Inactive [InActive] Msconfig wont open

I recently had a malware/ spyware issue that i acquired shortly after a reinstallation of xp and all my programs, that caused my computer to shut down with out even a blue screen of death right when i tried to install a new program. Another sympton i noticed was that my msconfig wouldnt open and displayed this message instead.

"Windows canot find 'msconfig' Make sure you typed the name correctly, and then try again. To search for a file, click the start button. and then click search."

Spy bot search and destroy didnt help much. Some how i managed to get Super anti spyware loaded enough that i was able to get it to scan in safemode. That didnt quite solve any of the symptoms i had. I then gave microsofts windows live onecare online tool a shot and woke up the next day and it found two critical problems, and some others. It couldnt fix one of the critical problems, but did manage to fix the problem i was having not being able to install programs.

I still have the issue of not being able to open Msconfig through the run command. I can still force it to run by using Run\ cmd\ C:\WINDOWS\PCHealth\HelpCtr\Binaries\msconfig.exe c:\test.exe

Im still a bit worried some remmnants of a virus malware is still lurking on my computer though and would like to fix this paticular problem, if possible. Any suggestions for a solutions?

Here is my info

info.txt logfile of random's system information tool 1.04 2008-11-30 11:31:17

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
BitLord 1.1-->C:\Program Files\BitLord\uninst.exe
CDBurnerXP Pro 3-->MsiExec.exe /I{896D642C-7125-44F0-AC49-A23ABF82209C}
Creative Jukebox Driver-->C:\Program Files\Creative\Jukebox 3 Drivers\DrvUnins.exe /s
dBpoweramp Midi Decoder--> "C:\WINDOWS\system32\SpoonUninstall.exe" <uninstall>C:\WINDOWS\system32\SpoonUninstall-dBpoweramp Midi Decoder.dat
Drivers Install For Linksys Easylink Advisor-->MsiExec.exe /I{A1960A82-DB70-474D-A86B-FA74466103C6}
DV TS-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{54266945-8A11-424D-B20F-4F747A714FBA}\Setup.exe"
Guitar Pro 5.2--> "C:\Program Files\Guitar Pro 5\unins000.exe "
HijackThis 2.0.2--> "C:\hijackthis\HijackThis.exe" /uninstall
Hotfix for Windows Media Format 11 SDK (KB929399)--> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe "
Hotfix for Windows Media Player 11 (KB939683)--> "C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Java(TM) 6 Update 10-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216010FF}
Linksys EasyLink Advisor 1.6 (0033)-->rundll32 C:\PROGRA~1\LINKSY~1\AUInst.dll,ExUninstall
Microsoft Compression Client Pack 1.0 for Windows XP--> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe "
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft User-Mode Driver Framework Feature Pack 1.0--> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe "
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MySpaceIM-->C:\Program Files\MySpace\IM\Uninstall.exe
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
NVIDIA Drivers-->C:\WINDOWS\system32\nvunrm.exe UninstallGUI
PayPal Plug-In-->C:\Program Files\InstallShield Installation Information\{73317C31-2B6E-4B88-9865-B97C1331A39D}\setup.exe -runfromtemp -l0x0009 -removeonly
QuickTime Alternative 2.7.0--> "C:\Program Files\QuickTime Alternative\unins000.exe "
Realtek AC'97 Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FB08F381-6533-4108-B7DD-039E11FBC27E}\Setup.exe" -l0x9 -removeonly
Security Task Manager 1.7g-->C:\Program Files\Security Task Manager\Uninstal.exe "C:\Documents and Settings\All Users\Start Menu\Programs\Security Task Manager "
Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB936782)--> "C:\WINDOWS\$NtUninstallKB936782_WMP11$\spuninst\spuninst.exe "
Security Update for Windows Media Player 11 (KB954154)--> "C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe "
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950762)--> "C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951698)--> "C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954459)--> "C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe "
Security Update for Windows XP (KB955069)--> "C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956390)--> "C:\WINDOWS\$NtUninstallKB956390$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957097)--> "C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe "
Security Update for Windows XP (KB958644)--> "C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe "
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
SpywareBlaster 4.1--> "C:\Program Files\SpywareBlaster\unins000.exe "
Steinberg Cubase SX v3.1.1.944-->C:\PROGRA~1\STEINB~1\CUBASE~1\UNWISE.EXE C:\PROGRA~1\STEINB~1\CUBASE~1\INSTALL.LOG
SyncroSoft Emu (Remove only)-->C:\Program Files\SyncroSoft\Pos\H2O\Uninst.exe
Syncrosoft's License Control-->C:\PROGRA~1\SYNCRO~1\UNWISE.EXE C:\PROGRA~1\SYNCRO~1\INSTALL.LOG
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
Windows Live OneCare safety scanner-->RunDll32.exe "C:\Program Files\Windows Live Safety Center\wlscCore.dll ",UninstallFunction WLSC_SCANNER_PRODUCT
Windows Media Format 11 runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Format 11 runtime--> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe "
Windows Media Player 11--> "C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11--> "C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=15
"PROCESSOR_IDENTIFIER "=x86 Family 15 Model 12 Stepping 0, AuthenticAMD
"PROCESSOR_REVISION "=0c00
"NUMBER_OF_PROCESSORS "=1
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP

-----------------EOF-----------------

 

Oops the previous was not the three month log.

