Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

resycled\boot.com


  • This topic is locked This topic is locked
2 replies to this topic

#1 GizmoBradwell

GizmoBradwell

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:04:55 AM

Posted 20 December 2008 - 01:50 PM

Hiya,

First I ran malwarebytes and removed all infected files. Then despite finding and deleting resycled and boot.com from the regedit and immediatly rebooting i still get the "resycled\boot.com is not a valid Win32 application" error when opening a drive.

I've looked for hidden folders on all drive roots called resycled and files called autorun.inf but they don't exist.

EDIT:
I Should also mention that when i delete the S-1-5-21-3709703449-1919969837-3744853379-1143/SoftwareMicrosoft/Windows/CurrentVersion/Explorer/mousepoints2 folder, all is normal again i can open drived, but the mousepoints2 folder appears again when i do this, but without any values inside this time, that is until i reboot, then the problem is back again. mousepoints2 and all its malicious values are back.

Can't shift it please help guys :thumbsup:


Logfile of random's system information tool 1.05 (written by random/random)
Run by cbt_trumpton at 2008-12-20 18:38:35
Microsoft Windows XP Professional Service Pack 3
System drive C: has 77 GB (76%) free of 101 GB
Total RAM: 2047 MB (71% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:42, on 12/20/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\spm\spmd.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\WINDOWS\system32\PnkBstrB.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\cbt_trumpton\Local Settings\Temporary Internet Files\Content.IE5\XMRFBP4J\RSIT[1].exe
C:\Documents and Settings\cbt_trumpton\Desktop\cbt_trumpton.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1190134034609
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = PG.local
O17 - HKLM\Software\..\Telephony: DomainName = PG.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{1D102416-D90C-4B7C-AC71-1F58D06782D0}: Domain = PG.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = PG.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = PG.local
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: getPlusŪ Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: SPM License Server (spmd) - mental images GmbH - C:\WINDOWS\system32\spm\spmd.exe

--
End of file - 6639 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\MP Scheduled Scan.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-11 455960]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2006-10-22 7700480]
"nwiz"=nwiz.exe /install []
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2006-11-03 866584]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2006-10-22 86016]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2008-12-11 1261336]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2008-11-17 17676288]
"Alcmtr"=C:\WINDOWS\ALCMTR.EXE [2008-06-19 57344]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-11-04 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-11-20 290088]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-09-13 139264]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
InterVideo WinCinema Manager.lnk - C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe

C:\Documents and Settings\cbt_trumpton\Start Menu\Programs\Startup
Adobe Gamma.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{091EB208-39DD-417D-A5DD-7E2C2D8FB9CB}"=C:\PROGRA~1\WIFD1F~1\MpShHook.dll [2006-11-03 83224]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WinDefend]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"DisableCAD"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoFolderOptions"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoWelcomeScreen"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Grisoft\AVG7\avginet.exe"="C:\Program Files\Grisoft\AVG7\avginet.exe:*:Enabled:avginet.exe"
"C:\Program Files\Grisoft\AVG7\avgamsvr.exe"="C:\Program Files\Grisoft\AVG7\avgamsvr.exe:*:Enabled:avgamsvr.exe"
"C:\Program Files\Grisoft\AVG7\avgcc.exe"="C:\Program Files\Grisoft\AVG7\avgcc.exe:*:Enabled:avgcc.exe"
"C:\Program Files\Grisoft\AVG7\avgemc.exe"="C:\Program Files\Grisoft\AVG7\avgemc.exe:*:Enabled:avgemc.exe"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgnsx.exe"="C:\Program Files\AVG\AVG8\avgnsx.exe:*:Enabled:avgnsx.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Softimage\XSI_6.02\Application\bin\XSI.exe"="C:\Softimage\XSI_6.02\Application\bin\XSI.exe:*:Enabled:XSI"
"C:\Program Files\Battlefield 2\BF2.exe"="C:\Program Files\Battlefield 2\BF2.exe:*:Enabled:Battlefield 2"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{4f695364-c7a8-11dd-8de8-806d6172696f}]
shell\AutoRun\command - C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com d:
shell\Open\command - D:\resycled\boot.com d:


======List of files/folders created in the last 1 months======

2008-12-20 18:38:35 ----D---- C:\rsit
2008-12-19 12:25:08 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-19 12:22:47 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Ahead
2008-12-19 12:21:43 ----D---- C:\Program Files\Nero
2008-12-19 12:21:43 ----D---- C:\Program Files\Common Files\Ahead
2008-12-17 14:39:39 ----D---- C:\system
2008-12-17 13:47:55 ----D---- C:\spm
2008-12-17 13:45:49 ----D---- C:\Softimage
2008-12-17 12:09:33 ----D---- C:\Program Files\Battlefield 2
2008-12-17 11:51:26 ----D---- C:\WINDOWS\system32\spm
2008-12-17 11:02:12 ----N---- C:\WINDOWS\system32\XSIChooser.exe
2008-12-17 09:05:15 ----D---- C:\Program Files\MSXML 4.0
2008-12-16 13:40:51 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Opera
2008-12-16 10:47:57 ----D---- C:\users
2008-12-16 09:38:12 ----D---- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
2008-12-16 09:38:12 ----A---- C:\WINDOWS\system32\sysprs7.dll
2008-12-16 09:38:12 ----A---- C:\WINDOWS\system32\ssprs.dll
2008-12-16 09:38:12 ----A---- C:\WINDOWS\system32\lsprst7.dll
2008-12-16 09:38:12 ----A---- C:\WINDOWS\system32\clauth2.dll
2008-12-16 09:38:12 ----A---- C:\WINDOWS\system32\clauth1.dll
2008-12-15 16:44:33 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\DivX
2008-12-15 16:28:24 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-12-15 16:28:20 ----D---- C:\Program Files\Fraps
2008-12-15 16:05:28 ----A---- C:\WINDOWS\system32\msxml4r.dll
2008-12-15 13:13:31 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-12-15 13:13:24 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-12-15 11:47:14 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Any Video Converter
2008-12-15 11:47:10 ----D---- C:\Program Files\Any Video Converter
2008-12-15 10:52:42 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-12-15 10:50:06 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2008-12-15 10:50:03 ----D---- C:\Program Files\NOS
2008-12-15 10:44:22 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\AdobeUM
2008-12-15 10:33:14 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\InstallShield
2008-12-15 10:32:00 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Apple Computer
2008-12-15 10:31:49 ----A---- C:\WINDOWS\system32\GEARAspi.dll
2008-12-15 10:31:35 ----D---- C:\Program Files\iPod
2008-12-15 10:31:33 ----D---- C:\Program Files\iTunes
2008-12-15 10:31:33 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-15 10:31:19 ----D---- C:\Program Files\Bonjour
2008-12-15 10:30:44 ----D---- C:\Program Files\QuickTime
2008-12-15 10:30:43 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-12-15 10:30:28 ----D---- C:\Program Files\Apple Software Update
2008-12-15 10:30:22 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-15 10:30:00 ----D---- C:\Program Files\Common Files\Apple
2008-12-15 10:30:00 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-12-15 10:29:39 ----D---- C:\WINDOWS\system32\appmgmt
2008-12-15 10:19:08 ----D---- C:\Program Files\Common Files\Softimage
2008-12-15 09:07:25 ----A---- C:\WINDOWS\system32\psisdecd.dll
2008-12-15 09:07:21 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2008-12-12 16:05:25 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Malwarebytes
2008-12-12 16:05:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-12 16:05:15 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-12 14:42:30 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Macromedia
2008-12-12 14:36:09 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Adobe
2008-12-12 13:59:40 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-12-12 13:44:10 ----D---- C:\WINDOWS\Prefetch
2008-12-12 13:38:19 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-12-12 13:38:11 ----HDC---- C:\WINDOWS\$NtUninstallKB958215$
2008-12-12 13:38:04 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$
2008-12-12 13:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-12-12 13:37:50 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-12-12 13:37:42 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-12-12 13:37:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2008-12-12 13:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2008-12-12 13:37:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-12 13:37:13 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-12-12 13:37:05 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-12-12 13:36:59 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-12-12 13:36:52 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-12-12 13:36:45 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-12-12 13:36:37 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-12-12 13:36:31 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-12-12 13:36:24 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-12-12 13:36:17 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-12-12 13:36:11 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-12-12 13:32:15 ----D---- C:\WINDOWS\system32\scripting
2008-12-12 13:32:14 ----D---- C:\WINDOWS\system32\en
2008-12-12 13:32:14 ----D---- C:\WINDOWS\l2schemas
2008-12-12 13:32:13 ----D---- C:\WINDOWS\system32\bits
2008-12-12 13:15:13 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-12-12 13:06:39 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-12-12 13:06:35 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-12-12 13:06:31 ----N---- C:\WINDOWS\system32\setupn.exe
2008-12-12 13:06:28 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-12-12 13:06:28 ----N---- C:\WINDOWS\system32\qutil.dll
2008-12-12 13:06:28 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-12-12 13:06:28 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-12-12 13:06:28 ----N---- C:\WINDOWS\system32\qagent.dll
2008-12-12 13:06:26 ----N---- C:\WINDOWS\system32\onex.dll
2008-12-12 13:06:23 ----N---- C:\WINDOWS\system32\napstat.exe
2008-12-12 13:06:23 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-12-12 13:06:23 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-12-12 13:06:22 ----A---- C:\WINDOWS\system32\msxml6r.dll
2008-12-12 13:06:21 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-12-12 13:06:21 ----N---- C:\WINDOWS\system32\mssha.dll
2008-12-12 13:06:16 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-12-12 13:06:16 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-12-12 13:06:16 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-12-12 13:06:15 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-12-12 13:06:12 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-12-12 13:06:02 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-12-12 13:06:02 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-12-12 13:06:02 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-12-12 13:06:02 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-12-12 13:06:02 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-12-12 13:05:44 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-12-12 13:05:44 ----A---- C:\WINDOWS\003514_.tmp
