Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Constant Issues -Spyware/Highjackthis/malware


  • This topic is locked This topic is locked
3 replies to this topic

#1 mi2xist

mi2xist

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Raleigh, NC
  • Local time:07:53 AM

Posted 29 March 2009 - 04:53 PM

I have an ongoing issue with my brand new PC not performing as expected in many cases. Last night I was dowloading updates from Worlds of Warcraft and as asked to stop all running software. I did so and left it to download for about 4 hours. When I returned I found that I had numerous files created in my download drive that were over 38g in size and hard to remove. Most of my software, including any virus or file cleaning software had been disabled or placed outside of my Windows Firewall. I seem to have so many issues that I can't even begin to explain them because they change so vastly from day to day. I think I have someone placing scripts into my enviornment but I can be sure. HELP!

Here are the logs that I ran prior to joining this site. I hope this is the proper thing to do. Help is much appreciated!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:47:44 PM, on 3/29/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe

info.txt logfile of random's system information tool 1.06 2009-03-29 16:47:46

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Advanced SystemCare 3-->"C:\Program Files\IObit\Advanced SystemCare 3\unins000.exe"
AOL Uninstaller (Choose which Products to Remove)-->C:\Program Files\Common Files\AOL\uninstaller.exe
Avanquest Connection Manager-->"C:\Program Files\InstallShield Installation Information\{A2D88DF3-EF39-456E-A393-BF48037D985A}\setup.exe" -runfromtemp -l0x0009 -removeonly
Avanquest update-->"C:\Program Files\InstallShield Installation Information\{76E41F43-59D2-4F30-BA42-9A762EE1E8DE}\Setup.exe" -runfromtemp -l0x0009 -removeonly
avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Camera Assistant Software for Toshiba-->C:\Program Files\InstallShield Installation Information\{37C866E4-AA67-4725-9E95-A39968DD7960}\setup.exe -runfromtemp -l0x0009
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0009 -removeonly
Citrix Presentation Server Client - Web Only-->MsiExec.exe /X{E9459BCF-0982-498B-ABA7-26C34323493F}
CyberLink PowerCinema for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" /z-uninstall
CyberLink PowerCinema for TOSHIBA-->"C:\Program Files\InstallShield Installation Information\{2637C347-9DAD-11D6-9EA2-00055D0CA761}\setup.exe" /z-uninstall
DivX Codec-->C:\Program Files\DivX\DivXCodecUninstall.exe /CODEC
DivX Converter-->C:\Program Files\DivX\DivXConverterUninstall.exe /CONVERTER
DivX Player-->C:\Program Files\DivX\DivXPlayerUninstall.exe /PLAYER
DivX Plus DirectShow Filters-->C:\Program Files\DivX\DivXDSFiltersUninstall.exe /DSFILTERS
DivX Web Player-->C:\Program Files\DivX\DivXWebPlayerUninstall.exe /PLUGIN
Download Updater (AOL LLC)-->C:\Program Files\Common Files\Software Update Utility\uninstall.exe
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
File Scavenger 3.2-->"C:\Program Files\File Scavenger 3.2\unins000.exe"
filehippo.com Update Checker-->"C:\Program Files\filehippo.com\uninstall.exe"
Flock (2.0.3)-->C:\Program Files\Flock\uninstall\helper.exe
Game Booster-->"C:\Program Files\IObit\Game Booster\unins000.exe"
GearDrvs-->MsiExec.exe /I{CB84F0F2-927B-458D-9DC5-87832E3DC653}
Google Earth Plugin-->MsiExec.exe /I{F43C7DE1-CB20-11DD-8D77-005056806466}
Google Earth-->MsiExec.exe /X{548EAC70-EE00-11DD-908C-005056806466}
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HomeNet Manager-->MsiExec.exe /I{0240BDFB-2995-4A3F-8C96-18D41282B716}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
iTunes-->MsiExec.exe /I{C26B06A9-27BB-45B0-9873-9C623EC2BA38}
Java™ 6 Update 12-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java™ 6 Update 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160060}
Logitech Audio Echo Cancellation Component-->MsiExec.exe /X{BEF726DD-4037-4214-8C6A-E625C02D2870}
Logitech QuickCam-->MsiExec.exe /X{7D2370AC-D8E6-4996-986A-19824F8A167C}
