Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

been infected with dldtgrd.dll


  • Please log in to reply
5 replies to this topic

#1 stuartmees

stuartmees

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 20 November 2008 - 12:13 PM

hi, got a virus that ive been told is something to do with the file in this thread tittle.

been trying to remove it with killbox but it says it cant.

what do i do?

here's my highjack this log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:12:56, on 16/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\OEM13Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\Protector Suite QL\psqltray.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Dell V305\dldtmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Dell V305\dldtMsdMon.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Stuart\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://partnerpage.google.com/smallbiz.del...amp;ibd=5080820
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer provided by Dell
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Browser Address Error Redirector - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - C:\Program Files\Dell\BAE\BAE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [ECenter] C:\Dell\E-Center\EULALauncher.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [PSQLLauncher] "C:\Program Files\Protector Suite QL\launcher.exe" /startup
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [dldtmon.exe] "C:\Program Files\Dell V305\dldtmon.exe"
O4 - HKLM\..\Run: [dldtamon] "C:\Program Files\Dell V305\dldtamon.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Stuart\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Feature Support (BthFilterHelper) - CSR, plc - C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
O23 - Service: dldtCATSCustConnectService - Unknown owner - C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldtserv.exe
O23 - Service: dldt_device - - C:\Windows\system32\dldtcoms.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 7753 bytes


when i ran the highjack this scan it said this before producing the scan:

Posted Image

any help would be appreciated!!!!

Thanks,

Stu

BC AdBot (Login to Remove)

 


#2 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:01 AM

Posted 06 December 2008 - 08:18 AM

Hello stuartmees

Welcome to BleepingComputer :thumbsup:
========================
  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#3 stuartmees

stuartmees
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 17 December 2008 - 01:48 PM

Hello stuartmees

Welcome to BleepingComputer :thumbsup:
========================

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)



hi thanks, sorry i been a while.

heres my log.txt:

Logfile of random's system information tool 1.05 (written by random/random)
Run by Stuart at 2008-12-17 18:44:38
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 143 GB (63%) free of 228 GB
Total RAM: 2038 MB (38% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:44:51, on 17/12/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\igfxtray.exe
C:\Program Files\STOPzilla!\STOPzilla.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\WLTRAY.EXE
C:\Program Files\PowerISO\PWRISOVM.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM13Mon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Vuze\Azureus.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\explorer.exe
C:\Users\Stuart.Stuart-PC\Desktop\RSIT.exe
C:\Program Files\trend micro\Stuart.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Broadcom Wireless Manager UI] C:\Windows\system32\WLTRAY.exe
O4 - HKLM\..\Run: [PWRISOVM.EXE] C:\Program Files\PowerISO\PWRISOVM.EXE
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM13Mon.exe] C:\Windows\OEM13Mon.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\is3\anti-spyware\is3lsp.dll
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://prerelease.trendmicro-europe.com/ho...1278/hcImpl.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/flas...ent/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bluetooth Feature Support (BthFilterHelper) - CSR, plc - C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
O23 - Service: O2Micro Flash Memory Card Service (o2flash) - O2Micro International - C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE

--
End of file - 7991 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1827766B-9F49-4854-8034-F6EE26FCB1EC}]
ZILLAbar Browser Helper Object - C:\Program Files\STOPzilla!\SZSG.dll [2008-11-20 247232]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-14 455960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-12-14 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-12-14 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3215F20-3212-11D6-9F8B-00D0B743919D}]
STOPzilla Browser Helper Object - C:\Program Files\STOPzilla!\SZIEBHO.dll [2008-11-20 222656]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{98828DED-A591-462F-83BA-D2F62A68B8B8} - STOPzilla - C:\Program Files\STOPzilla!\SZSG.dll [2008-11-20 247232]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-02-04 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-02-04 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-02-04 133656]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-02-04 4907008]
"Broadcom Wireless Manager UI"=C:\Windows\system32\WLTRAY.exe [2007-12-08 3444736]
""= []
"PWRISOVM.EXE"=C:\Program Files\PowerISO\PWRISOVM.EXE [2008-01-20 217088]
"Apoint"=C:\Program Files\DellTPad\Apoint.exe [2007-12-14 159744]
"OEM13Mon.exe"=C:\Windows\OEM13Mon.exe [2008-01-07 36864]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-12-01 185896]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-12-14 136600]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-14 1261336]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]

C:\Users\Stuart.Stuart-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-04 200704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\F]
shell\AutoRun\command - F:\SETUP.EXE /AUTORUN
shell\configure\command - F:\SETUP.EXE
shell\install\command - F:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{8c2f6181-bb39-11dd-9a0c-0021864c8e6e}]
shell\AutoRun\command - H:\PortableAppsMenu.exe


