1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive [InActive] explorer.exe crashing [after removing Vundo]

Discussion in 'Malware and Virus Removal Archive' started by WindBlown, 2008/10/21.

  1. 2008/10/21
    WindBlown

    WindBlown Inactive Thread Starter

    Joined:
    2008/10/17
    Messages:
    3
    Likes Received:
    0
    Ever since I succesfully deleted the Vundo virus I have been having problems with my explorer.exe blowing up to 50%. What usually happens is one program will shoot to 50% and I'll close it through task manager. Then another program will go to 50% right when I close the one before it until explorer.exe goes. If I kill explorer.exe and try to bring it back it stays at 50%
    Any ideas?

    and I'm prepared for the barrage of small programs i'll have to run, and logs i will have to post.

    ~CJ
     
    WindBlown,
    #1
  2. 2008/10/21
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    Windblown - Welcome to WindowsBBS :)

    I suspect that you still have malware on the computer - read this and post the logs requested in this thread which I have moved to the Malware & Virus Removal forum.
     
    PeteC,
    #2


  3. to hide this advert.

  4. 2008/10/21
    WindBlown

    WindBlown Inactive Thread Starter

    Joined:
    2008/10/17
    Messages:
    3
    Likes Received:
    0
    I do not have any traces of the malware on my computer. I should have mentioned that earlier and I am not happy this was moved. I have already talked with someone on Safer Networking and they have decided that my computer is clean for the most part and they referred me to here.
    I do not believe this to be a virus at all. And if it is then no one must know about it and what it does because I have run several tests and all have come up clean. I have run several malware, and virus removal programs (all approved by the people at safer networking), but because of all the deleting and quarantine of many files somewhere a file that shouldn't have been deleted may have been. If I am wrong please correct me, it is just that I have been told that my system is clean. If you want any logs then I will gladly post them.
     
    WindBlown,
    #3
  5. 2008/10/21
    WindBlown

    WindBlown Inactive Thread Starter

    Joined:
    2008/10/17
    Messages:
    3
    Likes Received:
    0
    Logfile of random's system information tool 1.04 (written by random/random)
    Run by CJ at 2008-10-21 05:04:28
    Microsoft Windows XP Home Edition Service Pack 3
    System drive C: has 85 GB (54%) free of 157 GB
    Total RAM: 2046 MB (67% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 5:04:33 AM, on 10/21/2008
    Platform: Windows XP SP3 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
    Boot mode: Normal

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    C:\Program Files\Bonjour\mDNSResponder.exe
    C:\Program Files\Symantec AntiVirus\DefWatch.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    C:\WINDOWS\system32\nvsvc32.exe
    C:\WINDOWS\system32\HPZipm12.exe
    C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
    C:\WINDOWS\system32\svchost.exe
    C:\Program Files\Symantec AntiVirus\Rtvscan.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\system32\RUNDLL32.EXE
    C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe
    C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    C:\WINDOWS\system32\rundll32.exe
    C:\Program Files\Microsoft IntelliType Pro\itype.exe
    C:\Program Files\Microsoft IntelliPoint\ipoint.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
    C:\PROGRA~1\SYMANT~1\VPTray.exe
    C:\Program Files\iTunes\iTunesHelper.exe
    C:\Program Files\twc\medicsp2\bin\sprtcmd.exe
    C:\program files\valve\steam\steam.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\AIM6\aim6.exe
    C:\Program Files\Skype\Phone\Skype.exe
    C:\Documents and Settings\CJ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
    C:\Program Files\iPod\bin\iPodService.exe
    C:\Program Files\AIM6\aolsoftware.exe
    C:\Program Files\Skype\Plugin Manager\skypePM.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jucheck.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\Last.fm\LastFM.exe
    C:\Documents and Settings\CJ\Desktop\RSIT.exe
    C:\Program Files\Trend Micro\HijackThis\CJ.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage

    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
    O4 - HKLM\..\Run: [amd_dc_opt] "C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe "
    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe "
    O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe
    O4 - HKLM\..\Run: [itype] "C:\Program Files\Microsoft IntelliType Pro\itype.exe "
    O4 - HKLM\..\Run: [IntelliPoint] "C:\Program Files\Microsoft IntelliPoint\ipoint.exe "
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
    O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe "
    O4 - HKLM\..\Run: [vptray] C:\PROGRA~1\SYMANT~1\VPTray.exe
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
    O4 - HKLM\..\Run: [OWCWebCamDV] C:\WINDOWS\system\wcdvtray.exe
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe "
    O4 - HKLM\..\Run: [LELA] "C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe" /minimized
    O4 - HKLM\..\Run: [medicsp2] C:\Program Files\twc\medicsp2\bin\sprtcmd.exe /P medicsp2
    O4 - HKCU\..\Run: [Steam] "c:\program files\valve\steam\steam.exe" -silent
    O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
    O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
    O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\CJ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
    O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O9 - Extra button: AIM - {AC9E2541-2814-11d5-BC6D-00B0D0A1DE45} - C:\Program Files\AIM\aim.exe
    O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
    O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED} (Support.com Configuration Class) - http://supportcenter.rr.com/sdccommon/download/tgctlcm.cab
    O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/OnlineScanner.cab
    O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase5036.cab
    O16 - DPF: {D1E7CBDA-E60E-4970-A01C-37301EF7BF98} (Measurement Services Client v.3.11) - http://gameadvisor.futuremark.com/global/msc311.cab
    O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} -
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
    O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
    O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
    O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C:\Program Files\Symantec AntiVirus\DefWatch.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
    O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
    O23 - Service: MrobeService - Unknown owner - C:\WINDOWS\system32\MRobeService.exe (file missing)
    O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe
    O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
    O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: SAVRoam (SavRoam) - symantec - C:\Program Files\Symantec AntiVirus\SavRoam.exe
    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
    O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
    O23 - Service: SupportSoft Sprocket Service (medicsp2) (sprtsvc_medicsp2) - SupportSoft, Inc. - C:\Program Files\twc\medicsp2\bin\sprtsvc.exe
    O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
    O23 - Service: Symantec AntiVirus - Symantec Corporation - C:\Program Files\Symantec AntiVirus\Rtvscan.exe

