Active [ACTIVE]Task manager, regedit disabled, etc.

Hi.
I've recently formatted this machine due to problems, but post-format there have still been issues - new, different issues.
Both Task Manager and Regedit are disabled; Windows firewall has 'been deactivated by Group Policy'; and, on startup, I get a message stating 'Windows cannot find C:\WINDOWS\system32\drivers\service.exe'. I've had a couple of times where AVG Free has no longer recognised the license key.

I'm running Windows XP Service Pack 2. It's probably worth pointing out that I'm still a few drivers short after formatting (Ethernet Controller, SM Bus Controller (I've sent an email to Compaq for information - this is a Presario S3120AN)).

I ran Spybot S&D, and it picked up a few things, fixed them and Task manager and Regedit worked. I ran Ad-aware and MBAM, but after reinstalling AVG and restarting Task manager and Regedit were disabled again.


Spybot log, followed by RSIT log:


Microsoft.WindowsSecurityCenter.AntiVirusOverride: [SBI $3604910C] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusOverride

Microsoft.WindowsSecurityCenter.FirewallOverride: [SBI $0C94D702] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\FirewallOverride

Microsoft.WindowsSecurityCenter.SP2Update: [SBI $D7D77116] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\DoNotAllowXPSP2

Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, nothing done)
HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-583907252-1979792683-725345543-1004\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

Microsoft.WindowsSecurityCenter.TaskManager: [SBI $FD4267D3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Policies\System\DisableTaskMgr

Microsoft.WindowsSecurityCenter_disabled: [SBI $2E20C9A9] Settings (Registry change, nothing done)
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start

Microsoft.WindowsSecurityCenter.RegistryTools: [SBI $D60CD1E3] Settings (Registry change, nothing done)
HKEY_USERS\S-1-5-21-583907252-1979792683-725345543-1004\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\DisableRegistryTools


--- Spybot - Search & Destroy version: 1.6.0 (build: 20080707) ---

2008-07-07 blindman.exe (1.0.0.8)
2008-07-07 SDFiles.exe (1.6.0.4)
2008-07-07 SDMain.exe (1.0.0.6)
2008-07-07 SDShred.exe (1.0.2.3)
2008-07-07 SDUpdate.exe (1.6.0.8)
2008-07-07 SDWinSec.exe (1.0.0.12)
2008-07-07 SpybotSD.exe (1.6.0.30)
2008-09-16 TeaTimer.exe (1.6.3.25)
2008-11-06 unins000.exe (51.49.0.0)
2008-07-07 Update.exe (1.6.0.7)
2008-10-22 advcheck.dll (1.6.2.13)
2007-04-02 aports.dll (2.1.0.0)
2008-06-14 DelZip179.dll (1.79.11.1)
2008-09-15 SDHelper.dll (1.6.2.14)
2008-06-19 sqlite3.dll
2008-10-22 Tools.dll (2.1.6.8)
2008-11-05 Includes\Adware.sbi (*)
2008-11-05 Includes\AdwareC.sbi (*)
2008-06-04 Includes\Cookies.sbi (*)
2008-09-03 Includes\Dialer.sbi (*)
2008-09-10 Includes\DialerC.sbi (*)
2008-07-23 Includes\HeavyDuty.sbi (*)
2008-09-03 Includes\Hijackers.sbi (*)
2008-10-29 Includes\HijackersC.sbi (*)
2008-09-10 Includes\Keyloggers.sbi (*)
2008-11-05 Includes\KeyloggersC.sbi (*)
2004-11-30 Includes\LSP.sbi (*)
2008-11-05 Includes\Malware.sbi (*)
2008-11-05 Includes\MalwareC.sbi (*)
2008-11-04 Includes\PUPS.sbi (*)
2008-11-05 Includes\PUPSC.sbi (*)
2007-11-07 Includes\Revision.sbi (*)
2008-06-18 Includes\Security.sbi (*)
2008-10-23 Includes\SecurityC.sbi (*)
2008-06-04 Includes\Spybots.sbi (*)
2008-06-04 Includes\SpybotsC.sbi (*)
2008-11-05 Includes\Spyware.sbi (*)
2008-11-05 Includes\SpywareC.sbi (*)
2008-06-04 Includes\Tracks.uti
2008-11-05 Includes\Trojans.sbi (*)
2008-11-05 Includes\TrojansC.sbi (*)
2008-03-04 Plugins\Chai.dll
2008-03-05 Plugins\Fennel.dll
2008-02-26 Plugins\Mate.dll
2007-12-24 Plugins\TCPIPAddress.dll

Logfile of random's system information tool 1.04 (written by random/random)
Run by User at 2008-11-06 16:02:45
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 35 GB (92%) free of 38 GB
Total RAM: 511 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:02:49 p.m., on 6/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\brss01a.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\User\Desktop\RSIT.exe
C:\Program Files\trend micro\User.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%\system32\drivers\service.exe
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1225923679203
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3EED7D1-8684-4362-A28A-9625AAACC63F}: NameServer = 203.96.152.4,203.96.152.12
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

--
End of file - 5638 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-11-06 419096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-11-06 2050816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-11-06 2050816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate "=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD "=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-04-14 57393]
"IndexSearch "=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-04-14 40960]
"SetDefPrt "=C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe [2004-05-25 49152]
"ControlCenter2.0 "=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2004-07-20 851968]
"ATIPTA "=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-30 344064]
"AlcxMonitor "=C:\WINDOWS\ALCXMNTR.EXE [2004-09-07 57344]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-06 1177368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE "=C:\WINDOWS\system32\ctfmon.exe [2004-08-13 15360]
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "avgrsstx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-12-01 94208]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr "=1
"DisableRegistryTools "=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

