Active Please help me with Win 32 : Sality

[Active] Please help me with Win 32 : Sality

The problem occured when I added my friend's hard disk to my pc. After adding the hard disk, i ran my pc and it came to desktop but no task bar came. I brought windows task manager and logged off and looged on. This time task bar came. everything was ok. I tried to copy one of my friend's games but when i entered the folder, my Avast told about virus. As it was found in my friend's hard disk, he requested me no to delete. I didn't delete and copied the game with virus. Then I unpluged my friend's hard disk after we shared some songs, videos etc. I turned antivirus off and played the game which *exe was infected. Everything was ok. I exited the game and tried to start the anitivirus again but pc restarted. It started but again the same problem, task bar was dissappeared. Then i brought task manager, logged off, logged on and everything was ok. I deleted the game. I ran Firefox but avast said it was infected by win 32 : sality. i moved it to chest. Then ran avast anitivirus. When avast ran, it did a memory check and found infected file and proposed me to do a boot time scan. I did so and saw that most of my *exe files are affected by win 32 : sality. i moved to chest some file and avast deleted a lot of files. Most of my softwares like firefox, frostwire, nokia pc suite, nokia application manager, registry machine, and a lot of files from System volume information was deleted. Now, my pc is running but those softwares r missing because their *exe files were deleted on avast boot scan. I want to know is my computer completey free from the virus now ? has it gone ? please help me.

 

thank you for welcoming. i have done what you have said. here is the post of log report :

Logfile of random's system information tool 1.05 (written by random/random)
Run by Swagata at 2009-01-03 19:55:37
Microsoft Windows XP Professional Service Pack 2
System drive C: has 10 GB (65%) free of 15 GB
Total RAM: 255 MB (20% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:55:46 PM, on 1/3/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\trend micro\Swagata.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
C:\Program Files\FlashGet\flashget.exe
C:\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Swagata.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = search.speedbit.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Yahoo!
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe "
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RegMech.exe /H
O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1229201021963
O17 - HKLM\System\CCS\Services\Tcpip\..\{54D660B7-826A-44D9-BCB9-2C2072841913}: NameServer = 202.56.4.120 202.56.4.121
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 5602 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2F364306-AA45-47B5-9F9D-39A8B94E7EF7}]
FGCatchUrl - C:\Program Files\FlashGet\jccatch.dll [2007-08-06 94308]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-26 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-26 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-12-26 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F156768E-81EF-470C-9057-481BA8380DBA}]
FlashGet GetFlash Class - C:\Program Files\FlashGet\getflash.dll [2007-05-18 163840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMan "=C:\WINDOWS\SOUNDMAN.EXE [2006-03-01 577536]
"avast! "=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-11-26 81000]
"UnlockerAssistant "=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2004-10-29 4620288]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"RegistryMechanic "=C:\Program Files\Registry Mechanic\RegMech.exe [2008-07-08 2828184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-03-20 213936]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Nokia.PCSync]
C:\Program Files\Nokia\Nokia PC Suite 6\PCSync2.exe [2008-03-26 1232896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvCplDaemon]
C:\WINDOWS\system32\NvCpl.dll [2004-10-29 4620288]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NvMediaCenter]
C:\WINDOWS\system32\NvMcTray.dll [2004-10-29 86016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nwiz]
nwiz.exe /install []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PermissionResearch]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RegistryMechanic]
C:\Program Files\Registry Mechanic\regmech.exe [2008-07-08 2828184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-26 136600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"wscsvc "=2

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-05-09 52224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1
"EnableLUA "=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\InterVideo\DVD8\WinDVD.exe "= "C:\Program Files\InterVideo\DVD8\WinDVD.exe:*:Enabled:WinDVD "
"C:\Program Files\DFX\WMP\Apps\dfxgApp.exe "= "C:\Program Files\DFX\WMP\Apps\dfxgApp.exe:*isabled:dfxgApp.exe "
"C:\Documents and Settings\Swagata\Local Settings\Temp\~os6.tmp\ossproxy.exe "= "C:\Documents and Settings\Swagata\Local Settings\Temp\~os6.tmp\ossproxy.exe:*:Enabledssproxy.exe "
"C:\Program Files\FlashGet\FlashGet.exe "= "C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget "
"K:\ggame\GTA San Andreas\gta_sa.exe "= "K:\ggame\GTA San Andreas\gta_sa.exe:*:Enabled:ipsec "
"C:\WINDOWS\Explorer.EXE "= "C:\WINDOWS\Explorer.EXE:*:Enabled:ipsec "
"E:\UNDER GROUND - 07\Speed.exe "= "E:\UNDER GROUND - 07\Speed.exe:*:Enabled:ipsec "
"C:\WINDOWS\SOUNDMAN.EXE "= "C:\WINDOWS\SOUNDMAN.EXE:*:Enabled:ipsec "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "

======List of files/folders created in the last 3 months======

2009-01-03 19:32:23 ----D---- C:\Program Files\trend micro
2009-01-03 19:32:21 ----D---- C:\rsit
2009-01-03 15:54:26 ----A---- C:\WINDOWS\system32\STKIT432.DLL
2009-01-03 15:54:22 ----D---- C:\Program Files\Registry Mechanic
2009-01-03 14:45:39 ----D---- C:\WINDOWS\Minidump
2009-01-03 14:15:09 ----D---- C:\Documents and Settings\All Users\Application Data\NFS Underground
2009-01-03 14:14:40 ----D---- C:\Program Files\Common Files\DirectX
2009-01-02 21:59:53 ----A---- C:\WINDOWS\system32\xvidcore.dll
2009-01-02 21:59:52 ----D---- C:\Program Files\Xvid
2009-01-02 21:59:52 ----A---- C:\WINDOWS\system32\xvidvfw.dll
2009-01-02 20:44:19 ----D---- C:\Program Files\Lonely Cat Games
2008-12-31 12:14:40 ----A---- C:\WINDOWS\system32\wbhelp2.dll
2008-12-30 18:53:24 ----A---- C:\WINDOWS\system32\BASSMOD.dll
2008-12-30 18:22:44 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-30 18:22:35 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit
2008-12-30 18:22:20 ----D---- C:\Program Files\DAP
2008-12-30 17:51:59 ----D---- C:\Program Files\CCleaner
2008-12-30 15:24:12 ----A---- C:\WINDOWS\system32\signsis.exe
2008-12-30 09:52:59 ----D---- C:\WINDOWS\Sun
2008-12-30 09:12:07 ----D---- C:\Documents and Settings\Swagata\Application Data\gtk-2.0
2008-12-30 09:10:51 ----D---- C:\Documents and Settings\Swagata\Application Data\.purple
2008-12-30 09:07:51 ----D---- C:\Program Files\Aspell
2008-12-30 09:05:55 ----D---- C:\Program Files\Pidgin
2008-12-30 09:05:41 ----D---- C:\Program Files\Common Files\GTK
2008-12-28 10:07:29 ----RSD---- C:\WINDOWS\assembly
2008-12-28 10:06:43 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-26 22:26:08 ----D---- C:\Documents and Settings\Swagata\Application Data\FrostWire
2008-12-26 15:04:08 ----A---- C:\WINDOWS\MegaManager.INI
2008-12-26 13:40:53 ----D---- C:\Documents and Settings\All Users\Application Data\Megaupload
2008-12-26 13:40:52 ----D---- C:\Documents and Settings\Swagata\Application Data\EmailNotifier
2008-12-26 13:40:52 ----D---- C:\Documents and Settings\All Users\Application Data\EmailNotifier
2008-12-26 13:40:06 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-26 13:40:06 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-26 13:40:06 ----A---- C:\WINDOWS\system32\java.exe
2008-12-26 13:40:06 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-12-26 13:39:45 ----D---- C:\Program Files\Java
2008-12-26 13:39:27 ----D---- C:\Documents and Settings\Swagata\Application Data\Sun
2008-12-18 20:52:33 ----D---- C:\Documents and Settings\Swagata\Application Data\DepositFiles Uploader
2008-12-15 00:05:27 ----HD---- C:\WINDOWS\PIF
2008-12-14 19:46:51 ----D---- C:\Program Files\Mozilla Firefox
2008-12-14 19:16:06 ----D---- C:\Documents and Settings\Swagata\Application Data\Mozilla
2008-12-14 14:56:16 ----A---- C:\WINDOWS\Webmessenger.INI
2008-12-14 14:54:27 ----A---- C:\WINDOWS\system32\msrepl35.dll
2008-12-14 14:54:27 ----A---- C:\WINDOWS\system32\Msrd2x35.dll
2008-12-14 14:54:27 ----A---- C:\WINDOWS\system32\msjet35.dll
2008-12-14 14:54:25 ----A---- C:\WINDOWS\system32\MSJTER35.DLL
2008-12-14 14:54:25 ----A---- C:\WINDOWS\system32\MSJINT35.DLL
2008-12-14 14:29:13 ----HDC---- C:\WINDOWS\$NtUninstallWudf01005$
2008-12-14 13:39:50 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-14 13:39:46 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-14 13:39:37 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-12-14 13:13:02 ----D---- C:\Program Files\Unlocker
2008-12-14 13:09:04 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-12-14 13:08:14 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-12-14 12:53:45 ----D---- C:\Documents and Settings\Swagata\Application Data\InterVideo
2008-12-14 12:47:51 ----D---- C:\Documents and Settings\All Users\Application Data\InstallShield
2008-12-14 12:47:21 ----D---- C:\Program Files\Common Files\InterVideo
2008-12-14 12:46:56 ----D---- C:\Program Files\InterVideo
2008-12-14 12:46:07 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2008-12-14 12:46:07 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2008-12-14 12:46:06 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2008-12-14 12:46:05 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2008-12-14 12:46:05 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2008-12-14 12:46:05 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2008-12-14 12:46:05 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2008-12-14 12:46:04 ----A---- C:\WINDOWS\system32\XAudio2_2.dll
2008-12-14 12:46:04 ----A---- C:\WINDOWS\system32\XAPOFX1_1.dll
2008-12-14 12:46:04 ----A---- C:\WINDOWS\system32\xactengine3_2.dll
2008-12-14 12:46:03 ----A---- C:\WINDOWS\system32\D3DX9_39.dll
2008-12-14 12:46:03 ----A---- C:\WINDOWS\system32\d3dx10_39.dll
2008-12-14 12:46:03 ----A---- C:\WINDOWS\system32\D3DCompiler_39.dll
2008-12-14 12:46:02 ----A---- C:\WINDOWS\system32\XAudio2_1.dll
2008-12-14 12:46:02 ----A---- C:\WINDOWS\system32\XAPOFX1_0.dll
2008-12-14 12:46:02 ----A---- C:\WINDOWS\system32\xactengine3_1.dll
2008-12-14 12:46:01 ----A---- C:\WINDOWS\system32\X3DAudio1_4.dll
2008-12-14 12:46:01 ----A---- C:\WINDOWS\system32\d3dx10_38.dll
2008-12-14 12:46:01 ----A---- C:\WINDOWS\system32\D3DCompiler_38.dll
2008-12-14 12:46:00 ----A---- C:\WINDOWS\system32\XAudio2_0.dll
2008-12-14 12:46:00 ----A---- C:\WINDOWS\system32\D3DX9_38.dll
2008-12-14 12:45:59 ----A---- C:\WINDOWS\system32\xactengine3_0.dll
2008-12-14 12:45:59 ----A---- C:\WINDOWS\system32\X3DAudio1_3.dll
2008-12-14 12:45:58 ----A---- C:\WINDOWS\system32\D3DX9_37.dll
2008-12-14 12:45:58 ----A---- C:\WINDOWS\system32\d3dx10_37.dll
2008-12-14 12:45:58 ----A---- C:\WINDOWS\system32\D3DCompiler_37.dll
2008-12-14 12:45:57 ----A---- C:\WINDOWS\system32\xactengine2_10.dll
2008-12-14 12:45:57 ----A---- C:\WINDOWS\system32\d3dx10_36.dll
2008-12-14 12:45:56 ----A---- C:\WINDOWS\system32\d3dx9_36.dll
2008-12-14 12:45:56 ----A---- C:\WINDOWS\system32\D3DCompiler_36.dll
2008-12-14 12:45:55 ----A---- C:\WINDOWS\system32\xactengine2_9.dll
2008-12-14 12:45:55 ----A---- C:\WINDOWS\system32\d3dx10_35.dll
2008-12-14 12:45:55 ----A---- C:\WINDOWS\system32\D3DCompiler_35.dll
2008-12-14 12:45:54 ----A---- C:\WINDOWS\system32\d3dx9_35.dll
2008-12-14 12:45:53 ----A---- C:\WINDOWS\system32\xactengine2_8.dll
2008-12-14 12:45:53 ----A---- C:\WINDOWS\system32\X3DAudio1_2.dll
2008-12-14 12:45:53 ----A---- C:\WINDOWS\system32\d3dx10_34.dll
2008-12-14 12:45:53 ----A---- C:\WINDOWS\system32\D3DCompiler_34.dll
2008-12-14 12:45:52 ----A---- C:\WINDOWS\system32\xinput1_3.dll
2008-12-14 12:45:52 ----A---- C:\WINDOWS\system32\d3dx9_34.dll
2008-12-14 12:45:51 ----A---- C:\WINDOWS\system32\xactengine2_7.dll
2008-12-14 12:45:50 ----A---- C:\WINDOWS\system32\d3dx10_33.dll
2008-12-14 12:45:50 ----A---- C:\WINDOWS\system32\D3DCompiler_33.dll
2008-12-14 12:45:49 ----A---- C:\WINDOWS\system32\d3dx9_33.dll
2008-12-14 12:45:48 ----A---- C:\WINDOWS\system32\xactengine2_6.dll
2008-12-14 12:45:48 ----A---- C:\WINDOWS\system32\xactengine2_5.dll
2008-12-14 12:45:47 ----A---- C:\WINDOWS\system32\xactengine2_4.dll
2008-12-14 12:45:47 ----A---- C:\WINDOWS\system32\x3daudio1_1.dll
2008-12-14 12:45:47 ----A---- C:\WINDOWS\system32\d3dx9_32.dll
2008-12-14 12:45:47 ----A---- C:\WINDOWS\system32\d3dx9_31.dll
2008-12-14 12:45:46 ----A---- C:\WINDOWS\system32\xinput1_2.dll
2008-12-14 12:45:46 ----A---- C:\WINDOWS\system32\xinput1_1.dll
2008-12-14 12:45:46 ----A---- C:\WINDOWS\system32\xactengine2_3.dll
2008-12-14 12:45:46 ----A---- C:\WINDOWS\system32\xactengine2_2.dll
