Inactive [InActive] Slow (3+ min) startup at blue "welcome" screen (XP sp2 & sp3)

Hello,

I've been searching the net, and this forum, tried different approaches to fix my problem but can't seem to find a solution.

I have a pretty recent laptop (Dell d630, 4gb ram) but it's been taking way too long to boot up windows

What I've tried so far :
- All the usual spyware/antivirus scans, defragmenting, registry fixing tools
- The several first steps proposed here : http://www.windowsbbs.com/windows-xp/73530-sp2-pauses-30-seconds-windows-starting-up.html
- Stopping as many non-critical startup programs and services
- uninstalling/reinstalling antivirus and some other progs, rebooting in between to see if they were the cause

No success so far...


Here's my Hijackthis report :

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:16:34, on 16/09/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 7799 bytes



And here's a startuplist log

StartupList report, 16/09/2008, 20:18:11
StartupList version: 1.52.2
Started from : C:\Program Files\Trend Micro\HijackThis\HijackThis.EXE
Detected: Windows XP SP3 (WinNT 5.01.2600)
Detected: Internet Explorer v7.00 (7.00.6000.16705)
* Using default options
==================================================

Running processes:

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe

--------------------------------------------------

Listing of startup folders:

Shell folders Common Startup:
[C:\Documents and Settings\All Users\Start Menu\Programs\Startup]
Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe

--------------------------------------------------

Checking Windows NT UserInit:

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINDOWS\system32\userinit.exe,

--------------------------------------------------

Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

IntelWireless = "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
IgfxTray = C:\WINDOWS\system32\igfxtray.exe
HotKeysCmds = C:\WINDOWS\system32\hkcmd.exe
Dell QuickSet = C:\Program Files\Dell\QuickSet\Quickset.exe
Apoint = C:\Program Files\DellTPad\Apoint.exe
avgnt = "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
IntelZeroConfig = "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "

--------------------------------------------------

Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

ctfmon.exe = C:\WINDOWS\system32\ctfmon.exe

--------------------------------------------------

Autorun entries in Registry subkeys of:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run

[OptionalComponents]
=

--------------------------------------------------

Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:

Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*

Shell & screensaver key from Registry:

Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*

Policies Shell key:

HKCU\..\Policies: Shell=*Registry value not found*
HKLM\..\Policies: Shell=*Registry value not found*

--------------------------------------------------


Enumerating Browser Helper Objects:

(no name) - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
(no name) - C:\PROGRA~1\SPYBOT~1\SDHelper.dll - {53707962-6F74-2D53-2644-206D7942484F}
(no name) - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
(no name) - (no file) - {7E853D72-626A-48EC-A868-BA8D5E23E045}
(no name) - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - {9030D464-4C02-4ABF-8ECC-5164760863C6}
(no name) - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll - {AE7CD045-E861-484f-8273-0445EE161910}

--------------------------------------------------

Enumerating ShellServiceObjectDelayLoad items:

PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
CDBurn: C:\WINDOWS\system32\SHELL32.dll
WebCheck: C:\WINDOWS\system32\webcheck.dll
SysTray: C:\WINDOWS\system32\stobject.dll

--------------------------------------------------
End of report, 5.639 bytes
Report generated in 0,047 seconds




Any ideas?

Thanks!

Michael

 

Hi Michael
I'm not seeing anything in the HJT log.

Lets get a on line scan to see if anything shows.

Download ATF Cleaner by Atribune and save it to your Desktop.
This is a good tool to get rid of the temporary garbage you pick up while surfing the net.
Double click ATF-Cleaner.exe to run the program.
Check the boxes to the left of:

Windows Temp
Current User Temp
All Users Temp
Cookies
Temporary Internet Files
Prefetch
Java Cache
Recycle bin

The rest are optional - if you want it to remove everything check "Select All ".
Finally, click Empty Selected. When you get the "Done Cleaning" message, click OK.

Now a scan.

Please do an online scan with Kaspersky WebScanner

Click on "Accept" If your pop "“up blocker blocks any windows from opening.

Click Run on the window that opens.
Windows Vista users you must open the web browser using the Run as Administrator command.

• The program will launch and then begin downloading the latest definition files:
• Under Scan on the left side.Click on My Computer
• This will start the program and scan your system.
• Click the "Scan Report" On the left side.
• The scan will take a while so be patient and let it run.
• Once the scan is complete it will display if your system has been infected.
  • Click the Save Report As button, and in the Browse dialog box, type a name for the scan report file that you want to create and select its type Text file. Click OK to save the file.:
• Save the text file to your desktop.
• Copy and paste that information in your next post.

Please post the Kaspersky results.

Thanks
Geri

 

Hi

Kaspersky indeed found 'treats':

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, September 18, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, September 18, 2008 07:15:08
Records in database: 1247508
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
E:\

Scan statistics:
Files scanned: 60163
Threat name: 2
Infected objects: 1
Suspicious objects: 3
Duration of the scan: 02:02:40


File name / Threat name / Threats count
C:\Documents and Settings\Michael\Local Settings\Application Data\Identities\{AAB4B2D6-70D5-452A-9FFE-E100DBFC8749}\Microsoft\Outlook Express\2 m_cambron@hotmail - Bulk Mail (1).dbx Suspicious: Trojan-Spy.HTML.Fraud.gen 3
C:\Program Files\mIRC\mirc.exe Infected: not-a-virus:Client-IRC.Win32.mIRC.631 1

The selected area was scanned.


Don't really know if something in my bulk mail counts or what's wrong with my mirc client though.

Should I delete it?

Thanks

Michael


(I'm going away for a week so it'll take some time before my next reply...)

 

Hi
Ok well neither one of those is going to slow down your boot up time.

Delete what's in your bulk folder and then the deleted items folder.

mIRC is not a problem.

I think you should post this problem in the Windows XP forum, the people over there may be able to help you out more then I could.

Geri

 

Hey

Thanks for trying

I originally posted it on the winXP forum but it was moved to this one... I'll post again

Thanks

Michael

 

Hi
OK. let them know that you are virus free.

Geri

 

Follow up from thread http://www.windowsbbs.com/windows-xp/77284-slow-3-min-startup-blue-welcome-screen-xp-sp2-sp3.html


Hey!

I did everything asked. removed the HTJ entries etc.

RSIT LOGS:

log.txt:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Michael at 2008-10-22 22:06:02
Microsoft Windows XP Professional Service Pack 3
System drive C: has 96 GB (63%) free of 153 GB
Total RAM: 3574 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:06:06, on 22/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\mspaint.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Documents and Settings\Michael\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Michael.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 8375 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-01-28 1554256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless "=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
"IgfxTray "=C:\WINDOWS\system32\igfxtray.exe [2007-05-16 138008]
"HotKeysCmds "=C:\WINDOWS\system32\hkcmd.exe [2007-05-16 162584]
"Dell QuickSet "=C:\Program Files\Dell\QuickSet\Quickset.exe [2008-02-22 1245184]
"Apoint "=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"SigmatelSysTrayApp "=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"avgnt "=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"IntelZeroConfig "=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes' Anti-Malware "=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2008-10-16 398992]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-12 623992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-12 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-03-29 222128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2007-05-16 138008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-08-17 1116920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-01-28 2097488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2007-01-12 2150400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"VMware NAT Service "=2
"vmount2 "=2
"VMnetDHCP "=2
"VMAuthdService "=2
"SQLAgent$PINNACLESYS "=3
"SCardSvr "=2
"PnkBstrA "=2
"PinnacleSys.MediaServer "=3
"FLEXnet Licensing Service "=3

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=255
"NoDrives "=0
"_NoDriveTypeAutoRun "=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDriveAutoRun "=
"NoDrives "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe "= "C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service "
"C:\Program Files\mIRC\mirc.exe "= "C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC "
"C:\Program Files\eMule\emule.exe "= "C:\Program Files\eMule\emule.exe:*:Enabled:eMule "
"C:\Program Files\GameSpy Arcade\Aphex.exe "= "C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade "
"C:\Program Files\Azureus\Azureus.exe "= "C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus "
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe "= "C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabledmc.exe "
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe "= "C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:EnabledSST.exe "
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe "= "C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:EnabledMSManager.exe "
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe "= "C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:EnabledMSInstallInit.exe "
"C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe "= "C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:EnabledMC.Tvtv.Wizard.exe "
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe "= "C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:EnabledMSInstallInit.exe "
"C:\Program Files\Mozilla Firefox\firefox.exe "= "C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox "
"C:\Program Files\Internet Explorer\IEXPLORE.EXE "= "C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe "= "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNetisabledMCService "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Skype\Phone\Skype.exe "= "C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0424ee14-6c6b-11dd-b010-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0424ee15-6c6b-11dd-b010-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0424ee16-6c6b-11dd-b010-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5ef95a-608e-11dd-b00d-001de04690df}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5ef95b-608e-11dd-b00d-001de04690df}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{238ba2b4-6ffa-11dd-b013-001de04690df}]
shell\AutoRun\command - hgu.bat
shell\explore\command - hgu.bat
shell\open\command - hgu.bat

