1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Computer crashes, runs slow, start up takes forever, and computer stutters

Discussion in 'Malware and Virus Removal Archive' started by Charlie Ivey, 2008/09/13.

  1. 2008/09/13
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    Please help! Here is my HJT log.

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 1:45:22 PM, on 9/13/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20861)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Windows Defender\MsMpEng.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\System32\WLTRYSVC.EXE
    D:\WINDOWS\System32\bcmwltry.exe
    D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
    D:\Program Files\Viewpoint\Common\ViewpointService.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\PROGRA~1\AVG\AVG8\avgrsx.exe
    D:\WINDOWS\Explorer.EXE
    D:\PROGRA~1\AVG\AVG8\avgemc.exe
    D:\WINDOWS\system32\WLTRAY.exe
    D:\PROGRA~1\AVG\AVG8\avgtray.exe
    D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    D:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
    D:\Program Files\iPod\bin\iPodService.exe
    D:\Program Files\Windows Live\Messenger\usnsvc.exe
    D:\Program Files\Windows Live\Mail\wlmail.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Documents and Settings\Charlie\Desktop\AntiVirus AntiSpyware\HiJackThis.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] D:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = D:\Program Files\SpywareGuard\sgmain.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - D:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - D:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 7392 bytes
     
    Charlie Ivey,
    #1
  2. 2008/09/14
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Welcome to WindowsBBS Charlie :)

    Nothing jumping out in that log, though another scanner might show us more.

    • Download RSIT by random/random and save it to your desktop.
    • Double click RSIT.exe to start the tool and click Continue at the disclaimer.
    • When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
    • Please post the contents of both logs here in your next reply.


    Have you opened the case and checked for dust accumulation on the fans, heatsink and/or air intake vents? Excessive builup can cause system temperatures to rise, often resulting in the symptoms you described.
     
    noahdfear,
    #2


  3. to hide this advert.

  4. 2008/09/14
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    Thanks so much for your help!

    info.txt logfile of random's system information tool 1.01 2008-09-14 21:19:02

    Uninstall list

    -->D:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->D:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 D:\WINDOWS\INF\PCHealth.inf
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {F7A31780-33C4-4E39-951A-5EC9B91D7BF1}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {FAD8A83E-9BAC-4179-9268-A35948034D85}
    2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {4CA4ECC1-DBD4-4591-8F4C-AA12AD2D3E59}
    Acrobat.com-->D:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
    Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
    Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
    Adobe AIR-->D:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
    Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
    Adobe Flash Player Plugin-->D:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
    AIM 6-->D:\Program Files\AIM6\uninst.exe
    Apple Mobile Device Support-->MsiExec.exe /I{C7C895CA-331B-4D7D-A0FB-D3BC637949F9}
    Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
    ATI - Software Uninstall Utility-->D:\Program Files\ATI Technologies\UninstallAll\AtiCimUn.exe
    ATI Catalyst Control Center-->MsiExec.exe /I{79B05AF4-8894-49A1-9FF4-53F0142D85E1}
    ATI Display Driver-->rundll32 D:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
    ATI Parental Control & Encoder-->MsiExec.exe /I{8D70145A-3BD3-4DBF-9CBF-223EF4A43257}
    AVG Free 8.0-->D:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
    Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
    Broadcom 802.11 Network Adapter--> "D:\Program Files\Broadcom\Broadcom 802.11 Network Adapter\bcmwlu00.exe" verbose /rootkey= "Software\Broadcom\802.11\UninstallInfo" /rootdir= "D:\Program Files\Broadcom\Broadcom 802.11 Network Adapter "
    CCleaner (remove only)--> "D:\Program Files\CCleaner\uninst.exe "
    DivX Codec-->D:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->D:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->D:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->D:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    HijackThis 2.0.2--> "D:\Documents and Settings\Charlie\Desktop\AntiVirus AntiSpyware\HijackThis.exe" /uninstall
    Hotfix for Windows Media Player 11 (KB939683)--> "D:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
    Hotfix for Windows XP (KB952287)--> "D:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
    IrfanView (remove only)-->D:\Program Files\IrfanView\iv_uninstall.exe
    iTunes-->MsiExec.exe /I{EA418519-2160-43A0-AABD-6608DDD8D87F}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    LimeWire 4.18.3--> "D:\Program Files\LimeWire\uninstall.exe "
    Malwarebytes' Anti-Malware--> "D:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
    Microsoft .NET Framework 2.0-->D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
    Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
    Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
    Microsoft Office Enterprise 2007--> "D:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
    Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
    Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
    Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
    Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
    Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
    Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
    Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
    Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
    Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
    Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
    Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
    Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
    Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
    Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
    Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
    Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Mozilla Firefox (3.0.1)-->D:\Program Files\Mozilla Firefox\uninstall\helper.exe
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
    NoAdware v5.0--> "D:\Program Files\NoAdware5.0\unins000.exe "
    PokerStars--> "D:\Program Files\PokerStars\PokerStarsUninstall.exe" /u:pokerStars
    QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
    RealPlayer-->D:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Realtek High Definition Audio Driver-->RtlUpd.exe -r
    Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
    Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
    Security Update for Microsoft .NET Framework 2.0 (KB928365)-->D:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {8056AC9E-49C5-4375-9ADE-B2F862C9DF51} /package {7131646D-CD3C-40F4-97B9-CD9E4E6262EF}
    Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
    Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
    Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
    Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
    Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
    Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
    Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
    Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "D:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
    Security Update for Windows Internet Explorer 7 (KB953838)--> "D:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe "
    Security Update for Windows Media Player 11 (KB936782)--> "D:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
    Security Update for Windows Media Player 11 (KB954154)--> "D:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB938464)--> "D:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB941569)--> "D:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB946648)--> "D:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB950762)--> "D:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB950974)--> "D:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951066)--> "D:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951376-v2)--> "D:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951698)--> "D:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB951748)--> "D:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB952954)--> "D:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
    Security Update for Windows XP (KB953839)--> "D:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
    sharkbyte--> "D:\Program Files\Grooveshark\uninstaller.exe "
    Smart Defrag 1.0--> "D:\Program Files\IObit\IObit SmartDefrag\unins000.exe "
    SMSC IrCC V5.1.3600.7-->RunDll32 D:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0700\Intel32\Ctor.dll,LaunchSetup "D:\Program Files\InstallShield Installation Information\{F1B8DB67-D30E-4FF9-A85F-3CEE51825AA2}\setup.exe" -l0x9 UNINSTALL
    Soft Data Fax Modem with SmartCP-->D:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2BFA&SUBSYS_1025009F\HXFSETUP.EXE -U -IAcrS09Fp.inf
    Spybot - Search & Destroy--> "D:\Program Files\Spybot - Search & Destroy\unins000.exe "
    SpywareBlaster 4.1--> "D:\Program Files\SpywareBlaster\unins000.exe "
    SpywareGuard v2.2--> "D:\Program Files\SpywareGuard\unins000.exe "
    SUPERAntiSpyware Professional-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
    Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
    Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
    Update for Outlook 2007 Junk Email Filter (kb956080)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {96CC215F-3F22-4E1E-A101-F0041934A456}
    Update for Windows XP (KB951072-v2)--> "D:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
    Update for Windows XP (KB951978)--> "D:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
    VideoLAN VLC media player 0.8.6f-->D:\Program Files\VideoLAN\VLC\uninstall.exe
    Viewpoint Media Player-->D:\Program Files\Viewpoint\Viewpoint Media Player\mtsAxInstaller.exe /u
    Winamp--> "D:\Program Files\Winamp\UninstWA.exe "
    Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
    Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0)-->D:\PROGRA~1\DIFX\7B44739871F4D539FA473F57A832EA4B6A59EF06\DPInst.exe /d /u D:\WINDOWS\system32\DRVSTORE\amdk8_9EA6D2FA46FEFFB7011ED0B6015B626D07F1EEF7\amdk8.inf
    Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
    Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
    Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
    Windows XP Service Pack 3--> "D:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
    WinRAR archiver-->D:\Program Files\WinRAR\uninstall.exe
    WinZip 11.2-->MsiExec.exe /X{CD95F661-A5C4-44F5-A6AA-ECDD91C240B6}

    Hosts File

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    Security center information

    AV: AVG Anti-Virus Free

    Environment variables

    "ComSpec "=%SystemRoot%\system32\cmd.exe
    "Path "=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;D:\Program Files\ATI Technologies\ATI.ACE;D:\Program Files\QuickTime\QTSystem
    "windir "=%SystemRoot%
    "FP_NO_HOST_CHECK "=NO
    "OS "=Windows_NT
    "PROCESSOR_ARCHITECTURE "=x86
    "PROCESSOR_LEVEL "=15
    "PROCESSOR_IDENTIFIER "=x86 Family 15 Model 76 Stepping 2, AuthenticAMD
    "PROCESSOR_REVISION "=4c02
    "NUMBER_OF_PROCESSORS "=1
    "PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
    "TEMP "=%SystemRoot%\TEMP
    "TMP "=%SystemRoot%\TEMP
    "CLASSPATH "=.;D:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
    "QTJAVA "=D:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

    -----------------EOF-----------------
     
    Charlie Ivey,
    #3
  5. 2008/09/14
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    Logfile of random's system information tool 1.01 (written by random/random)
    Run by Charlie at 2008-09-14 21:17:55
    Microsoft Windows XP Professional Service Pack 3
    System drive D: has 21 GB (37%) free of 56 GB
    Total RAM: 766 MB (23% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 9:18:53 PM, on 9/14/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v7.00 (7.00.6000.20861)
    Boot mode: Normal