Logfile of random's system information tool 1.04 (written by random/random)
Run by vintenar at 2008-12-01 18:13:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (18%) free of 38 GB
Total RAM: 958 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:13:49 PM, on 12/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\vintenar\Desktop\RSIT.exe
C:\hijackthis\vintenar.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BOC-427] C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6356 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-28 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-28 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-28 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAD3A971-6A23-4246-8691-C9244E858967}]
OToolbarHelper Class - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll [2008-09-29 99328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - PayPal Plug-In - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll [2008-09-29 3146240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2008-08-01 13529088]
"nwiz "=nwiz.exe /install []
"avgnt "=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NVRaidService "=C:\WINDOWS\system32\nvraidservice.exe [2008-08-18 203296]
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2008-08-01 86016]
"SoundMan "=C:\WINDOWS\SOUNDMAN.EXE [2005-07-22 81920]
"H2O "=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-10-22 385024]
"KernelFaultCheck "=C:\WINDOWS\system32\dumprep 0 -k []
"BOC-427 "=C:\PROGRA~1\Comodo\CBOClean\BOC427.exe [2008-07-14 351480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"EasyLinkAdvisor "=C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe [2007-03-15 454784]
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"MySpaceIM "=C:\Program Files\MySpace\IM\MySpaceIM.exe [2008-04-17 9117696]
"Connection Manager "=C:\Program Files\BVRP Connection Manager\Nomad.exe /runstart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-28 136600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\SuperUtility\SuperUpdate.exe "= "C:\Program Files\SuperUtility\SuperUpdate.exe:*:Enabled:SuperUpdate "
"C:\Program Files\BitLord\BitLord.exe "= "C:\Program Files\BitLord\BitLord.exe:*isabled:BitLord "
"C:\kav\kav7\setup.exe "= "C:\kav\kav7\setup.exe:*isabled:Kaspersky Anti-Virus 7.0 Setup "
"C:\Program Files\MySpace\IM\MySpaceIM.exe "= "C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cea1d3cd-b84d-11dd-993e-001558215ffa}]
shell\AutoRun\command - setupSNK.exe

 

