Inactive [InActive] Help with Internet Explorer (pop-ups)

I don't know much about computers. Mine is 2 years old and I really just use it for email and schoolwork, but I dont' think I've been taking care of it liek I should and it works very poorly. The problems started this summer with my MSN. I believe my BF clicked on a link and downloaded a virus. It wiped all the contacts off my messenger, and I could not sign on to my hotmail account via msn messenger, I had pop-ups and messages from unknown people online a lot. I did some searching online and downloaded some programs to get rid of all this, and it seemed to have helped. Except that I still cannot sign on to my hotmail with IE.
I now use Firefox. I found that if I was using IE, I got so many popups I couldn't get anything done. But recently I've been getting IE popups while using Firefox as well. At times, there are so many... I have to just power down my computer. It seems like hundreds are coming up at once! I have searched and cannot figure out how to do this... since I'm not great with computers, I find it hard to know if I'm doing the steps right, or really what I should be doing. I read the rules and I tried to download and open that RSIT thing? but when I went to open it it says I need to choose an application... and it won't open anything. I have no idea what to do.

I'm getting a new computer come the new year, but before that I have a 6 week course t finish and I'm amazed I can even get this typed up without popups and things shutting down. Any help would be SO appreciated.

Thank you!

 

I did read that. I must have missed something. I'm sorry... I don't know what I'm doing wrong.(other then not posting the logs of course, which I've explained, I can't seem to do)

please let me know what I can do to properly follow the rules.

 

Logfile of random's system information tool 1.04 (written by random/random)
Run by Cheryl Campbell at 2008-12-01 16:21:16
Microsoft Windows XP Home Edition Service Pack 2
System drive C: has 26 GB (46%) free of 57 GB
Total RAM: 446 MB (8% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 16:21:33, on 01/12/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\acs.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\TODDSrv.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
C:\WINDOWS\system32\TPSMain.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\MSN Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Program Files\MSN Messenger\usnsvc.exe
C:\Program Files\MSN Messenger\livecall.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Cheryl Campbell\Desktop\RSIT.exe
C:\PROGRA~1\TRENDM~1\HIJACK~1\Cheryl Campbell.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www2.iesearch.com/
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: (no name) - {04E6519C-C3EC-414D-81F5-FFFB75D9F2F3} - C:\WINDOWS\system32\dtsisfcs.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: {c913d9f3-ecd0-4398-f844-834d43180d46} - {64d08134-d438-448f-8934-0dce3f9d319c} - C:\WINDOWS\system32\fkhrge.dll
O2 - BHO: (no name) - {6CAB59B4-55A3-4737-9FD5-B93C6430BF77} - C:\WINDOWS\system32\hehmijow.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: (no name) - {DD3EC823-D3A1-48B3-A18A-A1958795A18A} - C:\WINDOWS\system32\vtUlMfDt.dll
O2 - BHO: (no name) - {F5EFE3CE-882C-40AD-B843-AA9E3F932071} - C:\WINDOWS\system32\ddcDwtrs.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O4 - HKLM\..\Run: [Ulead AutoDetector] C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe
O4 - HKLM\..\Run: [CFSServ.exe] CFSServ.exe -NoClient
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [PadTouch] C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe
O4 - HKLM\..\Run: [TPSMain] TPSMain.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [1 mags 16 more] C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\curb send.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [FRAGBIRD] C:\DOCUME~1\CHERYL~1\APPLIC~1\army01\dateflaproad.exe
O4 - HKUS\S-1-5-19\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE (User 'Default user')
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .UVR: C:\Program Files\Internet Explorer\Plugins\NPUPano.dll
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebook.com/controls/FacebookPhotoUploader5.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper200711281.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://by119fd.bay119.hotmail.msn.com/resources/MsnPUpld.cab
O16 - DPF: {50647AB5-18FD-4142-82B0-5852478DD0D5} (Keynote Connector Launcher 2) - http://webeffective.keynote.com/applications/pconnector/download/ConnectorLauncher.cab
O16 - DPF: {5C6698D9-7BE4-4122-8EC5-291D84DBD4A0} (Facebook Photo Uploader 4 Control) - http://upload.facebook.com/controls/FacebookPhotoUploader3.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/FacebookPhotoUploader.cab
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F127B9BA-89EA-4B04-9C67-2074A9DF61FD} (Photo Upload Plugin Class) - http://walmart.pnimedia.com/upload/activex/v2_0_0_9/PCAXSetupv2.0.0.9.cab?
O20 - AppInit_DLLs: fkhrge.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: vtUlMfDt - C:\WINDOWS\SYSTEM32\vtUlMfDt.dll
O23 - Service: Atheros Configuration Service (ACS) - Unknown owner - C:\WINDOWS\system32\acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\system32\DVDRAMSV.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\WINDOWS\system32\TODDSrv.exe