======List of files/folders created in the last 3 months======

2008-11-06 14:34:53 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-11-06 12:15:55 ----D---- C:\Downloads
2008-11-06 12:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-06 12:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-06 12:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-06 12:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-06 12:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-06 12:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-06 12:01:43 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-06 12:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-06 12:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-06 12:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-06 12:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-06 12:01:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-06 12:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-06 12:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-06 12:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-06 12:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-06 12:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-06 11:56:41 ----D---- C:\WINDOWS\ie7updates
2008-11-06 11:46:54 ----D---- C:\rsit
2008-11-06 11:46:54 ----D---- C:\Program Files\trend micro
2008-11-06 11:40:41 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-11-06 11:39:22 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-06 11:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-06 11:32:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-06 11:32:57 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-06 11:29:19 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-06 11:29:18 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-06 11:29:17 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-06 11:29:15 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-11-06 11:29:15 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-06 11:16:04 ----A---- C:\WINDOWS\system32\wpa.bak
2008-11-06 06:57:17 ----A---- C:\WINDOWS\system32\h323log.txt
2008-11-06 06:54:47 ----A---- C:\WINDOWS\system32\HSFCISP2.dll
2008-11-06 06:54:46 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-11-06 06:54:10 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-06 06:52:02 ----A---- C:\WINDOWS\imsins.BAK
2008-11-06 06:51:59 ----SHD---- C:\WINDOWS\Installer
2008-11-06 06:51:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-06 06:51:57 ----D---- C:\Program Files\Common Files\ODBC
2008-11-06 06:51:57 ----A---- C:\WINDOWS\ODBCINST.INI
2008-11-06 06:51:51 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-11-06 06:51:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-06 06:51:50 ----RD---- C:\Program Files
2008-11-06 06:51:50 ----D---- C:\Program Files\Common Files
2008-11-06 06:51:48 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-11-06 06:51:48 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-11-06 06:51:48 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-11-06 06:51:36 ----A---- C:\WINDOWS\system32\irclass.dll
2008-11-06 06:51:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-11-06 06:51:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-11-06 06:51:35 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-11-06 06:51:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-11-06 06:51:31 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-11-06 06:51:31 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-11-06 06:51:30 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-06 06:51:30 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-11-06 06:51:28 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-06 06:51:14 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-11-06 06:51:09 ----RA---- C:\WINDOWS\SET8.tmp
2008-11-06 06:51:02 ----RA---- C:\WINDOWS\SET4.tmp
2008-11-06 06:50:57 ----RA---- C:\WINDOWS\SET3.tmp
2008-11-06 06:50:48 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-06 06:50:48 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-06 06:50:41 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-06 06:50:16 ----A---- C:\WINDOWS\setuplog.txt
2008-11-06 06:50:07 ----D---- C:\Documents and Settings
2008-11-06 06:47:42 ----SH---- C:\boot.ini
2008-11-06 06:41:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-06 06:41:25 ----RSD---- C:\WINDOWS\Fonts
2008-11-06 06:41:25 ----RD---- C:\WINDOWS\Web
2008-11-06 06:41:25 ----HD---- C:\WINDOWS\inf
2008-11-06 06:41:25 ----D---- C:\WINDOWS\WinSxS
2008-11-06 06:41:25 ----D---- C:\WINDOWS\twain_32
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Temp
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\wins
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\wbem
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\usmt
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\spool
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\ShellExt
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\Setup
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\ras
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\oobe
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\npp
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\mui
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\IME
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\icsxml
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\ias
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\export
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\drivers
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\dhcp
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\config
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\3com_dmi
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\3076
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\2052
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1054
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1042
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1041
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1037
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1033
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1031
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1028
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1025
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system
2008-11-06 06:41:25 ----D---- C:\WINDOWS\security
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Resources
2008-11-06 06:41:25 ----D---- C:\WINDOWS\repair
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Provisioning
2008-11-06 06:41:25 ----D---- C:\WINDOWS\PeerNet
2008-11-06 06:41:25 ----D---- C:\WINDOWS\pchealth
2008-11-06 06:41:25 ----D---- C:\WINDOWS\mui
2008-11-06 06:41:25 ----D---- C:\WINDOWS\msapps
2008-11-06 06:41:25 ----D---- C:\WINDOWS\msagent
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Media
2008-11-06 06:41:25 ----D---- C:\WINDOWS\java
2008-11-06 06:41:25 ----D---- C:\WINDOWS\ime
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Help
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Driver Cache
2008-11-06 06:41:25 ----D---- C:\WINDOWS\dell
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Debug
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Cursors
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Connection Wizard
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Config
2008-11-06 06:41:25 ----D---- C:\WINDOWS\AppPatch
2008-11-06 06:41:25 ----D---- C:\WINDOWS\addins
2008-11-06 06:41:25 ----D---- C:\WINDOWS
2008-11-05 20:34:05 ----D---- C:\WINDOWS\WBEM
2008-11-05 20:34:03 ----D---- C:\WINDOWS\system32\en-US
2008-11-05 20:31:42 ----HDC---- C:\WINDOWS\ie7
2008-11-05 20:31:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-05 20:30:55 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-11-05 20:30:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-05 20:30:06 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-05 20:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-11-05 20:29:58 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-05 20:29:50 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-11-05 20:23:59 ----HD---- C:\$AVG8.VAULT$
2008-11-05 20:17:24 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-05 20:16:59 ----N---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-11-05 20:16:58 ----N---- C:\WINDOWS\soundman.exe
2008-11-05 20:16:58 ----A---- C:\WINDOWS\ALCXMNTR.EXE
2008-11-05 20:16:57 ----N---- C:\WINDOWS\system32\ChCfg.exe
2008-11-05 20:16:56 ----N---- C:\WINDOWS\system32\RTLCPL.exe
2008-11-05 20:16:55 ----N---- C:\WINDOWS\alcupd.exe
2008-11-05 20:16:55 ----N---- C:\WINDOWS\alcrmv.exe
2008-11-05 20:13:34 ----D---- C:\Program Files\Lavasoft
2008-11-05 20:13:34 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-05 20:12:30 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-05 20:09:58 ----D---- C:\Documents and Settings\User\Application Data\AVGTOOLBAR
2008-11-05 20:09:40 ----D---- C:\Program Files\AVG
2008-11-05 20:09:39 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-11-05 20:02:05 ----D---- C:\Documents and Settings\User\Application Data\Help
2008-11-05 19:58:42 ----A---- C:\WINDOWS\Brownie.ini
2008-11-05 19:56:45 ----RSD---- C:\WINDOWS\assembly
2008-11-05 19:56:45 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-05 19:56:42 ----D---- C:\WINDOWS\system32\URTTemp
2008-11-05 19:55:58 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-11-05 19:55:49 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2008-11-05 19:55:30 ----D---- C:\Program Files\ATI Technologies
2008-11-05 19:45:12 ----A---- C:\WINDOWS\system32\brss01a.ini
2008-11-05 19:45:11 ----A---- C:\WINDOWS\BRWMARK.INI
2008-11-05 19:45:11 ----A---- C:\WINDOWS\BRPP2KA.INI
2008-11-05 19:43:59 ----A---- C:\WINDOWS\system32\bsplmf01.exe
2008-11-05 19:43:59 ----A---- C:\WINDOWS\system32\bsplmf01.dll
2008-11-05 19:43:59 ----A---- C:\WINDOWS\system32\BrWia04a.dll
2008-11-05 19:43:58 ----N---- C:\WINDOWS\system32\brinsstr.dll
2008-11-05 19:43:58 ----A---- C:\WINDOWS\system32\BrUSi04a.dll
2008-11-05 19:43:58 ----A---- C:\WINDOWS\system32\brsvc01a.exe
2008-11-05 19:43:58 ----A---- C:\WINDOWS\system32\brss01a.exe
2008-11-05 19:43:57 ----N---- C:\WINDOWS\system32\Brmfrmps.exe
2008-11-05 19:43:49 ----N---- C:\WINDOWS\system32\Pdrvinst.dll
2008-11-05 19:43:49 ----N---- C:\WINDOWS\system32\Brwebup.exe
2008-11-05 19:43:49 ----N---- C:\WINDOWS\system32\BrWebIns.dll
2008-11-05 19:43:46 ----D---- C:\Program Files\Brother
2008-11-05 19:43:46 ----D---- C:\Brother
2008-11-05 19:43:44 ----N---- C:\WINDOWS\brunin03.dll
2008-11-05 19:42:06 ----A---- C:\WINDOWS\maxlink.ini
2008-11-05 19:41:55 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-05 19:41:30 ----D---- C:\Program Files\Common Files\ScanSoft Shared
2008-11-05 19:41:24 ----D---- C:\Program Files\ScanSoft
2008-11-05 19:41:24 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-11-05 19:40:51 ----D---- C:\Program Files\Common Files\InstallShield
2008-11-05 19:40:28 ----D---- C:\Documents and Settings\All Users\Application Data\Brother
2008-11-05 19:30:02 ----D---- C:\Documents and Settings\User\Application Data\Identities
2008-11-05 19:30:00 ----HD---- C:\Program Files\Uninstall Information
2008-11-05 19:29:47 ----ASH---- C:\Documents and Settings\User\Application Data\desktop.ini
2008-11-05 19:29:46 ----SD---- C:\Documents and Settings\User\Application Data\Microsoft
2008-11-05 19:26:40 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-05 19:26:37 ----D---- C:\WINDOWS\Prefetch
2008-11-05 19:26:36 ----SD---- C:\WINDOWS\system32\Microsoft
2008-11-05 19:26:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-05 19:02:09 ----SHD---- C:\System Volume Information
2008-11-05 18:55:37 ----D---- C:\WINDOWS\system32\xircom
2008-11-05 18:55:37 ----D---- C:\Program Files\xerox
2008-11-05 18:55:37 ----D---- C:\Program Files\microsoft frontpage
2008-11-05 18:55:30 ----D---- C:\DELL
2008-11-05 18:55:10 ----A---- C:\WINDOWS\control.ini
2008-11-05 18:55:10 ----A---- C:\AUTOEXEC.BAT
2008-11-05 18:54:45 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-05 18:54:35 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-11-05 18:52:41 ----RD---- C:\WINDOWS\Offline Web Pages
2008-11-05 18:52:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-05 18:52:40 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-11-05 18:52:29 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-11-05 18:52:19 ----HD---- C:\Program Files\WindowsUpdate
2008-11-05 18:51:41 ----D---- C:\WINDOWS\system32\DirectX
2008-11-05 18:49:52 ----A---- C:\WINDOWS\system32\atrace.dll
2008-11-05 18:49:50 ----A---- C:\WINDOWS\system32\desktop.ini
2008-11-05 18:49:50 ----A---- C:\WINDOWS\desktop.ini
2008-11-05 18:49:42 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-11-05 18:49:41 ----D---- C:\Program Files\Common Files\Services
2008-11-05 18:49:41 ----A---- C:\WINDOWS\system32\acctres.dll
2008-11-05 18:49:38 ----SD---- C:\WINDOWS\Tasks
2008-11-05 18:49:38 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-11-05 18:49:37 ----D---- C:\Program Files\Common Files\MSSoap
2008-11-05 18:49:32 ----D---- C:\WINDOWS\srchasst
2008-11-05 18:49:31 ----D---- C:\WINDOWS\system32\Macromed
2008-11-05 18:49:29 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-11-05 18:49:29 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wups.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-05 18:49:27 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-05 18:49:27 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-05 18:49:23 ----D---- C:\Program Files\Movie Maker
2008-11-05 18:49:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-05 18:49:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-05 18:49:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-05 18:49:18 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-05 18:49:15 ----D---- C:\WINDOWS\system32\Restore
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-05 18:49:13 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-05 18:49:13 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-05 18:49:10 ----D---- C:\Program Files\NetMeeting
2008-11-05 18:49:10 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-05 18:49:10 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-05 18:49:09 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-05 18:49:09 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-05 18:49:07 ----D---- C:\Program Files\Outlook Express
2008-11-05 18:49:07 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-05 18:49:07 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-05 18:49:07 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-05 18:49:01 ----D---- C:\Program Files\Common Files\System
2008-11-05 18:48:57 ----D---- C:\Program Files\Internet Explorer
2008-11-05 18:48:33 ----D---- C:\Program Files\ComPlus Applications
2008-11-05 18:48:28 ----A---- C:\WINDOWS\vbaddin.ini
2008-11-05 18:48:28 ----A---- C:\WINDOWS\vb.ini
2008-11-05 18:48:17 ----D---- C:\WINDOWS\Registration
2008-11-05 18:47:23 ----D---- C:\Program Files\Online Services
2008-11-05 18:47:22 ----D---- C:\Program Files\Windows Media Player
2008-11-05 18:47:12 ----D---- C:\Program Files\Messenger
2008-11-05 18:47:08 ----D---- C:\Program Files\MSN Gaming Zone
2008-11-05 18:47:08 ----A---- C:\WINDOWS\system32\write.exe
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\hticons.dll
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\avwav.dll
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-11-05 18:46:55 ----A---- C:\WINDOWS\system32\winchat.exe
2008-11-05 18:46:47 ----A---- C:\WINDOWS\system32\getuname.dll
2008-11-05 18:46:47 ----A---- C:\WINDOWS\system32\charmap.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\winmine.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\sol.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\calc.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tskill.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tscon.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\shadow.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\reset.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\freecell.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\regini.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\msg.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\logoff.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-05 18:46:42 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-05 18:46:42 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-05 18:46:36 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-11-05 18:46:23 ----D---- C:\Program Files\MSN
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-05 18:46:21 ----D---- C:\Program Files\Windows NT
2008-11-05 18:46:21 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-05 18:46:21 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-05 18:46:18 ----D---- C:\WINDOWS\system32\MsDtc
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-05 18:46:16 ----D---- C:\WINDOWS\system32\Com
2008-11-05 18:46:16 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-05 18:46:14 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-05 18:46:14 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-05 18:46:09 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-05 18:46:09 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-05 18:46:08 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-05 18:46:08 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 3 months======