======List of files/folders created in the last 3 months======

2008-12-01 17:58:13 ----A---- C:\WINDOWS\UNBOC.EXE
2008-12-01 17:58:12 ----A---- C:\WINDOWS\CMDLIC.DLL
2008-12-01 17:58:06 ----D---- C:\Documents and Settings\All Users\Application Data\BOC427
2008-12-01 17:58:01 ----A---- C:\WINDOWS\BOC427.INI
2008-12-01 17:57:58 ----D---- C:\Program Files\Comodo
2008-12-01 04:38:41 ----D---- C:\Program Files\Avanquest update
2008-12-01 04:38:24 ----D---- C:\Program Files\BVRP Connection Manager
2008-12-01 04:38:23 ----D---- C:\Documents and Settings\All Users\Application Data\BVRP Software
2008-11-30 21:12:27 ----D---- C:\Program Files\Microsoft Windows OneCare Live
2008-11-30 11:58:53 ----A---- C:\rtis log 81130.txt
2008-11-30 11:31:02 ----D---- C:\rsit
2008-11-29 22:14:55 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-11-29 22:14:46 ----D---- C:\Program Files\QuickTime Alternative
2008-11-29 05:21:50 ----D---- C:\Documents and Settings\All Users\Application Data\WholeSecurity
2008-11-29 05:19:44 ----D---- C:\Program Files\PayPal
2008-11-29 05:19:35 ----D---- C:\Documents and Settings\vintenar\Application Data\InstallShield
2008-11-29 04:19:28 ----D---- C:\Documents and Settings\vintenar\Application Data\MySpace
2008-11-29 04:19:23 ----D---- C:\Program Files\MySpace
2008-11-28 21:44:55 ----D---- C:\Documents and Settings\vintenar\Application Data\Help
2008-11-28 21:30:09 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-11-28 21:29:24 ----D---- C:\Program Files\Security Task Manager
2008-11-28 21:03:26 ----HDC---- C:\Documents and Settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2008-11-28 19:30:27 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-11-28 19:30:27 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-11-28 19:12:54 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-11-28 19:12:46 ----D---- C:\Program Files\SpywareBlaster
2008-11-28 17:44:04 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-28 17:44:03 ----A---- C:\WINDOWS\system32\javaws.exe
2008-11-28 17:44:03 ----A---- C:\WINDOWS\system32\javaw.exe
2008-11-28 17:44:03 ----A---- C:\WINDOWS\system32\java.exe
2008-11-28 17:43:37 ----D---- C:\Program Files\Java
2008-11-28 11:12:47 ----D---- C:\hijackthis
2008-11-28 10:59:39 ----D---- C:\WINDOWS\pss
2008-11-28 08:41:54 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab Setup Files
2008-11-28 08:10:48 ----D---- C:\kav
2008-11-28 07:59:04 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-11-28 07:53:48 ----D---- C:\Program Files\SUPERAntiSpyware
2008-11-28 07:53:48 ----D---- C:\Documents and Settings\vintenar\Application Data\SUPERAntiSpyware.com
2008-11-28 06:17:13 ----D---- C:\Program Files\Windows Live Safety Center
2008-11-28 05:41:28 ----D---- C:\Documents and Settings\vintenar\Application Data\Sun
2008-11-28 05:41:27 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-28 05:39:37 ----D---- C:\Program Files\MSXML 4.0
2008-11-28 05:39:19 ----D---- C:\Program Files\Common Files\Nero
2008-11-28 05:38:57 ----D---- C:\WINDOWS\V3T
2008-11-28 05:37:52 ----D---- C:\Documents and Settings\vintenar\Application Data\WinRAR
2008-11-28 05:20:10 ----D---- C:\Config.Msi
2008-11-28 04:22:20 ----A---- C:\WINDOWS\ntbtlog.txt
2008-11-28 04:11:59 ----D---- C:\Documents and Settings\vintenar\Application Data\Steinberg
2008-11-27 10:51:44 ----D---- C:\Mt. pleasant taxes
2008-11-27 10:50:27 ----D---- C:\Cubase.SX.v3.1.1.944-H2O
2008-11-27 10:50:13 ----AD---- C:\my federal tax return
2008-11-27 10:49:52 ----D---- C:\vintenar songs
2008-11-27 10:30:28 ----RAD---- C:\My Music
2008-11-27 09:51:00 ----A---- C:\WINDOWS\system32\ra32sipr.dll
2008-11-27 09:51:00 ----A---- C:\WINDOWS\system32\ra32dnet.dll
2008-11-27 09:51:00 ----A---- C:\WINDOWS\system32\ra3228_8.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\rmbe3260.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\ra3214_4.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\pngu3263.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\pneng50.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\pncrt.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\pnc3250.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\msvcp70.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\encdnet.dll
2008-11-27 09:50:59 ----A---- C:\WINDOWS\system32\decdnet.dll
2008-11-27 09:50:22 ----D---- C:\Program Files\Steinberg
2008-11-27 09:48:22 ----A---- C:\WINDOWS\system32\Synsopos.exe
2008-11-27 09:48:21 ----D---- C:\Program Files\Syncrosoft
2008-11-27 09:48:21 ----A---- C:\WINDOWS\system32\SynsoLChk.dll
2008-11-27 09:48:21 ----A---- C:\WINDOWS\system32\SYNSOACC.dll
2008-11-27 09:45:31 ----D---- C:\WINDOWS\Minidump
2008-11-26 01:13:56 ----A---- C:\WINDOWS\UNWISE.EXE
2008-11-26 01:06:56 ----D---- C:\Documents and Settings\vintenar\Application Data\Creative
2008-11-25 19:36:53 ----D---- C:\Program Files\Creative
2008-11-25 19:36:53 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
2008-11-25 19:36:46 ----HD---- C:\Program Files\Creative Installation Information
2008-11-25 10:25:41 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-11-25 10:25:32 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$
2008-11-25 10:25:23 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$
2008-11-25 10:25:07 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-11-25 10:24:55 ----HDC---- C:\WINDOWS\$NtUninstallKB936782_WMP11$
2008-11-24 18:46:02 ----A---- C:\WINDOWS\system32\ShellManager310E2D762.dll
2008-11-24 17:40:29 ----D---- C:\Program Files\Nero
2008-11-24 16:59:27 ----D---- C:\Program Files\CDBurnerXP Pro 3
2008-11-24 16:54:38 ----D---- C:\Documents and Settings\vintenar\Application Data\Arcsoft
2008-11-24 16:45:15 ----A---- C:\WINDOWS\system32\wmv8dmod.dll
2008-11-24 16:45:15 ----A---- C:\WINDOWS\system32\mpg4c32.dll
2008-11-24 16:44:18 ----D---- C:\Program Files\DV TS
2008-11-24 16:32:37 ----A---- C:\WINDOWS\system32\SpoonUninstall.exe
2008-11-24 16:32:35 ----D---- C:\Program Files\Illustrate
2008-11-24 15:32:51 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-24 15:32:47 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$
2008-11-24 15:32:32 ----D---- C:\Program Files\Windows Media Connect 2
2008-11-24 15:32:19 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$
2008-11-24 15:31:34 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$
2008-11-24 15:31:00 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$
2008-11-24 15:30:22 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2008-11-24 13:56:26 ----D---- C:\Program Files\Trillian
2008-11-23 19:29:05 ----D---- C:\Program Files\Guitar Pro 5
2008-11-23 19:27:12 ----D---- C:\Program Files\WinRAR
2008-11-23 19:22:02 ----D---- C:\Program Files\BitLord
2008-11-22 17:09:24 ----A---- C:\kubd.bat
2008-11-22 16:45:52 ----D---- C:\Temp
2008-11-22 15:46:36 ----R---- C:\WINDOWS\avrack.ini
2008-11-22 15:46:30 ----D---- C:\Program Files\Realtek AC97
2008-11-22 15:26:23 ----D---- C:\WINDOWS\system32\NtmsData
2008-11-22 15:16:51 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-22 15:16:32 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-22 14:51:21 ----A---- C:\WINDOWS\system32\CapabilityTable.exe
2008-11-22 14:51:10 ----RA---- C:\WINDOWS\system32\fdco1.dll
2008-11-22 14:51:07 ----RA---- C:\WINDOWS\system32\nvconrm.dll
2008-11-22 14:51:07 ----RA---- C:\WINDOWS\system32\bdco1.dll
2008-11-22 14:51:07 ----D---- C:\WINDOWS\NV36363640.TMP
2008-11-22 14:51:07 ----A---- C:\WINDOWS\system32\nvunrm.exe
2008-11-22 12:38:22 ----HD---- C:\Documents and Settings\vintenar\Application Data\GTek
2008-11-22 12:37:05 ----AHD---- C:\Documents and Settings\All Users\Application Data\GTek
2008-11-22 12:37:04 ----D---- C:\Program Files\Linksys EasyLink Advisor
2008-11-22 09:44:13 ----A---- C:\WINDOWS\DUMP6aa0.tmp
2008-11-22 01:28:07 ----D---- C:\Program Files\RegSeeker
2008-11-21 23:17:47 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-21 23:11:17 ----D---- C:\Program Files\AMD
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerzht.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerzhc.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServertr.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerth.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServersv.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServersl.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServersk.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerru.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerptb.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerpt.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerpl.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerno.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServernl.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerko.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerja.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerit.dll
2008-11-21 22:24:26 ----A---- C:\WINDOWS\system32\NvRaidServerhu.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerhe.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerfr.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerfi.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServeres.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerenu.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServereng.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerel.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerde.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerda.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServercs.dll
2008-11-21 22:24:25 ----A---- C:\WINDOWS\system32\NvRaidServerar.dll
2008-11-21 22:24:24 ----A---- C:\WINDOWS\system32\NvRaidServer.dll