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7952f81b-150f-11dd-afe4-005056c00008}]
shell\Auto\command - D:\bittorrent.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82e05a22-6090-11dd-b00e-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f5806f41-fcfe-11dc-a4ce-806d6172696f}]
shell\AutoRun\command - E:\install.EXE id= ver=1.0.0.0


======List of files/folders created in the last 3 months======

2008-10-22 21:20:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-22 21:13:40 ----D---- C:\rsit
2008-10-22 21:08:42 ----D---- C:\Program Files\CCleaner
2008-10-21 12:33:46 ----D---- C:\Program Files\DiagramStudio 5.4
2008-10-16 10:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 10:17:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 10:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 10:16:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 10:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 19:00:19 ----D---- C:\Documents and Settings\Michael\Application Data\dvdcss
2008-10-15 17:15:57 ----D---- C:\Program Files\InterActual
2008-10-01 17:40:06 ----D---- C:\Program Files\Common Files\Apple
2008-10-01 17:40:02 ----D---- C:\Program Files\QuickTime
2008-10-01 17:40:01 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-26 11:00:29 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-09-16 19:36:49 ----D---- C:\Program Files\Trend Micro
2008-09-16 17:34:01 ----D---- C:\Program Files\RegCleaner
2008-09-16 17:12:42 ----D---- C:\Documents and Settings\Michael\Application Data\Windows Search
2008-09-11 11:05:02 ----HD---- C:\WINDOWS\PIF
2008-09-11 02:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-11 02:38:45 ----D---- C:\Documents and Settings\Michael\Application Data\Windows Desktop Search
2008-09-11 02:38:20 ----D---- C:\Program Files\Windows Desktop Search
2008-09-11 02:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2008-09-11 02:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-09-11 02:37:44 ----D---- C:\WINDOWS\ie7updates
2008-09-11 02:36:19 ----D---- C:\WINDOWS\WBEM
2008-09-11 02:36:02 ----HDC---- C:\WINDOWS\ie7
2008-09-11 02:35:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-09-11 02:35:35 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-09-11 00:31:14 ----D---- C:\WINDOWS\Prefetch
2008-09-11 00:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-09-11 00:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-11 00:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-11 00:29:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-11 00:28:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-11 00:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-11 00:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-11 00:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-11 00:28:36 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-11 00:26:16 ----D---- C:\WINDOWS\system32\scripting
2008-09-11 00:26:15 ----D---- C:\WINDOWS\l2schemas
2008-09-11 00:26:14 ----D---- C:\WINDOWS\system32\en
2008-09-11 00:26:14 ----D---- C:\WINDOWS\system32\bits
2008-09-11 00:24:16 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-11 00:22:40 ----D---- C:\WINDOWS\network diagnostic
2008-09-11 00:21:07 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-10 23:53:55 ----D---- C:\Program Files\Avira
2008-09-10 23:53:55 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-10 23:51:48 ----D---- C:\Program Files\MSBuild
2008-09-10 23:51:45 ----D---- C:\WINDOWS\system32\XPSViewer
2008-09-10 23:51:41 ----D---- C:\WINDOWS\system32\en-us
2008-09-10 23:51:41 ----D---- C:\Program Files\Reference Assemblies
2008-09-10 23:51:21 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-09-10 23:12:15 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-09-10 23:10:18 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-09-10 23:10:17 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-10 23:10:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-10 23:10:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-10 23:10:13 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-10 23:10:13 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-10 23:10:12 ----N---- C:\WINDOWS\slrundll.exe
2008-09-10 23:10:11 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-10 23:10:11 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-10 23:10:11 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-10 23:10:09 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-10 23:10:08 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-10 23:10:07 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-09-10 23:10:06 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-10 23:10:06 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-10 23:09:54 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-10 23:09:54 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-10 23:09:52 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-09-10 23:09:51 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-10 23:09:49 ----A---- C:\WINDOWS\003374_.tmp
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-10 23:09:45 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-10 23:09:40 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-10 22:24:11 ----D---- C:\Program Files\Free Window Registry Repair
2008-09-10 22:16:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-10 21:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-07 13:18:05 ----D---- C:\WINDOWS\PCTV
2008-09-07 12:56:54 ----A---- C:\checkrun.txt
2008-09-05 23:30:42 ----N---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:29:58 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-09-05 14:41:51 ----A---- C:\WINDOWS\hpbafd.ini
2008-09-04 19:33:12 ----D---- C:\Program Files\Broadcom
2008-09-01 14:04:43 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-01 14:04:43 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-01 14:04:43 ----A---- C:\WINDOWS\system32\java.exe
2008-08-25 16:22:30 ----D---- C:\Program Files\MSECache
2008-08-17 22:59:16 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2008-08-17 22:44:48 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2008-08-17 21:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-17 21:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-17 21:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-17 21:54:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-17 21:51:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-17 21:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-17 21:50:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-17 21:50:04 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-17 21:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$
2008-08-07 14:27:24 ----D---- C:\WINDOWS\Downloaded Installations
2008-08-04 00:56:15 ----D---- C:\Documents and Settings\Michael\Application Data\Macrovision
2008-08-03 16:25:17 ----D---- C:\Program Files\Trillian
2008-08-03 15:20:45 ----D---- C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$
2008-08-02 20:45:33 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2008-08-02 20:41:51 ----D---- C:\Program Files\Vodafone
2008-08-02 20:41:51 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2008-08-02 08:47:14 ----A---- C:\WINDOWS\system32\muweb.dll
2008-08-02 08:47:14 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-08-02 08:47:14 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-07-31 18:42:42 ----D---- C:\Documents and Settings\Michael\Application Data\skypePM
2008-07-31 18:39:36 ----D---- C:\Documents and Settings\Michael\Application Data\Skype
2008-07-31 18:38:36 ----D---- C:\Program Files\Skype
2008-07-31 18:38:35 ----D---- C:\Program Files\Common Files\Skype
2008-07-31 18:38:24 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-07-31 18:38:21 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-31 18:37:47 ----D---- C:\Program Files\Windows Live
2008-07-31 18:37:37 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-29 17:50:03 ----A---- C:\WINDOWS\system32\ptpusb.dll
2008-07-29 17:50:02 ----A---- C:\WINDOWS\system32\ptpusd.dll
2008-07-28 04:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-24 00:48:40 ----A---- C:\WINDOWS\system32\ssldivx.dll
2008-07-24 00:48:40 ----A---- C:\WINDOWS\system32\libdivx.dll

 