======List of files/folders created in the last 1 months======

2008-12-17 18:44:38 ----D---- C:\rsit
2008-12-17 18:44:38 ----D---- C:\Program Files\trend micro
2008-12-15 21:46:41 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\DivX
2008-12-15 21:46:20 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-12-15 21:46:05 ----D---- C:\Program Files\DivX
2008-12-15 17:45:13 ----D---- C:\Program Files\Common Files\Apple
2008-12-15 17:45:02 ----D---- C:\ProgramData\Apple Computer
2008-12-15 17:45:02 ----D---- C:\Program Files\QuickTime
2008-12-15 17:40:09 ----D---- C:\ProgramData\Apple
2008-12-15 17:40:09 ----D---- C:\Program Files\Apple Software Update
2008-12-14 21:20:29 ----A---- C:\Windows\system32\avgrsstx.dll
2008-12-14 20:54:43 ----D---- C:\ProgramData\Avg8
2008-12-14 18:34:38 ----D---- C:\Program Files\Common Files\DESIGNER
2008-12-14 18:22:43 ----A---- C:\Windows\system32\msonpmon.dll
2008-12-14 18:20:00 ----D---- C:\Program Files\Microsoft Works
2008-12-14 18:19:10 ----D---- C:\Program Files\Microsoft Visual Studio
2008-12-14 18:17:41 ----D---- C:\Program Files\Microsoft.NET
2008-12-14 18:08:03 ----D---- C:\Program Files\Microsoft Visual Studio 8
2008-12-14 18:06:37 ----D---- C:\ProgramData\Microsoft Help
2008-12-14 17:57:46 ----A---- C:\Windows\system32\javaws.exe
2008-12-14 17:57:46 ----A---- C:\Windows\system32\javaw.exe
2008-12-14 17:57:46 ----A---- C:\Windows\system32\java.exe
2008-12-14 17:57:46 ----A---- C:\Windows\system32\deploytk.dll
2008-12-14 17:33:55 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Malwarebytes
2008-12-14 17:33:49 ----D---- C:\ProgramData\Malwarebytes
2008-12-14 17:33:49 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-14 10:22:09 ----D---- C:\ProgramData\Azureus
2008-12-14 10:22:07 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Azureus
2008-12-14 10:21:34 ----D---- C:\Program Files\Vuze
2008-12-14 10:12:21 ----D---- C:\Program Files\Java
2008-12-14 10:11:45 ----D---- C:\Program Files\Common Files\Java
2008-12-13 14:24:43 ----D---- C:\ProgramData\Spybot - Search & Destroy
2008-12-13 14:24:43 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-11 15:15:50 ----A---- C:\Windows\system32\tzres.dll
2008-12-10 18:10:08 ----A---- C:\Windows\system32\Apphlpdm.dll
2008-12-10 18:10:06 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2008-12-10 18:09:57 ----A---- C:\Windows\system32\shell32.dll
2008-12-10 18:09:39 ----A---- C:\Windows\system32\gdi32.dll
2008-12-10 18:09:35 ----A---- C:\Windows\explorer.exe
2008-12-10 18:09:31 ----A---- C:\Windows\system32\WMVCORE.DLL
2008-12-10 18:09:31 ----A---- C:\Windows\system32\mf.dll
2008-12-10 18:09:30 ----A---- C:\Windows\system32\WMNetMgr.dll
2008-12-10 18:09:30 ----A---- C:\Windows\system32\logagent.exe
2008-12-10 18:08:55 ----A---- C:\Windows\system32\urlmon.dll
2008-12-10 18:08:55 ----A---- C:\Windows\system32\mshtml.dll
2008-12-10 18:08:54 ----A---- C:\Windows\system32\ieframe.dll
2008-12-10 18:08:53 ----A---- C:\Windows\system32\wininet.dll
2008-12-10 18:08:53 ----A---- C:\Windows\system32\mstime.dll
2008-12-10 18:08:53 ----A---- C:\Windows\system32\iertutil.dll
2008-12-10 18:08:52 ----A---- C:\Windows\system32\jsproxy.dll
2008-12-09 17:34:56 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Thunderbird
2008-12-09 17:31:23 ----D---- C:\Program Files\Mozilla Thunderbird
2008-12-07 16:48:29 ----D---- C:\ProgramData\SITEguard
2008-12-07 16:45:33 ----D---- C:\Program Files\STOPzilla!
2008-12-07 16:45:30 ----D---- C:\Program Files\Common Files\iS3
2008-12-07 16:45:29 ----D---- C:\ProgramData\STOPzilla!
2008-12-07 14:55:49 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\HouseCall 6.6
2008-12-07 14:55:44 ----D---- C:\Windows\system32\HouseCall 6.6
2008-12-06 10:39:07 ----A---- C:\Windows\system32\MFC71.dll
2008-12-06 10:39:04 ----D---- C:\Program Files\Alwil Software
2008-12-03 19:51:36 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Any Video Converter
2008-12-03 19:51:34 ----D---- C:\Program Files\Any Video Converter
2008-12-03 17:10:00 ----D---- C:\Program Files\VDOWNLOADER
2008-12-01 20:49:18 ----A---- C:\Windows\cdplayer.ini
2008-12-01 20:45:18 ----D---- C:\Program Files\Common Files\xing shared
2008-12-01 20:45:09 ----A---- C:\Windows\system32\rmoc3260.dll
2008-12-01 20:44:57 ----A---- C:\Windows\system32\pndx5032.dll
2008-12-01 20:44:57 ----A---- C:\Windows\system32\pndx5016.dll
2008-12-01 20:44:55 ----A---- C:\Windows\system32\pncrt.dll
2008-12-01 20:44:50 ----D---- C:\Program Files\Common Files\Real
2008-12-01 20:44:26 ----D---- C:\Program Files\Real
2008-12-01 20:40:47 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Real
2008-12-01 20:23:17 ----D---- C:\ProgramData\ThumbnailCache4R
2008-11-30 18:22:07 ----A---- C:\Windows\system32\dldtcoin.dll
2008-11-30 18:18:53 ----A---- C:\Windows\system32\dldtwupd.exe
2008-11-30 18:18:53 ----A---- C:\Windows\system32\dldtwupd.dll
2008-11-30 18:18:49 ----D---- C:\Program Files\Dell V305
2008-11-30 18:18:37 ----A---- C:\Windows\system32\DLDTinst.dll
2008-11-30 18:18:37 ----A---- C:\Windows\system32\dldtinpa.dll
2008-11-30 18:18:37 ----A---- C:\Windows\system32\DLDThcp.dll
2008-11-30 18:18:36 ----A---- C:\Windows\system32\dldtutil.dll
2008-11-30 18:18:36 ----A---- C:\Windows\system32\dldtusb1.dll
2008-11-30 18:18:36 ----A---- C:\Windows\system32\dldtserv.dll
2008-11-30 18:18:36 ----A---- C:\Windows\system32\dldtprox.dll
2008-11-30 18:18:36 ----A---- C:\Windows\system32\dldtpmui.dll
2008-11-30 18:18:36 ----A---- C:\Windows\system32\dldtiesc.dll
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldtlmpm.dll
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldtjswr.dll
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldtinsr.dll
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldtinsb.dll
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldtins.dll
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldtih.exe
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldthbn3.dll
2008-11-30 18:18:35 ----A---- C:\Windows\system32\dldtgrd.dll
2008-11-30 18:18:34 ----A---- C:\Windows\system32\dldtgf.dll
2008-11-30 18:18:34 ----A---- C:\Windows\system32\dldtcur.dll
2008-11-30 18:18:34 ----A---- C:\Windows\system32\dldtcub.dll
2008-11-30 18:18:34 ----A---- C:\Windows\system32\dldtcu.dll
2008-11-30 18:18:34 ----A---- C:\Windows\system32\dldtcoms.exe
2008-11-30 18:18:34 ----A---- C:\Windows\system32\dldtcomm.dll
2008-11-30 18:18:34 ----A---- C:\Windows\system32\dldtcomc.dll
2008-11-30 18:18:33 ----A---- C:\Windows\system32\dldtcfg.exe
2008-11-30 15:01:25 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-30 14:59:31 ----D---- C:\ProgramData\Adobe
2008-11-30 14:59:23 ----D---- C:\Program Files\Common Files\Adobe