2008-11-21 22:24:24 ----A---- C:\WINDOWS\system32\nvexpbar.dll
2008-11-21 22:24:24 ----A---- C:\WINDOWS\system32\nvcpluir.dll
2008-11-21 22:24:24 ----A---- C:\WINDOWS\system32\nvcplui.exe
2008-11-21 22:24:24 ----A---- C:\WINDOWS\system32\MSVCR71.dll
2008-11-21 22:24:24 ----A---- C:\WINDOWS\system32\MSVCP71.dll
2008-11-21 22:24:24 ----A---- C:\WINDOWS\system32\MFC71.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionzht.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionzhc.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectiontr.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionth.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionsv.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionsl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionsk.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionru.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionptb.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionpt.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionpl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionno.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionnl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionko.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionja.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionit.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionhu.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionhe.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionfr.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionfi.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectiones.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionenu.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectioneng.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionel.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionde.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionda.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectioncs.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvSataConnectionar.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\nvsataconnection.exe
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardzht.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardzhc.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardtr.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardth.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardsv.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardsl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardsk.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardru.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardptb.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardpt.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardpl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardno.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardnl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardko.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardja.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardit.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardhu.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardhe.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardfr.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardfi.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardes.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardenu.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardeng.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardel.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardde.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardda.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardcs.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidWizardar.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvzht.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvzhc.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvtr.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvth.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvsv.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvsl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvsk.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvru.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvptb.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvpt.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvpl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvno.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvnl.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvko.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvja.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvit.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvhu.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvhe.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvfr.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvfi.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSves.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvenu.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSveng.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvel.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvde.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvda.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvcs.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\NvRaidSvar.dll
2008-11-21 22:24:23 ----A---- C:\WINDOWS\system32\nvraidservice.exe
2008-11-21 22:24:22 ----A---- C:\WINDOWS\system32\NvRaidWizard.dll
2008-11-21 22:17:27 ----D---- C:\NVIDIA
2008-11-21 21:52:00 ----D---- C:\Documents and Settings\vintenar\Application Data\Mozilla
2008-11-21 21:51:54 ----D---- C:\Program Files\Mozilla Firefox
2008-11-21 21:31:33 ----A---- C:\WINDOWS\RtlRack.ini
2008-11-21 21:27:45 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-11-21 21:27:42 ----D---- C:\Program Files\Realtek Sound Manager
2008-11-21 21:27:40 ----D---- C:\Program Files\AvRack
2008-11-21 21:27:35 ----RA---- C:\WINDOWS\system32\RTLCPAPI.dll
2008-11-21 21:27:35 ----RA---- C:\WINDOWS\soundman.exe
2008-11-21 21:27:35 ----R---- C:\WINDOWS\system32\ChCfg.exe
2008-11-21 21:27:34 ----RA---- C:\WINDOWS\system32\RTLCPL.EXE
2008-11-21 21:27:33 ----R---- C:\WINDOWS\alcupd.exe
2008-11-21 21:27:33 ----R---- C:\WINDOWS\alcrmv.exe
2008-11-21 21:20:56 ----SHD---- C:\RECYCLER
2008-11-21 21:09:55 ----A---- C:\WINDOWS\system32\chtbrkr.dll
2008-11-21 21:09:55 ----A---- C:\WINDOWS\system32\chsbrkr.dll
2008-11-21 21:09:54 ----A---- C:\WINDOWS\system32\msir3jp.dll
2008-11-21 21:09:54 ----A---- C:\WINDOWS\system32\korwbrkr.dll
2008-11-21 21:09:44 ----A---- C:\WINDOWS\system32\kbd101a.dll
2008-11-21 21:09:36 ----A---- C:\WINDOWS\system32\kbdnecNT.dll
2008-11-21 21:09:36 ----A---- C:\WINDOWS\system32\kbdnecAT.dll
2008-11-21 21:09:36 ----A---- C:\WINDOWS\system32\kbdnec95.dll
2008-11-21 21:08:17 ----A---- C:\WINDOWS\system32\c_is2022.dll
2008-11-21 21:07:16 ----A---- C:\WINDOWS\system32\kbdkor.dll
2008-11-21 21:07:16 ----A---- C:\WINDOWS\system32\kbdjpn.dll
2008-11-21 21:07:16 ----A---- C:\WINDOWS\system32\kbd103.dll
2008-11-21 21:07:16 ----A---- C:\WINDOWS\system32\kbd101c.dll
2008-11-21 21:07:11 ----A---- C:\WINDOWS\system32\kbd101b.dll
2008-11-21 21:07:10 ----A---- C:\WINDOWS\system32\kbd106.dll
2008-11-21 21:06:24 ----D---- C:\Documents and Settings\vintenar\Application Data\Google
2008-11-21 21:06:00 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-11-21 21:05:53 ----D---- C:\Program Files\Common Files\Adobe
2008-11-21 21:05:53 ----D---- C:\Program Files\Adobe
2008-11-21 21:04:33 ----D---- C:\Documents and Settings\All Users\Application Data\Google
2008-11-21 21:04:27 ----D---- C:\Program Files\Google
2008-11-21 21:04:19 ----D---- C:\Program Files\NOS
2008-11-21 21:04:19 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-11-21 20:54:25 ----D---- C:\Program Files\Avira
2008-11-21 20:54:25 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-11-21 20:48:38 ----D---- C:\WINDOWS\Prefetch
2008-11-21 20:47:10 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-21 20:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-21 20:47:02 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-21 20:46:57 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-21 20:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-21 20:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-21 20:46:42 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-21 20:46:38 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-21 20:46:35 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-21 20:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-21 20:46:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-21 20:46:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-21 20:46:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-21 20:46:14 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-21 20:46:10 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-21 20:46:05 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-21 20:42:52 ----D---- C:\WINDOWS\system32\scripting
2008-11-21 20:42:52 ----D---- C:\WINDOWS\system32\en
2008-11-21 20:42:52 ----D---- C:\WINDOWS\system32\bits
2008-11-21 20:42:52 ----D---- C:\WINDOWS\l2schemas
2008-11-21 20:41:46 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-21 20:37:12 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-21 20:37:11 ----D---- C:\WINDOWS\EHome
2008-11-21 20:33:30 ----D---- C:\WINDOWS\nview
2008-11-21 20:33:30 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-11-21 20:28:01 ----D---- C:\Documents and Settings\vintenar\Application Data\Adobe
2008-11-21 20:27:51 ----D---- C:\Documents and Settings\vintenar\Application Data\Macromedia