    --
    End of file - 10429 bytes

    ======Scheduled tasks folder======

    C:\WINDOWS\tasks\AppleSoftwareUpdate.job
    C:\WINDOWS\tasks\GoogleUpdateTaskUser.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2005-08-04 343112]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "amd_dc_opt "=C:\Program Files\AMD\amd_dc_opt\amd_dc_opt.exe [2006-06-28 106496]
    "NeroFilterCheck "=C:\WINDOWS\system32\NeroCheck.exe [2001-07-09 155648]
    "NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2006-06-23 7626752]
    "nwiz "=nwiz.exe /install []
    "NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2006-06-23 86016]
    "Adobe Photo Downloader "=C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe [2005-06-07 57344]
    "nTrayFw "=C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe [2005-12-21 270336]
    "itype "=C:\Program Files\Microsoft IntelliType Pro\itype.exe [2006-07-07 576320]
    "IntelliPoint "=C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2006-07-07 600896]
    "Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
    "SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "ccApp "=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2005-10-04 48752]
    "vptray "=C:\PROGRA~1\SYMANT~1\VPTray.exe [2005-11-15 85744]
    "QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
    "AppleSyncNotifier "=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
    "OWCWebCamDV "=C:\WINDOWS\system\wcdvtray.exe []
    "iTunesHelper "=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]
    "LELA "=C:\Program Files\Linksys\Linksys EasyLink Advisor\Linksys EasyLink Advisor.exe /minimized []
    "medicsp2 "=C:\Program Files\twc\medicsp2\bin\sprtcmd.exe [2007-03-07 198184]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "Steam "=c:\program files\valve\steam\steam.exe [2008-10-09 1410296]
    "ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
    "Aim6 "=C:\Program Files\AIM6\aim6.exe [2008-01-03 50528]
    "Skype "=C:\Program Files\Skype\Phone\Skype.exe [2008-09-23 21755688]
    "MSMSGS "=C:\Program Files\Messenger\msmsgs.exe [2008-04-13 1695232]
    "Google Update "=C:\Documents and Settings\CJ\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-08 133104]

    [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
    C:\Program Files\DAEMON Tools Pro\DTProAgent.exe [2007-12-12 273864]

    C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup
    Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\NavLogon]
    C:\WINDOWS\system32\NavLogon.dll [2005-11-15 43760]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
    C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
    WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
    UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveTypeAutoRun "=145
    "NoDrives "=0

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
    "NoDriveAutoRun "=
    "NoDriveTypeAutoRun "=
    "NoDrives "=

