Deckard's System Scanner v20071014.68
Run by Owner on 2008-06-24 06:01:56
Computer is in Normal Mode.
--------------------------------------------------------------------------------

-- System Restore --------------------------------------------------------------

Successfully created a Deckard's System Scanner Restore Point.


-- Last 5 Restore Point(s) --
48: 2008-06-24 11:02:58 UTC - RP148 - Deckard's System Scanner Restore Point
47: 2008-06-23 07:57:41 UTC - RP147 - Installed QuickTime
46: 2008-06-23 02:22:23 UTC - RP146 - Installed Sansa Connect Device Recovery
45: 2008-06-23 02:04:09 UTC - RP145 - Installed Sansa Updater
44: 2008-06-23 01:47:26 UTC - RP144 - Installed Sansa Connect Device Recovery


-- First Restore Point --
1: 2008-05-22 11:19:11 UTC - RP101 - System Checkpoint


Backed up registry hives.
Performed disk cleanup.



-- HijackThis Clone ------------------------------------------------------------


Emulating logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2008-06-24 06:05:37
Platform: Windows XP Service Pack 3 (5.01.2600)
MSIE: Internet Explorer (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\system32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.exe
C:\WINDOWS\hcwemMON.exe
E:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE
E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
E:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
E:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32.exe
E:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
E:\Program Files\Charter High-Speed Security Suite\Common\FSMB32.EXE
E:\Program Files\Charter High-Speed Security Suite\Common\FCH32.EXE
E:\Program Files\Charter High-Speed Security Suite\Common\FAMEH32.EXE
E:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsqh.exe
E:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsaua.exe
E:\Program Files\Charter High-Speed Security Suite\FWES\program\fsdfwd.exe
E:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fssm32.exe
E:\Program Files\Charter High-Speed Security Suite\FSGUI\fsguidll.exe
E:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsus.exe
E:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav32.exe
C:\WINDOWS\system32\svchost.exe
E:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
E:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsav.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\Owner\Desktop\dss.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.gateway.com/g/sidepanel.html?Ch...DTP&M=W3502
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - E:\Program Files\AVG\avgssie.dll (file missing)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.1.1119.1736\swg.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\WINDOWS\system32\bae.dll
O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll
O3 - Toolbar: Veoh Browser Plug-in - {D0943516-5076-4020-A3B5-AEFAF26AB263} - E:\Program Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Recguard] %WINDIR%\SMINST\RECGUARD.EXE
O4 - HKLM\..\Run: [hcwemMON] hcwemMON.exe
O4 - HKLM\..\Run: [F-Secure Manager] "E:\Program Files\Charter High-Speed Security Suite\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "E:\Program Files\Charter High-Speed Security Suite\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [SansaDispatch] E:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [Yahoo! Pager] "E:\Program Files\Yahoo\Messenger\YahooMessenger.exe" -quiet
O4 - HKCU\..\Run: [SpybotSD TeaTimer] E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Veoh] "E:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKUS\S-1-5-18\..\Run: [Power2GoExpress] NA (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Power2GoExpress] NA (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - (file missing)
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\network diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: cscdll - C:\WINDOWS\system32\cscdll.dll
O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\system32\shell32.dll
O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\system32\shell32.dll
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\system32\webcheck.dll
O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\system32\stobject.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - E:\Program Files\Charter High-Speed Security Suite\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Automatic Update Agent (FSAUA) - F-Secure Corporation - E:\Program Files\Charter High-Speed Security Suite\FSAUA\program\fsaua.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - E:\Program Files\Charter High-Speed Security Suite\FWES\program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - E:\Program Files\Charter High-Speed Security Suite\Common\FSMA32.EXE
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Unknown owner - E:\Program Files\Nero 7\Nero
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: PrismXL - New Boundary Technologies, Inc. - C:\Program Files\Common Files\New Boundary\PrismXL\PRISMXL.SYS


--
End of file - 8108 bytes

-- File Associations -----------------------------------------------------------

.cpl - cplfile - shell\cplopen\command - rundll32.exe shell32.dll,Control_RunDLL "%1",%*
.cpl - cplfile - shell\runas\command - rundll32.exe shell32.dll,Control_RunDLLAsUser "%1",%*


-- Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled ---------------------

R1 PQNTDrv - c:\windows\system32\drivers\pqntdrv.sys <Not Verified; PowerQuest Corporation; PowerQuest product>
R3 pcouffin (VSO Software pcouffin) - c:\windows\system32\drivers\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>

S3 Bcfilter (Jetico Personal Firewall Network Monitor) - c:\windows\system32\drivers\bcfilter.sys (file missing)
S3 BcfilterMP - c:\windows\system32\drivers\bcfilter.sys (file missing)


-- Services: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------

S4 NBService - e:\program files\nero 7\nero backitup\nbservice.exe


-- Device Manager: Disabled ----------------------------------------------------

No disabled devices found.


-- Scheduled Tasks -------------------------------------------------------------

2008-06-24 05:00:04 526 --a------ C:\WINDOWS\Tasks\Scheduled scanning task.job
2008-06-23 02:56:45 284 --a------ C:\WINDOWS\Tasks\AppleSoftwareUpdate.job