2008-11-06 06:51:50 ----A---- C:\WINDOWS\system.ini
2008-11-05 19:53:12 ----A---- C:\WINDOWS\win.ini
2008-10-16 05:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-04 06:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-08-27 21:24:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\occache.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 20:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 20:24:29 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 20:24:29 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 21:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 21:37:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-23 18:54:51 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-08-14 23:00:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 22:22:13 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-13 37376]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-11-06 96520]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-11-06 26184]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-11-06 75272]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-01 2279424]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-12-01 873984]
R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2003-01-08 15400]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-13 61824]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-13 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-13 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-13 17024]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-11-06 611664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-12-01 425984]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-11-06 902424]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-11-06 282904]
R2 brmfrmps;Brother Popup Suspend service for Resource manager; C:\WINDOWS\system32\Brmfrmps.exe [2003-05-05 65536]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-11-30 516096]
S2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]

-----------------EOF-----------------


Many thanks. Beyond tomorrow I'll be away from the problem PC for about a week, but I'll be keeping an eye on this thread.

 

Instructions posted for this user are customized for this user only. The tools used may cause damage if used on a computer with different infections. If you think you have similar problems, please post a HJT log and start a new topic.



Hi and welcome

Print this topic or save to notepad, it will make it easier for you to follow the instructions and complete all of the necessary steps as we will need to close all windows that are open later in the fix.



Download SDFix or from Here and save it to your Desktop



Double click SDFix.exe and it will extract the files to %systemdrive% (Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following
:

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows
  icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, the Advanced Options Menu should appear;
• Select the first option, to run Windows in Safe Mode, then press Enter.
• Choose your usual account.

• Open the extracted SDFix folder and double click RunThis.cmd to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load
  your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt (Report.txt will also be copied to Clipboard ready for posting back on the
  forum).
• Finally paste the contents of the SDFix Report.txt back on the forum with a new HijackThis log

NEXT**
Please download Malwarebytes' Anti-Malware to your desktop

Additional Link

* Double-click mbam-setup.exe and follow the prompts to install the program.
* Be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select Perform quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
* Be sure that everything is checked, and click Remove Selected.
* When completed, a log will open in Notepad. Please save it to a convenient location.
* You can also access the log by doing the following:

o Click on the Malwarebytes' Anti-Malware icon to launch the program.
o Click on the Logs tab.
o Click on the log at the bottom of those listed to highlight it.
o Click Open.

Tutorial if needed
http://thespykiller.co.uk/index.php/topic,5946.0.html

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.



In your next reply post:
SDFix report.txt
Malwarebytes' Anti-Malware log
New HJT log



You may need several replies to post the requested logs, otherwise they might get cut off.

 

SDFix report, followed by Malwarebytes' Anti-Malware log, and RSIT log.
Task Manager and Regedit are enabled, the firewall is on, and I'm very happy. Many thanks.


SDFix: Version 1.240
Run by User on Fri 07/11/2008 at 09:13 a.m.

Microsoft Windows XP [Version 5.1.2600]
Running From: C:\SDFix

Checking Services :


C:\WINDOWS\system32\Microsoft\backup.ftp Found

Checking files:

Genuine:
C:\WINDOWS\system32\Microsoft\backup.ftp
C:\WINDOWS\system32\tftp.exe
C:\WINDOWS\system32\dllcache\tftp.exe


Restoring Default Security Values
Restoring Default Hosts File

Rebooting


Checking Files :

Trojan Files Found:

C:\WINDOWS\system32\Microsoft\backup.ftp - Deleted





Removing Temp Files

ADS Check :



Final Check :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-11-07 09:17:22
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden services & system hive ...

scanning hidden registry entries ...

scanning hidden files ...

scan completed successfully
hidden processes: 0
hidden services: 0
hidden files: 0


Remaining Services :




Authorized Application Key Export:

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\\system32\\sessmgr.exe "= "%windir%\\system32\\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

Remaining Files :


File Backups: - C:\SDFix\backups\backups.zip

Files with Hidden Attributes :

Wed 22 Oct 2008 949,072 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\advcheck.dll "
Mon 15 Sep 2008 1,562,960 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDHelper.dll "
Mon 7 Jul 2008 1,429,840 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe "
Mon 7 Jul 2008 4,891,472 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe "
Tue 16 Sep 2008 1,833,296 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe "
Wed 22 Oct 2008 962,896 A.SHR --- "C:\Program Files\Spybot - Search & Destroy\Tools.dll "

Finished!