======List of files/folders modified in the last 3 months======

2008-10-22 21:20:28 ----HD---- C:\WINDOWS\system32\drivers
2008-10-22 21:20:24 ----RD---- C:\Program Files
2008-10-22 21:12:02 ----D---- C:\Program Files\Mozilla Firefox
2008-10-22 21:09:25 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-22 21:09:10 ----D---- C:\WINDOWS\Debug
2008-10-22 21:09:10 ----D---- C:\WINDOWS
2008-10-22 21:09:09 ----D---- C:\WINDOWS\Minidump
2008-10-22 21:01:49 ----D---- C:\WINDOWS\TEMP
2008-10-22 21:01:11 ----D---- C:\WINDOWS\system32
2008-10-22 10:39:10 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-10-22 10:28:20 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-16 11:52:19 ----D---- C:\WINDOWS\system32\wbem
2008-10-16 11:52:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-16 10:17:33 ----HD---- C:\WINDOWS\inf
2008-10-16 10:17:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-16 10:17:30 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-16 10:17:13 ----D---- C:\Program Files\Internet Explorer
2008-10-16 10:16:53 ----SHD---- C:\WINDOWS\Installer
2008-10-16 10:16:53 ----D---- C:\Config.Msi
2008-10-16 10:16:44 ----A---- C:\WINDOWS\win.ini
2008-10-08 03:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-04 01:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-03 18:02:51 ----SD---- C:\WINDOWS\Tasks
2008-10-01 17:40:06 ----D---- C:\Program Files\Common Files
2008-09-26 14:25:21 ----D---- C:\Program Files\Microsoft Office
2008-09-26 11:00:29 ----D---- C:\Program Files\Common Files\System
2008-09-18 20:30:23 ----D---- C:\WINDOWS\Help
2008-09-16 19:38:59 ----SH---- C:\boot.ini
2008-09-16 19:38:59 ----A---- C:\WINDOWS\system.ini
2008-09-16 19:38:23 ----D---- C:\Documents and Settings
2008-09-16 17:47:44 ----D---- C:\Program Files\SuperCopier2
2008-09-16 17:45:18 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-16 17:45:12 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-16 17:43:46 ----D---- C:\Program Files\Common Files\InstallShield
2008-09-16 17:42:19 ----D---- C:\Program Files\eMule
2008-09-16 17:22:34 ----D---- C:\Program Files\Adobe
2008-09-16 17:03:39 ----D---- C:\Program Files\McAfee
2008-09-11 02:38:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-11 02:38:20 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-09-11 02:36:21 ----D---- C:\WINDOWS\system32\config
2008-09-11 00:46:40 ----RSD---- C:\WINDOWS\assembly
2008-09-11 00:46:40 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-11 00:30:36 ----D---- C:\WINDOWS\system32\Setup
2008-09-11 00:30:36 ----D---- C:\WINDOWS\AppPatch
2008-09-11 00:30:35 ----RSD---- C:\WINDOWS\Fonts
2008-09-11 00:29:20 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-11 00:28:41 ----D---- C:\Program Files\Messenger
2008-09-11 00:28:29 ----D---- C:\WINDOWS\security
2008-09-11 00:26:40 ----D---- C:\WINDOWS\WinSxS
2008-09-11 00:26:36 ----D---- C:\Program Files\Windows Media Player
2008-09-11 00:26:24 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-11 00:26:24 ----D---- C:\WINDOWS\ime
2008-09-11 00:26:16 ----D---- C:\WINDOWS\system32\usmt
2008-09-11 00:26:14 ----D---- C:\WINDOWS\PeerNet
2008-09-11 00:26:14 ----D---- C:\Program Files\Movie Maker
2008-09-11 00:24:05 ----D---- C:\WINDOWS\system32\Restore
2008-09-11 00:24:05 ----D---- C:\WINDOWS\system32\npp
2008-09-11 00:24:05 ----D---- C:\WINDOWS\mui
2008-09-11 00:24:04 ----D---- C:\WINDOWS\msagent
2008-09-11 00:24:02 ----D---- C:\WINDOWS\srchasst
2008-09-11 00:24:02 ----D---- C:\Program Files\NetMeeting
2008-09-11 00:24:00 ----D---- C:\WINDOWS\system32\Com
2008-09-11 00:23:58 ----D---- C:\Program Files\Windows NT
2008-09-11 00:23:58 ----D---- C:\Program Files\Outlook Express
2008-09-11 00:23:44 ----D---- C:\WINDOWS\system32\oobe
2008-09-11 00:23:42 ----D---- C:\WINDOWS\system
2008-09-11 00:22:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-11 00:21:06 ----D---- C:\WINDOWS\ehome
2008-09-10 23:51:26 ----D---- C:\WINDOWS\system32\spool
2008-09-10 23:14:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-09-10 23:14:47 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-10 23:14:23 ----D---- C:\WINDOWS\SHELLNEW
2008-09-10 23:14:11 ----D---- C:\WINDOWS\Registration
2008-09-10 22:56:22 ----D---- C:\Documents and Settings\All Users\Application Data\VMware
2008-09-10 21:01:32 ----D---- C:\Program Files\QT Lite
2008-09-05 23:30:06 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-01 14:04:42 ----D---- C:\Program Files\Java
2008-08-30 02:25:02 ----SD---- C:\Documents and Settings\Michael\Application Data\Microsoft
2008-08-29 14:29:39 ----D---- C:\Program Files\Hitman Pro
2008-08-29 00:58:56 ----D---- C:\WINDOWS\pss
2008-08-27 16:24:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 15:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 15:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 15:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\occache.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\mstime.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\msrating.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 15:24:29 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 15:24:29 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 15:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 15:24:28 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 15:24:28 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 15:24:28 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 16:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 16:37:59 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-23 13:54:51 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-08-19 13:17:00 ----D---- C:\Documents and Settings\Michael\Application Data\mIRC
2008-08-19 13:06:40 ----D---- C:\Program Files\mIRC
2008-08-18 10:09:58 ----D---- C:\Program Files\DivX
2008-08-14 18:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 17:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 AWISp50;AWISp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\AWISp50.sys [2006-03-15 17664]
R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2008-04-10 71184]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9400]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2007-06-26 155136]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-05-26 11264]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-17 5707744]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-02-25 2203520]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-02-19 1228296]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-11 41600]
R3 USBCCID;USB Smart Card reader; C:\WINDOWS\system32\DRIVERS\usbccid.sys [2006-06-14 29184]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CSRBC;CSRBC.Sys CSR test driver; C:\WINDOWS\System32\Drivers\csrbcxp.sys [2007-01-16 31744]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-06-12 85969]
S3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-03 989696]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-11-03 209152]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-09-12 101120]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\WINDOWS\System32\Drivers\mod7700.sys [2007-02-12 459264]
S3 MODRC;DiBcom Infrared Receiver; C:\WINDOWS\system32\DRIVERS\modrc.sys [2006-05-09 13056]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-23 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-21 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-11 41856]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-03 730112]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2008-02-22 475136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [2007-05-10 94208]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-02-21 294912]
R3 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-31 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PD91Agent;PD91Agent; C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-04-16 689416]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-12-19 104000]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 PD91Engine;PD91Engine; C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-04-16 894216]
S4 PinnacleSys.MediaServer;Pinnacle Systems Media Service; c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe [2006-01-19 49152]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-05-21 66872]

-----------------EOF-----------------


info.txt:

info.txt logfile of random's system information tool 1.04 2008-10-22 21:13:43

======Uninstall list======

-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
AC3Filter (remove only)-->C:\Program Files\AC3Filter\uninstall.exe
Ad-Aware SE Personal-->C:\PROGRA~1\Lavasoft\AD-AWA~1\UNWISE.EXE C:\PROGRA~1\Lavasoft\AD-AWA~1\INSTALL.LOG
Adobe Acrobat 8.1.2 Professional-->msiexec /I {AC76BA86-1033-F400-7760-000000000003}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Photoshop 7.0-->C:\WINDOWS\ISUNINST.EXE -f "C:\Program Files\Adobe\Photoshop 7.0\Uninst.isu" -c "C:\Program Files\Adobe\Photoshop 7.0\Uninst.dll "
Adobe Reader 8.1.2 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A81200000003}
Advanced TAR Repair v1.4-->C:\PROGRA~1\ATR\UNWISE.EXE C:\PROGRA~1\ATR\INSTALL.LOG
Assistant de connexion Windows Live-->MsiExec.exe /I{AFA4E5FD-ED70-4D92-99D0-162FD56DC986}
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Azureus Vuze-->C:\Program Files\Azureus\uninstall.exe
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{D3B3B9B2-FE73-44CB-8C0A-F737D92F991B}
BSPlayer--> "C:\Program Files\BSPlayer\uninstall.exe "
CCleaner (remove only)--> "C:\Program Files\CCleaner\uninst.exe "
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Conexant HDA D330 MDC V.92 Modem-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F\HXFSETUP.EXE -U -Idel000f5.inf
CoreVorbis Audio Decoder (remove only)--> "C:\WINDOWS\system32\CoreVorbis-uninstall.exe "
Dell Inkjet Printer J740-->C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBJUN5C.EXE -dDell Inkjet Printer J740
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
DiagramStudio 5.4-->C:\Program Files\DiagramStudio 5.4\Uninstall.exe
Direct Show Ogg Vorbis Filter (remove only)--> "C:\WINDOWS\system32\OggDSuninst.exe "
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
DivX-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
EasyPHP 1.8--> "C:\Program Files\EasyPHP\unins000.exe "
ffdshow (remove only)--> "C:\Program Files\ffdshow\uninstall.exe "
High Definition Audio Driver Package - KB835221-->C:\WINDOWS\$NtUninstallKB835221WXP$\spuninst\spuninst.exe
HijackThis 2.0.2--> "C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hitman Pro--> "C:\Program Files\Hitman Pro\unins000.exe "
Hotfix 2050 for SQL Server 2000 ENU (KB948110)--> "C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB915800-v4)--> "C:\WINDOWS\$NtUninstallKB915800-v4$\spuninst\spuninst.exe "
Hotfix for Windows XP (KB952287)--> "C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe "
Image Resizer Powertoy for Windows XP-->MsiExec.exe /I{1CB92574-96F2-467B-B793-5CEB35C40C29}
Intel(R) Graphics Media Accelerator Driver-->C:\WINDOWS\system32\igxpun.exe -uninstall
Intel(R) PROSet/Wireless Software-->C:\WINDOWS\Installer\iProInst.exe
InterActual Player-->C:\Program Files\InterActual\InterActual Player\inuninst.exe
IZArc 3.81--> "C:\Program Files\IZArc\unins000.exe "
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
mCore-->MsiExec.exe /I{E81667C6-2856-46D6-ABEA-6A2F42166779}
mDriver-->MsiExec.exe /I{A0F925BF-5C55-44C2-A4E7-5A4C59791C29}
mDrWiFi-->MsiExec.exe /I{F6090A17-0967-4A8A-B3C3-422A1B514D49}
mHlpDell-->MsiExec.exe /I{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft .NET Framework 3.5-->C:\WINDOWS\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5\setup.exe
Microsoft .NET Framework 3.5-->MsiExec.exe /I{2FC099BD-AC9B-33EB-809C-D332E1B27C40}
Microsoft Internationalized Domain Names Mitigation APIs--> "C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe "
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5--> "C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe "
Microsoft National Language Support Downlevel APIs--> "C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe "
Microsoft Office Outlook Connector-->MsiExec.exe /I{95120000-011F-0409-0000-0000000FF1CE}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
mIWA-->MsiExec.exe /I{3E9D596A-61D4-4239-BD19-2DB984D2A16F}
mLogView-->MsiExec.exe /I{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}
mMHouse-->MsiExec.exe /I{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}
Mozilla Firefox (2.0.0.17)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
mPfMgr-->MsiExec.exe /I{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}
mPfWiz-->MsiExec.exe /I{90B0D222-8C21-4B35-9262-53B042F18AF9}
mProSafe-->MsiExec.exe /I{23FB368F-1399-4EAC-817C-4B83ECBE3D83}
mSCfg-->MsiExec.exe /I{829CD169-E692-48E8-9BDE-A3E8D8B65538}
mSSO-->MsiExec.exe /I{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 Parser and SDK-->MsiExec.exe /I{716E0306-8318-4364-8B8F-0CC4E9376BAC}
MSXML 6.0 Parser (KB933579)-->MsiExec.exe /I{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}
mWlsSafe-->MsiExec.exe /I{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}
mWMI-->MsiExec.exe /I{63DB9CCD-2B56-4217-9A3D-507AC78320CA}
mZConfig-->MsiExec.exe /I{94658027-9F16-4509-BBD7-A59FE57C3023}
Notepad++-->C:\Program Files\Notepad++\uninstall.exe
PerfectDisk 2008 Professional-->MsiExec.exe /I{2B6EC03E-6FA0-4D7C-9CCE-1B03819AB613}
Pinnacle MediaCenter--> "C:\Program Files\InstallShield Installation Information\{F38ADCA4-AF7C-4C73-9021-6F1EA15D15EA}\Setup.exe "UNINSTALL /l0x0009
Pinnacle MediaServer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{460CE8B9-6EC2-458A-90D4-691631ECE9D9}\setup.exe" -l0x9 UNINSTALL
QuickSet-->C:\Program Files\InstallShield Installation Information\{C5074CC4-0E26-4716-A307-960272A90040}\setup.exe -runfromtemp -l0x0009 APPDRVNT4 -removeonly
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator DE-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Drag-to-Disc-->MsiExec.exe /I{2F4C24E6-CBD4-4AAC-B56F-C9FD44DE5668}
Roxio Update Manager-->MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
SecureW2 TTLS Client 3.3.3 for Windows-->C:\Program Files\SecureW2\SecureW2 TTLS Client\Uninstall.exe
Security Update for Windows Internet Explorer 7 (KB938127-v2)--> "C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB953838)--> "C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe "
Security Update for Windows Internet Explorer 7 (KB956390)--> "C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe "
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)--> "C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe "
Security Update for Windows XP (KB941569)--> "C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe "
Security Update for Windows XP (KB946648)--> "C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe "
Security Update for Windows XP (KB950974)--> "C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951066)--> "C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951376-v2)--> "C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe "
Security Update for Windows XP (KB951748)--> "C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe "
Security Update for Windows XP (KB952954)--> "C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953838)--> "C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe "
Security Update for Windows XP (KB953839)--> "C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe "
Security Update for Windows XP (KB954211)--> "C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956391)--> "C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956803)--> "C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe "
Security Update for Windows XP (KB956841)--> "C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe "
Security Update for Windows XP (KB957095)--> "C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe "
SigmaTel Audio-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A462213D-EED4-42C2-9A60-7BDD4D4B0B17}\setup.exe" -l0x9 -remove -removeonly
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Spybot - Search & Destroy--> "C:\Program Files\Spybot - Search & Destroy\unins000.exe "
SpywareBlaster v3.5.1--> "C:\Program Files\SpywareBlaster\unins000.exe "
Switch Off--> "C:\Program Files\Switch Off\uninstall.exe "
Trillian-->C:\Program Files\Trillian\trillian.exe /uninstall
Update for Windows XP (KB951072-v2)--> "C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe "
Update for Windows XP (KB951978)--> "C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe "
VideoLAN VLC media player 0.8.6e-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Vodafone Mobile Connect Lite-->MsiExec.exe /X{B5761811-28F3-4257-B537-815C5EEF472C}
Winamp--> "C:\Program Files\Winamp\UninstWA.exe "
Windows Imaging Component--> "C:\WINDOWS\$NtUninstallWIC$\spuninst\spuninst.exe "
Windows Internet Explorer 7--> "C:\WINDOWS\ie7\spuninst\spuninst.exe "
Windows Live Messenger-->MsiExec.exe /X{BADF6744-3787-48F6-B8C9-4C4995401D65}
Windows Media Format Runtime--> "C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Search 4.0--> "C:\WINDOWS\$NtUninstallKB940157$\spuninst\spuninst.exe "
Windows XP Service Pack 3--> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe "
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
XviD MPEG-4 Video Codec--> "C:\Program Files\XviD\unins000.exe "

=====HijackThis Backups=====

O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O9 - Extra button: (no name) - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - (no file)

======Hosts File======

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

======Security center information======

AV: Avira AntiVir PersonalEdition

======Environment variables======

"ComSpec "=%SystemRoot%\system32\cmd.exe
"Path "=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\Program Files\Common Files\Roxio Shared\DLLShared;C:\Program Files\Microsoft SQL Server\80\Tools\Binn;C:\Program Files\QuickTime\QTSystem\
"windir "=%SystemRoot%
"FP_NO_HOST_CHECK "=NO
"OS "=Windows_NT
"PROCESSOR_ARCHITECTURE "=x86
"PROCESSOR_LEVEL "=6
"PROCESSOR_IDENTIFIER "=x86 Family 6 Model 15 Stepping 11, GenuineIntel
"PROCESSOR_REVISION "=0f0b
"NUMBER_OF_PROCESSORS "=2
"PATHEXT "=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP "=%SystemRoot%\TEMP
"TMP "=%SystemRoot%\TEMP
"RoxioCentral "=C:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH "=.;C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip
"QTJAVA "=C:\Program Files\Java\jre1.6.0_07\lib\ext\QTJava.zip

-----------------EOF-----------------


Malwarebytes came back clean:

mbam....log:

Malwarebytes' Anti-Malware 1.29
Database version: 1305
Windows 5.1.2600 Service Pack 3

22/10/2008 22:04:59
mbam-log-2008-10-22 (22-04-59).txt

Scan type: Full Scan (C:\|)
Objects scanned: 113847
Time elapsed: 43 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


Thanks a lot for the help!

