1. You are viewing our forum as a guest. For full access please Register. WindowsBBS.com is completely free, paid for by advertisers and donations.

Inactive [InActive] Getting Windows firewall alert for Spyware.ISpyNow in Vista

Discussion in 'Malware and Virus Removal Archive' started by dj9816, 2008/11/30.

  1. 2008/11/30
    dj9816

    dj9816 Inactive Thread Starter

    Joined:
    2008/11/30
    Messages:
    5
    Likes Received:
    0
    I have been getting a message with windows firewall complaining about Spyware.ISpynow. According to that firewall message, it is a keylogger trojan with High risk. I have tried to remove it with:

    Spyware Doctor
    Malwarebytes
    Dr Web
    Trend Micro PCcillin
    Spybot S&D

    None of them have been able to even detect this trojan.
    I am using Windows Vista Home Premium (32 bit).

    Please help. The log.txt and info.txt are pasted in the 2 follow up posts in this thread.

    Thanks.
    Regards,
    Dhananjay
     
    dj9816,
    #1
  2. 2008/11/30
    dj9816

    dj9816 Inactive Thread Starter

    Joined:
    2008/11/30
    Messages:
    5
    Likes Received:
    0
    log.txt

    Logfile of random's system information tool 1.04 (written by random/random)
    Run by Dhananjay at 2008-11-30 11:28:37
    Microsoft® Windows Vistaâ„¢ Home Premium Service Pack 1
    System drive C: has 40 GB (39%) free of 102 GB
    Total RAM: 3069 MB (50% free)

    Logfile of Trend Micro HijackThis v2.0.2
    Scan saved at 11:29:00 AM, on 11/30/2008
    Platform: Windows Vista SP1 (WinNT 6.00.1905)
    MSIE: Internet Explorer v7.00 (7.00.6001.18000)
    Boot mode: Normal

    Running processes:
    C:\Windows\System32\smss.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\wininit.exe
    C:\Windows\system32\csrss.exe
    C:\Windows\system32\services.exe
    C:\Windows\system32\lsass.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\nvvsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\SLsvc.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\winlogon.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\WLANExt.exe
    C:\Windows\System32\spoolsv.exe
    C:\Windows\system32\svchost.exe
    C:\Windows\system32\rundll32.exe
    C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    C:\Windows\system32\aestsrv.exe
    C:\Program Files\Fingerprint Reader Suite\upeksvr.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    C:\Windows\system32\svchost.exe
    C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    C:\Program Files\Spyware Doctor\pctsAuxs.exe
    C:\Program Files\Spyware Doctor\pctsSvc.exe
    C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    C:\Windows\system32\STacSV.exe
    C:\Windows\system32\svchost.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    C:\Windows\System32\svchost.exe
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\taskeng.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Program Files\Windows Defender\MSASCui.exe
    C:\Program Files\DellTPad\Apoint.exe
    C:\Windows\OEM02Mon.exe
    C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
    C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
    C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe
    C:\Program Files\Dell\MediaDirect\PCMService.exe
    C:\Program Files\SBC\update\SST.exe
    C:\Program Files\Fingerprint Reader Suite\psqltray.exe
    C:\Program Files\DAP\DAP.exe
    C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
    C:\Program Files\Common Files\Real\Update_OB\realsched.exe
    C:\Program Files\DellTPad\ApMsgFwd.exe
    C:\Program Files\Dell Support Center\bin\sprtcmd.exe
    C:\Program Files\DellTPad\Apntex.exe
    C:\Program Files\DellTPad\HidFind.exe
    C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
    C:\Windows\System32\rundll32.exe
    C:\Windows\System32\rundll32.exe
    C:\Program Files\Spyware Doctor\pctsTray.exe
    C:\Windows\ehome\ehtray.exe
    C:\Program Files\Windows Media Player\wmpnscfg.exe
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Users\Dhananjay\AppData\Roaming\Google\Google Talk\googletalk.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\wbem\unsecapp.exe
    C:\Program Files\Windows Live\Messenger\msnmsgr.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
    C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    C:\Users\Dhananjay\AppData\Local\Google\Update\GoogleUpdate.exe
    C:\Users\Dhananjay\AppData\Roaming\Google\dvvm.exe
    C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    C:\Program Files\Dell\QuickSet\quickset.exe
    C:\Sun\SDK\jdk\bin\javaw.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
    C:\Windows\ehome\ehmsas.exe
    c:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
    C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
    C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
    C:\Program Files\Internet Explorer\ieuser.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe
    C:\Windows\system32\Macromed\Flash\FlashUtil10a.exe
    C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
    C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Users\Dhananjay\Movies\RSIT.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Program Files\trend micro\Dhananjay.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O1 - Hosts: ::1 localhost
    O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
    O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
    O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
    O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
    O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll
    O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
    O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll
    O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
    O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
    O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
    O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
    O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
    O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
    O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Fingerprint Reader Suite\launcher.exe" /startup
    O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
    O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe "
    O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
    O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
    O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe "
    O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe "
    O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe "
    O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\MediaDirect\PCMService.exe "
    O4 - HKLM\..\Run: [SBC_McciTrayApp] C:\Program Files\SBC\update\SST.exe
    O4 - HKLM\..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP
    O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe "
    O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
    O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe "
    O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\sttray.exe
    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
    O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
    O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
    O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe "
    O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
    O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
    O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
    O4 - HKCU\..\Run: [Yahoo! Pager] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
    O4 - HKCU\..\Run: [googletalk] C:\Users\Dhananjay\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
    O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
    O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
    O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
    O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
    O4 - HKCU\..\Run: [Google Update] "C:\Users\Dhananjay\AppData\Local\Google\Update\GoogleUpdate.exe" /c
    O4 - HKCU\..\Run: [HPsetm] "C:\Users\Dhananjay\AppData\Roaming\Google\dvvm.exe "
    O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
    O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
    O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
    O4 - HKUS\S-1-5-18\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'SYSTEM')
    O4 - HKUS\.DEFAULT\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector.exe (User 'Default user')
    O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    O4 - Startup: SDK Tray Menu.lnk = ?
    O4 - Global Startup: Bluetooth.lnk = ?
    O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
    O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm
    O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm
    O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm
    O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
    O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~3.0_0\bin\ssv.dll
    O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
    O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
    O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
    O13 - Gopher Prefix:
    O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
    O16 - DPF: {474F00F5-3853-492C-AC3A-476512BBC336} (UploadListView Class) - http://picasaweb.google.com/s/v/28.33/uploader2.cab
    O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab
    O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://dhananjayg.spaces.live.com/PhotoUpload/VistaMsnPUplden-us.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{484CB284-C62D-46FA-B37E-BFE2C64B0549}: NameServer = 203.94.243.70,203.94.227.70
    O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL
    O23 - Service: Adobe Active File Monitor V6 (AdobeActiveFileMonitor6.0) - Unknown owner - C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
    O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\system32\aestsrv.exe
    O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
    O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
    O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
    O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
    O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
    O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
    O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
    O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
    O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
    O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
    O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
    O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
    O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
    O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
    O23 - Service: SigmaTel Audio Service (STacSV) - IDT, Inc. - C:\Windows\system32\STacSV.exe
    O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
    O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
    O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
    O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
    O23 - Service: Apache Tomcat (Tomcat6) - Apache Software Foundation - C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe

    --
    End of file - 16736 bytes

    ======Scheduled tasks folder======

    C:\Windows\tasks\GoogleUpdateTaskUser.job
    C:\Windows\tasks\User_Feed_Synchronization-{107C2A43-4096-4747-B320-DEAFB8E35D2B}.job

    ======Registry dump======

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
    &Yahoo! Toolbar Helper - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05 816400]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
    Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
    Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 198136]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
    SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
    Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
    Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2008-08-06 2549368]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
    Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll [2008-02-04 325048]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CA6319C0-31B7-401E-A518-A07C3DB8F777}]
    CBrowserHelperObject Object - C:\Program Files\Dell\BAE\BAE.dll [2006-11-09 98304]

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
    {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\PROGRA~1\Yahoo!\Companion\Installs\cpn\yt.dll [2007-09-05 816400]
    {D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2008-04-18 352256]
    {2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2008-08-06 2549368]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    "Windows Defender "=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
    "ECenter "=C:\Dell\E-Center\EULALauncher.exe [2007-05-25 17920]
    "Apoint "=C:\Program Files\DellTPad\Apoint.exe [2007-09-07 159744]
    "OEM02Mon.exe "=C:\Windows\OEM02Mon.exe [2007-08-27 36864]
    "PSQLLauncher "=C:\Program Files\Fingerprint Reader Suite\launcher.exe [2007-04-16 49168]
    "DELL Webcam Manager "=C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [2007-07-27 118784]
    "IAAnotif "=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-03-21 174872]
    "ISUSScheduler "=C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2006-10-03 81920]
    " "= []
    "Google Desktop Search "=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-18 29744]
    "Adobe Photo Downloader "=C:\Program Files\Adobe\Photoshop Elements 6.0\apdproxy.exe [2007-09-11 67488]
    "dscactivate "=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-10-09 16384]
    "pccguide.exe "=C:\Program Files\Trend Micro\Internet Security 14\pccguide.exe [2007-08-27 1807696]
    "PCMService "=C:\Program Files\Dell\MediaDirect\PCMService.exe [2007-12-21 184320]
    "SBC_McciTrayApp "=C:\Program Files\SBC\update\SST.exe [2007-02-28 1011200]
    "DownloadAccelerator "=C:\Program Files\DAP\DAP.EXE [2008-02-09 3057152]
    "SunJavaUpdateSched "=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
    "TkBellExe "=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-04-29 185896]
    "DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
    "Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
    "SigmatelSysTrayApp "=C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [2007-09-13 405504]
    "NvCplDaemon "=C:\Windows\system32\NvCpl.dll [2008-06-09 13543968]
    "NvMediaCenter "=C:\Windows\system32\NvMcTray.dll [2008-06-09 92704]
    "NVHotkey "=C:\Windows\system32\nvHotkey.dll [2008-06-09 96800]
    "ISTray "=C:\Program Files\Spyware Doctor\pctsTray.exe [2008-08-25 1168264]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
    "Malwarebytes' Anti-Malware "=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-22 399504]

    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
    "WindowsWelcomeCenter "=C:\Windows\system32\oobefldr.dll [2008-01-19 2153472]
    "ehTray.exe "=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
    "Yahoo! Pager "=C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE [2007-08-30 4670704]
    "googletalk "=C:\Users\Dhananjay\AppData\Roaming\Google\Google Talk\googletalk.exe [2007-01-01 3739648]
    "DellSupportCenter "=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
    "MsnMsgr "=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2007-10-18 5724184]
    "Veoh "=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-04-18 3628080]
    " "= []
    "swg "=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-02-04 68856]
    "Google Update "=C:\Users\Dhananjay\AppData\Local\Google\Update\GoogleUpdate.exe [2008-11-14 133104]
    "HPsetm "=C:\Users\Dhananjay\AppData\Roaming\Google\dvvm.exe [2008-11-26 107008]
    "WMPNSCFG "=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
    Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
    QuickSet.lnk - C:\Program Files\Dell\QuickSet\quickset.exe