2008-11-21 20:23:30 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-11-21 20:23:26 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-11-21 20:23:22 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-11-21 20:23:17 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-11-21 20:22:55 ----D---- C:\WINDOWS\ie7updates
2008-11-21 20:22:41 ----D---- C:\WINDOWS\WBEM
2008-11-21 20:22:40 ----D---- C:\WINDOWS\system32\en-US
2008-11-21 20:21:35 ----HDC---- C:\WINDOWS\ie7
2008-11-21 20:21:29 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-11-21 20:21:20 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-11-21 20:21:09 ----HDC---- C:\WINDOWS\$NtUninstallKB915865$
2008-11-21 20:21:07 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-11-21 20:20:40 ----D---- C:\WINDOWS\network diagnostic
2008-11-21 20:20:39 ----HDC---- C:\WINDOWS\$NtUninstallKB914440$
2008-11-21 20:20:34 ----HDC---- C:\WINDOWS\$NtUninstallKB904942$
2008-11-21 20:19:26 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-11-21 20:19:22 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-11-21 20:19:18 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-11-21 20:19:13 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-11-21 20:19:09 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-11-21 20:18:38 ----A---- C:\WINDOWS\system32\MRT.exe
2008-11-21 20:18:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-11-21 20:18:25 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-11-21 20:18:21 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-11-21 20:18:16 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-11-21 20:18:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-11-21 20:18:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-11-21 20:18:04 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-11-21 20:17:59 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-11-21 20:17:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2008-11-21 20:17:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-21 20:17:30 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-11-21 20:04:09 ----D---- C:\WINDOWS\system32\PreInstall
2008-11-21 20:04:09 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-11-21 20:04:08 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-11-21 20:04:08 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-21 20:03:44 ----A---- C:\WINDOWS\system32\wpa.bak
2008-11-21 20:00:34 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-21 20:00:21 ----D---- C:\WINDOWS\system32\LogFiles
2008-11-21 19:56:59 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-11-21 19:56:56 ----A---- C:\WINDOWS\system32\nvraiins.dll
2008-11-21 19:56:56 ----A---- C:\WINDOWS\system32\nvraidco.dll
2008-11-21 19:56:54 ----RA---- C:\WINDOWS\system32\idecoi.dll
2008-11-21 07:56:18 ----RA---- C:\WINDOWS\system32\fdco1ins.dll
2008-11-21 07:56:15 ----RA---- C:\WINDOWS\system32\bdco1ins.dll
2008-11-21 07:56:15 ----D---- C:\WINDOWS\NV17601500.TMP
2008-11-21 07:56:14 ----A---- C:\WINDOWS\system32\nvusmb.exe
2008-11-21 07:56:14 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-11-21 07:55:59 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-21 07:55:42 ----D---- C:\Program Files\Common Files\InstallShield
2008-11-21 07:44:53 ----D---- C:\Documents and Settings\vintenar\Application Data\Identities
2008-11-21 07:44:51 ----HD---- C:\Program Files\Uninstall Information
2008-11-21 07:44:45 ----ASH---- C:\Documents and Settings\vintenar\Application Data\desktop.ini
2008-11-21 07:44:44 ----SD---- C:\Documents and Settings\vintenar\Application Data\Microsoft
2008-11-21 07:43:21 ----D---- C:\WINDOWS\SoftwareDistribution
2008-11-21 07:43:19 ----SD---- C:\WINDOWS\system32\Microsoft
2008-11-21 07:43:19 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-21 07:37:40 ----D---- C:\WINDOWS\system32\xircom
2008-11-21 07:37:40 ----D---- C:\Program Files\xerox
2008-11-21 07:37:39 ----D---- C:\Program Files\microsoft frontpage
2008-11-21 07:37:30 ----A---- C:\WINDOWS\control.ini
2008-11-21 07:37:30 ----A---- C:\AUTOEXEC.BAT
2008-11-21 07:37:13 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-21 07:37:08 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-11-21 07:36:15 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-11-21 07:36:15 ----RD---- C:\WINDOWS\Offline Web Pages
2008-11-21 07:36:15 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-11-21 07:36:09 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-11-21 07:36:04 ----HD---- C:\Program Files\WindowsUpdate
2008-11-21 07:35:41 ----D---- C:\WINDOWS\system32\DirectX
2008-11-21 07:35:19 ----A---- C:\WINDOWS\system32\atrace.dll
2008-11-21 07:35:15 ----A---- C:\WINDOWS\system32\desktop.ini
2008-11-21 07:35:15 ----A---- C:\WINDOWS\desktop.ini
2008-11-21 07:35:09 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-11-21 07:35:08 ----A---- C:\WINDOWS\system32\acctres.dll
2008-11-21 07:35:07 ----D---- C:\Program Files\Common Files\Services
2008-11-21 07:35:05 ----SD---- C:\WINDOWS\Tasks
2008-11-21 07:35:04 ----D---- C:\Program Files\Common Files\MSSoap
2008-11-21 07:35:04 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-11-21 07:34:58 ----D---- C:\WINDOWS\srchasst
2008-11-21 07:34:57 ----D---- C:\WINDOWS\system32\Macromed
2008-11-21 07:34:53 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-11-21 07:34:53 ----A---- C:\WINDOWS\system32\wups.dll
2008-11-21 07:34:53 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-11-21 07:34:53 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-11-21 07:34:53 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-11-21 07:34:53 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-11-21 07:34:52 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-11-21 07:34:52 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-11-21 07:34:52 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-11-21 07:34:52 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-11-21 07:34:52 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-11-21 07:34:52 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-11-21 07:34:52 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-11-21 07:34:46 ----D---- C:\Program Files\Movie Maker
2008-11-21 07:34:42 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-11-21 07:34:42 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-11-21 07:34:42 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-11-21 07:34:42 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-11-21 07:34:37 ----D---- C:\WINDOWS\system32\Restore
2008-11-21 07:34:37 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-11-21 07:34:37 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-11-21 07:34:37 ----A---- C:\WINDOWS\system32\srclient.dll
2008-11-21 07:34:37 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-11-21 07:34:37 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-11-21 07:34:36 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-11-21 07:34:36 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-11-21 07:34:36 ----A---- C:\WINDOWS\system32\ils.dll
2008-11-21 07:34:35 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-11-21 07:34:35 ----A---- C:\WINDOWS\system32\msconf.dll
2008-11-21 07:34:35 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-11-21 07:34:32 ----D---- C:\Program Files\NetMeeting
2008-11-21 07:34:32 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-11-21 07:34:32 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-11-21 07:34:31 ----A---- C:\WINDOWS\system32\inetres.dll
2008-11-21 07:34:30 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-11-21 07:34:28 ----D---- C:\Program Files\Outlook Express
2008-11-21 07:34:28 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-11-21 07:34:28 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-11-21 07:34:27 ----A---- C:\WINDOWS\system32\mstask.dll
2008-11-21 07:34:27 ----A---- C:\WINDOWS\system32\isign32.dll
2008-11-21 07:34:27 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-11-21 07:34:27 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-11-21 07:34:27 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-11-21 07:34:20 ----D---- C:\Program Files\Common Files\System
2008-11-21 07:34:19 ----D---- C:\Program Files\Internet Explorer
2008-11-21 07:34:06 ----D---- C:\Program Files\ComPlus Applications
2008-11-21 07:34:04 ----A---- C:\WINDOWS\vbaddin.ini
2008-11-21 07:34:04 ----A---- C:\WINDOWS\vb.ini
2008-11-21 07:33:59 ----D---- C:\WINDOWS\Registration
2008-11-21 07:33:28 ----D---- C:\Program Files\Windows Media Player
2008-11-21 07:33:28 ----D---- C:\Program Files\Online Services
2008-11-21 07:33:22 ----D---- C:\Program Files\Messenger
2008-11-21 07:33:18 ----D---- C:\Program Files\MSN Gaming Zone
2008-11-21 07:33:18 ----A---- C:\WINDOWS\system32\write.exe
2008-11-21 07:33:10 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-11-21 07:33:10 ----A---- C:\WINDOWS\system32\hticons.dll
2008-11-21 07:33:09 ----A---- C:\WINDOWS\system32\winchat.exe
2008-11-21 07:33:09 ----A---- C:\WINDOWS\system32\avwav.dll
2008-11-21 07:33:09 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-11-21 07:33:09 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-11-21 07:33:02 ----A---- C:\WINDOWS\system32\getuname.dll
2008-11-21 07:33:02 ----A---- C:\WINDOWS\system32\charmap.exe
2008-11-21 07:33:02 ----A---- C:\WINDOWS\system32\calc.exe
2008-11-21 07:33:01 ----A---- C:\WINDOWS\system32\winmine.exe
2008-11-21 07:33:01 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-11-21 07:33:01 ----A---- C:\WINDOWS\system32\tskill.exe
2008-11-21 07:33:01 ----A---- C:\WINDOWS\system32\sol.exe
2008-11-21 07:33:01 ----A---- C:\WINDOWS\system32\reset.exe