2008-12-12 13:05:43 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-12-12 13:05:43 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-12-12 13:05:43 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-12-12 13:05:43 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-12-12 13:05:43 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-12-12 13:05:42 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-12-12 13:05:42 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-12-12 13:05:42 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-12-12 13:05:42 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-12-12 13:05:41 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-12-12 13:05:40 ----N---- C:\WINDOWS\system32\credssp.dll
2008-12-12 13:05:38 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-12-12 13:05:37 ----N---- C:\WINDOWS\system32\azroles.dll
2008-12-12 12:34:55 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-12-12 10:54:39 ----D---- C:\Program Files\Softimage
2008-12-12 10:28:47 ----D---- C:\Documents and Settings\cbt_trumpton\Application Data\Identities
2008-12-12 10:28:37 ----SD---- C:\Documents and Settings\cbt_trumpton\Application Data\Microsoft
2008-12-12 10:28:37 ----ASH---- C:\Documents and Settings\cbt_trumpton\Application Data\desktop.ini
2008-12-12 10:22:22 ----D---- C:\WINDOWS\system32\Lang
2008-12-11 20:20:27 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe Systems
2008-12-11 20:20:07 ----D---- C:\Program Files\Common Files\Adobe Systems Shared
2008-12-11 19:39:46 ----D---- C:\WINDOWS\system32\RTCOM
2008-12-11 19:38:49 ----HDC---- C:\WINDOWS\$NtUninstallKB888111WXPSP2$
2008-12-11 19:38:43 ----A---- C:\WINDOWS\SOUNDMAN.EXE
2008-12-11 19:38:42 ----A---- C:\WINDOWS\RtlUpd.exe
2008-12-11 19:38:42 ----A---- C:\WINDOWS\RTLCPL.EXE
2008-12-11 19:38:40 ----A---- C:\WINDOWS\RTHDCPL.EXE
2008-12-11 19:38:39 ----A---- C:\WINDOWS\MicCal.exe
2008-12-11 19:38:38 ----D---- C:\Program Files\Realtek
2008-12-11 19:38:38 ----A---- C:\WINDOWS\ALCWZRD.EXE
2008-12-11 19:38:38 ----A---- C:\WINDOWS\ALCMTR.EXE
2008-12-11 19:38:30 ----A---- C:\WINDOWS\RtlExUpd.dll
2008-12-11 19:30:51 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-12-11 19:27:42 ----D---- C:\HP
2008-12-11 19:17:23 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-11 19:17:08 ----D---- C:\Program Files\AVG
2008-12-11 19:17:08 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-11 19:02:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2008-12-11 19:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2008-12-11 19:02:26 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2008-12-11 19:02:22 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-12-11 19:02:16 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 19:02:12 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 19:02:06 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-12-11 19:02:01 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-12-11 19:01:48 ----HDC---- C:\WINDOWS\$NtUninstallKB958215_0$
2008-12-11 19:01:43 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2008-12-11 19:01:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$
2008-12-11 19:01:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-12-11 19:01:24 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-12-11 19:00:57 ----HDC---- C:\WINDOWS\$NtUninstallKB925720$
2008-12-11 19:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-12-11 19:00:34 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2008-12-11 19:00:29 ----HDC---- C:\WINDOWS\$NtUninstallKB957097_0$
2008-12-11 19:00:24 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-12-11 19:00:03 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2008-12-11 18:59:58 ----HDC---- C:\WINDOWS\$NtUninstallKB951066_0$
2008-12-11 18:59:54 ----HDC---- C:\WINDOWS\$NtUninstallKB938464_0$
2008-12-11 18:59:49 ----HDC---- C:\WINDOWS\$NtUninstallKB954600_0$
2008-12-11 18:59:44 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-12-11 18:59:39 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2008-12-11 18:59:34 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2008-12-11 18:59:29 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$
2008-12-11 18:59:25 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2008-12-11 17:48:41 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers HeadQuarters
2008-12-11 17:44:28 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-12-11 17:44:28 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-12-11 17:44:28 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-12-11 17:44:26 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-12-11 17:44:26 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-12-11 17:44:26 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\slserv.exe
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\slgen.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-12-11 17:44:25 ----N---- C:\WINDOWS\slrundll.exe
2008-12-11 17:42:43 ----D---- C:\WINDOWS\ServicePackFiles
2008-12-11 17:42:18 ----A---- C:\WINDOWS\000001_.tmp
2008-12-11 17:33:01 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles
2008-12-11 17:32:42 ----A---- C:\WINDOWS\system32\wpa.bak
2008-12-11 17:06:50 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-12-11 16:35:19 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-12-11 16:35:19 ----A---- C:\WINDOWS\system32\irclass.dll
2008-12-11 16:35:02 ----RA---- C:\WINDOWS\SETB2.tmp
2008-12-11 16:34:56 ----RA---- C:\WINDOWS\SETA6.tmp
2008-12-11 16:34:53 ----RA---- C:\WINDOWS\SETA3.tmp
2008-11-21 21:47:56 ----A---- C:\WINDOWS\system32\DivXsm.exe
2008-11-21 21:47:52 ----A---- C:\WINDOWS\system32\qt-dx331.dll
2008-11-21 21:46:10 ----A---- C:\WINDOWS\system32\ssldivx.dll
2008-11-21 21:46:10 ----A---- C:\WINDOWS\system32\libdivx.dll
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dtu100.dll.manifest
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dtu100.dll
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dpl100.dll.manifest
2008-11-21 21:45:16 ----A---- C:\WINDOWS\system32\dpl100.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpv11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpus11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpuGUI11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpuGUI10.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpu11.dll
2008-11-21 21:45:12 ----A---- C:\WINDOWS\system32\dpu10.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx11.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx0c.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx0a.dll
2008-11-21 21:45:08 ----A---- C:\WINDOWS\system32\divx_xx07.dll
2008-11-21 21:45:06 ----A---- C:\WINDOWS\system32\DivX.dll
2008-11-21 21:44:38 ----A---- C:\WINDOWS\system32\DivXCodecVersionChecker.exe
2008-11-21 21:44:16 ----A---- C:\WINDOWS\system32\DivXWMPExtType.dll