2008-11-30 14:59:23 ----D---- C:\Program Files\Adobe
2008-11-30 14:46:42 ----D---- C:\ProgramData\NOS
2008-11-30 14:46:42 ----D---- C:\Program Files\NOS
2008-11-29 12:08:50 ----D---- C:\Program Files\BitLord
2008-11-27 16:56:03 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Macromedia
2008-11-27 16:56:03 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Adobe
2008-11-27 16:38:49 ----D---- C:\Windows\system32\Macromed
2008-11-26 19:27:45 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2008-11-26 19:27:43 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2008-11-26 19:27:43 ----A---- C:\Windows\system32\WindowsCodecs.dll
2008-11-26 19:27:43 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2008-11-26 19:27:42 ----A---- C:\Windows\system32\connect.dll
2008-11-26 10:19:09 ----D---- C:\Program Files\AVG
2008-11-25 23:24:10 ----D---- C:\ProgramData\App4rTemp
2008-11-25 21:54:59 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Dell Imaging Toolbox
2008-11-25 21:52:24 ----D---- C:\ProgramData\Dl_cats
2008-11-25 21:45:12 ----D---- C:\Program Files\Abbyy FineReader 6.0 Sprint
2008-11-25 20:02:21 ----A---- C:\Windows\system32\msshooks.dll
2008-11-25 20:02:20 ----A---- C:\Windows\system32\msscb.dll
2008-11-25 20:02:19 ----A---- C:\Windows\system32\SearchFilterHost.exe
2008-11-25 20:02:19 ----A---- C:\Windows\system32\mssitlb.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\thawbrkr.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\srchadmin.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\propsys.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\propdefs.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\msstrc.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\mssprxy.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\msshsq.dll
2008-11-25 20:02:18 ----A---- C:\Windows\system32\korwbrkr.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\xmlfilter.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\wsepno.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2008-11-25 20:02:17 ----A---- C:\Windows\system32\rtffilt.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\offfilt.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\nlhtml.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\msscntrs.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\mimefilt.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\chtbrkr.dll
2008-11-25 20:02:17 ----A---- C:\Windows\system32\chsbrkr.dll
2008-11-25 20:02:16 ----A---- C:\Windows\system32\tquery.dll
2008-11-25 20:02:16 ----A---- C:\Windows\system32\SearchIndexer.exe
2008-11-25 20:02:16 ----A---- C:\Windows\system32\mssvp.dll
2008-11-25 20:02:16 ----A---- C:\Windows\system32\mssrch.dll
2008-11-25 20:02:16 ----A---- C:\Windows\system32\mssphtb.dll
2008-11-25 20:02:16 ----A---- C:\Windows\system32\mssph.dll
2008-11-25 18:22:40 ----A---- C:\Windows\system32\EncDec.dll
2008-11-25 18:22:38 ----A---- C:\Windows\system32\psisdecd.dll
2008-11-25 17:46:46 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-11-25 17:46:42 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-11-25 17:46:12 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-11-25 07:27:12 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-11-25 07:26:49 ----D---- C:\Program Files\Windows Live
2008-11-25 07:24:28 ----D---- C:\ProgramData\WLInstaller
2008-11-25 01:28:00 ----D---- C:\Windows\Panther
2008-11-25 01:27:48 ----RAS---- C:\BOOTSECT.BAK
2008-11-25 01:27:25 ----D---- C:\Windows\system32\OEM
2008-11-24 22:23:01 ----A---- C:\Windows\system32\gameux.dll
2008-11-24 22:12:53 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-11-24 22:12:53 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-11-24 22:04:35 ----A---- C:\Windows\system32\winload.exe
2008-11-24 22:04:35 ----A---- C:\Windows\system32\kd1394.dll
2008-11-24 22:04:35 ----A---- C:\Windows\system32\ci.dll
2008-11-24 22:04:34 ----A---- C:\Windows\system32\winresume.exe
2008-11-24 22:04:33 ----A---- C:\Windows\system32\srdelayed.exe
2008-11-24 22:04:33 ----A---- C:\Windows\system32\srcore.dll
2008-11-24 22:04:33 ----A---- C:\Windows\system32\srclient.dll
2008-11-24 22:04:33 ----A---- C:\Windows\system32\setbcdlocale.dll
2008-11-24 22:04:33 ----A---- C:\Windows\system32\rstrui.exe
2008-11-24 22:04:32 ----A---- C:\Windows\system32\kbd106n.dll
2008-11-24 22:01:38 ----A---- C:\Windows\system32\rpcrt4.dll
2008-11-24 22:01:35 ----A---- C:\Windows\system32\pacerprf.dll
2008-11-24 22:01:26 ----A---- C:\Windows\system32\win32spl.dll
2008-11-24 22:00:31 ----A---- C:\Windows\system32\msxml6.dll
2008-11-24 21:59:37 ----A---- C:\Windows\system32\msxml3.dll
2008-11-24 21:59:28 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-11-24 21:59:22 ----A---- C:\Windows\system32\quartz.dll
2008-11-24 21:58:56 ----A---- C:\Windows\system32\wshext.dll
2008-11-24 21:58:56 ----A---- C:\Windows\system32\wscript.exe
2008-11-24 21:58:56 ----A---- C:\Windows\system32\vbscript.dll
2008-11-24 21:58:56 ----A---- C:\Windows\system32\scrrun.dll
2008-11-24 21:58:56 ----A---- C:\Windows\system32\scrobj.dll
2008-11-24 21:58:56 ----A---- C:\Windows\system32\jscript.dll
2008-11-24 21:58:56 ----A---- C:\Windows\system32\cscript.exe
2008-11-24 21:58:50 ----A---- C:\Windows\system32\netapi32.dll
2008-11-24 21:58:49 ----A---- C:\Windows\system32\wersvc.dll
2008-11-24 21:58:49 ----A---- C:\Windows\system32\Faultrep.dll
2008-11-24 21:58:35 ----A---- C:\Windows\system32\wmpeffects.dll
2008-11-24 21:58:25 ----A---- C:\Windows\system32\fsquirt.exe
2008-11-24 21:57:59 ----A---- C:\Windows\system32\es.dll
2008-11-24 21:51:30 ----D---- C:\Program Files\DellTPad
2008-11-24 21:51:08 ----A---- C:\Windows\system32\WdfCoInstaller01005.dll
2008-11-24 21:51:08 ----A---- C:\Windows\system32\Vxdif.dll
2008-11-24 21:07:47 ----A---- C:\Windows\system32\emdmgmt.dll
2008-11-24 21:07:47 ----A---- C:\Windows\system32\dataclen.dll
2008-11-24 21:07:46 ----A---- C:\Windows\system32\cdd.dll
2008-11-24 21:07:25 ----A---- C:\Windows\system32\inetcomm.dll
2008-11-24 21:02:04 ----A---- C:\Windows\ODBC.INI
2008-11-24 21:01:57 ----A---- C:\Windows\system32\mdimon.dll
2008-11-24 20:59:00 ----D---- C:\Windows\PCHEALTH
2008-11-24 20:59:00 ----D---- C:\Program Files\Microsoft Office
2008-11-24 20:32:54 ----A---- C:\Windows\system32\msvcr71.dll
2008-11-24 20:32:54 ----A---- C:\Windows\system32\msvcp71.dll
2008-11-24 20:32:53 ----D---- C:\Program Files\PowerISO
2008-11-24 20:22:10 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Mozilla
2008-11-24 20:13:35 ----D---- C:\Program Files\Mozilla Firefox
2008-11-24 20:04:55 ----A---- C:\Windows\system32\wups2.dll
2008-11-24 20:04:55 ----A---- C:\Windows\system32\wucltux.dll