Michael

 

Hi
Ok nothing really jumping out at me from your logs.

I don't believe this is a malware problem.

I would suggest posting in the Windows XP forum here They may have some ideas and would be more help in this area then I would be.

Thanks
Geri

 

Hey

MFlynn actually said he noticed traces of ckvo.exe walmare... Check the post I refered to, to see what I mean. (I actually come from the winXP section before coming from this one...)

thanks

Michael

 

Hi
OK I've ask noahdfear to look this over also, lets see if he sees anything that I may be missing.
"If" it is here he will find it.

Geri

 

Hi
OK while noahdfear is looking over your log please do this.

I believe this is what mike was talking about. though it is not much of a threat.

Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as "
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop double click “fix.reg file” and let it merge with the registry.

Code:

REGEDIT 4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{238ba2b4-6ffa-11dd-b013-001de04690df}] 

Please download Flash_Disinfector.exe by sUBs and save it to your desktop:

http://www.techsupportforum.com/sectools/sUBs/Flash_Disinfector.exe

NOTE: In the event you already have Flash_Disinfector, this is a new version that I need you to download.

Hold down the Shift key and insert your flash drive. (USB thumb drives)
It is important to hold the shift key while plugging in flash drive so the virus does not run and re-infect system.

• Double-click Flash_Disinfector.exe to run it.
  Follow any prompts that may appear.
  Your desktop will vanish for a while, and then reappear. This is normal.
  Wait until the program has finished scanning, then please exit the program.

Repeat this step if you have more than one flash drives.

Thanks
Geri

 

Done.

 

Hi
Please run this again, I had a space in there that shouldn't be there.

Open “Notepad” Copy the contents of the code box below to the blank Notepad.
Click "File" > "Save as "
In the "Save In" box at the top click the down arrow and select DeskTop

In the “File name” type in: fix.reg
In the “Save As Type” select: All Files
Once saved, Go to your desktop double click “fix.reg file” and let it merge with the registry.

Code:

REGEDIT4

[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{238ba2b4-6ffa-11dd-b013-001de04690df}] 

Reboot your computer and let me know if it still has a long start up time.

Post a new RSIT log.

Thanks

 

Hey

Tried it, still no change.

Here's the RSIT log :

Logfile of random's system information tool 1.04 (written by random/random)
Run by Michael at 2008-10-23 22:42:15
Microsoft Windows XP Professional Service Pack 3
System drive C: has 86 GB (57%) free of 153 GB
Total RAM: 3574 MB (80% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42:24, on 23/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16735)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\QuickSet\Quickset.exe
C:\Program Files\DellTPad\Apoint.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Microsoft Office\OFFICE11\OUTLOOK.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\DAEMON Tools Lite\daemon.exe
C:\Program Files\Windows Desktop Search\WindowsSearch.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Documents and Settings\Michael\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Michael.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\Quickset.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] %ProgramFiles%\SigmaTel\C-Major Audio\WDM\stsystra.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe "
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun
O4 - Global Startup: Windows Search.lnk = C:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: NICCONFIGSVC - Dell Inc. - C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe
O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe
O23 - Service: Intel(R) PROSet/Wireless SSO Service (WLANKEEPER) - Intel(R) Corporation - C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe

--
End of file - 8319 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Programme d'aide de l'Assistant de connexion Windows Live - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-11 321120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IntelWireless "=C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe [2007-02-21 970752]
"IgfxTray "=C:\WINDOWS\system32\igfxtray.exe [2007-05-16 138008]
"HotKeysCmds "=C:\WINDOWS\system32\hkcmd.exe [2007-05-16 162584]
"Dell QuickSet "=C:\Program Files\Dell\QuickSet\Quickset.exe [2008-02-22 1245184]
"Apoint "=C:\Program Files\DellTPad\Apoint.exe [2007-07-02 159744]
"SigmatelSysTrayApp "=C:\Program Files\SigmaTel\C-Major Audio\WDM\stsystra.exe [2007-05-10 405504]
"avgnt "=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"IntelZeroConfig "=C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe [2007-02-21 819200]
"QuickTime Task "=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe "=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"DAEMON Tools Lite "=C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Acrobat Assistant 8.0]
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-01-12 623992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-12 39792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeUpdater]
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe [2007-03-01 2321600]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Documents and Settings\All Users\Application Data\Macrovision\FLEXnet Connect\6\ISUSPM.exe [2007-03-29 222128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2004-07-27 221184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [2004-07-27 81920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Persistence]
C:\WINDOWS\system32\igfxpers.exe [2007-05-16 138008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoxioDragToDisc]
C:\Program Files\Roxio\Drag-to-Disc\DrgToDsc.exe [2006-08-17 1116920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VMware hqtray]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk]
C:\PROGRA~1\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE [1999-11-04 113664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Bluetooth Manager.lnk]
C:\PROGRA~1\Toshiba\BLUETO~1\TosBtMng.exe [2007-01-12 2150400]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"VMware NAT Service "=2
"vmount2 "=2
"VMnetDHCP "=2
"VMAuthdService "=2
"SQLAgent$PINNACLESYS "=3
"SCardSvr "=2
"PnkBstrA "=2
"PinnacleSys.MediaServer "=3
"FLEXnet Licensing Service "=3

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Windows Search.lnk - C:\Program Files\Windows Desktop Search\WindowsSearch.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxdev.dll [2007-05-16 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5} "=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wd.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NBF]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nbf.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\ProtectedStorage]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sacsvr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sglfb.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tga.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vds]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername "=0
"legalnoticecaption "=
"legalnoticetext "=
"shutdownwithoutlogon "=1
"undockwithoutlogon "=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=145
"NoDrives "=0
"NoDriveAutoRun "=FFFFFFFF

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun "=
"NoDriveAutoRun "=
"NoDrives "=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\McAfee\Common Framework\FrameworkService.exe "= "C:\Program Files\McAfee\Common Framework\FrameworkService.exe:*:Enabled:McAfee Framework Service "
"C:\Program Files\mIRC\mirc.exe "= "C:\Program Files\mIRC\mirc.exe:*:Enabled:mIRC "
"C:\Program Files\eMule\emule.exe "= "C:\Program Files\eMule\emule.exe:*:Enabled:eMule "
"C:\Program Files\GameSpy Arcade\Aphex.exe "= "C:\Program Files\GameSpy Arcade\Aphex.exe:*:Enabled:GameSpy Arcade "
"C:\Program Files\Azureus\Azureus.exe "= "C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus "
"C:\Program Files\Pinnacle\MediaCenter\PMC.exe "= "C:\Program Files\Pinnacle\MediaCenter\PMC.exe:LocalSubNet:Enabledmc.exe "
"C:\Program Files\Pinnacle\MediaCenter\PSST.exe "= "C:\Program Files\Pinnacle\MediaCenter\PSST.exe:LocalSubNet:EnabledSST.exe "
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe "= "C:\Program Files\Pinnacle\Shared Files\Programs\MediaManager\PMSManager.exe:LocalSubNet:EnabledMSManager.exe "
"C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe "= "C:\Program Files\Pinnacle\MediaCenter\PMSInstallInit.exe:LocalSubNet:EnabledMSInstallInit.exe "
"C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe "= "C:\Program Files\Pinnacle\MediaCenter\PMC.Tvtv.Wizard.exe:LocalSubNet:EnabledMC.Tvtv.Wizard.exe "
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe "= "C:\Program Files\Pinnacle\Shared Files\Programs\MediaServer\PMSInstallInit.exe:LocalSubNet:EnabledMSInstallInit.exe "
"C:\Program Files\Mozilla Firefox\firefox.exe "= "C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox "
"C:\Program Files\Internet Explorer\IEXPLORE.EXE "= "C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
"C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe "= "C:\Program Files\Pinnacle\Shared Files\Programs\MediaCenterService\PMC.Service.Main.exe:LocalSubNetisabledMCService "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "
"C:\Program Files\Skype\Phone\Skype.exe "= "C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype "

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe "= "%windir%\system32\sessmgr.exe:*:enabledxpsp2res.dll,-22019 "
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe "= "C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger "
"C:\Program Files\Windows Live\Messenger\livecall.exe "= "C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone) "
"%windir%\Network Diagnostic\xpnetdiag.exe "= "%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabledxpsp3res.dll,-20000 "