    Running processes:
    D:\WINDOWS\System32\smss.exe
    D:\WINDOWS\system32\winlogon.exe
    D:\WINDOWS\system32\services.exe
    D:\WINDOWS\system32\lsass.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\WINDOWS\system32\svchost.exe
    D:\Program Files\Windows Defender\MsMpEng.exe
    D:\WINDOWS\System32\svchost.exe
    D:\WINDOWS\System32\WLTRYSVC.EXE
    D:\WINDOWS\System32\bcmwltry.exe
    D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    D:\WINDOWS\system32\spoolsv.exe
    D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    D:\Program Files\Bonjour\mDNSResponder.exe
    D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
    D:\Program Files\Viewpoint\Common\ViewpointService.exe
    D:\PROGRA~1\AVG\AVG8\avgrsx.exe
    D:\WINDOWS\system32\Ati2evxx.exe
    D:\PROGRA~1\AVG\AVG8\avgemc.exe
    D:\WINDOWS\Explorer.EXE
    D:\WINDOWS\system32\WLTRAY.exe
    D:\PROGRA~1\AVG\AVG8\avgtray.exe
    D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
    D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    D:\Program Files\Common Files\Real\Update_OB\realsched.exe
    D:\Program Files\iTunes\iTunesHelper.exe
    D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
    D:\WINDOWS\system32\ctfmon.exe
    D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    D:\Program Files\SpywareGuard\sgmain.exe
    D:\Program Files\SpywareGuard\sgbhp.exe
    D:\Program Files\iPod\bin\iPodService.exe
    D:\Program Files\Mozilla Firefox\firefox.exe
    D:\Documents and Settings\Charlie\Desktop\RSIT.exe
    D:\Documents and Settings\Charlie\Desktop\AntiVirus AntiSpyware\Charlie.exe

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
    O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - D:\Program Files\rpbrowserrecordplugin.dll
    O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - D:\Program Files\AVG\AVG8\avgssie.dll
    O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - D:\Program Files\SpywareGuard\dlprotect.dll
    O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - D:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
    O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
    O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] D:\WINDOWS\system32\WLTRAY.exe
    O4 - HKLM\..\Run: [AVG8_TRAY] D:\PROGRA~1\AVG\AVG8\avgtray.exe
    O4 - HKLM\..\Run: [GrooveMonitor] "D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe "
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
    O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [iTunesHelper] "D:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [SmartDefrag] "D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe" /StartUp
    O4 - HKLM\..\RunOnce: [Cleanup] D:\cleanup.exe
    O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
    O4 - HKCU\..\Run: [SUPERAntiSpyware] D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - HKCU\..\Run: [MsnMsgr] "D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
    O4 - HKUS\S-1-5-19\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\RunOnce: [ShowDeskFix] regsvr32 /s /n /i:u shell32 (User 'Default user')
    O4 - Startup: SpywareGuard.lnk = D:\Program Files\SpywareGuard\sgmain.exe
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
    O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - D:\Program Files\PokerStars\PokerStarsUpdate.exe
    O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
    O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
    O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
    O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - D:\Program Files\AVG\AVG8\avgpp.dll
    O20 - AppInit_DLLs: avgrsstx.dll
    O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
    O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
    O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
    O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgemc.exe
    O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - D:\Program Files\NOS\bin\getPlus_HelperSvc.exe
    O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: Pml Driver HPZ12 - HP - D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe
    O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - D:\Program Files\Viewpoint\Common\ViewpointService.exe
    O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - D:\WINDOWS\System32\WLTRYSVC.EXE

    --
    End of file - 7647 bytes
     
    Charlie Ivey,
    #4
  6. 2008/09/14
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    Scheduled tasks folder

    D:\WINDOWS\tasks\AppleSoftwareUpdate.job
    D:\WINDOWS\tasks\MP Scheduled Scan.job

    Registry dump

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
    Adobe PDF Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
    RealPlayer Download and Record Plugin for Internet Explorer - D:\Program Files\rpbrowserrecordplugin.dll [2008-09-08 308856]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
    AVG Safe Search - D:\Program Files\AVG\AVG8\avgssie.dll [2008-09-08 455960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
    SpywareGuardDLBLOCK.CBrowserHelper - D:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
    Spybot-S&D IE Protection - D:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-08-14 1562448]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
    AVG Security Toolbar - D:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-09-08 2055960]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - D:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-09-08 2055960]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "AlcWzrd "=D:\WINDOWS\ALCWZRD.EXE [2005-09-21 2807808]
    "Broadcom Wireless Manager UI "=D:\WINDOWS\system32\WLTRAY.exe [2008-09-07 1236992]
    "AVG8_TRAY "=D:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-09-08 1235736]
    "GrooveMonitor "=D:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2007-08-24 33648]
    "SunJavaUpdateSched "=D:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "TkBellExe "=D:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-09-08 185896]
    "Adobe Reader Speed Launcher "=D:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
    "iTunesHelper "=D:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
    "SmartDefrag "=D:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2008-09-08 1965296]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Cleanup "=D:\cleanup.exe [2008-09-14 19286]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "ctfmon.exe "=D:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "SpybotSD TeaTimer "=D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-08-18 1832272]
    "SUPERAntiSpyware "=D:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-08 1576176]
    "MsnMsgr "=D:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATICCC]
    D:\Program Files\ATI Technologies\ATI.ACE\cli.exe [2006-01-02 45056]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIModeChange]
    D:\WINDOWS\system32\Ati2mdxx.exe [2008-09-07 26112]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL]
    D:\WINDOWS\RTHDCPL.EXE [2005-09-22 14854144]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SoundMan]
    D:\WINDOWS\SOUNDMAN.EXE [2005-09-21 86016]

    D:\Documents and Settings\Charlie\Start Menu\Programs\Startup
    SpywareGuard.lnk - D:\Program Files\SpywareGuard\sgmain.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS "= "avgrsstx.dll "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
    D:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2008-09-08 352256]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
    D:\WINDOWS\system32\Ati2evxx.dll [2008-09-07 61440]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    D:\WINDOWS\system32\WgaLogon.dll [2006-06-27 3584]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - D:\WINDOWS\system32\wpdshserviceobj.dll [2007-07-22 133632]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
    "{81559C35-8464-49F7-BB0E-07A383BEF910} "=D:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]
    "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=D:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
    "{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} "=D:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]
    "{B5A7F190-DDA6-4420-B3BA-52453494E6CD} "=D:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "D:\Program Files\AVG\AVG8\avgupd.exe "= "D:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe "
    "D:\Program Files\AVG\AVG8\avgemc.exe "= "D:\Program Files\AVG\AVG8\avgemc.exe:*:Enabled:avgemc.exe "
    "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE "= "D:\Program Files\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook "
    "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE "= "D:\Program Files\Microsoft Office\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove "
    "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE "= "D:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote "
    "D:\Program Files\Common Files\AOL\Loader\aolload.exe "= "D:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader "
    "D:\Program Files\AIM6\aim6.exe "= "D:\Program Files\AIM6\aim6.exe:*:Enabled:AIM "
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
    "D:\Program Files\Windows Live\Messenger\livecall.exe "= "D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
    "D:\Program Files\Bonjour\mDNSResponder.exe "= "D:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
    "D:\Program Files\iTunes\iTunes.exe "= "D:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
    "D:\WINDOWS\system32\java.exe "= "D:\WINDOWS\system32\java.exe:*:Enabled:Java(TM) Platform SE binary "
    "D:\Program Files\Java\jre1.6.0_07\bin\javaw.exe "= "D:\Program Files\Java\jre1.6.0_07\bin\javaw.exe:*:Enabled:Java(TM) Platform SE binary "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "D:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "D:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
    "D:\Program Files\Windows Live\Messenger\livecall.exe "= "D:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
    shell\AutoRun\command - F:\LaunchU3.exe -a

    [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{595c7e9b-81ca-11dd-9e60-0016d41ac225}]
    shell\AutoRun\command - F:\LaunchU3.exe -a
     
    Charlie Ivey,
    #5
  7. 2008/09/14
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    List of files/folders created in the last three months