-- Files created between 2008-05-24 and 2008-06-24 -----------------------------

2008-06-23 04:21:20 0 d-------- C:\Documents and Settings\Owner\Application Data\AVS4YOU
2008-06-23 04:20:41 0 d-------- C:\Documents and Settings\All Users\Application Data\AVS4YOU
2008-06-23 04:20:02 0 d-------- C:\Program Files\AVS4YOU
2008-06-23 02:56:30 0 d-------- C:\Program Files\Apple Software Update
2008-06-23 02:56:25 0 d-------- C:\Documents and Settings\All Users\Application Data\Apple
2008-06-22 20:49:14 0 d-------- C:\WINDOWS\LastGood
2008-06-22 20:46:37 0 d-------- C:\Documents and Settings\Owner\Application Data\InstallShield
2008-06-22 20:39:35 0 d-------- C:\Documents and Settings\Owner\Application Data\ArcSoft
2008-06-22 20:38:47 0 d-------- C:\Program Files\Common Files\ArcSoft
2008-06-14 20:14:17 0 d-------- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-06-08 00:47:25 0 d-------- C:\Program Files\VisualTaskTips
2008-06-08 00:47:15 0 d-------- C:\Program Files\glass2k
2008-06-04 23:38:25 0 d-------- C:\Documents and Settings\Owner\Application Data\F-Secure
2008-06-04 22:36:46 0 d-------- C:\Program Files\Common Files\Agnitum Shared
2008-06-04 22:32:15 0 d-------- C:\WINDOWS\ServicePackFiles
2008-06-04 22:28:10 0 d-------- C:\WINDOWS\SxsCaPendDel
2008-06-04 22:21:33 0 d-------- C:\WINDOWS\Prefetch
2008-06-04 21:22:49 524288 --ah----- C:\Documents and Settings\Administrator.YOUR-90D83DC605\ntuser.dat
2008-06-04 21:22:21 0 d-------- C:\Documents and Settings\Administrator.YOUR-90D83DC605\Templates
2008-06-04 21:22:21 0 d-------- C:\Documents and Settings\Administrator.YOUR-90D83DC605\Local Settings
2008-06-04 21:22:21 0 d-------- C:\Documents and Settings\Administrator.YOUR-90D83DC605\Favorites
2008-06-04 21:22:21 0 d-------- C:\Documents and Settings\Administrator.YOUR-90D83DC605\Cookies
2008-06-04 21:22:21 0 d-------- C:\Documents and Settings\Administrator.YOUR-90D83DC605\Application Data
2008-06-04 21:22:21 0 d-------- C:\Documents and Settings\Administrator.YOUR-90D83DC605\Application Data\Microsoft
2008-06-03 04:27:25 0 d-------- C:\Program Files\VistaDriveIcon
2008-06-03 04:27:14 0 d-------- C:\Program Files\Thoosje Sidebar V2.3
2008-06-03 04:27:11 0 d-------- C:\Program Files\Blaero Start Orb
2008-06-03 04:17:22 4980736 --a------ C:\Documents and Settings\Owner\ntuser.dat
2008-06-03 04:17:20 0 d-------- C:\WINDOWS\VistaMizer
2008-06-03 03:50:36 0 d-------- C:\WINDOWS\system32\VIRepair
2008-06-03 03:16:02 0 d-------- C:\Documents and Settings\Owner\Application Data\ViStart
2008-06-03 03:12:16 0 d-------- C:\Documents and Settings\Owner\Application Data\Styler
2008-06-03 03:12:05 0 d-------- C:\Program Files\TrueTransparency
2008-06-03 03:12:04 0 d-------- C:\Program Files\WinFlip
2008-06-03 03:12:02 0 d-------- C:\Program Files\Styler
2008-06-03 03:07:27 0 d-------- C:\WINDOWS\system32\VITrans
2008-06-03 03:07:26 111104 --a------ C:\WINDOWS\system32\Uharc.exe
2008-06-03 03:07:26 19968 --a------ C:\WINDOWS\system32\reico.exe <Not Verified; Dead Knight; >
2008-06-03 03:07:26 94208 --a------ C:\WINDOWS\system32\pskill.exe <Not Verified; Sysinternals - www.sysinternals.com; Systems Internals pkill>
2008-06-03 03:07:26 8636 --a------ C:\WINDOWS\system32\modifype.exe
2008-06-03 03:07:26 0 d-------- C:\VTPFiles
2008-05-27 04:23:43 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Macromedia
2008-05-27 04:23:42 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Adobe
2008-05-27 00:41:37 0 dr------- C:\Documents and Settings\NetworkService\Favorites
2008-05-27 00:41:23 0 d-------- C:\Documents and Settings\NetworkService\Application Data\Mozilla
2008-05-26 12:39:37 0 d-------- C:\WINDOWS\system32\scripting
2008-05-26 12:39:34 0 d-------- C:\WINDOWS\l2schemas
2008-05-26 12:39:33 0 d-------- C:\WINDOWS\system32\en
2008-05-26 12:39:33 0 d-------- C:\WINDOWS\system32\bits
2008-05-26 12:24:26 0 d-------- C:\WINDOWS\EHome


