Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Computer: the final @$$ whoopin'


  • This topic is locked This topic is locked
16 replies to this topic

#1 kdougan

kdougan

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sacramento, CA
  • Local time:03:37 PM

Posted 01 January 2009 - 02:51 PM

Hello there, go easy on me, this is my first post and my first attempt at truly solving the problem by actually asking someone else. *gasp*

Well, here's the problem:

My computer doe not play any media. Not from the browser. Not from WMP, iTunes, DIVX, or even system sounds. No sound at all, and video plays for 2 seconds, then stops. I have seen others with the same problem but it usually only applies to the browser, YouTube and such. Mine affects the whole computer.
Issues arose about 2 weeks ago and I have hit this thing with everything I can think of as far as Malware, Antivirus, and Rootkit scans are concerned. I have found a few things, even including a DNS changer, but nothing to indicate the root of the problem. The computer is kicking my ass.

Scans I have completed include, but are not limited to:
Spybot: Search and Destroy, Ad-Aware, Norton Antivirus, CCleaner, Malwarebytes Antimalware, Avast! Antivirus, Panda Antivirus (including Housecall, their online scan), Kaspersky Online Scan, Super Antispyware (questionable product but I was desperate), and so on...

Logs that I have sitting on my desktop:
Smitfraud, Norton, Combo, Random, DDS, and Hijackthis

This is really frustrating because all the audio and video works fine when I stream it to another computer (xbox running XBMC) so I know it's not the actual media.

Here is the DDSlog as requested in the instructions:

DDS (Version 1.1.0) - NTFSx86
Run by Kyle at 11:33:02.03 on Thu 01/01/2009
Internet Explorer: 7.0.5730.13 BrowserJavaVersion: 1.6.0_07
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3062.2320 [GMT -8:00]

AV: Norton 360 *On-access scanning disabled* (Updated)
FW: Norton 360 *enabled*

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
svchost.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\Program Files\Intel\AMT\LMS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\oodag.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\TVersity\Media Server\MediaServer.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\oodtray.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\MemInfo\meminfo.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Documents and Settings\Kyle\Desktop\dds.scr

============== Pseudo HJT Report ===============

uInternet Connection Wizard,ShellNext = hxxp://www.cpuid.com/
uInternet Settings,ProxyOverride = *.local
uURLSearchHooks: H - No File
BHO: {0055C089-8582-441B-A0BF-17B458C2A3A8} - No File
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot - search & destroy\SDHelper.dll
BHO: NCO 2.0 IE BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\common files\symantec shared\coshared\browser\2.6\coIEPlg.dll
BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\progra~1\common~1\symant~1\ids\IPSBHO.dll
BHO: Java™ Plug-In SSV Helper: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
BHO: {7E853D72-626A-48EC-A868-BA8D5E23E045} - No File
BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: {9CB65201-89C4-402c-BA80-02D8C59F9B1D} - No File
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
TB: Show Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\common files\symantec shared\coshared\browser\2.6\CoIEPlg.dll
TB: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [nwiz] nwiz.exe /install
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
mRun: [P17Helper] Rundll32 P17.dll,P17Helper
mRun: [ccApp] "c:\program files\common files\symantec shared\ccApp.exe"
mRun: [osCheck] "c:\program files\norton 360\osCheck.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [OODefragTray] c:\windows\system32\oodtray.exe
StartupFolder: c:\docume~1\kyle\startm~1\programs\startup\meminfo.lnk - c:\program files\meminfo\meminfo.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\bluetooth.lnk - c:\program files\widcomm\bluetooth software\BTTray.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\logitech setpoint.lnk - c:\program files\logitech\setpoint\SetPoint.exe
IE: &Search - ?p=ZKman000
IE: Download all links with IDM
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download FLV video content with IDM
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: Download with IDM
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_07\bin\ssv.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot - search & destroy\SDHelper.dll
Trusted Zone: turbotax.com
Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll
Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - No File
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
SEH: Windows Desktop Search Namespace Manager: {56f9679e-7826-4c84-81f3-532071a8bcc5} - c:\program files\windows desktop search\MSNLNamespaceMgr.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

============= SERVICES / DRIVERS ===============

R1 SASDIFSV;SASDIFSV;\??\c:\program files\superantispyware\SASDIFSV.SYS [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;\??\c:\program files\superantispyware\SASKUTIL.sys [2008-11-17 55024]
R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [2008-11-26 93544]
R2 ccEvtMgr;Symantec Event Manager;"c:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [2008-2-18 149352]
R2 ccSetMgr;Symantec Settings Manager;"c:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [2008-2-18 149352]
R2 LiveUpdate Notice;LiveUpdate Notice;"c:\program files\common files\symantec shared\ccSvcHst.exe" /h ccCommon [2008-2-18 149352]
R2 osaio;osaio;\??\c:\windows\system32\drivers\osaio.sys [2007-10-16 6784]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;\??\c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2008-12-28 99376]
R3 NAVENG;NAVENG;\??\c:\progra~1\common~1\symant~1\virusd~1\20081231.041\NAVENG.SYS [2009-1-1 89104]
R3 NAVEX15;NAVEX15;\??\c:\progra~1\common~1\symant~1\virusd~1\20081231.041\NAVEX15.SYS [2009-1-1 876112]
R3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [2007-12-22 91830]
S3 COH_Mon;COH_Mon;\??\c:\windows\system32\drivers\COH_Mon.sys [2008-1-12 23888]
S3 OMAWGU(Belkin Corporation);My Essential G USB Adapter(Belkin Corporation);c:\windows\system32\drivers\OMAWGU.sys []
S3 PEEK5;PEEK5 Protocol Driver;\??\c:\aircrack-ng-win-0.9.1\bin\PEEK5.SYS []
S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\RkPavproc1.sys []
S3 SASENUM;SASENUM;\??\c:\program files\superantispyware\SASENUM.SYS [2008-11-17 7408]
S3 Symantec Core LC;Symantec Core LC;c:\progra~1\common~1\symant~1\ccpd-lc\symlcsvc.exe [2008-12-28 1245064]
S4 Ptipfl;Ptipfl; []

=============== Created Last 30 ================

2008-12-31 21:05 <DIR> --d----- c:\program files\SecondLife
2008-12-29 19:37 5,108 a------- c:\windows\system32\oodbs.lor
2008-12-29 19:30 0 a------- c:\windows\oodcnt.INI
2008-12-29 19:28 <DIR> --d----- c:\windows\system32\oodag
2008-12-29 19:12 <DIR> --d----- c:\program files\Defrag Professional
2008-12-29 18:57 <DIR> --d----- c:\program files\iPod
2008-12-29 18:57 <DIR> --d----- c:\program files\iTunes
2008-12-29 18:57 <DIR> --d----- c:\docume~1\alluse~1\applic~1\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-28 23:44 <DIR> --d----- C:\N360_BACKUP
2008-12-28 23:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SecTaskMan
2008-12-28 23:16 <DIR> --d----- c:\program files\Security Task Manager
2008-12-28 23:06 <DIR> --d----- c:\program files\Startup Optimizer
2008-12-28 21:13 <DIR> --d----- c:\docume~1\kyle\applic~1\Symantec
2008-12-28 21:07 <DIR> --d----- c:\program files\Norton 360
2008-12-28 21:04 123,952 a------- c:\windows\system32\drivers\SYMEVENT.SYS
2008-12-28 21:04 60,800 a------- c:\windows\system32\S32EVNT1.DLL
2008-12-28 21:04 <DIR> --d----- c:\program files\Symantec
2008-12-28 21:04 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2008-12-28 17:08 10,671 a------- c:\windows\system32\drivers\SYMEVENT.CAT
2008-12-28 17:08 805 a------- c:\windows\system32\drivers\SYMEVENT.INF
2008-12-28 17:06 <DIR> --d----- c:\program files\common files\Symantec Shared
2008-12-23 14:47 421,888 a------- c:\windows\system32\ac3filter.acm
2008-12-23 14:47 <DIR> --d----- c:\program files\XP Codec Pack
2008-12-21 12:18 28,160 ac------ c:\windows\system32\dllcache\irmon.dll
2008-12-21 12:18 28,160 a------- c:\windows\system32\irmon.dll
2008-12-21 12:18 151,552 ac------ c:\windows\system32\dllcache\irftp.exe
2008-12-21 12:18 151,552 a------- c:\windows\system32\irftp.exe
2008-12-21 12:18 8,192 ac------ c:\windows\system32\dllcache\wshirda.dll
2008-12-21 12:18 8,192 a------- c:\windows\system32\wshirda.dll
2008-12-20 19:11 <DIR> a-dshr-- C:\cmdcons
2008-12-20 19:10 161,792 a------- c:\windows\SWREG.exe
2008-12-20 19:10 98,816 a------- c:\windows\sed.exe
2008-12-19 21:08 250 a------- c:\windows\gmer.ini
2008-12-19 19:37 <DIR> --d----- c:\windows\SxsCaPendDel
2008-12-19 18:09 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com
2008-12-19 18:09 <DIR> --d----- c:\program files\SUPERAntiSpyware
2008-12-19 18:09 <DIR> --d----- c:\docume~1\kyle\applic~1\SUPERAntiSpyware.com
2008-12-15 20:49 <DIR> --d----- c:\program files\Bonjour
2008-12-14 23:40 <DIR> --d----- c:\docume~1\kyle\applic~1\Free Download Manager
2008-12-14 23:39 <DIR> --d----- c:\program files\Free Download Manager
2008-12-14 22:44 108,336 a------- c:\windows\system32\mswinsck.ocx
2008-12-12 11:18 87,336 a------- c:\windows\system32\dns-sd.exe
2008-12-12 11:11 61,440 a------- c:\windows\system32\dnssd.dll
2008-12-12 01:14 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Panda Software
2008-12-12 01:13 8,627 a------- c:\windows\system32\PAV_FOG.OPC
2008-12-11 22:10 227 a------- c:\windows\AvDetected.ini
2008-12-09 17:42 <DIR> --d----- c:\docume~1\kyle\applic~1\ABBYY
2008-12-09 00:29 <DIR> --d----- c:\docume~1\alluse~1\applic~1\ABBYY
2008-12-09 00:25 <DIR> --d----- c:\temp\FR90PE
2008-12-07 12:29 410,984 a------- c:\windows\system32\deploytk.dll

==================== Find3M ====================

2009-01-01 11:11 2,432 a------- c:\windows\system32\tmp.reg
2008-12-23 00:25 98,304 a------- c:\windows\DUMP5e0e.tmp
2008-12-22 23:21 98,304 a------- c:\windows\DUMP688d.tmp
2008-12-20 15:42 409,600 a------- c:\windows\system32\wrap_oal.dll
2008-12-20 15:42 114,688 a------- c:\windows\system32\OpenAL32.dll
2008-12-12 00:57 78,336 a------- c:\windows\system32\Agent.OMZ.Fix.exe
2008-11-29 17:58 82,944 a------- c:\windows\system32\IEDFix.C.exe
2008-11-29 12:26 991,232 a------- c:\windows\system32\VSFilter.dll
2008-11-26 17:35 717,296 a------- c:\windows\system32\drivers\sptd.sys
2008-11-23 09:47 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_LMouFilt_01005.Wdf
2008-11-23 09:47 0 a---h--- c:\windows\system32\drivers\Msft_Kernel_LHidFilt_01005.Wdf
2008-11-22 20:59 2,516 a--sh--- c:\docume~1\alluse~1\applic~1\KGyGaAvL.sys
2008-11-21 13:47 524,288 a------- c:\windows\system32\DivXsm.exe
2008-11-21 13:47 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2008-11-21 13:46 1,044,480 a------- c:\windows\system32\libdivx.dll
2008-11-21 13:46 200,704 a------- c:\windows\system32\ssldivx.dll
2008-11-21 13:44 161,096 a------- c:\windows\system32\DivXCodecVersionChecker.exe
2008-11-21 13:44 12,288 a------- c:\windows\system32\DivXWMPExtType.dll
2008-11-05 18:21 47,360 a------- c:\docume~1\kyle\applic~1\pcouffin.sys
2008-11-05 18:16 47,360 a------- c:\windows\system32\drivers\pcouffin.sys
2008-10-23 04:36 286,720 a------- c:\windows\system32\gdi32.dll
2008-10-16 14:06 268,648 a------- c:\windows\system32\mucltui.dll
2008-10-16 14:06 208,744 a------- c:\windows\system32\muweb.dll
2008-10-16 12:38 826,368 a------- c:\windows\system32\wininet.dll
2008-10-11 08:41 737,280 a------- c:\windows\iun6002.exe
2008-09-07 20:49 167 a------- c:\documents and settings\kyle\xrt_log.dat
2008-06-25 15:18 88 ---shr-- c:\docume~1\alluse~1\applic~1\9CC59B079B.sys
2008-01-27 20:32 3,080 a------- c:\program files\Craftyov.ini
2008-01-16 19:59 23,136 a------- c:\docume~1\kyle\applic~1\GDIPFONTCACHEV1.DAT
2008-02-10 02:50 56 a--shr-- c:\windows\system32\9B079BC59C.sys
2008-02-10 02:50 3,350 a--sh--- c:\windows\system32\KGyGaAvL.sys
2008-09-01 11:27 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008082520080901\index.dat
2008-09-07 23:30 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090120080908\index.dat
2008-09-08 00:00 32,768 a--sh--- c:\windows\system32\config\systemprofile\local settings\history\history.ie5\mshist012008090820080909\index.dat

============= FINISH: 11:33:54.15 ===============

Please help me!

~k

Attached Files



BC AdBot (Login to Remove)

 


#2 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 13 January 2009 - 01:02 PM

Howdy, my name is Hoov, and I will be helping you with your dilemma.

Please make sure you watch this thread for responses. If you click the options tab at the top of your first post, you can select to track this thread.

Here is what I am asking you to do during the repair of your computer

*Tell me everything that you have done, if anything, to try and fix this problem.

*Please only use 1 forum to help clear up your problem. Posting on more than 1 and following instructions from more than 1 forum will cause those helping you to pull out thier hair.

*Follow my instructions - If you can't for some reason, or if you don't understand something, please tell me. If you deviate from my instructions, tell me, it may make a difference on where we go. Don't install anything, even other programs that have nothing to do with security or malware, it could cause things to change, and I would never know it.

*Have faith. I will do all I can to get your computer working, and if I can't - someone else here will know something else to try.

*Stick with me to the end. My aim is to fix your problems, and give you the tools and knowledge to keep this from happening again.

Now onto trying to fix your computer. I am looking over your log, and I will be back in a bit with some instructions.


Do you remember when this happened. Did you install or uninstall something just before it went out the door? A crash, anything? Are there any other problems other than not playing media?

Go ahead and attach all the logs that you have.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#3 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 19 January 2009 - 05:06 PM

This thread is closed due to inactivity.
If you need this topic reopened, please send me or another moderator a PM.


This thread has been reopened at the request of kdougan

Edited by Hoov, 01 February 2009 - 09:36 PM.

Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#4 kdougan

kdougan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sacramento, CA
  • Local time:03:37 PM

Posted 02 February 2009 - 09:04 PM

Ok Hoov, I do greatly apreciate the help. Where do I start?

#5 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 02 February 2009 - 09:14 PM

First some information, do you remember what happened just before this started happening? A crash, some wonky video or audio? Update, new software? Anything in particular? Even if it doesn't seem connected. Also did it happen all of the sudden or did it start with one kind of media and just progress to the others? Did you try to copy a copy protected disk of some kind just before this happened? Did you stub your toe while typing at the keyboard? :thumbsup: Sorry bout that, but you get what I mean.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#6 kdougan

kdougan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sacramento, CA
  • Local time:03:37 PM

Posted 02 February 2009 - 11:57 PM

Yeah, I get what you mean but I honestly couldn't tell you. Like I said in the PM I sent you, my personal computer turned into the 'house' computer and I go to school 9 hours a day. All I can really tell you is that DiVx player is the only player that will play any sort of video all the way through but still no sound. The fact that video plays only through DiVx makes me want to think it may be a corrupted codec of some sort, but everything is updated and 'working.' Here are the latest logs that I ran this evening:

DxDiag (for sys information)

------------------
System Information
------------------
Time of this report: 2/2/2009, 20:42:47
Machine name: KDOUGAN
Operating System: Windows XP Professional (5.1, Build 2600) Service Pack 3 (2600.xpsp_sp3_gdr.080814-1236)
Language: English (Regional Setting: English)
System Manufacturer: INTEL_
System Model: DQ965GF_
BIOS: Default System BIOS
Processor: Intel® Pentium® D CPU 2.66GHz
Memory: 3070MB RAM
Page File: 637MB used, 3276MB available
Windows Dir: C:\WINDOWS
DirectX Version: DirectX 9.0c (4.09.0000.0904)
DX Setup Parameters: Not found
DxDiag Version: 5.03.2600.5512 32bit Unicode

------------
DxDiag Notes
------------
DirectX Files Tab: No problems found.
Display Tab 1: No problems found.
Sound Tab 1: No problems found.
Sound Tab 2: No problems found.
Sound Tab 3: No problems found.
Sound Tab 4: The file btaudio.sys is not digitally signed, which means that it has not been tested by Microsoft's Windows Hardware Quality Labs (WHQL). You may be able to get a WHQL logo'd driver from the hardware manufacturer.
Sound Tab 5: The file btaudio.sys is not digitally signed, which means that it has not been tested by Microsoft's Windows Hardware Quality Labs (WHQL). You may be able to get a WHQL logo'd driver from the hardware manufacturer.
Music Tab: No problems found.
Input Tab: No problems found.
Network Tab: No problems found.