    C:\Users\Dhananjay\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
    SDK Tray Menu.lnk - C:\Sun\SDK\jdk\bin\javaw.exe

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS "= "C:\PROGRA~1\Google\GOOGLE~2\GOEC62~1.DLL "

    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\psfus]
    C:\Windows\system32\psqlpwd.dll [2007-04-16 86528]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
    "notification packages "=scecli
    psqlpwd

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
    "dontdisplaylastusername "=0
    "legalnoticecaption "=
    "legalnoticetext "=
    "shutdownwithoutlogon "=1
    "undockwithoutlogon "=1
    "DisableCAD "=1
    "EnableUIADesktopToggle "=0

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

    [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

    ======List of files/folders created in the last 3 months======

    2008-11-30 11:28:37 ----D---- C:\rsit
    2008-11-30 10:37:34 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
    2008-11-30 09:28:57 ----D---- C:\Users\Dhananjay\AppData\Roaming\PC Tools
    2008-11-30 09:28:57 ----D---- C:\Program Files\Spyware Doctor
    2008-11-29 12:16:46 ----D---- C:\Users\Dhananjay\AppData\Roaming\Malwarebytes
    2008-11-29 12:16:39 ----D---- C:\ProgramData\Malwarebytes
    2008-11-29 11:11:35 ----D---- C:\ProgramData\Spybot - Search & Destroy
    2008-11-29 11:11:35 ----D---- C:\Program Files\Spybot - Search & Destroy
    2008-11-22 10:15:08 ----A---- C:\Windows\system32\stlang.dll
    2008-11-22 10:15:08 ----A---- C:\Windows\system32\stacsv.exe
    2008-11-22 10:15:08 ----A---- C:\Windows\system32\aestecap.dll
    2008-11-22 10:14:04 ----A---- C:\Windows\system32\stcplx.dll
    2008-11-22 10:14:04 ----A---- C:\Windows\system32\stapo.dll
    2008-11-22 10:14:04 ----A---- C:\Windows\system32\stapi32.dll
    2008-11-22 10:14:04 ----A---- C:\Windows\system32\st325614.dll
    2008-11-22 10:13:27 ----A---- C:\Windows\system32\dpinst.exe
    2008-11-22 10:13:22 ----A---- C:\Windows\system32\nvwssr.dll
    2008-11-22 10:13:20 ----A---- C:\Windows\system32\nvwss.dll
    2008-11-22 10:13:20 ----A---- C:\Windows\system32\nvwgf2um.dll
    2008-11-22 10:13:20 ----A---- C:\Windows\system32\nvvsvc.exe
    2008-11-22 10:13:18 ----A---- C:\Windows\system32\nvvitvsr.dll
    2008-11-22 10:13:16 ----A---- C:\Windows\system32\nvvitvs.dll
    2008-11-22 10:13:16 ----A---- C:\Windows\system32\nvudisp.exe
    2008-11-22 10:13:13 ----A---- C:\Windows\system32\nvoglv32.dll
    2008-11-22 10:13:10 ----A---- C:\Windows\system32\nvmoblsr.dll
    2008-11-22 10:13:10 ----A---- C:\Windows\system32\nvmobls.dll
    2008-11-22 10:13:10 ----A---- C:\Windows\system32\nvmccssr.dll
    2008-11-22 10:13:10 ----A---- C:\Windows\system32\nvmccss.dll
    2008-11-22 10:13:10 ----A---- C:\Windows\system32\nvmccsrs.dll
    2008-11-22 10:13:10 ----A---- C:\Windows\system32\nvmccs.dll
    2008-11-22 10:13:07 ----A---- C:\Windows\system32\nvgamesr.dll
    2008-11-22 10:13:05 ----A---- C:\Windows\system32\nvgames.dll
    2008-11-22 10:13:01 ----A---- C:\Windows\system32\nvdispsr.dll
    2008-11-22 10:13:00 ----A---- C:\Windows\system32\nvdisps.dll
    2008-11-22 10:12:58 ----A---- C:\Windows\system32\nvcpl.dll
    2008-11-22 10:12:58 ----A---- C:\Windows\system32\nvcolor.exe
    2008-11-22 10:12:58 ----A---- C:\Windows\system32\nvcod130.dll
    2008-11-22 10:12:58 ----A---- C:\Windows\system32\nvcod.dll
    2008-11-17 19:10:01 ----SHD---- C:\Config.Msi
    2008-11-15 06:20:22 ----A---- C:\Windows\system32\rpcrt4.dll
    2008-11-15 06:20:21 ----A---- C:\Windows\system32\pacerprf.dll
    2008-11-15 06:20:11 ----A---- C:\Windows\system32\emdmgmt.dll
    2008-11-15 06:20:11 ----A---- C:\Windows\system32\dataclen.dll
    2008-11-15 06:20:11 ----A---- C:\Windows\system32\cdd.dll
    2008-11-15 06:20:03 ----A---- C:\Windows\system32\wshext.dll
    2008-11-15 06:20:03 ----A---- C:\Windows\system32\wscript.exe