Malwarebytes' Anti-Malware 1.30
Database version: 1370
Windows 5.1.2600 Service Pack 2

7/11/2008 9:30:52 a.m.
mbam-log-2008-11-07 (09-30-52).txt

Scan type: Quick Scan
Objects scanned: 41695
Time elapsed: 6 minute(s), 28 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)





Logfile of random's system information tool 1.04 (written by random/random)
Run by User at 2008-11-07 09:32:00
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 35 GB (92%) free of 38 GB
Total RAM: 511 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:32:08 a.m., on 7/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\brsvc01a.exe
C:\WINDOWS\system32\brss01a.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\system32\Brmfrmps.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
C:\Program Files\Brother\ControlCenter2\brctrcen.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\ALCXMNTR.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\User\Desktop\RSIT.exe
C:\Program Files\trend micro\User.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM\..\Run: [SSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot
O4 - HKLM\..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe
O4 - HKLM\..\Run: [IndexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe
O4 - HKLM\..\Run: [SetDefPrt] C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe
O4 - HKLM\..\Run: [ControlCenter2.0] C:\Program Files\Brother\ControlCenter2\brctrcen.exe /autorun
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Status Monitor.lnk = C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1225923679203
O17 - HKLM\System\CCS\Services\Tcpip\..\{D3EED7D1-8684-4362-A28A-9625AAACC63F}: NameServer = 203.96.152.4,203.96.152.12
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Brother Popup Suspend service for Resource manager (brmfrmps) - Brother Industries, Ltd. - C:\WINDOWS\system32\Brmfrmps.exe
O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C:\WINDOWS\system32\brsvc01a.exe

--
End of file - 5556 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-11-06 419096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-9990-79A187E2698E}]
AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-11-06 2050816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{A057A204-BACC-4D26-9990-79A187E2698E} - AVG Security Toolbar - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL [2008-11-06 2050816]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SSBkgdUpdate "=C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2003-10-14 155648]
"PaperPort PTD "=C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2004-04-14 57393]
"IndexSearch "=C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2004-04-14 40960]
"SetDefPrt "=C:\Program Files\Brother\Brmfl04a\BrStDvPt.exe [2004-05-25 49152]
"ControlCenter2.0 "=C:\Program Files\Brother\ControlCenter2\brctrcen.exe [2004-07-20 851968]
"ATIPTA "=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-11-30 344064]
"AlcxMonitor "=C:\WINDOWS\ALCXMNTR.EXE [2004-09-07 57344]
"AVG8_TRAY "=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-11-06 1177368]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE "=C:\WINDOWS\system32\ctfmon.exe [2004-08-13 15360]
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Status Monitor.lnk - C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "avgrsstx.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2004-12-01 94208]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