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "C:\Program Files\AIM\aim.exe "= "C:\Program Files\AIM\aim.exe:*:Enabled:AOL Instant Messenger "
    "C:\Program Files\Last.fm\LastFM.exe "= "C:\Program Files\Last.fm\LastFM.exe:*:Enabled:LastFM "
    "C:\Program Files\Valve\Steam\steamapps\aeolus0609\counter-strike source\hl2.exe "= "C:\Program Files\Valve\Steam\steamapps\aeolus0609\counter-strike source\hl2.exe:*:Enabled:hl2 "
    "C:\Program Files\BitLord\BitLord.exe "= "C:\Program Files\BitLord\BitLord.exe:*:Enabled:BitLord "
    "C:\Program Files\Valve\HLServer\srcds.exe "= "C:\Program Files\Valve\HLServer\srcds.exe:*:Enabled:srcds "
    "C:\Program Files\Valve\Steam\steamapps\kingsclan2\counter-strike source\hl2.exe "= "C:\Program Files\Valve\Steam\steamapps\kingsclan2\counter-strike source\hl2.exe:*:Enabled:hl2 "
    "C:\Program Files\Mozilla Firefox\firefox.exe "= "C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox "
    "C:\WINDOWS\system32\dpvsetup.exe "= "C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test "
    "C:\Program Files\Common Files\AOL\Loader\aolload.exe "= "C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader "
    "C:\Program Files\Valve\Steam\steamapps\aeolus0609\source sdk base\hl2.exe "= "C:\Program Files\Valve\Steam\steamapps\aeolus0609\source sdk base\hl2.exe:*:Enabled:hl2 "
    "C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe "= "C:\Program Files\SmartFTP Client 2.0\SmartFTP.exe:*:Enabled:SmartFTP Client 2.0 "
    "C:\Program Files\AIM6\aim6.exe "= "C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM "
    "C:\StubInstaller.exe "= "C:\StubInstaller.exe:*:Enabled:LimeWire swarmed installer "
    "C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
    "C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe "= "C:\Program Files\Sony\Station\LaunchPad\LaunchPad.exe:*:Enabled:LaunchPad "
    "C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe "= "C:\Program Files\Firefly Studios\Stronghold 2\Stronghold2.exe:*:Enabled:Stronghold 2 "
    "C:\Program Files\Valve\Steam\steam.exe "= "C:\Program Files\Valve\Steam\steam.exe:*:Enabled:Steam "
    "C:\Program Files\Valve\Steam\steamapps\aeolus0609\dedicated server\hlds.exe "= "C:\Program Files\Valve\Steam\steamapps\aeolus0609\dedicated server\hlds.exe:*:Enabled:HLDS Launcher "
    "C:\Program Files\Valve\Steam\steamapps\aeolus0609\dedicated server\hltv.exe "= "C:\Program Files\Valve\Steam\steamapps\aeolus0609\dedicated server\hltv.exe:*:Enabled:HLTV Launcher "
    "C:\Program Files\BitLord\Downloads\Shogo\Shogo\Client.exe "= "C:\Program Files\BitLord\Downloads\Shogo\Shogo\Client.exe:*:Enabled:Client "
    "C:\WINDOWS\system32\dplaysvr.exe "= "C:\WINDOWS\system32\dplaysvr.exe:*:Enabled:Microsoft DirectPlay Helper "
    "C:\Documents and Settings\CJ\Desktop\Shogo\Client.exe "= "C:\Documents and Settings\CJ\Desktop\Shogo\Client.exe:*:Enabled:Client.exe "
    "C:\Documents and Settings\CJ\Desktop\Shogo\ShogoSrv.exe "= "C:\Documents and Settings\CJ\Desktop\Shogo\ShogoSrv.exe:*:Enabled:Shogo Stand-Alone Server "
    "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe "= "C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\Apache.exe:*:Enabled:Apache HTTP Server "
    "C:\Program Files\Valve\Steam\steamapps\aeolus0609\source dedicated server\srcds.exe "= "C:\Program Files\Valve\Steam\steamapps\aeolus0609\source dedicated server\srcds.exe:*:Enabled:srcds "
    "C:\srcds\srcds.exe "= "C:\srcds\srcds.exe:*:Enabled:srcds "
    "C:\Program Files\Valve\Steam\steamapps\common\trackmania nations forever\TmForever.exe "= "C:\Program Files\Valve\Steam\steamapps\common\trackmania nations forever\TmForever.exe:*:Enabled:TmForever "
    "C:\Program Files\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe "= "C:\Program Files\LucasArts\Star Wars Republic Commando\GameData\System\SWRepublicCommando.exe:*:Enabled:Star Wars(TM): Republic Commando(TM) "
    "C:\Program Files\LucasArts\Star Wars Battlefront\GameData\battlefront.exe "= "C:\Program Files\LucasArts\Star Wars Battlefront\GameData\battlefront.exe:*:Enabled:Star Wars(TM): Battlefront(TM) "
    "C:\Program Files\GameSpy Arcade\Aphex.exe "= "C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade 1.4 "
    "C:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe "= "C:\Program Files\LucasArts\Star Wars JK II Jedi Outcast\GameData\jk2mp.exe:*:Enabled:Star Wars Jedi Knight(TM): Jedi Outcast(TM) "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "
    "C:\Program Files\SecondLife\SLVoice.exe "= "C:\Program Files\SecondLife\SLVoice.exe:*:Enabled:SLVoice "
    "C:\Program Files\Bonjour\mDNSResponder.exe "= "C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour "
    "C:\Program Files\Eagletron\TrackerCam\EyeWDM.exe "= "C:\Program Files\Eagletron\TrackerCam\EyeWDM.exe:*:Enabled:TrackerCam Application "
    "C:\Program Files\Eagletron\DVdriver\dvdriver.exe "= "C:\Program Files\Eagletron\DVdriver\dvdriver.exe:*:Enabled:dvdriver application "
    "C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
    "C:\Program Files\Valve\Steam\steamapps\aeolus0609\zombie panic! source\hl2.exe "= "C:\Program Files\Valve\Steam\steamapps\aeolus0609\zombie panic! source\hl2.exe:*:Enabled:hl2 "
    "C:\Program Files\Skype\Phone\Skype.exe "= "C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype. Take a deep breath "

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
    "%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabled:mad:xpsp2res.dll,-22019 "
    "%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:mad:xpsp3res.dll,-20000 "