2008-12-14 12:45:45 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
2008-12-14 12:45:45 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
2008-12-14 12:45:45 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
2008-12-14 12:45:45 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-12-14 12:45:44 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
2008-12-14 12:45:44 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-12-14 12:45:43 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
2008-12-14 12:45:43 ----A---- C:\WINDOWS\system32\d3dx9_27.dll
2008-12-14 12:45:42 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
2008-12-14 12:45:42 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
2008-12-14 12:45:40 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
2008-12-14 12:30:32 ----D---- C:\Program Files\DFX
2008-12-14 12:30:24 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-14 12:05:50 ----D---- C:\Documents and Settings\All Users\Application Data\DFX
2008-12-14 12:05:48 ----D---- C:\Program Files\Common Files\DFX
2008-12-14 11:41:42 ----D---- C:\WINDOWS\Logs
2008-12-14 11:34:26 ----D---- C:\Documents and Settings\Swagata\Application Data\Yahoo!
2008-12-14 11:31:09 ----D---- C:\Program Files\Yahoo!
2008-12-14 11:31:08 ----HD---- C:\WINDOWS\msdownld.tmp
2008-12-14 11:30:53 ----D---- C:\WINDOWS\WBEM
2008-12-14 11:30:52 ----D---- C:\WINDOWS\system32\en-US
2008-12-14 11:29:36 ----HDC---- C:\WINDOWS\ie7
2008-12-14 11:29:13 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-12-14 11:28:51 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-12-14 11:28:21 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-12-14 11:28:21 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-14 11:28:18 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-12-14 10:59:18 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-12-14 10:59:18 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-12-14 10:59:17 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-12-14 10:59:17 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-12-14 10:59:07 ----A---- C:\WINDOWS\system32\c_g18030.dll
2008-12-14 10:59:06 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-12-14 10:59:00 ----A---- C:\WINDOWS\system32\kbdlk41j.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbdlk41a.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbdibm02.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbdax2.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbd106n.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\kbd101.dll
2008-12-14 10:58:59 ----A---- C:\WINDOWS\system32\f3ahvoas.dll
2008-12-14 10:58:46 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-12-14 10:58:43 ----A---- C:\WINDOWS\system32\uniime.dll
2008-12-14 10:58:38 ----A---- C:\WINDOWS\system32\imjp81k.dll
2008-12-14 10:57:59 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-12-14 10:57:59 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-12-14 10:57:59 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-12-14 10:57:59 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-12-14 10:57:59 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-12-14 10:57:58 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-12-14 10:46:32 ----D---- C:\Documents and Settings\Swagata\Application Data\Adobe
2008-12-14 10:35:44 ----SHD---- C:\RECYCLER
2008-12-14 07:29:56 ----A---- C:\WINDOWS\system32\h323log.txt
2008-12-14 07:27:48 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-12-14 07:26:59 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2008-12-14 07:26:18 ----A---- C:\WINDOWS\system32\usbui.dll
2008-12-14 07:25:12 ----SHD---- C:\WINDOWS\Installer
2008-12-14 07:25:12 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-14 07:25:11 ----D---- C:\Program Files\Common Files\ODBC
2008-12-14 07:25:11 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-14 07:25:09 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-12-14 07:25:08 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-14 07:25:08 ----D---- C:\Program Files\Common Files
2008-12-14 07:25:08 ----D---- C:\Program Files
2008-12-14 07:25:05 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-12-14 07:25:05 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-12-14 07:25:05 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-12-14 07:25:04 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-12-14 07:25:02 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-12-14 07:25:02 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-12-14 07:25:02 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-12-14 07:25:02 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-12-14 07:25:02 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-12-14 07:25:02 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-12-14 07:25:02 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-12-14 07:25:01 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-12-14 07:25:01 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-12-14 07:25:01 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-12-14 07:25:01 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-12-14 07:25:01 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-12-14 07:25:00 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-12-14 07:24:59 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-12-14 07:24:59 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-12-14 07:24:59 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-12-14 07:24:59 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-12-14 07:24:59 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-12-14 07:24:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-14 07:24:57 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-14 07:24:57 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-12-14 07:24:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-12-14 07:24:57 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-12-14 07:24:55 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-12-14 07:24:55 ----A---- C:\WINDOWS\system32\batt.dll
2008-12-14 07:24:54 ----A---- C:\WINDOWS\NOTEPAD.EXE
2008-12-14 07:24:53 ----A---- C:\WINDOWS\system32\storprop.dll
2008-12-14 07:24:46 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-14 07:24:34 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-14 07:24:34 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-14 07:24:29 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-14 07:24:10 ----D---- C:\Documents and Settings
2008-12-14 07:23:14 ----SH---- C:\boot.ini
2008-12-14 07:22:48 ----SHD---- C:\System Volume Information
2008-12-14 07:19:52 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-14 07:19:52 ----RSD---- C:\WINDOWS\Fonts
2008-12-14 07:19:52 ----RD---- C:\WINDOWS\Web
2008-12-14 07:19:52 ----HD---- C:\WINDOWS\inf
2008-12-14 07:19:52 ----D---- C:\WINDOWS\WinSxS
2008-12-14 07:19:52 ----D---- C:\WINDOWS\twain_32
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Temp
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\wins
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\wbem
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\usmt
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\spool
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\ShellExt
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\Setup
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\ras
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\oobe
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\npp