======List of files/folders created in the last 3 months======

2008-11-07 09:11:29 ----D---- C:\WINDOWS\ERUNT
2008-11-07 09:09:53 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-07 09:07:38 ----D---- C:\SDFix
2008-11-06 16:30:06 ----SHD---- C:\RECYCLER
2008-11-06 16:06:57 ----D---- C:\Documents and Settings\User\Application Data\Malwarebytes
2008-11-06 16:06:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-11-06 16:06:49 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-11-06 14:34:53 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-11-06 12:15:55 ----D---- C:\Downloads
2008-11-06 12:04:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-06 12:03:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-06 12:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-06 12:03:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-06 12:03:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-06 12:03:04 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-06 12:01:43 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-06 12:01:34 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-06 12:01:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-06 12:01:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-06 12:01:12 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-06 12:01:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-06 12:00:58 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-06 12:00:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-06 12:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-06 12:00:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-06 12:00:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-06 11:56:41 ----D---- C:\WINDOWS\ie7updates
2008-11-06 11:46:54 ----D---- C:\rsit
2008-11-06 11:46:54 ----D---- C:\Program Files\trend micro
2008-11-06 11:40:41 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-11-06 11:39:22 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-06 11:39:19 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-06 11:32:57 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-06 11:32:57 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-06 11:29:19 ----A---- C:\WINDOWS\system32\wups2.dll
2008-11-06 11:29:18 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-11-06 11:29:17 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-11-06 11:29:15 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-11-06 11:29:15 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-11-06 11:16:04 ----A---- C:\WINDOWS\system32\wpa.bak
2008-11-06 06:57:17 ----A---- C:\WINDOWS\system32\h323log.txt
2008-11-06 06:54:47 ----A---- C:\WINDOWS\system32\HSFCISP2.dll
2008-11-06 06:54:46 ----A---- C:\WINDOWS\system32\mdmxsdk.dll
2008-11-06 06:54:10 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-06 06:52:02 ----A---- C:\WINDOWS\imsins.BAK
2008-11-06 06:51:59 ----SHD---- C:\WINDOWS\Installer
2008-11-06 06:51:59 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-06 06:51:57 ----D---- C:\Program Files\Common Files\ODBC
2008-11-06 06:51:57 ----A---- C:\WINDOWS\ODBCINST.INI
2008-11-06 06:51:51 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-11-06 06:51:51 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-06 06:51:50 ----RD---- C:\Program Files
2008-11-06 06:51:50 ----D---- C:\Program Files\Common Files
2008-11-06 06:51:48 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-11-06 06:51:48 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-11-06 06:51:48 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-11-06 06:51:46 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-11-06 06:51:43 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-11-06 06:51:42 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-11-06 06:51:39 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-11-06 06:51:36 ----A---- C:\WINDOWS\system32\irclass.dll
2008-11-06 06:51:36 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-11-06 06:51:36 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-11-06 06:51:35 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-11-06 06:51:35 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-11-06 06:51:31 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-11-06 06:51:31 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-11-06 06:51:30 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-06 06:51:30 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-11-06 06:51:28 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-06 06:51:14 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-11-06 06:51:09 ----RA---- C:\WINDOWS\SET8.tmp
2008-11-06 06:51:02 ----RA---- C:\WINDOWS\SET4.tmp
2008-11-06 06:50:57 ----RA---- C:\WINDOWS\SET3.tmp
2008-11-06 06:50:48 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-06 06:50:48 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-06 06:50:41 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-06 06:50:16 ----A---- C:\WINDOWS\setuplog.txt
2008-11-06 06:50:07 ----D---- C:\Documents and Settings
2008-11-06 06:47:42 ----SH---- C:\boot.ini
2008-11-06 06:41:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-06 06:41:25 ----RSD---- C:\WINDOWS\Fonts
2008-11-06 06:41:25 ----RD---- C:\WINDOWS\Web
2008-11-06 06:41:25 ----HD---- C:\WINDOWS\inf
2008-11-06 06:41:25 ----D---- C:\WINDOWS\WinSxS
2008-11-06 06:41:25 ----D---- C:\WINDOWS\twain_32
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Temp
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\wins
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\wbem
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\usmt
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\spool
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\ShellExt
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\Setup
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\ras
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\oobe
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\npp
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\mui
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\IME
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\icsxml
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\ias
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\export
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\drivers
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\dhcp
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\config
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\3com_dmi
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\3076
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\2052
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1054
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1042
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1041
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1037
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1033
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1031
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1028
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32\1025
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system32
2008-11-06 06:41:25 ----D---- C:\WINDOWS\system
2008-11-06 06:41:25 ----D---- C:\WINDOWS\security
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Resources
2008-11-06 06:41:25 ----D---- C:\WINDOWS\repair
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Provisioning
2008-11-06 06:41:25 ----D---- C:\WINDOWS\PeerNet
2008-11-06 06:41:25 ----D---- C:\WINDOWS\pchealth
2008-11-06 06:41:25 ----D---- C:\WINDOWS\mui
2008-11-06 06:41:25 ----D---- C:\WINDOWS\msapps
2008-11-06 06:41:25 ----D---- C:\WINDOWS\msagent
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Media
2008-11-06 06:41:25 ----D---- C:\WINDOWS\java
2008-11-06 06:41:25 ----D---- C:\WINDOWS\ime
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Help
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Driver Cache
2008-11-06 06:41:25 ----D---- C:\WINDOWS\dell
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Debug
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Cursors
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Connection Wizard
2008-11-06 06:41:25 ----D---- C:\WINDOWS\Config
2008-11-06 06:41:25 ----D---- C:\WINDOWS\AppPatch
2008-11-06 06:41:25 ----D---- C:\WINDOWS\addins
2008-11-06 06:41:25 ----D---- C:\WINDOWS
2008-11-05 20:34:05 ----D---- C:\WINDOWS\WBEM
2008-11-05 20:34:03 ----D---- C:\WINDOWS\system32\en-US
2008-11-05 20:31:42 ----HDC---- C:\WINDOWS\ie7
2008-11-05 20:31:11 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-05 20:30:55 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-11-05 20:30:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-05 20:30:06 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-05 20:29:58 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-11-05 20:29:58 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-05 20:29:50 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-11-05 20:23:59 ----HD---- C:\$AVG8.VAULT$
2008-11-05 20:17:24 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-05 20:16:59 ----N---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-11-05 20:16:58 ----N---- C:\WINDOWS\soundman.exe
2008-11-05 20:16:58 ----A---- C:\WINDOWS\ALCXMNTR.EXE
2008-11-05 20:16:57 ----N---- C:\WINDOWS\system32\ChCfg.exe
2008-11-05 20:16:56 ----N---- C:\WINDOWS\system32\RTLCPL.exe
2008-11-05 20:16:55 ----N---- C:\WINDOWS\alcupd.exe
2008-11-05 20:16:55 ----N---- C:\WINDOWS\alcrmv.exe
2008-11-05 20:13:34 ----D---- C:\Program Files\Lavasoft