======List of files/folders modified in the last 1 months======

2008-12-20 18:38:41 ----D---- C:\WINDOWS\Temp
2008-12-20 18:00:01 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-20 17:59:58 ----SD---- C:\WINDOWS\Tasks
2008-12-20 17:56:47 ----D---- C:\WINDOWS\security
2008-12-20 17:56:40 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-20 17:33:45 ----D---- C:\WINDOWS
2008-12-19 12:24:03 ----SHD---- C:\WINDOWS\Installer
2008-12-19 12:22:24 ----D---- C:\WINDOWS\system32\drivers
2008-12-19 12:22:23 ----D---- C:\WINDOWS\system32
2008-12-19 12:21:43 ----RD---- C:\Program Files
2008-12-19 12:21:43 ----D---- C:\Program Files\Common Files
2008-12-19 12:20:51 ----HD---- C:\WINDOWS\inf
2008-12-19 11:12:35 ----D---- C:\Program Files\Perforce
2008-12-19 10:13:28 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-19 10:13:05 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-17 15:19:40 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-17 15:19:07 ----D---- C:\Program Files\Common Files\Adobe
2008-12-17 15:18:42 ----D---- C:\Program Files\Adobe
2008-12-17 13:52:45 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-17 13:47:31 ----RSD---- C:\WINDOWS\assembly
2008-12-17 12:14:29 ----D---- C:\WINDOWS\system32\DirectX
2008-12-17 09:05:16 ----D---- C:\WINDOWS\WinSxS
2008-12-16 15:09:07 ----A---- C:\WINDOWS\win.ini
2008-12-16 11:43:15 ----D---- C:\WINDOWS\system32\Restore
2008-12-15 16:04:30 ----N---- C:\WINDOWS\system32\pxhpinst.exe
2008-12-15 13:13:25 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-15 12:46:01 ----D---- C:\Program Files\DivX
2008-12-15 11:10:47 ----D---- C:\WINDOWS\Help
2008-12-15 10:50:13 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-15 10:13:30 ----A---- C:\WINDOWS\imsins.BAK
2008-12-15 10:13:19 ----D---- C:\WINDOWS\ie7updates
2008-12-15 09:08:02 ----D---- C:\WINDOWS\RegisteredPackages
2008-12-13 06:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 15:46:31 ----D---- C:\WINDOWS\network diagnostic
2008-12-12 14:48:43 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-12 14:21:57 ----D---- C:\WINDOWS\Microsoft.NET
2008-12-12 14:14:43 ----D---- C:\WINDOWS\system32\en-us
2008-12-12 14:14:42 ----D---- C:\Program Files\Internet Explorer
2008-12-12 14:03:53 ----D---- C:\WINDOWS\system32\XPSViewer
2008-12-12 14:02:17 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-12 13:57:56 ----HDC---- C:\WINDOWS\ie7
2008-12-12 13:45:07 ----A---- C:\WINDOWS\OEWABLog.txt
2008-12-12 13:44:15 ----A---- C:\WINDOWS\setuplog.txt
2008-12-12 13:43:48 ----D---- C:\WINDOWS\system32\Setup
2008-12-12 13:43:48 ----D---- C:\WINDOWS\ime
2008-12-12 13:43:48 ----D---- C:\WINDOWS\AppPatch
2008-12-12 13:43:47 ----D---- C:\WINDOWS\system32\wbem
2008-12-12 13:43:46 ----RSD---- C:\WINDOWS\Fonts
2008-12-12 13:36:19 ----D---- C:\Program Files\Messenger
2008-12-12 13:32:55 ----D---- C:\Program Files\Windows Media Player
2008-12-12 13:32:32 ----D---- C:\WINDOWS\system32\inetsrv
2008-12-12 13:32:15 ----D---- C:\WINDOWS\system32\usmt
2008-12-12 13:32:13 ----D---- C:\WINDOWS\PeerNet
2008-12-12 13:32:13 ----D---- C:\Program Files\Movie Maker
2008-12-12 13:26:34 ----D---- C:\WINDOWS\system32\npp
2008-12-12 13:26:34 ----D---- C:\WINDOWS\mui
2008-12-12 13:26:32 ----D---- C:\WINDOWS\msagent
2008-12-12 13:26:28 ----D---- C:\WINDOWS\srchasst
2008-12-12 13:26:25 ----D---- C:\Program Files\NetMeeting
2008-12-12 13:26:21 ----D---- C:\WINDOWS\system32\Com