--------------------
DirectX Debug Levels
--------------------
Direct3D: 0/4 (n/a)
DirectDraw: 0/4 (retail)
DirectInput: 0/5 (n/a)
DirectMusic: 0/5 (n/a)
DirectPlay: 0/9 (retail)
DirectSound: 0/5 (retail)
DirectShow: 0/6 (retail)

---------------
Display Devices
---------------
Card name: NVIDIA GeForce 8400 GS
Manufacturer: NVIDIA
Chip type: GeForce 8400 GS
DAC type: Integrated RAMDAC
Device Key: Enum\PCI\VEN_10DE&DEV_0422&SUBSYS_C7353842&REV_A1
Display Memory: 512.0 MB
Current Mode: 1600 x 900 (32 bit) (60Hz)
Monitor: Plug and Play Monitor
Monitor Max Res: 1600,1200
Driver Name: nv4_disp.dll
Driver Version: 6.14.0011.7813 (English)
DDI Version: 9 (or higher)
Driver Attributes: Final Retail
Driver Date/Size: 9/17/2008 22:55:00, 6057472 bytes
WHQL Logo'd: Yes
WHQL Date Stamp: n/a
VDD: n/a
Mini VDD: nv4_mini.sys
Mini VDD Date: 9/17/2008 22:55:00, 6132576 bytes
Device Identifier: {D7B71E3E-4762-11CF-7745-3EE700C2CB35}
Vendor ID: 0x10DE
Device ID: 0x0422
SubSys ID: 0xC7353842
Revision ID: 0x00A1
Revision ID: 0x00A1
Video Accel: ModeMPEG2_C ModeMPEG2_D ModeWMV9_B ModeWMV9_A
Deinterlace Caps: {6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YUY2,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(UYVY,YUY2) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(YV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(YV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
{6CB69578-7617-4637-91E5-1C02DB810285}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_PixelAdaptive
{335AA36E-7884-43A4-9C91-7F87FAF3E37E}: Format(In/Out)=(NV12,0x3231564e) Frames(Prev/Fwd/Back)=(0,0,0) Caps=VideoProcess_YUV2RGB VideoProcess_StretchX VideoProcess_StretchY DeinterlaceTech_BOBVerticalStretch
Registry: OK
DDraw Status: Enabled
D3D Status: Enabled
AGP Status: Enabled
DDraw Test Result: Not run
D3D7 Test Result: Not run
D3D8 Test Result: Not run
D3D9 Test Result: Not run

-------------
Sound Devices
-------------
Description: SB Live! 24-bit
Default Sound Playback: Yes
Default Voice Playback: Yes
Hardware ID: PCI\VEN_1102&DEV_0007&SUBSYS_100A1102&REV_00
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: P17.sys
Driver Version: 5.12.0001.0514 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 6/15/2007 10:47:26, 1127936 bytes
Other Files:
Driver Provider: CREATIVE
HW Accel Level: Full
Cap Flags: 0xF5F
Min/Max Sample Rate: 4000, 96000
Static/Strm HW Mix Bufs: 64, 63
Static/Strm HW 3D Bufs: 64, 63
HW Memory: 0
Voice Management: Yes
EAX™ 2.0 Listen/Src: Yes, Yes
I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No
Registry: OK
Sound Test Result: Not run

Description: IDT Audio1
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_8384&DEV_7618&SUBSYS_80862008&REV_1002
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: sthda.sys
Driver Version: 1.00.5790.0002 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 4/10/2008 19:10:10, 1271032 bytes
Other Files:
Driver Provider: IDT
HW Accel Level: Full
Cap Flags: 0xB5B
Min/Max Sample Rate: 44100, 192000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX™ 2.0 Listen/Src: No, No
I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No
Registry: OK
Sound Test Result: Not run

Description: IDT Audio2
Default Sound Playback: No
Default Voice Playback: No
Hardware ID: HDAUDIO\FUNC_01&VEN_8384&DEV_7618&SUBSYS_80862008&REV_1002
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: sthda.sys
Driver Version: 1.00.5790.0002 (English)
Driver Attributes: Final Retail
WHQL Logo'd: Yes
Date and Size: 4/10/2008 19:10:10, 1271032 bytes
Other Files:
Driver Provider: IDT
HW Accel Level: Full
Cap Flags: 0xB5B
Min/Max Sample Rate: 44100, 192000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX™ 2.0 Listen/Src: No, No
I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No
Registry: OK
Sound Test Result: Not run

Description: Bluetooth Audio
Default Sound Playback: No
Default Voice Playback: No
Hardware ID:
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: btaudio.sys
Driver Version: 4.00.0001.3500 (English)
Driver Attributes: Final Retail
WHQL Logo'd: No
Date and Size: 5/12/2006 13:21:22, 401664 bytes
Other Files:
Driver Provider:
HW Accel Level: Full
Cap Flags: 0x959
Min/Max Sample Rate: 8000, 8000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX™ 2.0 Listen/Src: No, No
I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No
Registry: OK
Sound Test Result: Not run

Description: Bluetooth High Quality Audio
Default Sound Playback: No
Default Voice Playback: No
Hardware ID:
Manufacturer ID: 1
Product ID: 100
Type: WDM
Driver Name: btaudio.sys
Driver Version: 4.00.0001.3500 (English)
Driver Attributes: Final Retail
WHQL Logo'd: No
Date and Size: 5/12/2006 13:21:22, 401664 bytes
Other Files:
Driver Provider:
HW Accel Level: Full
Cap Flags: 0xB5B
Min/Max Sample Rate: 44100, 48000
Static/Strm HW Mix Bufs: 1, 0
Static/Strm HW 3D Bufs: 0, 0
HW Memory: 0
Voice Management: No
EAX™ 2.0 Listen/Src: No, No
I3DL2™ Listen/Src: No, No
Sensaura™ ZoomFX™: No
Registry: OK
Sound Test Result: Not run

---------------------
Sound Capture Devices
---------------------
Description: SB Live! 24-bit
Default Sound Capture: Yes
Default Voice Capture: Yes
Driver Name: P17.sys
Driver Version: 5.12.0001.0514 (English)
Driver Attributes: Final Retail
Date and Size: 6/15/2007 10:47:26, 1127936 bytes
Cap Flags: 0x41
Format Flags: 0xFFF

Description: IDT Audio1
Default Sound Capture: No
Default Voice Capture: No
Driver Name: sthda.sys
Driver Version: 1.00.5790.0002 (English)
Driver Attributes: Final Retail
Date and Size: 4/10/2008 19:10:10, 1271032 bytes
Cap Flags: 0x41
Format Flags: 0xCC0

Description: Bluetooth Audio
Default Sound Capture: No
Default Voice Capture: No
Driver Name: btaudio.sys
Driver Version: 4.00.0001.3500 (English)
Driver Attributes: Final Retail
Date and Size: 5/12/2006 13:21:22, 401664 bytes
Cap Flags: 0x41
Format Flags: 0x4

Description: Bluetooth High Quality Audio
Default Sound Capture: No
Default Voice Capture: No
Driver Name: btaudio.sys
Driver Version: 4.00.0001.3500 (English)
Driver Attributes: Final Retail
Date and Size: 5/12/2006 13:21:22, 401664 bytes
Cap Flags: 0x41
Format Flags: 0xCC0

-----------
DirectMusic
-----------
DLS Path: C:\WINDOWS\SYSTEM32\drivers\GM.DLS
DLS Version: 1.00.0016.0002
Acceleration: n/a
Ports: Microsoft Synthesizer, Software (Not Kernel Mode), Output, DLS, Internal, Default Port
SB Live! 24-bit, Software (Kernel Mode), Output, DLS, Internal
Bluetooth Audio, Software (Kernel Mode), Output, DLS, Internal
Bluetooth High Quality Audio, Software (Kernel Mode), Output, DLS, Internal
Microsoft MIDI Mapper [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
Creative SoundFont Synth [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
Microsoft GS Wavetable SW Synth [Emulated], Hardware (Not Kernel Mode), Output, No DLS, Internal
Registry: OK
Test Result: Not run

-------------------
DirectInput Devices
-------------------
Device Name: Mouse
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Keyboard
Attached: 1
Controller ID: n/a
Vendor/Product ID: n/a
FF Driver: n/a

Device Name: Bluetooth Virtual HID Keyboard
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x057E, 0x0306
FF Driver: n/a

Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC513
FF Driver: n/a

Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC513
FF Driver: n/a

Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC513
FF Driver: n/a

Device Name: USB Receiver
Attached: 1
Controller ID: 0x0
Vendor/Product ID: 0x046D, 0xC513
FF Driver: n/a

Poll w/ Interrupt: No
Registry: OK

-----------
USB Devices
-----------
+ USB Root Hub
| Vendor/Product ID: 0x8086, 0x2832
| Matching Device ID: usb\root_hub
| Service: usbhub
| Driver: usbhub.sys, 4/13/2008 23:15:38, 59520 bytes
| Driver: usbd.sys, 8/4/2004 04:00:00, 4736 bytes

----------------
Gameport Devices
----------------

------------
PS/2 Devices
------------
+ Logitech HID-Compliant Keyboard
| Vendor/Product ID: 0x046D, 0xC513
| Matching Device ID: hid\vid_046d&pid_c513&mi_00
| Lower Filters: LHidFilt
| Service: kbdhid
| Driver: kbdhid.sys, 4/14/2008 00:09:50, 14592 bytes
| Driver: kbdclass.sys, 4/14/2008 00:09:48, 24576 bytes
| Driver: LHidFilt.Sys, 2/29/2008 03:13:16, 35344 bytes
| Driver: WdfCoInstaller01005.dll, 6/22/2007 12:34:02, 1419232 bytes
|
+ Terminal Server Keyboard Driver
| Matching Device ID: root\rdp_kbd
| Upper Filters: kbdclass
| Service: TermDD
| Driver: termdd.sys, 4/14/2008 04:43:22, 40840 bytes
| Driver: kbdclass.sys, 4/14/2008 00:09:48, 24576 bytes
|
+ Logitech HID-compliant Cordless Mouse
| Vendor/Product ID: 0x046D, 0xC513
| Matching Device ID: hid\vid_046d&pid_c513&mi_01&col01
| Upper Filters: LMouFilt
| Lower Filters: LHidFilt
| Service: mouhid
| Driver: mouhid.sys, 8/17/2001 13:48:00, 12160 bytes
| Driver: mouclass.sys, 4/14/2008 00:09:48, 23040 bytes
| Driver: LHidFilt.Sys, 2/29/2008 03:13:16, 35344 bytes
| Driver: LMouFilt.Sys, 2/29/2008 03:13:24, 36880 bytes
| Driver: KHALMNPR.Exe, 2/29/2008 03:12:38, 76304 bytes
| Driver: WdfCoInstaller01005.dll, 6/22/2007 12:34:02, 1419232 bytes
|
+ Terminal Server Mouse Driver
| Matching Device ID: root\rdp_mou
| Upper Filters: mouclass
| Service: TermDD
| Driver: termdd.sys, 4/14/2008 04:43:22, 40840 bytes
| Driver: mouclass.sys, 4/14/2008 00:09:48, 23040 bytes

----------------------------
DirectPlay Service Providers
----------------------------
DirectPlay8 Modem Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
DirectPlay8 Serial Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
DirectPlay8 IPX Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
DirectPlay8 TCP/IP Service Provider - Registry: OK, File: dpnet.dll (5.03.2600.5512)
Internet TCP/IP Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
IPX Connection For DirectPlay - Registry: OK, File: dpwsockx.dll (5.03.2600.5512)
Modem Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)
Serial Connection For DirectPlay - Registry: OK, File: dpmodemx.dll (5.03.2600.5512)

DirectPlay Voice Wizard Tests: Full Duplex: Not run, Half Duplex: Not run, Mic: Not run
DirectPlay Test Result: Not run
Registry: OK

-------------------
DirectPlay Adapters
-------------------
DirectPlay8 Serial Service Provider: COM1
DirectPlay8 Serial Service Provider: COM4
DirectPlay8 Serial Service Provider: COM5
DirectPlay8 TCP/IP Service Provider: Local Area Connection - IPv6 - fe80::219:d1ff:fe75:6f31
DirectPlay8 TCP/IP Service Provider: Teredo Tunneling Pseudo-Interface - IPv6 - fe80::ffff:ffff:fffd
DirectPlay8 TCP/IP Service Provider: Automatic Tunneling Pseudo-Interface - IPv6 - fe80::5efe:
DirectPlay8 TCP/IP Service Provider: Local Area Connection - IPv4 -

-----------------------
DirectPlay Voice Codecs
-----------------------
Voxware VR12 1.4kbit/s
Voxware SC06 6.4kbit/s
Voxware SC03 3.2kbit/s
MS-PCM 64 kbit/s
MS-ADPCM 32.8 kbit/s
Microsoft GSM 6.10 13 kbit/s
TrueSpeech™ 8.6 kbit/s

-------------------------
DirectPlay Lobbyable Apps
-------------------------

------------------------
Disk & DVD/CD-ROM Drives
------------------------
Drive: C:
Free Space: 54.3 GB
Total Space: 305.2 GB
File System: NTFS
Model: WDC WD3200JB-00KFA0

Drive: D:
Model: _NEC DVD_RW ND-3550A
Driver: c:\windows\system32\drivers\cdrom.sys, 5.01.2600.5512 (English), 4/13/2008 23:10:48, 62976 bytes

--------------
System Devices
--------------
Name: Intel® Management Engine Interface
Device ID: PCI\VEN_8086&DEV_2994&SUBSYS_4F438086&REV_02\3&61AAA01&0&18
Driver: C:\WINDOWS\system32\DRIVERS\HECI.sys, 2.01.0022.1026 (English), 1/5/2007 04:20:45, 44416 bytes

Name: Intel® Q963/Q965 PCI Express Root Port - 2991
Device ID: PCI\VEN_8086&DEV_2991&SUBSYS_00000000&REV_02\3&61AAA01&0&08
Driver: n/a

Name: Intel® Q963/Q965 Processor to I/O Controller - 2990
Device ID: PCI\VEN_8086&DEV_2990&SUBSYS_00000000&REV_02\3&61AAA01&0&00
Driver: n/a

Name: Microsoft UAA Bus Driver for High Definition Audio
Device ID: PCI\VEN_8086&DEV_284B&SUBSYS_20088086&REV_02\3&61AAA01&0&D8
Driver: C:\WINDOWS\system32\DRIVERS\hdaudbus.sys, 5.10.0001.5013 (English), 4/13/2008 21:06:06, 144384 bytes

Name: Intel® ICH8 Family PCI Express Root Port 5 - 2847
Device ID: PCI\VEN_8086&DEV_2847&SUBSYS_00000000&REV_02\3&61AAA01&0&E4
Driver: n/a

Name: Intel® ICH8 Family PCI Express Root Port 4 - 2845
Device ID: PCI\VEN_8086&DEV_2845&SUBSYS_00000000&REV_02\3&61AAA01&0&E3
Driver: n/a

Name: Intel® ICH8 Family PCI Express Root Port 3 - 2843
Device ID: PCI\VEN_8086&DEV_2843&SUBSYS_00000000&REV_02\3&61AAA01&0&E2
Driver: n/a

Name: Intel® ICH8 Family PCI Express Root Port 2 - 2841
Device ID: PCI\VEN_8086&DEV_2841&SUBSYS_00000000&REV_02\3&61AAA01&0&E1
Driver: n/a

Name: Intel® ICH8 Family PCI Express Root Port 1 - 283F
Device ID: PCI\VEN_8086&DEV_283F&SUBSYS_00000000&REV_02\3&61AAA01&0&E0
Driver: n/a

Name: Intel® 82801GB SMBus Controller - 283E (Intel® SMBus 2.0 Driver)
Device ID: PCI\VEN_8086&DEV_283E&SUBSYS_4F438086&REV_02\3&61AAA01&0&FB
Driver: C:\WINDOWS\system32\drivers\intelsmb.sys, 6.04.0000.0001 (English), 12/28/2006 10:57:00, 45184 bytes

Name: Intel® ICH8 Family USB2 Enhanced Host Controller - 283A
Device ID: PCI\VEN_8086&DEV_283A&SUBSYS_4F438086&REV_02\3&61AAA01&0&D7
Driver: n/a

Name: Intel® ICH8 Family USB2 Enhanced Host Controller - 2836
Device ID: PCI\VEN_8086&DEV_2836&SUBSYS_4F438086&REV_02\3&61AAA01&0&EF
Driver: n/a

Name: Intel® ICH8 Family USB Universal Host Controller - 2835
Device ID: PCI\VEN_8086&DEV_2835&SUBSYS_4F438086&REV_02\3&61AAA01&0&D1
Driver: n/a

Name: Intel® ICH8 Family USB Universal Host Controller - 2834
Device ID: PCI\VEN_8086&DEV_2834&SUBSYS_4F438086&REV_02\3&61AAA01&0&D0
Driver: n/a

Name: Intel® ICH8 Family USB Universal Host Controller - 2832
Device ID: PCI\VEN_8086&DEV_2832&SUBSYS_4F438086&REV_02\3&61AAA01&0&EA
Driver: n/a

Name: Intel® ICH8 Family USB Universal Host Controller - 2831
Device ID: PCI\VEN_8086&DEV_2831&SUBSYS_4F438086&REV_02\3&61AAA01&0&E9
Driver: n/a

Name: Intel® ICH8 Family USB Universal Host Controller - 2830
Device ID: PCI\VEN_8086&DEV_2830&SUBSYS_4F438086&REV_02\3&61AAA01&0&E8
Driver: n/a

Name: Intel® ICH8 2 port Serial ATA Storage Controller - 2825
Device ID: PCI\VEN_8086&DEV_2825&SUBSYS_4F438086&REV_02\3&61AAA01&0&FD
Driver: n/a

Name: Intel® ICH8 4 port Serial ATA Storage Controller - 2820
Device ID: PCI\VEN_8086&DEV_2820&SUBSYS_4F438086&REV_02\3&61AAA01&0&FA
Driver: C:\WINDOWS\system32\DRIVERS\pciide.sys, 5.01.2600.0000 (English), 8/17/2001 12:51:52, 3328 bytes
Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 23:10:30, 24960 bytes
Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 23:10:32, 96512 bytes