    2008-09-14 21:17:55 ----D---- D:\rsit
    2008-09-14 21:13:48 ----A---- D:\zip.exe
    2008-09-14 21:13:48 ----A---- D:\WINDOWS\system32\ncvgdsms.txt
    2008-09-14 21:13:48 ----A---- D:\cleanup.exe
    2008-09-14 21:13:48 ----A---- D:\cleanup.bat
    2008-09-13 18:30:25 ----D---- D:\Program Files\IObit
    2008-09-13 17:30:18 ----D---- D:\Program Files\CCleaner
    2008-09-12 20:13:26 ----D---- D:\WINDOWS\Sun
    2008-09-12 20:13:26 ----D---- D:\Documents and Settings\Charlie\Application Data\Sun
    2008-09-12 17:31:58 ----D---- D:\ComboFix
    2008-09-12 15:37:52 ----D---- D:\Documents and Settings\Charlie\Application Data\IrfanView
    2008-09-12 15:02:21 ----SHD---- D:\RECYCLER
    2008-09-12 14:56:49 ----A---- D:\WINDOWS\system32\tmp.txt
    2008-09-12 14:53:46 ----A---- D:\rapport.txt
    2008-09-12 14:53:05 ----A---- D:\WINDOWS\system32\404Fix.exe
    2008-09-12 14:53:04 ----A---- D:\WINDOWS\system32\IEDFix.exe
    2008-09-12 14:53:02 ----A---- D:\WINDOWS\system32\swxcacls.exe
    2008-09-12 14:53:01 ----A---- D:\WINDOWS\system32\swsc.exe
    2008-09-12 14:53:01 ----A---- D:\WINDOWS\system32\swreg.exe
    2008-09-12 01:13:56 ----A---- D:\ComboFix.txt
    2008-09-12 01:08:45 ----D---- D:\WINDOWS\temp
    2008-09-10 12:58:04 ----D---- D:\WINDOWS\erdnt
    2008-09-10 09:43:58 ----HDC---- D:\WINDOWS\$NtUninstallKB938464$
    2008-09-10 09:43:36 ----HDC---- D:\WINDOWS\$NtUninstallKB954154_WM11$
    2008-09-09 22:33:30 ----D---- D:\Program Files\Grooveshark
    2008-09-09 20:51:26 ----D---- D:\Documents and Settings\Charlie\Application Data\vlc
    2008-09-09 18:54:26 ----D---- D:\Program Files\iPod
    2008-09-09 18:54:24 ----D---- D:\Program Files\iTunes
    2008-09-09 18:54:24 ----D---- D:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-09-09 18:52:51 ----D---- D:\Program Files\Bonjour
    2008-09-09 18:50:16 ----D---- D:\Program Files\QuickTime
    2008-09-09 18:18:17 ----D---- D:\Documents and Settings\Charlie\Application Data\Help
    2008-09-09 14:42:38 ----D---- D:\Documents and Settings\Charlie\Application Data\LimeWire
    2008-09-09 12:55:29 ----D---- D:\Documents and Settings\All Users\Application Data\WinZip
    2008-09-09 11:18:33 ----D---- D:\Documents and Settings\Charlie\Application Data\acccore
    2008-09-09 04:10:51 ----HDC---- D:\WINDOWS\$NtUninstallKB951978$
    2008-09-08 23:35:05 ----A---- D:\VundoFix.txt
    2008-09-08 23:32:14 ----D---- D:\Program Files\MSXML 4.0
    2008-09-08 23:29:33 ----SHD---- D:\Config.Msi
    2008-09-08 23:24:56 ----A---- D:\WINDOWS\system32\wmpns.dll
    2008-09-08 23:23:54 ----D---- D:\WINDOWS\Prefetch
    2008-09-08 23:11:26 ----HDC---- D:\WINDOWS\$NtUninstallKB952954$
    2008-09-08 23:11:19 ----HDC---- D:\WINDOWS\$NtUninstallKB952287$
    2008-09-08 23:11:11 ----HDC---- D:\WINDOWS\$NtUninstallKB951748$
    2008-09-08 23:11:05 ----HDC---- D:\WINDOWS\$NtUninstallKB951698$
    2008-09-08 23:10:58 ----HDC---- D:\WINDOWS\$NtUninstallKB951376-v2$
    2008-09-08 23:10:50 ----HDC---- D:\WINDOWS\$NtUninstallKB951066$
    2008-09-08 23:10:44 ----HDC---- D:\WINDOWS\$NtUninstallKB950974$
    2008-09-08 23:10:38 ----HDC---- D:\WINDOWS\$NtUninstallKB950762$
    2008-09-08 23:10:28 ----HDC---- D:\WINDOWS\$NtUninstallKB946648$
    2008-09-08 23:02:14 ----D---- D:\WINDOWS\system32\scripting
    2008-09-08 23:02:12 ----D---- D:\WINDOWS\system32\en
    2008-09-08 23:02:11 ----D---- D:\WINDOWS\system32\bits
    2008-09-08 22:55:23 ----D---- D:\WINDOWS\ServicePackFiles
    2008-09-08 20:49:29 ----HDC---- D:\WINDOWS\$NtServicePackUninstall$
    2008-09-08 19:58:39 ----N---- D:\WINDOWS\system32\wmphoto.dll
    2008-09-08 19:58:34 ----N---- D:\WINDOWS\system32\windowscodecsext.dll
    2008-09-08 19:58:34 ----N---- D:\WINDOWS\system32\windowscodecs.dll
    2008-09-08 19:58:22 ----N---- D:\WINDOWS\system32\tspkg.dll
    2008-09-08 19:58:09 ----N---- D:\WINDOWS\system32\spupdwxp.exe
    2008-09-08 19:58:07 ----A---- D:\WINDOWS\system32\spdwnwxp.exe
    2008-09-08 19:58:05 ----N---- D:\WINDOWS\system32\slserv.exe
    2008-09-08 19:58:05 ----N---- D:\WINDOWS\system32\slrundll.exe
    2008-09-08 19:58:05 ----N---- D:\WINDOWS\system32\slgen.dll
    2008-09-08 19:58:05 ----N---- D:\WINDOWS\system32\slextspk.dll
    2008-09-08 19:58:05 ----N---- D:\WINDOWS\slrundll.exe
    2008-09-08 19:58:04 ----N---- D:\WINDOWS\system32\slcoinst.dll
    2008-09-08 19:58:01 ----N---- D:\WINDOWS\system32\setupn.exe
    2008-09-08 19:57:57 ----N---- D:\WINDOWS\system32\s3gnb.dll
    2008-09-08 19:57:53 ----N---- D:\WINDOWS\system32\rasqec.dll
    2008-09-08 19:57:52 ----N---- D:\WINDOWS\system32\qutil.dll
    2008-09-08 19:57:50 ----N---- D:\WINDOWS\system32\qcliprov.dll
    2008-09-08 19:57:50 ----N---- D:\WINDOWS\system32\qagentrt.dll
    2008-09-08 19:57:50 ----N---- D:\WINDOWS\system32\qagent.dll
    2008-09-08 19:57:47 ----N---- D:\WINDOWS\system32\photometadatahandler.dll
    2008-09-08 19:57:43 ----N---- D:\WINDOWS\system32\onex.dll
    2008-09-08 19:57:38 ----N---- D:\WINDOWS\system32\nv4_disp.dll
    2008-09-08 19:57:28 ----N---- D:\WINDOWS\system32\napstat.exe
    2008-09-08 19:57:28 ----N---- D:\WINDOWS\system32\napmontr.dll
    2008-09-08 19:57:28 ----N---- D:\WINDOWS\system32\napipsec.dll
    2008-09-08 19:57:27 ----N---- D:\WINDOWS\system32\mtxparhd.dll
    2008-09-08 19:57:26 ----A---- D:\WINDOWS\system32\msxml6r.dll
    2008-09-08 19:57:23 ----N---- D:\WINDOWS\system32\msshavmsg.dll
    2008-09-08 19:57:23 ----N---- D:\WINDOWS\system32\mssha.dll
    2008-09-08 19:56:42 ----N---- D:\WINDOWS\system32\l2gpstore.dll
    2008-09-08 19:56:28 ----N---- D:\WINDOWS\system32\kmsvc.dll
    2008-09-08 19:55:57 ----N---- D:\WINDOWS\system32\smtpapi.dll
    2008-09-08 19:55:56 ----N---- D:\WINDOWS\system32\rwnh.dll
    2008-09-08 19:55:51 ----N---- D:\WINDOWS\system32\comsdupd.exe
    2008-09-08 19:55:43 ----N---- D:\WINDOWS\system32\hsfcisp2.dll
    2008-09-08 19:55:33 ----A---- D:\WINDOWS\003140_.tmp
    2008-09-08 19:55:32 ----N---- D:\WINDOWS\system32\faxpatch.exe
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eapsvc.dll
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eapqec.dll
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eappprxy.dll
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eapphost.dll
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eappgnui.dll
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eappcfg.dll
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eapp3hst.dll
    2008-09-08 19:55:29 ----N---- D:\WINDOWS\system32\eapolqec.dll
    2008-09-08 19:55:24 ----N---- D:\WINDOWS\system32\dot3ui.dll
    2008-09-08 19:55:24 ----N---- D:\WINDOWS\system32\dot3svc.dll
    2008-09-08 19:55:24 ----N---- D:\WINDOWS\system32\dot3msm.dll
    2008-09-08 19:55:24 ----N---- D:\WINDOWS\system32\dot3gpclnt.dll
    2008-09-08 19:55:24 ----N---- D:\WINDOWS\system32\dot3dlg.dll
    2008-09-08 19:55:24 ----N---- D:\WINDOWS\system32\dot3cfg.dll
    2008-09-08 19:55:24 ----N---- D:\WINDOWS\system32\dot3api.dll
    2008-09-08 19:55:22 ----N---- D:\WINDOWS\system32\dimsroam.dll
    2008-09-08 19:55:21 ----N---- D:\WINDOWS\system32\dimsntfy.dll
    2008-09-08 19:55:21 ----N---- D:\WINDOWS\system32\dhcpqec.dll
    2008-09-08 19:55:15 ----N---- D:\WINDOWS\system32\credssp.dll
    2008-09-08 19:55:06 ----N---- D:\WINDOWS\system32\azroles.dll
    2008-09-08 19:55:01 ----N---- D:\WINDOWS\system32\ativtmxx.dll
    2008-09-08 19:54:59 ----N---- D:\WINDOWS\system32\ati3d1ag.dll
    2008-09-08 19:54:59 ----N---- D:\WINDOWS\system32\ati2dvaa.dll
    2008-09-08 17:11:05 ----D---- D:\Program Files\NOS
    2008-09-08 17:11:05 ----D---- D:\Documents and Settings\All Users\Application Data\NOS
    2008-09-08 15:43:08 ----D---- D:\Documents and Settings\Charlie\Application Data\DivX
    2008-09-08 14:56:43 ----D---- D:\Program Files\Common Files\Adobe AIR
    2008-09-08 14:54:44 ----D---- D:\Documents and Settings\All Users\Application Data\Adobe
    2008-09-08 14:54:20 ----D---- D:\Program Files\Common Files\Adobe
    2008-09-08 14:54:20 ----D---- D:\Program Files\Adobe
    2008-09-08 11:36:39 ----D---- D:\Documents and Settings\Charlie\Application Data\Adobe
    2008-09-08 11:29:44 ----HD---- D:\WINDOWS\PIF
    2008-09-08 11:29:24 ----D---- D:\Documents and Settings\Charlie\Application Data\WinRAR
    2008-09-08 04:14:24 ----D---- D:\Program Files\WinRAR
    2008-09-08 04:13:23 ----D---- D:\Program Files\VideoLAN
    2008-09-08 04:13:09 ----D---- D:\Program Files\templates
    2008-09-08 04:13:09 ----A---- D:\Program Files\wmdmhelper.dll
    2008-09-08 04:13:02 ----A---- D:\Program Files\dtdr3260.dll
    2008-09-08 04:12:54 ----D---- D:\Program Files\Devices
    2008-09-08 04:12:54 ----D---- D:\Program Files\CDBurning
    2008-09-08 04:12:53 ----A---- D:\Program Files\rjprog.dll