--
End of file - 9508 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\BFA7629A9EE8E1B2.job
C:\WINDOWS\tasks\Check Updates for Windows Live Toolbar.job
C:\WINDOWS\tasks\Norton Security Scan for Cheryl Campbell.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC Nag.job
C:\WINDOWS\tasks\Uniblue SpeedUpMyPC.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{04E6519C-C3EC-414D-81F5-FFFB75D9F2F3}]
C:\WINDOWS\system32\dtsisfcs.dll [2008-11-13 155648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2008-06-11 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2008-02-13 370296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-07-07 1562448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{64d08134-d438-448f-8934-0dce3f9d319c}]
C:\WINDOWS\system32\fkhrge.dll [2008-12-01 106496]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6CAB59B4-55A3-4737-9FD5-B93C6430BF77}]
C:\WINDOWS\system32\hehmijow.dll [2008-11-29 116224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll [2005-11-10 184423]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2006-07-07 324416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2007-03-11 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll [2008-04-04 734704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DD3EC823-D3A1-48B3-A18A-A1958795A18A}]
C:\WINDOWS\system32\vtUlMfDt.dll [2008-11-01 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F5EFE3CE-882C-40AD-B843-AA9E3F932071}]
C:\WINDOWS\system32\ddcDwtrs.dll [2008-11-01 244224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2007-03-11 2403392]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-10-19 546320]
{D0943516-5076-4020-A3B5-AEFAF26AB263} - Veoh Browser Plug-in - C:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll [2007-11-01 352256]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Ulead AutoDetector "=C:\Program Files\Ulead Systems\Ulead Photo Explorer 8.0 SE Basic\Monitor.exe [2003-02-27 45056]
"CFSServ.exe "=CFSServ.exe -NoClient []
"Apoint "=C:\Program Files\Apoint2K\Apoint.exe [2004-03-23 196608]
"AVG7_CC "=C:\PROGRA~1\Grisoft\AVG7\avgcc.exe [2008-05-25 579584]
"PadTouch "=C:\Program Files\TOSHIBA\Touch and Launch\PadExe.exe [2005-12-06 1077322]
"TPSMain "=C:\WINDOWS\system32\TPSMain.exe [2005-05-31 282624]
"QuickTime Task "=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
"MSConfig "=C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe [2004-08-04 158208]
"TkBellExe "=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-02-13 185896]
"1 mags 16 more "=C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags\curb send.exe [2008-12-01 4299776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr "=C:\Program Files\MSN Messenger\msnmsgr.exe [2007-01-19 5674352]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]
"FRAGBIRD "=C:\DOCUME~1\CHERYL~1\APPLIC~1\army01\dateflaproad.exe [2008-11-29 517120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AGRSMMSG]
C:\WINDOWS\AGRSMMSG.exe [2006-03-17 89541]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr]
C:\WINDOWS\ALCMTR.EXE [2005-05-03 69632]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ares]
C:\Program Files\Ares\Ares.exe -h []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ATIPTA]
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2006-03-17 344064]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CeEKEY]
C:\Program Files\TOSHIBA\E-KEY\CeEKey.exe [2006-03-16 634880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe [2005-11-16 106496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2004-08-04 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DDWMon]
C:\Program Files\TOSHIBA\TOSHIBA Direct Disc Writer\\ddwmon.exe [2006-04-25 299008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HWSetup]
C:\Program Files\TOSHIBA\TOSHIBA Applet\HWSetup.exe [2004-05-01 28672]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\InstantTray]
C:\Program Files\Pinnacle\Shared Files\InstantCDDVD\PCLETray.exe [2004-05-06 772096]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [2005-08-11 249856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2005-08-11 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
C:\Program Files\iTunes\iTunesHelper.exe [2008-06-02 267048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IW_Drop_Icon]
C:\Program Files\Pinnacle\InstantCDDVD\InstantWrite\iwctrl.exe [2004-04-20 1122816]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LtMoh]
C:\Program Files\ltmoh\Ltmoh.exe [2005-12-15 188416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
C:\Program Files\Messenger\msmsgs.exe [2004-10-13 1694208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\MSN Messenger\MsnMsgr.Exe [2007-01-19 5674352]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OpwareSE2]
C:\Program Files\ScanSoft\OmniPageSE2.0\OpwareSE2.exe [2003-05-08 49152]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PinnacleDriverCheck]
C:\WINDOWS\system32\PSDrvCheck.exe [2004-03-10 406016]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\TOSHIBA\TOSHIBA Zooming Utility\SmoothView.exe [2005-04-26 122880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SNPSTD2]
C:\WINDOWS\vsnpstd2.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-07-07 2156368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe [2005-11-10 36975]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-05-28 1506544]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SVPWUTIL]
C:\Program Files\Toshiba\Windows Utilities\SVPWUTIL.exe [2004-05-01 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2007-09-05 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TkBellExe]
C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-02-13 185896]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2004-12-30 65536]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPNF]
C:\Program Files\TOSHIBA\TouchPad\TPTray.exe [2006-04-04 53248]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Tvs]
C:\Program Files\Toshiba\Tvs\TvsTray.exe [2006-02-02 73728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Uniblue SpeedUpMyPC]
C:\Program Files\Uniblue\SpeedUpMyPC 3\SpeedUpMyPC.exe -s []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\updateMgr]
C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe AcRdB7_0_9 []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2007-12-03 3461120]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows UDP Control Center]
winudpmgr.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ZoomingHook]
C:\WINDOWS\system32\ZoomingHook.exe [2005-06-06 24576]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Automatic LiveUpdate Scheduler "=2
"SysmonLog "=3
"SwPrv "=3
"LiveUpdate "=3
"ImapiService "=3
"gusvc "=3
"AVGEMS "=2
"Avg7UpdSvc "=2
"Avg7Alrt "=2
"aawservice "=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
RAMASST.lnk - C:\WINDOWS\system32\RAMASST.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS "= "fkhrge.dll "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2007-04-19 294912]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\AtiExtEvent]
C:\WINDOWS\system32\Ati2evxx.dll [2006-03-17 61440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\vtUlMfDt]
C:\WINDOWS\system32\vtUlMfDt.dll [2008-11-01 34304]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} "=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]
"{DD3EC823-D3A1-48B3-A18A-A1958795A18A} "=C:\WINDOWS\system32\vtUlMfDt.dll [2008-11-01 34304]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages "=msv1_0
C:\WINDOWS\system32\ddcDwtrs