Logitech Video Enumerator-->MsiExec.exe /X{EA516024-D84D-41F1-814F-83175A6188F2}
Logitech® Camera Driver-->"C:\Program Files\Common Files\LogiShrd\QCDRV\BIN\SETUP.EXE" UNINSTALL REMOVEPROMPT
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft VC9 runtime libraries-->MsiExec.exe /I{797EE0CA-8165-405C-B5CE-F11EC20F1BB0}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.7)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSN Toolbar-->MsiExec.exe /I{3560CE5A-C4EF-4DB0-9ECC-BA035FE309C5}
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MVision-->MsiExec.exe /I{35725FBC-A136-4A46-9F29-091759D9BB93}
ParetoLogic DriverCure-->C:\Program Files\ParetoLogic\DriverCure\uninstall.exe
ParetoLogic Privacy Controls-->MsiExec.exe /I{2E63BD12-932B-42F5-86B9-5E05BCA1DC3E}
PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe"
Quicken 2009-->MsiExec.exe /X{ED2A3C11-3EA8-4380-B59C-F2C1832731B0}
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}\setup.exe" -removeonly
REALTEK RTL8187B Wireless LAN Driver-->C:\Program Files\InstallShield Installation Information\{895722FE-25FE-4854-95AC-B0C42F9DBEDA}\Install.exe -uninst -l0x9
RegCure 1.5.2.7-->C:\Program Files\RegCure\uninst.exe
RICOH R5C83x/84x Flash Media Controller Driver Ver.3.54.02-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{59F6A514-9813-47A3-948C-8A155460CC2A}\setup.exe" -l0x9 anything
RTC Client API v1.2-->MsiExec.exe /X{44CDBD1B-89FB-4E02-8319-2A4C550F664A}
Smart Defrag 1.11-->"C:\Program Files\IObit\IObit SmartDefrag\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
Theme Manager-->C:\PROGRA~1\Stardock\OBJECT~1\THEMEM~1\UNWISE.EXE C:\PROGRA~1\Stardock\OBJECT~1\THEMEM~1\INSTALL.LOG
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0009 -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{0D5D0BEE-FBA9-4928-A50D-6CDFAB827755}
TOSHIBA Desktop Links-->C:\Program Files\InstallShield Installation Information\{E1E56B8A-1AAF-422A-91DB-625059FB9863}\setup.exe -runfromtemp -l0x0009 -removeonly
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409
TOSHIBA Face Recognition-->"C:\Program Files\InstallShield Installation Information\{C730E42C-935A-45BB-A0C5-37E5234D111B}\setup.exe" -runfromtemp -l0x0409 -removeonly
TOSHIBA Face Recognition-->MsiExec.exe /I{C730E42C-935A-45BB-A0C5-37E5234D111B}
TOSHIBA PowerCinema Helper-->MsiExec.exe /X{FB356619-7ECE-42BC-A28A-541973E29F28}
TOSHIBA Recovery Disc Creator-->MsiExec.exe /X{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Service Station-->C:\Program Files\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4B1E87C3-00DE-4898-8E39-E390AAEF2391}\setup.exe" -l0x9
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
Uniblue RegistryBooster 2009-->"C:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe" REMOVE=TRUE MODIFY=FALSE
Uniblue RegistryBooster 2009-->C:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}\Uniblue RegistryBooster.exe
Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe
VC 9.0 Runtime-->MsiExec.exe /I{A040AC77-C1AA-4CC9-8931-9F648AF178F6}
VC80CRTRedist - 8.0.50727.762-->MsiExec.exe /I{767CC44C-9BBC-438D-BAD3-FD4595DD148B}
Vista Manager-->MsiExec.exe /I{5977A284-6ADB-4CC1-BEC5-1CDE7908ACA3}
Yahoo! Messenger-->C:\PROGRA~1\Yahoo!\MESSEN~1\UNWISE.EXE /U C:\PROGRA~1\Yahoo!\MESSEN~1\INSTALL.LOG

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: Toshiba
Event Code: 7022
Message: The Diagnostic System Host service hung on starting.
Record Number: 135006
Source Name: Service Control Manager
Time Written: 20090329091855.000000-000
Event Type: Error
User:

Computer Name: Toshiba
Event Code: 4226
Message: TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts.
Record Number: 135026
Source Name: Tcpip
Time Written: 20090329092947.682559-000
Event Type: Warning
User:

Computer Name: Toshiba
Event Code: 8003
Message: The master browser has received a server announcement from the computer LENOVOX61S that believes that it is the master browser for the domain on transport NetBT_Tcpip_{A5C99F56-B3D7-4AA5-85F5-FAC5A2F. The master browser is stopping or an election is being forced.
Record Number: 135073
Source Name: bowser
Time Written: 20090329184119.796600-000
Event Type: Error
User:

Computer Name: Toshiba
Event Code: 10001
Message: Unable to start a DCOM Server: {D5641912-E47A-429C-879E-CFE13EAC7A13} as /. The error:
"740"
Happened while starting this command:
C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\1150\INTEL3~1\IDriver.exe -Embedding
Record Number: 135082
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090329193117.000000-000
Event Type: Error
User:

Computer Name: Toshiba
Event Code: 10010
Message: The server {6BA70EAF-D5FF-4687-829A-A646EEC622F8} did not register with DCOM within the required timeout.
Record Number: 135086
Source Name: Microsoft-Windows-DistributedCOM
Time Written: 20090329193900.000000-000
Event Type: Error
User:

=====Application event log=====

Computer Name: Toshiba
Event Code: 8193
Message: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80004002.

Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata
Record Number: 9115
Source Name: VSS
Time Written: 20090329193258.000000-000
Event Type: Error
User:

Computer Name: Toshiba
Event Code: 8193
Message: Failed to create restore point on volume (Process = C:\Windows\system32\msiexec.exe /V; Descripton = Installed MSN Toolbar; Hr = 0x8000ffff).
Record Number: 9116
Source Name: System Restore
Time Written: 20090329193258.000000-000
Event Type: Error
User:

Computer Name: Toshiba
Event Code: 34
Message: Volume Shadow Copy Service error: The VSS event class is not registered. This will prevent any VSS writers from receiving events. This may be caused due to a setup failure or as a result of an application's installer or uninstaller.

Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata
Record Number: 9129
Source Name: VSS
Time Written: 20090329201123.000000-000
Event Type: Error
User:

Computer Name: Toshiba
Event Code: 8193
Message: Volume Shadow Copy Service error: Unexpected error calling routine CoCreateInstance. hr = 0x80040154.

Operation:
Gathering Writer Data
Executing Asynchronous Operation

Context:
Execution Context: Requestor
Current State: GatherWriterMetadata
Record Number: 9130
Source Name: VSS
Time Written: 20090329201123.000000-000
Event Type: Error
User:

Computer Name: Toshiba
Event Code: 8193
Message: Failed to create restore point on volume (Process = C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe Files\Uniblue\RegistryBooster\RegistryBooster.exe" -m; Descripton = Uniblue RegistryBooster 2009; Hr = 0x8000ffff).
Record Number: 9131
Source Name: System Restore
Time Written: 20090329201123.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: Toshiba
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 12195
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329204744.199600-000
Event Type: Audit Failure
User:

Computer Name: Toshiba
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 12196
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329204744.224600-000
Event Type: Audit Failure
User:

Computer Name: Toshiba
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 12197
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329204744.248600-000
Event Type: Audit Failure
User:

Computer Name: Toshiba
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 12198
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329204744.272600-000
Event Type: Audit Failure
User:

Computer Name: Toshiba
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: \Device\HarddiskVolume2\Windows\System32\drivers\tcpip.sys
Record Number: 12199
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090329204744.296600-000
Event Type: Audit Failure
User:

======Environment variables======

"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"ComSpec"=%SystemRoot%\system32\cmd.exe
"DFSTRACINGON"=FALSE
"FP_NO_HOST_CHECK"=NO
"NUMBER_OF_PROCESSORS"=2
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\QuickTime\QTSystem\;C:\Program Files\Common Files\DivX Shared\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 10, GenuineIntel
"PROCESSOR_LEVEL"=6
"PROCESSOR_REVISION"=170a
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"USERNAME"=SYSTEM
"windir"=%SystemRoot%

-----------------EOF-----------------

C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Avanquest Connection Manager\Nomad.exe
C:\Program Files\SingleClick Systems\HomeNet Manager\ezi_hnm2.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Steven\AppData\Local\Google\Update\GoogleUpdate.exe
C:\Windows\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Steven\Downloads\SysInspector.exe
C:\Program Files\MSN\Toolbar\3.0.1203.0\msntask.exe
C:\Windows\system32\wscript.exe
C:\Windows\System32\cmd.exe
C:\Users\Steven\Desktop\NSWSE1200TB15\NSW\ESDStart.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Users\Steven\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\YAWMBPY9\RSIT[1].exe
C:\Program Files\trend micro\Steven.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\RunOnce: [aswAhAScr.dll] C:\PROGRA~1\ALWILS~1\Avast4\ASWREG~1.EXE "C:\Program Files\Alwil Software\Avast4\AhAScr.dll"
O4 - HKCU\..\Run: [Connection Manager] "C:\Program Files\Avanquest Connection Manager\Nomad.exe" /runstart /show
O4 - HKCU\..\Run: [Pareto_Update] C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] c:\program files\uniblue\registrybooster\StartRegistryBooster.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\Avanquest Connection Manager\Nomad.exe" /runstart (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Connection Manager] "C:\Program Files\Avanquest Connection Manager\Nomad.exe" /runstart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Connection Manager] "C:\Program Files\Avanquest Connection Manager\Nomad.exe" /runstart (User 'Default user')
O4 - Global Startup: HomeNet Manager.lnk = C:\Program Files\SingleClick Systems\HomeNet Manager\ezi_hnm2.exe
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{A5C99F56-B3D7-4AA5-85F5-FAC5A2FB6429}: NameServer = 192.168.100.4
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9a04ae83d2eb6) (gupdate1c9a04ae83d2eb6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\Avanquest Connection Manager\NomadSvr.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6832 bytes