2008-11-24 20:04:55 ----A---- C:\Windows\system32\wuaueng.dll
2008-11-24 20:04:55 ----A---- C:\Windows\system32\wuauclt.exe
2008-11-24 20:04:42 ----A---- C:\Windows\system32\wups.dll
2008-11-24 20:04:42 ----A---- C:\Windows\system32\wudriver.dll
2008-11-24 20:04:42 ----A---- C:\Windows\system32\wuapi.dll
2008-11-24 20:04:36 ----A---- C:\Windows\system32\wuwebv.dll
2008-11-24 20:04:36 ----A---- C:\Windows\system32\wuapp.exe
2008-11-24 19:39:49 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\CSR
2008-11-24 19:39:49 ----D---- C:\Program Files\CSR
2008-11-24 19:30:21 ----D---- C:\Program Files\Cisco
2008-11-24 19:28:21 ----A---- C:\Windows\system32\BCMLogon.dll
2008-11-24 19:28:18 ----A---- C:\Windows\system32\Uninst_EAPModules.bat
2008-11-24 19:28:17 ----A---- C:\Windows\system32\vcredist_x86.exe
2008-11-24 19:28:17 ----A---- C:\Windows\system32\vcredist_x86.bat
2008-11-24 19:28:16 ----A---- C:\Windows\system32\wltrynt.dll
2008-11-24 19:28:16 ----A---- C:\Windows\system32\bcmwlu00.exe
2008-11-24 19:28:16 ----A---- C:\Windows\system32\bcmwlrmt.dll
2008-11-24 19:28:16 ----A---- C:\Windows\system32\bcmttls.dll
2008-11-24 19:28:15 ----A---- C:\Windows\system32\WLTRYSVC.EXE
2008-11-24 19:28:15 ----A---- C:\Windows\system32\WLTRAY.EXE
2008-11-24 19:28:15 ----A---- C:\Windows\system32\BCMWLTRY.EXE
2008-11-24 19:28:14 ----A---- C:\Windows\system32\bcmwlcoi.dll
2008-11-24 19:28:13 ----A---- C:\Windows\system32\bcmihvui.dll
2008-11-24 19:28:13 ----A---- C:\Windows\system32\bcmihvsrv.dll
2008-11-24 19:27:43 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\InstallShield
2008-11-24 19:24:03 ----D---- C:\Windows\system32\RTCOM
2008-11-24 19:23:34 ----A---- C:\Windows\DIFxAPI.dll
2008-11-24 19:23:33 ----HD---- C:\Program Files\InstallShield Installation Information
2008-11-24 19:23:33 ----D---- C:\Program Files\Realtek
2008-11-24 19:23:33 ----A---- C:\Windows\system32\SRSWOW.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\SRSTSXT.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\RtkPgExt.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\RtkCoInst.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\RtkAPO.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\ppChain.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\DaisyWrp.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\CTAPO32.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\AERTSrv.exe
2008-11-24 19:23:33 ----A---- C:\Windows\system32\AERTCom.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\AERTARen.dll
2008-11-24 19:23:33 ----A---- C:\Windows\system32\AERTACap.dll
2008-11-24 19:23:33 ----A---- C:\Windows\RtlUpd.exe
2008-11-24 19:23:33 ----A---- C:\Windows\RtHDVCpl.exe
2008-11-24 19:23:28 ----A---- C:\Windows\RtlExUpd.dll
2008-11-24 19:23:28 ----A---- C:\Windows\HideWin.exe
2008-11-24 19:23:23 ----D---- C:\Program Files\Common Files\InstallShield
2008-11-24 19:17:37 ----D---- C:\Windows\system32\Lang
2008-11-24 19:17:37 ----A---- C:\Windows\system32\difxapi.dll
2008-11-24 19:17:36 ----A---- C:\Windows\system32\igxpun.exe
2008-11-24 19:17:23 ----D---- C:\Intel
2008-11-24 19:17:20 ----A---- C:\Windows\system32\oemdspif.dll
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igmedcompkrn.dll
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igklg450.dll
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igklg400.dll
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igfxzoom.exe
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igfxtray.exe
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igfxTMM.dll
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igfxsrvc.exe
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igfxsrvc.dll
2008-11-24 19:17:20 ----A---- C:\Windows\system32\igfxCoIn_v1409.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxress.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxpph.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxpers.exe
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxext.exe
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxexps.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxdo.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxdev.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igfxcfg.exe
2008-11-24 19:17:19 ----A---- C:\Windows\system32\igdumd32.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\ig4icd32.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\ig4dev32.dll
2008-11-24 19:17:19 ----A---- C:\Windows\system32\hkcmd.exe
2008-11-24 19:17:19 ----A---- C:\Windows\system32\hccutils.dll
2008-11-24 18:42:23 ----D---- C:\Windows\system32\SDA
2008-11-24 18:42:23 ----D---- C:\Program Files\O2Micro Flash Memory Card Driver
2008-11-24 17:59:40 ----D---- C:\Windows\system32\vmm32
2008-11-24 17:59:39 ----D---- C:\Program Files\Dell
2008-11-24 17:59:03 ----SHD---- C:\Windows\Installer
2008-11-24 17:56:54 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Identities
2008-11-24 17:56:35 ----SD---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Microsoft
2008-11-24 17:56:35 ----D---- C:\Users\Stuart.Stuart-PC\AppData\Roaming\Media Center Programs
2008-11-24 17:49:44 ----D---- C:\Windows\Debug
2008-11-24 17:35:55 ----D---- C:\Windows\SoftwareDistribution
2008-11-24 17:29:04 ----D---- C:\Windows\Prefetch
2008-11-21 21:47:56 ----A---- C:\Windows\system32\DivXsm.exe
2008-11-21 21:47:52 ----A---- C:\Windows\system32\qt-dx331.dll
2008-11-21 21:46:10 ----A---- C:\Windows\system32\ssldivx.dll
2008-11-21 21:46:10 ----A---- C:\Windows\system32\libdivx.dll
2008-11-21 21:45:16 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-11-21 21:45:16 ----A---- C:\Windows\system32\dtu100.dll
2008-11-21 21:45:16 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-11-21 21:45:16 ----A---- C:\Windows\system32\dpl100.dll
2008-11-21 21:45:12 ----A---- C:\Windows\system32\dpv11.dll
2008-11-21 21:45:12 ----A---- C:\Windows\system32\dpus11.dll
2008-11-21 21:45:12 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-11-21 21:45:12 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-11-21 21:45:12 ----A---- C:\Windows\system32\dpu11.dll
2008-11-21 21:45:12 ----A---- C:\Windows\system32\dpu10.dll
2008-11-21 21:45:08 ----A---- C:\Windows\system32\divx_xx11.dll
2008-11-21 21:45:08 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-11-21 21:45:08 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-11-21 21:45:08 ----A---- C:\Windows\system32\divx_xx07.dll
2008-11-21 21:45:06 ----A---- C:\Windows\system32\DivX.dll
2008-11-21 21:44:38 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-11-21 21:44:16 ----A---- C:\Windows\system32\DivXWMPExtType.dll
2008-11-20 16:16:39 ----D---- C:\ComboFix