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0424ee14-6c6b-11dd-b010-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0424ee15-6c6b-11dd-b010-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0424ee16-6c6b-11dd-b010-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5ef95a-608e-11dd-b00d-001de04690df}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{0c5ef95b-608e-11dd-b00d-001de04690df}]
shell\AutoRun\command - D:\StartVMCLite.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{7952f81b-150f-11dd-afe4-005056c00008}]
shell\Auto\command - D:\bittorrent.exe e
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL bittorrent.exe e

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{82e05a22-6090-11dd-b00e-005056c00008}]
shell\AutoRun\command - D:\StartVMCLite.exe


======List of files/folders created in the last 3 months======

2008-10-23 21:43:55 ----A---- C:\WINDOWS\iplayer.INI
2008-10-23 21:41:52 ----D---- C:\Program Files\DAEMON Tools Lite
2008-10-23 21:35:36 ----D---- C:\Documents and Settings\Michael\Application Data\DAEMON Tools
2008-10-23 17:14:10 ----RASHD---- C:\autorun.inf
2008-10-23 12:44:50 ----D---- C:\Documents and Settings\Michael\Application Data\Vso
2008-10-23 12:38:21 ----D---- C:\Program Files\DVDFab 5
2008-10-23 00:52:35 ----D---- C:\Program Files\Ascii Artist
2008-10-22 21:20:24 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-10-22 21:13:40 ----D---- C:\rsit
2008-10-22 21:08:42 ----D---- C:\Program Files\CCleaner
2008-10-21 12:33:46 ----D---- C:\Program Files\DiagramStudio 5.4
2008-10-16 10:17:31 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-10-16 10:17:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-16 10:17:23 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-10-16 10:16:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-10-16 10:16:02 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-10-15 19:00:19 ----D---- C:\Documents and Settings\Michael\Application Data\dvdcss
2008-10-15 17:15:57 ----D---- C:\Program Files\InterActual
2008-10-01 17:40:06 ----D---- C:\Program Files\Common Files\Apple
2008-10-01 17:40:02 ----D---- C:\Program Files\QuickTime
2008-10-01 17:40:01 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-26 11:00:29 ----D---- C:\Program Files\Microsoft Office Outlook Connector
2008-09-16 19:36:49 ----D---- C:\Program Files\Trend Micro
2008-09-16 17:34:01 ----D---- C:\Program Files\RegCleaner
2008-09-16 17:12:42 ----D---- C:\Documents and Settings\Michael\Application Data\Windows Search
2008-09-11 11:05:02 ----HD---- C:\WINDOWS\PIF
2008-09-11 02:38:48 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-09-11 02:38:45 ----D---- C:\Documents and Settings\Michael\Application Data\Windows Desktop Search
2008-09-11 02:38:20 ----D---- C:\Program Files\Windows Desktop Search
2008-09-11 02:38:10 ----HDC---- C:\WINDOWS\$NtUninstallKB940157$
2008-09-11 02:38:06 ----HDC---- C:\WINDOWS\$NtUninstallKB915800-v4$
2008-09-11 02:37:44 ----D---- C:\WINDOWS\ie7updates
2008-09-11 02:36:19 ----D---- C:\WINDOWS\WBEM
2008-09-11 02:36:02 ----HDC---- C:\WINDOWS\ie7
2008-09-11 02:35:54 ----HDC---- C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2008-09-11 02:35:35 ----HDC---- C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2008-09-11 00:31:14 ----D---- C:\WINDOWS\Prefetch
2008-09-11 00:29:17 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-09-11 00:29:12 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-09-11 00:29:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-09-11 00:29:01 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-09-11 00:28:56 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-09-11 00:28:50 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-09-11 00:28:45 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-09-11 00:28:40 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-09-11 00:28:36 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-09-11 00:26:16 ----D---- C:\WINDOWS\system32\scripting
2008-09-11 00:26:15 ----D---- C:\WINDOWS\l2schemas
2008-09-11 00:26:14 ----D---- C:\WINDOWS\system32\en
2008-09-11 00:26:14 ----D---- C:\WINDOWS\system32\bits
2008-09-11 00:24:16 ----D---- C:\WINDOWS\ServicePackFiles
2008-09-11 00:22:40 ----D---- C:\WINDOWS\network diagnostic
2008-09-11 00:21:07 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-09-10 23:53:55 ----D---- C:\Program Files\Avira
2008-09-10 23:53:55 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-09-10 23:51:48 ----D---- C:\Program Files\MSBuild
2008-09-10 23:51:45 ----D---- C:\WINDOWS\system32\XPSViewer
2008-09-10 23:51:41 ----D---- C:\WINDOWS\system32\en-us
2008-09-10 23:51:41 ----D---- C:\Program Files\Reference Assemblies
2008-09-10 23:51:21 ----N---- C:\WINDOWS\system32\spmsg2.dll
2008-09-10 23:12:15 ----HDC---- C:\WINDOWS\$NtUninstallWIC$
2008-09-10 23:10:18 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-09-10 23:10:17 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-09-10 23:10:15 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-09-10 23:10:15 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-09-10 23:10:13 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-09-10 23:10:13 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slserv.exe
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slgen.dll
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-09-10 23:10:12 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-09-10 23:10:12 ----N---- C:\WINDOWS\slrundll.exe
2008-09-10 23:10:11 ----N---- C:\WINDOWS\system32\setupn.exe
2008-09-10 23:10:11 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-09-10 23:10:11 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qutil.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-09-10 23:10:10 ----N---- C:\WINDOWS\system32\qagent.dll
2008-09-10 23:10:09 ----N---- C:\WINDOWS\system32\onex.dll
2008-09-10 23:10:08 ----N---- C:\WINDOWS\system32\nv4_disp.dll
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\napstat.exe
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-09-10 23:10:07 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-09-10 23:10:07 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-09-10 23:10:06 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-09-10 23:10:06 ----N---- C:\WINDOWS\system32\mssha.dll
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-09-10 23:10:01 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-09-10 23:09:57 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-09-10 23:09:54 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-09-10 23:09:54 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-09-10 23:09:52 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-09-10 23:09:51 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-09-10 23:09:49 ----A---- C:\WINDOWS\003374_.tmp
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-09-10 23:09:48 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-09-10 23:09:46 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-09-10 23:09:45 ----N---- C:\WINDOWS\system32\credssp.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\azroles.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-09-10 23:09:42 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-09-10 23:09:41 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-09-10 23:09:40 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-09-10 22:24:11 ----D---- C:\Program Files\Free Window Registry Repair
2008-09-10 22:16:46 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-09-10 21:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-09-07 13:18:05 ----D---- C:\WINDOWS\PCTV
2008-09-07 12:56:54 ----A---- C:\checkrun.txt
2008-09-05 23:30:42 ----N---- C:\WINDOWS\system32\WgaLogon.dll
2008-09-05 23:29:58 ----N---- C:\WINDOWS\system32\WgaTray.exe
2008-09-05 14:41:51 ----A---- C:\WINDOWS\hpbafd.ini
2008-09-04 19:33:12 ----D---- C:\Program Files\Broadcom
2008-09-01 14:04:43 ----A---- C:\WINDOWS\system32\javaws.exe
2008-09-01 14:04:43 ----A---- C:\WINDOWS\system32\javaw.exe
2008-09-01 14:04:43 ----A---- C:\WINDOWS\system32\java.exe
2008-08-25 16:22:30 ----D---- C:\Program Files\MSECache
2008-08-17 22:59:16 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #3.txt
2008-08-17 22:44:48 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt
2008-08-17 21:55:08 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-08-17 21:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-08-17 21:54:43 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-17 21:54:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-08-17 21:51:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-17 21:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-08-17 21:50:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-08-17 21:50:04 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-17 21:50:00 ----HDC---- C:\WINDOWS\$NtUninstallKB953838_0$
2008-08-07 14:27:24 ----D---- C:\WINDOWS\Downloaded Installations
2008-08-04 00:56:15 ----D---- C:\Documents and Settings\Michael\Application Data\Macrovision
2008-08-03 16:25:17 ----D---- C:\Program Files\Trillian
2008-08-03 15:20:45 ----D---- C:\WINDOWS\$SQLUninstallSQL2000-KB948110-v8.00.2050-x86-ENU$
2008-08-02 20:45:33 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt
2008-08-02 20:41:51 ----D---- C:\Program Files\Vodafone
2008-08-02 20:41:51 ----D---- C:\Documents and Settings\All Users\Application Data\Macrovision
2008-08-02 08:47:14 ----A---- C:\WINDOWS\system32\muweb.dll
2008-08-02 08:47:14 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-08-02 08:47:14 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-07-31 18:42:42 ----D---- C:\Documents and Settings\Michael\Application Data\skypePM
2008-07-31 18:39:36 ----D---- C:\Documents and Settings\Michael\Application Data\Skype
2008-07-31 18:38:36 ----D---- C:\Program Files\Skype
2008-07-31 18:38:35 ----D---- C:\Program Files\Common Files\Skype
2008-07-31 18:38:24 ----D---- C:\Documents and Settings\All Users\Application Data\Skype
2008-07-31 18:38:21 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-07-31 18:37:47 ----D---- C:\Program Files\Windows Live
2008-07-31 18:37:37 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-07-29 17:50:03 ----A---- C:\WINDOWS\system32\ptpusb.dll
2008-07-29 17:50:02 ----A---- C:\WINDOWS\system32\ptpusd.dll
2008-07-28 04:44:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2008-07-24 00:48:40 ----A---- C:\WINDOWS\system32\ssldivx.dll
2008-07-24 00:48:40 ----A---- C:\WINDOWS\system32\libdivx.dll