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders "=msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll,

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\MSN Messenger\msncall.exe "= "C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) "
"C:\Program Files\LimeWire\LimeWire.exe "= "C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire "
"C:\Program Files\uTorrent\utorrent.exe "= "C:\Program Files\uTorrent\utorrent.exe:*:Enabled:µTorrent "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\MSN Messenger\msnmsgr.exe "= "C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
"C:\Program Files\MSN Messenger\livecall.exe "= "C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "
"C:\Program Files\Grisoft\AVG7\avginet.exe "= "C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe "
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe "= "C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe "
"C:\Program Files\Grisoft\AVG7\avgcc.exe "= "C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe "
"C:\Program Files\Grisoft\AVG7\avgemc.exe "= "C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe "
"C:\Program Files\iTunes\iTunes.exe "= "C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes "
"C:\Program Files\Messenger\msmsgs.exe "= "C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\MSN Messenger\msncall.exe "= "C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\MSN Messenger\msnmsgr.exe "= "C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1 "
"C:\Program Files\MSN Messenger\livecall.exe "= "C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) "

======File associations======

.reg - open - regedit.exe "%1" %*
.scr - open - "%1" %*

======List of files/folders created in the last 3 months======

2008-12-01 16:16:03 ----D---- C:\rsit
2008-12-01 12:03:16 ----A---- C:\WINDOWS\system32\fkhrge.dll
2008-12-01 12:03:13 ----A---- C:\WINDOWS\system32\ecgfstly.dll
2008-12-01 12:03:01 ----SH---- C:\WINDOWS\system32\vhonqqtl.ini
2008-12-01 12:02:59 ----A---- C:\WINDOWS\system32\ltqqnohv.dll
2008-11-29 16:39:10 ----A---- C:\WINDOWS\system32\fjjhjw.dll
2008-11-29 16:39:07 ----A---- C:\WINDOWS\system32\ooqfwurv.dll
2008-11-29 16:38:18 ----A---- C:\WINDOWS\system32\hehmijow.dll
2008-11-29 11:28:19 ----D---- C:\Program Files\army01
2008-11-27 11:50:39 ----A---- C:\WINDOWS\system32\gaaxro.dll
2008-11-27 11:50:38 ----A---- C:\WINDOWS\system32\gygdwmio.dll
2008-11-27 11:47:39 ----SH---- C:\WINDOWS\system32\pbutamrw.ini
2008-11-26 21:14:38 ----SH---- C:\WINDOWS\system32\pceoqmpu.ini
2008-11-26 21:11:40 ----A---- C:\WINDOWS\system32\qdfxbr.dll
2008-11-26 21:11:40 ----A---- C:\WINDOWS\system32\gepoyjnh.dll
2008-11-25 21:11:20 ----SH---- C:\WINDOWS\system32\gfksukob.ini