Name: Intel® ICH8DO LPC Interface Controller - 2814
Device ID: PCI\VEN_8086&DEV_2814&SUBSYS_00000000&REV_02\3&61AAA01&0&F8
Driver: n/a

Name: Intel® 82801 PCI Bridge - 244E
Device ID: PCI\VEN_8086&DEV_244E&SUBSYS_00000000&REV_F2\3&61AAA01&0&F0
Driver: C:\WINDOWS\system32\DRIVERS\pci.sys, 5.01.2600.5512 (English), 4/13/2008 23:06:46, 68224 bytes

Name: Intel® 82566DM Gigabit Network Connection
Device ID: PCI\VEN_8086&DEV_104A&SUBSYS_00018086&REV_02\3&61AAA01&0&C8
Driver: C:\WINDOWS\system32\DRIVERS\e1e5132.sys, 9.06.0031.0000 (English), 1/5/2007 04:22:02, 246680 bytes
Driver: C:\WINDOWS\system32\Prounstl.exe, 8.01.0007.0000 (English), 1/5/2007 04:22:03, 154496 bytes
Driver: C:\WINDOWS\system32\e1e5132.din, 1/5/2007 04:22:02, 2889 bytes
Driver: C:\WINDOWS\system32\NicCo.dll, 1.01.0005.0000 (English), 1/5/2007 04:22:03, 28536 bytes
Driver: C:\WINDOWS\system32\NicInstE.dll, 9.06.0004.0000 (English), 1/5/2007 04:22:03, 61304 bytes
Driver: C:\WINDOWS\system32\e1000msg.dll, 8.07.0002.0000 (English), 1/5/2007 04:22:02, 260968 bytes
Driver: C:\WINDOWS\system32\NicEtCoE.dll, 4.01.0006.0000 (English), 1/5/2007 04:22:03, 66424 bytes

Name: Standard Dual Channel PCI IDE Controller
Device ID: PCI\VEN_11AB&DEV_6101&SUBSYS_610111AB&REV_B1\4&AB208E&0&00E1
Driver: C:\WINDOWS\system32\DRIVERS\pciidex.sys, 5.01.2600.5512 (English), 4/13/2008 23:10:30, 24960 bytes
Driver: C:\WINDOWS\system32\DRIVERS\atapi.sys, 5.01.2600.5512 (English), 4/13/2008 23:10:32, 96512 bytes
Driver: C:\WINDOWS\system32\DRIVERS\pciide.sys, 5.01.2600.0000 (English), 8/17/2001 12:51:52, 3328 bytes

Name: SB Audigy
Device ID: PCI\VEN_1102&DEV_0007&SUBSYS_100A1102&REV_00\4&35FAE160&0&08F0
Driver: C:\WINDOWS\system32\ksuser.dll, 5.03.2600.5512 (English), 4/14/2008 04:41:58, 4096 bytes
Driver: C:\WINDOWS\system32\ksproxy.ax, 5.03.2600.5512 (English), 4/14/2008 04:42:44, 129536 bytes
Driver: C:\WINDOWS\system32\drivers\ks.sys, 5.03.2600.5512 (English), 4/14/2008 00:46:38, 141056 bytes
Driver: C:\WINDOWS\system32\drivers\drmk.sys, 5.01.2600.5512 (English), 4/14/2008 00:15:16, 60160 bytes
Driver: C:\WINDOWS\system32\drivers\portcls.sys, 5.01.2600.5512 (English), 4/14/2008 00:49:42, 146048 bytes
Driver: C:\WINDOWS\system32\drivers\stream.sys, 5.03.2600.5512 (English), 4/14/2008 00:15:16, 49408 bytes
Driver: C:\WINDOWS\system32\wdmaud.drv, 5.01.2600.5512 (English), 4/14/2008 04:42:46, 23552 bytes
Driver: C:\WINDOWS\system32\CtDvInst.dll, 0.03.0000.0030 (English), 6/27/2005 09:37:22, 133632 bytes
Driver: C:\WINDOWS\system32\drivers\ctoss2k.sys, 5.12.0001.1081 (English), 1/10/2005 18:15:30, 106496 bytes
Driver: C:\WINDOWS\system32\drivers\ctsfm2k.sys, 5.12.0001.1081 (English), 1/10/2005 18:15:24, 138752 bytes
Driver: C:\WINDOWS\system32\sfman32.dll, 5.12.0001.0130 (English), 1/10/2005 18:15:26, 20992 bytes
Driver: C:\WINDOWS\system32\sfms32.dll, 5.12.0001.1081 (English), 1/10/2005 18:15:26, 115200 bytes
Driver: C:\WINDOWS\system32\ct2mgm.sf2, 9/22/1999 23:18:38, 2167684 bytes
Driver: C:\WINDOWS\system32\P17res.dll, 5.12.0001.0404 (English), 6/13/2005 13:03:00, 137728 bytes
Driver: C:\WINDOWS\system32\P17.dll, 1.00.0001.0041 (English), 5/3/2005 19:38:42, 64512 bytes
Driver: C:\WINDOWS\system32\drivers\P17.sys, 5.12.0001.0514 (English), 6/15/2007 10:47:26, 1127936 bytes
Driver: C:\WINDOWS\system32\drivers\Pfmodnt.sys, 3.00.0000.0011 (English), 12/22/2004 19:58:14, 8704 bytes
Driver: C:\WINDOWS\system32\A3d.dll, 80.00.0000.0003 (English), 4/11/2002 09:41:06, 65536 bytes
Driver: C:\WINDOWS\system32\P17CPI.dll, 1.00.0000.0002 (English), 10/2/2003 18:48:18, 53248 bytes

Name: NVIDIA GeForce 8400 GS
Device ID: PCI\VEN_10DE&DEV_0422&SUBSYS_C7353842&REV_A1\4&38C29EC4&0&0008
Driver: C:\WINDOWS\system32\DRIVERS\nv4_mini.sys, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 6132576 bytes
Driver: C:\WINDOWS\system32\nv4_disp.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 6057472 bytes
Driver: C:\WINDOWS\system32\nvsvc32.exe, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 163908 bytes
Driver: C:\WINDOWS\system32\nvapi.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 475136 bytes
Driver: C:\WINDOWS\system32\nvcuda.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 1368064 bytes
Driver: C:\WINDOWS\system32\nvoglnt.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 8826880 bytes
Driver: C:\WINDOWS\system32\nvcpl.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 13574144 bytes
Driver: C:\WINDOWS\system32\nvmctray.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 86016 bytes
Driver: C:\WINDOWS\system32\nvwddi.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 81920 bytes
Driver: C:\WINDOWS\system32\nvnt4cpl.dll, 6.14.0010.12064 (English), 9/17/2008 22:55:00, 286720 bytes
Driver: C:\WINDOWS\system32\nvmccs.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 229376 bytes
Driver: C:\WINDOWS\system32\nvdisps.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 3989504 bytes
Driver: C:\WINDOWS\system32\nvdispsr.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 5799936 bytes
Driver: C:\WINDOWS\system32\nvgames.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 3444736 bytes
Driver: C:\WINDOWS\system32\nvgamesr.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 3457024 bytes
Driver: C:\WINDOWS\system32\nvmccss.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 188416 bytes
Driver: C:\WINDOWS\system32\nvmccssr.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 458752 bytes
Driver: C:\WINDOWS\system32\nvmobls.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 1257472 bytes
Driver: C:\WINDOWS\system32\nvmoblsr.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 2854912 bytes
Driver: C:\WINDOWS\system32\nvvitvs.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 3764224 bytes
Driver: C:\WINDOWS\system32\nvvitvsr.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 4149248 bytes
Driver: C:\WINDOWS\system32\nvwss.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 2686976 bytes
Driver: C:\WINDOWS\system32\nvwssr.dll, 6.14.0011.7813 (English), 9/17/2008 22:55:00, 2981888 bytes
Driver: C:\WINDOWS\help\nvcpl.hlp, 9/17/2008 22:55:00, 177897 bytes
Driver: C:\WINDOWS\help\nvwcplen.hlp, 9/17/2008 22:55:00, 55444 bytes
Driver: C:\WINDOWS\system32\nvcod.dll, 1.03.0004.0028 (English), 9/17/2008 22:55:00, 122880 bytes
Driver: C:\WINDOWS\system32\nvcodins.dll, 1.03.0004.0028 (English), 9/17/2008 22:55:00, 122880 bytes

Name: Texas Instruments OHCI Compliant IEEE 1394 Host Controller
Device ID: PCI\VEN_104C&DEV_8023&SUBSYS_4F438086&REV_00\4&35FAE160&0&18F0
Driver: C:\WINDOWS\system32\DRIVERS\ohci1394.sys, 5.01.2600.5512 (English), 4/13/2008 23:16:20, 61696 bytes
Driver: C:\WINDOWS\system32\DRIVERS\1394bus.sys, 5.01.2600.5512 (English), 4/13/2008 23:16:20, 53376 bytes
Driver: C:\WINDOWS\system32\DRIVERS\nic1394.sys, 5.01.2600.5512 (English), 4/13/2008 23:21:26, 61824 bytes
Driver: C:\WINDOWS\system32\DRIVERS\arp1394.sys, 5.01.2600.5512 (English), 4/13/2008 23:21:26, 60800 bytes
Driver: C:\WINDOWS\system32\DRIVERS\enum1394.sys, 5.01.2600.0000 (English), 8/17/2001 05:46:40, 6400 bytes

------------------
DirectX Components
------------------
ddraw.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:52 279552 bytes
ddrawex.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:52 27136 bytes
dxapi.sys: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 10496 bytes
d3d8.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:52 1179648 bytes
d3d8thk.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:52 8192 bytes
d3d9.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:52 1689088 bytes
d3dim.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 436224 bytes
d3dim700.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:52 824320 bytes
d3dramp.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 590336 bytes
d3drm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 350208 bytes
d3dxof.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 47616 bytes
d3dpmesh.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 34816 bytes
dplay.dll: 5.00.2134.0001 English Final Retail 8/4/2004 04:00:00 33040 bytes
dplayx.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 229888 bytes
dpmodemx.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 23552 bytes
dpwsock.dll: 5.00.2134.0001 English Final Retail 8/4/2004 04:00:00 42768 bytes
dpwsockx.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 57344 bytes
dplaysvr.exe: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:18 29696 bytes
dpnsvr.exe: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:18 17920 bytes
dpnet.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 375296 bytes
dpnlobby.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:39:22 3072 bytes
dpnaddr.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:39:20 3072 bytes
dpvoice.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 212480 bytes
dpvsetup.exe: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:20 83456 bytes
dpvvox.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 116736 bytes
dpvacm.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 21504 bytes
dpnhpast.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 35328 bytes
dpnhupnp.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 60928 bytes
dpserial.dll: 5.00.2134.0001 English Final Retail 8/4/2004 04:00:00 53520 bytes
dinput.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 158720 bytes
dinput8.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 181760 bytes
dimap.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 44032 bytes
diactfrm.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 394240 bytes
joy.cpl: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:42 68608 bytes
gcdef.dll: 5.01.2600.0000 English Final Retail 8/4/2004 04:00:00 76800 bytes
pid.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:04 35328 bytes
dsound.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 367616 bytes
dsound3d.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 1293824 bytes
dswave.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 19456 bytes
dsdmo.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 181248 bytes
dsdmoprp.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 71680 bytes
dmusic.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 104448 bytes
dmband.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 28672 bytes
dmcompos.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 61440 bytes
dmime.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 181248 bytes
dmloader.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 35840 bytes
dmstyle.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 105984 bytes
dmsynth.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 103424 bytes
dmscript.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 82432 bytes
system.dll: 1.01.4322.2407 English Final Retail 1/9/2008 04:01:43 1232896 bytes
Microsoft.DirectX.Direct3D.dll: 9.05.0132.0000 English Final Retail 7/20/2008 00:03:33 473600 bytes
Microsoft.DirectX.Direct3DX.dll: 5.04.0000.3900 English Final Retail 12/24/2007 11:49:14 2676224 bytes
Microsoft.DirectX.Direct3DX.dll: 9.04.0091.0000 English Final Retail 12/24/2007 11:49:16 2846720 bytes
Microsoft.DirectX.Direct3DX.dll: 9.05.0132.0000 English Final Retail 12/24/2007 11:49:17 563712 bytes
Microsoft.DirectX.Direct3DX.dll: 9.06.0168.0000 English Final Retail 12/24/2007 11:49:17 567296 bytes
Microsoft.DirectX.Direct3DX.dll: 9.07.0239.0000 English Final Retail 7/20/2008 00:03:35 576000 bytes
Microsoft.DirectX.Direct3DX.dll: 9.08.0299.0000 English Final Retail 12/24/2007 11:49:19 577024 bytes
Microsoft.DirectX.Direct3DX.dll: 9.09.0376.0000 English Final Retail 12/24/2007 11:49:19 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.10.0455.0000 English Final Retail 12/24/2007 11:49:20 577536 bytes
Microsoft.DirectX.Direct3DX.dll: 9.11.0519.0000 English Final Retail 12/24/2007 11:49:20 578560 bytes
Microsoft.DirectX.Direct3DX.dll: 9.12.0589.0000 English Final Retail 12/24/2007 11:49:22 578560 bytes
Microsoft.DirectX.DirectDraw.dll: 5.04.0000.2904 English Final Retail 7/20/2008 00:03:35 145920 bytes
Microsoft.DirectX.DirectInput.dll: 5.04.0000.2904 English Final Retail 7/20/2008 00:03:36 159232 bytes
Microsoft.DirectX.DirectPlay.dll: 5.04.0000.2904 English Final Retail 7/20/2008 00:03:37 364544 bytes
Microsoft.DirectX.DirectSound.dll: 5.04.0000.2904 English Final Retail 7/20/2008 00:03:37 178176 bytes
Microsoft.DirectX.AudioVideoPlayback.dll: 5.04.0000.2904 English Final Retail 7/20/2008 00:03:32 53248 bytes
Microsoft.DirectX.Diagnostics.dll: 5.04.0000.2904 English Final Retail 7/20/2008 00:03:33 12800 bytes
Microsoft.DirectX.dll: 5.04.0000.2904 English Final Retail 7/20/2008 00:03:32 223232 bytes
dx7vb.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 619008 bytes
dx8vb.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 1227264 bytes
dxdiagn.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 2113536 bytes
mfc40.dll: 4.01.0000.6140 English Final Retail 8/4/2004 04:00:00 924432 bytes
mfc42.dll: 6.02.4131.0000 English Final Retail 4/14/2008 04:41:58 1028096 bytes
wsock32.dll: 5.01.2600.5512 English Final Retail 4/14/2008 04:42:12 22528 bytes
amstream.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:41:50 70656 bytes
devenum.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:41:52 59904 bytes
dxmasf.dll: 6.04.0009.1133 English Final Retail 4/14/2008 04:41:54 498742 bytes
mciqtz32.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:41:58 35328 bytes
mpg2splt.ax: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:44 148992 bytes
msdmo.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:00 14336 bytes
encapi.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:54 20480 bytes
qasf.dll: 11.00.5721.5145 English Final Retail 10/18/2006 21:47:18 211456 bytes
qcap.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:04 192512 bytes
qdv.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:04 279040 bytes
qdvd.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:04 386048 bytes
qedit.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:04 562176 bytes
qedwipes.dll: 6.05.2600.5512 English Final Retail 4/13/2008 21:51:34 733696 bytes
quartz.dll: 6.05.2600.5596 English Final Retail 5/6/2008 21:12:40 1288192 bytes
strmdll.dll: 4.01.0000.3937 English Final Retail 10/3/2008 02:02:42 247326 bytes
iac25_32.ax: 2.00.0005.0053 English Final Retail 4/14/2008 04:42:44 199680 bytes
ir41_32.ax: 4.51.0016.0003 English Final Retail 4/14/2008 04:42:44 848384 bytes
ir41_qc.dll: 4.30.0062.0002 English Final Retail 4/14/2008 04:41:56 120320 bytes
ir41_qcx.dll: 4.30.0064.0001 English Final Retail 4/14/2008 04:41:56 338432 bytes
ir50_32.dll: 5.2562.0015.0055 English Final Retail 4/14/2008 04:41:56 755200 bytes
ir50_qc.dll: 5.00.0063.0048 English Final Retail 4/14/2008 04:41:56 200192 bytes
ir50_qcx.dll: 5.00.0064.0048 English Final Retail 4/14/2008 04:41:56 183808 bytes
ivfsrc.ax: 5.10.0002.0051 English Final Retail 4/14/2008 04:42:44 154624 bytes
mswebdvd.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:02 203776 bytes
ks.sys: 5.03.2600.5512 English Final Retail 4/14/2008 00:46:38 141056 bytes
ksproxy.ax: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:44 129536 bytes
ksuser.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:41:58 4096 bytes
stream.sys: 5.03.2600.5512 English Final Retail 4/14/2008 00:15:16 49408 bytes
mspclock.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:09:52 5376 bytes
mspqm.sys: 5.01.2600.5512 English Final Retail 4/13/2008 23:09:52 4992 bytes
mskssrv.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:09:54 7552 bytes
swenum.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:09:54 4352 bytes
mstee.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:09:52 5504 bytes
ipsink.ax: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:44 16384 bytes
mpeg2data.ax: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:44 118272 bytes
ndisip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:16:24 10880 bytes
streamip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:16:22 15232 bytes
msvidctl.dll: 6.05.2600.5512 English Final Retail 4/14/2008 04:42:02 1428992 bytes
slip.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:16:24 11136 bytes
nabtsfec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:16:26 85248 bytes
ccdecode.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:16:24 17024 bytes
vbisurf.ax: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:44 30208 bytes
msyuv.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:02 16896 bytes
kstvtune.ax: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:44 61952 bytes
ksxbar.ax: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:44 43008 bytes
kswdmcap.ax: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:44 91136 bytes
vfwwdm32.dll: 5.01.2600.5512 English Final Retail 4/14/2008 04:42:10 53760 bytes
wstcodec.sys: 5.03.2600.5512 English Final Retail 4/13/2008 23:16:26 19200 bytes
wstdecod.dll: 5.03.2600.5512 English Final Retail 4/14/2008 04:42:12 50688 bytes