======Scheduled tasks folder======

C:\Windows\tasks\AutoSmartDefrag.job
C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\AWC Startup.job
C:\Windows\tasks\AWC Update.job
C:\Windows\tasks\DriverCure.job
C:\Windows\tasks\GoogleUpdateTaskMachine.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-930250783-1986003217-1596953152-1000.job
C:\Windows\tasks\ParetoLogic Privacy Controls_{900EAE8B-1448-11DE-8676-00038A000015}.job
C:\Windows\tasks\ParetoLogic Registration.job
C:\Windows\tasks\ParetoLogic Update Version2.job
C:\Windows\tasks\RegCure Program Check.job
C:\Windows\tasks\RegCure.job
C:\Windows\tasks\RegFixPro Scan.job
C:\Windows\tasks\RegFixPro Startup.job
C:\Windows\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar Helper - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - MSN Toolbar - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll [2009-03-13 82768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"aswAhAScr.dll"=C:\PROGRA~1\ALWILS~1\Avast4\ASWREG~1.EXE [2003-09-16 22016]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Connection Manager"=C:\Program Files\Avanquest Connection Manager\Nomad.exe [2008-07-10 106496]
"Pareto_Update"=C:\Program Files\Common Files\ParetoLogic\UUS2\Pareto_Update.exe [2009-01-21 189808]
"Uniblue RegistryBooster 2009"=c:\program files\uniblue\registrybooster\StartRegistryBooster.exe [2008-08-26 99624]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\00TCrdMain]
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-03-19 716800]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\951738463]
C:\Program Files\Toshiba Registration\Registration.exe /r C:\Program Files\Toshiba Registration\Registration.rpd []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Camera Assistant Software]
C:\Program Files\Camera Assistant Software for Toshiba\traybar.exe [2008-07-31 417792]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ccApp]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\cfFncEnabler.exe]
cfFncEnabler.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CLMLServer]
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\Kernel\CLML\CLMLSvc.exe [2008-07-10 188416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HSON]
C:\Program Files\TOSHIBA\TBS\HSON.exe [2007-11-01 54608]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ITSecMng]
C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NDSTray.exe]
NDSTray.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\osCheck]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCMAgent]
C:\Program Files\CyberLink\PowerCinema for TOSHIBA\PCMAgent.exe [2007-12-13 143360]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-04-08 6037504]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SmoothView]
C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-16 448080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2008-08-14 1348904]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TOSCDSPD]
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe [2008-04-24 430080]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ToshibaServiceStation]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\TPwrMain]
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-02-06 431456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Windows Defender]
C:\Program Files\Windows Defender\MSASCui.exe [2008-01-20 1008184]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HomeNet Manager.lnk - C:\Program Files\SingleClick Systems\HomeNet Manager\ezi_hnm2.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\WPDShServiceObj.dll [2008-01-20 131584]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"legalnoticecaption"=
"legalnoticetext"=
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"EnableLinkedConnections"=1
"EnableLUA"=2