2008-12-12 13:26:14 ----D---- C:\Program Files\Windows NT
2008-12-12 13:26:14 ----D---- C:\Program Files\Outlook Express
2008-12-12 13:26:05 ----D---- C:\Program Files\Common Files\System
2008-12-12 13:25:20 ----D---- C:\WINDOWS\system32\oobe
2008-12-12 13:25:14 ----D---- C:\WINDOWS\system
2008-12-12 13:20:36 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-12 13:15:11 ----D---- C:\WINDOWS\ehome
2008-12-12 12:36:30 ----D---- C:\WINDOWS\Debug
2008-12-12 11:33:20 ----SHD---- C:\RECYCLER
2008-12-12 10:32:49 ----A---- C:\WINDOWS\ODBC.INI
2008-12-12 10:30:45 ----D---- C:\DELL
2008-12-12 10:28:36 ----D---- C:\Documents and Settings
2008-12-12 10:23:42 ----D---- C:\WINDOWS\system32\config
2008-12-11 19:17:03 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-11 18:51:00 ----D---- C:\Program Files\Mozilla Firefox
2008-12-11 17:44:49 ----RASH---- C:\boot.ini
2008-12-11 17:31:39 ----D---- C:\WINDOWS\Media
2008-12-11 17:26:54 ----D---- C:\WINDOWS\twain_32
2008-12-11 17:25:59 ----D---- C:\WINDOWS\system32\icsxml
2008-12-11 17:25:16 ----D---- C:\WINDOWS\system32\ias
2008-12-11 17:25:08 ----D---- C:\WINDOWS\system32\1033
2008-12-11 17:23:19 ----D---- C:\WINDOWS\Driver Cache
2008-12-11 17:14:11 ----D---- C:\WINDOWS\SoftwareDistribution
2008-12-11 17:13:43 ----D---- C:\WINDOWS\Registration
2008-12-11 17:12:44 ----SHD---- C:\System Volume Information
2008-12-11 17:12:00 ----D---- C:\WINDOWS\nview
2008-12-11 17:07:38 ----A---- C:\WINDOWS\ODBCINST.INI
2008-12-11 17:06:52 ----RD---- C:\WINDOWS\Web
2008-12-11 17:06:44 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-12-11 16:35:22 ----A---- C:\WINDOWS\system.ini
2008-12-11 16:35:09 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-12-09 15:24:38 ----A---- C:\WINDOWS\system32\MRT.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-11 98440]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-11 26824]
R1 AvgTdiX;AVG8 Network Redirector; C:\WINDOWS\System32\Drivers\avgtdix.sys [2008-12-11 90632]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2008-11-25 4952576]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2006-10-22 3994624]
R3 rtl8139;Realtek RTL8139(A/B/C)-based PCI Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 xusb21;Xbox 360 Wireless Receiver Driver Service 21; C:\WINDOWS\system32\DRIVERS\xusb21.sys [2007-08-28 55808]
S1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
S3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2004-08-23 121472]
S3 PnkBstrK;PnkBstrK; \??\C:\WINDOWS\system32\drivers\PnkBstrK.sys []
S3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928]
S3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352]
S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2008-12-11 231704]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2006-10-22 159810]
R2 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2008-12-15 66872]
R2 PnkBstrB;PnkBstrB; C:\WINDOWS\system32\PnkBstrB.exe [2008-12-15 201352]
R2 spmd;SPM License Server; C:\WINDOWS\system32\spm\spmd.exe [2007-10-22 704512]
R2 WinDefend;Windows Defender; C:\Program Files\Windows Defender\MsMpEng.exe [2006-11-03 13592]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2008-12-11 72704]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 getPlusŪ Helper;getPlusŪ Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2006-09-12 724992]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-01-28 38912]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]