-- Find3M Report ---------------------------------------------------------------

2008-06-24 01:40:13 0 d-------- C:\Documents and Settings\Owner\Application Data\uTorrent
2008-06-24 01:31:11 0 d-------- C:\Documents and Settings\Owner\Application Data\VideoReDo-TVSuite
2008-06-24 00:07:49 0 d-------- C:\Program Files\Common Files\AVSMedia
2008-06-22 21:04:09 0 d--h----- C:\Program Files\InstallShield Installation Information
2008-06-22 20:38:47 0 d-------- C:\Program Files\Common Files
2008-06-22 16:58:41 0 d-------- C:\Program Files\uTorrent
2008-06-08 00:49:01 0 d-------- C:\Program Files\Movie Maker
2008-06-08 00:49:01 0 d-------- C:\Program Files\Messenger
2008-06-08 00:48:59 0 d-------- C:\Program Files\Windows NT
2008-06-08 00:47:09 218624 --a------ C:\WINDOWS\system32\uxtheme.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-06-05 06:51:36 0 d-------- C:\Documents and Settings\Owner\Application Data\Vso
2008-06-03 04:26:57 218624 --a------ C:\WINDOWS\system32\uxtheme(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-05-27 00:24:01 0 d-------- C:\Program Files\Common Files\Wise Installation Wizard
2008-05-26 10:39:16 0 d-------- C:\Documents and Settings\Owner\Application Data\AVGTOOLBAR
2008-05-21 00:38:03 0 d-------- C:\Documents and Settings\Owner\Application Data\SUPERAntiSpyware.com
2008-05-20 11:46:35 0 d-------- C:\Program Files\Team MediaPortal
2008-05-20 11:29:13 668 --a------ C:\Documents and Settings\Owner\Application Data\vso_ts_preview.xml
2008-05-20 02:28:33 0 d-------- C:\Documents and Settings\Owner\Application Data\LimeWire
2008-05-18 23:22:15 0 d-------- C:\Program Files\Microsoft SQL Server
2008-05-18 23:20:28 0 d-------- C:\Program Files\Microsoft.NET
2008-05-18 23:19:33 0 d-------- C:\Program Files\MSXML 6.0
2008-05-09 00:57:57 0 d-------- C:\Program Files\Spyware Doctor
2008-05-02 02:29:19 131072 --a------ C:\WINDOWS\system32\SpoonUninstall.exe
2008-05-01 23:59:42 0 d-------- C:\Documents and Settings\Owner\Application Data\Move Networks
2008-04-24 15:23:32 0 d-------- C:\Documents and Settings\Owner\Application Data\GarageGames
2008-04-14 05:42:06 1379840 --a------ C:\WINDOWS\system32\setupapi.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:42 204800 --a------ C:\WINDOWS\system32\wscript.exe <Not Verified; Microsoft Corporation; Microsoft ® Windows Script Host>
2008-04-13 19:12:41 199680 --a------ C:\WINDOWS\system32\wuauclt1.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:40 34304 --a------ C:\WINDOWS\system32\wpabaln.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:40 527872 --a------ C:\WINDOWS\system32\wiaacmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:39 351232 --a------ C:\WINDOWS\winhlp32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:39 547328 --a------ C:\WINDOWS\system32\winlogon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:39 3291648 --a------ C:\WINDOWS\system32\wextract.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:38 51712 --a------ C:\WINDOWS\system32\utilman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:38 239104 --a------ C:\WINDOWS\system32\taskmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:37 99840 --a------ C:\WINDOWS\system32\telnet.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:37 3308544 --a------ C:\WINDOWS\system32\sysocmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:36 30208 --a------ C:\WINDOWS\system32\stimon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:36 1564672 --a------ C:\WINDOWS\system32\spider.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:36 180736 --a------ C:\WINDOWS\system32\sndrec32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:35 94720 --a------ C:\WINDOWS\system32\sigverif.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:35 102400 --a------ C:\WINDOWS\system32\shrpubw.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:34 47616 --a------ C:\WINDOWS\system32\setup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:33 38912 --a------ C:\WINDOWS\system32\runonce.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:33 34816 --a------ C:\WINDOWS\system32\rundll32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:33 34816 --a------ C:\WINDOWS\system32\rundll32(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:33 77824 --a------ C:\WINDOWS\system32\rtcshare.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:32 43520 --a------ C:\WINDOWS\system32\rcimlby.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:32 59392 --a------ C:\WINDOWS\system32\rasphone.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:32 108544 --a------ C:\WINDOWS\system32\proquota.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:32 267264 --a------ C:\WINDOWS\regedit.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:31 607232 --a------ C:\WINDOWS\system32\progman.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:31 32768 --a------ C:\WINDOWS\system32\perfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:31 82432 --a------ C:\WINDOWS\system32\packager.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:31 217088 --a------ C:\WINDOWS\system32\osk.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:30 69120 --a------ C:\WINDOWS\system32\notepad.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:29 101376 --a------ C:\WINDOWS\system32\nslookup.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:29 55808 --a------ C:\WINDOWS\system32\narrator.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:28 354816 --a------ C:\WINDOWS\system32\mspaint.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:28 99840 --a------ C:\WINDOWS\system32\msiexec.exe <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2008-04-13 19:12:27 78336 --a------ C:\WINDOWS\system32\mshta.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:27 30720 --a------ C:\WINDOWS\system32\msdtc.exe <Not Verified; Microsoft Corporation; Microsoft Distributed Transaction Coordinator>
2008-04-13 19:12:27 267264 --a------ C:\WINDOWS\system32\mplay32.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:26 3504128 --a------ C:\WINDOWS\system32\mobsync.exe <Not Verified; Microsoft Corporation; Microsoft Synchronization Manager>
2008-04-13 19:12:25 53248 --a------ C:\WINDOWS\system32\mnmsrvc.exe <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-13 19:12:25 1518080 --a------ C:\WINDOWS\system32\mmc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:24 667136 --a------ C:\WINDOWS\system32\mstsc.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:24 59392 --a------ C:\WINDOWS\system32\magnify.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:24 6192640 --a------ C:\WINDOWS\system32\logonui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:22 161280 --a------ C:\WINDOWS\system32\iexpress.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:21 66560 --a------ C:\WINDOWS\system32\grpconv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:20 409088 --a------ C:\WINDOWS\system32\fsquirt.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:20 1551872 --a------ C:\WINDOWS\explorer.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:20 1551872 --a------ C:\WINDOWS\explorer(2).exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:16 103936 --a------ C:\WINDOWS\system32\ddeshare.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:16 25088 --a------ C:\WINDOWS\system32\ctfmon.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:15 163840 --a------ C:\WINDOWS\system32\cscript.exe <Not Verified; Microsoft Corporation; Microsoft ® Windows Script Host>