======List of files/folders modified in the last 3 months======

2008-10-23 22:39:23 ----D---- C:\Program Files\Mozilla Firefox
2008-10-23 22:38:57 ----D---- C:\WINDOWS\TEMP
2008-10-23 22:37:26 ----D---- C:\WINDOWS
2008-10-23 22:34:32 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-10-23 21:41:52 ----RD---- C:\Program Files
2008-10-23 21:41:38 ----HD---- C:\WINDOWS\inf
2008-10-23 21:39:10 ----D---- C:\WINDOWS\system32\CatRoot2
2008-10-23 21:35:40 ----HD---- C:\WINDOWS\system32\drivers
2008-10-23 12:38:51 ----D---- C:\Program Files\Hitman Pro
2008-10-23 12:25:29 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-10-23 11:19:21 ----D---- C:\Temp
2008-10-23 11:15:28 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-10-22 21:09:10 ----D---- C:\WINDOWS\Debug
2008-10-22 21:09:09 ----D---- C:\WINDOWS\Minidump
2008-10-22 21:01:11 ----D---- C:\WINDOWS\system32
2008-10-16 11:52:19 ----D---- C:\WINDOWS\system32\wbem
2008-10-16 11:52:18 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-10-16 10:17:32 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-10-16 10:17:30 ----HD---- C:\WINDOWS\$hf_mig$
2008-10-16 10:17:13 ----D---- C:\Program Files\Internet Explorer
2008-10-16 10:16:53 ----SHD---- C:\WINDOWS\Installer
2008-10-16 10:16:53 ----D---- C:\Config.Msi
2008-10-16 10:16:44 ----A---- C:\WINDOWS\win.ini
2008-10-08 03:19:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-10-04 01:41:15 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-03 18:02:51 ----SD---- C:\WINDOWS\Tasks
2008-10-01 17:40:06 ----D---- C:\Program Files\Common Files
2008-09-26 14:25:21 ----D---- C:\Program Files\Microsoft Office
2008-09-26 11:00:29 ----D---- C:\Program Files\Common Files\System
2008-09-18 20:30:23 ----D---- C:\WINDOWS\Help
2008-09-16 19:38:59 ----SH---- C:\boot.ini
2008-09-16 19:38:59 ----A---- C:\WINDOWS\system.ini
2008-09-16 19:38:23 ----D---- C:\Documents and Settings
2008-09-16 17:47:44 ----D---- C:\Program Files\SuperCopier2
2008-09-16 17:45:18 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-16 17:45:12 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-09-16 17:43:46 ----D---- C:\Program Files\Common Files\InstallShield
2008-09-16 17:42:19 ----D---- C:\Program Files\eMule
2008-09-16 17:22:34 ----D---- C:\Program Files\Adobe
2008-09-16 17:03:39 ----D---- C:\Program Files\McAfee
2008-09-11 02:38:28 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-09-11 02:38:20 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-09-11 02:36:21 ----D---- C:\WINDOWS\system32\config
2008-09-11 00:46:40 ----RSD---- C:\WINDOWS\assembly
2008-09-11 00:46:40 ----D---- C:\WINDOWS\Microsoft.NET
2008-09-11 00:30:36 ----D---- C:\WINDOWS\system32\Setup
2008-09-11 00:30:36 ----D---- C:\WINDOWS\AppPatch
2008-09-11 00:30:35 ----RSD---- C:\WINDOWS\Fonts
2008-09-11 00:29:20 ----D---- C:\WINDOWS\system32\CatRoot
2008-09-11 00:28:41 ----D---- C:\Program Files\Messenger
2008-09-11 00:28:29 ----D---- C:\WINDOWS\security
2008-09-11 00:26:40 ----D---- C:\WINDOWS\WinSxS
2008-09-11 00:26:36 ----D---- C:\Program Files\Windows Media Player
2008-09-11 00:26:24 ----D---- C:\WINDOWS\system32\inetsrv
2008-09-11 00:26:24 ----D---- C:\WINDOWS\ime
2008-09-11 00:26:16 ----D---- C:\WINDOWS\system32\usmt
2008-09-11 00:26:14 ----D---- C:\WINDOWS\PeerNet
2008-09-11 00:26:14 ----D---- C:\Program Files\Movie Maker
2008-09-11 00:24:05 ----D---- C:\WINDOWS\system32\Restore
2008-09-11 00:24:05 ----D---- C:\WINDOWS\system32\npp
2008-09-11 00:24:05 ----D---- C:\WINDOWS\mui
2008-09-11 00:24:04 ----D---- C:\WINDOWS\msagent
2008-09-11 00:24:02 ----D---- C:\WINDOWS\srchasst
2008-09-11 00:24:02 ----D---- C:\Program Files\NetMeeting
2008-09-11 00:24:00 ----D---- C:\WINDOWS\system32\Com
2008-09-11 00:23:58 ----D---- C:\Program Files\Windows NT
2008-09-11 00:23:58 ----D---- C:\Program Files\Outlook Express
2008-09-11 00:23:44 ----D---- C:\WINDOWS\system32\oobe
2008-09-11 00:23:42 ----D---- C:\WINDOWS\system
2008-09-11 00:22:05 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-09-11 00:21:06 ----D---- C:\WINDOWS\ehome
2008-09-10 23:51:26 ----D---- C:\WINDOWS\system32\spool
2008-09-10 23:14:49 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-09-10 23:14:47 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-09-10 23:14:23 ----D---- C:\WINDOWS\SHELLNEW
2008-09-10 23:14:11 ----D---- C:\WINDOWS\Registration
2008-09-10 22:56:22 ----D---- C:\Documents and Settings\All Users\Application Data\VMware
2008-09-10 21:01:32 ----D---- C:\Program Files\QT Lite
2008-09-05 23:30:06 ----A---- C:\WINDOWS\system32\LegitCheckControl.dll
2008-09-01 14:04:42 ----D---- C:\Program Files\Java
2008-08-30 02:25:02 ----SD---- C:\Documents and Settings\Michael\Application Data\Microsoft
2008-08-29 00:58:56 ----D---- C:\WINDOWS\pss
2008-08-27 16:24:32 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-08-26 15:24:31 ----A---- C:\WINDOWS\system32\wininet.dll
2008-08-26 15:24:31 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-08-26 15:24:31 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\pngfilt.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\occache.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\mstime.dll
2008-08-26 15:24:30 ----N---- C:\WINDOWS\system32\msrating.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\url.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-08-26 15:24:30 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-08-26 15:24:29 ----N---- C:\WINDOWS\system32\iernonce.dll
2008-08-26 15:24:29 ----N---- C:\WINDOWS\system32\iedkcs32.dll
2008-08-26 15:24:29 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-08-26 15:24:28 ----N---- C:\WINDOWS\system32\ieaksie.dll
2008-08-26 15:24:28 ----N---- C:\WINDOWS\system32\ieakeng.dll
2008-08-26 15:24:28 ----N---- C:\WINDOWS\system32\extmgr.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\icardie.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-08-26 15:24:28 ----A---- C:\WINDOWS\system32\advpack.dll
2008-08-25 16:38:00 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-08-25 16:37:59 ----N---- C:\WINDOWS\system32\ie4uinit.exe
2008-08-23 13:54:51 ----N---- C:\WINDOWS\system32\ieakui.dll
2008-08-19 13:17:00 ----D---- C:\Documents and Settings\Michael\Application Data\mIRC
2008-08-19 13:06:40 ----D---- C:\Program Files\mIRC
2008-08-18 10:09:58 ----D---- C:\Program Files\DivX
2008-08-14 18:09:26 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2008-08-14 17:33:16 ----A---- C:\WINDOWS\system32\ntkrnlpa.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 APPDRV;APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [2005-08-12 16128]
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 DLACDBHM;DLACDBHM; C:\WINDOWS\System32\Drivers\DLACDBHM.SYS [2006-08-11 12920]