    ======List of files/folders created in the last 3 months======

    2008-10-20 23:43:36 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\SupportSoft
    2008-10-20 23:43:18 ----D---- C:\Program Files\twc
    2008-10-16 22:14:46 ----D---- C:\Program Files\City of Heroes
    2008-10-16 20:54:51 ----D---- C:\Documents and Settings\CJ\Application Data\Ulead Systems
    2008-10-16 20:53:39 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ulead Systems
    2008-10-16 20:53:35 ----D---- C:\Program Files\Ulead Systems
    2008-10-16 20:53:11 ----D---- C:\WINDOWS\Noslip
    2008-10-16 04:47:05 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
    2008-10-16 04:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
    2008-10-16 04:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
    2008-10-16 04:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
    2008-10-16 04:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
    2008-10-16 04:45:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
    2008-10-15 16:15:52 ----D---- C:\rsit
    2008-10-06 01:45:58 ----D---- C:\Program Files\EsetOnlineScanner
    2008-10-03 22:13:47 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
    2008-10-01 16:17:36 ----D---- C:\Program Files\Common Files\Skype
    2008-09-24 13:10:41 ----D---- C:\Program Files\MSECache
    2008-09-15 02:20:33 ----D---- C:\Program Files\Bonjour
    2008-09-15 02:19:50 ----D---- C:\Program Files\QuickTime
    2008-09-13 07:20:26 ----D---- C:\Documents and Settings\CJ\Application Data\SecondLife
    2008-09-13 07:19:31 ----D---- C:\Program Files\SecondLife
    2008-09-12 15:55:19 ----D---- C:\Program Files\Common Files\Supportsoft
    2008-09-11 00:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
    2008-09-10 13:01:09 ----D---- C:\WINDOWS\pss
    2008-09-10 02:12:52 ----D---- C:\WINDOWS\Prefetch
    2008-09-10 02:08:58 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
    2008-09-10 02:08:53 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
    2008-09-10 02:08:48 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
    2008-09-10 02:08:42 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
    2008-09-10 02:08:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
    2008-09-10 02:08:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
    2008-09-10 02:08:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
    2008-09-10 02:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
    2008-09-10 02:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
    2008-09-10 02:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
    2008-09-10 02:08:02 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
    2008-09-10 02:05:44 ----D---- C:\WINDOWS\system32\scripting
    2008-09-10 02:05:43 ----D---- C:\WINDOWS\system32\en
    2008-09-10 02:05:43 ----D---- C:\WINDOWS\system32\bits
    2008-09-10 02:05:43 ----D---- C:\WINDOWS\l2schemas
    2008-09-10 02:04:18 ----D---- C:\WINDOWS\ServicePackFiles
    2008-09-10 02:03:03 ----D---- C:\WINDOWS\network diagnostic
    2008-09-10 02:01:23 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
    2008-09-10 02:01:22 ----D---- C:\WINDOWS\EHome
    2008-09-09 23:27:25 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
    2008-09-09 23:15:55 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
    2008-09-09 23:15:44 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
    2008-09-09 23:05:46 ----SHD---- C:\RECYCLER
    2008-09-09 23:04:48 ----D---- C:\ComboFix
    2008-09-09 22:32:47 ----A---- C:\Boot.bak
    2008-09-09 22:32:43 ----D---- C:\cmdcons
    2008-09-09 22:31:08 ----A---- C:\WINDOWS\system32\javaws.exe
    2008-09-09 22:31:08 ----A---- C:\WINDOWS\system32\javaw.exe
    2008-09-09 22:31:08 ----A---- C:\WINDOWS\system32\java.exe
    2008-09-09 21:28:16 ----D---- C:\WINDOWS\erdnt
    2008-09-09 21:27:50 ----D---- C:\QooBox
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\zip.exe
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\VFind.exe
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\swxcacls.exe
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\swsc.exe
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\swreg.exe
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\sed.exe
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\grep.exe
    2008-09-09 21:27:49 ----A---- C:\WINDOWS\fdsv.exe
    2008-09-09 20:20:10 ----D---- C:\Documents and Settings\CJ\Application Data\Malwarebytes
    2008-09-09 20:20:06 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-09-09 20:20:06 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
    2008-09-08 21:06:11 ----D---- C:\Program Files\Trend Micro
    2008-09-07 21:13:28 ----D---- C:\Program Files\Windows Live Safety Center
    2008-09-07 20:13:45 ----A---- C:\WINDOWS\ntbtlog.txt
    2008-09-03 18:41:04 ----A---- C:\WINDOWS\system32\mappings.txt
    2008-09-02 14:26:41 ----A---- C:\WINDOWS\wininit.ini
    2008-09-02 14:02:43 ----D---- C:\Program Files\TeaTimer (Spybot - Search & Destroy)
    2008-08-31 23:51:42 ----A---- C:\WINDOWS\system32\b7565ab3-.txt
    2008-08-31 23:47:58 ----D---- C:\Program Files\Toon Boom Animation
    2008-08-29 10:18:58 ----A---- C:\WINDOWS\system32\dns-sd.exe
    2008-08-29 09:53:50 ----A---- C:\WINDOWS\system32\dnssd.dll
    2008-08-26 19:18:04 ----N---- C:\WINDOWS\system32\xmllite.dll
    2008-08-26 19:18:02 ----N---- C:\WINDOWS\system32\wlanapi.dll
    2008-08-26 19:17:57 ----N---- C:\WINDOWS\system32\tspkg.dll
    2008-08-26 19:17:57 ----N---- C:\WINDOWS\system32\tsgqec.dll
    2008-08-26 19:17:56 ----N---- C:\WINDOWS\system32\spupdwxp.exe
    2008-08-26 19:17:56 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
    2008-08-26 19:17:53 ----N---- C:\WINDOWS\system32\slserv.exe
    2008-08-26 19:17:53 ----N---- C:\WINDOWS\system32\slrundll.exe
    2008-08-26 19:17:53 ----N---- C:\WINDOWS\system32\slgen.dll
    2008-08-26 19:17:53 ----N---- C:\WINDOWS\system32\slextspk.dll
    2008-08-26 19:17:53 ----N---- C:\WINDOWS\system32\slcoinst.dll