2008-04-13 19:12:15 52224 --a------ C:\WINDOWS\system32\conime.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:15 78336 --a------ C:\WINDOWS\system32\cmstp.exe <Not Verified; Microsoft Corporation; Microsoft® Connection Manager>
2008-04-13 19:12:15 54272 --a------ C:\WINDOWS\system32\cmmon32.exe <Not Verified; Microsoft Corporation; Microsoft® Connection Manager>
2008-04-13 19:12:14 48640 --a------ C:\WINDOWS\system32\cmdl32.exe <Not Verified; Microsoft Corporation; Microsoft® Connection Manager>
2008-04-13 19:12:14 390656 --a------ C:\WINDOWS\system32\cmd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:14 43008 --a------ C:\WINDOWS\system32\clipsrv.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:14 187392 --a------ C:\WINDOWS\system32\clipbrd.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:14 111616 --a------ C:\WINDOWS\system32\cleanmgr.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:12 3676160 --a------ C:\WINDOWS\system32\zipfldr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:12 84480 --a------ C:\WINDOWS\system32\ahui.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:11 183296 --a------ C:\WINDOWS\system32\wuaueng1.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:11 185856 --a------ C:\WINDOWS\system32\accwiz.exe <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:09 186368 --a------ C:\WINDOWS\system32\wintrust.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:09 186368 --a------ C:\WINDOWS\system32\wintrust(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:09 294912 --a------ C:\WINDOWS\system32\winsrv.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 811008 --a------ C:\WINDOWS\system32\wininet(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 698880 --a------ C:\WINDOWS\system32\wiashext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 3698688 --a------ C:\WINDOWS\system32\wiadefui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 435200 --a------ C:\WINDOWS\system32\webcheck(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 83456 --a------ C:\WINDOWS\system32\usbui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 639488 --a------ C:\WINDOWS\system32\urlmon(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 70144 --a------ C:\WINDOWS\system32\url(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 286208 --a------ C:\WINDOWS\system32\upnpui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 133120 --a------ C:\WINDOWS\system32\stobject.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:08 133120 --a------ C:\WINDOWS\system32\stobject(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 447488 --a------ C:\WINDOWS\system32\themeui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 447488 --a------ C:\WINDOWS\system32\themeui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 100352 --a------ C:\WINDOWS\system32\tcpmonui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 4344320 --a------ C:\WINDOWS\system32\syssetup.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 677888 --a------ C:\WINDOWS\system32\syncui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 743424 --a------ C:\WINDOWS\system32\sxs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 743424 --a------ C:\WINDOWS\system32\sxs(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 75776 --a------ C:\WINDOWS\system32\storprop.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 263680 --a------ C:\WINDOWS\system32\sti_ci.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 265216 --a------ C:\WINDOWS\system32\srrstr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:07 78336 --a------ C:\WINDOWS\system32\srclient.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:06 6873600 --a------ C:\WINDOWS\system32\shimgvw.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:06 25247744 --a------ C:\WINDOWS\system32\shell32(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:05 36864 --a------ C:\WINDOWS\system32\shscrap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:05 483840 --a------ C:\WINDOWS\system32\shlwapi(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:05 134656 --a------ C:\WINDOWS\system32\servdeps.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:05 57856 --a------ C:\WINDOWS\system32\sendmail.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:05 188416 --a------ C:\WINDOWS\system32\scrobj.dll <Not Verified; Microsoft Corporation; Microsoft ® Windows ® Script Component Runtime>
2008-04-13 19:12:04 151552 --a------ C:\WINDOWS\system32\remotepg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:04 927232 --a------ C:\WINDOWS\system32\rasdlg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:03 1532416 --a------ C:\WINDOWS\system32\quartz(2).dll
2008-04-13 19:12:03 913408 --a------ C:\WINDOWS\system32\printui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 296960 --a------ C:\WINDOWS\system32\photowiz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 112128 --a------ C:\WINDOWS\system32\pautoenr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 450560 --a------ C:\WINDOWS\system32\objsel.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 153088 --a------ C:\WINDOWS\system32\ntshrui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 153088 --a------ C:\WINDOWS\system32\ntshrui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 3557376 --a------ C:\WINDOWS\system32\newdev.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 3557376 --a------ C:\WINDOWS\system32\newdev(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 2355712 --a------ C:\WINDOWS\system32\netshell.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 2355712 --a------ C:\WINDOWS\system32\netshell(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 80896 --a------ C:\WINDOWS\system32\mydocs.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:02 80896 --a------ C:\WINDOWS\system32\mydocs(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:01 979456 --a------ C:\WINDOWS\system32\netplwiz.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:01 159744 --a------ C:\WINDOWS\system32\netid.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:00 323072 --a------ C:\WINDOWS\system32\mstask.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:12:00 3165696 --a------ C:\WINDOWS\system32\msgina.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:59 911360 --a------ C:\WINDOWS\system32\msihnd.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2008-04-13 19:11:59 9441792 --a------ C:\WINDOWS\system32\msieftp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:59 73728 --a------ C:\WINDOWS\system32\msident.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:59 2893824 --a------ C:\WINDOWS\system32\msi.dll <Not Verified; Microsoft Corporation; Windows Installer - Unicode>
2008-04-13 19:11:58 106496 --a------ C:\WINDOWS\system32\msconf.dll <Not Verified; Microsoft Corporation; Windows® NetMeeting®>
2008-04-13 19:11:57 253440 --a------ C:\WINDOWS\system32\modemui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:57 369152 --a------ C:\WINDOWS\system32\mobsync.dll <Not Verified; Microsoft Corporation; Microsoft Synchronization Manager>
