2010-09-04 16:32:25 ----D---- C:\Program Files\Common Files
2010-08-29 18:31:25 ----D---- C:\Windows\Tasks
2010-08-29 18:31:25 ----D---- C:\Windows\system32\Tasks
2010-08-29 18:09:28 ----D---- C:\Temp
2010-08-26 19:13:34 ----SHD---- C:\$Recycle.Bin
2010-08-26 11:38:24 ----HD---- C:\Windows\system32\GroupPolicyUsers
2010-08-22 10:14:36 ----D---- C:\ProgramData\WorldWinner
2010-08-13 12:22:58 ----D---- C:\ProgramData\NOS
2010-08-12 07:48:28 ----D---- C:\Windows\Debug
2010-08-12 03:26:41 ----D---- C:\Windows\system32\migration
2010-08-12 03:26:41 ----D---- C:\Program Files\Internet Explorer
2010-08-12 03:26:38 ----D---- C:\Program Files\Movie Maker
2010-08-12 03:09:02 ----D---- C:\Program Files\Microsoft Works
2010-08-12 03:01:44 ----D---- C:\Program Files\Windows Mail
2010-08-11 14:45:06 ----A---- C:\Windows\system32\deployJava1.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 Lbd;Lbd; C:\Windows\system32\DRIVERS\Lbd.sys [2009-01-18 64160]
R0 SymDS;Symantec Data Store; C:\Windows\system32\drivers\NIS\1107000.00C\SYMDS.SYS [2009-08-29 328752]
R0 SymEFA;Symantec Extended File Attributes; C:\Windows\system32\drivers\NIS\1107000.00C\SYMEFA.SYS [2010-04-21 173104]
R1 BHDrvx86;BHDrvx86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100810.004\BHDrvx86.sys [2010-08-09 692272]
R1 ccHP;Symantec Hash Provider; C:\Windows\system32\drivers\NIS\1107000.00C\ccHPx86.sys [2010-02-25 501888]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2010-05-27 371248]
R1 IDSVix86;IDSVix86; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100909.001\IDSvix86.sys [2010-05-28 344112]
R1 SRTSP;Symantec Real Time Storage Protection; C:\Windows\System32\Drivers\NIS\1107000.00C\SRTSP.SYS [2010-04-21 325680]
R1 SRTSPX;Symantec Real Time Storage Protection (PEL); C:\Windows\system32\drivers\NIS\1107000.00C\SRTSPX.SYS [2010-04-21 43696]
R1 SymIM;Symantec Network Security Intermediate Filter Driver; C:\Windows\system32\DRIVERS\SymIMv.sys [2010-05-06 44080]
R1 SymIRON;Symantec Iron Driver; C:\Windows\system32\drivers\NIS\1107000.00C\Ironx86.SYS [2010-04-29 116784]
R1 SYMTDIv;Symantec Vista Network Dispatch Driver; C:\Windows\System32\Drivers\NIS\1107000.00C\SYMTDIV.SYS [2010-05-06 339504]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 RMCAST;RMCAST (Pgm) Protocol Driver; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2007-10-18 8704]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-05-27 102448]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HSF_DP;HSF_DP; C:\Windows\system32\DRIVERS\HSX_DP.sys [2008-05-08 980992]
R3 HSXHWBS2;HSXHWBS2; C:\Windows\system32\DRIVERS\HSXHWBS2.sys [2008-05-08 266752]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-25 2307072]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-08-04 2744800]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2010-04-29 38224]
R3 NAVENG;NAVENG; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100909.049\NAVENG.SYS [2010-07-14 85424]
R3 NAVEX15;NAVEX15; \??\C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100909.049\NAVEX15.SYS [2010-07-14 1362608]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2010-04-25 47360]
R3 Ps2;PS2; C:\Windows\system32\DRIVERS\PS2.sys [2005-12-12 19072]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-09-02 176128]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2010-01-30 124976]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2008-05-08 661504]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S0 szkg5;szkg; C:\Windows\system32\DRIVERS\szkg.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-03-25 2307072]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS [2008-01-28 19712]
S3 MREMP50a64;MREMP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50a64.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS [2008-01-28 18304]
S3 MRESP50a64;MRESP50a64 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50a64.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 PcdrNdisuio;PCDRNDISUIO Usermode I/O Protocol; C:\Windows\system32\DRIVERS\pcdrndisuio.sys []
S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-19 7680]
S3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-08-13 144672]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CSHelper;CopySafe Helper Service; C:\Windows\system32\CSHelper.exe [2009-08-04 266240]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-09-19 65536]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2009-03-17 73728]
R2 McciCMService;McciCMService; C:\Program Files\Common Files\Motive\McciCMService.exe [2008-01-28 303104]
R2 NIS;Norton Internet Security; C:\Program Files\Norton Internet Security\Engine\17.7.0.12\ccSvcHst.exe [2010-02-25 126392]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2007-10-18 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-09-01 820008]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 GameConsoleService;GameConsoleService; C:\Program Files\HP Games\My HP Game Console\GameConsoleService.exe [2008-05-05 165416]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
-----------------EOF-----------------