    2008-08-26 19:17:53 ----N---- C:\WINDOWS\slrundll.exe
    2008-08-26 19:17:51 ----N---- C:\WINDOWS\system32\setupn.exe
    2008-08-26 19:17:50 ----N---- C:\WINDOWS\system32\s3gnb.dll
    2008-08-26 19:17:50 ----N---- C:\WINDOWS\system32\rhttpaa.dll
    2008-08-26 19:17:49 ----N---- C:\WINDOWS\system32\rasqec.dll
    2008-08-26 19:17:49 ----N---- C:\WINDOWS\system32\qutil.dll
    2008-08-26 19:17:48 ----N---- C:\WINDOWS\system32\qcliprov.dll
    2008-08-26 19:17:48 ----N---- C:\WINDOWS\system32\qagentrt.dll
    2008-08-26 19:17:48 ----N---- C:\WINDOWS\system32\qagent.dll
    2008-08-26 19:17:47 ----N---- C:\WINDOWS\system32\onex.dll
    2008-08-26 19:17:44 ----N---- C:\WINDOWS\system32\napstat.exe
    2008-08-26 19:17:44 ----N---- C:\WINDOWS\system32\napmontr.dll
    2008-08-26 19:17:44 ----N---- C:\WINDOWS\system32\napipsec.dll
    2008-08-26 19:17:43 ----N---- C:\WINDOWS\system32\mtxparhd.dll
    2008-08-26 19:17:42 ----N---- C:\WINDOWS\system32\msshavmsg.dll
    2008-08-26 19:17:42 ----N---- C:\WINDOWS\system32\mssha.dll
    2008-08-26 19:17:38 ----N---- C:\WINDOWS\system32\mmcperf.exe
    2008-08-26 19:17:38 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
    2008-08-26 19:17:38 ----N---- C:\WINDOWS\system32\mmcex.dll
    2008-08-26 19:17:38 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
    2008-08-26 19:17:37 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
    2008-08-26 19:17:32 ----N---- C:\WINDOWS\system32\l2gpstore.dll
    2008-08-26 19:17:32 ----N---- C:\WINDOWS\system32\kmsvc.dll
    2008-08-26 19:17:32 ----N---- C:\WINDOWS\system32\kbdpash.dll
    2008-08-26 19:17:32 ----N---- C:\WINDOWS\system32\kbdnepr.dll
    2008-08-26 19:17:32 ----N---- C:\WINDOWS\system32\kbdiultn.dll
    2008-08-26 19:17:32 ----N---- C:\WINDOWS\system32\kbdbhc.dll
    2008-08-26 19:17:29 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\faxpatch.exe
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eapsvc.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eapqec.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eappprxy.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eapphost.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eappgnui.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eappcfg.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eapp3hst.dll
    2008-08-26 19:17:27 ----N---- C:\WINDOWS\system32\eapolqec.dll
    2008-08-26 19:17:27 ----A---- C:\WINDOWS\003029_.tmp
    2008-08-26 19:17:25 ----N---- C:\WINDOWS\system32\dot3ui.dll
    2008-08-26 19:17:25 ----N---- C:\WINDOWS\system32\dot3svc.dll
    2008-08-26 19:17:25 ----N---- C:\WINDOWS\system32\dot3msm.dll
    2008-08-26 19:17:25 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
    2008-08-26 19:17:25 ----N---- C:\WINDOWS\system32\dot3dlg.dll
    2008-08-26 19:17:25 ----N---- C:\WINDOWS\system32\dot3cfg.dll
    2008-08-26 19:17:25 ----N---- C:\WINDOWS\system32\dot3api.dll
    2008-08-26 19:17:24 ----N---- C:\WINDOWS\system32\dimsroam.dll
    2008-08-26 19:17:24 ----N---- C:\WINDOWS\system32\dimsntfy.dll
    2008-08-26 19:17:24 ----N---- C:\WINDOWS\system32\dhcpqec.dll
    2008-08-26 19:17:23 ----N---- C:\WINDOWS\system32\credssp.dll
    2008-08-26 19:17:21 ----N---- C:\WINDOWS\system32\bitsprx4.dll
    2008-08-26 19:17:21 ----N---- C:\WINDOWS\system32\azroles.dll
    2008-08-26 19:17:20 ----N---- C:\WINDOWS\system32\ativvaxx.dll
    2008-08-26 19:17:20 ----N---- C:\WINDOWS\system32\ativtmxx.dll
    2008-08-26 19:17:20 ----N---- C:\WINDOWS\system32\ati3duag.dll
    2008-08-26 19:17:19 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
    2008-08-26 19:17:19 ----N---- C:\WINDOWS\system32\ati2dvag.dll
    2008-08-26 19:17:19 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
    2008-08-26 19:17:19 ----N---- C:\WINDOWS\system32\ati2cqag.dll
    2008-08-26 19:17:18 ----N---- C:\WINDOWS\system32\aaclient.dll
    2008-08-17 02:24:24 ----D---- C:\Program Files\Microsoft Silverlight
    2008-08-16 22:15:50 ----D---- C:\Program Files\GameSpy Arcade
    2008-08-16 14:07:09 ----D---- C:\Program Files\WebEx
    2008-08-15 19:37:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
    2008-08-15 19:37:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
    2008-08-15 19:37:17 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
    2008-08-15 19:37:14 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
    2008-08-15 19:37:10 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
    2008-08-15 19:37:05 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
    2008-08-15 19:37:01 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
    2008-08-15 19:36:57 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
    2008-08-15 19:36:52 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
    2008-08-15 19:36:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
    2008-08-15 19:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$
    2008-08-15 19:36:28 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
    2008-08-15 19:36:16 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$
    2008-08-15 17:49:14 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Linksys
    2008-08-06 17:31:20 ----A---- C:\WINDOWS\system32\xinput1_1.dll
    2008-08-06 17:31:20 ----A---- C:\WINDOWS\system32\xactengine2_1.dll
    2008-08-06 17:31:11 ----A---- C:\WINDOWS\system32\xactengine2_0.dll
    2008-08-06 17:31:11 ----A---- C:\WINDOWS\system32\x3daudio1_0.dll
    2008-08-06 17:31:11 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
    2008-08-06 17:31:10 ----A---- C:\WINDOWS\system32\xinput9_1_0.dll
    2008-08-06 17:31:10 ----A---- C:\WINDOWS\system32\d3dx9_29.dll
    2008-08-06 17:31:10 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
    2008-08-06 17:31:08 ----A---- C:\WINDOWS\system32\d3dx9_26.dll
    2008-08-06 17:31:08 ----A---- C:\WINDOWS\system32\d3dx9_25.dll
    2008-08-06 17:31:05 ----A---- C:\WINDOWS\system32\d3dx9_24.dll
    2008-08-05 18:39:51 ----D---- C:\Program Files\Linksys