2008-04-13 19:11:57 85504 --a------ C:\WINDOWS\system32\mmcshext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:57 3971584 --a------ C:\WINDOWS\system32\mmcndmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:57 325632 --a------ C:\WINDOWS\system32\mmcbase.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:57 42496 --a------ C:\WINDOWS\system32\midimap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:57 42496 --a------ C:\WINDOWS\system32\midimap(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:56 161280 --a------ C:\WINDOWS\system32\mdminst.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:56 489984 --a------ C:\WINDOWS\system32\localsec.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:56 225280 --a------ C:\WINDOWS\system32\keymgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:55 153600 --a------ C:\WINDOWS\system32\itss.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:55 155648 --a------ C:\WINDOWS\system32\isign32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:55 466432 --a------ C:\WINDOWS\system32\ipsmsnap.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:55 423936 --a------ C:\WINDOWS\system32\ipsecsnp.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:55 231424 --a------ C:\WINDOWS\system32\input.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:55 46592 --a------ C:\WINDOWS\system32\inetppui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:54 417792 --a------ C:\WINDOWS\system32\inetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:54 78336 --a------ C:\WINDOWS\system32\iesetup.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:54 122880 --a------ C:\WINDOWS\system32\icwdial.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:54 175616 --a------ C:\WINDOWS\system32\hotplug.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:54 368640 --a------ C:\WINDOWS\system32\hnetcfg.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:54 368640 --a------ C:\WINDOWS\system32\hnetcfg(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:54 393216 --a------ C:\WINDOWS\system32\fontext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:53 73728 --a------ C:\WINDOWS\system32\fldrclnr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:53 443904 --a------ C:\WINDOWS\system32\filemgmt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:53 258048 --a------ C:\WINDOWS\system32\els.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 775168 --a------ C:\WINDOWS\system32\dsuiext.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 423936 --a------ C:\WINDOWS\system32\dsquery.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 192512 --a------ C:\WINDOWS\system32\dsprop.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 287744 --a------ C:\WINDOWS\system32\dskquoui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 261120 --a------ C:\WINDOWS\system32\dpvoice.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 48128 --a------ C:\WINDOWS\system32\dpmodemx.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 385024 --a------ C:\WINDOWS\system32\dmdlgs.dll <Not Verified; Microsoft Corp.; Logical Disk Manager for Windows NT>
2008-04-13 19:11:52 1528832 --a------ C:\WINDOWS\system32\diskcopy.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:52 93184 --a------ C:\WINDOWS\system32\digest.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 173056 --a------ C:\WINDOWS\system32\dfrgui.dll <Not Verified; Microsoft Corp. and Executive Software International, Inc.; Windows Disk Defragmenter>
2008-04-13 19:11:51 384000 --a------ C:\WINDOWS\system32\devmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 114688 --a------ C:\WINDOWS\system32\dataclen.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 6859776 --a------ C:\WINDOWS\system32\cscui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 6859776 --a------ C:\WINDOWS\system32\cscui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 301568 --a------ C:\WINDOWS\system32\cscdll.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 301568 --a------ C:\WINDOWS\system32\cscdll(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 1114112 --a------ C:\WINDOWS\system32\cryptui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 1114112 --a------ C:\WINDOWS\system32\cryptui(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 188928 --a------ C:\WINDOWS\system32\credui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 188928 --a------ C:\WINDOWS\system32\credui(3).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 1390080 --a------ C:\WINDOWS\system32\comres.dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-13 19:11:51 1390080 --a------ C:\WINDOWS\system32\comres(3).dll <Not Verified; Microsoft Corporation; COM Services>
2008-04-13 19:11:51 1733632 --a------ C:\WINDOWS\system32\compstui.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 340992 --a------ C:\WINDOWS\system32\comdlg32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:51 724992 --a------ C:\WINDOWS\system32\comctl32.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 303616 --a------ C:\WINDOWS\system32\cmprops.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 515584 --a------ C:\WINDOWS\system32\cmdial32.dll <Not Verified; Microsoft Corporation; Microsoft® Connection Manager>
2008-04-13 19:11:50 1213952 --a------ C:\WINDOWS\system32\certmgr.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 220672 --a------ C:\WINDOWS\system32\capesnpn.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 89088 --a------ C:\WINDOWS\system32\cabview.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 45056 --a------ C:\WINDOWS\system32\bthci.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 1053184 --a------ C:\WINDOWS\system32\browseui(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 33280 --a------ C:\WINDOWS\system32\batt.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 38400 --a------ C:\WINDOWS\system32\batmeter.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:50 38400 --a------ C:\WINDOWS\system32\batmeter(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:48 94208 --a------ C:\WINDOWS\system32\admparse.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 19:11:11 3954688 --a------ C:\WINDOWS\system32\winntbbu.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 12:39:24 3535872 --a------ C:\WINDOWS\system32\xpsp2res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 12:39:22 218624 --a------ C:\WINDOWS\system32\xpsp1res.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 12:39:22 218624 --a------ C:\WINDOWS\system32\xpsp1res(2).dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 12:03:19 626176 --a------ C:\WINDOWS\system32\shdoclc.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 11:48:54 2957312 --a------ C:\WINDOWS\system32\winbrand.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 11:45:30 497152 --a------ C:\WINDOWS\system32\moricons.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-04-13 11:22:12 97280 --a------ C:\WINDOWS\system32\inetres.dll <Not Verified; Microsoft Corporation; Microsoft® Windows® Operating System>
2008-03-30 00:19:40 684 --a------ C:\WINDOWS\mozver.dat
2008-03-26 02:05:38 47360 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.sys <Not Verified; VSO Software; Patin couffin engine>
2008-03-26 02:05:38 1144 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.inf
2008-03-26 02:05:38 7887 --a------ C:\Documents and Settings\Owner\Application Data\pcouffin.cat
2008-03-25 14:14:04 0 --a------ C:\REQUEST_OEMRESET_ENDUSER
2008-03-25 13:55:07 335 --a------ C:\WINDOWS\nsreg.dat
2008-03-25 13:53:08 4 --a------ C:\WINDOWS\Pix11.dat
2008-03-25 13:46:50 2 --a------ C:\AUDIT_INSTALL_IN_PROGRESS
2008-03-25 13:37:55 2 -r-hs---- C:\USER
2008-03-25 13:32:27 60 --a------ C:\WINDOWS\system32\SYSDRV.DAT