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-03-29 16:47:38 ----D---- C:\rsit
2009-03-29 16:47:38 ----D---- C:\Program Files\trend micro
2009-03-29 16:10:12 ----D---- C:\Users\Steven\AppData\Roaming\Uniblue
2009-03-29 16:10:03 ----D---- C:\Program Files\Uniblue
2009-03-29 16:10:00 ----HDC---- C:\ProgramData\{92E7A367-8E12-4830-AA70-29C32E331A81}
2009-03-29 15:37:15 ----D---- C:\ProgramData\NortonInstaller
2009-03-29 15:32:58 ----D---- C:\Program Files\MSN
2009-03-29 05:07:22 ----A---- C:\Program Files\Uninstall Fun Web Products.dll
2009-03-28 10:15:04 ----D---- C:\Program Files\filehippo.com
2009-03-28 03:05:02 ----D---- C:\Program Files\Avanquest Connection Manager
2009-03-28 02:48:03 ----D---- C:\Program Files\Avanquest update
2009-03-28 01:54:45 ----D---- C:\Program Files\Common Files\Stardock
2009-03-28 01:54:45 ----A---- C:\Windows\system32\DartWeb.dll
2009-03-28 01:54:45 ----A---- C:\Windows\system32\DartSock.dll
2009-03-28 01:54:45 ----A---- C:\Windows\system32\DartObjects.dll
2009-03-28 01:54:44 ----D---- C:\Program Files\Stardock
2009-03-26 20:16:32 ----D---- C:\Program Files\World of Warcraft
2009-03-26 20:16:32 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2009-03-25 21:22:54 ----D---- C:\Program Files\File Scavenger 3.2
2009-03-22 21:29:52 ----A---- C:\Windows\system32\IAMCAx.dll
2009-03-22 21:29:49 ----A---- C:\Windows\system32\ssleay32.dll
2009-03-22 21:29:49 ----A---- C:\Windows\system32\libssl32.dll
2009-03-22 21:29:49 ----A---- C:\Windows\system32\libeay32.dll
2009-03-22 21:29:48 ----A---- C:\Windows\system32\IAMCu.dll
2009-03-22 21:29:45 ----D---- C:\ProgramData\BVRP Software
2009-03-22 21:12:10 ----AD---- C:\ProgramData\TEMP
2009-03-22 21:11:22 ----D---- C:\ProgramData\SingleClick Systems
2009-03-22 21:11:21 ----D---- C:\Program Files\SingleClick Systems
2009-03-22 21:11:20 ----A---- C:\Windows\{0240BDFB-2995-4A3F-8C96-18D41282B716}_WiseFW.ini
2009-03-22 21:10:59 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-03-22 20:26:28 ----D---- C:\Users\Steven\AppData\Roaming\Desktopicon
2009-03-22 20:26:27 ----D---- C:\Program Files\Unlocker
2009-03-22 03:49:07 ----D---- C:\Program Files\Common Files\DivX Shared
2009-03-20 17:04:59 ----D---- C:\Users\Steven\AppData\Roaming\Yahoo!
2009-03-20 17:04:32 ----D---- C:\ProgramData\Yahoo!
2009-03-20 17:04:29 ----D---- C:\Program Files\Yahoo!
2009-03-19 01:43:17 ----D---- C:\Users\Steven\AppData\Roaming\ParetoLogic
2009-03-19 01:38:42 ----D---- C:\ProgramData\Downloaded Installations
2009-03-19 01:36:46 ----A---- C:\Windows\WirelessFTP.INI
2009-03-19 01:30:10 ----D---- C:\Users\Steven\AppData\Roaming\DriverCure
2009-03-19 01:28:33 ----D---- C:\ProgramData\ParetoLogic
2009-03-19 01:28:33 ----D---- C:\ProgramData\DriverCure
2009-03-19 01:28:33 ----D---- C:\Program Files\ParetoLogic
2009-03-19 01:28:33 ----D---- C:\Program Files\Common Files\ParetoLogic
2009-03-19 01:27:23 ----D---- C:\Program Files\RegCure
2009-03-16 20:09:24 ----A---- C:\Windows\system32\aswBoot.exe
2009-03-16 20:09:20 ----D---- C:\Program Files\Alwil Software
2009-03-16 16:56:21 ----A---- C:\Windows\system32\acXMLParser.dll
2009-03-16 16:56:19 ----A---- C:\Windows\system32\cdintf300.dll
2009-03-16 16:54:15 ----D---- C:\Users\Steven\AppData\Roaming\Intuit
2009-03-16 16:53:51 ----D---- C:\Program Files\Common Files\Intuit
2009-03-16 16:53:39 ----D---- C:\Program Files\Quicken
2009-03-16 16:53:35 ----A---- C:\Windows\QUICKEN.INI
2009-03-16 16:53:26 ----D---- C:\ProgramData\Intuit
2009-03-16 16:32:35 ----A---- C:\Windows\system32\mshtmler.dll
2009-03-16 16:32:35 ----A---- C:\Windows\system32\mshtmled.dll
2009-03-16 16:32:35 ----A---- C:\Windows\system32\ieui.dll
2009-03-16 16:32:35 ----A---- C:\Windows\system32\icardie.dll