    2008-11-15 06:20:03 ----A---- C:\Windows\system32\vbscript.dll
    2008-11-15 06:20:03 ----A---- C:\Windows\system32\scrrun.dll
    2008-11-15 06:20:03 ----A---- C:\Windows\system32\scrobj.dll
    2008-11-15 06:20:03 ----A---- C:\Windows\system32\jscript.dll
    2008-11-15 06:20:03 ----A---- C:\Windows\system32\cscript.exe
    2008-11-14 20:04:20 ----A---- C:\Windows\system32\wups2.dll
    2008-11-14 20:04:20 ----A---- C:\Windows\system32\wuauclt.exe
    2008-11-14 20:04:19 ----A---- C:\Windows\system32\wucltux.dll
    2008-11-14 20:04:19 ----A---- C:\Windows\system32\wuaueng.dll
    2008-11-14 20:03:56 ----A---- C:\Windows\system32\wups.dll
    2008-11-14 20:03:56 ----A---- C:\Windows\system32\wudriver.dll
    2008-11-14 20:03:56 ----A---- C:\Windows\system32\wuapi.dll
    2008-11-14 20:03:38 ----A---- C:\Windows\system32\wuwebv.dll
    2008-11-14 20:03:38 ----A---- C:\Windows\system32\wuapp.exe
    2008-11-13 22:35:38 ----D---- C:\PerfLogs
    2008-11-13 22:16:28 ----A---- C:\Windows\system32\javaws.exe
    2008-11-13 22:16:28 ----A---- C:\Windows\system32\javaw.exe
    2008-11-13 22:16:28 ----A---- C:\Windows\system32\java.exe
    2008-11-13 21:58:20 ----A---- C:\Windows\system32\psisdecd.dll
    2008-11-13 21:58:20 ----A---- C:\Windows\system32\EncDec.dll
    2008-11-13 21:58:05 ----A---- C:\Windows\system32\gameux.dll
    2008-11-13 21:58:05 ----A---- C:\Windows\system32\Apphlpdm.dll
    2008-11-13 21:58:04 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
    2008-11-13 21:56:20 ----A---- C:\Windows\system32\msxml6.dll
    2008-11-13 21:56:17 ----A---- C:\Windows\system32\msxml3.dll
    2008-11-13 09:02:57 ----A---- C:\Windows\system32\netapi32.dll
    2008-11-13 09:02:11 ----A---- C:\Windows\system32\win32spl.dll
    2008-11-13 09:02:11 ----A---- C:\Windows\system32\printcom.dll
    2008-10-28 16:36:00 ----A---- C:\Windows\system32\divx_xx0c.dll
    2008-10-28 16:36:00 ----A---- C:\Windows\system32\divx_xx07.dll
    2008-10-28 16:35:58 ----A---- C:\Windows\system32\divx_xx11.dll
    2008-10-28 16:35:58 ----A---- C:\Windows\system32\divx_xx0a.dll
    2008-10-28 16:35:56 ----A---- C:\Windows\system32\DivX.dll
    2008-10-15 12:43:55 ----A---- C:\Windows\system32\ieframe.dll
    2008-10-15 12:43:54 ----A---- C:\Windows\system32\mshtml.dll
    2008-10-15 12:43:53 ----A---- C:\Windows\system32\wininet.dll
    2008-10-15 12:43:53 ----A---- C:\Windows\system32\urlmon.dll
    2008-10-15 12:43:53 ----A---- C:\Windows\system32\iertutil.dll
    2008-10-15 12:43:52 ----A---- C:\Windows\system32\mstime.dll
    2008-10-15 12:43:52 ----A---- C:\Windows\system32\jsproxy.dll
    2008-10-15 12:36:33 ----A---- C:\Windows\system32\ntoskrnl.exe
    2008-10-15 12:36:33 ----A---- C:\Windows\system32\ntkrnlpa.exe
    2008-09-30 16:43:34 ----A---- C:\Windows\system32\msxml4.dll
    2008-09-25 02:03:44 ----A---- C:\Windows\system32\DivXsm.exe
    2008-09-25 02:03:38 ----A---- C:\Windows\system32\dtu100.dll
    2008-09-25 02:03:38 ----A---- C:\Windows\system32\dpl100.dll
    2008-09-25 02:03:34 ----A---- C:\Windows\system32\dpuGUI10.dll
    2008-09-25 02:03:32 ----A---- C:\Windows\system32\dpv11.dll
    2008-09-25 02:03:32 ----A---- C:\Windows\system32\dpus11.dll
    2008-09-25 02:03:32 ----A---- C:\Windows\system32\dpuGUI11.dll
    2008-09-25 02:03:30 ----A---- C:\Windows\system32\dpu11.dll
    2008-09-25 02:03:30 ----A---- C:\Windows\system32\dpu10.dll
    2008-09-25 02:03:18 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
    2008-09-19 15:57:34 ----A---- C:\Windows\system32\qt-dx331.dll
    2008-09-19 15:55:58 ----A---- C:\Windows\system32\ssldivx.dll
    2008-09-19 15:55:58 ----A---- C:\Windows\system32\libdivx.dll
    2008-09-19 15:55:10 ----A---- C:\Windows\system32\dtu100.dll.manifest
    2008-09-19 15:55:10 ----A---- C:\Windows\system32\dpl100.dll.manifest
    2008-09-19 15:54:18 ----A---- C:\Windows\system32\DivXWMPExtType.dll
    2008-09-11 10:45:25 ----A---- C:\Windows\system32\wmpeffects.dll