-- Registry Dump ---------------------------------------------------------------

*Note* empty entries & legit default entries are not shown


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"="RTHDCPL.EXE" [04/04/2006 08:44 PM C:\WINDOWS\RTHDCPL.exe]
"Alcmtr"="ALCMTR.EXE" [05/03/2005 09:43 PM C:\WINDOWS\Alcmtr.exe]
"Recguard"="%WINDIR%\SMINST\RECGUARD.EXE" []
"hcwemMON"="hcwemMON.exe" [03/29/2007 04:22 PM C:\WINDOWS\hcwemMON.exe]
"F-Secure Manager"="E:\Program Files\Charter High-Speed Security Suite\Common\FSM32.exe" [04/23/2008 11:13 AM]
"F-Secure TNB"="E:\Program Files\Charter High-Speed Security Suite\FSGUI\TNBUtil.exe" [04/23/2008 11:13 AM]
"SansaDispatch"="E:\Program Files\SanDisk\Sansa Updater\SansaDispatch.exe" [10/22/2007 12:52 PM]
"QuickTime Task"="E:\Program Files\QuickTime\QTTask.exe" [05/27/2008 10:50 AM]

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Yahoo! Pager"="E:\Program Files\Yahoo\Messenger\YahooMessenger.exe" [08/30/2007 06:43 PM]
"SpybotSD TeaTimer"="E:\Program Files\Spybot - Search & Destroy\TeaTimer.exe" [01/28/2008 11:43 AM]
"Veoh"="E:\Program Files\Veoh Networks\Veoh\VeohClient.exe" [05/15/2008 04:11 PM]
"@"="" []

[HKEY_USERS\.default\software\microsoft\windows\currentversion\run]
"Power2GoExpress"=NA

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vds]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
@="Volume shadow copy"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Google Updater.lnk]
path=C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Google Updater.lnk
backup=C:\WINDOWS\pss\Google Updater.lnkCommon Startup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^Mozilla Firefox.lnk]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\Mozilla Firefox.lnk
backup=C:\WINDOWS\pss\Mozilla Firefox.lnkStartup

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Owner^Start Menu^Programs^Startup^WinFlip.lnk]
path=C:\Documents and Settings\Owner\Start Menu\Programs\Startup\WinFlip.lnk
backup=C:\WINDOWS\pss\WinFlip.lnkStartup


[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
"C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DrvIcon]
C:\Program Files\VistaDriveIcon\DrvIcon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LClock]
C:\Program Files\LClock\LClock.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\qiilhhr]
c:\documents and settings\owner\local settings\application data\qiilhhr.exe qiilhhr

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\readericon]
C:\Program Files\Digital Media Reader\readericon45G.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
"C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Veoh]
"E:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViOrb]
C:\Program Files\ViOrb\ViOrb.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Vista Sidebar]
C:\Program Files\Vista Sidebar\sidebar.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViStart]
C:\Program Files\ViStart\ViStart.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTaskTips]
"C:\Program Files\VisualTaskTips\VisualTaskTips.exe" noTrayIcon

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\VisualTooltip]
C:\Program Files\VisualTooltip\VisualToolTip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinFlip]
C:\Program Files\WinFlip\WinFlip.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Yahoo! Pager]
"E:\Program Files\Yahoo\Messenger\YahooMessenger.exe" -quiet

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"WMPNetworkSvc"=3 (0x3)
"PrismXL"=2 (0x2)
"NMIndexingService"=3 (0x3)
"NBService"=3 (0x3)
"gusvc"=2 (0x2)
"avg8wd"=2 (0x2)
"Ati HotKey Poller"=2 (0x2)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc

*Newly Created Service* - FSBL



-- Hosts -----------------------------------------------------------------------

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com

8724 more entries in hosts file.


-- End of Deckard's System Scanner: finished at 2008-06-24 06:14:27 ------------



here is the second text


Deckard's System Scanner v20071014.68
Extra logfile - please post this as an attachment with your post.
--------------------------------------------------------------------------------

-- System Information ----------------------------------------------------------

Microsoft Windows XP Home Edition (build 2600) SP 3.0
Architecture: X86; Language: English

CPU 0: Intel® Celeron® D CPU 3.20GHz
Percentage of Memory in Use: 56%
Physical Memory (total/avail): 878.83 MiB / 381.61 MiB
Pagefile Memory (total/avail): 2129.32 MiB / 1618.44 MiB
Virtual Memory (total/avail): 2047.88 MiB / 1845.84 MiB

C: is Fixed (NTFS) - 36.13 GiB total, 21.65 GiB free.
D: is Fixed (NTFS) - 97.14 GiB total, 63.46 GiB free.
E: is Fixed (NTFS) - 33.97 GiB total, 29.57 GiB free.
F: is Fixed (NTFS) - 89.17 GiB total, 84.41 GiB free.
G: is Fixed (FAT32) - 4.42 GiB total, 2.23 GiB free.
H: is CDROM (No Media)
I: is CDROM (No Media)
J: is Removable (No Media)
K: is Removable (No Media)
L: is Removable (No Media)
M: is Removable (No Media)

\\.\PHYSICALDRIVE1 - WDC WD2000BB-22DAA0 - 186.31 GiB - 2 partitions
\PARTITION0 - Installable File System - 97.14 GiB - D:
\PARTITION1 - Extended w/Extended Int 13 - 89.17 GiB - F:

\\.\PHYSICALDRIVE0 - WDC WD800BB-22JHC0 - 74.53 GiB - 3 partitions
\PARTITION0 (bootable) - Installable File System - 36.13 GiB - C:
\PARTITION1 - Unknown - 4.43 GiB - G:
\PARTITION2 - Extended w/Extended Int 13 - 33.97 GiB - E:

\\.\PHYSICALDRIVE3 - Generic USB CF Reader USB Device

\\.\PHYSICALDRIVE5 - Generic USB MS Reader USB Device

\\.\PHYSICALDRIVE2 - Generic USB SD Reader USB Device

\\.\PHYSICALDRIVE4 - Generic USB SM Reader USB Device



-- Security Center -------------------------------------------------------------

AUOptions is scheduled to auto-install.


-- Environment Variables -------------------------------------------------------

ALLUSERSPROFILE=C:\Documents and Settings\All Users
APPDATA=C:\Documents and Settings\Owner\Application Data
CLIENTNAME=Console
CommonProgramFiles=C:\Program Files\Common Files
COMPUTERNAME=YOUR-90D83DC605
ComSpec=C:\WINDOWS\system32\cmd.exe
FP_NO_HOST_CHECK=NO
HOMEDRIVE=C:
HOMEPATH=\Documents and Settings\Owner
LOGONSERVER=\\YOUR-90D83DC605
NUMBER_OF_PROCESSORS=1
OS=Windows_NT
Path=E:\PROGRA~1\Mozilla Firefox;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_IDENTIFIER=x86 Family 15 Model 6 Stepping 4, GenuineIntel
PROCESSOR_LEVEL=15
PROCESSOR_REVISION=0604
ProgramFiles=C:\Program Files
PROMPT=$P$G
SESSIONNAME=Console
SystemDrive=C:
SystemRoot=C:\WINDOWS
TEMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
TMP=C:\DOCUME~1\Owner\LOCALS~1\Temp
USERDOMAIN=YOUR-90D83DC605
USERNAME=Owner
USERPROFILE=C:\Documents and Settings\Owner
windir=C:\WINDOWS