2009-03-16 16:32:35 ----A---- C:\Windows\system32\admparse.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\msls31.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\jsproxy.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\imgutil.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\iernonce.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\iepeers.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\ieakeng.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\dxtmsft.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\corpol.dll
2009-03-16 16:32:34 ----A---- C:\Windows\system32\advpack.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\webcheck.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\occache.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\msrating.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\licmgr10.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\inseng.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\iesetup.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\ieakui.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\ieaksie.dll
2009-03-16 16:32:33 ----A---- C:\Windows\system32\dxtrans.dll
2009-03-16 16:32:32 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-03-16 16:32:32 ----A---- C:\Windows\system32\wextract.exe
2009-03-16 16:32:32 ----A---- C:\Windows\system32\pngfilt.dll
2009-03-16 16:32:32 ----A---- C:\Windows\system32\mstime.dll
2009-03-16 16:32:32 ----A---- C:\Windows\system32\msfeedssync.exe
2009-03-16 16:32:32 ----A---- C:\Windows\system32\msfeeds.dll
2009-03-16 16:32:32 ----A---- C:\Windows\system32\ieapfltr.dll
2009-03-16 16:32:31 ----A---- C:\Windows\system32\vbscript.dll
2009-03-16 16:32:31 ----A---- C:\Windows\system32\url.dll
2009-03-16 16:32:31 ----A---- C:\Windows\system32\jscript.dll
2009-03-16 16:32:31 ----A---- C:\Windows\system32\iedkcs32.dll
2009-03-16 16:32:30 ----A---- C:\Windows\system32\mshta.exe
2009-03-16 16:32:30 ----A---- C:\Windows\system32\iexpress.exe
2009-03-16 16:32:29 ----A---- C:\Windows\system32\wininet.dll
2009-03-16 16:32:29 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-03-16 16:32:29 ----A---- C:\Windows\system32\SetDepNx.exe
2009-03-16 16:32:29 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-03-16 16:32:29 ----A---- C:\Windows\system32\PDMSetup.exe
2009-03-16 16:32:29 ----A---- C:\Windows\system32\ieUnatt.exe
2009-03-16 16:32:29 ----A---- C:\Windows\system32\iesysprep.dll
2009-03-16 16:32:29 ----A---- C:\Windows\system32\iertutil.dll
2009-03-16 16:32:29 ----A---- C:\Windows\system32\ie4uinit.exe
2009-03-16 16:32:28 ----A---- C:\Windows\system32\urlmon.dll
2009-03-16 16:32:28 ----A---- C:\Windows\system32\ieframe.dll
2009-03-16 16:32:27 ----A---- C:\Windows\system32\mshtml.dll
2009-03-16 16:06:40 ----A---- C:\Windows\ODBCINST.INI
2009-03-16 16:04:58 ----HD---- C:\Autorun.inf
2009-03-16 15:09:17 ----D---- C:\Program Files\Yamicsoft
2009-03-16 14:22:46 ----D---- C:\Program Files\AOL
2009-03-16 14:22:28 ----D---- C:\Program Files\Common Files\Software Update Utility
2009-03-16 14:20:14 ----D---- C:\Program Files\AOL 9.5
2009-03-16 01:37:25 ----D---- C:\Users\Steven\AppData\Roaming\Apple Computer
2009-03-16 01:37:04 ----A---- C:\Windows\system32\GEARAspi.dll
2009-03-16 01:36:31 ----D---- C:\Program Files\iPod
2009-03-16 01:36:25 ----D---- C:\ProgramData\{00D89592-F643-4D8D-8F0F-AFAE0F14D4C3}
2009-03-16 01:36:25 ----D---- C:\Program Files\iTunes
2009-03-16 01:35:58 ----D---- C:\Program Files\Bonjour
2009-03-16 01:35:14 ----D---- C:\Program Files\QuickTime
2009-03-16 01:35:13 ----D---- C:\ProgramData\Apple Computer
2009-03-16 01:31:50 ----D---- C:\Program Files\Common Files\Apple
2009-03-15 02:30:21 ----D---- C:\Program Files\PeerGuardian2
2009-03-14 23:16:53 ----D---- C:\Users\Steven\AppData\Roaming\GrabPro
2009-03-14 23:16:53 ----D---- C:\downloads
2009-03-14 23:16:51 ----D---- C:\Users\Steven\AppData\Roaming\Orbit
2009-03-14 22:56:27 ----D---- C:\ProgramData\AOL OCP
2009-03-14 22:22:11 ----D---- C:\Windows\system32\AppData