2008-11-21 07:33:01 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-11-21 07:33:01 ----A---- C:\WINDOWS\system32\freecell.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\tscon.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\shadow.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\regini.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\msg.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\logoff.exe
2008-11-21 07:33:00 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-11-21 07:32:59 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-11-21 07:32:58 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-11-21 07:32:57 ----A---- C:\WINDOWS\system32\stclient.dll
2008-11-21 07:32:57 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-11-21 07:32:57 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-11-21 07:32:57 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-11-21 07:32:57 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-11-21 07:32:57 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-11-21 07:32:57 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-11-21 07:32:53 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-11-21 07:32:43 ----D---- C:\Program Files\MSN
2008-11-21 07:32:41 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-11-21 07:32:40 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-11-21 07:32:37 ----D---- C:\Program Files\Windows NT
2008-11-21 07:32:37 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-11-21 07:32:37 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-11-21 07:32:37 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-11-21 07:32:36 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-11-21 07:32:36 ----A---- C:\WINDOWS\system32\spider.exe
2008-11-21 07:32:36 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-11-21 07:32:35 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-11-21 07:32:34 ----D---- C:\WINDOWS\system32\MsDtc
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-11-21 07:32:34 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-11-21 07:32:33 ----D---- C:\WINDOWS\system32\Com
2008-11-21 07:32:33 ----A---- C:\WINDOWS\system32\colbact.dll
2008-11-21 07:32:33 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-11-21 07:32:33 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-11-21 07:32:33 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-11-21 07:32:33 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-11-21 07:32:32 ----A---- C:\WINDOWS\system32\comuid.dll
2008-11-21 07:32:32 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-11-21 07:32:32 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-11-21 07:32:28 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-11-21 07:32:28 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-11-21 07:32:28 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-11-21 07:32:28 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-11-21 03:38:55 ----A---- C:\WINDOWS\system32\h323log.txt
2008-11-21 03:26:55 ----A---- C:\WINDOWS\system32\usbui.dll
2008-11-21 03:25:41 ----A---- C:\WINDOWS\imsins.BAK
2008-11-21 03:25:38 ----SHD---- C:\WINDOWS\Installer
2008-11-21 03:25:38 ----D---- C:\Program Files\Common Files\ODBC
2008-11-21 03:25:38 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-21 03:25:38 ----A---- C:\WINDOWS\ODBCINST.INI
2008-11-21 03:25:35 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-11-21 03:25:34 ----RD---- C:\Program Files
2008-11-21 03:25:34 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-21 03:25:34 ----D---- C:\Program Files\Common Files
2008-11-21 03:25:31 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-11-21 03:25:31 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-11-21 03:25:31 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-11-21 03:25:30 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-11-21 03:25:29 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-11-21 03:25:29 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-11-21 03:25:29 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-11-21 03:25:29 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-11-21 03:25:29 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-11-21 03:25:29 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-11-21 03:25:29 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-11-21 03:25:28 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-11-21 03:25:28 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-11-21 03:25:28 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-11-21 03:25:28 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-11-21 03:25:28 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-11-21 03:25:26 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-11-21 03:25:24 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-11-21 03:25:24 ----A---- C:\WINDOWS\system32\irclass.dll
2008-11-21 03:25:24 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-11-21 03:25:24 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-11-21 03:25:24 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-11-21 03:25:22 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-11-21 03:25:22 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-11-21 03:25:22 ----A---- C:\WINDOWS\system32\batt.dll
2008-11-21 03:25:22 ----A---- C:\WINDOWS\notepad.exe
2008-11-21 03:25:21 ----A---- C:\WINDOWS\system32\storprop.dll
2008-11-21 03:25:12 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-11-21 03:25:08 ----RA---- C:\WINDOWS\SET8.tmp
2008-11-21 03:25:06 ----RA---- C:\WINDOWS\SET4.tmp
2008-11-21 03:25:04 ----RA---- C:\WINDOWS\SET3.tmp
2008-11-21 03:24:59 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-21 03:24:59 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-21 03:24:53 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-11-21 03:24:35 ----A---- C:\WINDOWS\setuplog.txt
2008-11-21 03:24:30 ----SHD---- C:\System Volume Information
2008-11-21 03:24:30 ----D---- C:\Documents and Settings
2008-11-21 03:21:55 ----N---- C:\boot.ini
2008-11-21 03:15:30 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-11-21 03:15:30 ----RSD---- C:\WINDOWS\Fonts
2008-11-21 03:15:30 ----RD---- C:\WINDOWS\Web
2008-11-21 03:15:30 ----HD---- C:\WINDOWS\inf
2008-11-21 03:15:30 ----D---- C:\WINDOWS\WinSxS
2008-11-21 03:15:30 ----D---- C:\WINDOWS\twain_32
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Temp
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\wins
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\wbem
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\usmt
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\spool
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\ShellExt
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\Setup
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\ras
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\oobe
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\npp
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\mui
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\inetsrv
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\IME
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\icsxml
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\ias
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\export
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\drivers
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\dhcp
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\config
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\3com_dmi
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\3076
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\2052
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1054
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1042
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1041
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1037
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1033
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1031
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1028
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32\1025
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system32
2008-11-21 03:15:30 ----D---- C:\WINDOWS\system
2008-11-21 03:15:30 ----D---- C:\WINDOWS\security
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Resources
2008-11-21 03:15:30 ----D---- C:\WINDOWS\repair
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Provisioning
2008-11-21 03:15:30 ----D---- C:\WINDOWS\PeerNet
2008-11-21 03:15:30 ----D---- C:\WINDOWS\pchealth
2008-11-21 03:15:30 ----D---- C:\WINDOWS\mui
2008-11-21 03:15:30 ----D---- C:\WINDOWS\msapps
2008-11-21 03:15:30 ----D---- C:\WINDOWS\msagent
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Media
2008-11-21 03:15:30 ----D---- C:\WINDOWS\java
2008-11-21 03:15:30 ----D---- C:\WINDOWS\ime
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Help
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Driver Cache
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Debug
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Cursors
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Connection Wizard
2008-11-21 03:15:30 ----D---- C:\WINDOWS\Config
2008-11-21 03:15:30 ----D---- C:\WINDOWS\AppPatch
2008-11-21 03:15:30 ----D---- C:\WINDOWS\addins
2008-11-21 03:15:30 ----D---- C:\WINDOWS
2008-10-16 13:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 13:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 13:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 13:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-09-30 15:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
2008-09-08 10:10:32 ----A---- C:\WINDOWS\system32\nvLsp.dll