-- User Profiles ---------------------------------------------------------------

Owner (admin)


-- Add/Remove Programs ---------------------------------------------------------

--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware Scanner"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Spyware"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus Client Security Installer"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Anti-Virus"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Automatic Update Agent"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure DAAS"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Diagnostics"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure E-mail Scanning"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure FWES"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GateKeeper Interface"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Gemini"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure GUI"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Help"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure HIPS"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Internet Shield"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Localization API"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Management Agent"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Pegasus Engine"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Protocol Scanner"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Control"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Spam Scanner"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure TNB"
--> "E:\Program Files\Charter High-Speed Security Suite\Uninstall\fsuninst.exe" /UninstRegKey:"F-Secure Uninstall"
--> C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
--> C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
--> C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
--> C:\WINDOWS\UNNeroVision.exe /UNINSTALL
--> C:\WINDOWS\UNRecode.exe /UNINSTALL
--> E:\Program Files\Nero 7\\nero\uninstall\UNNERO.exe /UNINSTALL
--> rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
µTorrent --> "C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL
Adobe Flash Player ActiveX --> C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin --> C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 7.0 --> MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A70000000000}
Apple Software Update --> MsiExec.exe /I{02DFF6B1-1654-411C-8D7B-FD6052EF016F}
ATI Display Driver --> rundll32 C:\WINDOWS\system32\atiiiexx.dll,_InfEngUnInstallINFFile_RunDLL@16 -force_restart -flags:0x2010001 -inf_class:DISPLAY -clean
CA Yahoo! Anti-Spy (remove only) --> "E:\Program Files\CA Yahoo! Anti-Spy\uninstall.exe"
Charter High-Speed Security Suite --> "E:\Program Files\Charter High-Speed Security Suite\FSGUI\PostInstall.exe" /tUnInstall
Cheat Engine 5.4 --> "E:\Program Files\Cheat Engine\unins000.exe"
Command & Conquer The First Decade --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11�\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{66D6F3BD-CA23-41A4-9FA3-96B26B32528C}\setup.exe" -l0x9 -removeonly
ConvertXtoDVD 2.2.3.258h --> "E:\Program Files\ConvertXtoDVD\unins000.exe"
ConvertXtoDVD 3.0.0.1 --> "E:\Program Files\VSO\ConvertX\3\unins000.exe"
Digital Media Reader --> C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{4AC55A61-BA20-4DF5-ABFF-8F4819E0C875} /l1033
DivX Content Uploader --> C:\Program Files\DivX\DivXContentUploaderUninstall.exe /CUPLOADER
DivX Web Player --> C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Google Updater --> "C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
Hauppauge English Help Files and Resources --> E:\PROGRA~1\WinTV\UNHLPeng.EXE E:\PROGRA~1\WinTV\WTV2Keng.LOG
Hauppauge WinTV Scheduler --> E:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.exe E:\PROGRA~1\WinTV\\SCHEDU~1\uniSCHED.log
Hauppauge WinTV Soft PVR --> E:\PROGRA~1\WinTV\UNSftPVR.EXE E:\PROGRA~1\WinTV\softpvr.LOG
Hauppauge WinTV2000 --> E:\PROGRA~1\WinTV\UNTV32.EXE E:\PROGRA~1\WinTV\WINTV2K.LOG
High Definition Audio Driver Package - KB888111 --> "C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
Hotfix for Windows Media Format 11 SDK (KB929399) --> "C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe"
IsoBuster 1.9.1 --> "E:\Program Files\IsoBuster\Uninst\unins000.exe"
J2SE Runtime Environment 5.0 Update 2 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150020}
Java™ 6 Update 5 --> MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
K-Lite Mega Codec Pack 3.8.0 --> "E:\Program Files\K-Lite Codec Pack\unins000.exe"
Microsoft Compression Client Pack 1.0 for Windows XP --> "C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe"
Microsoft Digital Image Starter Edition 2006 --> "C:\Program Files\Common Files\Microsoft Shared\Picture It!\RmvSuite.exe" ADDREMOVE=1 SKU=TRIAL VERSION=11
Microsoft User-Mode Driver Framework Feature Pack 1.0 --> "C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe"
Microsoft Visual C++ 2005 Redistributable --> MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (2.0.0.14) --> E:\PROGRA~1\Mozilla Firefox\uninstall\helper.exe
Nero 7 Ultra Edition --> MsiExec.exe /I{43FFE159-3199-4188-A1CD-629166AD1033}
neroxml --> MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Online Manuals for WinTV (English) --> E:\PROGRA~1\WinTV\UNTVmans.exe E:\PROGRA~1\WinTV\WinTVMan.LOG
PowerQuest PartitionMagic 8.0 --> C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{6BE2A4A4-99FB-48ED-AE1E-4E850389F804}
QuickTime --> MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
REALTEK GbE & FE Ethernet PCI NIC Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11�\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACCA20B0-C4D1-4BF5-BF21-0A0EB5EF9730}\setup.exe" -l0x9 -removeonly
Realtek High Definition Audio Driver --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11�\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Sansa Connect Device Recovery --> C:\Program Files\InstallShield Installation Information\{49D8D67B-E840-4BE7-B012-A6BC6B723E3E}\setup.exe -runfromtemp -l0x0009 -removeonly
Sansa Media Converter --> RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D2A0F8F4-CE50-4857-A21C-3061682B2E87}\Setup.exe" -l0x9
Sansa Updater --> C:\Program Files\InstallShield Installation Information\{E2D7E05E-C8C7-45F4-8D89-D6696075E0B7}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for Step By Step Interactive Training (KB898458) -->
Soft Data Fax Modem with SmartCP --> C:\Program Files\CONEXANT\CNXT_MODEM_PCI_VEN_14F1&DEV_2F20&SUBSYS_200014F1\HXFSETUP.EXE -U -IPDRSLSM5K.inf
Spybot - Search & Destroy --> "E:\Program Files\Spybot - Search & Destroy\unins000.exe"
SUPER © Version 2008.bld.30 (Mar 22, 2008) --> E:\PROGRA~1\SUPER\Setup.exe /remove /q0
VeohTV BETA --> C:\Program Files\InstallShield Installation Information\{0405E51E-9582-4207-8F38-AC44201D3808}\setup.exe -runfromtemp -l0x0409
VideoReDo TVSuite Version 3.1.4.549 --> "E:\Program Files\VideoReDoTVSuite\unins000.exe"
VistaMizer 2.5.2.0 --> C:\WINDOWS\VistaMizer\Uninstall.exe
Visual Task Tips 3.3 --> C:\Program Files\VisualTaskTips\uninst.exe
Windows Backup Utility --> MsiExec.exe /I{76EFFC7C-17A6-479D-9E47-8E658C1695AE}
Windows Media Format 11 runtime --> "C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows XP Service Pack 3 --> "C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
WinRAR --> "C:\WINDOWS\WinRAR\uninstall.exe" "/U:E:\Program Files\WinRAR\Uninstall\uninstall.xml"
Xvid 1.1.3 final uninstall --> "E:\Program Files\Xvid\unins000.exe"
Yahoo! Messenger --> E:\PROGRA~1\Yahoo\MESSEN~1\UNWISE.EXE /U E:\PROGRA~1\Yahoo\MESSEN~1\INSTALL.LOG
YouTube FLV to AVI converter Pro 2.0.5 --> "E:\Program Files\YouTube FLV to AVI converter Pro\unins000.exe"