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\mui
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\IME
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\icsxml
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\ias
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\export
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\drivers
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\dhcp
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\config
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\3com_dmi
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\3076
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\2052
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1054
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1042
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1041
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1037
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1033
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1031
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1028
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32\1025
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system32
2008-12-14 07:19:52 ----D---- C:\WINDOWS\system
2008-12-14 07:19:52 ----D---- C:\WINDOWS\security
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Resources
2008-12-14 07:19:52 ----D---- C:\WINDOWS\repair
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Provisioning
2008-12-14 07:19:52 ----D---- C:\WINDOWS\PeerNet
2008-12-14 07:19:52 ----D---- C:\WINDOWS\pchealth
2008-12-14 07:19:52 ----D---- C:\WINDOWS\mui
2008-12-14 07:19:52 ----D---- C:\WINDOWS\msapps
2008-12-14 07:19:52 ----D---- C:\WINDOWS\msagent
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Media
2008-12-14 07:19:52 ----D---- C:\WINDOWS\java
2008-12-14 07:19:52 ----D---- C:\WINDOWS\ime
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Help
2008-12-14 07:19:52 ----D---- C:\WINDOWS\ehome
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Driver Cache
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Debug
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Cursors
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Connection Wizard
2008-12-14 07:19:52 ----D---- C:\WINDOWS\Config
2008-12-14 07:19:52 ----D---- C:\WINDOWS\AppPatch
2008-12-14 07:19:52 ----D---- C:\WINDOWS\addins
2008-12-14 07:19:52 ----D---- C:\WINDOWS
2008-12-14 03:42:20 ----D---- C:\Program Files\WinRAR
2008-12-14 03:33:21 ----A---- C:\WINDOWS\system32\aswBoot.exe
2008-12-14 03:33:20 ----D---- C:\Program Files\Alwil Software
2008-12-14 02:54:21 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-12-14 02:54:12 ----D---- C:\Program Files\Windows Live
2008-12-14 02:54:05 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-12-14 02:53:31 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2008-12-14 02:49:44 ----D---- C:\Downloads
2008-12-14 02:48:20 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-12-14 02:48:20 ----A---- C:\WINDOWS\system32\wups2.dll
2008-12-14 02:48:20 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-12-14 02:48:20 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-12-14 02:48:20 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-12-14 02:41:41 ----D---- C:\Program Files\FlashGet
2008-12-14 02:19:43 ----A---- C:\WINDOWS\ModemLog_Nokia GSM Phone USB Modem.txt
2008-12-14 02:17:21 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-12-14 02:17:19 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-12-14 02:16:45 ----D---- C:\Documents and Settings\Swagata\Application Data\PC Suite
2008-12-14 02:16:44 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-12-14 02:16:28 ----D---- C:\Documents and Settings\Swagata\Application Data\Nokia
2008-12-14 02:16:09 ----D---- C:\Program Files\Common Files\PCSuite
2008-12-14 02:16:09 ----D---- C:\Program Files\Common Files\Nokia
2008-12-14 02:15:49 ----D---- C:\Program Files\DIFX
2008-12-14 02:15:42 ----D---- C:\Program Files\PC Connectivity Solution
2008-12-14 02:15:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-14 02:15:35 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-12-14 02:15:35 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2008-12-14 02:15:34 ----D---- C:\Program Files\Nokia
2008-12-14 02:15:34 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2008-12-14 02:13:00 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2008-12-14 02:12:15 ----D---- C:\Documents and Settings\Swagata\Application Data\Macromedia
2008-12-14 02:12:13 ----SHD---- C:\WINDOWS\ftpcache
2008-12-14 02:10:14 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-12-14 02:07:27 ----D---- C:\WINDOWS\nview
2008-12-14 02:07:27 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-12-14 02:06:48 ----D---- C:\NVIDIA
2008-12-14 01:56:02 ----R---- C:\WINDOWS\system32\ChCfg.exe
2008-12-14 01:55:34 ----R---- C:\WINDOWS\system32\RTLCPL.exe
2008-12-14 01:55:34 ----R---- C:\WINDOWS\system32\RtlCPAPI.dll
2008-12-14 01:55:33 ----R---- C:\WINDOWS\soundman.exe
2008-12-14 01:55:31 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-12-14 01:55:24 ----D---- C:\Program Files\Realtek AC97
2008-12-14 01:55:15 ----RA---- C:\WINDOWS\Alcrmv.exe
2008-12-14 01:55:15 ----R---- C:\WINDOWS\alcupd.exe
2008-12-14 01:55:15 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-14 01:55:05 ----D---- C:\Program Files\Common Files\InstallShield
2008-12-14 01:50:35 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-14 01:50:34 ----D---- C:\Program Files\Intel
2008-12-14 01:49:55 ----D---- C:\Program Files\MSXML 4.0
2008-12-14 01:49:49 ----D---- C:\TempEI4
2008-12-14 01:40:56 ----D---- C:\WINDOWS\pss
2008-12-14 01:39:51 ----D---- C:\Documents and Settings\Swagata\Application Data\Identities
2008-12-14 01:39:50 ----HD---- C:\Program Files\Uninstall Information
2008-12-14 01:39:45 ----SD---- C:\Documents and Settings\Swagata\Application Data\Microsoft
2008-12-14 01:39:45 ----ASH---- C:\Documents and Settings\Swagata\Application Data\desktop.ini
2008-12-14 01:38:38 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-14 01:38:36 ----D---- C:\WINDOWS\Prefetch
2008-12-14 01:38:35 ----SD---- C:\WINDOWS\system32\Microsoft
2008-12-14 01:38:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-14 01:35:15 ----D---- C:\WINDOWS\system32\xircom
2008-12-14 01:35:15 ----D---- C:\Program Files\xerox
2008-12-14 01:35:14 ----D---- C:\Program Files\microsoft frontpage
2008-12-14 01:34:56 ----A---- C:\WINDOWS\control.ini
2008-12-14 01:34:56 ----A---- C:\AUTOEXEC.BAT
2008-12-14 01:34:42 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-12-14 01:33:53 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-14 01:33:53 ----RD---- C:\WINDOWS\Offline Web Pages
2008-12-14 01:33:53 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-14 01:33:48 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-14 01:33:44 ----HD---- C:\Program Files\WindowsUpdate
2008-12-14 01:33:27 ----D---- C:\WINDOWS\system32\DirectX
2008-12-14 01:33:12 ----A---- C:\WINDOWS\system32\atrace.dll
2008-12-14 01:33:10 ----A---- C:\WINDOWS\system32\desktop.ini
2008-12-14 01:33:10 ----A---- C:\WINDOWS\desktop.ini
2008-12-14 01:33:05 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-12-14 01:33:04 ----A---- C:\WINDOWS\system32\acctres.dll
2008-12-14 01:33:03 ----D---- C:\Program Files\Common Files\Services
2008-12-14 01:33:02 ----SD---- C:\WINDOWS\Tasks
2008-12-14 01:33:02 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-12-14 01:33:01 ----D---- C:\Program Files\Common Files\MSSoap