    2008-09-08 04:12:53 ----A---- D:\Program Files\rjdlg.dll
    2008-09-08 04:12:53 ----A---- D:\Program Files\DUNZIP32.dll
    2008-09-08 04:12:52 ----A---- D:\Program Files\rjbres.dll
    2008-09-08 04:12:51 ----A---- D:\Program Files\ierjplug.dll
    2008-09-08 04:12:50 ----A---- D:\Program Files\fixrjb.exe
    2008-09-08 04:12:49 ----A---- D:\Program Files\tnetdtct.dll
    2008-09-08 04:12:49 ----A---- D:\Program Files\mmcdda32.dll
    2008-09-08 04:12:48 ----A---- D:\Program Files\tsasdk.dll
    2008-09-08 04:12:48 ----A---- D:\Program Files\tpasdk.dll
    2008-09-08 04:12:39 ----D---- D:\Program Files\Common Files\xing shared
    2008-09-08 04:12:36 ----A---- D:\Program Files\rpwa3260.dll
    2008-09-08 04:12:33 ----A---- D:\Program Files\rpshellsearch.dll
    2008-09-08 04:12:33 ----A---- D:\Program Files\RecordingManager.exe.manifest
    2008-09-08 04:12:33 ----A---- D:\Program Files\RecordingManager.exe
    2008-09-08 04:12:32 ----D---- D:\Program Files\browserrecord
    2008-09-08 04:12:31 ----D---- D:\Program Files\producer
    2008-09-08 04:12:31 ----A---- D:\Program Files\rpbrowserrecordplugin.dll
    2008-09-08 04:12:31 ----A---- D:\Program Files\dbghelp.dll
    2008-09-08 04:12:30 ----A---- D:\Program Files\rjwmapln.dll
    2008-09-08 04:12:27 ----D---- D:\Program Files\plugins
    2008-09-08 04:12:25 ----A---- D:\Program Files\rpau3260.dll
    2008-09-08 04:12:25 ----A---- D:\Program Files\RealNetworks License.txt
    2008-09-08 04:12:24 ----A---- D:\Program Files\playrlic.txt
    2008-09-08 04:12:20 ----A---- D:\WINDOWS\system32\rmoc3260.dll
    2008-09-08 04:12:10 ----D---- D:\Program Files\DataCache
    2008-09-08 04:12:10 ----A---- D:\Program Files\HXAudioDeviceHook.dll
    2008-09-08 04:12:09 ----D---- D:\Program Files\Netscape6
    2008-09-08 04:12:08 ----A---- D:\Program Files\rdsf3260.dll
    2008-09-08 04:12:07 ----A---- D:\Program Files\rpshellextension.dll
    2008-09-08 04:12:07 ----A---- D:\Program Files\rpplugprot.dll
    2008-09-08 04:12:06 ----A---- D:\Program Files\rpshell.dll
    2008-09-08 04:12:05 ----D---- D:\Program Files\library
    2008-09-08 04:11:57 ----D---- D:\Program Files\rpplugins
    2008-09-08 04:11:56 ----A---- D:\WINDOWS\system32\pndx5032.dll
    2008-09-08 04:11:56 ----A---- D:\WINDOWS\system32\pndx5016.dll
    2008-09-08 04:11:54 ----A---- D:\Program Files\rphelperapp.exe
    2008-09-08 04:11:54 ----A---- D:\Program Files\realjbox.exe
    2008-09-08 04:11:53 ----A---- D:\Program Files\realplay.exe.manifest
    2008-09-08 04:11:53 ----A---- D:\Program Files\realplay.exe
    2008-09-08 04:11:52 ----D---- D:\Program Files\Setup
    2008-09-08 04:11:50 ----A---- D:\WINDOWS\system32\pncrt.dll
    2008-09-08 04:11:37 ----D---- D:\Program Files\Common Files\Real
    2008-09-08 04:11:03 ----D---- D:\Documents and Settings\Charlie\Application Data\Real
    2008-09-08 04:10:31 ----SHDC---- D:\Program Files\Common Files\WindowsLiveInstaller
    2008-09-08 04:10:10 ----D---- D:\Program Files\Windows Live
    2008-09-08 04:09:53 ----D---- D:\Documents and Settings\All Users\Application Data\WLInstaller
    2008-09-08 04:08:25 ----A---- D:\WINDOWS\system32\javaws.exe
    2008-09-08 04:08:24 ----A---- D:\WINDOWS\system32\javaw.exe
    2008-09-08 04:08:24 ----A---- D:\WINDOWS\system32\java.exe
    2008-09-08 04:07:30 ----D---- D:\Program Files\Java
    2008-09-08 04:07:26 ----D---- D:\Program Files\GoldWave
    2008-09-08 04:06:49 ----D---- D:\Program Files\Common Files\Java
    2008-09-08 04:05:42 ----N---- D:\WINDOWS\system32\pxinsi64.exe
    2008-09-08 04:05:42 ----N---- D:\WINDOWS\system32\pxcpyi64.exe
    2008-09-08 04:05:11 ----D---- D:\Program Files\DivX
    2008-09-08 04:04:29 ----D---- D:\Documents and Settings\Charlie\Application Data\Apple Computer
    2008-09-08 04:03:57 ----N---- D:\WINDOWS\system32\pxinsa64.exe
    2008-09-08 04:03:57 ----N---- D:\WINDOWS\system32\pxcpya64.exe
    2008-09-08 04:03:56 ----N---- D:\WINDOWS\system32\vxblock.dll
    2008-09-08 04:03:56 ----N---- D:\WINDOWS\system32\pxwave.dll
    2008-09-08 04:03:56 ----N---- D:\WINDOWS\system32\pxsfs.dll
    2008-09-08 04:03:56 ----N---- D:\WINDOWS\system32\pxhpinst.exe
    2008-09-08 04:03:56 ----N---- D:\WINDOWS\system32\pxdrv.dll
    2008-09-08 04:03:56 ----N---- D:\WINDOWS\system32\pxafs.dll
    2008-09-08 04:03:55 ----N---- D:\WINDOWS\system32\pxmas.dll
    2008-09-08 04:03:55 ----N---- D:\WINDOWS\system32\px.dll
    2008-09-08 04:03:50 ----D---- D:\Program Files\Winamp
    2008-09-08 04:03:50 ----D---- D:\Documents and Settings\Charlie\Application Data\Winamp
    2008-09-08 04:02:30 ----D---- D:\Documents and Settings\All Users\Application Data\Viewpoint
    2008-09-08 04:02:25 ----D---- D:\Program Files\Viewpoint
    2008-09-08 04:02:23 ----D---- D:\Documents and Settings\All Users\Application Data\acccore
    2008-09-08 04:02:02 ----D---- D:\Documents and Settings\All Users\Application Data\AOL OCP
    2008-09-08 04:02:02 ----D---- D:\Documents and Settings\All Users\Application Data\AOL
    2008-09-08 04:01:31 ----D---- D:\Program Files\Common Files\AOL
    2008-09-08 04:01:15 ----D---- D:\Documents and Settings\All Users\Application Data\Apple Computer
    2008-09-08 04:01:11 ----D---- D:\Program Files\AIM6
    2008-09-08 04:00:43 ----D---- D:\Program Files\PokerStars
    2008-09-08 04:00:31 ----D---- D:\Program Files\Apple Software Update
    2008-09-08 03:59:44 ----D---- D:\Program Files\LimeWire
    2008-09-08 03:59:29 ----D---- D:\Program Files\Common Files\Apple
    2008-09-08 03:59:28 ----D---- D:\Documents and Settings\All Users\Application Data\Apple
    2008-09-08 03:18:33 ----HDC---- D:\WINDOWS\$NtUninstallKB951376-v2_0$
    2008-09-08 03:18:26 ----HDC---- D:\WINDOWS\$NtUninstallKB952954_0$
    2008-09-08 03:18:21 ----HDC---- D:\WINDOWS\$NtUninstallKB946648_0$
    2008-09-08 03:18:14 ----HDC---- D:\WINDOWS\$NtUninstallKB953839$
    2008-09-08 03:18:06 ----HDC---- D:\WINDOWS\$NtUninstallKB950974_0$
    2008-09-08 03:17:56 ----HDC---- D:\WINDOWS\$NtUninstallKB951698_0$
    2008-09-08 03:17:41 ----D---- D:\Program Files\MSXML 6.0
    2008-09-08 03:17:30 ----HDC---- D:\WINDOWS\$NtUninstallKB941569$
    2008-09-08 03:16:50 ----HDC---- D:\WINDOWS\$NtUninstallKB950762_0$
    2008-09-08 03:16:26 ----HDC---- D:\WINDOWS\$NtUninstallKB951072-v2$
    2008-09-08 03:16:07 ----HDC---- D:\WINDOWS\$NtUninstallKB952287_0$
    2008-09-08 03:14:45 ----A---- D:\WINDOWS\system32\msonpmon.dll
    2008-09-08 03:13:15 ----HDC---- D:\WINDOWS\$NtUninstallKB939683$
    2008-09-08 03:12:22 ----HDC---- D:\WINDOWS\$NtUninstallKB951066_0$
    2008-09-08 03:12:05 ----HDC---- D:\WINDOWS\$NtUninstallKB951748_0$
    2008-09-08 03:11:44 ----D---- D:\WINDOWS\ie7updates
    2008-09-08 03:11:07 ----D---- D:\Program Files\Microsoft Works
    2008-09-08 03:10:43 ----D---- D:\Program Files\MSBuild
    2008-09-08 03:10:29 ----HDC---- D:\WINDOWS\$NtUninstallKB950749$
    2008-09-08 03:09:51 ----D---- D:\Program Files\Microsoft Visual Studio
    2008-09-08 03:09:50 ----D---- D:\Program Files\Common Files\DESIGNER
    2008-09-08 03:09:39 ----HDC---- D:\WINDOWS\$NtUninstallKB932823-v3$
    2008-09-08 03:07:56 ----A---- D:\WINDOWS\system32\spupdsvc.exe
    2008-09-08 03:07:50 ----HDC---- D:\WINDOWS\$NtUninstallKB936782_WMP11$
    2008-09-08 03:07:05 ----D---- D:\Program Files\Microsoft.NET
    2008-09-08 03:04:26 ----HDC---- D:\WINDOWS\$NtUninstallKB944338-v2$
    2008-09-08 03:04:17 ----HD---- D:\WINDOWS\$hf_mig$
    2008-09-08 02:56:45 ----D---- D:\Program Files\Microsoft Visual Studio 8
    2008-09-08 02:52:42 ----D---- D:\WINDOWS\SHELLNEW
    2008-09-08 02:49:56 ----D---- D:\Program Files\Microsoft Office
    2008-09-08 02:49:51 ----D---- D:\Documents and Settings\All Users\Application Data\Microsoft Help
    2008-09-08 02:48:50 ----RHD---- D:\MSOCache
    2008-09-08 02:40:32 ----D---- D:\Program Files\Windows Defender
    2008-09-08 02:35:11 ----D---- D:\Documents and Settings\Charlie\Application Data\Malwarebytes
    2008-09-08 02:34:57 ----D---- D:\Documents and Settings\All Users\Application Data\Malwarebytes
    2008-09-08 02:34:56 ----D---- D:\Program Files\Malwarebytes' Anti-Malware
    2008-09-08 02:30:03 ----D---- D:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
    2008-09-08 02:29:37 ----D---- D:\Program Files\SUPERAntiSpyware
    2008-09-08 02:29:37 ----D---- D:\Documents and Settings\Charlie\Application Data\SUPERAntiSpyware.com
    2008-09-08 02:28:29 ----D---- D:\Program Files\SpywareGuard
    2008-09-08 02:28:25 ----D---- D:\Program Files\Spybot - Search & Destroy
    2008-09-08 02:28:25 ----D---- D:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
    2008-09-08 02:26:35 ----D---- D:\Documents and Settings\Charlie\Application Data\Mozilla