2008-11-25 21:08:36 ----A---- C:\WINDOWS\system32\yonqmp.dll
2008-11-25 21:08:34 ----A---- C:\WINDOWS\system32\mtibnqkb.dll
2008-11-21 09:39:43 ----SH---- C:\WINDOWS\system32\nlivrmhp.ini
2008-11-21 09:39:41 ----A---- C:\WINDOWS\system32\phmrviln.dll
2008-11-20 09:42:50 ----A---- C:\WINDOWS\system32\jlszjp.dll
2008-11-20 09:42:49 ----A---- C:\WINDOWS\system32\uurxsyfk.dll
2008-11-20 09:39:58 ----SH---- C:\WINDOWS\system32\ptykykkl.ini
2008-11-19 09:41:30 ----A---- C:\WINDOWS\system32\kgixwi.dll
2008-11-19 09:41:29 ----A---- C:\WINDOWS\system32\sqokycqm.dll
2008-11-19 09:38:55 ----SH---- C:\WINDOWS\system32\hfgahuis.ini
2008-11-16 11:25:01 ----A---- C:\WINDOWS\system32\zblpor.dll
2008-11-16 11:24:58 ----A---- C:\WINDOWS\system32\gdabfmun.dll
2008-11-16 11:24:47 ----SH---- C:\WINDOWS\system32\myyyaulb.ini
2008-11-16 11:24:44 ----A---- C:\WINDOWS\system32\bluayyym.dll
2008-11-15 10:58:18 ----A---- C:\WINDOWS\system32\ayaydc.dll
2008-11-15 10:58:17 ----A---- C:\WINDOWS\system32\dstxiipu.dll
2008-11-15 10:55:38 ----SH---- C:\WINDOWS\system32\wfnyhbwt.ini
2008-11-14 10:59:21 ----SH---- C:\WINDOWS\system32\uftsvapj.ini
2008-11-14 10:56:23 ----A---- C:\WINDOWS\system32\obkodl.dll
2008-11-14 10:56:22 ----A---- C:\WINDOWS\system32\svlnpfus.dll
2008-11-13 10:59:18 ----A---- C:\WINDOWS\system32\dtsisfcs.dll
2008-11-13 10:56:24 ----SH---- C:\WINDOWS\system32\pjkartiv.ini
2008-11-13 10:53:43 ----A---- C:\WINDOWS\system32\uqilnl.dll
2008-11-13 10:53:41 ----A---- C:\WINDOWS\system32\ogestimx.dll
2008-11-13 09:57:29 ----SH---- C:\WINDOWS\system32\iktldxcs.ini
2008-11-13 09:57:28 ----A---- C:\WINDOWS\system32\scxdltki.dll
2008-11-13 09:55:06 ----A---- C:\WINDOWS\system32\mrtnvi.dll
2008-11-13 09:54:53 ----A---- C:\WINDOWS\system32\yddjajsw.dll
2008-11-11 16:11:20 ----A---- C:\WINDOWS\system32\acstks.dll
2008-11-11 16:11:18 ----A---- C:\WINDOWS\system32\xptjnthf.dll
2008-11-11 16:08:26 ----SH---- C:\WINDOWS\system32\cvjqomtg.ini
2008-11-10 16:05:30 ----A---- C:\WINDOWS\system32\mazaos.dll
2008-11-10 16:05:29 ----SH---- C:\WINDOWS\system32\gftyylti.ini
2008-11-10 16:05:28 ----A---- C:\WINDOWS\system32\tjxrkdcr.dll
2008-11-10 16:05:25 ----A---- C:\WINDOWS\system32\itlyytfg.dll
2008-11-10 09:13:17 ----SH---- C:\WINDOWS\system32\sosykqyu.ini
2008-11-10 09:13:16 ----A---- C:\WINDOWS\system32\uyqkysos.dll
2008-11-10 09:10:42 ----A---- C:\WINDOWS\system32\ejdvex.dll
2008-11-10 09:10:39 ----A---- C:\WINDOWS\system32\owsykgwb.dll
2008-11-06 15:39:04 ----SH---- C:\WINDOWS\system32\exiuiwvo.ini
2008-11-06 15:37:06 ----A---- C:\WINDOWS\system32\baadrf.dll
2008-11-06 15:37:05 ----A---- C:\WINDOWS\system32\sjhieois.dll
2008-11-05 13:10:46 ----SH---- C:\WINDOWS\system32\daqbpqes.ini