2008-12-14 01:32:58 ----D---- C:\WINDOWS\system32\Macromed
2008-12-14 01:32:58 ----D---- C:\WINDOWS\srchasst
2008-12-14 01:32:55 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-12-14 01:32:55 ----A---- C:\WINDOWS\system32\wups.dll
2008-12-14 01:32:55 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-12-14 01:32:55 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-12-14 01:32:55 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-12-14 01:32:55 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-12-14 01:32:55 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-12-14 01:32:54 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-12-14 01:32:54 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-12-14 01:32:54 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-12-14 01:32:54 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-12-14 01:32:54 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-12-14 01:32:54 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-12-14 01:32:51 ----D---- C:\Program Files\Movie Maker
2008-12-14 01:32:48 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-12-14 01:32:48 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-12-14 01:32:48 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-12-14 01:32:48 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-12-14 01:32:46 ----A---- C:\WINDOWS\system32\fltMc.exe
2008-12-14 01:32:46 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-12-14 01:32:45 ----D---- C:\WINDOWS\system32\Restore
2008-12-14 01:32:45 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-12-14 01:32:45 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-12-14 01:32:45 ----A---- C:\WINDOWS\system32\srclient.dll
2008-12-14 01:32:45 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-12-14 01:32:45 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-12-14 01:32:45 ----A---- C:\WINDOWS\system32\ils.dll
2008-12-14 01:32:44 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-12-14 01:32:44 ----A---- C:\WINDOWS\system32\msconf.dll
2008-12-14 01:32:44 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-12-14 01:32:42 ----D---- C:\Program Files\NetMeeting
2008-12-14 01:32:42 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-12-14 01:32:42 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-12-14 01:32:41 ----A---- C:\WINDOWS\system32\inetres.dll
2008-12-14 01:32:41 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-12-14 01:32:40 ----D---- C:\Program Files\Outlook Express
2008-12-14 01:32:40 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-12-14 01:32:40 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-12-14 01:32:40 ----A---- C:\WINDOWS\system32\mstask.dll
2008-12-14 01:32:39 ----A---- C:\WINDOWS\system32\isign32.dll
2008-12-14 01:32:39 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-12-14 01:32:39 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-12-14 01:32:39 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-12-14 01:32:35 ----D---- C:\Program Files\Common Files\System
2008-12-14 01:32:34 ----D---- C:\Program Files\Internet Explorer
2008-12-14 01:32:01 ----D---- C:\Program Files\ComPlus Applications
2008-12-14 01:31:59 ----A---- C:\WINDOWS\vbaddin.ini
2008-12-14 01:31:59 ----A---- C:\WINDOWS\vb.ini
2008-12-14 01:31:55 ----D---- C:\WINDOWS\Registration
2008-12-14 01:31:48 ----D---- C:\Program Files\Windows Media Player
2008-12-14 01:31:48 ----D---- C:\Program Files\Online Services
2008-12-14 01:31:42 ----D---- C:\Program Files\Messenger
2008-12-14 01:31:39 ----D---- C:\Program Files\MSN Gaming Zone
2008-12-14 01:31:39 ----A---- C:\WINDOWS\system32\write.exe
2008-12-14 01:31:33 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-12-14 01:31:32 ----A---- C:\WINDOWS\system32\winchat.exe
2008-12-14 01:31:32 ----A---- C:\WINDOWS\system32\hticons.dll
2008-12-14 01:31:32 ----A---- C:\WINDOWS\system32\avwav.dll
2008-12-14 01:31:32 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-12-14 01:31:32 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-12-14 01:31:27 ----A---- C:\WINDOWS\system32\getuname.dll
2008-12-14 01:31:27 ----A---- C:\WINDOWS\system32\charmap.exe
2008-12-14 01:31:27 ----A---- C:\WINDOWS\system32\calc.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\winmine.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\tskill.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\tscon.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\sol.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\reset.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-12-14 01:31:26 ----A---- C:\WINDOWS\system32\freecell.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\shadow.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\regini.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\msg.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\logoff.exe
2008-12-14 01:31:25 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\stclient.dll
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-12-14 01:31:24 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-12-14 01:31:20 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-12-14 01:31:12 ----D---- C:\Program Files\MSN
2008-12-14 01:31:12 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-12-14 01:31:12 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-12-14 01:31:11 ----D---- C:\Program Files\Windows NT
2008-12-14 01:31:11 ----A---- C:\WINDOWS\system32\spider.exe
2008-12-14 01:31:11 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-12-14 01:31:11 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-12-14 01:31:11 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-12-14 01:31:11 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-12-14 01:31:10 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-12-14 01:31:10 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-12-14 01:31:10 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-12-14 01:31:10 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-12-14 01:31:10 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-12-14 01:31:10 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-12-14 01:31:10 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-12-14 01:31:09 ----D---- C:\WINDOWS\system32\MsDtc
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-12-14 01:31:09 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-12-14 01:31:08 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-12-14 01:31:08 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-12-14 01:31:08 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-12-14 01:31:08 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-12-14 01:31:08 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-12-14 01:31:07 ----D---- C:\WINDOWS\system32\Com
2008-12-14 01:31:07 ----A---- C:\WINDOWS\system32\comuid.dll
2008-12-14 01:31:07 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-12-14 01:31:07 ----A---- C:\WINDOWS\system32\colbact.dll
2008-12-14 01:31:07 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-12-14 01:31:07 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-12-14 01:31:07 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-12-14 01:31:07 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-12-14 01:31:06 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-12-14 01:31:01 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-12-14 01:31:01 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-12-14 01:31:01 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-12-14 01:31:01 ----A---- C:\WINDOWS\system32\cmprops.dll