======List of files/folders modified in the last 1 months======

2008-12-17 18:44:51 ----D---- C:\Windows\Temp
2008-12-17 18:44:38 ----RD---- C:\Program Files
2008-12-16 18:02:48 ----SD---- C:\Windows\Downloaded Program Files
2008-12-15 21:46:20 ----D---- C:\Program Files\Common Files
2008-12-15 21:46:12 ----D---- C:\Windows\System32
2008-12-15 19:56:04 ----SHD---- C:\System Volume Information
2008-12-15 17:45:02 ----HD---- C:\ProgramData
2008-12-15 17:00:46 ----D---- C:\Windows\system32\drivers
2008-12-14 22:21:57 ----RSD---- C:\Windows\assembly
2008-12-14 21:41:11 ----D---- C:\Windows\inf
2008-12-14 21:41:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-12-14 21:18:18 ----D---- C:\Windows
2008-12-14 21:03:42 ----D---- C:\Windows\system32\WDI
2008-12-14 20:51:19 ----D---- C:\Windows\system32\catroot
2008-12-14 18:35:42 ----D---- C:\Windows\winsxs
2008-12-14 18:34:21 ----D---- C:\Program Files\Common Files\microsoft shared
2008-12-14 18:34:19 ----RSD---- C:\Windows\Fonts
2008-12-14 18:27:43 ----D---- C:\Windows\ShellNew
2008-12-14 18:27:36 ----A---- C:\Windows\win.ini
2008-12-14 18:27:23 ----D---- C:\Program Files\Common Files\System
2008-12-14 18:19:34 ----D---- C:\Program Files\MSBuild
2008-12-14 18:17:41 ----SD---- C:\ProgramData\Microsoft
2008-12-14 10:24:38 ----D---- C:\Windows\rescache
2008-12-11 19:01:27 ----D---- C:\Windows\system32\Tasks
2008-12-11 17:49:30 ----D---- C:\Windows\system32\catroot2
2008-12-11 17:47:27 ----D---- C:\Program Files\Windows Mail
2008-12-11 17:47:26 ----D---- C:\Windows\system32\en-US
2008-12-11 17:47:26 ----D---- C:\Windows\AppPatch
2008-12-11 17:42:30 ----D---- C:\Windows\system32\NDF
2008-12-09 15:24:38 ----A---- C:\Windows\system32\mrt.exe
2008-12-07 15:19:20 ----RD---- C:\Users
2008-12-01 20:39:49 ----D---- C:\Program Files\Internet Explorer
2008-11-29 16:30:42 ----D---- C:\Program Files\Windows Sidebar
2008-11-29 16:30:42 ----D---- C:\Program Files\Windows Media Player
2008-11-27 16:51:58 ----D---- C:\Windows\system32\LogFiles
2008-11-26 10:05:44 ----D---- C:\Windows\system
2008-11-25 22:49:31 ----D---- C:\Windows\Microsoft.NET
2008-11-25 21:46:38 ----D---- C:\Windows\twain_32
2008-11-25 21:38:37 ----D---- C:\Windows\ehome
2008-11-25 21:38:36 ----D---- C:\Windows\PolicyDefinitions
2008-11-25 07:13:42 ----D---- C:\Windows\system32\Boot
2008-11-25 07:13:27 ----D---- C:\Windows\system32\migration
2008-11-25 01:27:46 ----SHD---- C:\Boot
2008-11-24 20:17:06 ----D---- C:\Windows\Logs
2008-11-24 19:28:20 ----D---- C:\Windows\Help
2008-11-24 18:41:58 ----D---- C:\DELL
2008-11-24 17:59:11 ----D---- C:\Windows\system32\restore
2008-11-24 17:57:11 ----SHD---- C:\$Recycle.Bin

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2008-12-14 98440]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2008-12-14 26824]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2008-12-14 90632]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2008-01-20 33292]
R2 tmcomm;tmcomm; \??\C:\Windows\system32\drivers\tmcomm.sys [2007-12-24 138384]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows 2000/XP/Vista; C:\Windows\system32\DRIVERS\Apfiltr.sys [2007-12-14 155136]
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-12-06 1044984]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
R3 BTHFILT;Bluetooth Command Filter; C:\Windows\system32\DRIVERS\BthFilt.sys [2006-11-06 13824]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-04 2016256]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-02-04 2054872]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2008-02-14 48472]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2008-02-14 43480]
R3 OEM13Vfx;Creative Camera OEM013 Video VFX Driver; C:\Windows\system32\DRIVERS\OEM13Vfx.sys [2007-03-05 7424]
R3 OEM13Vid;Creative Camera OEM013 Driver; C:\Windows\system32\DRIVERS\OEM13Vid.sys [2008-05-28 235840]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-02-14 106496]
R3 TcUsb;TC USB Kernel Driver; C:\Windows\System32\Drivers\tcusb.sys [2008-10-09 50704]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-21 11264]
S1 OMCI;OMCI; \??\C:\Windows\SYSTEM32\DRIVERS\OMCI.SYS []
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-12-06 1044984]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 CSRBC;CSRBC.Sys CSR test driver; C:\Windows\System32\Drivers\csrbcxp.sys [2007-01-16 31744]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AERTFilters;Andrea RT Filters Service; C:\Windows\system32\AERTSrv.exe [2008-02-04 77824]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2008-12-14 874776]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-14 231704]
R2 BthFilterHelper;Bluetooth Feature Support; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [2006-11-07 127488]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 o2flash;O2Micro Flash Memory Card Service; C:\Program Files\O2Micro Flash Memory Card Driver\o2flash.exe [2008-02-14 65536]
R2 szserver;STOPzilla Service; C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe [2008-10-23 57344]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-12-08 24064]
R3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 dldt_device;dldt_device; C:\Windows\system32\dldtcoms.exe [2008-02-25 595184]
S4 dldtCATSCustConnectService;dldtCATSCustConnectService; C:\Windows\system32\spool\DRIVERS\W32X86\3\\dldtserv.exe [2008-02-25 99568]

-----------------EOF-----------------


here is my info.txt :