2008-11-05 13:10:45 ----A---- C:\WINDOWS\system32\seqpbqad.dll
2008-11-05 13:03:33 ----A---- C:\WINDOWS\system32\bssrse.dll
2008-11-05 13:03:32 ----A---- C:\WINDOWS\system32\eykjgqga.dll
2008-11-05 12:57:34 ----SH---- C:\WINDOWS\system32\qutarjug.ini
2008-11-05 12:54:31 ----A---- C:\WINDOWS\system32\heqoyn.dll
2008-11-05 12:54:30 ----A---- C:\WINDOWS\system32\neisdtbt.dll
2008-11-04 12:53:55 ----SH---- C:\WINDOWS\system32\gfaanrhr.ini
2008-11-04 12:53:49 ----A---- C:\WINDOWS\system32\rhrnaafg.dll
2008-11-04 12:51:29 ----A---- C:\WINDOWS\system32\ggwzxc.dll
2008-11-04 12:51:25 ----A---- C:\WINDOWS\system32\xmggvuta.dll
2008-11-03 03:15:16 ----A---- C:\WINDOWS\system32\gedivz.dll
2008-11-03 03:15:15 ----A---- C:\WINDOWS\system32\mbaburyn.dll
2008-11-03 03:12:30 ----SH---- C:\WINDOWS\system32\wmujdexk.ini
2008-11-03 03:12:29 ----A---- C:\WINDOWS\system32\kxedjumw.dll
2008-11-02 11:28:10 ----A---- C:\WINDOWS\system32\tmecnl.dll
2008-11-02 11:28:07 ----A---- C:\WINDOWS\system32\xljjqwks.dll
2008-11-02 11:18:41 ----SH---- C:\WINDOWS\system32\ereeectp.ini
2008-11-01 15:08:52 ----A---- C:\WINDOWS\system32\e86c8a27-.txt
2008-11-01 15:07:30 ----ASH---- C:\WINDOWS\system32\srtwDcdd.ini2
2008-11-01 15:07:29 ----ASH---- C:\WINDOWS\system32\srtwDcdd.ini
2008-11-01 15:07:19 ----A---- C:\WINDOWS\system32\ddcDwtrs.dll
2008-11-01 15:02:02 ----A---- C:\WINDOWS\system32\vtUlMfDt.dll
2008-11-01 15:02:02 ----A---- C:\WINDOWS\system32\hgGvtTmL.dll
2008-10-25 02:02:07 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-10-15 05:27:59 ----D---- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
2008-10-15 05:19:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-15 05:19:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-15 05:19:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-15 05:18:10 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-15 05:17:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-14 10:51:00 ----D---- C:\Program Files\Circle Developement
2008-10-14 10:50:50 ----D---- C:\Program Files\Windows Live
2008-10-14 10:50:47 ----D---- C:\Program Files\Messenger Plus! Live
2008-10-13 20:52:37 ----D---- C:\Documents and Settings\Cheryl Campbell\Application Data\DivX
2008-10-13 17:26:46 ----D---- C:\Documents and Settings\All Users\Application Data\Admin Inter 1 Mags
2008-10-13 17:26:31 ----D---- C:\Documents and Settings\Cheryl Campbell\Application Data\army01
2008-10-13 17:26:20 ----D---- C:\Program Files\GalaPlayer
2008-09-19 16:55:58 ----A---- C:\WINDOWS\system32\ssldivx.dll
2008-09-19 16:55:58 ----A---- C:\WINDOWS\system32\libdivx.dll
2008-09-17 19:15:44 ----D---- C:\WINDOWS\system32\CatRoot_bak
2008-09-10 02:01:57 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$