    2008-09-08 02:25:44 ----D---- D:\Program Files\SpywareBlaster
    2008-09-08 02:22:29 ----D---- D:\Program Files\Mozilla Firefox
    2008-09-08 02:21:51 ----D---- D:\Program Files\IrfanView
    2008-09-08 02:17:22 ----AD---- D:\Documents and Settings\All Users\Application Data\TEMP
    2008-09-08 02:16:54 ----A---- D:\WINDOWS\system32\MSSTDFMT.DLL
    2008-09-08 02:16:45 ----D---- D:\Program Files\Lavasoft
    2008-09-08 02:16:42 ----D---- D:\Documents and Settings\All Users\Application Data\Lavasoft
    2008-09-08 02:15:16 ----D---- D:\Program Files\Common Files\Wise Installation Wizard
    2008-09-08 02:11:59 ----HD---- D:\$AVG8.VAULT$
    2008-09-08 02:09:42 ----D---- D:\Program Files\NoAdware5.0
    2008-09-08 02:08:09 ----A---- D:\WINDOWS\system32\avgrsstx.dll
    2008-09-08 02:07:57 ----D---- D:\Documents and Settings\Charlie\Application Data\AVGTOOLBAR
    2008-09-08 01:40:52 ----D---- D:\Program Files\AVG
    2008-09-08 01:40:50 ----D---- D:\Documents and Settings\All Users\Application Data\avg8
    2008-09-08 01:33:43 ----RD---- D:\Ivey's Movies
    2008-09-08 00:42:16 ----N---- D:\WINDOWS\system32\WgaTray.exe
    2008-09-08 00:42:16 ----N---- D:\WINDOWS\system32\WgaLogon.dll
    2008-09-08 00:41:32 ----D---- D:\Documents and Settings\All Users\Application Data\Office Genuine Advantage
    2008-09-08 00:41:21 ----D---- D:\Documents and Settings\Charlie\Application Data\Macromedia
    2008-09-08 00:39:45 ----D---- D:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
    2008-09-08 00:38:18 ----N---- D:\WINDOWS\system32\spmsg.dll
    2008-09-08 00:26:16 ----D---- D:\Program Files\Broadcom
    2008-09-08 00:26:16 ----A---- D:\WINDOWS\system32\BCMLogon.dll
    2008-09-08 00:25:19 ----D---- D:\WINDOWS\SMSC
    2008-09-08 00:20:06 ----D---- D:\WINDOWS\CSC
    2008-09-08 00:12:37 ----D---- D:\WINDOWS\pss
    2008-09-08 00:07:43 ----D---- D:\Program Files\DIFX
    2008-09-08 00:07:39 ----D---- D:\WINDOWS\system32\ReinstallBackups
    2008-09-08 00:07:35 ----DC---- D:\WINDOWS\system32\DRVSTORE
    2008-09-07 23:58:17 ----A---- D:\WINDOWS\ntbtlog.txt
    2008-09-07 23:51:15 ----D---- D:\WINDOWS\system32\Lang
    2008-09-07 23:51:14 ----D---- D:\Documents and Settings\Charlie\Application Data\ATI
    2008-09-07 23:49:46 ----D---- D:\Program Files\Common Files\ATI Technologies
    2008-09-07 23:49:23 ----D---- D:\Program Files\CONEXANT
    2008-09-07 23:47:59 ----D---- D:\WINDOWS\system32\RTCOM
    2008-09-07 23:47:51 ----A---- D:\WINDOWS\system32\ksuser.dll
    2008-09-07 23:43:02 ----RSD---- D:\WINDOWS\assembly
    2008-09-07 23:42:21 ----D---- D:\WINDOWS\Microsoft.NET
    2008-09-07 23:40:48 ----D---- D:\Program Files\ATI Technologies
    2008-09-07 23:40:46 ----HD---- D:\Program Files\InstallShield Installation Information
    2008-09-07 23:40:04 ----D---- D:\Program Files\Common Files\InstallShield
    2008-09-07 23:39:43 ----N---- D:\WINDOWS\system32\tzchange.exe
    2008-09-07 23:34:31 ----D---- D:\Documents and Settings\Charlie\Application Data\Identities
    2008-09-07 23:34:29 ----D---- D:\WINDOWS\system32\SoftwareDistribution
    2008-09-07 23:34:23 ----HD---- D:\Program Files\Uninstall Information
    2008-09-07 23:34:11 ----ASH---- D:\Documents and Settings\Charlie\Application Data\desktop.ini
    2008-09-07 23:34:10 ----SD---- D:\Documents and Settings\Charlie\Application Data\Microsoft
    2008-09-07 23:32:33 ----SD---- D:\WINDOWS\system32\Microsoft
    2008-09-07 23:32:33 ----A---- D:\WINDOWS\SchedLgU.Txt
    2008-09-07 23:25:38 ----D---- D:\WINDOWS\system32\xircom
    2008-09-07 23:25:38 ----D---- D:\Program Files\xerox
    2008-09-07 23:25:38 ----D---- D:\Program Files\microsoft frontpage
    2008-09-07 23:25:05 ----A---- D:\WINDOWS\control.ini
    2008-09-07 23:24:47 ----A---- D:\WINDOWS\OEWABLog.txt
    2008-09-07 23:24:43 ----A---- D:\WINDOWS\system32\mapi32.dll
    2008-09-07 23:22:59 ----RAH---- D:\WINDOWS\system32\logonui.exe.manifest
    2008-09-07 23:22:51 ----RAH---- D:\WINDOWS\system32\cdplayer.exe.manifest
    2008-09-07 23:22:43 ----HD---- D:\Program Files\WindowsUpdate
    2008-09-07 23:22:10 ----D---- D:\WINDOWS\system32\DirectX
    2008-09-07 23:21:42 ----A---- D:\WINDOWS\system32\atrace.dll
    2008-09-07 23:21:39 ----A---- D:\WINDOWS\system32\desktop.ini
    2008-09-07 23:21:39 ----A---- D:\WINDOWS\desktop.ini
    2008-09-07 23:21:30 ----A---- D:\WINDOWS\system32\nmevtmsg.dll
    2008-09-07 23:21:29 ----A---- D:\WINDOWS\system32\acctres.dll
    2008-09-07 23:21:28 ----D---- D:\Program Files\Common Files\Services
    2008-09-07 23:21:25 ----SD---- D:\WINDOWS\Tasks
    2008-09-07 23:21:25 ----A---- D:\WINDOWS\system32\icfgnt5.dll
    2008-09-07 23:21:24 ----D---- D:\Program Files\Common Files\MSSoap
    2008-09-07 23:21:18 ----D---- D:\WINDOWS\srchasst
    2008-09-07 23:21:14 ----A---- D:\WINDOWS\system32\wuweb.dll
    2008-09-07 23:21:14 ----A---- D:\WINDOWS\system32\wucltui.dll
    2008-09-07 23:21:14 ----A---- D:\WINDOWS\system32\wuauserv.dll
    2008-09-07 23:21:14 ----A---- D:\WINDOWS\system32\wuaueng1.dll
    2008-09-07 23:21:13 ----A---- D:\WINDOWS\system32\wups.dll
    2008-09-07 23:21:13 ----A---- D:\WINDOWS\system32\wuaueng.dll.wusetup.182515.bak
    2008-09-07 23:21:13 ----A---- D:\WINDOWS\system32\wuaueng.dll
    2008-09-07 23:21:12 ----A---- D:\WINDOWS\system32\wuauclt1.exe
    2008-09-07 23:21:12 ----A---- D:\WINDOWS\system32\wuauclt.exe.wusetup.181656.bak
    2008-09-07 23:21:12 ----A---- D:\WINDOWS\system32\wuauclt.exe
    2008-09-07 23:21:12 ----A---- D:\WINDOWS\system32\wuapi.dll.wusetup.179906.bak
    2008-09-07 23:21:12 ----A---- D:\WINDOWS\system32\wuapi.dll
    2008-09-07 23:21:12 ----A---- D:\WINDOWS\system32\bitsprx3.dll
    2008-09-07 23:21:12 ----A---- D:\WINDOWS\system32\bitsprx2.dll
    2008-09-07 23:21:11 ----A---- D:\WINDOWS\system32\qmgrprxy.dll
    2008-09-07 23:21:11 ----A---- D:\WINDOWS\system32\qmgr.dll
    2008-09-07 23:21:06 ----D---- D:\Program Files\Movie Maker
    2008-09-07 23:21:01 ----A---- D:\WINDOWS\system32\safrslv.dll
    2008-09-07 23:21:01 ----A---- D:\WINDOWS\system32\safrdm.dll
    2008-09-07 23:21:01 ----A---- D:\WINDOWS\system32\safrcdlg.dll
    2008-09-07 23:21:01 ----A---- D:\WINDOWS\system32\racpldlg.dll
    2008-09-07 23:20:54 ----D---- D:\WINDOWS\system32\Restore
    2008-09-07 23:20:54 ----A---- D:\WINDOWS\system32\srsvc.dll
    2008-09-07 23:20:54 ----A---- D:\WINDOWS\system32\srrstr.dll
    2008-09-07 23:20:54 ----A---- D:\WINDOWS\system32\fltmc.exe
    2008-09-07 23:20:54 ----A---- D:\WINDOWS\system32\fltlib.dll
    2008-09-07 23:20:53 ----A---- D:\WINDOWS\system32\srclient.dll
    2008-09-07 23:20:53 ----A---- D:\WINDOWS\system32\isrdbg32.dll
    2008-09-07 23:20:53 ----A---- D:\WINDOWS\system32\ils.dll
    2008-09-07 23:20:52 ----A---- D:\WINDOWS\system32\nmmkcert.dll
    2008-09-07 23:20:52 ----A---- D:\WINDOWS\system32\msconf.dll
    2008-09-07 23:20:52 ----A---- D:\WINDOWS\system32\mnmsrvc.exe
    2008-09-07 23:20:52 ----A---- D:\WINDOWS\system32\mnmdd.dll
    2008-09-07 23:20:48 ----D---- D:\Program Files\NetMeeting
    2008-09-07 23:20:48 ----A---- D:\WINDOWS\system32\msoert2.dll
    2008-09-07 23:20:48 ----A---- D:\WINDOWS\system32\msoeacct.dll
    2008-09-07 23:20:46 ----A---- D:\WINDOWS\system32\inetres.dll
    2008-09-07 23:20:46 ----A---- D:\WINDOWS\system32\inetcomm.dll
    2008-09-07 23:20:44 ----D---- D:\Program Files\Outlook Express
    2008-09-07 23:20:44 ----A---- D:\WINDOWS\system32\schedsvc.dll
    2008-09-07 23:20:43 ----A---- D:\WINDOWS\system32\mstinit.exe
    2008-09-07 23:20:43 ----A---- D:\WINDOWS\system32\mstask.dll
    2008-09-07 23:20:43 ----A---- D:\WINDOWS\system32\icwphbk.dll
    2008-09-07 23:20:43 ----A---- D:\WINDOWS\system32\icwdial.dll
    2008-09-07 23:20:42 ----A---- D:\WINDOWS\system32\isign32.dll
    2008-09-07 23:20:42 ----A---- D:\WINDOWS\system32\inetcfg.dll
    2008-09-07 23:20:35 ----D---- D:\Program Files\Common Files\System
    2008-09-07 23:19:45 ----D---- D:\Program Files\ComPlus Applications
    2008-09-07 23:19:43 ----A---- D:\WINDOWS\vbaddin.ini
    2008-09-07 23:19:43 ----A---- D:\WINDOWS\vb.ini
    2008-09-07 23:19:38 ----D---- D:\WINDOWS\Registration
    2008-09-07 23:19:29 ----D---- D:\Program Files\Online Services
    2008-09-07 23:19:16 ----D---- D:\Program Files\Windows Media Connect 2
    2008-09-07 23:19:14 ----D---- D:\Program Files\Windows Media Player
    2008-09-07 23:19:13 ----A---- D:\WINDOWS\system32\ieframe.dll.mui
    2008-09-07 23:19:12 ----A---- D:\WINDOWS\system32\advpack.dll.mui
    2008-09-07 23:19:11 ----SD---- D:\WINDOWS\Downloaded Program Files
    2008-09-07 23:19:11 ----D---- D:\WINDOWS\Offline Web Pages
    2008-09-07 23:19:11 ----A---- D:\WINDOWS\system32\winfxdocobj.exe
    2008-09-07 23:19:10 ----A---- D:\WINDOWS\system32\msfeedssync.exe
     