------------------
DirectShow Filters
------------------

WDM Streaming VBI Codecs:
NABTS/FEC VBI Codec,0x00200000,2,1,,5.03.2600.5512
CC Decoder,0x00200000,2,1,,5.03.2600.5512
WST Codec,0x00200000,1,1,,5.03.2600.5512

DirectShow Filters:
QuickTime Audio Decoder Filter,0x00600800,1,1,,
WMAudio Decoder DMO,0x00800800,1,1,,
WMAPro over S/PDIF DMO,0x00600800,1,1,,
WMA Voice Decoder DMO,0x00600800,1,1,,
WMVideo Advanced Decoder DMO,0x00800001,1,1,,
Mpeg4s Decoder DMO,0x00800001,1,1,,
WMV Screen decoder DMO,0x00800001,1,1,,
WMVideo Decoder DMO,0x00800001,1,1,,
QuickTime Video Decoder Filter,0x00600800,1,1,,
Mpeg43 Decoder DMO,0x00800001,1,1,,
Mpeg4 Decoder DMO,0x00800001,1,1,,
WMT MuxDeMux Filter,0x00200000,0,0,wmm2filt.dll,2.01.4026.0000
ffdshow Video Decoder,0xff800001,2,1,ffdshow.ax,1.00.0005.2033
Creative LiveRecording Filter,0x00400000,0,1,LiveRec.ax,2.01.0001.0000
Full Screen Renderer,0x00200000,1,0,quartz.dll,6.05.2600.5596
WMT VIH2 Fix,0x00200000,1,1,WLXVAFilt.dll",
Record Queue,0x00200000,1,1,WLXVAFilt.dll",
WMT Switch Filter,0x00200000,1,1,WLXVAFilt.dll",
WMT Virtual Renderer,0x00200000,1,0,WLXVAFilt.dll",
WMT DV Extract,0x00200000,1,1,WLXVAFilt.dll",
WMT Virtual Source,0x00200000,0,1,WLXVAFilt.dll",
WMT Sample Information Filter,0x00200000,1,1,WLXVAFilt.dll",
CoreVorbis Audio Decoder,0x00800000,1,1,CoreVorbis.ax,1.01.0000.0079
Matroska Source,0x00600000,0,0,MatroskaSplitter.ax,1.00.0003.0000
FreeTrackFilter,0x00200000,0,0,,
ffdshow raw video filter,0x00200000,2,1,ffdshow.ax,1.00.0005.2033
CT Upsampler filter,0x00100000,1,1,Upsample.ax,2.00.0005.0000
Mpa Splitter,0x00600001,1,1,MpaSplitter.ax,1.00.0000.0003
ffdshow Audio Decoder,0x3fffffff,1,1,ffdshow.ax,1.00.0005.2033
Creative Wave Writer,0x00200000,1,0,WavWrite.ax,3.01.0004.0000
DV Muxer,0x00400000,0,0,qdv.dll,6.05.2600.5512
Creative MLP Source Filter,0x00400000,0,1,MlpSrc.ax,3.00.0000.0000
Matroska Splitter,0x00600000,1,1,MatroskaSplitter.ax,1.00.0003.0000
Color Space Converter,0x00400001,1,1,quartz.dll,6.05.2600.5596
WM ASF Reader,0x00400000,0,0,qasf.dll,11.00.5721.5145
Creative NVF Filter,0x00400000,0,1,NvfSrc.ax,3.00.0000.0000
Screen Capture filter,0x00200000,0,1,wmpsrcwp.dll,11.00.5721.5145
AVI Splitter,0x00600000,1,1,quartz.dll,6.05.2600.5596
BPM Metadata,0x001fffff,1,1,MetaBPM.ax,1.00.0004.0000
WMT AudioAnalyzer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VGA 16 Color Ditherer,0x00400000,1,1,quartz.dll,6.05.2600.5596
Indeo® video 5.10 Compression Filter,0x00200000,1,1,ir50_32.dll,5.2562.0015.0055
BPM Metadata,0x001fffff,1,1,MetaBPMu.ax,2.00.0002.0000
Windows Media Audio Decoder,0x00800001,1,1,msadds32.ax,8.00.0000.4487
RealVideo Decoder,0x00600000,1,1,RealMediaSplitter.ax,1.00.0001.0002
AC3 Parser Filter,0x00600000,1,1,mpg2splt.ax,6.05.2600.5512
WMT Format Conversion,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
CT Time-Scaling filter,0x00100000,1,1,TimeScal.ax,2.03.0009.0000
StreamBufferSink,0x00200000,0,0,sbe.dll,6.05.2600.5512
WMT Black Frame Generator,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MJPEG Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.5596
RadLight TTA DirectShow Filter,0x00600000,0,1,RLTTADec.ax,1.00.0000.0000
Indeo® video 5.10 Decompression Filter,0x00640000,1,1,ir50_32.dll,5.2562.0015.0055
WMT Screen Capture filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
SVM Metadata,0x001fffff,1,1,MetaSVM.ax,1.00.0006.0000
Microsoft Screen Video Decompressor,0x00800000,1,1,msscds32.ax,8.00.0000.4487
MPEG-I Stream Splitter,0x00600000,1,2,quartz.dll,6.05.2600.5596
SAMI (CC) Parser,0x00400000,1,1,quartz.dll,6.05.2600.5596
MPEG-2 Splitter,0x005fffff,1,0,mpg2splt.ax,6.05.2600.5512
MP4 Source,0x00600000,0,0,MP4Splitter.ax,1.00.0000.0002
ACELP.net Sipro Lab Audio Decoder,0x00800001,1,1,acelpdec.ax,1.04.0000.0000
VFW Sample Grabber,0x00200000,1,1,P0630Vfw.dll,1.01.0001.6784
RadLight APE DirectShow Filter,0x00600000,0,1,RLAPEDec.ax,1.00.0000.0004
Creative Effects Filter,0x00200000,1,1,CTEffectsFilter.ax,1.00.0003.0000
FLV Splitter,0x00600000,1,1,FLVSplitter.ax,1.00.0000.0004
Internal Script Command Renderer,0x00800001,1,0,quartz.dll,6.05.2600.5596
MPEG Audio Decoder,0x03680001,1,1,quartz.dll,6.05.2600.5596
File Source (Netshow URL),0x00400000,0,1,wmpasf.dll,11.00.5721.5145
WMT Import Filter,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
DV Splitter,0x00600000,1,2,qdv.dll,6.05.2600.5512
Bitmap Generate,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Windows Media Video Decoder,0x00800000,1,1,wmvds32.ax,8.00.0000.4487
Video Mixing Renderer 9,0x00200000,1,0,quartz.dll,6.05.2600.5596
CoreFLAC Audio Source,0x00600000,0,0,CoreFLACDecoder.ax,0.04.0000.0046
Windows Media Video Decoder,0x00800000,1,1,wmv8ds32.ax,8.00.0000.4000
WMT VIH2 Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Mpa Source,0x00600001,0,0,MpaSplitter.ax,1.00.0000.0003
Record Queue,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
CT Karaoke filter,0x00100000,1,1,Karaoke.ax,2.00.0012.0000
CoreFLAC Audio Decoder,0x00600000,1,1,CoreFLACDecoder.ax,0.04.0000.0046
Creative AC3 Source Filter,0x00400000,0,1,AC3Srcu.ax,3.02.0001.0000
MP4 Splitter,0x00600000,1,1,MP4Splitter.ax,1.00.0000.0002
Creative PCM Raw Writer,0x00200000,1,0,RawWritu.ax,1.00.0000.0000
Creative MP3 Source Filter,0x00400000,0,1,Mp3Src.ax,3.01.0003.0000
Windows Media Multiplexer,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASX file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASX v.2 file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5145
NSC file Parser,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
XviD MPEG-4 Video Decoder,0x00800000,1,1,xvid.ax,
RadLight OptimFROG DirectShow Filter,0x00600000,0,1,RLOFRDec.ax,1.00.0000.0001
CT PDP filter,0x00100000,1,1,PDP.ax,1.00.0008.0000
ACM Wrapper,0x00600000,1,1,quartz.dll,6.05.2600.5596
CoreAAC Audio Decoder,0x00800000,1,1,CoreAAC.ax,1.02.0000.0573
Windows Media source filter,0x00600000,0,2,wmpasf.dll,11.00.5721.5145
Video Renderer,0x00800001,1,0,quartz.dll,6.05.2600.5596
Frame Eater,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Video Stream Analyzer,0x00200000,0,0,sbe.dll,6.05.2600.5512
Ogg Source,0x00600001,0,0,oggsplitter.ax,1.00.0000.0000
Line 21 Decoder,0x00600000,1,1,qdvd.dll,6.05.2600.5512
Video Port Manager,0x00600000,2,1,quartz.dll,6.05.2600.5596
WST Decoder,0x00600000,1,1,wstdecod.dll,5.03.2600.5512
Video Renderer,0x00400000,1,0,quartz.dll,6.05.2600.5596
Elecard MPEG2 Demultiplexer,0x00800100,1,2,mpeg2dmx.ax,2.00.0084.30429
RealMedia Source,0x00600000,0,0,RealMediaSplitter.ax,1.00.0001.0002
File Writer,0x00200000,1,0,WLXVAFilt.dll",
DivX Decoder Filter,0xff800000,1,1,divxdec.ax,6.03.0000.0079
Creative AC3 Source Filter,0x00400000,0,1,AC3Src.ax,3.00.0002.0000
CT SmartVolumeManagement filter,0x00100000,1,1,DSCompr.ax,1.00.0008.0000
Creative Audio Gain Filter,0x00200000,1,1,AudGain.ax,1.00.0000.0000
WM ASF Writer,0x00400000,0,0,qasf.dll,11.00.5721.5145
FLV4 Video Decoder,0x00400000,1,1,FLVSplitter.ax,1.00.0000.0004
WMT Sample Information Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
VBI Surface Allocator,0x00600000,1,1,vbisurf.ax,5.03.2600.5512
Creative MP3 Writer,0x00200000,1,0,MP3Write.ax,3.00.0002.0000
Microsoft MPEG-4 Video Decompressor,0x00800000,1,1,mpg4ds32.ax,8.00.0000.4487
Creative Flac Source Filter,0x00400000,0,1,FlacSrcu.ax,1.00.0002.0000
DivX Demux,0x00600000,1,0,DivXMedia.ax,0.00.0000.0028
File writer,0x00200000,1,0,qcap.dll,6.05.2600.5512
Creative MLP Source Filter,0x00400000,0,1,MlpSrcu.ax,3.01.0000.0000
Creative File Reader Filter,0x00400000,0,1,FilReadu.ax,1.00.0005.0000
RadLight MPC DirectShow Filter,0x00600000,0,1,RLMPCDec.ax,1.00.0000.0004
SVM Metadata,0x001fffff,1,1,MetaSVMu.ax,2.00.0002.0000
CT HPVirtualizer filter,0x00100000,1,1,Virtual.ax,1.00.0000.0000
WMT Log Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Virtual Renderer,0x00200000,1,0,wmm2filt.dll,2.01.4026.0000
DirectVobSub,0x00200000,2,1,VSFilter.dll,1.00.0001.0005
RealAudio Decoder,0x00600000,1,1,RealMediaSplitter.ax,1.00.0001.0002
Avi Splitter,0x00600001,1,1,AviSplitter.ax,1.00.0000.0009
DirectVobSub (auto-loading version),0x00800002,2,1,VSFilter.dll,1.00.0001.0005
DVD Navigator,0x00200000,0,2,qdvd.dll,6.05.2600.5512
Ogg Splitter,0x00600001,1,1,oggsplitter.ax,1.00.0000.0000
Overlay Mixer2,0x00400000,1,1,qdvd.dll,6.05.2600.5512
Subtitle Source,0x00200000,0,1,DVobSub.ax,1.00.0000.0009
AC3Filter,0x40000000,1,1,ac3filter.ax,1.03.0001.0000
CT CMSS3 filter,0x00100000,1,1,CMSS3.ax,3.00.0013.0000
AVI Draw,0x00600064,9,1,quartz.dll,6.05.2600.5596
.RAM file Parser,0x00600000,1,0,wmpasf.dll,11.00.5721.5145
OrbRTSPSource,0x00600000,0,1,,
WMT DirectX Transform Wrapper,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
G.711 Codec,0x00200000,1,1,g711codc.ax,5.01.2600.0000
MPEG-2 Demultiplexer,0x00600000,1,1,mpg2splt.ax,6.05.2600.5512
Creative Ogg Source Filter,0x00400000,0,1,OggSrcu.ax,1.00.0001.0000
DV Video Decoder,0x00800000,1,1,qdv.dll,6.05.2600.5512
Creative NVF Filter,0x00400000,0,1,NvfSrcu.ax,3.01.0001.0000
DTS/AC3/DD+ Source,0x00600000,0,1,dtsac3source.ax,1.00.0000.0002
Indeo® audio software,0x00500000,1,1,iac25_32.ax,2.00.0005.0053
Windows Media Update Filter,0x00400000,1,0,wmpasf.dll,11.00.5721.5145
Creative PCM Raw Writer,0x00200000,1,0,RawWrit.ax,1.00.0000.0000
ffdshow Audio Processor,0x00200000,1,1,ffdshow.ax,1.00.0005.2033
Noise Reduction,0x00100000,1,1,NoisRedu.ax,3.00.0007.0000
ASF DIB Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF ACM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF ICM Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF URL Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF JPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF DJPEG Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
ASF embedded stuff Handler,0x00600000,1,1,wmpasf.dll,11.00.5721.5145
DivX Subtitle Decoder,0x00600000,1,1,DivXMedia.ax,0.00.0000.0028
9x8Resize,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WIA Stream Snapshot Filter,0x00200000,1,1,wiasf.ax,1.00.0000.0000
Allocator Fix,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
SampleGrabber,0x00200000,1,1,qedit.dll,6.05.2600.5512
Null Renderer,0x00200000,1,0,qedit.dll,6.05.2600.5512
Creative WMA Writer,0x00200000,1,0,WMAWrite.ax,5.00.0001.0000
WMT Virtual Source,0x00200000,0,1,wmm2filt.dll,2.01.4026.0000
MPEG-2 Sections and Tables,0x005fffff,1,0,mpeg2data.ax,
WMT Interlacer,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
FLV Source,0x00600000,0,0,FLVSplitter.ax,1.00.0000.0004
StreamBufferSource,0x00200000,0,0,sbe.dll,6.05.2600.5512
Smart Tee,0x00200000,1,2,qcap.dll,6.05.2600.5512
Creative WMA Source Filter,0x00400000,0,1,WmaSrc.ax,3.01.0001.0000
Overlay Mixer,0x00200000,0,0,qdvd.dll,6.05.2600.5512
GPL MPEG-1/2 Decoder,0x00500000,1,1,GplMpgDec.ax,0.01.0002.0000
Avi Source,0x00600001,0,0,AviSplitter.ax,1.00.0000.0009
AVI Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.5596
Uncompressed Domain Shot Detection Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
AVI/WAV File Source,0x00400000,0,2,quartz.dll,6.05.2600.5596
CDXA Reader,0x00400000,0,1,cdxareader.ax,1.00.0000.0001
Morgan Stream Switcher,0x00800001,1,1,MMSwitch.ax,0.09.0009.0000
MPEG4 Video Splitter,0x00600000,1,1,MP4Splitter.ax,1.00.0000.0002
QuickTime Movie Parser,0x00600000,1,1,quartz.dll,6.05.2600.5596
Wave Parser,0x00400000,1,1,quartz.dll,6.05.2600.5596
MIDI Parser,0x00400000,1,1,quartz.dll,6.05.2600.5596
Multi-file Parser,0x00400000,1,1,quartz.dll,6.05.2600.5596
File stream renderer,0x00400000,1,1,quartz.dll,6.05.2600.5596
XML Playlist,0x00400000,1,0,wmpasf.dll,11.00.5721.5145
ffdshow subtitles filter,0x00200000,2,1,ffdshow.ax,1.00.0005.2033
RealMedia Splitter,0x00600000,1,1,RealMediaSplitter.ax,1.00.0001.0002
AVI Mux,0x00200000,1,0,qcap.dll,6.05.2600.5512
MPEG4 Video Source,0x00600000,0,0,MP4Splitter.ax,1.00.0000.0002
Line 21 Decoder 2,0x00600002,1,1,quartz.dll,6.05.2600.5596
File Source (Async.),0x00400000,0,1,quartz.dll,6.05.2600.5596
File Source (URL),0x00400000,0,1,quartz.dll,6.05.2600.5596
WMT DV Extract,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Creative CDDA Source Filter,0x00400000,0,1,CDDA.ax,3.00.0003.0000
Creative LiveRecording Filter SxS,0x00400000,0,1,LiveRecu.ax,5.00.0001.0000
WMT Switch Filter,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
WMT Volume,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Creative Internet Source Filter,0x00400000,0,1,InetSrcu.ax,1.00.0000.0000
Stretch Video,0x00200000,1,1,wmm2filt.dll,2.01.4026.0000
Elecard MPEG2 Video Decoder,0x00700000,1,1,mpgdec.ax,2.00.0000.2525
Infinite Pin Tee Filter,0x00200000,1,1,qcap.dll,6.05.2600.5512
VFW Null Render Filter,0x00200000,1,0,P0630Vfw.dll,1.01.0001.6784
QT Decompressor,0x00600000,1,1,quartz.dll,6.05.2600.5596
MPEG Video Decoder,0x40000001,1,1,quartz.dll,6.05.2600.5596
Indeo® video 4.4 Decompression Filter,0x00640000,1,1,ir41_32.ax,4.51.0016.0003
Indeo® video 4.4 Compression Filter,0x00200000,1,1,ir41_32.ax,4.51.0016.0003