info.txt logfile of random's system information tool 1.05 2008-12-17 18:44:55

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
ABBYY FineReader 6.0 Sprint-->MsiExec.exe /X{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Any Video Converter 2.6.7-->"C:\Program Files\Any Video Converter\unins000.exe"
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Cisco EAP-FAST Module-->MsiExec.exe /I{BF53252E-4AB2-4C7F-A0FD-6100755745E3}
Cisco LEAP Module-->MsiExec.exe /I{76F9CF97-FC4B-4E20-B363-D127C888448F}
Cisco PEAP Module-->MsiExec.exe /I{4E5386F5-C0F6-4532-A54A-374865AEAB71}
Dell Resource CD-->MsiExec.exe /X{42929F0F-CE14-47AF-9FC7-FF297A603021}
Dell Touchpad-->C:\Program Files\DellTPad\Uninstap.exe ADDREMOVE
Dell V305-->C:\Program Files\Dell V305\Install\x86\Uninst.exe
Dell Wireless WLAN Card-->"C:\Program Files\Dell\Dell Wireless WLAN Card\bcmwlu00.exe" verbose /rootkey="Software\Broadcom\802.11\UninstallInfo" /rootdir="C:\Program Files\Dell\Dell Wireless WLAN Card"
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HouseCall 6.6-->"C:\Users\Stuart.Stuart-PC\AppData\Roaming\HouseCall 6.6\uninstaller.exe"
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
J2SE Development Kit 5.0 Update 17-->MsiExec.exe /I{32A3A4F4-B792-11D6-A78A-00B0D0150170}
J2SE Runtime Environment 5.0 Update 17-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150170}
Java™ 6 Update 11-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Laptop Integrated Webcam Driver (1.01.01.0529) -->C:\Windows\CtDrvIns.exe -uninstall -script OEM013.uns -plugin OEM13Pin.dll -pluginres OEM13Pin.crl -nodisconprompt -langid 0x0809
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.4)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
Mozilla Thunderbird (2.0.0.18)-->C:\Program Files\Mozilla Thunderbird\uninstall\helper.exe
O2Micro Flash Memory Card Reader Driver (x86)-->MsiExec.exe /X{372B31CF-77FB-4E29-860C-A0EA2985AB7F}
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
QuickTime-->MsiExec.exe /I{8DC42D05-680B-41B0-8878-6C14D24602DB}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -l0x9 -removeonly
Security Update for 2007 Microsoft Office System (KB951550)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B243E9A5-ED77-4F1B-B338-2486FD82DC85}
Security Update for 2007 Microsoft Office System (KB951944)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {797AE457-BA17-4BBC-B501-25FB3A0103C7}
Security Update for 2007 Microsoft Office System (KB958439)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6491B8AA-D11C-4648-A461-6234B31EB7E2}
Security Update for Microsoft Office Excel 2007 (KB958437)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {648FC016-2D6B-4A16-8D87-404533642F4B}
Security Update for Microsoft Office OneNote 2007 (KB950130)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F1B2401C-B610-4BF2-AA1C-52C55827A8F4}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB954326)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5F7F6FFF-395D-480E-8450-64F385D82C5F}
Security Update for Microsoft Office system 2007 (KB956828)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {885E081B-72BD-4E76-8E98-30B4BE468FAC}
Security Update for Microsoft Office Word 2007 (KB956358)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {4551666D-0FD6-4C69-8A81-1C6F2E64517C}
Security Update for Outlook 2007 (KB946983)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {66B9496E-C0C3-4065-9868-85CCA92126C3}
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
STOPzilla-->MsiExec.exe /X{4231B6F3-DB31-499F-9B58-4241CD0E0B1B}
Update for Microsoft Office 2007 Help for Common Features (KB957244)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {C8C72583-C907-4D20-8973-C3858D96BD9E}
Update for Microsoft Office InfoPath 2007 Help (KB957243)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {766DF26B-5F03-48ED-9307-5326F2790ED0}
Update for Microsoft Office OneNote 2007 Help (KB957245)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {7332DE60-DC79-4578-A60A-A5EA0D6E032B}
Update for Microsoft Office Publisher 2007 Help (KB957249)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {4E140A5A-4A90-404A-B955-10C2D98CD3EE}
Update for Microsoft Script Editor Help (KB957253)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {F21BF703-548C-47B2-B92A-6876E9566C42}
Update for Office 2007 (KB934391)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {B3091818-7C56-4C45-BE7D-CA23027A5EA5}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb958619)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {79B301C1-DBC0-467C-AFDA-2A6CDAFA4302}
VDownloader 0.75-->"C:\Program Files\VDOWNLOADER\unins000.exe"
Vista Profile Pack-->MsiExec.exe /X{D31FB582-86AE-4A05-BFC1-5C5CA944E234}
Vuze-->C:\Program Files\Vuze\uninstall.exe
Windows Live installer-->MsiExec.exe /X{A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320}
Windows Live Messenger-->MsiExec.exe /X{508CE775-4BA4-4748-82DF-FE28DA9F03B0}

======Security center information======

AV: AVG Anti-Virus
AS: AVG Anti-Virus (disabled)
AS: Windows Defender

System event log

Computer Name: Stuart-PC
Event Code: 7036
Message: The Windows Update service entered the running state.
Record Number: 16155
Source Name: Service Control Manager
Time Written: 20081217182102.000000-000
Event Type: Information
User:

Computer Name: Stuart-PC
Event Code: 10029
Message: DCOM started the service TrustedInstaller with arguments "" in order to run the server:
{752073A1-23F2-4396-85F0-8FDB879ED0ED}
Record Number: 16156
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20081217182200.000000-000
Event Type: Information
User:

Computer Name: Stuart-PC
Event Code: 7036
Message: The Windows Modules Installer service entered the running state.
Record Number: 16157
Source Name: Service Control Manager
Time Written: 20081217182201.000000-000
Event Type: Information
User:

Computer Name: Stuart-PC
Event Code: 7036
Message: The Windows Modules Installer service entered the stopped state.
Record Number: 16158
Source Name: Service Control Manager
Time Written: 20081217183201.000000-000
Event Type: Information
User:

Computer Name: Stuart-PC
Event Code: 7036
Message: The WinHTTP Web Proxy Auto-Discovery Service service entered the stopped state.
Record Number: 16159
Source Name: Service Control Manager
Time Written: 20081217183811.000000-000
Event Type: Information
User:

Application event log

Computer Name: Stuart-PC
Event Code: 3013
Message: The entry <C:\USERS\STUART.STUART-PC\APPDATA\ROAMING\AZUREUS\ACTIVE\83A745A7BDA6CD7CB8C69B7491D3936313EE9DB4.DAT.BAK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Record Number: 2587
Source Name: Microsoft-Windows-Search
Time Written: 20081217182018.000000-000
Event Type: Error
User:

Computer Name: Stuart-PC
Event Code: 3013
Message: The entry <C:\USERS\STUART.STUART-PC\APPDATA\ROAMING\AZUREUS\ACTIVE\FF300D604361ECAA4CEA59A40451D08A35086EB8.DAT.BAK> in the hash map cannot be updated.

Context: Application, SystemIndex Catalog

Details:
A device attached to the system is not functioning. (0x8007001f)

Record Number: 2588
Source Name: Microsoft-Windows-Search
Time Written: 20081217182018.000000-000
Event Type: Error
User:

Computer Name: Stuart-PC
Event Code: 1
Message: The Windows Security Center Service has started.
Record Number: 2589
Source Name: SecurityCenter
Time Written: 20081217182045.000000-000
Event Type: Information
User:

Computer Name: Stuart-PC
Event Code: 103
Message: msnmsgr (744) \\.\C:\Users\Stuart.Stuart-PC\AppData\Local\Microsoft\Messenger\stuartmees@gmail.com\SharingMetadata\Working\database_8C74_2E34_742E_2206\dfsr.db: The database engine stopped the instance (0).
Record Number: 2590
Source Name: ESENT
Time Written: 20081217182053.000000-000
Event Type: Information
User:

Computer Name: Stuart-PC
Event Code: 102
Message: msnmsgr (744) \\.\C:\Users\Stuart.Stuart-PC\AppData\Local\Microsoft\Messenger\stuartmees@gmail.com\SharingMetadata\Working\database_8C74_2E34_742E_2206\dfsr.db: The database engine (6.00.6001.0000) started a new instance (0).
Record Number: 2591
Source Name: ESENT
Time Written: 20081217182114.000000-000
Event Type: Information
User:

Security event log

Computer Name: Stuart-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 3971
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081217184450.429799-000
Event Type: Audit Failure
User:

Computer Name: Stuart-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 3972
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081217184450.449799-000
Event Type: Audit Failure
User:

Computer Name: Stuart-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 3973
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081217184450.470799-000
Event Type: Audit Failure
User:

Computer Name: Stuart-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 3974
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081217184450.492799-000
Event Type: Audit Failure
User:

Computer Name: Stuart-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys
Record Number: 3975
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081217184450.511799-000
Event Type: Audit Failure
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip

-----------------EOF-----------------



any help please!! thanks.