    ======List of files/folders modified in the last 3 months======

    2008-10-21 04:55:31 ----D---- C:\Program Files\Mozilla Firefox
    2008-10-21 04:49:23 ----D---- C:\Documents and Settings\CJ\Application Data\Skype
    2008-10-21 04:25:42 ----D---- C:\WINDOWS\system32\CatRoot2
    2008-10-21 03:38:21 ----D---- C:\WINDOWS\Temp
    2008-10-21 03:38:17 ----D---- C:\Documents and Settings\CJ\Application Data\skypePM
    2008-10-21 03:37:18 ----D---- C:\Program Files\Symantec AntiVirus
    2008-10-21 03:34:59 ----A---- C:\WINDOWS\SchedLgU.Txt
    2008-10-20 23:43:18 ----D---- C:\Program Files
    2008-10-20 20:15:27 ----SHD---- C:\WINDOWS\Installer
    2008-10-20 20:15:26 ----HD---- C:\Config.Msi
    2008-10-20 13:00:55 ----D---- C:\WINDOWS
    2008-10-20 00:04:18 ----A---- C:\WINDOWS\NeroDigital.ini
    2008-10-19 20:54:00 ----DC---- C:\WINDOWS\system32\DRVSTORE
    2008-10-19 20:54:00 ----D---- C:\WINDOWS\inf
    2008-10-19 20:53:59 ----D---- C:\WINDOWS\system32\drivers
    2008-10-19 20:53:54 ----D---- C:\Program Files\Common Files
    2008-10-18 21:54:03 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
    2008-10-18 03:51:17 ----D---- C:\WINDOWS\system32
    2008-10-16 20:53:39 ----RSD---- C:\WINDOWS\Fonts
    2008-10-16 20:53:35 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-10-16 04:47:07 ----RSHDC---- C:\WINDOWS\system32\dllcache
    2008-10-16 04:47:05 ----HD---- C:\WINDOWS\$hf_mig$
    2008-10-16 04:47:03 ----A---- C:\WINDOWS\imsins.BAK
    2008-10-14 13:13:10 ----SD---- C:\WINDOWS\Tasks
    2008-10-11 00:43:16 ----D---- C:\WINDOWS\Help
    2008-10-07 15:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
    2008-10-06 01:45:55 ----SD---- C:\WINDOWS\Downloaded Program Files
    2008-10-03 22:14:06 ----D---- C:\Program Files\iTunes
    2008-10-03 22:13:50 ----D---- C:\Program Files\iPod
    2008-10-02 15:33:40 ----SD---- C:\Documents and Settings\CJ\Application Data\Microsoft
    2008-10-02 14:30:38 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-10-01 16:46:04 ----D---- C:\WINDOWS\system
    2008-10-01 16:44:50 ----A---- C:\WINDOWS\owcdvtxt.txt
    2008-10-01 15:30:02 ----A---- C:\WINDOWS\win.ini
    2008-09-27 02:10:42 ----D---- C:\WINDOWS\system32\CatRoot
    2008-09-24 13:10:57 ----D---- C:\Program Files\Common Files\Microsoft Shared
    2008-09-24 13:10:50 ----D---- C:\Program Files\Microsoft Office
    2008-09-23 01:46:13 ----D---- C:\Program Files\Finale NotePad 2007
    2008-09-15 02:19:54 ----D---- C:\Program Files\Common Files\Apple
    2008-09-10 13:02:20 ----RASH---- C:\boot.ini
    2008-09-10 13:02:20 ----A---- C:\WINDOWS\system.ini
    2008-09-10 02:16:25 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
    2008-09-10 02:14:06 ----AC---- C:\WINDOWS\OEWABLog.txt
    2008-09-10 02:12:56 ----A---- C:\WINDOWS\setuplog.txt
    2008-09-10 02:12:21 ----D---- C:\WINDOWS\system32\Setup
    2008-09-10 02:12:21 ----D---- C:\WINDOWS\AppPatch
    2008-09-10 02:12:19 ----D---- C:\WINDOWS\system32\wbem
    2008-09-10 02:08:08 ----D---- C:\Program Files\Messenger