2009-03-14 22:17:18 ----D---- C:\Windows\system32\XPSViewer
2009-03-14 22:06:50 ----D---- C:\Program Files\LimitLogins
2009-03-14 21:35:47 ----D---- C:\Program Files\Belarc
2009-03-14 20:41:01 ----D---- C:\ProgramData\LogiShrd
2009-03-14 20:35:48 ----D---- C:\Program Files\Common Files\Logishrd
2009-03-14 20:35:43 ----D---- C:\Program Files\Logitech
2009-03-13 22:04:07 ----D---- C:\Users\Steven\AppData\Roaming\AOL
2009-03-13 22:04:04 ----D---- C:\ProgramData\Macromedia
2009-03-13 22:03:15 ----D---- C:\Program Files\Common Files\Nullsoft
2009-03-13 22:02:35 ----A---- C:\Windows\system32\AOLParconLink.exe
2009-03-13 21:58:49 ----D---- C:\ProgramData\AOL
2009-03-13 21:58:49 ----D---- C:\Program Files\Common Files\aolshare
2009-03-13 21:58:49 ----D---- C:\Program Files\Common Files\aol
2009-03-13 21:58:49 ----D---- C:\Program Files\AOL 9.0
2009-03-13 18:27:45 ----A---- C:\ProgramData\N360BUOptions.ini
2009-03-13 18:21:25 ----HD---- C:\$AVG8.VAULT$
2009-03-12 02:17:58 ----D---- C:\Users\Steven\AppData\Roaming\RegFixPro
2009-03-12 02:10:17 ----D---- C:\AIM
2009-03-12 02:10:17 ----A---- C:\Windows\AIM.INI
2009-03-12 02:10:05 ----A---- C:\Windows\UNINST16.EXE
2009-03-12 00:44:41 ----D---- C:\ProgramData\AOL Downloads
2009-03-11 22:06:15 ----D---- C:\Users\Steven\AppData\Roaming\Flock
2009-03-11 22:05:45 ----D---- C:\Program Files\Flock
2009-03-11 21:44:18 ----D---- C:\Users\Steven\AppData\Roaming\Mozilla
2009-03-11 21:44:12 ----D---- C:\Program Files\Mozilla Firefox
2009-03-11 21:07:51 ----D---- C:\Intel
2009-03-10 19:58:28 ----SHD---- C:\Config.Msi
2009-03-10 19:56:06 ----A---- C:\Windows\system32\wmp.dll
2009-03-10 19:56:05 ----A---- C:\Windows\system32\spwmp.dll
2009-03-10 19:56:05 ----A---- C:\Windows\system32\dxmasf.dll
2009-03-10 19:56:04 ----A---- C:\Windows\system32\wmploc.DLL
2009-03-10 19:56:02 ----A---- C:\Windows\system32\schannel.dll
2009-03-10 01:51:48 ----D---- C:\Users\Steven\AppData\Roaming\ICAClient
2009-03-10 01:28:56 ----A---- C:\Windows\system32\deploytk.dll
2009-03-09 22:05:37 ----A---- C:\Windows\system32\newdev.exe
2009-03-09 22:05:37 ----A---- C:\Windows\system32\newdev.dll
2009-03-09 21:52:52 ----D---- C:\ProgramData\SITEguard
2009-03-09 21:51:18 ----D---- C:\Program Files\Common Files\iS3
2009-03-09 21:51:15 ----D---- C:\ProgramData\STOPzilla!
2009-03-09 18:30:49 ----D---- C:\Users\Steven\AppData\Roaming\IObit
2009-03-09 18:30:48 ----D---- C:\Program Files\IObit
2009-03-08 21:28:04 ----D---- C:\Program Files\uTorrent
2009-03-08 21:27:44 ----D---- C:\Users\Steven\AppData\Roaming\uTorrent
2009-03-08 20:05:41 ----D---- C:\ProgramData\Google
2009-03-08 16:43:57 ----D---- C:\Users\Steven\AppData\Roaming\Digital Support
2009-03-08 08:00:59 ----D---- C:\Users\Steven\AppData\Roaming\DivX
2009-03-08 05:14:44 ----D---- C:\ProgramData\Apple
2009-03-07 15:37:54 ----DC---- C:\Windows\system32\DRVSTORE
2009-03-07 15:37:53 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-03-07 15:09:21 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-03-07 15:09:10 ----D---- C:\Program Files\DivX
2009-03-07 15:04:36 ----D---- C:\Program Files\CCleaner
2009-03-07 15:01:31 ----D---- C:\Windows\system32\gl
2009-03-07 15:01:31 ----D---- C:\Windows\system32\eu
2009-03-07 15:01:31 ----D---- C:\Windows\system32\ca
2009-03-07 14:37:06 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-03-07 14:37:06 ----A---- C:\Windows\system32\netiougc.exe
2009-03-07 14:04:26 ----D---- C:\Atheros_v7.6.1.149(www.station-drivers.com)
2009-03-07 11:54:26 ----D---- C:\Program Files\REALTEK RTL8187B Wireless LAN Driver
2009-03-07 11:54:09 ----D---- C:\Users\Steven\AppData\Roaming\InstallShield
2009-03-07 11:53:02 ----D---- C:\ProgramData\Atheros
2009-03-06 23:14:03 ----D---- C:\perflogs
2009-03-06 22:51:45 ----D---- C:\Windows\Minidump
2009-03-06 22:00:01 ----D---- C:\Users\Steven\AppData\Roaming\WinBatch
2009-03-06 22:00:01 ----D---- C:\sagcv170