    ======List of files/folders modified in the last 3 months======

    2008-11-30 11:29:00 ----D---- C:\Program Files\Trend Micro
    2008-11-30 11:28:52 ----D---- C:\Windows\Prefetch
    2008-11-30 11:28:42 ----D---- C:\Windows\Temp
    2008-11-30 10:37:37 ----D---- C:\Windows\system32\drivers
    2008-11-30 10:37:34 ----RD---- C:\Program Files
    2008-11-30 10:22:15 ----AD---- C:\ProgramData\TEMP
    2008-11-30 10:13:28 ----D---- C:\Windows\System32
    2008-11-30 10:13:28 ----D---- C:\Windows\inf
    2008-11-30 10:13:28 ----A---- C:\Windows\system32\PerfStringBackup.INI
    2008-11-30 10:12:00 ----D---- C:\Users\Dhananjay\AppData\Roaming\OpenOffice.org2
    2008-11-30 09:32:14 ----D---- C:\Windows\system32\catroot2
    2008-11-30 09:32:11 ----SHD---- C:\System Volume Information
    2008-11-29 12:16:39 ----HD---- C:\ProgramData
    2008-11-26 10:14:02 ----D---- C:\Users\Dhananjay\AppData\Roaming\dvdcss
    2008-11-26 10:14:02 ----D---- C:\Users\Dhananjay\AppData\Roaming\DivX
    2008-11-26 10:14:02 ----D---- C:\Users\Dhananjay\AppData\Roaming\DataSafeOnline
    2008-11-26 10:14:02 ----D---- C:\Users\Dhananjay\AppData\Roaming\CyberLink
    2008-11-26 10:14:02 ----D---- C:\Users\Dhananjay\AppData\Roaming\Creative
    2008-11-26 10:14:02 ----D---- C:\Users\Dhananjay\AppData\Roaming\Adobe
    2008-11-26 10:13:02 ----D---- C:\Users\Dhananjay\AppData\Roaming\Google
    2008-11-22 10:20:33 ----D---- C:\ProgramData\NVIDIA
    2008-11-22 10:20:11 ----D---- C:\Windows
    2008-11-22 10:16:01 ----D---- C:\Windows\system32\catroot
    2008-11-22 10:14:02 ----HD---- C:\Program Files\InstallShield Installation Information
    2008-11-22 09:42:12 ----D---- C:\Windows\system32\LogFiles
    2008-11-22 09:18:59 ----SD---- C:\Users\Dhananjay\AppData\Roaming\Microsoft
    2008-11-18 21:21:13 ----D---- C:\Program Files\Mozilla Firefox
    2008-11-18 20:34:58 ----SHD---- C:\Windows\Installer
    2008-11-16 11:49:28 ----D---- C:\Windows\system32\WDI
    2008-11-15 13:33:06 ----D---- C:\Windows\rescache
    2008-11-15 13:10:19 ----D---- C:\Windows\winsxs
    2008-11-14 21:35:20 ----D---- C:\Windows\system32\en-US
    2008-11-14 20:49:54 ----D---- C:\Windows\system32\Tasks
    2008-11-14 20:49:53 ----D---- C:\Windows\Tasks
    2008-11-14 20:08:03 ----D---- C:\Program Files\DivX
    2008-11-13 23:56:31 ----D---- C:\Windows\Logs
    2008-11-13 22:47:01 ----RSD---- C:\Windows\assembly
    2008-11-13 22:47:01 ----D---- C:\Windows\Microsoft.NET
    2008-11-13 22:44:39 ----ASH---- C:\Program Files\desktop.ini
    2008-11-13 22:44:37 ----SHD---- C:\Boot
    2008-11-13 22:36:27 ----D---- C:\Program Files\Windows Sidebar
    2008-11-13 22:36:27 ----D---- C:\Program Files\Windows Photo Gallery
    2008-11-13 22:36:27 ----D---- C:\Program Files\Windows Media Player
    2008-11-13 22:36:27 ----D---- C:\Program Files\Windows Mail
    2008-11-13 22:36:27 ----D---- C:\Program Files\Windows Journal
    2008-11-13 22:36:27 ----D---- C:\Program Files\Windows Collaboration
    2008-11-13 22:36:27 ----D---- C:\Program Files\Windows Calendar
    2008-11-13 22:36:27 ----D---- C:\Program Files\Movie Maker
    2008-11-13 22:36:27 ----D---- C:\Program Files\Internet Explorer
    2008-11-13 22:36:26 ----D---- C:\Windows\servicing
    2008-11-13 22:36:26 ----D---- C:\Windows\ehome
    2008-11-13 22:36:26 ----D---- C:\Program Files\Windows Defender
    2008-11-13 22:36:26 ----D---- C:\Program Files\Common Files\System
    2008-11-13 22:36:20 ----D---- C:\Windows\system32\XPSViewer
    2008-11-13 22:36:20 ----D---- C:\Windows\system32\ko-KR
    2008-11-13 22:36:20 ----D---- C:\Windows\system32\da-DK
    2008-11-13 22:36:20 ----D---- C:\Windows\system32\com
    2008-11-13 22:36:20 ----D---- C:\Windows\PolicyDefinitions
    2008-11-13 22:36:20 ----D---- C:\Windows\MSAgent
    2008-11-13 22:36:20 ----D---- C:\Windows\L2Schemas
    2008-11-13 22:36:20 ----D---- C:\Windows\IME
    2008-11-13 22:36:20 ----D---- C:\Windows\DigitalLocker
    2008-11-13 22:36:17 ----D---- C:\Windows\system32\sysprep
    2008-11-13 22:36:17 ----D---- C:\Windows\system32\oobe
    2008-11-13 22:36:17 ----D---- C:\Windows\system32\migration
    2008-11-13 22:36:17 ----D---- C:\Windows\system32\it-IT
    2008-11-13 22:36:17 ----D---- C:\Windows\system32\el-GR
    2008-11-13 22:36:17 ----D---- C:\Windows\system32\de-DE
    2008-11-13 22:36:16 ----D---- C:\Windows\system32\AdvancedInstallers
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\sv-SE
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\SLUI
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\setup
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\ru-RU
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\pt-PT
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\ias
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\hu-HU
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\he-IL
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\fr-FR
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\fi-FI
    2008-11-13 22:36:15 ----D---- C:\Windows\system32\cs-CZ
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\zh-TW
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\zh-CN
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\ro-RO
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\pl-PL
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\manifeststore
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\ja-JP
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\es-ES
    2008-11-13 22:36:14 ----D---- C:\Windows\system32\en
    2008-11-13 22:36:11 ----D---- C:\Windows\system32\wbem
    2008-11-13 22:36:11 ----D---- C:\Windows\system32\tr-TR
    2008-11-13 22:36:10 ----D---- C:\Windows\system32\nl-NL
    2008-11-13 22:36:10 ----D---- C:\Windows\system32\nb-NO
    2008-11-13 22:36:10 ----D---- C:\Windows\system32\ar-SA
    2008-11-13 22:36:09 ----D---- C:\Windows\system32\pt-BR
    2008-11-13 22:36:09 ----D---- C:\Windows\system32\migwiz
    2008-11-13 22:35:45 ----D---- C:\Windows\AppPatch
    2008-11-13 22:35:39 ----D---- C:\Windows\Boot
    2008-11-13 22:35:38 ----D---- C:\Windows\system32\Boot
    2008-11-13 22:21:22 ----A---- C:\Windows\system32\ifxcardm.dll
    2008-11-13 22:21:20 ----A---- C:\Windows\system32\axaltocm.dll
    2008-11-13 22:16:28 ----D---- C:\Program Files\Java
    2008-11-13 22:04:33 ----D---- C:\Program Files\Microsoft Silverlight
    2008-11-13 21:58:31 ----D---- C:\ProgramData\Adobe
    2008-11-13 21:58:21 ----D---- C:\Program Files\Common Files\Adobe
    2008-11-13 21:58:21 ----D---- C:\Program Files\Adobe
    2008-11-13 09:08:37 ----SD---- C:\Windows\Downloaded Program Files
    2008-11-03 16:10:26 ----A---- C:\Windows\system32\mrt.exe
    2008-10-20 02:24:31 ----RD---- C:\Users
    2008-09-11 10:58:11 ----D---- C:\Program Files\Microsoft Works

    ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R1 IKSysFlt;System Filter Driver; C:\Windows\system32\drivers\iksysflt.sys [2008-08-25 66952]
    R1 IKSysSec;System Security Driver; C:\Windows\system32\drivers\iksyssec.sys [2008-08-25 81288]
    R1 tmtdi;Trend Micro TDI Driver; C:\Windows\system32\DRIVERS\tmtdi.sys [2007-08-27 73288]
    R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2007-09-07 39936]
    R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-09-07 42496]
    R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-09-07 37376]
    R2 tmpreflt;tmpreflt; C:\Windows\system32\DRIVERS\tmpreflt.sys [2008-08-16 36368]
    R2 tmxpflt;tmxpflt; C:\Windows\system32\drivers\TmXPFlt.sys [2008-08-16 205328]
    R2 vsapint;vsapint; C:\Windows\system32\DRIVERS\vsapint.sys [2008-08-16 1195448]
    R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-09-07 155136]
    R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-18 19456]
    R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-18 92160]
    R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-28 29184]
    R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2006-11-06 78128]
    R3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2006-11-06 80176]
    R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2006-11-06 16560]
    R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-18 14208]
    R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\mbamswissarmy.sys [2008-10-22 38496]
    R3 NETw4v32;Intel(R) Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw4v32.sys [2007-08-13 2226688]
    R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2008-06-09 7522624]
    R3 OEM02Dev;Creative Camera OEM002 Driver; C:\Windows\system32\DRIVERS\OEM02Dev.sys [2007-08-27 235520]
    R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM02Vfx.sys [2007-08-27 7424]
    R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-18 49664]
    R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-18 88576]
    R3 STHDA;SigmaTel High Definition Audio CODEC; C:\Windows\system32\drivers\stwrt.sys [2007-12-02 330240]
    R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2007-04-16 46992]
    R3 tmcfw;Trend Micro Common Firewall Service; C:\Windows\system32\DRIVERS\TM_CFW.sys [2007-08-27 280392]
    R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-18 11264]
    R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-09-28 278528]
    S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-28 220160]
    S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
    S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2006-11-02 200704]
    S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
    S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
    S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
    S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
    S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
    S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
    S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-18 73088]
    S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-18 134016]
    S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
    S4 iaNvStor;Intel(R) Turbo Memory Controller; C:\Windows\system32\drivers\ianvstor.sys [2007-09-07 209408]

    ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

    R2 AdobeActiveFileMonitor6.0;Adobe Active File Monitor V6; C:\Program Files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe [2007-09-11 124832]
    R2 AESTFilters;Andrea ST Filters Service; C:\Windows\system32\aestsrv.exe [2007-12-02 73728]
    R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
    R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-07-25 647168]
    R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-03-21 355096]
    R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2008-06-09 196608]
    R2 PcCtlCom;Trend Micro Central Control Component; C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe [2007-08-27 1471840]
    R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-07-25 327680]
    R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
    R2 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-13 356920]
    R2 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-10-09 1079176]
    R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
    R2 STacSV;SigmaTel Audio Service; C:\Windows\system32\STacSV.exe [2007-09-13 102400]
    R2 Tmntsrv;Trend Micro Real-time Service; C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe [2007-08-27 345432]
    R2 TmPfw;Trend Micro Personal Firewall; C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe [2007-08-27 923216]
    R2 tmproxy;Trend Micro Proxy Service; C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe [2007-08-27 566872]
    R3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-04 138168]
    S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-02-04 654848]
    S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-08-18 29744]
    S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
    S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
    S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
    S3 Tomcat6;Apache Tomcat; C:\Program Files\Apache Software Foundation\Tomcat 6.0\bin\tomcat6.exe [2008-01-28 57344]
    S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
    S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

    -----------------EOF-----------------
     
    dj9816,
    #2


  3. to hide this advert.

  4. 2008/11/30
    dj9816

    dj9816 Inactive Thread Starter

    Joined:
    2008/11/30
    Messages:
    5
    Likes Received:
    0
    info.txt

    info.txt logfile of random's system information tool 1.04 2008-11-30 11:29:03

    ======Uninstall list======

    -->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    -->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    -->C:\Program Files\Yahoo!\Yahoo! Music Jukebox\oggcodecs\uninst.exe
    -->MsiExec.exe /I{95D9B4D8-B091-4fab-80EA-313EB4B82FD6}
    -->MsiExec.exe /I{EB997E90-5EB0-4eb5-90D0-90B1D2F0CA03}
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A82F10CB-18B5-4EAC-AEF2-FA49CD565626}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9
    -->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9
    Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
    Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
    Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
    Adobe Photoshop Elements 6.0-->msiexec /I {F54AC413-D2C6-4A24-B324-370C223C6250}
    Adobe Premiere Elements 4.0 Templates-->msiexec /I {F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}
    Adobe Premiere Elements 4.0 Templates-->MsiExec.exe /I{F85C7118-F3DC-4ED9-AB27-3E7931EA3D88}
    Adobe Premiere Elements 4.0-->msiexec /I {3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}
    Adobe Premiere Elements 4.0-->MsiExec.exe /I{3E2C691B-B7E6-4053-B5C3-94B8BC407E7A}
    Adobe Reader 8.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
    Advanced Audio FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}\setup.exe" -l0x9 /remove
    Advanced Video FX Engine-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5BA7C09-E523-478C-9C37-A1D86C76383E}\setup.exe" -l0x9 /remove
    Apache Tomcat 6.0 (remove only)--> "C:\Program Files\Apache Software Foundation\Tomcat 6.0\Uninstall.exe "
    AT&T Yahoo! Applications-->C:\Program Files\Yahoo!\Common\uninstall.exe
    Banctec Service Agreement-->MsiExec.exe /X{4B9F45E8-E3CE-40B4-9463-80A9B3481DEF}
    Browser Address Error Redirector-->MsiExec.exe /I{62230596-37E5-4618-A329-0D21F529A86F}
    Dell DataSafe Online-->MsiExec.exe /I{4D3C9F4B-4B7D-4E5D-99B9-0123AB0D51ED}
    Dell Getting Started Guide-->MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
    Dell Support Center (Support Software)-->MsiExec.exe /X{E3BFEE55-39E2-4BE0-B966-89FE583822C1}
    Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
    Dell Webcam Center-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A1A5BA3E-9ABF-4037-820B-6151022B8ACB}\setup.exe" -l0x9 /remove
    Dell Webcam Manager-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F6366726-BA44-4D6A-8ECE-476E2E616AD1}\setup.exe" -l0x9 /remove
    DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
    DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
    DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
    DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
    Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE
    Fingerprint Reader Suite 5.6-->MsiExec.exe /I{A2289997-10A3-48F2-AA03-99180D761661}
    Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
    Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
    Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll "
    HijackThis 2.0.2--> "C:\Program Files\trend micro\HijackThis.exe" /uninstall
    Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
    Intel(R) PROSet/Wireless Software-->C:\Windows\Installer\iProInst.exe
    Java Platform, Enterprise Edition 5 SDK--> "C:\Sun\SDK\uninstall.exe" -javahome "C:\Sun\SDK\jdk "
    Java(TM) 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
    Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
    Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
    Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
    Laptop Integrated Webcam Driver (1.03.02.0719) -->C:\Windows\CtDrvIns.exe -uninstall -script OEM002.uns -plugin OEM02Pin.dll -pluginres OEM02Pin.crl -nodisconprompt -langid 0x0409
    Live! Cam Avatar Creator-->C:\Program Files\InstallShield Installation Information\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
    Live! Cam Avatar v1.0-->C:\Program Files\InstallShield Installation Information\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}\setup.exe -runfromtemp -l0x0009 -removeonly /remove
    Malwarebytes' Anti-Malware--> "C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe "
    mCore-->MsiExec.exe /I{F5D7FAB5-A1FD-4DD3-983E-4155B09D7102}
    MediaDirect-->C:\Program Files\InstallShield Installation Information\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}\setup.exe -runfromtemp -l0x0009 -cluninstall
    mHelp-->MsiExec.exe /I{8C6BB412-D3A8-4AAE-A01B-35B681789D68}
    Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
    Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
    Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
    Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
    mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
    Mozilla Firefox (2.0.0.18)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
    mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
    MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
    MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
    MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
    Music, Photos & Videos Launcher-->MsiExec.exe /I{D7769185-9A7C-48D4-8874-5388743A1DE2}
    mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
    NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
    OpenOffice.org 2.4-->MsiExec.exe /I{F87A8E11-02A4-4875-A3A5-5961081B0E4E}
    OutlookAddinSetup-->MsiExec.exe /I{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}
    Picasa 2--> "C:\Program Files\Picasa2\Uninstall.exe "
    Product Documentation Launcher-->MsiExec.exe /I{89CEAE14-DD0F-448E-9554-15781EC9DB24}
    QuickSet-->MsiExec.exe /I{C4972073-2BFE-475D-8441-564EA97DA161}
    RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
    Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
    Roxio Creator BDAV Plugin-->MsiExec.exe /I{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}
    Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
    Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
    Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
    Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
    Roxio Express Labeler-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
    Roxio MyDVD DE-->MsiExec.exe /I{D639085F-4B6E-4105-9F37-A0DBB023E2FB}
    Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
    SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
    Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
    Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
    TextPad 5-->MsiExec.exe /X{B6EC7388-E277-4A5B-8C8F-71067A41BA64}
    Trend Micro PC-cillin Internet Security-->C:\PROGRA~1\TRENDM~1\INTERN~1\remove.exe
    Trend Micro PC-cillin Internet Security-->MsiExec.exe /X{EA8C73AA-3D75-44C9-87A2-8E945FC5FEE6}
    User's Guides-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}\setup.exe"
    VeohTV BETA-->C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
    VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
    WIDCOMM Bluetooth Software 6.0.1.3100-->MsiExec.exe /X{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}
    Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
    Windows Live Mail-->MsiExec.exe /I{184E7118-0295-43C4-B72C-1D54AA75AAF7}
    Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}
    Windows Live Sign-in Assistant-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
    Windows Live Writer-->MsiExec.exe /X{9176251A-4CC1-4DDB-B343-B487195EB397}
    Windows Media Player Firefox Plugin-->MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
    WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
    Yahoo! Browser Services-->C:\PROGRA~1\Yahoo!\Common\UNIN_Y~1.EXE /S
    Yahoo! Music Jukebox-->MsiExec.exe /X{EC3B8CA2-49B8-4D38-BE9C-ABD0F6029168}