WDM Streaming Tee/Splitter Devices:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512

WDM Streaming Data Transforms:
Microsoft Kernel Acoustic Echo Canceller,0x00000000,0,0,,
Microsoft Kernel GS Wavetable Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DLS Synthesizer,0x00200000,1,1,,5.03.2600.5512
Microsoft Kernel DRM Audio Descrambler,0x00200000,1,1,,5.03.2600.5512

Video Compressors:
WMVideo8 Encoder DMO,0x00600800,1,1,,
MSScreen encoder DMO,0x00600800,1,1,,
WMVideo9 Encoder DMO,0x00600800,1,1,,
MSScreen 9 encoder DMO,0x00600800,1,1,,
DV Video Encoder,0x00200000,0,0,qdv.dll,6.05.2600.5512
ffdshow video encoder,0x00100000,1,1,ffdshow.ax,1.00.0005.2033
Indeo® video 5.10 Compression Filter,0x00100000,1,1,ir50_32.dll,5.2562.0015.0055
MJPEG Compressor,0x00200000,0,0,quartz.dll,6.05.2600.5596
Cinepak Codec by Radius,0x00200000,1,1,qcap.dll,6.05.2600.5512
DivX® 6.8.4 Codec (1 Logical CPU),0x00200000,1,1,qcap.dll,6.05.2600.5512
Fraps Video Decompressor,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel 4:2:0 Video V2.50,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo® Video R3.2,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel Indeo® Video 4.5,0x00200000,1,1,qcap.dll,6.05.2600.5512
Indeo® video 5.10,0x00200000,1,1,qcap.dll,6.05.2600.5512
Intel IYUV codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.261 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft H.263 Video Codec,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft RLE,0x00200000,1,1,qcap.dll,6.05.2600.5512
Microsoft Video 1,0x00200000,1,1,qcap.dll,6.05.2600.5512
DivX® 6.8.4 YV12 Decoder,0x00200000,1,1,qcap.dll,6.05.2600.5512

Audio Compressors:
WMA Voice Encoder DMO,0x00600800,1,1,,
WM Speech Encoder DMO,0x00600800,1,1,,
WMAudio Encoder DMO,0x00600800,1,1,,
IAC2,0x00200000,1,1,quartz.dll,6.05.2600.5596
ffdshow Audio Decoder,0x00200000,1,1,quartz.dll,6.05.2600.5596
IMA ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.5596
PCM,0x00200000,1,1,quartz.dll,6.05.2600.5596
Mobile Voice,0x00200000,1,1,quartz.dll,6.05.2600.5596
Microsoft ADPCM,0x00200000,1,1,quartz.dll,6.05.2600.5596
ACELP.net,0x00200000,1,1,quartz.dll,6.05.2600.5596
DSP Group TrueSpeech™,0x00200000,1,1,quartz.dll,6.05.2600.5596
Windows Media Audio V1,0x00200000,1,1,quartz.dll,6.05.2600.5596
Windows Media Audio V2,0x00200000,1,1,quartz.dll,6.05.2600.5596
GSM 6.10,0x00200000,1,1,quartz.dll,6.05.2600.5596
Messenger Audio Codec,0x00200000,1,1,quartz.dll,6.05.2600.5596
Microsoft G.723.1,0x00200000,1,1,quartz.dll,6.05.2600.5596
CCITT A-Law,0x00200000,1,1,quartz.dll,6.05.2600.5596
CCITT u-Law,0x00200000,1,1,quartz.dll,6.05.2600.5596
AC3,0x00200000,1,1,quartz.dll,6.05.2600.5596
DTS,0x00200000,1,1,quartz.dll,6.05.2600.5596
MPEG Layer-3,0x00200000,1,1,quartz.dll,6.05.2600.5596

Audio Capture Sources:
SB Live! 24-bit,0x00200000,0,0,qcap.dll,6.05.2600.5512
Bluetooth Audio,0x00200000,0,0,qcap.dll,6.05.2600.5512
Bluetooth High Quality Audio,0x00200000,0,0,qcap.dll,6.05.2600.5512
IDT Audio1,0x00200000,0,0,qcap.dll,6.05.2600.5512

Midi Renderers:
Creative SoundFont Synth,0x00200000,1,0,quartz.dll,6.05.2600.5596
Default MidiOut Device,0x00800000,1,0,quartz.dll,6.05.2600.5596
Microsoft GS Wavetable SW Synth,0x00200000,1,0,quartz.dll,6.05.2600.5596

WDM Streaming Capture Devices:
IDT Audio1,0x00200000,2,2,,5.03.2600.5512
IDT Audio2,0x00200000,1,1,,5.03.2600.5512
,0x00000000,0,0,,
SB Live! 24-bit,0x00200000,3,2,,5.03.2600.5512
Creative WebCam Live!,0x00200000,0,1,,5.03.2600.5512
Bluetooth Audio,0x00200000,2,2,,5.03.2600.5512
Bluetooth High Quality Audio,0x00200000,2,2,,5.03.2600.5512

WDM Streaming Rendering Devices:
IDT Audio1,0x00200000,2,2,,5.03.2600.5512
IDT Audio2,0x00200000,1,1,,5.03.2600.5512
Creative SoundFont Synth,0x00200000,1,1,,5.03.2600.5512
SB Live! 24-bit,0x00200000,3,2,,5.03.2600.5512
Bluetooth Audio,0x00200000,2,2,,5.03.2600.5512
Bluetooth High Quality Audio,0x00200000,2,2,,5.03.2600.5512

BDA Rendering Filters:
BDA IP Sink,0x00200000,1,1,,5.03.2600.5512

Video Capture Sources:
Creative WebCam Live!,0x00200000,0,1,,5.03.2600.5512
Creative WebCam Live! (VFW),0x00200000,0,0,qcap.dll,6.05.2600.5512

BDA Transport Information Renderers:
MPEG-2 Sections and Tables,0x00600000,1,0,mpeg2data.ax,

WDM Streaming Mixer Devices:
Microsoft Kernel Wave Audio Mixer,0x00000000,0,0,,

BDA CP/CA Filters:
Decrypt/Tag,0x00600000,1,0,encdec.dll,6.05.2600.5512
Encrypt/Tag,0x00200000,0,0,encdec.dll,6.05.2600.5512
XDS Codec,0x00200000,0,0,encdec.dll,6.05.2600.5512

WDM Streaming Communication Transforms:
Tee/Sink-to-Sink Converter,0x00200000,1,1,,5.03.2600.5512

Audio Renderers:
SB Live! 24-bit,0x00200000,1,0,quartz.dll,6.05.2600.5596
Bluetooth Audio,0x00200000,1,0,quartz.dll,6.05.2600.5596
Bluetooth High Quality Audio,0x00200000,1,0,quartz.dll,6.05.2600.5596
Default DirectSound Device,0x00800000,1,0,quartz.dll,6.05.2600.5596
Default WaveOut Device,0x00200000,1,0,quartz.dll,6.05.2600.5596
DirectSound: Bluetooth Audio,0x00200000,1,0,quartz.dll,6.05.2600.5596
DirectSound: Bluetooth High Quality Audio,0x00200000,1,0,quartz.dll,6.05.2600.5596
DirectSound: IDT Audio1,0x00200000,1,0,quartz.dll,6.05.2600.5596
DirectSound: IDT Audio2,0x00200000,1,0,quartz.dll,6.05.2600.5596
DirectSound: SB Live! 24-bit,0x00200000,1,0,quartz.dll,6.05.2600.5596
IDT Audio1,0x00200000,1,0,quartz.dll,6.05.2600.5596
IDT Audio2,0x00200000,1,0,quartz.dll,6.05.2600.5596

WDM Streaming System Devices:
IDT Audio1,0x00200000,8,2,,5.03.2600.5512
IDT Audio2,0x00200000,4,2,,5.03.2600.5512
Creative SoundFont Synth,0x00200000,4,2,,5.03.2600.5512
SB Live! 24-bit,0x00200000,4,2,,5.03.2600.5512
Bluetooth Audio,0x00200000,4,2,,5.03.2600.5512
Bluetooth High Quality Audio,0x00200000,4,2,,5.03.2600.5512

BDA Receiver Component:
BDA Slip De-Framer,0x00600000,1,1,,5.03.2600.5512

*************************************************************

COMBO

ComboFix 09-02-02.04 - Kyle 2009-02-02 20:06:23.4 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3070.2255 [GMT -8:00]
Running from: c:\downloads\ComboFix.exe
AV: Norton 360 *On-access scanning disabled* (Updated)
FW: Norton 360 *enabled*
.

((((((((((((((((((((((((( Files Created from 2009-01-03 to 2009-02-03 )))))))))))))))))))))))))))))))
.

2009-01-30 09:41 . 2009-01-30 09:41 2,090 --ah----- C:\WCThumb.tmb
2009-01-26 16:41 . 2009-01-26 16:41 <DIR> d-------- c:\program files\TurboTax
2009-01-04 22:45 . 2009-01-04 22:45 <DIR> d-------- c:\windows\system32\IOSUBSYS
2009-01-04 00:36 . 2008-10-10 04:52 4,379,984 --a------ c:\windows\system32\D3DX9_40.dll
2009-01-04 00:36 . 2008-10-10 04:52 2,036,576 --a------ c:\windows\system32\D3DCompiler_40.dll
2009-01-04 00:36 . 2008-10-27 10:04 514,384 --a------ c:\windows\system32\XAudio2_3.dll
2009-01-04 00:36 . 2008-10-10 04:52 452,440 --a------ c:\windows\system32\d3dx10_40.dll
2009-01-04 00:36 . 2008-10-27 10:04 235,856 --a------ c:\windows\system32\xactengine3_3.dll
2009-01-04 00:36 . 2008-10-27 10:04 70,992 --a------ c:\windows\system32\XAPOFX1_2.dll
2009-01-04 00:36 . 2008-10-27 10:04 23,376 --a------ c:\windows\system32\X3DAudio1_5.dll
2009-01-03 20:31 . 2009-01-03 20:40 <DIR> d-------- c:\program files\Synfig
2009-01-03 19:06 . 2009-01-03 19:06 603,904 --a------ c:\windows\system32\TUProgSt.exe
2009-01-03 19:06 . 2009-01-03 19:06 360,192 --a------ c:\windows\system32\TuneUpDefragService.exe
2009-01-03 19:06 . 2008-12-11 04:31 27,904 --a------ c:\windows\system32\uxtuneup.dll
2009-01-03 18:39 . 2009-01-03 18:39 <DIR> d--h----- c:\windows\Icons
2009-01-03 18:37 . 2009-01-03 18:37 2,285,056 --a------ c:\windows\system32\TUKernel.exe
2009-01-03 14:00 . 2009-01-03 14:00 <DIR> d-------- c:\documents and settings\Kyle\Application Data\TuneUp Software
2009-01-03 13:57 . 2009-01-03 19:06 <DIR> d-------- c:\program files\TuneUp Utilities 2009
2009-01-03 13:57 . 2009-01-03 13:57 <DIR> d-------- c:\documents and settings\All Users\Application Data\TuneUp Software
2009-01-03 13:56 . 2009-01-03 13:56 <DIR> d--hs---- c:\documents and settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-03 12:06 . 2009-01-26 16:58 <DIR> d-------- c:\program files\Common Files\AnswerWorks 5.0
2009-01-03 12:05 . 2008-08-19 09:46 3,523,872 --a------ c:\windows\system32\cdintf300.dll
2009-01-03 12:05 . 2008-08-19 09:46 1,848,608 --a------ c:\windows\system32\acXMLParser.dll
2009-01-03 12:03 . 2009-01-03 12:28 <DIR> d-------- c:\program files\Quicken
2009-01-03 12:02 . 2009-01-03 12:36 165 --a------ c:\windows\QUICKEN.INI

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-02-03 04:06 --------- d-----w c:\documents and settings\Kyle\Application Data\Azureus
2009-02-03 04:05 --------- d-----w c:\program files\Common Files\Symantec Shared
2009-02-03 02:26 --------- d-----w c:\program files\Azureus
2009-02-03 00:25 --------- d-----w c:\program files\Symantec
2009-02-03 00:24 806 ----a-w c:\windows\system32\drivers\SYMEVENT.INF
2009-02-03 00:24 60,808 ----a-w c:\windows\system32\S32EVNT1.DLL
2009-02-03 00:24 124,464 ----a-w c:\windows\system32\drivers\SYMEVENT.SYS
2009-02-03 00:24 10,635 ----a-w c:\windows\system32\drivers\SYMEVENT.CAT
2009-01-27 00:51 --------- d-----w c:\documents and settings\All Users\Application Data\Intuit
2009-01-27 00:50 --------- d-----w c:\program files\Common Files\Intuit
2009-01-19 03:03 --------- d-----w c:\documents and settings\Kyle\Application Data\Creative
2009-01-06 04:59 2,516 --sha-w c:\documents and settings\All Users\Application Data\KGyGaAvL.sys
2009-01-05 06:44 --------- d-----w c:\program files\Google
2009-01-04 08:46 --------- d-----w c:\documents and settings\All Users\Application Data\Microsoft Help
2009-01-03 22:09 --------- d-----w c:\program files\iTunes
2009-01-03 20:06 --------- d--h--w c:\program files\InstallShield Installation Information
2009-01-03 20:04 --------- d-----w c:\documents and settings\Kyle\Application Data\Intuit
2009-01-03 00:09 --------- d-----w c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-02 23:46 --------- d-----w c:\documents and settings\All Users\Application Data\SecTaskMan
2009-01-02 23:42 --------- d-----w c:\program files\Security Task Manager
2009-01-02 21:11 --------- d-----w c:\program files\SBRunMan
2009-01-01 05:08 --------- d-----w c:\program files\SecondLife
2009-01-01 05:07 --------- d-----w c:\documents and settings\Kyle\Application Data\SecondLife
2008-12-31 14:17 --------- d-----w c:\documents and settings\All Users\Application Data\Symantec
2008-12-30 03:12 --------- d-----w c:\program files\Defrag Professional
2008-12-30 03:10 --------- d-----w c:\program files\QuickTime
2008-12-30 02:58 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-30 02:57 --------- d-----w c:\program files\iPod
2008-12-30 02:57 --------- d-----w c:\program files\Common Files\Apple
2008-12-30 00:51 --------- d-----w c:\program files\CCleaner
2008-12-30 00:47 --------- d-----w c:\program files\Common Files\Wise Installation Wizard
2008-12-29 07:16 --------- d-----w c:\program files\Startup Optimizer
2008-12-29 06:47 --------- d-----w c:\program files\Steam
2008-12-29 06:42 --------- d-----w c:\program files\Norton 360
2008-12-29 05:48 --------- d-----w c:\documents and settings\Kyle\Application Data\Symantec
2008-12-29 01:09 --------- d-----w c:\program files\Windows Sidebar
2008-12-23 23:11 --------- d-----w c:\program files\Intel Audio Studio
2008-12-23 22:47 --------- d-----w c:\program files\XP Codec Pack
2008-12-23 08:25 98,304 ----a-w c:\windows\DUMP5e0e.tmp
2008-12-23 07:21 98,304 ----a-w c:\windows\DUMP688d.tmp
2008-12-20 23:46 --------- d-----w c:\program files\Creative
2008-12-20 23:42 409,600 ----a-w c:\windows\system32\wrap_oal.dll
2008-12-20 23:42 114,688 ----a-w c:\windows\system32\OpenAL32.dll
2008-12-20 23:20 --------- d-----w c:\program files\DivX
2008-12-20 22:53 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-12-20 22:52 --------- d-----w c:\program files\MediaCoder
2008-12-20 18:32 --------- d-----w c:\program files\SUPERAntiSpyware
2008-12-20 06:04 --------- d-----w c:\documents and settings\Kyle\Application Data\Free Download Manager
2008-12-20 03:40 --------- d-----w c:\program files\Microsoft Games
2008-12-20 03:29 --------- d-----w c:\program files\Lavasoft
2008-12-20 03:29 --------- d-----w c:\documents and settings\All Users\Application Data\Lavasoft
2008-12-20 02:09 --------- d-----w c:\documents and settings\Kyle\Application Data\SUPERAntiSpyware.com
2008-12-20 02:09 --------- d-----w c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-18 07:21 --------- d-----w c:\program files\TVersity Codec Pack
2008-12-18 07:20 --------- d-----w c:\program files\ffdshow
2008-12-16 04:49 --------- d-----w c:\program files\Bonjour
2008-12-15 07:39 --------- d-----w c:\program files\Free Download Manager
2008-12-14 05:28 410,984 ----a-w c:\windows\system32\deploytk.dll
2008-12-14 05:28 --------- d-----w c:\program files\Java
2008-12-13 05:14 --------- d-----w c:\program files\Spybot - Search & Destroy
2008-12-12 19:18 87,336 ----a-w c:\windows\system32\dns-sd.exe
2008-12-12 19:11 61,440 ----a-w c:\windows\system32\dnssd.dll
2008-12-12 09:14 --------- d-----w c:\documents and settings\All Users\Application Data\Panda Software
2008-12-11 10:57 333,952 ----a-w c:\windows\system32\drivers\srv.sys
2008-12-10 01:42 --------- d-----w c:\documents and settings\Kyle\Application Data\ABBYY
2008-12-09 08:29 --------- d-----w c:\documents and settings\All Users\Application Data\ABBYY
2008-11-29 20:26 991,232 ----a-w c:\windows\system32\VSFilter.dll
2008-11-21 21:47 524,288 ----a-w c:\windows\system32\DivXsm.exe
2008-11-21 21:47 3,596,288 ----a-w c:\windows\system32\qt-dx331.dll
2008-11-21 21:46 200,704 ----a-w c:\windows\system32\ssldivx.dll
2008-11-21 21:46 1,044,480 ----a-w c:\windows\system32\libdivx.dll
2008-11-21 21:44 161,096 ----a-w c:\windows\system32\DivXCodecVersionChecker.exe
2008-11-21 21:44 12,288 ----a-w c:\windows\system32\DivXWMPExtType.dll
2008-11-17 20:04 2,306,113 ----a-w c:\windows\system32\GPhotos.scr
2008-11-06 02:21 47,360 ----a-w c:\documents and settings\Kyle\Application Data\pcouffin.sys
2008-09-08 04:49 167 ----a-w c:\documents and settings\Kyle\xrt_log.dat
2008-06-25 23:18 88 --sh--r c:\documents and settings\All Users\Application Data\9CC59B079B.sys
2008-01-28 04:32 3,080 ----a-w c:\program files\Craftyov.ini
2008-01-17 03:59 23,136 ----a-w c:\documents and settings\Kyle\Application Data\GDIPFONTCACHEV1.DAT
2008-02-10 10:50 56 --sha-r c:\windows\system32\9B079BC59C.sys
2008-02-10 10:50 3,350 --sha-w c:\windows\system32\KGyGaAvL.sys
2008-09-01 19:27 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008082520080901\index.dat
2008-09-08 07:30 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008090120080908\index.dat
2008-09-08 08:00 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008090820080909\index.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayExcluded]
@="{4433A54A-1AC8-432F-90FC-85F045CF383C}"
[HKEY_CLASSES_ROOT\CLSID\{4433A54A-1AC8-432F-90FC-85F045CF383C}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayPending]
@="{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}"
[HKEY_CLASSES_ROOT\CLSID\{F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\OverlayProtected]
@="{476D0EA3-80F9-48B5-B70B-05E677C9C148}"
[HKEY_CLASSES_ROOT\CLSID\{476D0EA3-80F9-48B5-B70B-05E677C9C148}]
2008-10-31 12:24 576352 --a------ c:\program files\Common Files\Symantec Shared\Backup\buShell.dll