======List of files/folders modified in the last 3 months======

2009-01-03 13:50:25 ----A---- C:\WINDOWS\system.ini
2009-01-03 12:24:37 ----A---- C:\WINDOWS\win.ini
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2008-11-26 26944]
R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2008-11-26 111184]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2008-11-26 50864]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-04 14848]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2008-11-26 20560]
R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2008-11-26 94032]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2006-03-01 3959360]
R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2008-11-26 23152]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-07 9600]
R3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2007-11-29 16896]
R3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2007-11-29 19328]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-10-29 2826944]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-04 20992]
R3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2007-11-29 8064]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-04 31616]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbser;Nokia USB Serial Port; C:\WINDOWS\system32\DRIVERS\usbser.sys [2004-08-03 25600]
R3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2007-11-29 8064]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2004-08-04 20480]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-15 82688]
S3 aic32p;aic32p; \??\C:\WINDOWS\system32\drivers\ltjopn.sys []
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-11-26 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-11-26 155160]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2006-12-05 112152]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-12-26 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2004-10-29 127043]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2004-08-04 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-11-26 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-11-26 352920]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-04-07 430592]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2005-09-23 66240]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-05-09 823808]

-----------------EOF-----------------

 

this is the report of "info" :

info.txt logfile of random's system information tool 1.05 2009-01-03 19:55:51

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Aspell English Dictionary-0.50-2--> "C:\Program Files\Aspell\unins001.exe "
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll ",RunSetup
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
DFX for Windows Media Player-->C:\Program Files\DFX\uninstall_WMP.exe
Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
GNU Aspell 0.50-3--> "C:\Program Files\Aspell\unins000.exe "
GTK+ Runtime 2.12.12 rev a (remove only)-->C:\Program Files\Common Files\GTK\2.0\uninst.exe
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)--> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0409
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5--> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft User-Mode Driver Framework Feature Pack 1.5--> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe "
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
Nokia PC Suite-->MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
Pidgin-->C:\Program Files\Pidgin\pidgin-uninst.exe
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x9 -removeonly
Registry Mechanic 8.0--> "C:\Program Files\Registry Mechanic\unins000.exe" /Log
SmartMovie Converter--> "C:\Program Files\Lonely Cat Games\SmartMovie Converter\IIUninst.exe" C:\Program Files\Lonely Cat Games\SmartMovie Converter\install.log
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Windows Driver Package - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall--> "C:\Program Files\Xvid\unins000.exe "

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 090102-0]

System event log

Computer Name: HOME-69DBE8ED5E
Event Code: 7035
Message: The Fast User Switching Compatibility service was successfully sent a start control.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20081229195442.000000+360
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: HOME-69DBE8ED5E
Event Code: 7036
Message: The Terminal Services service entered the running state.

Record Number: 4
Source Name: Service Control Manager
Time Written: 20081229195442.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 20158
Message: The user gpinternet successfully established a connection to Nokia GSM Phone USB Modem (OTA) using the device COM3.

Record Number: 3
Source Name: RemoteAccess
Time Written: 20081229195410.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 6005
Message: The Event log service was started.

Record Number: 2
Source Name: EventLog
Time Written: 20081229195310.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20081229195310.000000+360
Event Type: information
User:

Application event log

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the MSDTC (MSDTC) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20081214013150.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20081214013148.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20081214013045.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20081214013018.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20081214013017.000000+360
Event Type: information
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION "=0409
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP

-----------------EOF-----------------

 

this is the report of "info" :

info.txt logfile of random's system information tool 1.05 2009-01-03 19:55:51

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Aspell English Dictionary-0.50-2--> "C:\Program Files\Aspell\unins001.exe "
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll ",RunSetup
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
DFX for Windows Media Player-->C:\Program Files\DFX\uninstall_WMP.exe
Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
FlashGet 1.9.6.1073-->C:\Program Files\FlashGet\uninst.exe
GNU Aspell 0.50-3--> "C:\Program Files\Aspell\unins000.exe "
GTK+ Runtime 2.12.12 rev a (remove only)-->C:\Program Files\Common Files\GTK\2.0\uninst.exe
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Windows XP (KB915865)--> "C:\WINDOWS\$NtUninstallKB915865$\spuninst\spuninst.exe "
InterVideo WinDVD 8-->C:\Program Files\InstallShield Installation Information\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}\setup.exe -runfromtemp -l0x0409
Java(TM) 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Microsoft .NET Framework 2.0-->C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\Microsoft .NET Framework 2.0\install.exe
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5--> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft User-Mode Driver Framework Feature Pack 1.5--> "C:\WINDOWS\$NtUninstallWudf01005$\spuninst\spuninst.exe "
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (3.0.5)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{4F1DCA42-2030-437C-A94E-736692A499C1}
Nokia PC Suite-->MsiExec.exe /I{9C05FA75-0337-4523-AA57-9D3511018887}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
PC Connectivity Solution-->MsiExec.exe /I{AC599724-5755-48C1-ABE7-ABB857652930}
Pidgin-->C:\Program Files\Pidgin\pidgin-uninst.exe
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x9 -removeonly
Registry Mechanic 8.0--> "C:\Program Files\Registry Mechanic\unins000.exe" /Log
SmartMovie Converter--> "C:\Program Files\Lonely Cat Games\SmartMovie Converter\IIUninst.exe" C:\Program Files\Lonely Cat Games\SmartMovie Converter\install.log
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
Windows Driver Package - Nokia Modem (03/05/2008 3.7)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_635B28EFCFA9395123BB1C251595CB16129E2560\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (03/13/2008 6.86.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_28F2EAC406838DA65AFF6C6886FE9FE96AEF5186\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
Windows Installer 3.1 (KB893803)--> "C:\WINDOWS\$MSI31Uninstall_KB893803v2$\spuninst\spuninst.exe "
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xvid 1.1.3 final uninstall--> "C:\Program Files\Xvid\unins000.exe "

======Security center information======

AV: avast! antivirus 4.8.1296 [VPS 090102-0]

System event log

Computer Name: HOME-69DBE8ED5E
Event Code: 7035
Message: The Fast User Switching Compatibility service was successfully sent a start control.

Record Number: 5
Source Name: Service Control Manager
Time Written: 20081229195442.000000+360
Event Type: information
User: NT AUTHORITY\SYSTEM

Computer Name: HOME-69DBE8ED5E
Event Code: 7036
Message: The Terminal Services service entered the running state.

Record Number: 4
Source Name: Service Control Manager
Time Written: 20081229195442.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 20158
Message: The user gpinternet successfully established a connection to Nokia GSM Phone USB Modem (OTA) using the device COM3.

Record Number: 3
Source Name: RemoteAccess
Time Written: 20081229195410.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 6005
Message: The Event log service was started.

Record Number: 2
Source Name: EventLog
Time Written: 20081229195310.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 6009
Message: Microsoft (R) Windows (R) 5.01. 2600 Service Pack 2 Multiprocessor Free.

Record Number: 1
Source Name: EventLog
Time Written: 20081229195310.000000+360
Event Type: information
User:

Application event log

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the MSDTC (MSDTC) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20081214013150.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20081214013148.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20081214013045.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20081214013018.000000+360
Event Type: information
User:

Computer Name: HOME-69DBE8ED5E
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20081214013017.000000+360
Event Type: information
User:

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 4 Stepping 9, GenuineIntel
"PROCESSOR_REVISION "=0409
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP

-----------------EOF-----------------

 

thank you. I'll wait.

 

Hi Swagata
This can be a very nasty virus.

Please do the following so we can see what we're looking at.


Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.


Please do an online scan with Kaspersky WebScanner

It's best to disable real time protection applications as they sometimes interfere with the scan.
Check this link for any applicable programs you may have.

Click on “Accept” If your pop –up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

• The program will launch and then begin downloading the latest definition files:
• Under Scan on the left side.Click on My Computer
• This will start the program and scan your system.
• Click the “Scan Report” On the left side.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
• Save the text file to your desktop.
• Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri

 

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Monday, January 5, 2009
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Monday, January 05, 2009 09:27:01
Records in database: 1562700
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\

Scan statistics:
Files scanned: 25456
Threat name: 1
Infected objects: 1
Suspicious objects: 0
Duration of the scan: 00:56:54


File name / Threat name / Threats count
C:\Documents and Settings\Swagata\Desktop\300_CAMERAGAMESFORS.rar.part Infected: Trojan.SymbOS.Mosquit.c 1

The selected area was scanned.

 

Hi
Is this a game of some kind?
C:\Documents and Settings\Swagata\Desktop\300_CAMERAGAMESFORS.rar.part

It is infected and should be deleted.

Let me know.

Geri

 

Hi,
Yes, that was a mobile game which are played by moving mobile's camera. I deleted the file. I checked my pc with Avast. It founds some viruses. It found a rook kit at windows/system32/system.exe I deleted it. Then it found some trojans and virus. I moved them to avast! Virus Chest. I am adding a screenshot, http://file.cd/files/3004.JPG Should I keep these infected files in virus chest ? or is it safe to delete them ? After getting infected, my pc takes very long to start. After the welcome screen, it comes to desktop, but the task bar is not shown. It comes after few minutes.

 

Hi
Ok this one may or may not be legit.
winfxdocobj.exe
I would send it to Avast for analysts, I would not delete that one just yet, I would wait to hear from Avast.

The others can be deleted.

Reboot your machine and run another Avast scan to see if they come back.

Thanks
Geri

 

Hi,
I sent that file to avast! and deleted other files. I did a avast! boot scan and 3 file were infected. I sent them to virus chest. A lot of *zip/archive files are said corrupted but not infected. And they were not asked to delete or move to chest. What can i do with these files ? I am adding the report.