R1 DLARTL_M;DLARTL_M; C:\WINDOWS\System32\Drivers\DLARTL_M.SYS [2006-08-11 28184]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R1 Tosrfcom;Bluetooth RFCOMM; C:\WINDOWS\System32\Drivers\tosrfcom.sys [2005-08-01 64896]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2004-08-04 12032]
R2 AWISp50;AWISp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\AWISp50.sys [2006-03-15 17664]
R2 DefragFS;DefragFS; C:\WINDOWS\system32\drivers\DefragFS.sys [2008-04-10 71184]
R2 DLABMFSM;DLABMFSM; C:\WINDOWS\System32\DLA\DLABMFSM.SYS [2006-08-18 35096]
R2 DLABOIOM;DLABOIOM; C:\WINDOWS\System32\DLA\DLABOIOM.SYS [2006-08-18 32472]
R2 DLADResM;DLADResM; C:\WINDOWS\System32\DLA\DLADResM.SYS [2006-08-18 9400]
R2 DLAIFS_M;DLAIFS_M; C:\WINDOWS\System32\DLA\DLAIFS_M.SYS [2006-08-18 104472]
R2 DLAOPIOM;DLAOPIOM; C:\WINDOWS\System32\DLA\DLAOPIOM.SYS [2006-08-18 26008]
R2 DLAPoolM;DLAPoolM; C:\WINDOWS\System32\DLA\DLAPoolM.SYS [2006-08-18 14520]
R2 DLAUDF_M;DLAUDF_M; C:\WINDOWS\System32\DLA\DLAUDF_M.SYS [2006-08-18 97848]
R2 DLAUDFAM;DLAUDFAM; C:\WINDOWS\System32\DLA\DLAUDFAM.SYS [2006-08-18 94648]
R2 DRVNDDM;DRVNDDM; C:\WINDOWS\System32\Drivers\DRVNDDM.SYS [2006-08-11 51768]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2006-06-20 12672]
R2 s24trans;WLAN Transport; C:\WINDOWS\system32\DRIVERS\s24trans.sys [2007-02-21 12416]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\WINDOWS\system32\DRIVERS\Apfiltr.sys [2007-06-26 155136]
R3 ASAPIW2k;ASAPIW2K; C:\WINDOWS\system32\drivers\ASAPIW2k.sys [2005-05-26 11264]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-02-16 160256]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-14 13952]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\igxpmp32.sys [2007-05-17 5707744]
R3 NETw4x32;Intel(R) Wireless WiFi Link Adapter Driver for Windows XP 32 Bit; C:\WINDOWS\system32\DRIVERS\NETw4x32.sys [2007-02-25 2203520]
R3 STHDA;SigmaTel High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2007-02-19 1228296]
R3 tosporte;Bluetooth COM Port; C:\WINDOWS\system32\DRIVERS\tosporte.sys [2006-10-11 41600]
R3 USBCCID;USB Smart Card reader; C:\WINDOWS\system32\DRIVERS\usbccid.sys [2006-06-14 29184]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
S1 mferkdk;VSCore mferkdk; \??\C:\Program Files\McAfee\VirusScan Enterprise\mferkdk.sys []
S3 aqeip3tb;aqeip3tb; C:\WINDOWS\system32\drivers\aqeip3tb.sys []
S3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-14 17024]
S3 CSRBC;CSRBC.Sys CSR test driver; C:\WINDOWS\System32\Drivers\csrbcxp.sys [2007-01-16 31744]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-06-12 85969]
S3 guardian2;guardian2; C:\WINDOWS\System32\Drivers\oz776.sys []
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
S3 HSF_DPV;HSF_DPV; C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys [2006-11-03 989696]
S3 HSFHWAZL;HSFHWAZL; C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys [2006-11-03 209152]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-09-12 101120]
S3 mod7700;DiBcom DIB7700 based TV tuner device; C:\WINDOWS\System32\Drivers\mod7700.sys [2007-02-12 459264]
S3 MODRC;DiBcom Infrared Receiver; C:\WINDOWS\system32\DRIVERS\modrc.sys [2006-05-09 13056]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 MPE;BDA MPE Filter; C:\WINDOWS\system32\DRIVERS\MPE.sys [2008-04-14 15232]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-14 10880]
S3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
S3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys []
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-14 11136]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-14 15232]
S3 tosrfbd;Bluetooth RFBUS; C:\WINDOWS\system32\DRIVERS\tosrfbd.sys [2007-04-23 113920]
S3 tosrfbnp;Bluetooth RFBNEP; C:\WINDOWS\System32\Drivers\tosrfbnp.sys [2006-11-21 36480]
S3 Tosrfhid;Bluetooth RFHID; C:\WINDOWS\system32\DRIVERS\Tosrfhid.sys [2006-10-05 73600]
S3 tosrfnds;Bluetooth Personal Area Network; C:\WINDOWS\system32\DRIVERS\tosrfnds.sys [2005-01-06 18612]
S3 Tosrfusb;Bluetooth USB Controller; C:\WINDOWS\system32\DRIVERS\tosrfusb.sys [2007-04-11 41856]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-14 25856]
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 VMnetAdapter;VMware Virtual Ethernet Adapter Driver; C:\WINDOWS\system32\DRIVERS\vmnetadapter.sys []
S3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2006-11-03 730112]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-14 19200]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-07 149761]
R2 EvtEng;Intel(R) PROSet/Wireless Event Log; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [2007-02-21 643072]
R2 NICCONFIGSVC;NICCONFIGSVC; C:\Program Files\Dell\QuickSet\NICCONFIGSVC.exe [2008-02-22 475136]
R2 RegSrvc;Intel(R) PROSet/Wireless Registry Service; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [2007-02-21 327680]
R2 S24EventMonitor;Intel(R) PROSet/Wireless Service; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [2007-02-21 983040]
R2 STacSV;SigmaTel Audio Service; C:\Program Files\SigmaTel\C-Major Audio\WDM\StacSV.exe [2007-05-10 94208]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
R2 WLANKEEPER;Intel(R) PROSet/Wireless SSO Service; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [2007-02-21 294912]
R3 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2008-03-31 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PD91Agent;PD91Agent; C:\Program Files\Raxco\PerfectDisk2008\PD91Agent.exe [2008-04-16 689416]
S3 usnjsvc;Service Messenger Sharing Folders USN Journal Reader; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 McAfeeFramework;McAfee Framework Service; C:\Program Files\McAfee\Common Framework\FrameworkService.exe [2006-12-19 104000]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 PD91Engine;PD91Engine; C:\Program Files\Raxco\PerfectDisk2008\PD91Engine.exe [2008-04-16 894216]
S4 PinnacleSys.MediaServer;Pinnacle Systems Media Service; c:\program files\pinnacle\shared files\programs\mediaserver\pmshost.exe [2006-01-19 49152]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-05-21 66872]

-----------------EOF-----------------

 

Hi

I thought as much.

Ok lets try a few different things.

I want you to disable some things at Startup. One at a time and reboot your system to see if it helps.
To do this click on Start > Run type in msconfig
Click on the startup tab find these and uncheck the box for them.

Remember, do these one at a time.

The first one is this.

WindowsSearch

Now reboot and see if that helps, if it does not help recheck the box.

Now try this one.
This is your Anti Virus and you need it running while surfing the net. So do not forget to recheck the box after you see it it helps your startup time.
This is only to check to see if it is causing the slow startup.

avgnt

Let me know.
Geri