    2008-09-10 02:05:56 ----D---- C:\WINDOWS\WinSxS
    2008-09-10 02:05:52 ----D---- C:\WINDOWS\ime
    2008-09-10 02:05:44 ----D---- C:\WINDOWS\system32\usmt
    2008-09-10 02:05:44 ----D---- C:\WINDOWS\system32\en-us
    2008-09-10 02:05:44 ----D---- C:\Program Files\Internet Explorer
    2008-09-10 02:05:43 ----D---- C:\WINDOWS\PeerNet
    2008-09-10 02:05:43 ----D---- C:\Program Files\Movie Maker
    2008-09-10 02:04:14 ----D---- C:\WINDOWS\system32\Restore
    2008-09-10 02:04:14 ----D---- C:\WINDOWS\system32\npp
    2008-09-10 02:04:13 ----D---- C:\WINDOWS\srchasst
    2008-09-10 02:04:13 ----D---- C:\WINDOWS\msagent
    2008-09-10 02:04:11 ----D---- C:\Program Files\NetMeeting
    2008-09-10 02:04:10 ----D---- C:\WINDOWS\system32\Com
    2008-09-10 02:04:09 ----D---- C:\Program Files\Windows NT
    2008-09-10 02:04:09 ----D---- C:\Program Files\Windows Media Player
    2008-09-10 02:04:09 ----D---- C:\Program Files\Outlook Express
    2008-09-10 02:04:07 ----D---- C:\Program Files\Common Files\System
    2008-09-10 02:03:57 ----AD---- C:\WINDOWS\system32\oobe
    2008-09-10 02:02:30 ----D---- C:\WINDOWS\security
    2008-09-10 01:54:26 ----D---- C:\Program Files\Common Files\Symantec Shared
    2008-09-09 23:27:42 ----D---- C:\Program Files\Symantec
    2008-09-09 23:27:16 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Symantec
    2008-09-09 22:31:08 ----D---- C:\Program Files\Java
    2008-09-09 21:30:57 ----D---- C:\WINDOWS\system32\config
    2008-09-09 20:19:21 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Viewpoint
    2008-09-09 01:22:52 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
    2008-09-08 02:29:44 ----AD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\TEMP
    2008-09-07 23:42:46 ----D---- C:\VundoFix Backups
    2008-09-07 21:08:47 ----A---- C:\VundoFix.txt
    2008-08-30 22:57:05 ----D---- C:\WINDOWS\Microsoft.NET
    2008-08-30 22:56:44 ----RSD---- C:\WINDOWS\assembly
    2008-08-30 22:13:40 ----D---- C:\Program Files\Microsoft Expression
    2008-08-27 22:28:50 ----D---- C:\Program Files\LucasArts
    2008-08-26 18:56:11 ----D---- C:\WINDOWS\Debug
    2008-08-20 01:30:53 ----A---- C:\WINDOWS\system32\mshtml.dll
    2008-08-20 01:30:52 ----A---- C:\WINDOWS\system32\urlmon.dll
    2008-08-20 01:30:51 ----A---- C:\WINDOWS\system32\wininet.dll
    2008-08-20 01:30:51 ----A---- C:\WINDOWS\system32\shdocvw.dll
    2008-08-17 21:35:18 ----D---- C:\Program Files\Adobe
    2008-08-16 14:08:10 ----A---- C:\WINDOWS\lexstat.ini
    2008-08-15 21:29:00 ----D---- C:\Documents and Settings\CJ\Application Data\Adobe
    2008-08-15 21:04:08 ----D---- C:\Program Files\Apple Software Update
    2008-08-15 18:55:33 ----D---- C:\Program Files\Last.fm
    2008-08-14 06:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
    2008-08-14 05:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe
    2008-08-06 17:31:21 ----D---- C:\WINDOWS\system32\DirectX
    2008-08-05 16:59:18 ----D---- C:\Program Files\The Adventure Company
    2008-08-05 16:59:07 ----D---- C:\Program Files\Diablo II