    ======Hosts File======

    127.0.0.1 www.007guard.com
    127.0.0.1 007guard.com
    127.0.0.1 008i.com
    127.0.0.1 www.008k.com
    127.0.0.1 008k.com
    127.0.0.1 www.00hq.com
    127.0.0.1 00hq.com
    127.0.0.1 010402.com
    127.0.0.1 www.032439.com
    127.0.0.1 032439.com

    ======Security center information======

    AV: PC-cillin Internet Security - Virus Protection
    FW: PC-cillin Internet Security - Firewall
    AS: PC-cillin Internet Security - Spyware Protection
    AS: Windows Defender (disabled)

    ======Environment variables======

    "ComSpec "=%SystemRoot%\system32\cmd.exe
    "FP_NO_HOST_CHECK "=NO
    "OS "=Windows_NT
    "Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\Common Files\Adobe\AGL
    "PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
    "PROCESSOR_ARCHITECTURE "=x86
    "TEMP "=%SystemRoot%\TEMP
    "TMP "=%SystemRoot%\TEMP
    "USERNAME "=SYSTEM
    "windir "=%SystemRoot%
    "PROCESSOR_LEVEL "=6
    "PROCESSOR_IDENTIFIER "=x86 Family 6 Model 15 Stepping 11, GenuineIntel
    "PROCESSOR_REVISION "=0f0b
    "NUMBER_OF_PROCESSORS "=2
    "RoxioCentral "=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\

    -----------------EOF-----------------
     
    dj9816,
    #3
  5. 2008/11/30
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    Hi dj9816 :)

    I'd bet that's not really the Windows Firewall alerting you, but a fake. Please visit the following webpage for instructions for downloading and running ComboFix

    How to use ComboFix



    Download ComboFix by sUBs from here, saving the file to your desktop.


    Please disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

    • Close all open programs and windows
    • Double click ComboFix.exe and follow the prompts.
    • It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log in your next reply.
    Note: Do not mouseclick combofix's window while its running. That may cause it to stall
     
    noahdfear,
    #4
  6. 2008/11/30
    dj9816

    dj9816 Inactive Thread Starter

    Joined:
    2008/11/30
    Messages:
    5
    Likes Received:
    0
    Thanks for the response...

    Are there any ways to make out whether its a genuine message from windows firewall or a fake (any processes that might show up in task manager to verify?)
    Moreover, all that this message does is give me a link that takes me to a site where it prompts me to purchase Perfect Defender 2009.
     
    dj9816,
    #5
  7. 2008/11/30
    noahdfear

    noahdfear Inactive

    Joined:
    2003/04/06
    Messages:
    12,178
    Likes Received:
    15
    That's how to tell. The Windows Firewall won't do that. It is an infection trying to dupe you into buying a rogue software. Don't follow that link anymore, and please follow my recommendation.
     
    noahdfear,
    #6

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...