Stu

#4 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:01 AM

Posted 18 December 2008 - 08:17 AM

Hi please request that this thread be closed here > http://help.antiviruses123.com/Topic.aspx?...&TopicID=49
Getting help on two forums at once will help my work be harder because you will get a set of different possibly conflicting instructions.
=========
AFter that please do the following:

Please submit the following file to one of these online file scanners.
(All you have to do is copy and paste it in)

C:\Windows\system32\dldtgrd.dll
Jotti File Scan
VirusTotal File Scan
This will produce a report after the scan is complete, please copy and paste those results in your next post.
Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image

#5 stuartmees

stuartmees
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:01 PM

Posted 24 January 2009 - 07:09 AM

hi have tried to get that other thread shut down.

here are my reults

Scan taken on 24 Jan 2009 11:57:47 (GMT)

A-Squared
Found nothing

AntiVir
Found nothing

ArcaVir
Found nothing

Avast
Found nothing

AVG Antivirus
Found nothing

BitDefender
Found nothing

ClamAV
Found nothing

CPsecure
Found nothing

Dr.Web
Found nothing

F-Prot Antivirus
Found nothing

F-Secure Anti-Virus
Found nothing

G DATA
Found nothing

Ikarus
Found nothing

Kaspersky Anti-Virus
Found nothing

NOD32
Found nothing

Norman Virus Control
Found nothing

Panda Antivirus
Found nothing

Sophos Antivirus
Found nothing

VirusBuster
Found nothing

VBA32
Found nothing




File dldtgrd.dll received on 01.24.2009 12:59:53 (CET)
Current status: Loading ... queued waiting scanning finished NOT FOUND STOPPED
Result: 0/39 (0%)
Loading server information...
Your file is queued in position: 1.
Estimated start time is between 38 and 54 seconds.
Do not close the window until scan is complete.
The scanner that was processing your file is stopped at this moment, we are going to wait a few seconds to try to recover your result.
If you are waiting for more than five minutes you have to resend your file.
Your file is being scanned by VirusTotal in this moment,
results will be shown as they're generated.
Compact Compact
Print results Print results
Your file has expired or does not exists.
Service is stopped in this moments, your file is waiting to be scanned (position: ) for an undefined time.

You can wait for web response (automatic reload) or type your email in the form below and click "request" so the system sends you a notification when the scan is finished.
Email:

Antivirus Version Last Update Result
a-squared 4.0.0.73 2009.01.24 -
AhnLab-V3 5.0.0.2 2009.01.24 -
AntiVir 7.9.0.60 2009.01.23 -
Authentium 5.1.0.4 2009.01.24 -
Avast 4.8.1281.0 2009.01.23 -
AVG 8.0.0.229 2009.01.23 -
BitDefender 7.2 2009.01.24 -
CAT-QuickHeal 10.00 2009.01.24 -
ClamAV 0.94.1 2009.01.24 -
Comodo 944 2009.01.24 -
DrWeb 4.44.0.09170 2009.01.24 -
eSafe 7.0.17.0 2009.01.22 -
eTrust-Vet 31.6.6325 2009.01.24 -
F-Prot 4.4.4.56 2009.01.23 -
F-Secure 8.0.14470.0 2009.01.24 -
Fortinet 3.117.0.0 2009.01.24 -
GData 19 2009.01.24 -
Ikarus T3.1.1.45.0 2009.01.24 -
K7AntiVirus 7.10.602 2009.01.23 -
Kaspersky 7.0.0.125 2009.01.24 -
McAfee 5504 2009.01.23 -
McAfee+Artemis 5504 2009.01.23 -
Microsoft 1.4205 2009.01.24 -
NOD32 3795 2009.01.23 -
Norman 5.93.01 2009.01.23 -
nProtect 2009.1.8.0 2009.01.23 -
Panda 9.5.1.2 2009.01.24 -
PCTools 4.4.2.0 2009.01.24 -
Prevx1 V2 2009.01.24 -
Rising 21.13.42.00 2009.01.23 -
SecureWeb-Gateway 6.7.6 2009.01.24 -
Sophos 4.37.0 2009.01.24 -
Sunbelt 3.2.1835.2 2009.01.16 -
Symantec 10 2009.01.24 -
TheHacker 6.3.1.5.227 2009.01.24 -
TrendMicro 8.700.0.1004 2009.01.24 -
VBA32 3.12.8.11 2009.01.23 -
ViRobot 2009.1.23.1576 2009.01.23 -
VirusBuster 4.5.11.0 2009.01.23 -
Additional information
File size: 208896 bytes
MD5...: aeea992d9e91638251ef3c65c687b0e6
SHA1..: fa11331da8a186370b7ac2ae07978b93ecacb187
SHA256: f866b96da4dd59d97e7e9a6a97173aa2ff6d4f4bc59066bab401608f2e470d3f
SHA512: 30a99ac491084823cacded5b0506dd481f1d9b35eb585fa0143f7460225705ff
888a6d3965af076d2fe8c36133d5b6b8847b5ddfc0b5bbf1aff73614a3c893d5
ssdeep: 3072:yysyACNOsoe0VQBKvZVxBoNPaG4WXSGMJdMn/Kz8eeGIy3oMe:yKN52DvTx
Tzju2Rk1
PEiD..: Armadillo v1.xx - v2.xx
TrID..: File type identification
Win32 Executable MS Visual C++ (generic) (53.1%)
Windows Screen Saver (18.4%)
Win32 Executable Generic (12.0%)
Win32 Dynamic Link Library (generic) (10.6%)
Generic Win/DOS Executable (2.8%)
PEInfo: PE Structure information

( base data )
entrypointaddress.: 0x10009bf8
timedatestamp.....: 0x47a19623 (Thu Jan 31 09:34:27 2008)
machinetype.......: 0x14c (I386)

( 5 sections )
name viradd virsiz rawdsiz ntrpy md5
.text 0x1000 0x1e481 0x1f000 6.42 e982729818e5de9442fa16d5eb6ea671
.rdata 0x20000 0x5e49 0x6000 4.84 ccd32cfa15f2d6586667b469c350528f
.data 0x26000 0x8444 0x5000 2.49 ec63a6ce2f129b62637a47bfbde5cde0
.rsrc 0x2f000 0x2d20 0x3000 3.77 df496e488ee61f028e7106440dde1864
.reloc 0x32000 0x417c 0x5000 3.77 240eee28f213052c4fe2e7fd646c416f