======List of files/folders modified in the last 3 months======

2008-11-29 02:41:42 ----A---- C:\WINDOWS\win.ini
2008-11-29 02:41:42 ----A---- C:\WINDOWS\system.ini
2008-10-16 13:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-15 10:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-03 11:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-09-09 19:14:56 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-09-04 11:15:04 ----A---- C:\WINDOWS\system32\msxml3.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-11-25 75072]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 elagopro;GoProto Protocol Driver for LELA; C:\WINDOWS\system32\DRIVERS\elagopro.sys [2007-03-22 28672]
R2 elaunidr;UniDriver for LELA; C:\WINDOWS\system32\DRIVERS\elaunidr.sys [2007-03-22 5376]
R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-07-26 3644032]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 BOCDRIVE;BOClean Kernel Monitor.; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys []
R3 CLEDX;Team H2O CLEDX service; C:\WINDOWS\system32\DRIVERS\cledx.sys [2005-05-09 33792]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-08-01 6555104]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-29 34048]
R3 nvnetbus;NVIDIA Network Bus Enumerator; C:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-29 12928]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
S1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys []
S1 AmdPPM;AMD HwPState Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdPPM.sys []
S2 BVRPNDIS;BVRPNDIS Protocol Driver U/I; \??\C:\Program Files\BVRP Connection Manager\BVRPNDIS.SYS []
S3 AmdLLD;AMD Low Level Device Driver; C:\WINDOWS\system32\DRIVERS\AmdLLD.sys []
S3 FXDRV;FXDRV; \??\D:\Fxdrv.sys []
S3 MTK;Media Technology Kernel Driver; C:\WINDOWS\System32\Drivers\fide.sys [2008-11-24 14468]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-10-15 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-10-15 151297]
R2 BOCore;BOCore; C:\Program Files\Comodo\CBOClean\BOCORE.exe [2008-07-14 73464]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2008-11-28 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-08-01 159812]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S2 Nomad;Connection Manager; C:\Program Files\BVRP Connection Manager\NomadSvr.exe []
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------

 

This should of been my second post rtis log

Logfile of random's system information tool 1.04 (written by random/random)
Run by vintenar at 2008-12-01 18:11:26
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 7 GB (18%) free of 38 GB
Total RAM: 958 MB (32% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:11:38 PM, on 12/1/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\nvraidservice.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Comodo\CBOClean\BOCORE.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\MySpace\IM\MySpaceIM.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\PayPal\PayPal Plug-In\RBroker.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Documents and Settings\vintenar\Desktop\RSIT.exe
C:\hijackthis\vintenar.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: OToolbarHelper Class - {EAD3A971-6A23-4246-8691-C9244E858967} - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll
O3 - Toolbar: PayPal Plug-In - {DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe "
O4 - HKLM\..\Run: [NVRaidService] C:\WINDOWS\system32\nvraidservice.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [H2O] C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [BOC-427] C:\PROGRA~1\Comodo\CBOClean\BOC427.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [EasyLinkAdvisor] "C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe" /startup
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe
O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\BVRP Connection Manager\Nomad.exe" /runstart
O4 - HKUS\S-1-5-18\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [MySpaceIM] C:\Program Files\MySpace\IM\MySpaceIM.exe (User 'Default user')
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://cdn.scan.onecare.live.com/resource/download/scanner/wlscbase6662.cab
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BOCore - COMODO - C:\Program Files\Comodo\CBOClean\BOCORE.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\BVRP Connection Manager\NomadSvr.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