2008-11-05 20:13:34 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-11-05 20:12:30 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-05 20:09:58 ----D---- C:\Documents and Settings\User\Application Data\AVGTOOLBAR
2008-11-05 20:09:40 ----D---- C:\Program Files\AVG
2008-11-05 20:09:39 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-11-05 20:02:05 ----D---- C:\Documents and Settings\User\Application Data\Help
2008-11-05 19:58:42 ----A---- C:\WINDOWS\Brownie.ini
2008-11-05 19:56:45 ----RSD---- C:\WINDOWS\assembly
2008-11-05 19:56:45 ----D---- C:\WINDOWS\Microsoft.NET
2008-11-05 19:56:42 ----D---- C:\WINDOWS\system32\URTTemp
2008-11-05 19:55:58 ----N---- C:\WINDOWS\system32\ati2sgag.exe
2008-11-05 19:55:49 ----RA---- C:\WINDOWS\system32\atiiiexx.dll
2008-11-05 19:55:30 ----D---- C:\Program Files\ATI Technologies
2008-11-05 19:45:12 ----A---- C:\WINDOWS\system32\brss01a.ini
2008-11-05 19:45:11 ----A---- C:\WINDOWS\BRWMARK.INI
2008-11-05 19:45:11 ----A---- C:\WINDOWS\BRPP2KA.INI
2008-11-05 19:43:59 ----A---- C:\WINDOWS\system32\bsplmf01.exe
2008-11-05 19:43:59 ----A---- C:\WINDOWS\system32\bsplmf01.dll
2008-11-05 19:43:59 ----A---- C:\WINDOWS\system32\BrWia04a.dll
2008-11-05 19:43:58 ----N---- C:\WINDOWS\system32\brinsstr.dll
2008-11-05 19:43:58 ----A---- C:\WINDOWS\system32\BrUSi04a.dll
2008-11-05 19:43:58 ----A---- C:\WINDOWS\system32\brsvc01a.exe
2008-11-05 19:43:58 ----A---- C:\WINDOWS\system32\brss01a.exe
2008-11-05 19:43:57 ----N---- C:\WINDOWS\system32\Brmfrmps.exe
2008-11-05 19:43:49 ----N---- C:\WINDOWS\system32\Pdrvinst.dll
2008-11-05 19:43:49 ----N---- C:\WINDOWS\system32\Brwebup.exe
2008-11-05 19:43:49 ----N---- C:\WINDOWS\system32\BrWebIns.dll
2008-11-05 19:43:46 ----D---- C:\Program Files\Brother
2008-11-05 19:43:46 ----D---- C:\Brother
2008-11-05 19:43:44 ----N---- C:\WINDOWS\brunin03.dll
2008-11-05 19:42:06 ----A---- C:\WINDOWS\maxlink.ini
2008-11-05 19:41:55 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-05 19:41:30 ----D---- C:\Program Files\Common Files\ScanSoft Shared
2008-11-05 19:41:24 ----D---- C:\Program Files\ScanSoft
2008-11-05 19:41:24 ----D---- C:\Documents and Settings\All Users\Application Data\ScanSoft
2008-11-05 19:40:51 ----D---- C:\Program Files\Common Files\InstallShield
2008-11-05 19:40:28 ----D---- C:\Documents and Settings\All Users\Application Data\Brother
2008-11-05 19:30:02 ----D---- C:\Documents and Settings\User\Application Data\Identities
2008-11-05 19:30:00 ----HD---- C:\Program Files\Uninstall Information
2008-11-05 19:29:47 ----ASH---- C:\Documents and Settings\User\Application Data\desktop.ini
2008-11-05 19:29:46 ----SD---- C:\Documents and Settings\User\Application Data\Microsoft
2008-11-05 19:26:40 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-05 19:26:37 ----D---- C:\WINDOWS\Prefetch
2008-11-05 19:26:36 ----SD---- C:\WINDOWS\system32\Microsoft
2008-11-05 19:26:36 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-05 19:02:09 ----SHD---- C:\System Volume Information
2008-11-05 18:55:37 ----D---- C:\WINDOWS\system32\xircom
2008-11-05 18:55:37 ----D---- C:\Program Files\xerox
2008-11-05 18:55:37 ----D---- C:\Program Files\microsoft frontpage
2008-11-05 18:55:30 ----D---- C:\DELL
2008-11-05 18:55:10 ----A---- C:\WINDOWS\control.ini
2008-11-05 18:55:10 ----A---- C:\AUTOEXEC.BAT
2008-11-05 18:54:45 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-05 18:54:35 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-11-05 18:52:41 ----RD---- C:\WINDOWS\Offline Web Pages
2008-11-05 18:52:40 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-05 18:52:40 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-11-05 18:52:29 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-11-05 18:52:19 ----HD---- C:\Program Files\WindowsUpdate
2008-11-05 18:51:41 ----D---- C:\WINDOWS\system32\DirectX
2008-11-05 18:49:52 ----A---- C:\WINDOWS\system32\atrace.dll
2008-11-05 18:49:50 ----A---- C:\WINDOWS\system32\desktop.ini
2008-11-05 18:49:50 ----A---- C:\WINDOWS\desktop.ini
2008-11-05 18:49:42 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-11-05 18:49:41 ----D---- C:\Program Files\Common Files\Services
2008-11-05 18:49:41 ----A---- C:\WINDOWS\system32\acctres.dll
2008-11-05 18:49:38 ----SD---- C:\WINDOWS\Tasks
2008-11-05 18:49:38 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-11-05 18:49:37 ----D---- C:\Program Files\Common Files\MSSoap
2008-11-05 18:49:32 ----D---- C:\WINDOWS\srchasst
2008-11-05 18:49:31 ----D---- C:\WINDOWS\system32\Macromed
2008-11-05 18:49:29 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-11-05 18:49:29 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wups.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-05 18:49:28 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-05 18:49:27 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-05 18:49:27 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-05 18:49:23 ----D---- C:\Program Files\Movie Maker
2008-11-05 18:49:19 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-05 18:49:19 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-05 18:49:19 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-05 18:49:18 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-05 18:49:15 ----D---- C:\WINDOWS\system32\Restore
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-11-05 18:49:15 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-05 18:49:14 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-05 18:49:13 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-05 18:49:13 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-05 18:49:10 ----D---- C:\Program Files\NetMeeting
2008-11-05 18:49:10 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-05 18:49:10 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-05 18:49:09 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-05 18:49:09 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-05 18:49:07 ----D---- C:\Program Files\Outlook Express
2008-11-05 18:49:07 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-05 18:49:07 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-05 18:49:07 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-05 18:49:06 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-05 18:49:01 ----D---- C:\Program Files\Common Files\System
2008-11-05 18:48:57 ----D---- C:\Program Files\Internet Explorer
2008-11-05 18:48:33 ----D---- C:\Program Files\ComPlus Applications
2008-11-05 18:48:28 ----A---- C:\WINDOWS\vbaddin.ini
2008-11-05 18:48:28 ----A---- C:\WINDOWS\vb.ini
2008-11-05 18:48:17 ----D---- C:\WINDOWS\Registration
2008-11-05 18:47:23 ----D---- C:\Program Files\Online Services
2008-11-05 18:47:22 ----D---- C:\Program Files\Windows Media Player
2008-11-05 18:47:12 ----D---- C:\Program Files\Messenger
2008-11-05 18:47:08 ----D---- C:\Program Files\MSN Gaming Zone
2008-11-05 18:47:08 ----A---- C:\WINDOWS\system32\write.exe
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\hticons.dll
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\avwav.dll
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-11-05 18:46:56 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-11-05 18:46:55 ----A---- C:\WINDOWS\system32\winchat.exe
2008-11-05 18:46:47 ----A---- C:\WINDOWS\system32\getuname.dll
2008-11-05 18:46:47 ----A---- C:\WINDOWS\system32\charmap.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\winmine.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\sol.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-11-05 18:46:46 ----A---- C:\WINDOWS\system32\calc.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tskill.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\tscon.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\shadow.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\reset.exe
2008-11-05 18:46:45 ----A---- C:\WINDOWS\system32\freecell.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\regini.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\msg.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\logoff.exe
2008-11-05 18:46:44 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-05 18:46:43 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-05 18:46:42 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-05 18:46:42 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-05 18:46:36 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-11-05 18:46:23 ----D---- C:\Program Files\MSN
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-05 18:46:22 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-05 18:46:21 ----D---- C:\Program Files\Windows NT
2008-11-05 18:46:21 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-05 18:46:21 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-05 18:46:20 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-05 18:46:19 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-05 18:46:18 ----D---- C:\WINDOWS\system32\MsDtc
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-05 18:46:18 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-05 18:46:17 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-05 18:46:16 ----D---- C:\WINDOWS\system32\Com
2008-11-05 18:46:16 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-05 18:46:15 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-05 18:46:14 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-05 18:46:14 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-05 18:46:09 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-05 18:46:09 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-05 18:46:08 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-05 18:46:08 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 3 months======