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-09-17 13574144]
"ccApp"="c:\program files\Common Files\Symantec Shared\ccApp.exe" [2008-10-17 51048]
"osCheck"="c:\program files\Norton 360\osCheck.exe" [2008-02-26 988512]
"OODefragTray"="c:\windows\system32\oodtray.exe" [2008-09-04 2524416]
"nwiz"="nwiz.exe" [2008-09-17 c:\windows\system32\nwiz.exe]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 c:\windows\system32\bthprops.cpl]
"P17Helper"="P17.dll" [2005-05-03 c:\windows\system32\P17.dll]

c:\documents and settings\Kyle\Start Menu\Programs\Startup\
MemInfo.lnk - c:\program files\MemInfo\meminfo.exe [2007-08-26 723968]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Bluetooth.lnk - c:\program files\WIDCOMM\Bluetooth Software\BTTray.exe [2006-05-12 581693]
Logitech SetPoint.lnk - c:\program files\Logitech\SetPoint\SetPoint.exe [2008-11-23 805392]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"MaxRecentDocs"= 11 (0xb)

[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"= "c:\program files\Windows Desktop Search\MSNLNamespaceMgr.dll" [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"UIHost"="c:\documents and settings\All Users\Application Data\TuneUp Software\TuneUp Utilities\WinStyler\tu_logonui.exe"

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon]
2008-07-23 15:28 352256 c:\program files\SUPERAntiSpyware\SASWINLO.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\LBTWlgn]
2008-05-02 02:42 72208 c:\program files\Common Files\Logishrd\Bluetooth\LBTWLgn.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"MSACM.CEGSM"= mobilev.acm
"VIDC.FFDS"= ffdshow.ax
"msacm.avis"= ff_acm.acm
"msacm.ac3filter"= ac3filter.acm

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0OODBS

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
@=""

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViStart]
c:\temp\ViStart\ViStart [X]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
--a------ 2004-08-16 15:45 45056 c:\program files\ANI\ANIWZCS2 Service\WZCSLDR2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
--a------ 2008-04-14 04:42 15360 c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus G]
--a------ 2004-09-14 13:16 1212416 c:\program files\D-Link\AirPlus G\AirGCFG.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
--a----t- 2008-09-07 22:11 133104 c:\documents and settings\Kyle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PnkBstrA"=2 (0x2)

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"ctfmon.exe"=c:\windows\system32\ctfmon.exe

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" -atboottime
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
"NvMediaCenter"=RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Steam\\Steam.exe"=
"c:\\Program Files\\Steam\\steamapps\\kdougan\\counter-strike source\\hl2.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Messenger\\msmsgs.exe"=
"c:\\Program Files\\Free Download Manager\\fdm.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"=
"c:\\Program Files\\Yahoo!\\Messenger\\YServer.exe"=
"c:\\Program Files\\Azureus\\Azureus.exe"=
"c:\\Program Files\\NewTek\\LightWave 3D 9.3\\Programs\\modeler.exe"=
"c:\\Program Files\\NewTek\\LightWave 3D 9.3\\Programs\\hub.exe"=
"c:\\Program Files\\NewTek\\LightWave 3D 9.3\\Programs\\lightwav.exe"=
"c:\\Program Files\\QuickTime\\QuickTimePlayer.exe"=
"c:\\WINDOWS\\system32\\dpvsetup.exe"=
"c:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"c:\\Program Files\\Melloware\\Intelliremote\\Intelliremote.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"=
"c:\\Program Files\\Windows Live\\Messenger\\livecall.exe"=
"c:\\Program Files\\SmartFTP Client\\SmartFTP.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009
"6000:TCP"= 6000:TCP:iREMOTE
"6000:UDP"= 6000:UDP:iREMOTE
"8556:TCP"= 8556:TCP:intelli

R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [2008-11-17 8944]
R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2008-11-17 55024]
R1 StarPortLite;StarPort Storage Controller (Lite);c:\windows\system32\drivers\StarPortLite.sys [2008-11-26 93544]
R2 IntuitUpdateService;Intuit Update Service;c:\program files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2008-10-10 13088]
R2 LiveUpdate Notice;LiveUpdate Notice;c:\program files\Common Files\Symantec Shared\CCSVCHST.EXE [2008-02-18 149352]
R2 osaio;osaio;c:\windows\system32\drivers\osaio.sys [2007-10-16 6784]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service;c:\windows\system32\TUProgSt.exe [2009-01-03 603904]
R3 COH_Mon;COH_Mon;c:\windows\system32\drivers\COH_Mon.sys [2008-01-12 23888]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-01-25 99376]
R3 P0630VID;Creative WebCam Live!;c:\windows\system32\drivers\P0630Vid.sys [2007-12-22 91830]
S3 OMAWGU(Belkin Corporation);My Essential G USB Adapter(Belkin Corporation);c:\windows\system32\DRIVERS\OMAWGU.sys --> c:\windows\system32\DRIVERS\OMAWGU.sys [?]
S3 PEEK5;PEEK5 Protocol Driver;\??\c:\aircrack-ng-win-0.9.1\bin\PEEK5.SYS --> c:\aircrack-ng-win-0.9.1\bin\PEEK5.SYS [?]
S3 RkPavproc1;RkPavproc1;\??\c:\windows\system32\drivers\RkPavproc1.sys --> c:\windows\system32\drivers\RkPavproc1.sys [?]
S3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [2008-11-17 7408]
S4 Ptipfl;Ptipfl; [x]

--- Other Services/Drivers In Memory ---

*NewlyCreated* - COMHOST

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
UxTuneUp

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a559fad0-797e-11dc-89b6-0019d1756f31}]
\Shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9382dea-7b4a-11dc-89c2-000c41612f8b}]
\Shell\AutoRun\command - F:\LaunchU3.exe

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{621FCD24-4498-4324-A81E-07D331376EDF}]
c:\program files\PixiePack Codec Pack\InstallerHelper.exe
.
Contents of the 'Scheduled Tasks' folder

2009-02-03 c:\windows\Tasks\1-Click Maintenance.job
- c:\program files\TuneUp Utilities 2009\OneClickStarter.exe [2008-12-11 12:36]

2009-02-03 c:\windows\Tasks\AppleSoftwareUpdate.job
- c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 11:34]

2009-02-03 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-413027322-839522115-1003.job
- c:\documents and settings\Kyle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-07 22:11]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
uInternet Connection Wizard,ShellNext = hxxp://www.cpuid.com/
uInternet Settings,ProxyOverride = *.local
IE: &Search - ?p=ZKman000
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: Download all links with IDM
IE: Download all with Free Download Manager - file://c:\program files\Free Download Manager\dlall.htm
IE: Download FLV video content with IDM
IE: Download selected with Free Download Manager - file://c:\program files\Free Download Manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\Free Download Manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\Free Download Manager\dllink.htm
IE: Download with IDM
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000
IE: Send To &Bluetooth - c:\program files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
Trusted Zone: turbotax.com
DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} - hxxp://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-02-02 20:08:52
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_USERS\S-1-5-21-2052111302-413027322-839522115-1003\Software\SecuROM\License information*]
"datasecu"=hex:8b,d5,6c,2e,4d,19,f8,9d,0b,30,73,e8,28,ff,5a,75,b3,c1,eb,db,ab,
92,16,f2,7d,73,c4,5f,4c,9e,37,2b,90,c9,01,ca,35,2a,44,99,aa,13,ab,c8,39,3a,\
"rkeysecu"=hex:3e,66,c7,04,5d,96,cd,76,c6,64,8d,f6,3e,4a,29,73

[HKEY_LOCAL_MACHINE\software\Microsoft\Windows\CurrentVersion\System*]
"OODEFRAG11.00.00.01WORKSTATION"="41EBE1C78C2512314BD51D6C402EDB8DADB689191F3D99DB75940454AF724219E4E86746E04717005BDE437F3CF5643355E6AE0AA633DD3A7092A85137B37D488A4800D695078063E843D834ED416CC6F664B6FEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CFEBC9E127BECC74CA6A0AC4980AC7933A6A0AC4980AC7933A6A0AC4980AC79335D575E7D6A3B98080CE6F279A756D9B09B969808B3078656034C53F1222E3D1E95677AD25428E9C60281C569C262564CD9E1F9A8E413F67463FCDEC5EE8A8EE73F0906E464079EE85DA1E7CB6AA2A70EBE7548AA7C4D370D8F90F07165584CA08426B8370B0D057196F95EAD91DBA017014F2DAD3A14CF259AEBFA47AF2F544CF52C68EB06ABEF055CA30424A0F6AB508A4FA9D55567DF86CB59BE1B72C819B458EE3D2883F4C88D8F1985C373FD45637B390EC9756B17BA9E0756C542022167A2A23317259F09B947B965A8DAA27AC024B58236B76ABB13C304ABA3A95E073483E29B650485407CCA4978709A37739A8CD180C9ACD026A49DC70016A682F7B15A2F1DC3A927128A19ED6ABEE935E6E8ED7DD8395A2FC4C6442A6602AB38B7B73BE7AD6816A7B45E6236373975B720E6B80DACBAB93B971503E9C6CE1F6E9B646FD49A0FBBCC75B70E0EB28BDD7D00130E3AF38BB7CCB5EFD927DCE859B68D98742006F10202B11634CA00E2376CFBB0C59F78EA35E0467CFAE83843A9C60D7978D6E3D5C2D6DD42A3A29A73878B1B47E7BDD99B86998722CF17BCCFD1F7AB7061ED7C7ECEFC01C4DB32CEF3CC0779A136790B66F43B4B8C7100238988498E2AC7B9ED35684BB66B15F8C09D762E49CE201CD016BEAD752DB2D3F4EBF6DBF1987875A849C53DACC9365864AFE7754CA2CE50C7FA14FE01B614A994F6BAF5236FF23FF00C9372A7B55E9A04ED7AF55C349AA8DF679960F9A24FF9B4B0660184296C995ED1EF2C7F48DE683D1D7968655D9317D735E82502AC4E22DBA1808B0D82CCEAE0F56D531D613CD3820AA52FE63EFBF54ABE0F48CED4B1E4E7D482C7C67CB1FDB65414700221314D9881B0CCF63BC80021638C6428DD4B65075D5A0A4EDBEA00F4505E3541EEAAAE9956C66B3C782757990757BCED5225AD3E4DEACED7AAFD0584CD3B728074CBB2F4DF7FD37364737FC79257B40F7D792CE3BF09B029B6210323380E9E7CA0E678E979ECF8EC2BC16192EE6AD591EE3832264F7F741C0FC35360FCAD5684A588838E8093EB8DC25748B40F60CC8FFB04F3029D8CFD1F8A04B5A18CE4587B786C3BCE586B674C6030E5BB6400E8353B340CCC5061D8B54138CA205D7286D85485EA6666DEC536FE79CD0BE68122C30A56F62E0E2432F311669BE7E88A68A636F7C16817CF866C6016785B92129011092817210470DB859ACE8F592D53"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'winlogon.exe'(1744)
c:\program files\SUPERAntiSpyware\SASWINLO.dll
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
c:\program files\common files\logishrd\bluetooth\LBTServ.dll
c:\windows\system32\CLBCATQ.DLL
c:\windows\system32\COMRes.dll
.
Completion time: 2009-02-02 20:12:15
ComboFix-quarantined-files.txt 2009-02-03 04:12:11
ComboFix2.txt 2009-02-03 03:01:07
ComboFix3.txt 2008-12-21 03:32:15

Pre-Run: 56,903,098,368 bytes free
Post-Run: 56,878,718,976 bytes free

Current=2 Default=2 Failed=1 LastKnownGood=4 Sets=1,2,3,4
315 --- E O F --- 2009-01-25 12:06:46

*****************************************************************

RANDOM

Logfile of random's system information tool 1.05 (written by random/random)
Run by Kyle at 2009-02-02 18:16:26
Microsoft Windows XP Professional Service Pack 3
System drive C: has 50 GB (16%) free of 305 GB
Total RAM: 3062 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:16:44, on 2/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Intel\AMT\LMS.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\MemInfo\meminfo.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Azureus\Azureus.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServer.exe
C:\Downloads\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Kyle.exe

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cpuid.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2052111302-413027322-839522115-1010\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'xbmc')
O4 - S-1-5-18 Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe (User 'Default user')
O4 - Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - ?p=ZKman000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/p...IEGetPlugin.ocx
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/...101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1192867484921
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/...ash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15106/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel® AMT System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel® Active Management Technology LMS Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)

--
End of file - 12719 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\1-Click Maintenance.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-2052111302-413027322-839522115-1003.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll [2008-09-15 1562960]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}]
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll [2008-06-30 349552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
Symantec Intrusion Prevention - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll [2008-12-28 116088]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}]
FDMIECookiesBHO Class - C:\Program Files\Free Download Manager\iefdm2.dll [2008-06-18 94208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - Show Norton Toolbar - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll [2008-06-30 349552]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-09-17 13574144]
"nwiz"=nwiz.exe /install []
"BluetoothAuthenticationAgent"=C:\WINDOWS\system32\bthprops.cpl [2008-04-14 110592]
"P17Helper"=Rundll32 P17.dll []
"ccApp"=C:\Program Files\Common Files\Symantec Shared\ccApp.exe [2008-10-17 51048]
"osCheck"=C:\Program Files\Norton 360\osCheck.exe [2008-02-26 988512]
"OODefragTray"=C:\WINDOWS\system32\oodtray.exe [2008-09-04 2524416]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ANIWZCS2Service]
C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe [2004-08-16 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\D-Link AirPlus G]
C:\Program Files\D-Link\AirPlus G\AirGCFG.exe [2004-09-14 1212416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2008-09-07 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ViStart]
C:\temp\ViStart\ViStart []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"PnkBstrA"=2

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe

C:\Documents and Settings\Kyle\Start Menu\Programs\Startup
MemInfo.lnk - C:\Program Files\MemInfo\meminfo.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC}
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{56F9679E-7826-4C84-81F3-532071A8BCC5}"=C:\Program Files\Windows Desktop Search\MSNLNamespaceMgr.dll [2008-05-26 304128]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"LegalNoticeText"=
"LegalNoticeCaption"=

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"MaxRecentDocs"=11

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Steam\Steam.exe"="C:\Program Files\Steam\Steam.exe:*:Enabled:Steam"
"C:\Program Files\Steam\steamapps\kdougan\counter-strike source\hl2.exe"="C:\Program Files\Steam\steamapps\kdougan\counter-strike source\hl2.exe:*:Enabled:hl2"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Free Download Manager\fdm.exe"="C:\Program Files\Free Download Manager\fdm.exe:*:Enabled:Free Download Manager"
"C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe"="C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe:*:Enabled:Yahoo! Messenger"
"C:\Program Files\Yahoo!\Messenger\YServer.exe"="C:\Program Files\Yahoo!\Messenger\YServer.exe:*:Enabled:Yahoo! FT Server"
"C:\Program Files\Azureus\Azureus.exe"="C:\Program Files\Azureus\Azureus.exe:*:Enabled:Azureus"
"C:\Program Files\NewTek\LightWave 3D 9.3\Programs\modeler.exe"="C:\Program Files\NewTek\LightWave 3D 9.3\Programs\modeler.exe:*:Enabled:modeler"
"C:\Program Files\NewTek\LightWave 3D 9.3\Programs\hub.exe"="C:\Program Files\NewTek\LightWave 3D 9.3\Programs\hub.exe:*:Enabled:hub"
"C:\Program Files\NewTek\LightWave 3D 9.3\Programs\lightwav.exe"="C:\Program Files\NewTek\LightWave 3D 9.3\Programs\lightwav.exe:*:Enabled:lightwav"
"C:\Program Files\QuickTime\QuickTimePlayer.exe"="C:\Program Files\QuickTime\QuickTimePlayer.exe:*:Enabled:QuickTime Player"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\Melloware\Intelliremote\Intelliremote.exe"="C:\Program Files\Melloware\Intelliremote\Intelliremote.exe:*:Enabled:Intelliremote"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Program Files\SmartFTP Client\SmartFTP.exe"="C:\Program Files\SmartFTP Client\SmartFTP.exe:*:Enabled:SmartFTP Client 3.0"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe"="C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe:LocalSubNet:Disabled:Intuit Update Shared Downloads Server"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a559fad0-797e-11dc-89b6-0019d1756f31}]
shell\AutoRun\command - F:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d9382dea-7b4a-11dc-89c2-000c41612f8b}]
shell\AutoRun\command - F:\LaunchU3.exe