-- Application Event Log -------------------------------------------------------

Event Record #/Type380 / Error
Event Submitted/Written: 06/24/2008 00:13:09 AM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
24 2008-06-24 00:13:09-05:00 your-90d83dc605 YOUR-90D83DC605\Owner F-Secure Anti-Virus
Scanning of \Device\HarddiskVolume1\Documents and Settings\Owner\Desktop\QuickTimeInstaller.exe was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

Event Record #/Type379 / Error
Event Submitted/Written: 06/24/2008 00:12:43 AM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
23 2008-06-24 00:12:43-05:00 your-90d83dc605 YOUR-90D83DC605\Owner F-Secure Anti-Virus
Scanning of \Device\HarddiskVolume4\QuickTimeInstaller.exe was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

Event Record #/Type378 / Error
Event Submitted/Written: 06/24/2008 00:12:11 AM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
22 2008-06-24 00:12:10-05:00 your-90d83dc605 YOUR-90D83DC605\Owner F-Secure Anti-Virus
Scanning of \Device\HarddiskVolume1\WINDOWS\system32\CatRoot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

Event Record #/Type377 / Error
Event Submitted/Written: 06/24/2008 00:04:53 AM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
21 2008-06-24 00:04:53-05:00 your-90d83dc605 YOUR-90D83DC605\Owner F-Secure Anti-Virus
Scanning of \Device\HarddiskVolume1\Documents and Settings\Owner\Desktop\AVSVideoConverter.exe was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).

Event Record #/Type376 / Error
Event Submitted/Written: 06/23/2008 11:44:39 PM
Event ID/Source: 103 / F-Secure Anti-Virus
Event Description:
20 2008-06-23 23:44:39-05:00 your-90d83dc605 YOUR-90D83DC605\Owner F-Secure Anti-Virus
Scanning of \Device\HarddiskVolume1\Documents and Settings\Owner\Desktop\AVSVideoConverter.exe was aborted due to exceeded scanning time limit. The file may be in use or reading it was too slow (e.g. network connection was under stress).



-- Security Event Log ----------------------------------------------------------

No Errors/Warnings found.


-- System Event Log ------------------------------------------------------------

Event Record #/Type3269 / Warning
Event Submitted/Written: 06/24/2008 05:48:15 AM
Event ID/Source: 256 / PlugPlayManager
Event Description:
Timed out sending notification of device interface change to window of "E:\Program Files\SanDisk\Sansa Updater\SansaUpdater.exe"

Event Record #/Type3260 / Warning
Event Submitted/Written: 06/24/2008 01:59:22 AM
Event ID/Source: 15200 / WPDMTPDriver
Event Description:
MTP USB Driver has cancelled the operation 0x100d

Event Record #/Type3258 / Warning
Event Submitted/Written: 06/24/2008 00:24:11 AM
Event ID/Source: 15200 / WPDMTPDriver
Event Description:
MTP USB Driver has cancelled the operation 0x100d

Event Record #/Type3256 / Warning
Event Submitted/Written: 06/23/2008 06:13:22 AM
Event ID/Source: 36 / W32Time
Event Description:
The time service has not been able to synchronize the system time
for 49152 seconds because none of the time providers has been able to
provide a usable time stamp. The system clock is unsynchronized.

Event Record #/Type3249 / Warning
Event Submitted/Written: 06/23/2008 03:20:53 AM
Event ID/Source: 15200 / WPDMTPDriver
Event Description:
MTP USB Driver has cancelled the operation 0x100d



-- End of Deckard's System Scanner: finished at 2008-06-24 06:14:27 ------------



please if there is something in this log that messing my computer up I hope someone here can help.


Mod.Ed./moved to HjT Logs/Raziel

Hi

1. Download combofix from any of these links and save it to Desktop:
Link 1
Link 2
Link 3

**Note: It is important that it is saved directly to your desktop**

2. Double click combofix.exe & follow the prompts.
3. When finished, it shall produce a log for you (C:\ComboFix.txt). Post that log & a fresh hjt log in your next reply

Note:
Do not mouseclick combofix's window whilst it's running. That may cause it to stall

Combofix should never take more that 20 minutes including the reboot if malware is detected.
If it does, open Task Manager then Processes tab (press ctrl, alt and del at the same time) and end any processes of findstr, find, sed or swreg, then combofix should continue.
If that happened we want to know, and also what process you had to end.

If you have problems with Combofix usage, see here

Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else please begin a New Topic.

Thank You !