--
End of file - 6323 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Spybot - Search & Destroy - Scheduled Task.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-28 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-28 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-28 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EAD3A971-6A23-4246-8691-C9244E858967}]
OToolbarHelper Class - C:\Program Files\PayPal\PayPal Plug-In\PayPalHelper.dll [2008-09-29 99328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{DC0F2F93-27FA-4f84-ACAA-9416F90B9511} - PayPal Plug-In - C:\Program Files\PayPal\PayPal Plug-In\OToolbar.dll [2008-09-29 3146240]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon "=C:\WINDOWS\system32\NvCpl.dll [2008-08-01 13529088]
"nwiz "=nwiz.exe /install []
"avgnt "=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"Adobe Reader Speed Launcher "=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NVRaidService "=C:\WINDOWS\system32\nvraidservice.exe [2008-08-18 203296]
"NvMediaCenter "=C:\WINDOWS\system32\NvMcTray.dll [2008-08-01 86016]
"SoundMan "=C:\WINDOWS\SOUNDMAN.EXE [2005-07-22 81920]
"H2O "=C:\Program Files\SyncroSoft\Pos\H2O\cledx.exe [2005-10-22 385024]
"KernelFaultCheck "=C:\WINDOWS\system32\dumprep 0 -k []
"BOC-427 "=C:\PROGRA~1\Comodo\CBOClean\BOC427.exe [2008-07-14 351480]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"EasyLinkAdvisor "=C:\Program Files\Linksys EasyLink Advisor\LinksysAgent.exe [2007-03-15 454784]
"SpybotSD TeaTimer "=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"MySpaceIM "=C:\Program Files\MySpace\IM\MySpaceIM.exe [2008-04-17 9117696]
"Connection Manager "=C:\Program Files\BVRP Connection Manager\Nomad.exe /runstart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-28 136600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\SuperUtility\SuperUpdate.exe "= "C:\Program Files\SuperUtility\SuperUpdate.exe:*:Enabled:SuperUpdate "
"C:\Program Files\BitLord\BitLord.exe "= "C:\Program Files\BitLord\BitLord.exe:*isabled:BitLord "
"C:\kav\kav7\setup.exe "= "C:\kav\kav7\setup.exe:*isabled:Kaspersky Anti-Virus 7.0 Setup "
"C:\Program Files\MySpace\IM\MySpaceIM.exe "= "C:\Program Files\MySpace\IM\MySpaceIM.exe:*:Enabled:MySpace Instant Messenger "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{cea1d3cd-b84d-11dd-993e-001558215ffa}]
shell\AutoRun\command - setupSNK.exe

 

Welcome to WindowsBBS downsystem

Are you able to open msconfig by clicking Start>Run and typing msconfig.exe
Try using the following command in the Run dialog too.

%systemroot%\system32\dllcache\msconfig.exe

 

When i used %systemroot%\system32\dllcache\msconfig.exe in the command line it gives me this message.

Windows cannot find 'C:\windows\system32\dllcache\msconfig.exe'. Make sure you typed the name correctly, and then try again. To search for a file, click the start button, and then click search.

 

And what about using msconfig.exe on the Run line?

 

The run line in the start menu wont open msconfig, if thats what your talking about. I was hoping to fix that. I suppose its kind of irrelevent since i can get it to open via a shortcut i place of the exe. file on my desktop, which isnt a really safe thing to do im guessing. I think i was really open to have some one say hey i looked at your info and it i cant see any obvious malware/spyware thats still lurking on my system.

 

Please type it exactly as I requested and let me know the results.

Start>Run and type msconfig.exe

I was already aware that typing msconfig wasn't working.

 

weird

Well seems the msconfig.exe used in the run line does work. I wonder why it works that way but no by using just msconfig alone.

 

First, please navigate to C:\WINDOWS\PCHealth\HelpCtr\Binaries and right click msconfig.exe and select Copy.
Now navigate to C:\windows\system32\dllcache and right click a blank space, then select Paste.

Now, download DAFT and save it to your Desktop.

Double-click the daft.exe icon. Read the disclaimer and click okay.
Click on the Scan button.
If it produces anything other than a message that all associations are ok, click Save Logfile and post the contents of the log it creates.
It will be named daft.txt and located on your desktop as well.

Try typing just msconfig again please, after doing the above, then let me know if there's any change.

 

I found the msconfig.exe directory, but when i went to windows/system32/dllcache i couldnt find any file named that and then did a windows search for the file and it found nothing.

 

Please re-read my instructions carefully, then proceed with them one step at a time, to the letter.

 

msconfig and missing dllcache file

Ok i put the msconfig in the system32 near ware the dllcache should of been at alphabetically, downloaded and installed daft and it said all associations are ok with the registry, and now msconfig is opening correctly. Now it wants me to restart my computer after closing msconfig. So im assuming the problem is taken care off.

Should i be concern that my dllcache file is gone. From what i decern from the net it saves copies of all my dll files and allows windows to recover when something happens to one of the dlls Is that correct?

Oh by the way thanks for the help.

 

You cannot put the file in the system32 folder near where the dllcache folder belongs. It needs to be in the dllcache folder. You are correct - the dllcache has copies of system files for the purpose of replacing them should something happen to the normally used copy.

The dllcache folder is a hidden folder. That is why you do not see it. Please locate the copy of msconfig.exe you placed in the system32 folder, right click on it and select Cut.
Now click Start then Run and type the following bolded command.

%systemroot%\system32\dllcache

Now hit Enter.
The dllcache folder should open.
Right click in a blank space and select Paste.
Close those windows and try the msconfig command from Run again.

 

Ok the msconfig is removed and in the dllcache folder now. The weird thing is that msconfig opened when it was in the system32 folder, but when i took it out and put it in the dllcache folder it stopped working using both methods "msconfig" and "msconfig.exe ". I can still can open it through the cmd line though. I also used the daft program and that still said everythign was fine, even though its not. Got anymore ideas for this unusual behavior.

 

Highlight and copy the contents of the code box below.

Code:

reg query HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE >peek.txt
start notepad peek.txt
exit
cls

Click Start then Run and type cmd then hit Enter to open a command window.
Right click in the command window and select Paste.
The command window will close and a log will open.
Post the contents of that log.

 

The peek notepad log has nothing in it. Is that bad ?

Well i found some info on the sfc /scannow in did that in the command line. The system file checker found probably six or so files it needed to replace or fix in the dllcache folder. So im assuming whatever i got ******* up more then one file in there.

 

Highlight and copy the contents of the code box below.

Code:

reg delete  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE" /f
reg add  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE "
reg add  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE" /ve /t REG_SZ /d C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSCONFIG.EXE "
reg query  "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MSCONFIG.EXE" >peek.txt
start notepad peek.txt
exit
cls

Click Start>Run and type cmd then hit enter to open a command window. Right click in the command window and select paste. The command window will close and a log will open. Please post the contents of that log.