======List of files/folders created in the last 2 months======

2009-01-26 16:41:58 ----D---- C:\Program Files\TurboTax
2009-01-25 04:06:31 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-04 22:45:06 ----D---- C:\WINDOWS\system32\IOSUBSYS
2009-01-04 00:36:50 ----A---- C:\WINDOWS\system32\d3dx10_40.dll
2009-01-04 00:36:50 ----A---- C:\WINDOWS\system32\D3DCompiler_40.dll
2009-01-04 00:36:49 ----A---- C:\WINDOWS\system32\D3DX9_40.dll
2009-01-04 00:36:48 ----A---- C:\WINDOWS\system32\XAudio2_3.dll
2009-01-04 00:36:48 ----A---- C:\WINDOWS\system32\XAPOFX1_2.dll
2009-01-04 00:36:47 ----A---- C:\WINDOWS\system32\xactengine3_3.dll
2009-01-04 00:36:46 ----A---- C:\WINDOWS\system32\X3DAudio1_5.dll
2009-01-03 20:31:36 ----D---- C:\Program Files\Synfig
2009-01-03 19:06:14 ----A---- C:\WINDOWS\system32\TUProgSt.exe
2009-01-03 19:06:12 ----A---- C:\WINDOWS\system32\uxtuneup.dll
2009-01-03 19:06:11 ----A---- C:\WINDOWS\system32\TuneUpDefragService.exe
2009-01-03 18:39:06 ----HD---- C:\WINDOWS\Icons
2009-01-03 18:37:13 ----A---- C:\WINDOWS\system32\TUKernel.exe
2009-01-03 14:28:14 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-03 14:00:37 ----D---- C:\Documents and Settings\Kyle\Application Data\TuneUp Software
2009-01-03 13:57:19 ----D---- C:\Documents and Settings\All Users\Application Data\TuneUp Software
2009-01-03 13:57:06 ----D---- C:\Program Files\TuneUp Utilities 2009
2009-01-03 13:56:21 ----SHD---- C:\Documents and Settings\All Users\Application Data\{55A29068-F2CE-456C-9148-C869879E2357}
2009-01-03 12:06:19 ----D---- C:\Program Files\Common Files\AnswerWorks 5.0
2009-01-03 12:05:32 ----A---- C:\WINDOWS\system32\acXMLParser.dll
2009-01-03 12:05:30 ----A---- C:\WINDOWS\system32\cdintf300.dll
2009-01-03 12:03:37 ----D---- C:\Program Files\Quicken
2009-01-03 12:02:26 ----A---- C:\WINDOWS\QUICKEN.INI
2009-01-02 15:41:50 ----D---- C:\Program Files\Security Task Manager
2009-01-02 13:11:44 ----D---- C:\Program Files\SBRunMan
2009-01-01 10:40:40 ----A---- C:\WINDOWS\system32\tmp.txt
2009-01-01 10:40:32 ----A---- C:\rapport.txt
2008-12-31 21:06:16 ----D---- C:\Documents and Settings\Kyle\Application Data\SecondLife
2008-12-31 21:05:37 ----D---- C:\Program Files\SecondLife
2008-12-29 19:30:59 ----A---- C:\WINDOWS\oodcnt.INI
2008-12-29 19:28:38 ----D---- C:\WINDOWS\system32\oodag
2008-12-29 19:12:18 ----D---- C:\Program Files\Defrag Professional
2008-12-29 18:57:42 ----D---- C:\Program Files\iPod
2008-12-29 18:57:33 ----D---- C:\Program Files\iTunes
2008-12-29 18:57:33 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-12-28 23:44:47 ----D---- C:\N360_BACKUP
2008-12-28 23:17:01 ----D---- C:\Documents and Settings\All Users\Application Data\SecTaskMan
2008-12-28 23:06:24 ----D---- C:\Program Files\Startup Optimizer
2008-12-28 21:13:46 ----D---- C:\Documents and Settings\Kyle\Application Data\Symantec
2008-12-28 21:07:09 ----D---- C:\Program Files\Norton 360
2008-12-28 21:04:26 ----A---- C:\WINDOWS\system32\S32EVNT1.DLL
2008-12-28 21:04:09 ----D---- C:\Program Files\Symantec
2008-12-28 21:04:08 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec
2008-12-28 17:09:14 ----D---- C:\Program Files\Windows Sidebar
2008-12-28 17:06:16 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-12-23 14:47:15 ----D---- C:\Program Files\XP Codec Pack
2008-12-21 12:54:19 ----SHD---- C:\RECYCLER
2008-12-21 12:18:40 ----A---- C:\WINDOWS\system32\irmon.dll
2008-12-21 12:18:39 ----A---- C:\WINDOWS\system32\irftp.exe
2008-12-21 12:18:38 ----A---- C:\WINDOWS\system32\wshirda.dll
2008-12-20 19:32:15 ----A---- C:\ComboFix.txt
2008-12-20 19:12:04 ----A---- C:\Boot.bak
2008-12-20 19:11:55 ----RASHD---- C:\cmdcons
2008-12-20 19:10:21 ----A---- C:\WINDOWS\zip.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\VFIND.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\SWSC.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\SWREG.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\sed.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\grep.exe
2008-12-20 19:10:21 ----A---- C:\WINDOWS\fdsv.exe
2008-12-20 19:10:16 ----D---- C:\WINDOWS\ERDNT
2008-12-20 19:10:16 ----D---- C:\Qoobox
2008-12-20 18:56:48 ----D---- C:\rsit
2008-12-19 21:08:40 ----A---- C:\WINDOWS\gmer.ini
2008-12-19 21:08:34 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-12-19 21:08:33 ----A---- C:\WINDOWS\gmer.dll
2008-12-19 21:08:32 ----A---- C:\WINDOWS\gmer.exe
2008-12-19 19:37:06 ----D---- C:\WINDOWS\SxsCaPendDel
2008-12-19 18:09:40 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2008-12-19 18:09:24 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-19 18:09:24 ----D---- C:\Documents and Settings\Kyle\Application Data\SUPERAntiSpyware.com
2008-12-15 20:49:12 ----D---- C:\Program Files\Bonjour
2008-12-14 23:40:00 ----D---- C:\Documents and Settings\Kyle\Application Data\Free Download Manager
2008-12-14 23:39:56 ----D---- C:\Program Files\Free Download Manager
2008-12-12 11:18:16 ----A---- C:\WINDOWS\system32\dns-sd.exe
2008-12-12 11:11:46 ----A---- C:\WINDOWS\system32\dnssd.dll
2008-12-12 01:14:07 ----D---- C:\Documents and Settings\All Users\Application Data\Panda Software
2008-12-11 22:10:11 ----A---- C:\WINDOWS\AvDetected.ini
2008-12-09 17:42:56 ----D---- C:\Documents and Settings\Kyle\Application Data\ABBYY
2008-12-09 00:29:16 ----D---- C:\Documents and Settings\All Users\Application Data\ABBYY
2008-12-07 12:29:29 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-07 12:29:29 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-07 12:29:29 ----A---- C:\WINDOWS\system32\java.exe
2008-12-07 12:29:29 ----A---- C:\WINDOWS\system32\deploytk.dll

======List of files/folders modified in the last 2 months======

2009-02-02 18:16:48 ----D---- C:\Documents and Settings\Kyle\Application Data\Azureus
2009-02-02 18:16:03 ----D---- C:\WINDOWS\Prefetch
2009-02-02 18:14:32 ----D---- C:\WINDOWS\Temp
2009-02-02 18:13:45 ----D---- C:\WINDOWS\system32
2009-02-02 18:07:08 ----D---- C:\Downloads
2009-02-02 18:06:25 ----HD---- C:\WINDOWS\inf
2009-02-02 16:25:08 ----D---- C:\WINDOWS
2009-01-26 17:17:14 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-26 17:16:24 ----A---- C:\WINDOWS\system32\log.txt
2009-01-26 16:59:06 ----SHD---- C:\WINDOWS\Installer
2009-01-26 16:59:06 ----HD---- C:\Config.Msi
2009-01-26 16:51:31 ----D---- C:\Documents and Settings\All Users\Application Data\Intuit
2009-01-26 16:51:25 ----RSD---- C:\WINDOWS\assembly
2009-01-26 16:51:21 ----D---- C:\WINDOWS\WinSxS
2009-01-26 16:50:10 ----D---- C:\Program Files\Common Files\Intuit
2009-01-26 16:49:24 ----RSD---- C:\WINDOWS\Fonts
2009-01-26 16:41:58 ----AD---- C:\Program Files
2009-01-25 04:11:57 ----D---- C:\Program Files\Azureus
2009-01-25 04:06:34 ----RSHDC---- C:\WINDOWS\system32\dllcache
2009-01-25 04:06:34 ----D---- C:\WINDOWS\system32\drivers
2009-01-25 04:06:15 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-25 04:00:15 ----D---- C:\WINDOWS\Debug
2009-01-19 11:40:50 ----D---- C:\Documents and Settings\Kyle\Application Data\Adobe
2009-01-19 11:40:50 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-18 19:03:34 ----D---- C:\Documents and Settings\Kyle\Application Data\Creative
2009-01-13 18:44:41 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-09 22:26:19 ----D---- C:\WINDOWS\system32\config
2009-01-09 17:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-04 22:44:57 ----D---- C:\Program Files\Google
2009-01-04 00:46:34 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2009-01-04 00:38:43 ----D---- C:\WINDOWS\system32\DirectX
2009-01-04 00:38:03 ----HD---- C:\WINDOWS\msdownld.tmp
2009-01-03 20:09:15 ----D---- C:\Documents and Settings\Kyle\Application Data\Mozilla
2009-01-03 19:06:16 ----SD---- C:\WINDOWS\Tasks
2009-01-03 19:03:02 ----RSH---- C:\boot.ini
2009-01-03 12:28:26 ----D---- C:\Program Files\Common Files
2009-01-03 12:06:19 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-03 12:04:59 ----D---- C:\Documents and Settings\Kyle\Application Data\Intuit
2009-01-02 16:09:38 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2009-01-02 03:59:00 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-02 03:58:51 ----D---- C:\WINDOWS\system32\inetsrv
2009-01-02 01:27:00 ----SHD---- C:\System Volume Information
2009-01-02 01:27:00 ----D---- C:\WINDOWS\system32\Restore
2008-12-29 19:10:10 ----D---- C:\Program Files\QuickTime
2008-12-29 18:57:38 ----D---- C:\Program Files\Common Files\Apple
2008-12-29 18:03:50 ----A---- C:\WINDOWS\wininit.ini
2008-12-29 16:51:50 ----D---- C:\Program Files\CCleaner
2008-12-29 16:47:14 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-29 16:42:40 ----D---- C:\WINDOWS\Minidump
2008-12-29 15:58:58 ----D---- C:\Program Files\Internet Explorer
2008-12-28 22:47:14 ----D---- C:\Program Files\Steam
2008-12-23 15:11:05 ----D---- C:\Program Files\Intel Audio Studio
2008-12-23 00:25:25 ----A---- C:\WINDOWS\DUMP5e0e.tmp
2008-12-22 23:21:48 ----A---- C:\WINDOWS\DUMP688d.tmp
2008-12-22 16:36:47 ----A---- C:\WINDOWS\win.ini
2008-12-21 15:50:30 ----D---- C:\temp
2008-12-20 19:29:49 ----A---- C:\WINDOWS\system.ini
2008-12-20 19:27:47 ----D---- C:\WINDOWS\AppPatch
2008-12-20 19:14:29 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-20 15:46:37 ----D---- C:\Program Files\Creative
2008-12-20 15:42:07 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-12-20 15:42:07 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-12-20 15:41:15 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-12-20 15:20:39 ----D---- C:\Program Files\DivX
2008-12-20 14:53:13 ----D---- C:\Documents and Settings\All Users\Application Data\Viewpoint
2008-12-20 14:52:47 ----D---- C:\Program Files\MediaCoder
2008-12-20 14:04:45 ----D---- C:\Program Files\Mozilla Firefox
2008-12-20 13:46:31 ----D---- C:\WINDOWS\security
2008-12-20 13:39:01 ----D---- C:\WINDOWS\system32\wbem
2008-12-20 04:01:53 ----D---- C:\WINDOWS\ie7updates
2008-12-19 19:40:03 ----D---- C:\Program Files\Microsoft Games
2008-12-19 19:29:52 ----D---- C:\Program Files\Lavasoft
2008-12-19 19:29:52 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-18 01:58:20 ----D---- C:\WINDOWS\Help
2008-12-17 23:21:05 ----D---- C:\Program Files\TVersity Codec Pack
2008-12-17 23:20:50 ----D---- C:\Program Files\ffdshow
2008-12-13 21:28:12 ----D---- C:\Program Files\Java
2008-12-12 22:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-12 21:14:55 ----D---- C:\Program Files\Spybot - Search & Destroy