======List of files/folders modified in the last 3 months======

2008-12-01 16:16:42 ----D---- C:\WINDOWS\Prefetch
2008-12-01 13:36:42 ----D---- C:\Program Files\Mozilla Firefox
2008-12-01 13:29:18 ----D---- C:\WINDOWS\system32
2008-12-01 12:03:48 ----D---- C:\WINDOWS\Temp
2008-12-01 12:02:40 ----D---- C:\Documents and Settings\Cheryl Campbell\Application Data\AVG7
2008-12-01 11:56:14 ----SHD---- C:\WINDOWS\Installer
2008-12-01 10:44:02 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-30 18:00:09 ----D---- C:\Program Files\Norton Security Scan
2008-11-29 11:32:58 ----SD---- C:\WINDOWS\Tasks
2008-11-29 11:28:20 ----RD---- C:\Program Files
2008-11-20 14:29:38 ----A---- C:\WINDOWS\Ulead32.ini
2008-11-18 21:19:36 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-10 16:12:57 ----RASH---- C:\boot.ini
2008-11-10 16:12:57 ----A---- C:\WINDOWS\win.ini
2008-11-10 16:12:57 ----A---- C:\WINDOWS\system.ini
2008-11-10 11:50:31 ----D---- C:\Program Files\DivX
2008-11-02 11:29:14 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-01 12:34:01 ----D---- C:\WINDOWS
2008-11-01 12:34:00 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-10-25 02:02:26 ----HD---- C:\WINDOWS\inf
2008-10-25 02:02:11 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-25 02:01:03 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-15 11:57:55 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 05:26:34 ----D---- C:\Program Files\Internet Explorer
2008-10-15 05:19:39 ----A---- C:\WINDOWS\imsins.BAK
2008-10-15 05:19:37 ----D---- C:\WINDOWS\system32\drivers
2008-10-15 05:18:36 ----D---- C:\WINDOWS\ie7updates
2008-10-14 10:50:50 ----D---- C:\Program Files\MSN Messenger
2008-10-07 14:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-03 12:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-21 10:56:44 ----RHD---- C:\$VAULT$.AVG
2008-09-21 10:56:44 ----D---- C:\Program Files\Diner Dash 2
2008-09-17 19:55:45 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-17 19:15:43 ----D---- C:\WINDOWS\Debug
2008-09-17 19:10:13 ----D---- C:\WINDOWS\Help
2008-09-16 13:12:24 ----SD---- C:\Documents and Settings\Cheryl Campbell\Application Data\Microsoft
2008-09-10 02:01:59 ----D---- C:\WINDOWS\WinSxS