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2006-07-01 36864]
    R1 AsIO;AsIO; C:\WINDOWS\system32\drivers\AsIO.sys [2006-10-18 12664]
    R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
    R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
    R1 mbmiodrvr;mbmiodrvr; \??\C:\WINDOWS\system32\mbmiodrvr.sys []
    R1 NVTCP;NVIDIA TCP/IP Protocol Driver; C:\WINDOWS\System32\DRIVERS\NVTcp.sys [2006-04-14 101888]
    R1 SAVRT;SAVRT; \??\C:\Program Files\Symantec AntiVirus\savrt.sys []
    R1 SAVRTPEL;SAVRTPEL; \??\C:\Program Files\Symantec AntiVirus\Savrtpel.sys []
    R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2005-10-19 195728]
    R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2006-02-28 12032]
    R2 WebCamDV;WebCamDV DV to Webcam Converter; C:\WINDOWS\system32\DRIVERS\WebCamDV.sys [2004-05-11 212608]
    R3 AmdTools;AMD Special Tools Driver; C:\WINDOWS\system32\DRIVERS\AmdTools.sys [2006-06-27 31744]
    R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
    R3 c65013264;C-Media CM6501 Like Sound UDAX Interface; C:\WINDOWS\system32\drivers\c6501.sys [2007-07-09 1310720]
    R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
    R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
    R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
    R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
    R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
    R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081017.003\naveng.sys []
    R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20081017.003\navex15.sys []
    R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
    R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-06-23 3928832]
    R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2006-04-14 34176]
    R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2006-04-14 13056]
    R3 Point32;Microsoft IntelliPoint Filter Driver; C:\WINDOWS\system32\DRIVERS\point32.sys [2006-06-30 21760]
    R3 PxHelper;PxHelper; \??\C:\WINDOWS\system32\drivers\PxHelper.sys []
    R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2005-10-19 24720]
    R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
    R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
    R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
    R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
    R3 ZD1211BU(TRENDnet);802.11g Wireless USB 2.0 Adapter C1 Driver(TRENDnet); C:\WINDOWS\system32\DRIVERS\zd1211Bu.sys [2005-10-27 402432]
    R4 SymEvent;SymEvent; \??\C:\Program Files\Symantec\SYMEVENT.SYS []
    S2 DVDRIVER;DVdriver; C:\WINDOWS\system32\DRIVERS\dvdriver.sys [2008-02-25 34376]
    S2 npkcrypt;npkcrypt; \??\C:\Program Files\NEXON\MapleStory\npkcrypt.sys []
    S2 trackcam4;TrackerCam Video Capture Driver 4.0; C:\WINDOWS\system32\DRIVERS\trackca4.sys [2008-02-25 70028]
    S3 61883;61883 Unit Device; C:\WINDOWS\system32\DRIVERS\61883.sys [2008-04-13 48128]
    S3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-10-26 3786944]
    S3 aoegc19h;aoegc19h; C:\WINDOWS\system32\drivers\aoegc19h.sys []
    S3 Avc;AVC Device; C:\WINDOWS\system32\DRIVERS\avc.sys [2008-04-13 38912]
    S3 Bridge;MAC Bridge; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 BridgeMP;MAC Bridge Miniport; C:\WINDOWS\system32\DRIVERS\bridge.sys [2008-04-13 71552]
    S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
    S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
    S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
    S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
    S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-07-15 51120]
    S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-07-15 16496]
    S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-07-15 21744]
    S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
    S3 MSDV;Microsoft DV Camera and VCR; C:\WINDOWS\system32\DRIVERS\msdv.sys [2008-04-13 51200]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
    S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
    S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
    S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
    S3 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
    S3 SPLITCAM;Splitcam, WDM Camera Stream Splitter; C:\WINDOWS\system32\DRIVERS\splitcam.sys []
    S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
    S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
    S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
    S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
    S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
    S3 V2210VID;DigitalCam Pro; C:\WINDOWS\system32\DRIVERS\V2210vid.sys [2002-10-31 434368]
    S3 WCDV_Aud;WevCamDV WDM Virtual Audio Device; C:\WINDOWS\system32\drivers\wcdvaud.sys []
    S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
    S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
    S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
    S3 XTrapD12;XTrapD12; \??\C:\WINDOWS\system32\XTrapD12.sys []
    S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys []
    S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
    R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
    R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe [2005-10-04 185968]
    R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe [2005-10-04 177776]
    R2 DefWatch;Symantec AntiVirus Definition Watcher; C:\Program Files\Symantec AntiVirus\DefWatch.exe [2005-11-15 20208]
    R2 ForceWare Intelligent Application Manager (IAM);ForceWare Intelligent Application Manager (IAM); C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe [2005-12-21 139264]
    R2 ForcewareWebInterface;Forceware Web Interface; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe [2005-09-23 20543]
    R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2003-08-29 307200]
    R2 nSvcIp;ForceWare IP service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe [2005-12-21 127035]
    R2 nSvcLog;ForceWare user log service; C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe [2005-12-21 61503]
    R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-06-23 155715]
    R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [2004-09-29 69632]
    R2 sprtsvc_medicsp2;SupportSoft Sprocket Service (medicsp2); C:\Program Files\twc\medicsp2\bin\sprtsvc.exe [2007-03-07 202280]
    R2 Symantec AntiVirus;Symantec AntiVirus; C:\Program Files\Symantec AntiVirus\Rtvscan.exe [2005-11-15 1756912]
    R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
    S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
    S3 ccPwdSvc;Symantec Password Validation; C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe [2005-10-04 83568]
    S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2007-06-03 654848]
    S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2006-10-20 36864]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
    S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2006-10-30 741376]
    S3 MrobeService;MrobeService; C:\WINDOWS\system32\MRobeService.exe []
    S3 SavRoam;SAVRoam; C:\Program Files\Symantec AntiVirus\SavRoam.exe [2005-11-15 169200]
    S3 SNDSrvc;Symantec Network Drivers Service; C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe [2005-10-19 214672]
    S3 SPBBCSvc;Symantec SPBBCSvc; C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe [2005-03-30 992864]
    S3 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [2008-07-15 394608]
    S3 usprserv;User Privilege Service; C:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
    S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
    S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
    S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2006-10-30 122880]

    -----------------EOF-----------------
     
    WindBlown,
    #4
  6. 2008/10/21
    PeteC

    PeteC SuperGeek Staff

    Joined:
    2002/05/10
    Messages:
    28,896
    Likes Received:
    389
    If you are convinced that your computer is clean - and you ran the programs listed in the URL I posted and had the results analysed at Safer Networking - fine, but a second opinion is always worthwhile.

    This thread deals with a similar problem which was malware related ......

    http://www.bleepingcomputer.com/forums/topic69952.html

    Edit - I see you posted while I was composing/researching.
     
    PeteC,
    #5

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...