2008-11-06 06:51:50 ----A---- C:\WINDOWS\system.ini
2008-11-05 19:53:12 ----A---- C:\WINDOWS\win.ini
2008-10-16 05:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-04 06:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-08-27 21:24:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 20:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\occache.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\mstime.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msrating.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 20:24:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 20:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 20:24:29 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 20:24:29 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 20:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 21:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 21:37:59 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-23 18:54:51 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-08-14 23:00:45 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 22:22:13 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AmdK7;AMD K7 Processor Driver; C:\WINDOWS\system32\DRIVERS\amdk7.sys [2004-08-13 37376]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-11-06 96520]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-11-06 26184]
R2 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-11-06 75272]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2004-08-04 11868]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2004-10-01 2279424]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2004-12-01 873984]
R3 BrScnUsb;Brother USB Still Image driver; C:\WINDOWS\System32\Drivers\BrScnUsb.sys [2003-12-19 15263]
R3 catchme;catchme; \??\C:\DOCUME~1\User\LOCALS~1\Temp\catchme.sys []
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSFDPSP2.sys [2004-08-04 1041536]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\system32\DRIVERS\HSFBS2S2.sys [2004-08-04 220032]
R3 ndiscm;Motorola SurfBoard USB Cable Modem Windows Driver; C:\WINDOWS\system32\DRIVERS\NetMotCM.sys [2003-01-08 15400]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-13 61824]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-13 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-13 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-13 17024]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSFCXTS2.sys [2004-08-04 685056]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-11-06 611664]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2004-12-01 425984]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-11-06 902424]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-11-06 282904]
R2 brmfrmps;Brother Popup Suspend service for Resource manager; C:\WINDOWS\system32\Brmfrmps.exe [2003-05-05 65536]
R2 Brother XP spl Service;BrSplService; C:\WINDOWS\system32\brsvc01a.exe [2002-04-12 57344]
S2 ATI Smart;ATI Smart; C:\WINDOWS\system32\ati2sgag.exe [2004-11-30 516096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]