    Charlie Ivey,
    #6
  8. 2008/09/14
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    2008-09-07 23:19:09 ----D---- D:\WINDOWS\wbem
    2008-09-07 23:19:09 ----A---- D:\WINDOWS\system32\msfeedsbs.dll
    2008-09-07 23:19:07 ----D---- D:\Program Files\Internet Explorer
    2008-09-07 23:19:05 ----D---- D:\Program Files\Messenger
    2008-09-07 23:19:00 ----D---- D:\Program Files\MSN Gaming Zone
    2008-09-07 23:19:00 ----A---- D:\WINDOWS\system32\write.exe
    2008-09-07 23:18:51 ----A---- D:\WINDOWS\system32\sndvol32.exe
    2008-09-07 23:18:51 ----A---- D:\WINDOWS\system32\hticons.dll
    2008-09-07 23:18:50 ----A---- D:\WINDOWS\system32\winchat.exe
    2008-09-07 23:18:50 ----A---- D:\WINDOWS\system32\avwav.dll
    2008-09-07 23:18:50 ----A---- D:\WINDOWS\system32\avtapi.dll
    2008-09-07 23:18:50 ----A---- D:\WINDOWS\system32\avmeter.dll
    2008-09-07 23:18:42 ----A---- D:\WINDOWS\system32\sol.exe
    2008-09-07 23:18:42 ----A---- D:\WINDOWS\system32\getuname.dll
    2008-09-07 23:18:42 ----A---- D:\WINDOWS\system32\charmap.exe
    2008-09-07 23:18:42 ----A---- D:\WINDOWS\system32\calc.exe
    2008-09-07 23:18:41 ----A---- D:\WINDOWS\system32\winmine.exe
    2008-09-07 23:18:41 ----A---- D:\WINDOWS\system32\reset.exe
    2008-09-07 23:18:41 ----A---- D:\WINDOWS\system32\mshearts.exe
    2008-09-07 23:18:41 ----A---- D:\WINDOWS\system32\freecell.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\usrlogon.cmd
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\tsshutdn.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\tslabels.ini
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\tskill.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\tsdiscon.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\tscon.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\shadow.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\rwinsta.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\regini.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\rdpcfgex.dll
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\qwinsta.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\qappsrv.exe
    2008-09-07 23:18:40 ----A---- D:\WINDOWS\system32\msg.exe
    2008-09-07 23:18:39 ----A---- D:\WINDOWS\system32\msdtcprf.ini
    2008-09-07 23:18:39 ----A---- D:\WINDOWS\system32\logoff.exe
    2008-09-07 23:18:39 ----A---- D:\WINDOWS\system32\cdmodem.dll
    2008-09-07 23:18:38 ----A---- D:\WINDOWS\system32\stclient.dll
    2008-09-07 23:18:38 ----A---- D:\WINDOWS\system32\mtxlegih.dll
    2008-09-07 23:18:38 ----A---- D:\WINDOWS\system32\mtxex.dll
    2008-09-07 23:18:38 ----A---- D:\WINDOWS\system32\mtxdm.dll
    2008-09-07 23:18:38 ----A---- D:\WINDOWS\system32\dcomcnfg.exe
    2008-09-07 23:18:38 ----A---- D:\WINDOWS\system32\comrepl.dll
    2008-09-07 23:18:38 ----A---- D:\WINDOWS\system32\comaddin.dll
    2008-09-07 23:18:37 ----A---- D:\WINDOWS\system32\comsnap.dll
    2008-09-07 23:18:32 ----A---- D:\WINDOWS\system32\wmimgmt.msc
    2008-09-07 23:18:12 ----D---- D:\Program Files\MSN
    2008-09-07 23:18:11 ----A---- D:\WINDOWS\system32\sndrec32.exe
    2008-09-07 23:18:11 ----A---- D:\WINDOWS\system32\mplay32.exe
    2008-09-07 23:18:11 ----A---- D:\WINDOWS\system32\accwiz.exe
    2008-09-07 23:18:10 ----D---- D:\Program Files\Windows NT
    2008-09-07 23:18:10 ----A---- D:\WINDOWS\system32\mspaint.exe
    2008-09-07 23:18:10 ----A---- D:\WINDOWS\system32\hypertrm.dll
    2008-09-07 23:18:10 ----A---- D:\WINDOWS\system32\clipbrd.exe
    2008-09-07 23:18:09 ----A---- D:\WINDOWS\system32\spider.exe
    2008-09-07 23:18:08 ----A---- D:\WINDOWS\system32\tscfgwmi.dll
    2008-09-07 23:18:08 ----A---- D:\WINDOWS\system32\mstscax.dll
    2008-09-07 23:18:07 ----A---- D:\WINDOWS\system32\sessmgr.exe
    2008-09-07 23:18:07 ----A---- D:\WINDOWS\system32\remotepg.dll
    2008-09-07 23:18:07 ----A---- D:\WINDOWS\system32\rdshost.exe
    2008-09-07 23:18:07 ----A---- D:\WINDOWS\system32\rdsaddin.exe
    2008-09-07 23:18:07 ----A---- D:\WINDOWS\system32\rdchost.dll
    2008-09-07 23:18:07 ----A---- D:\WINDOWS\system32\mstsc.exe
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\tscupgrd.exe
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\termsrv.dll
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\rdpwsx.dll
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\rdpsnd.dll
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\rdpclip.exe
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\qprocess.exe
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\icaapi.dll
    2008-09-07 23:18:06 ----A---- D:\WINDOWS\system32\cfgbkend.dll
    2008-09-07 23:18:05 ----D---- D:\WINDOWS\system32\MsDtc
    2008-09-07 23:18:05 ----A---- D:\WINDOWS\system32\mtxoci.dll
    2008-09-07 23:18:05 ----A---- D:\WINDOWS\system32\msdtcuiu.dll
    2008-09-07 23:18:05 ----A---- D:\WINDOWS\system32\msdtcprx.dll
    2008-09-07 23:18:04 ----A---- D:\WINDOWS\system32\xolehlp.dll
    2008-09-07 23:18:04 ----A---- D:\WINDOWS\system32\msdtctm.dll
    2008-09-07 23:18:04 ----A---- D:\WINDOWS\system32\msdtclog.dll
    2008-09-07 23:18:04 ----A---- D:\WINDOWS\system32\msdtc.exe
    2008-09-07 23:18:03 ----D---- D:\WINDOWS\system32\Com
    2008-09-07 23:18:03 ----A---- D:\WINDOWS\system32\colbact.dll
    2008-09-07 23:18:03 ----A---- D:\WINDOWS\system32\clbcatex.dll
    2008-09-07 23:18:03 ----A---- D:\WINDOWS\system32\catsrvps.dll
    2008-09-07 23:18:02 ----A---- D:\WINDOWS\system32\comsvcs.dll
    2008-09-07 23:18:02 ----A---- D:\WINDOWS\system32\catsrvut.dll
    2008-09-07 23:18:02 ----A---- D:\WINDOWS\system32\catsrv.dll
    2008-09-07 23:18:01 ----A---- D:\WINDOWS\system32\comuid.dll
    2008-09-07 23:18:01 ----A---- D:\WINDOWS\system32\clbcatq.dll
    2008-09-07 23:17:53 ----A---- D:\WINDOWS\system32\servdeps.dll
    2008-09-07 23:17:53 ----A---- D:\WINDOWS\system32\mmfutil.dll
    2008-09-07 23:17:53 ----A---- D:\WINDOWS\system32\licwmi.dll
    2008-09-07 23:17:51 ----A---- D:\WINDOWS\system32\cmprops.dll
    2008-09-07 22:22:14 ----A---- D:\WINDOWS\system32\atioglx1.dll
    2008-09-07 22:22:13 ----A---- D:\WINDOWS\system32\atikvmag.dll
    2008-09-07 22:22:12 ----A---- D:\WINDOWS\system32\ATIDDC.DLL
    2008-09-07 22:22:11 ----A---- D:\WINDOWS\system32\ati2evxx.dll
    2008-09-07 22:22:10 ----A---- D:\WINDOWS\system32\ati2edxx.dll
    2008-09-07 22:22:09 ----A---- D:\WINDOWS\system32\ativvaxx.dll
    2008-09-07 22:22:02 ----A---- D:\WINDOWS\system32\atipdlxx.dll
    2008-09-07 22:22:01 ----A---- D:\WINDOWS\system32\Ati2mdxx.exe
    2008-09-07 22:22:00 ----A---- D:\WINDOWS\system32\ativcoxx.dll
    2008-09-07 22:21:59 ----A---- D:\WINDOWS\system32\atitvo32.dll
    2008-09-07 22:21:59 ----A---- D:\WINDOWS\system32\atiiiexx.dll
    2008-09-07 22:21:58 ----A---- D:\WINDOWS\system32\Oemdspif.dll
    2008-09-07 22:21:57 ----A---- D:\WINDOWS\system32\ati2evxx.exe
    2008-09-07 22:21:55 ----A---- D:\WINDOWS\system32\atioglxx.dll
    2008-09-07 22:21:54 ----A---- D:\WINDOWS\system32\ati3duag.dll
    2008-09-07 22:21:53 ----A---- D:\WINDOWS\system32\ati2cqag.dll
    2008-09-07 22:21:52 ----A---- D:\WINDOWS\system32\ati2dvag.dll
    2008-09-07 22:13:36 ----A---- D:\WINDOWS\system32\WLTRYSVC.EXE
    2008-09-07 22:13:36 ----A---- D:\WINDOWS\system32\wltrynt.dll
    2008-09-07 22:13:35 ----A---- D:\WINDOWS\system32\WLTRAY.EXE
    2008-09-07 22:13:34 ----A---- D:\WINDOWS\system32\WLBCGCBPRO731.DLL
    2008-09-07 22:13:30 ----A---- D:\WINDOWS\system32\preflib.dll
    2008-09-07 22:13:30 ----A---- D:\WINDOWS\system32\MSVCR71.DLL
    2008-09-07 22:13:29 ----A---- D:\WINDOWS\system32\MSVCP71.DLL
    2008-09-07 22:13:28 ----A---- D:\WINDOWS\system32\MFC71.DLL
    2008-09-07 22:13:21 ----A---- D:\WINDOWS\system32\bcmwlu00.exe
    2008-09-07 22:13:20 ----A---- D:\WINDOWS\system32\BCMWLTRY.EXE
    2008-09-07 22:13:17 ----A---- D:\WINDOWS\system32\bcmwlpkt.dll
    2008-09-07 22:12:45 ----A---- D:\WINDOWS\system32\bcm1xsup.dll
    2008-09-07 22:12:44 ----A---- D:\WINDOWS\system32\ATL71.DLL
    2008-09-07 19:16:20 ----A---- D:\WINDOWS\system32\h323log.txt
    2008-09-07 19:12:40 ----A---- D:\WINDOWS\system32\hidserv.dll
    2008-09-07 19:11:11 ----A---- D:\WINDOWS\system32\usbui.dll
    2008-09-07 19:09:43 ----A---- D:\WINDOWS\imsins.BAK
    2008-09-07 19:09:40 ----SHD---- D:\WINDOWS\Installer
    2008-09-07 19:09:40 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
    2008-09-07 19:09:39 ----D---- D:\Program Files\Common Files\ODBC
    2008-09-07 19:09:39 ----A---- D:\WINDOWS\ODBCINST.INI
    2008-09-07 19:09:34 ----D---- D:\Program Files\Common Files\SpeechEngines
    2008-09-07 19:09:34 ----D---- D:\Program Files\Common Files\Microsoft Shared
    2008-09-07 19:09:33 ----RD---- D:\Program Files
    2008-09-07 19:09:33 ----D---- D:\Program Files\Common Files
    2008-09-07 19:09:31 ----RA---- D:\WINDOWS\system32\kbdtuq.dll
    2008-09-07 19:09:31 ----RA---- D:\WINDOWS\system32\kbdtuf.dll
    2008-09-07 19:09:31 ----RA---- D:\WINDOWS\system32\kbdazel.dll
    2008-09-07 19:09:29 ----RA---- D:\WINDOWS\system32\kbdtat.dll