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys []
R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys []
R1 SRTSPX;SRTSPX; C:\WINDOWS\System32\Drivers\SRTSPX.SYS [2008-01-31 43696]
R1 StarPortLite;StarPort Storage Controller (Lite); C:\WINDOWS\system32\DRIVERS\StarPortLite.sys [2008-08-20 93544]
R1 SYMTDI;SYMTDI; C:\WINDOWS\System32\Drivers\SYMTDI.SYS [2008-06-13 184240]
R1 Tcpip6;Microsoft IPv6 Protocol Driver; C:\WINDOWS\system32\DRIVERS\tcpip6.sys [2008-06-20 225856]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.3.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2007-10-21 20747]
R2 ANIO;ANIO Service; \??\C:\WINDOWS\system32\ANIO.SYS []
R2 BTSERIAL;Bluetooth Serial Driver; \??\C:\WINDOWS\system32\drivers\btserial.sys []
R2 BTSLBCSP;Bluetooth Port Client Driver; \??\C:\WINDOWS\system32\drivers\btslbcsp.sys []
R2 CO_Mon;CO_Mon; \??\C:\WINDOWS\system32\drivers\CO_Mon.sys []
R2 osaio;osaio; \??\C:\WINDOWS\system32\drivers\osaio.sys []
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 btaudio;Bluetooth Audio Device; C:\WINDOWS\system32\drivers\btaudio.sys [2006-05-12 401664]
R3 BTDriver;Bluetooth Virtual Communications Driver; C:\WINDOWS\system32\DRIVERS\btport.sys [2006-05-12 30363]
R3 BTKRNL;Bluetooth Bus Enumerator; C:\WINDOWS\system32\DRIVERS\btkrnl.sys [2006-05-12 1342602]
R3 btwhid;btwhid; C:\WINDOWS\system32\DRIVERS\btwhid.sys [2006-05-12 44163]
R3 BTWUSB;WIDCOMM USB Bluetooth Driver; C:\WINDOWS\System32\Drivers\btwusb.sys [2006-05-12 57320]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\DRIVERS\ctsfm2k.sys [2005-01-10 138752]
R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\WINDOWS\system32\DRIVERS\e1e5132.sys [2007-01-05 246680]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NAVENG;NAVENG; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090202.007\NAVENG.SYS []
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\VIRUSD~1\20090202.007\NAVEX15.SYS []
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-09-17 6132576]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\DRIVERS\ctoss2k.sys [2005-01-10 106496]
R3 P0630VID;Creative WebCam Live!; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [2004-07-30 91830]
R3 P17;SB Live! 24-bit; C:\WINDOWS\system32\drivers\P17.sys [2007-06-15 1127936]
R3 SMBios;Intel ® System Management BIOS Service; C:\WINDOWS\system32\DRIVERS\SMBios.sys [2003-11-03 36484]
R3 smbusp;Intel® SMBus 2.0 Driver; C:\WINDOWS\system32\DRIVERS\intelsmb.sys [2006-12-28 45184]
R3 SRTSP;SRTSP; C:\WINDOWS\System32\Drivers\SRTSP.SYS [2008-01-31 279088]
R3 STHDA;IDT High Definition Audio CODEC; C:\WINDOWS\system32\drivers\sthda.sys [2008-04-10 1271032]
R3 SYMDNS;SYMDNS; C:\WINDOWS\System32\Drivers\SYMDNS.SYS [2008-06-13 13616]
R3 SymEvent;SymEvent; \??\C:\WINDOWS\system32\Drivers\SYMEVENT.SYS []
R3 SYMFW;SYMFW; C:\WINDOWS\System32\Drivers\SYMFW.SYS [2008-06-13 96432]
R3 SYMIDS;SYMIDS; C:\WINDOWS\System32\Drivers\SYMIDS.SYS [2008-06-13 38576]
R3 SYMIDSCO;SYMIDSCO; \??\C:\PROGRA~1\COMMON~1\SYMANT~1\SymcData\ipsdefs\20090129.001\SymIDSCo.sys []
R3 SymIMMP;SymIMMP; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280]
R3 SYMNDIS;SYMNDIS; C:\WINDOWS\System32\Drivers\SYMNDIS.SYS [2008-06-13 37424]
R3 SYMREDRV;SYMREDRV; C:\WINDOWS\System32\Drivers\SYMREDRV.SYS [2008-06-13 22320]
R3 tunmp;Microsoft Tun Miniport Adapter Driver; C:\WINDOWS\system32\DRIVERS\tunmp.sys [2008-04-13 12288]
R3 USBAAPL;Apple Mobile USB Driver; C:\WINDOWS\System32\Drivers\usbaapl.sys [2008-10-01 32000]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbstor;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2008-03-27 503008]
S2 zumbus;Zune Bus Enumerator Driver; C:\WINDOWS\system32\DRIVERS\zumbus.sys []
S3 BCM43XX;Wireless-G PCI Adapter Driver; C:\WINDOWS\system32\DRIVERS\bcmwl5.sys [2003-07-17 265728]
S3 BT;Bluetooth PAN Network Adapter; C:\WINDOWS\system32\DRIVERS\btnetdrv.sys []
S3 BthEnum;Bluetooth Enumerator Service; C:\WINDOWS\system32\DRIVERS\BthEnum.sys [2008-04-13 17024]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\WINDOWS\system32\DRIVERS\bthpan.sys [2008-04-13 101120]
S3 BTHPORT;Bluetooth Port Driver; C:\WINDOWS\System32\Drivers\BTHport.sys [2008-06-13 272128]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\WINDOWS\System32\Drivers\BTHUSB.sys [2008-04-14 18944]
S3 BTWDNDIS;Bluetooth LAN Access Server; C:\WINDOWS\system32\DRIVERS\btwdndis.sys [2006-05-12 148168]
S3 CCDECODE;Closed Caption Decoder; C:\WINDOWS\system32\DRIVERS\CCDECODE.sys [2008-04-13 17024]
S3 COH_Mon;COH_Mon; \??\C:\WINDOWS\system32\Drivers\COH_Mon.sys []
S3 ENTECH;ENTECH; \??\C:\WINDOWS\system32\DRIVERS\ENTECH.sys []
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-19 85969]
S3 GTNDIS5;GTNDIS5 NDIS Protocol Driver; \??\C:\WINDOWS\system32\GTNDIS5.SYS []
S3 HECI;Intel® Management Engine Interface; C:\WINDOWS\system32\DRIVERS\HECI.sys [2007-01-05 44416]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\WINDOWS\system32\DRIVERS\mcdbus.sys []
S3 mr7910;Photo Viewer; C:\WINDOWS\system32\DRIVERS\mr7910.sys [2006-08-02 114560]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\WINDOWS\system32\drivers\MSTEE.sys [2008-04-13 5504]
S3 NABTSFEC;NABTS/FEC VBI Codec; C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys [2008-04-13 85248]
S3 NdisIP;Microsoft TV/Video Connection; C:\WINDOWS\system32\DRIVERS\NdisIP.sys [2008-04-13 10880]
S3 OMAWGU(Belkin Corporation);My Essential G USB Adapter(Belkin Corporation); C:\WINDOWS\system32\DRIVERS\OMAWGU.sys []
S3 pcouffin;VSO Software pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [2008-11-05 47360]
S3 PEEK5;PEEK5 Protocol Driver; \??\C:\aircrack-ng-win-0.9.1\bin\PEEK5.SYS []
S3 PRISM_A02;D-Link Wireless 802.11b/g Driver (USB); C:\WINDOWS\system32\DRIVERS\PRISMA02.sys [2004-07-06 380992]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\system32\DRIVERS\rfcomm.sys [2008-04-13 59136]
S3 RkPavproc1;RkPavproc1; \??\C:\WINDOWS\system32\drivers\RkPavproc1.sys []
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
S3 sfng32;Sonic Focus Plugin for Sigmatel HDA; C:\WINDOWS\system32\drivers\sfng32.sys [2007-01-05 41728]
S3 SLIP;BDA Slip De-Framer; C:\WINDOWS\system32\DRIVERS\SLIP.sys [2008-04-13 11136]
S3 SRTSPL;SRTSPL; C:\WINDOWS\System32\Drivers\SRTSPL.SYS [2008-01-31 317616]
S3 streamip;BDA IPSink; C:\WINDOWS\system32\DRIVERS\StreamIP.sys [2008-04-13 15232]
S3 SymIM;Symantec Network Security Intermediate Filter Service; C:\WINDOWS\system32\DRIVERS\SymIM.sys [2008-06-13 31280]
S3 tbhsd;Tunebite High-Speed Dubbing; C:\WINDOWS\system32\drivers\tbhsd.sys [2007-12-11 26784]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
S3 VComm;Virtual Serial port driver; C:\WINDOWS\system32\DRIVERS\VComm.sys []
S3 VcommMgr;Bluetooth VComm Manager Service; C:\WINDOWS\System32\Drivers\VcommMgr.sys []
S3 wceusbsh;Windows CE USB Serial Host Driver; C:\WINDOWS\system32\DRIVERS\wceusbsh.sys [2003-12-21 104064]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WSTCODEC;World Standard Teletext Codec; C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS [2008-04-13 19200]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S3 ZDPSp50;ZDPSp50 NDIS Protocol Driver; C:\WINDOWS\System32\Drivers\ZDPSp50.sys []
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 Ptipfl;Ptipfl; C:\WINDOWS\system32\drivers\Ptipfl.sys []
S4 sr;System Restore Filter Driver; C:\WINDOWS\system32\DRIVERS\sr.sys [2008-04-13 73472]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 6to4;IPv6 Helper Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 atchksrv;Intel® AMT System Status Service; C:\Program Files\Intel\AMT\atchksrv.exe [2007-01-05 179016]
R2 Automatic LiveUpdate Scheduler;Automatic LiveUpdate Scheduler; C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe [2008-02-21 238968]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;Bluetooth Support Service; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe [2006-05-12 258103]
R2 ccEvtMgr;Symantec Event Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 ccSetMgr;Symantec Settings Manager; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 IntuitUpdateService;Intuit Update Service; C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe [2008-10-10 13088]
R2 LiveUpdate Notice;LiveUpdate Notice; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2008-10-17 149352]
R2 LMS;Intel® Active Management Technology LMS Service; C:\Program Files\Intel\AMT\LMS.exe [2007-01-05 98304]
R2 MSSQL$SQLEXPRESS;SQL Server (SQLEXPRESS); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-02-26 29183504]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2007-02-10 89968]
R2 TuneUp.ProgramStatisticsSvc;TuneUp Program Statistics Service; C:\WINDOWS\System32\TUProgSt.exe [2009-01-03 603904]
R2 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 comHost;COM Host; C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-08-22 55640]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-11-20 536872]
R3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2008-12-28 1245064]
R3 TuneUp.Defrag;TuneUp Drive Defrag Service; C:\WINDOWS\System32\TuneUpDefragService.exe [2009-01-03 360192]
S2 O&O Defrag;O&O Defrag; C:\WINDOWS\system32\oodag.exe [2008-09-04 1295616]
S2 UxTuneUp;TuneUp Theme Extension; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336]
S2 winvnc;VNC Server; C:\Program Files\TightVNC\WinVNC.exe -service []
S3 Adobe LM Service;Adobe LM Service; C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [2007-10-21 68096]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-13 44032]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2007-10-09 36864]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-11-22 138168]
S3 hpqcxs08;hpqcxs08; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2007-10-11 864256]
S3 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2008-05-02 121360]
S3 LiveUpdate;LiveUpdate; C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE [2008-09-05 3220856]
S3 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-09-17 163908]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2005-10-14 45272]
S4 msvsmon90;Visual Studio 2008 Remote Debugger; c:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x86\msvsmon.exe [2007-11-07 3004416]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2007-10-11 122880]
S4 PnkBstrA;PnkBstrA; C:\WINDOWS\system32\PnkBstrA.exe [2007-12-24 66872]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2007-02-10 242544]
S4 WSearch;Windows Search; C:\WINDOWS\system32\SearchIndexer.exe [2008-05-26 439808]

-----------------EOF-----------------

***********************************************

HIJACKTHIS

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:33, on 2/2/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Intel\AMT\LMS.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\MemInfo\meminfo.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Azureus\Azureus.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\SyncServer.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Symantec\LiveUpdate\AUPDATE.EXE
C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.cpuid.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: (no name) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: FDMIECookiesBHO Class - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} - C:\Program Files\Free Download Manager\iefdm2.dll
O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [P17Helper] Rundll32 P17.dll,P17Helper
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck.exe"
O4 - HKLM\..\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-21-2052111302-413027322-839522115-1010\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime (User 'xbmc')
O4 - S-1-5-18 Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe (User 'SYSTEM')
O4 - .DEFAULT Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe (User 'Default user')
O4 - Startup: MemInfo.lnk = C:\Program Files\MemInfo\meminfo.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Search - ?p=ZKman000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: Download all with Free Download Manager - file://C:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download selected with Free Download Manager - file://C:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download video with Free Download Manager - file://C:\Program Files\Free Download Manager\dlfvideo.htm
O8 - Extra context menu item: Download with Free Download Manager - file://C:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Send To &Bluetooth - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-4017 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
O16 - DPF: {459E93B6-150E-45D5-8D4B-45C66FC035FE} (get_atlcom Class) - http://apps.corel.com/nos_dl_manager_dev/p...IEGetPlugin.ocx
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/...101/CTSUEng.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftu...b?1192867484921
O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab
O16 - DPF: {CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA} -
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload.adobe.com/pub/shockwave/...ash/swflash.cab
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver Agent ActiveX Control) - http://driveragent.com/files/driveragent.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/softwareupdate/su/...15106/CTPID.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Intel® AMT System Status Service (atchksrv) - Intel Corporation - C:\Program Files\Intel\AMT\atchksrv.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Intel® Active Management Technology LMS Service (LMS) - Intel - C:\Program Files\Intel\AMT\LMS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software - C:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: TuneUp Program Statistics Service (TuneUp.ProgramStatisticsSvc) - TuneUp Software - C:\WINDOWS\System32\TUProgSt.exe
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\TightVNC\WinVNC.exe (file missing)

--
End of file - 12810 bytes


*****************************************************

SMITFRAUD

SmitFraudFix v2.388

Scan done at 18:07:36.30, Mon 02/02/2009
Run from C:\Downloads\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in normal mode

»»»»»»»»»»»»»»»»»»»»»»»» Process

C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Intel\AMT\atchksrv.exe
C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Intuit\Update Service\IntuitUpdateService.exe
C:\Program Files\Intel\AMT\LMS.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\WINDOWS\System32\TUProgSt.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\Rundll32.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\MemInfo\meminfo.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTSTAC~1.EXE
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\TuneUpDefragService.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\Azureus\Azureus.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Kyle\Local Settings\Application Data\Google\Chrome\Application\chrome.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\distnoted.exe
C:\Downloads\SmitfraudFix\Policies.exe
C:\WINDOWS\system32\cmd.exe

»»»»»»»»»»»»»»»»»»»»»»»» hosts


»»»»»»»»»»»»»»»»»»»»»»»» C:\


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\Web


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32


»»»»»»»»»»»»»»»»»»»»»»»» C:\WINDOWS\system32\LogFiles


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Kyle


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Kyle\LOCALS~1\Temp


»»»»»»»»»»»»»»»»»»»»»»»» C:\Documents and Settings\Kyle\Application Data


»»»»»»»»»»»»»»»»»»»»»»»» Start Menu


»»»»»»»»»»»»»»»»»»»»»»»» C:\DOCUME~1\Kyle\FAVORI~1


»»»»»»»»»»»»»»»»»»»»»»»» Desktop


»»»»»»»»»»»»»»»»»»»»»»»» C:\Program Files


»»»»»»»»»»»»»»»»»»»»»»»» Corrupted keys


»»»»»»»»»»»»»»»»»»»»»»»» Desktop Components



»»»»»»»»»»»»»»»»»»»»»»»» o4Patch
!!!Attention, following keys are not inevitably infected!!!

o4Patch
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» IEDFix
!!!Attention, following keys are not inevitably infected!!!

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» Agent.OMZ.Fix
!!!Attention, following keys are not inevitably infected!!!

Agent.OMZ.Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» VACFix
!!!Attention, following keys are not inevitably infected!!!

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» 404Fix
!!!Attention, following keys are not inevitably infected!!!

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Sharedtaskscheduler
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» AppInit_DLLs
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=""


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Userinit"="C:\\WINDOWS\\system32\\userinit.exe,"
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» RK



»»»»»»»»»»»»»»»»»»»»»»»» DNS

Description: Intel® 82566DM Gigabit Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 68.87.76.178
DNS Server Search Order: 68.87.78.130
DNS Server Search Order: 68.87.69.146

Description: Intel® 82566DM Gigabit Network Connection - Packet Scheduler Miniport
DNS Server Search Order: 68.87.76.178
DNS Server Search Order: 68.87.78.130
DNS Server Search Order: 68.87.69.146

HKLM\SYSTEM\CCS\Services\Tcpip\..\{04E06177-10D0-4BF0-9F40-CE8289CBEA9D}: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146
HKLM\SYSTEM\CCS\Services\Tcpip\..\{F775C8A7-3637-4BA9-B2B7-623F7603075C}: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146
HKLM\SYSTEM\CS1\Services\Tcpip\..\{01A94D33-4B54-4CC3-806C-787D229E2A90}: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146
HKLM\SYSTEM\CS1\Services\Tcpip\..\{04E06177-10D0-4BF0-9F40-CE8289CBEA9D}: DhcpNameServer=68.87.76.178 68.87.78.130
HKLM\SYSTEM\CS1\Services\Tcpip\..\{7B428826-0B2E-452B-8502-F9F307FF2E1C}: DhcpNameServer=192.168.1.1
HKLM\SYSTEM\CS2\Services\Tcpip\..\{04E06177-10D0-4BF0-9F40-CE8289CBEA9D}: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146
HKLM\SYSTEM\CS2\Services\Tcpip\..\{F775C8A7-3637-4BA9-B2B7-623F7603075C}: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146
HKLM\SYSTEM\CS2\Services\Tcpip\Parameters: DhcpNameServer=68.87.76.178 68.87.78.130 68.87.69.146


»»»»»»»»»»»»»»»»»»»»»»»» Scanning for wininet.dll infection


»»»»»»»»»»»»»»»»»»»»»»»» End

******************************************************

I really am confused but am quite willing to follow any form of direction that you may be able to provide.

Edited by kdougan, 02 February 2009 - 11:59 PM.


#7 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 03 February 2009 - 12:17 AM

OK, first slow down. Don't do anymore testing on your own. First it is way to much info to take in (although it looks like it is telling us that nothing is wrong) and could lead us down the wrong path. So first Now there are something's you need to do to fully clean your system and keep it secure.

Please download OTCleanIt from one of the following mirrors and save it to your desktop:
Mirror 1
Mirror A

* Double click the Posted Image icon.
* Click the large "Cleanup" button.
* A list of tool components used in the Cleanup of malware will be downloaded.
* Click Yes to begin the Cleanup process and remove these components, including this application.
* You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.
* Make sure you have an Internet Connection.
* If you have a firewall that throws out a message that OTMI3 is attempting to contact the Internet that it should be allowed.
* You will be asked to reboot the machine to finish the Cleanup process. If you are asked to reboot the machine choose Yes.


Now go into the add remove control panel and uninstall any software that you are not using. Also uninstall Divx and any Codec or Codec packs that have been installed. Then reboot the computer. Instead of opening a player and trying to play a song or video, instead double click on a video or song and see what happens. Let me know.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#8 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 03 February 2009 - 12:21 AM

If nothing plays, go to the hardware manager and then to your graphics card, and audio card and double click on them, then click the update driver. And then check the media again.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#9 kdougan

kdougan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sacramento, CA
  • Local time:03:37 PM

Posted 03 February 2009 - 08:58 PM

Okay, so I followed the directions that you provided and now the seek bar moves and the 'time left' counter counts down. However, no there is no video image and still no sound. And the seek bar in iTunes still does not move.

What now?

EDIT: and the OTCleanIT didn't apepat to do anything. There was no list of applications and it asked me to reboot almost instantaneously. *shrug*

Edited by kdougan, 03 February 2009 - 09:00 PM.


#10 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 03 February 2009 - 09:22 PM

Redownload Itunes, unless you still have the installer, and reinstall Itunes. Try installing it from safe mode. The reason I am picking this first is because with it being an Apple app, it will be less entangled in the windows apps.

As for OTCleanIT, it uninstalls tools used to clean malware off systems. The reason I did that is that if we need to run them again, I want to make sure you have the newest versions. Most of the software that gets cleaned off, is updated frequently, but don't have signature files to update.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#11 kdougan

kdougan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sacramento, CA
  • Local time:03:37 PM

Posted 03 February 2009 - 09:28 PM

Unistalling iTunes now. The question I still am the most worried about is why wont even the windows sounds play?

#12 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 03 February 2009 - 10:04 PM

I am not sure. Just to make sure, check the volume control in windows, check the volume control on the speakers. Also turn the volume on both up, keep going up until you hear something, probably a buzzing or humming sound. If you hear it, turn them back down to an acceptable level. Then check the connections of the speakers into the back of the computer, and make sure they are plugged in properly. Also some speakers have a power cord, if yours do, make sure it is plugged in and powered.

Let me know what you find.
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#13 kdougan

kdougan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sacramento, CA
  • Local time:03:37 PM

Posted 03 February 2009 - 10:13 PM

Well, I just switched the audio jack locations. Plugged into the board out jacks instead of the old SB Audigy I was running and now I have sound! The only down side is, now there is no video coming from WMP. Audio, no video.

#14 Hoov

Hoov

  • Malware Response Team
  • 3,519 posts
  • OFFLINE
  •  
  • Location:Mikado Michigan
  • Local time:07:37 PM

Posted 03 February 2009 - 10:20 PM

Your monitor, is it connected to a card or into a plug on the motherboard?
Visiting From SpywareHammer.com and DonHoover.net

Tilting at windmills hurts you more than the windmills.
-From the Notebooks of Lazarus Long
Senior of the Howard Families

Posted Image

#15 kdougan

kdougan
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Sacramento, CA
  • Local time:03:37 PM

Posted 03 February 2009 - 10:24 PM

It's plugged into the card...

Honestly, it may just be a cedec problem. That's the error WMP is giving me. Permission to download and install the codec it suggests.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users