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Avg7Core;AVG7 Kernel; C:\WINDOWS\System32\Drivers\avg7core.sys [2007-11-12 821856]
R1 Avg7RsW;AVG7 Wrap Driver; C:\WINDOWS\System32\Drivers\avg7rsw.sys [2007-11-12 4224]
R1 Avg7RsXP;AVG7 Resident Driver XP; C:\WINDOWS\System32\Drivers\avg7rsxp.sys [2007-11-12 27776]
R1 AvgClean;AVG7 Clean Driver; C:\WINDOWS\System32\Drivers\avgclean.sys [2007-12-21 10760]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-04 36096]
R1 meiudf;meiudf; C:\WINDOWS\System32\Drivers\meiudf.sys [2005-06-01 102384]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 TPwSav;TPwSav; \??\C:\WINDOWS\system32\drivers\TPwSav.sys []
R1 vobiw;vobiw; C:\WINDOWS\system32\drivers\vobiw.sys [2004-07-06 188416]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.7.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2006-09-07 21035]
R2 AvgTdi;AVG Network Redirector; C:\WINDOWS\System32\Drivers\avgtdi.sys [2007-11-12 4960]
R2 Netdevio;TOSHIBA Network Device Usermode I/O Protocol; C:\WINDOWS\system32\DRIVERS\netdevio.sys [2003-01-29 12032]
R2 tdudf;TOSHIBA UDF File System Driver; C:\WINDOWS\system32\DRIVERS\tdudf.sys [2006-04-18 98816]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\WINDOWS\system32\DRIVERS\AGRSM.sys [2006-03-17 1155584]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2004-11-15 101874]
R3 AR5211;Atheros Wireless Network Adapter Service; C:\WINDOWS\system32\DRIVERS\ar5211.sys [2006-04-01 471264]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-04 60800]
R3 ASAPIW2K;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2004-03-10 11264]
R3 ati2mtag;ati2mtag; C:\WINDOWS\system32\DRIVERS\ati2mtag.sys [2006-03-17 1520640]
R3 cdrdrv;Cdrdrv; C:\WINDOWS\System32\Drivers\Cdrdrv.sys [2004-06-01 64000]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2004-08-03 14080]
R3 GEARAspiWDM;GEARAspiWDM; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-01-29 16168]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2005-01-07 138752]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-04-17 4262912]
R3 Iviaspi;IVI ASPI Shell; C:\WINDOWS\system32\drivers\iviaspi.sys [2003-09-11 21060]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-04 61824]
R3 Pfc;Padus ASPI Shell; C:\WINDOWS\system32\drivers\pfc.sys [2003-09-19 10368]
R3 RTL8023xp;Realtek RTL8139/810x/8169/8110 all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtlnicxp.sys [2004-06-27 69760]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\WINDOWS\system32\DRIVERS\tdcmdpst.sys [2006-03-02 15360]
R3 Tvs;TOSHIBA Virtual Sound with SRS technologies; C:\WINDOWS\system32\DRIVERS\Tvs.sys [2006-04-25 43776]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-04 26624]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-04 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-04 17024]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2004-08-03 17024]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2001-08-17 9600]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2004-08-03 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2004-08-03 10880]
S3 PCASp50;PCASp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\PCASp50.sys []
S3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2004-08-03 11136]
S3 snpstd2;USB PC Camera (SN9C103); C:\WINDOWS\system32\DRIVERS\snpstd2.sys [2004-03-22 302720]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2004-08-03 15360]
S3 TBiosDrv;TBiosDrv; \??\C:\WINDOWS\system32\Drivers\Tbiosdrv.sys []
S3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2007-10-31 30464]
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2004-08-03 59264]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2004-08-03 31616]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2004-08-03 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-03 26496]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2004-08-03 19328]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACS;Atheros Configuration Service; C:\WINDOWS\system32\acs.exe [2005-09-26 36864]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2007-10-31 110592]
R2 Ati HotKey Poller;Ati HotKey Poller; C:\WINDOWS\system32\Ati2evxx.exe [2006-03-17 405504]
R2 CFSvcs;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2005-01-17 40960]
R2 DVD-RAM_Service;DVD-RAM_Service; C:\WINDOWS\system32\DVDRAMSV.exe [2004-08-27 110592]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\WINDOWS\system32\TODDSrv.exe [2005-12-20 114688]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-10 38912]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-06-02 504104]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S4 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
S4 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe [2006-07-25 100032]
S4 Avg7Alrt;AVG7 Alert Manager Server; C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe [2007-11-12 418816]
S4 Avg7UpdSvc;AVG7 Update Service; C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe [2007-11-12 49664]
S4 AVGEMS;AVG E-mail Scanner; C:\PROGRA~1\Grisoft\AVG7\avgemc.exe [2007-12-21 406528]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-03-11 138168]
S4 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2006-07-25 2119360]

-----------------EOF-----------------

 

Welcome to WindowsBBS cherac

Among other things, you have a LOP infection most probably caused by the installation of Messenger Plus!. Please open Add/Remove Programs in the Control Panel and uninstall Messenger Plus!, including the Sponsors.

Next, visit the following webpage for instructions for downloading and running ComboFix

How to use ComboFix



Download ComboFix by sUBs from here, saving the file to your desktop.


Please disable realtime protection applications as they sometimes interfere with the tool. Check this link for your applicable programs.

• Close all open programs and windows
• Double click ComboFix.exe and follow the prompts.
• It may reboot your computer and resume running when you logon. Wait for it to complete. When finished, it will open a log for you. Post that log in your next reply.

Note: Do not mouseclick combofix's window while its running. That may cause it to stall