    2008-09-07 19:09:29 ----RA---- D:\WINDOWS\system32\kbdmon.dll
    2008-09-07 19:09:29 ----RA---- D:\WINDOWS\system32\kbdkyr.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdycc.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbduzb.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdur.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdru1.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdru.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdkaz.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdbu.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdblr.dll
    2008-09-07 19:09:28 ----RA---- D:\WINDOWS\system32\kbdaze.dll
    2008-09-07 19:09:26 ----RA---- D:\WINDOWS\system32\kbdhept.dll
    2008-09-07 19:09:26 ----RA---- D:\WINDOWS\system32\kbdhela3.dll
    2008-09-07 19:09:26 ----RA---- D:\WINDOWS\system32\kbdhela2.dll
    2008-09-07 19:09:26 ----RA---- D:\WINDOWS\system32\kbdhe319.dll
    2008-09-07 19:09:26 ----RA---- D:\WINDOWS\system32\kbdhe220.dll
    2008-09-07 19:09:26 ----RA---- D:\WINDOWS\system32\kbdhe.dll
    2008-09-07 19:09:26 ----RA---- D:\WINDOWS\system32\kbdgkl.dll
    2008-09-07 19:09:25 ----RA---- D:\WINDOWS\system32\kbdlv1.dll
    2008-09-07 19:09:25 ----RA---- D:\WINDOWS\system32\kbdlt1.dll
    2008-09-07 19:09:25 ----RA---- D:\WINDOWS\system32\kbdlt.dll
    2008-09-07 19:09:24 ----RA---- D:\WINDOWS\system32\kbdlv.dll
    2008-09-07 19:09:24 ----RA---- D:\WINDOWS\system32\kbdest.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdycl.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdsl1.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdsl.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdro.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdpl1.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdpl.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdhu1.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdhu.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdcz2.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdcz1.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdcz.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\kbdcr.dll
    2008-09-07 19:09:22 ----RA---- D:\WINDOWS\system32\KBDAL.DLL
    2008-09-07 19:09:19 ----A---- D:\WINDOWS\system32\spxcoins.dll
    2008-09-07 19:09:19 ----A---- D:\WINDOWS\system32\irclass.dll
    2008-09-07 19:09:19 ----A---- D:\WINDOWS\system32\EqnClass.Dll
    2008-09-07 19:09:19 ----A---- D:\WINDOWS\system32\dgsetup.dll
    2008-09-07 19:09:19 ----A---- D:\WINDOWS\system32\dgrpsetu.dll
    2008-09-07 19:09:16 ----N---- D:\WINDOWS\system32\CONFIG.TMP
    2008-09-07 19:09:16 ----A---- D:\WINDOWS\TASKMAN.EXE
    2008-09-07 19:09:16 ----A---- D:\WINDOWS\system32\batt.dll
    2008-09-07 19:09:15 ----A---- D:\WINDOWS\notepad.exe
    2008-09-07 19:09:13 ----A---- D:\WINDOWS\system32\storprop.dll
    2008-09-07 19:09:04----ASH----D:\Documents and Settings\All Users\Application Data\desktop.ini
    2008-09-07 19:08:46 ----RA---- D:\WINDOWS\SET8.tmp
    2008-09-07 19:08:43 ----RA---- D:\WINDOWS\SET4.tmp
    2008-09-07 19:08:41 ----RA---- D:\WINDOWS\SET3.tmp
    2008-09-07 19:08:33 ----D---- D:\WINDOWS\system32\CatRoot2
    2008-09-07 19:08:33 ----D---- D:\WINDOWS\system32\CatRoot
    2008-09-07 19:08:27 ----SD---- D:\Documents and Settings\All Users\Application Data\Microsoft
    2008-09-07 19:07:57 ----A---- D:\WINDOWS\setuplog.txt
    2008-09-07 19:07:52 ----D---- D:\Documents and Settings
    2008-09-07 18:58:00 ----SHD---- D:\System Volume Information
    2008-09-07 18:57:01 ----RSHDC---- D:\WINDOWS\system32\dllcache
    2008-09-07 18:57:01 ----RSD---- D:\WINDOWS\Fonts
    2008-09-07 18:57:01 ----RD---- D:\WINDOWS\Web
    2008-09-07 18:57:01 ----HD---- D:\WINDOWS\inf
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\WinSxS
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\twain_32
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\wins
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\wbem
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\usmt
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\spool
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\ShellExt
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\Setup
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\ras
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\PreInstall
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\oobe
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\npp
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\mui
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\Macromed
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\inetsrv
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\IME
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\icsxml
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\ias
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\export
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\en-us
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\drivers
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\dhcp
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\config
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\3com_dmi
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\3076
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\2052
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1054
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1042
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1041
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1037
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1033
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1031
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1028
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32\1025
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system32
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\system
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\SoftwareDistribution
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\security
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Resources
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\repair
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Provisioning
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\PeerNet
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\pchealth
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Network Diagnostic
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\mui
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\msapps
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\msagent
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Media
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\l2schemas
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\java
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\ime
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Help
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\ehome
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Driver Cache
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Debug
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Cursors
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Connection Wizard
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\Config
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\AppPatch
    2008-09-07 18:57:01 ----D---- D:\WINDOWS\addins
    2008-09-07 18:57:01 ----D---- D:\WINDOWS
    2008-08-29 10:18:58 ----A---- D:\WINDOWS\system32\dns-sd.exe
    2008-08-29 09:53:50 ----A---- D:\WINDOWS\system32\dnssd.dll
    2008-07-25 04:36:00 ----A---- D:\WINDOWS\system32\DivXsm.exe
    2008-07-25 04:34:54 ----A---- D:\WINDOWS\system32\dpl100.dll
    2008-07-25 04:34:52 ----A---- D:\WINDOWS\system32\dtu100.dll
    2008-07-25 04:34:50 ----A---- D:\WINDOWS\system32\dpuGUI10.dll
    2008-07-25 04:34:46 ----A---- D:\WINDOWS\system32\dpv11.dll
    2008-07-25 04:34:46 ----A---- D:\WINDOWS\system32\dpus11.dll
    2008-07-25 04:34:46 ----A---- D:\WINDOWS\system32\dpuGUI11.dll
    2008-07-25 04:34:46 ----A---- D:\WINDOWS\system32\dpu11.dll
    2008-07-25 04:34:46 ----A---- D:\WINDOWS\system32\dpu10.dll
    2008-07-25 04:34:42 ----A---- D:\WINDOWS\system32\divx_xx07.dll
    2008-07-25 04:34:40 ----A---- D:\WINDOWS\system32\divx_xx11.dll
    2008-07-25 04:34:40 ----A---- D:\WINDOWS\system32\divx_xx0c.dll
    2008-07-25 04:34:40 ----A---- D:\WINDOWS\system32\divx_xx0a.dll
    2008-07-25 04:34:36 ----A---- D:\WINDOWS\system32\DivX.dll
    2008-07-25 04:34:30 ----A---- D:\WINDOWS\system32\DivXCodecVersionChecker.exe
    2008-07-23 12:50:52 ----A---- D:\WINDOWS\system32\qt-dx331.dll
    2008-07-23 12:48:40 ----A---- D:\WINDOWS\system32\ssldivx.dll
    2008-07-23 12:48:40 ----A---- D:\WINDOWS\system32\libdivx.dll
    2008-07-23 12:47:34 ----A---- D:\WINDOWS\system32\dtu100.dll.manifest
    2008-07-23 12:47:34 ----A---- D:\WINDOWS\system32\dpl100.dll.manifest
    2008-07-23 12:46:38 ----A---- D:\WINDOWS\system32\DivXWMPExtType.dll