( 7 imports )
> KERNEL32.dll: RtlUnwind, GetCommandLineA, ExitProcess, TerminateProcess, HeapFree, HeapAlloc, RaiseException, GetTimeZoneInformation, SetStdHandle, GetFileType, HeapSize, HeapReAlloc, SetHandleCount, GetStdHandle, GetStartupInfoA, GetModuleFileNameA, FreeEnvironmentStringsA, FreeEnvironmentStringsW, GetEnvironmentStrings, GetEnvironmentStringsW, GetEnvironmentVariableA, HeapDestroy, HeapCreate, VirtualFree, VirtualAlloc, IsBadWritePtr, SetUnhandledExceptionFilter, LCMapStringA, LCMapStringW, IsBadReadPtr, IsBadCodePtr, GetCPInfo, GetOEMCP, GetStringTypeA, GetStringTypeW, CompareStringA, CompareStringW, SetEnvironmentVariableA, GetFileTime, GetFileSize, GetFileAttributesW, GetFullPathNameW, GetVolumeInformationW, FindFirstFileW, FindClose, SetEndOfFile, UnlockFile, LockFile, FlushFileBuffers, SetFilePointer, WriteFile, ReadFile, CreateFileW, GetCurrentProcess, DuplicateHandle, GetProcessVersion, WritePrivateProfileStringW, GlobalFlags, lstrcmpiW, SetErrorMode, TlsGetValue, LocalReAlloc, TlsSetValue, EnterCriticalSection, GlobalReAlloc, LeaveCriticalSection, TlsFree, GlobalHandle, DeleteCriticalSection, TlsAlloc, InitializeCriticalSection, LocalAlloc, MulDiv, FileTimeToLocalFileTime, FileTimeToSystemTime, lstrcpynW, SetLastError, GlobalUnlock, GlobalFree, LocalFree, InterlockedDecrement, InterlockedIncrement, GetModuleHandleA, LoadLibraryA, lstrlenA, MultiByteToWideChar, GetVersion, lstrcatW, GlobalAddAtomW, GlobalFindAtomW, lstrcpyW, CloseHandle, GlobalLock, lstrcmpW, GlobalAlloc, GlobalDeleteAtom, lstrlenW, WideCharToMultiByte, GetCurrentThread, GetCurrentThreadId, GetLocalTime, GetProcAddress, GetACP, GetModuleHandleW, LoadLibraryW, GetLastError, FindResourceW, LoadResource, LockResource, FreeLibrary, GetVersionExW, GetModuleFileNameW, GetVersionExA
> USER32.dll: IsDialogMessageW, SetWindowTextW, ShowWindow, CreateDialogIndirectParamW, EndDialog, ClientToScreen, TabbedTextOutW, DrawTextW, GrayStringW, UnregisterClassW, GetClassNameW, PtInRect, LoadCursorW, GetSysColorBrush, LoadStringW, DestroyMenu, CharUpperW, SendDlgItemMessageA, MapWindowPoints, GetSysColor, SetActiveWindow, IsWindow, SetFocus, AdjustWindowRectEx, GetTopWindow, GetCapture, WinHelpW, wsprintfW, GetClassInfoW, LoadIconW, GetMenu, GetMenuItemCount, GetSubMenu, GetMenuItemID, GetDlgItem, GetWindowTextLengthW, GetWindowTextW, GetDlgCtrlID, DefWindowProcW, DestroyWindow, CreateWindowExW, SetPropW, UnhookWindowsHookEx, GetPropW, CallWindowProcW, RemovePropW, GetMessageTime, GetMessagePos, GetForegroundWindow, SetForegroundWindow, SetWindowLongW, SetWindowPos, RegisterWindowMessageW, SystemParametersInfoW, IsIconic, GetWindowPlacement, GetWindowRect, GetSystemMetrics, CopyRect, GetClientRect, GetMenuCheckMarkDimensions, LoadBitmapW, GetMenuState, ModifyMenuW, SetMenuItemBitmaps, CheckMenuItem, EnableMenuItem, GetFocus, GetNextDlgTabItem, GetMessageW, TranslateMessage, DispatchMessageW, GetActiveWindow, GetKeyState, CallNextHookEx, SendMessageW, EnableWindow, ReleaseDC, GetDC, PostQuitMessage, PostMessageW, ValidateRect, IsWindowVisible, PeekMessageW, GetCursorPos, SetWindowsHookExW, GetParent, GetLastActivePopup, IsWindowEnabled, GetWindowLongW, UpdateWindow, RegisterClassW, SendDlgItemMessageW, MessageBoxW, SetCursor, GetWindow
> GDI32.dll: SetMapMode, SetViewportOrgEx, OffsetViewportOrgEx, SetViewportExtEx, ScaleViewportExtEx, SetWindowExtEx, ScaleWindowExtEx, PtVisible, RectVisible, TextOutW, ExtTextOutW, Escape, GetStockObject, SelectObject, RestoreDC, SaveDC, DeleteDC, GetObjectW, SetBkColor, SetTextColor, GetClipBox, CreateBitmap, GetDeviceCaps, DeleteObject, CreateFontIndirectW
> comdlg32.dll: GetFileTitleW
> WINSPOOL.DRV: DocumentPropertiesW, ClosePrinter, OpenPrinterW
> ADVAPI32.dll: RegCloseKey, RegOpenKeyExW, RegCreateKeyExW, RegSetValueExW, RegQueryValueExW
> COMCTL32.dll: ImageList_Destroy, -

( 8 exports )
__0CGrdInterface@@QAE@ABV0@@Z, __0CGrdInterface@@QAE@XZ, __1CGrdInterface@@UAE@XZ, __4CGrdInterface@@QAEAAV0@ABV0@@Z, ___7CGrdInterface@@6B@, _ValidateString@CGrdInterface@@UAEHPAG00PAJH@Z, CreateCGrdDlgInstance, DestroyCGrdDlgInstance






ALSO these two services made by an unknown manufacturer keep turning up "dldCATSCustConnectService" and "dldt_device" even though I i have turned them off a few times??? whats that about?

cheers

#6 kahdah

kahdah

  • Security Colleague
  • 11,138 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:01 AM

Posted 24 January 2009 - 08:10 AM

Those services you are referring to are related to dell so are the ones they tried to have you remove on the other site.
Nothing has shown to be malicious in your logs but for a final cheack pleas edo the following:
===========================================
Please download ATF Cleaner by Atribune.Double-click ATF-Cleaner.exe to run the program.
Under Main choose: Select All
Click the Empty Selected button.
If you use Firefox browserClick Firefox at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
If you use Opera browserClick Opera at the top and choose: Select All
Click the Empty Selected button.
NOTE: If you would like to keep your saved passwords, please click No at the prompt.
Click Exit on the Main menu to close the program.
For Technical Support, double-click the e-mail address located at the bottom of each menu.
==============================================
Please do a scan with Kaspersky Online Scanner

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

Click on the Accept button and install any components it needs.
  • The program will install and then begin downloading the latest definition files.
  • After the files have been downloaded on the left side of the page in the Scan section select My Computer
  • This will start the program and scan your system.
  • The scan will take a while, so be patient and let it run.
  • Once the scan is complete, click on View scan report
  • Now, click on the Save Report as button.
  • Save the file to your desktop.
  • Copy and paste that information in your next post.

Please do not pm for help, post it in the forums instead.

If I am helping you and have not responded for 48 hours please send me a pm as I don't always get notifications.

My help is always free, however, if you would like to make a donation to me for the help I have provided please click here Posted Image




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users