-----------------EOF-----------------

info.txt logfile of random's system information tool 1.05 2008-12-20 18:38:45

======Uninstall list======

-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
-->C:\Program Files\Nero\Nero 7\nero\uninstall\UNNERO.exe /UNINSTALL
-->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL
-->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL
-->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL
-->C:\WINDOWS\UNNeroVision.exe /UNINSTALL
-->C:\WINDOWS\UNRecode.exe /UNINSTALL
-->MsiExec.exe /X{57922B53-02D4-4DFC-AC24-A3519DC1F49A}
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
Acrobat.com-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe -uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{00203668-8170-44A0-BE44-B632FA4D780F}
Adobe Bridge 1.0-->MsiExec.exe /I{AE3D38A6-13B1-40B3-9423-D1FA9982FB6A}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5102}
Adobe Common File Installer-->MsiExec.exe /I{8EDBA74D-0686-4C99-BFDD-F894678E5B39}
Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Help Center 2.0-->MsiExec.exe /I{8FFC924C-ED06-44CB-8867-3CA778ECE903}
Adobe Photoshop CS2-->msiexec /I {236BB7C4-4419-42FD-0409-1E257A25E34D}
Adobe Premiere Pro 2.0-->msiexec /I {FA17A726-B229-4116-B793-A2AB1A4EAE2E}
Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A90000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1033-0000-B58E-000000000001}
Adobe Stock Photos 1.0-->MsiExec.exe /I{786C5747-1437-443D-B06E-79A00FE45110}
Any Video Converter 2.6.7-->"C:\Program Files\Any Video Converter\unins000.exe"
Apple Mobile Device Support-->MsiExec.exe /I{EC4455AB-F155-4CC1-A4C5-88F3777F9886}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AVG 8.0-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
Battlefield 2™-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{04858915-9F49-4B2A-AED4-DC49A7DE6A7B}\setup.exe" -l0x9 -removeonly
Bonjour-->MsiExec.exe /I{8A25392D-C5D2-4E79-A2BD-C15DDC5B0959}
Broadcom Gigabit Integrated Controller-->C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe /M{BE6890C7-31EF-478C-812E-1E2899ABFCA9} /l1033
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\ConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Driver Detective-->C:\Program Files\InstallShield Installation Information\{621C02EA-AAFF-4026-A903-165D59529A16}\setup.exe -runfromtemp -l0x0409
Fraps (remove only)-->"C:\program files\Fraps\uninstall.exe"
getPlusŪ for Adobe-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
High Definition Audio Driver Package - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\cbt_trumpton\Desktop\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.0 (KB932471)-->C:\WINDOWS\system32\msiexec.exe /promptrestart /uninstall {ECD292A0-0347-4244-8C24-5DBCE990FB40} /package {BAF78226-3200-4DB4-BE33-4D922A799840}
Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
InterVideo XPack (DVD Only)-->"C:\Program Files\InstallShield Installation Information\{98E8A2EF-4EAE-43B8-A172-74842B764777}\setup.exe" REMOVEALL
iTunes-->MsiExec.exe /I{318AB667-3230-41B5-A617-CB3BF748D371}
IZArc 3.5 beta 3-->"C:\Program Files\IZArc\unins000.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 1.1 Hotfix (KB928366)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M928366\M928366Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 2.0 Service Pack 1-->MsiExec.exe /I{B508B3F1-A24A-32C0-B310-85786919EF28}
Microsoft .NET Framework 3.0 Service Pack 1-->MsiExec.exe /I{2BA00471-0328-3743-93BD-FA813353A783}
Microsoft Internationalized Domain Names Mitigation APIs-->"C:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$\spuninst\spuninst.exe"
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft National Language Support Downlevel APIs-->"C:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$\spuninst\spuninst.exe"