-----------------EOF-----------------

 

I owe you an apology for this terrible late reply....

I did not receive an Email notice to your reply.


We can take this a step further to check for anything malicious.

Please delete SDFix
C:\SDFix\backups <--delete this folder



Go to Start > Control Panel > Internet Options
In the General tab, Temporary Internet Files, click:Delete Files When prompted, check:Delete all offline content
You can also check: Delete Cookies (You will have to re-enter passwords at websites that require them.)
Click OK

For I.E. 7 - under Browsing History, click delete... Under Temporary Internet Files, click Delete files...

Then, go to Start >Run and enter: cleanmgr
Select the drive to clean: C:\
Check the following boxes and then press OK to remove:
Temporary Files
Temporary Internet Files
RecycleBin
Agree to the prompt to perform the action...


Please download ATF Cleaner by Atribune From Here and save it to your Desktop.
Follow the instructions for the browser you use.
Read the instructions about the cookies. Delete what you do not need.

Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:
Windows Temp
Current User Temp
All Users Temp
Temporary Internet Files
Java Cache
The rest are optional - if you want to remove the lot, check "Select All ".
Finally click Empty Selected. When you get the "Done Cleaning " message, click OK.
If you use the Firefox or Opera browsers, you can use this program
as a quick way to tidy those up as well.
When you have finished, click on the Exit button in the Main menu.
========================







NEXT**
I'd like for you to run this next online scan to check for remnants or anything that might be hidden.
The below scan can take up to an hour or longer, please be patient.

*Note
It is recommended to disable onboard antivirus program and antispyware programs while performing scans so no conflicts and to speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once scan is finished remember to re-enable resident antivirus protection along with whatever antispyware app you use.


Using Internet Explorer, visit http://www.kaspersky.com/service?chapter=161739400

Please do a scan with Kaspersky Online Scanner or from here
http://www.kaspersky.com/virusscanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
[*]The program will install and then begin downloading the latest definition
files.
[*]After the files have been downloaded on the left side of the page in the Scan section select My Computer.
[*]This will start the program and scan your system.
[*]The scan will take a while, so be patient and let it run. (At times it may appear to stall)
* Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
* Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
* Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.

[*]Once the scan is complete, click on View scan report To obtain the report:
Click on: Save Report As
Next, in the Save as prompt, Save in area, select: Desktop
In the File name area, use KScan, or something similar In Save as type, click the drop arrow and select:
Text file [*.txt]
Then, click: Save
Please post the Kaspersky Online Scanner Report in
your reply.

Animated tutorial
http://i275.photobucket.com/albums/jj285/Bleeping/KAS/KAS9.gif

(Note.. for Internet Explorer 7 users:
If at any time you have trouble with the "Accept" button of the license, click on the "Zoom" tool located at the bottom right of the IE window and set the zoom to 75 %. Once the license has been accepted, reset to 100%.)
Or use Firefox with IE-Tab plugin
https://addons.mozilla.org/en-US/firefox/addon/1419


In your next reply post:
Kaspersky log
New HJT log taken after the above scans have run