    List of drivers

    R1 AmdK8;AMD Processor Driver; D:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-05-10 36864]
    R1 AvgLdx86;AVG AVI Loader Driver x86; D:\WINDOWS\System32\Drivers\avgldx86.sys [2008-09-08 97928]
    R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; D:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-09-08 26824]
    R1 SASDIFSV;SASDIFSV; \??\D:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
    R1 SASKUTIL;SASKUTIL; \??\D:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
    R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; D:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-13 8832]
    R2 AvgTdiX;AVG8 Network Redirector; D:\WINDOWS\System32\Drivers\avgtdix.sys [2008-09-08 76040]
    R2 mdmxsdk;mdmxsdk; D:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2005-10-05 12544]
    R2 rspndr;Link-Layer Topology Discovery Responder; D:\WINDOWS\system32\DRIVERS\rspndr.sys [2007-07-22 62336]
    R3 ati2mtag;ati2mtag; D:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2008-09-07 1540096]
    R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; D:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2008-09-07 424320]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; D:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; D:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; D:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2007-07-22 138752]
    R3 HSF_DPV;HSF_DPV; D:\WINDOWS\system32\DRIVERS\HSX_DPV.sys [2006-01-11 935424]
    R3 HSXHWAZL;HSXHWAZL; D:\WINDOWS\system32\DRIVERS\HSXHWAZL.sys [2006-01-11 194048]
    R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); D:\WINDOWS\system32\drivers\RtkHDAud.sys [2005-09-23 3966976]
    R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; D:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
    R3 SASENUM;SASENUM; \??\D:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
    R3 sdbus;sdbus; D:\WINDOWS\system32\DRIVERS\sdbus.sys [2008-04-13 79232]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; D:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; D:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 winachsf;winachsf; D:\WINDOWS\system32\DRIVERS\HSX_CNXT.sys [2006-01-11 671232]
    S1 kbdhid;Keyboard HID Driver; D:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    S3 catchme;catchme; \??\D:\ComboFix\catchme.sys []
    S3 hidusb;Microsoft HID Class Driver; D:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    S3 mouhid;Mouse HID Driver; D:\WINDOWS\system32\DRIVERS\mouhid.sys [2007-07-22 12160]
    S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; D:\WINDOWS\system32\DRIVERS\WudfPf.sys [2007-07-22 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; D:\WINDOWS\system32\DRIVERS\wudfrd.sys [2007-07-22 82944]
    S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

    List of services

    R2 aawservice;Lavasoft Ad-Aware Service; D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-09-08 611664]
    R2 Apple Mobile Device;Apple Mobile Device; D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
    R2 Ati HotKey Poller;Ati HotKey Poller; D:\WINDOWS\system32\Ati2evxx.exe [2008-09-07 405504]
    R2 avg8emc;AVG8 E-mail Scanner; D:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-09-08 875288]
    R2 avg8wd;AVG8 WatchDog; D:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-09-08 231704]
    R2 Bonjour Service;Bonjour Service; D:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZipm12.exe [2005-04-29 69632]
    R2 Viewpoint Manager Service;Viewpoint Manager Service; D:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
    R2 WinDefend;Windows Defender; D:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
    R2 wltrysvc;Broadcom Wireless LAN Tray Service; D:\WINDOWS\System32\WLTRYSVC.EXE [2008-09-07 18944]
    R3 iPod Service;iPod Service; D:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
    S3 aspnet_state;ASP.NET State Service; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-04-13 33632]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; D:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-04-13 68952]
    S3 getPlus(R) Helper;getPlus(R) Helper; D:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-08-29 33752]
    S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; D:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2007-08-24 68464]
    S3 odserv;Microsoft Office Diagnostics Service; D:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
    S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
    S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; D:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; D:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; D:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; D:\WINDOWS\system32\svchost.exe [2008-04-13 14336]

    -----------------EOF-----------------
     
    Charlie Ivey,
    #7
  9. 2008/09/14
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    I see you've run a number of specialized malware removal tools lately. Lets clean those up first. Download OTMoveIt2 by OldTimer and save it to your desktop.
    • Double-click OTMoveIt2.exe to run it.
    • Now click CleanUp
    • If prompted to download a file, please allow it.
    • When you receive a message that the file download is complete, click Yes.
    • It should run briefly, then prompt you to reboot.
    • Allow it to reboot and OTMoveIt2.exe should be gone upon logon.


    Next, download ATF Cleaner by Atribune and save it to your Desktop.
    • Double click ATF-Cleaner.exe to run the program.
    • Check the boxes to the left of:

      • Windows Temp
      • Current User Temp
      • All Users Temp
      • Temporary Internet Files
      • Prefetch
      • Java Cache
      • Recycle bin

    • The rest are optional - if you want it to remove everything check "Select All ".
    • Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK then exit.
    Reboot


    Now, you have several programs installed that have numerous reports of causing system slowdowns. Standard procedure is to uninstall an app, reboot and see if there's a change. Try another if needed. I've listed the programs I'm referring to below, listed most likely to least.


    AVG8
    Windows Defender
    SUPERAntiSpyware
    Ad-Aware


    I also see that the recent installation of Real Player made a mess of your Program Files folder, littering it with individual files and folders, instead of creating it's own folder with subfolders in that directory. Recommend you uninstall Real Player as well, then try re-installing if so desired.


    Post back with your findings. :)
     
    noahdfear,
    #8
  10. 2008/09/14
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    Ok thanks again.
    I have noticed some slight improvement, but mostly in startup time. Overall the computer is still very sluggish. I cant even play songs or videos without severe stuttering. I will be waiting on further instruction. Thanks.
     
    Charlie Ivey,
    #9
  11. 2008/09/14
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    It would be helpful in determining further instructions if you gave some details of what you have done. All I know is that I've made suggestions, asked questions (about checking for dust buildup), and that you report slight improvement. I have absolutely no idea what you have or have not done to gain that improvement. :confused:
     
    noahdfear,
    #10
  12. 2008/09/15
    Charlie Ivey

    Charlie Ivey Inactive Thread Starter

    Joined:
    2008/09/12
    Messages:
    8
    Likes Received:
    0
    Sorry about not being clear. I ran OTMoveit and ATFCleaner, I uninstalled AVG, Windows Defender, RealPLayer, SUPERAntiSpyware, and Ad-Aware as you instructed.
     
    Charlie Ivey,
    #11
  13. 2008/09/15
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Please run RSIT again and post the log it produces. I'd like to see what all remains running.

    Did you check the fans, dust, etc?
     
    noahdfear,
    #12

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...