Microsoft Office Outlook 2003-->MsiExec.exe /I{90E00409-6000-11D3-8CFE-0150048383C9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Mozilla Firefox (2.0)-->C:\Program Files\Mozilla Firefox\uninstall\uninst.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 6 Service Pack 2 (KB954459)-->MsiExec.exe /I{1A528690-6A2D-4BC5-B143-8C4AE8D19D96}
Nero 7 Premium-->MsiExec.exe /I{40261D0A-A385-4C1A-A7DE-5F270D9B1033}
NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI
Perforce P4Win Components-->"C:\Program Files\Perforce\up4winst.exe"
Perforce P4Win Components-->MsiExec.exe /I{11D8BE7F-6A6F-457B-AC26-B6C2225C6A96}
Perforce Visual Components-->MsiExec.exe /I{750581CD-F259-439D-8C64-1F3CA2641FE4}
QuickTime-->MsiExec.exe /I{F958CA02-BB40-4007-894B-258729456EE4}
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\Setup.exe" -l0x9 -removeonly
Security Update for Windows Internet Explorer 7 (KB938127-v2)-->"C:\WINDOWS\ie7updates\KB938127-v2-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB956390)-->"C:\WINDOWS\ie7updates\KB956390-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB958215)-->"C:\WINDOWS\ie7updates\KB958215-IE7\spuninst\spuninst.exe"
Security Update for Windows Internet Explorer 7 (KB960714)-->"C:\WINDOWS\ie7updates\KB960714-IE7\spuninst\spuninst.exe"
Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe"
Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe"
Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Security Update for Windows XP (KB938464)-->"C:\WINDOWS\$NtUninstallKB938464$\spuninst\spuninst.exe"
Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Security Update for Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954211)-->"C:\WINDOWS\$NtUninstallKB954211$\spuninst\spuninst.exe"
Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe"
Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956391)-->"C:\WINDOWS\$NtUninstallKB956391$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe"
Security Update for Windows XP (KB956841)-->"C:\WINDOWS\$NtUninstallKB956841$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957095)-->"C:\WINDOWS\$NtUninstallKB957095$\spuninst\spuninst.exe"
Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958215)-->"C:\WINDOWS\$NtUninstallKB958215$\spuninst\spuninst.exe"
Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe"
SOFTIMAGE License Server 1.1.11.1502-->C:\Program Files\InstallShield Installation Information\{D2975B11-82F4-47D9-A0AC-99E36A0E9ECB}\setup.exe -runfromtemp -l0x0009 -removeonly
SOFTIMAGE XSI 6.02-->C:\Softimage\XSI_6.02\Setup\setup.exe -runfromtemp -l0x0009 -removeonly
SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly
SPM License Server 1.1.11-1307-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B36377A4-4C13-4041-A46C-726AA935FAD3}\setup.exe"
Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe"
Windows Defender-->MsiExec.exe /I{A06275F4-324B-4E85-95E6-87B2CD729401}
Windows Internet Explorer 7-->"C:\WINDOWS\ie7\spuninst\spuninst.exe"
Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe"
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall
Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe"
Windows Presentation Foundation-->MsiExec.exe /X{BAF78226-3200-4DB4-BE33-4D922A799840}
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
XviD 1.1 final uninstall-->"C:\Program Files\XviD\unins000.exe"

=====HijackThis Backups=====

O17 - HKLM\System\CCS\Services\Tcpip\..\{6E01B2B1-15A8-47BA-9740-9B2F75AA791F}: NameServer = 85.255.112.137;85.255.112.235
O17 - HKLM\System\CCS\Services\Tcpip\..\{6E01B2B1-15A8-47BA-9740-9B2F75AA791F}: NameServer = 85.255.112.137;85.255.112.235
O4 - HKCU\..\Run: [AVG7_Run] C:\PROGRA~1\Grisoft\AVG7\avgw.exe /RUNONCE

======Security center information======

AV: AVG Internet Security Network Edition

System event log

Computer Name: BASEBUILD
Event Code: 32
Message: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.