01/07/2009 15:53
Scan of all local drives

File C:\Documents and Settings\Swagata\Desktop\Cracked.rar.part\Cracked\DAP.exe Error 42126 {RAR archive is corrupted.}
File C:\Documents and Settings\Swagata\My Documents\My Completed Downloads\zombieinfection_1mb_nokian95_5700_n81_n96_e66_en_igpl_eu_1021.zip\ZombieInfection_1MB_NokiaN95_5700_N81_N96_E66_EN_IGPL_EU_102.jar\f.class Error 42125 {ZIP archive is corrupted.}
File C:\Documents and Settings\Swagata\My Documents\My Completed Downloads\zombieinfection_1mb_nokian95_5700_n81_n96_e66_en_igpl_eu_1021.zip\ZombieInfection_1MB_NokiaN95_5700_N81_N96_E66_EN_IGPL_EU_102.jar Error 42125 {ZIP archive is corrupted.}
File C:\Downloads\MGS_binpda_modifiedBrazil.zip.jc!\MGS_binpda_modifiedBrazil.n-gage Error 42125 {ZIP archive is corrupted.}
File C:\WINDOWS\Driver Cache\i386\driver.cab\kdh00001.ppd Error 42127 {CAB archive is corrupted.}
File E:\240 x 320 Part I\Dogs 2.jar\f.class Error 42125 {ZIP archive is corrupted.}
File E:\240 x 320 Part II\Dogs 2.jar\f.class Error 42125 {ZIP archive is corrupted.}
File E:\240 x 320 Part II\NBA 09.jar\s_g.bin Error 42125 {ZIP archive is corrupted.}
File E:\System Volume Information\_restore{034B493B-4C5E-4EB5-8B12-BFED62220F7F}\RP38\A0010963.exe is infected by Win32:Sality, Moved to chest
File E:\System Volume Information\_restore{034B493B-4C5E-4EB5-8B12-BFED62220F7F}\RP38\A0010964.exe is infected by Win32:Sality, Moved to chest
File F:\Fight\New Folder\roms\CPS\megaman2.zip\rm2.14m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\New Folder\roms\CPS\mmatrix.zip\mmx.11m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\New Folder\roms\CPS\mshh.zip\msh.14m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\New Folder\roms\CPS\mshjr1.zip\msh.17m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\New Folder\roms\CPS\mvsc.zip\mvc.12m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\New Folder\roms\CPS\mvsc.zip\mvc.11m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\New Folder\roms\CPS\vhunt2r1.zip\vh2.16m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\New Folder\roms\CPS\vhunt2r1.zip\vh2.17m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\CPS\1944.zip\nff.19m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\CPS\19xx.zip\19x.16m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\CPS\19xx.zip\19x.11m Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\CPS\armwarr1.zip\pwgex.03b Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\CPS\cybotsj.zip\cybjx.03 Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\CPS\gmahou.zip\gmdj.03 Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\CPS\kof99.zip\251-c3.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\fatfursp.zip\058-c3.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\ganryu.zip\252-c1.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\garou.zip\253-c8.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\garoun.zip\motwn_c4.rom Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\gowcaizr.zip\094-c3.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\gowcaizr.zip\094-v2.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\gpilots.zip\020-v21.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\kf2k4spe.zip\k2k4s-c8.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\kof2001.zip\262-c5.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\kof2001.zip\262-v3.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\kof2002.zip\265-c1.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\kof96.zip\214-c8.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\kof99.zip\251-c2.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\kof99p.zip\251-c7p.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\mslugx.zip\250-c1.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\nam1975.zip\001-v21.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\neogeo.zip\074-c3.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\preisle2.zip\255-c5.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\rbff1.zip\069-c3.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\rbffspec.zip\223-c4.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\rotd.zip\264-c1.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\samsho2.zip\063-c5.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\sengoku3.zip\261-c1.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\sonicwi3.zip\097-v1.bin Error 42125 {ZIP archive is corrupted.}
File F:\Fight\roms\Neogeo\ssideki4.zip\215-c2.bin Error 42125 {ZIP archive is corrupted.}
File G:\System Volume Information\_restore{034B493B-4C5E-4EB5-8B12-BFED62220F7F}\RP42\A0012339.exe is infected by Win32:Rootkit-gen [Rtk], Moved to chest
Number of searched folders: 2824
Number of tested files: 162461
Number of infected files: 3

 

the only problem is that, my pc takes very long to start. After the welcome screen, it comes to desktop, but the task bar is not shown. It comes after few minutes.

 

Hi
What are your E, F and G drives?

Are these P2P downloaded games that are on them?

 

Hi,
E, F, G are my drives. My hard disk is parted into 5 partition; C, D, E, F and G.
Sorry, I didn't understand what you meant by P2P Downloaded games. Those are just pc games. I found them on a DVD disk.

 

Hi
OK, what do you mean "found" ? where did you find the disk?

They are all corrupted, and should be deleted.

Let me know what you are going to do.

Geri

 

Hi,
I found the DVD in a shop. I mean I bought the DVD. They are not so necessary. I can delete them. Should I delete them ?
C:\WINDOWS\Driver Cache\i386\driver.cab\kdh00001.ppd Error 42127 {CAB archive is corrupted.}
This file seems important. Do I need to delete it too ?
E:\System Volume Information\_restore{034B493B-4C5E-4EB5-8B12-BFED62220F7F}\RP38\A0010963.exe is infected by Win32:Sality, Moved to chest
E:\System Volume Information\_restore{034B493B-4C5E-4EB5-8B12-BFED62220F7F}\RP38\A0010964.exe is infected by Win32:Sality, Moved to chest
G:\System Volume Information\_restore{034B493B-4C5E-4EB5-8B12-BFED62220F7F}\RP42\A0012339.exe is infected by Win32:Rootkit-gen [Rtk], Moved to chest

These files are infected and moved to chest. Is it safe to delete them ?

Thanks.

 

Hi
Yes go ahead and delete it, it is corrupted anyway.

Lets get a Panda scan.

Please go HERE to run Panda's ActiveScan

• Once you are on the Panda site click the Scan your PC button
• A new window will open...click the Check Now button
• Enter your Country
• Enter your State/Province
• Enter your e-mail address and click send
• Select either Home User or Company
• Click the big Scan Now button
• If it wants to install an ActiveX component allow it
• It will start downloading the files it requires for the scan (Note: It may take a couple of minutes)
• When download is complete, click on My Computer to start the scan
• When the scan completes, if anything malicious is detected, click the See Report button, then Save Report and save it to a convenient location. Post the contents of the ActiveScan report

Geri