Record Number: 898
Source Name: SideBySide
Time Written: 20081211170747.000000+000
Event Type: error
User:

Computer Name: BASEBUILD
Event Code: 59
Message: Resolve Partial Assembly failed for Microsoft.VC80.CRT.
Reference error message: The referenced assembly is not installed on your system.
.

Record Number: 897
Source Name: SideBySide
Time Written: 20081211170747.000000+000
Event Type: error
User:

Computer Name: BASEBUILD
Event Code: 32
Message: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.


Record Number: 896
Source Name: SideBySide
Time Written: 20081211170747.000000+000
Event Type: error
User:

Computer Name: BASEBUILD
Event Code: 59
Message: Resolve Partial Assembly failed for Microsoft.VC80.CRT.
Reference error message: The referenced assembly is not installed on your system.
.

Record Number: 895
Source Name: SideBySide
Time Written: 20081211170747.000000+000
Event Type: error
User:

Computer Name: BASEBUILD
Event Code: 32
Message: Dependent Assembly Microsoft.VC80.CRT could not be found and Last Error was The referenced assembly is not installed on your system.


Record Number: 894
Source Name: SideBySide
Time Written: 20081211170747.000000+000
Event Type: error
User:

Application event log

Computer Name: BASEBUILD
Event Code: 1000
Message: Performance counters for the MSDTC (MSDTC) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 5
Source Name: LoadPerf
Time Written: 20070918163602.000000+060
Event Type: information
User:

Computer Name: BASEBUILD
Event Code: 1000
Message: Performance counters for the TermService (Terminal Services) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 4
Source Name: LoadPerf
Time Written: 20070918163600.000000+060
Event Type: information
User:

Computer Name: BASEBUILD
Event Code: 1000
Message: Performance counters for the RemoteAccess (Routing and Remote Access) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 3
Source Name: LoadPerf
Time Written: 20070918163501.000000+060
Event Type: information
User:

Computer Name: BASEBUILD
Event Code: 1000
Message: Performance counters for the PSched (PSched) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 2
Source Name: LoadPerf
Time Written: 20070918163437.000000+060
Event Type: information
User:

Computer Name: BASEBUILD
Event Code: 1000
Message: Performance counters for the RSVP (QoS RSVP) service were loaded successfully.
The Record Data contains the new index values assigned
to this service.

Record Number: 1
Source Name: LoadPerf
Time Written: 20070918163436.000000+060
Event Type: information
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\system32\WBEM;C:\Program Files\Perforce;C:\Program Files\Common Files\Adobe\AGL;C:\Program Files\Common Files\Softimage;C:\Program Files\QuickTime\QTSystem\
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 7, GenuineIntel
"PROCESSOR_REVISION"=0407
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------

Edited by GizmoBradwell, 20 December 2008 - 02:02 PM.


BC AdBot (Login to Remove)

 


#2 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:55 PM

Posted 20 December 2008 - 04:56 PM

Hello GizmoBradwell,

Posted Image

This tool is not a toy. If used the wrong way you could trash your computer. Please use only under direction of a Helper. If you decide to do so anyway, please do not blame me or ComboFix.

1. Download this file - combofix.exe
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
http://www.forospyware.com/sUBs/ComboFix.exe
http://subs.geekstogo.com/ComboFix.exe
2. Double click combofix.exe & follow the prompts.
3. When finished, it will produce a log for you. Post that log in your next reply please, along with a new HijackThis log.

Note:
Do not mouseclick combofix's window while it's running. That may cause it to stall.

Thanks,
tea
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?

#3 teacup61

teacup61

    Bleepin' Texan!


  • Malware Response Team
  • 17,075 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:Wills Point, Texas
  • Local time:11:55 PM

Posted 29 December 2008 - 03:04 AM

Due to the lack of feedback this Topic is closed.

If you need this topic reopened, please request this by sending the moderating team a PM with the address of the thread. This applies only to the original topic starter.

Everyone else please begin a New Topic
Please make a donation so I can keep helping people just like you.
Every little bit helps! :)
You can even use your credit card! Thank you!

Posted Image


Error reading poptart in Drive A: Delete kids y/n?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users