2009-03-06 21:30:13 ----D---- C:\inetpub
2009-03-06 21:08:47 ----D---- C:\Program Files\Microsoft Silverlight
2009-03-06 19:46:17 ----D---- C:\Windows\system32\N360_BACKUP
2009-03-06 19:11:16 ----D---- C:\ProgramData\MailFrontier
2009-03-06 19:09:53 ----D---- C:\Program Files\Zone Labs
2009-03-06 19:08:27 ----D---- C:\ProgramData\CheckPoint
2009-03-06 19:08:25 ----D---- C:\Windows\Internet Logs
2009-03-06 17:22:43 ----D---- C:\Windows\Sun
2009-03-06 17:12:40 ----D---- C:\Users\Steven\AppData\Roaming\CyberLink
2009-03-06 16:11:08 ----D---- C:\Users\Steven\AppData\Roaming\Toshiba
2009-03-06 15:02:27 ----A---- C:\Windows\system32\msshooks.dll
2009-03-06 15:02:27 ----A---- C:\Windows\system32\msscb.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\thawbrkr.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\srchadmin.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-03-06 15:02:26 ----A---- C:\Windows\system32\propsys.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\propdefs.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\msstrc.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\mssprxy.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\mssitlb.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\msshsq.dll
2009-03-06 15:02:26 ----A---- C:\Windows\system32\korwbrkr.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\xmlfilter.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\wsepno.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\tquery.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-03-06 15:02:25 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-03-06 15:02:25 ----A---- C:\Windows\system32\rtffilt.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\offfilt.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\nlhtml.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\msscntrs.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\mimefilt.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\chtbrkr.dll
2009-03-06 15:02:25 ----A---- C:\Windows\system32\chsbrkr.dll
2009-03-06 15:02:24 ----A---- C:\Windows\system32\mssvp.dll
2009-03-06 15:02:24 ----A---- C:\Windows\system32\mssrch.dll
2009-03-06 15:02:24 ----A---- C:\Windows\system32\mssphtb.dll
2009-03-06 15:02:24 ----A---- C:\Windows\system32\mssph.dll
2009-03-06 15:01:33 ----A---- C:\Windows\system32\tzres.dll
2009-03-06 14:54:21 ----D---- C:\Users\Steven\AppData\Roaming\Macromedia
2009-03-06 14:54:03 ----D---- C:\Users\Steven\AppData\Roaming\Adobe
2009-03-06 14:51:53 ----A---- C:\Windows\system32\infocardapi.dll
2009-03-06 14:51:52 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-03-06 14:51:51 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-03-06 14:51:51 ----A---- C:\Windows\system32\icardres.dll
2009-03-06 14:51:51 ----A---- C:\Windows\system32\icardagt.exe
2009-03-06 14:51:50 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-03-06 14:51:48 ----A---- C:\Windows\system32\PresentationHost.exe
2009-03-06 14:47:29 ----A---- C:\Windows\system32\dfshim.dll
2009-03-06 14:47:26 ----A---- C:\Windows\system32\netfxperf.dll
2009-03-06 14:47:26 ----A---- C:\Windows\system32\mscoree.dll
2009-03-06 14:47:18 ----A---- C:\Windows\system32\mscorier.dll
2009-03-06 14:47:15 ----A---- C:\Windows\system32\mscories.dll
2009-03-06 14:45:44 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-03-06 14:45:40 ----A---- C:\Windows\explorer.exe
2009-03-06 14:45:05 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-03-06 14:45:04 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-03-06 14:44:59 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-03-06 14:44:57 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-03-06 14:44:48 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-03-06 14:44:19 ----A---- C:\Windows\system32\EncDec.dll
2009-03-06 14:44:18 ----A---- C:\Windows\system32\psisdecd.dll
2009-03-06 14:44:12 ----A---- C:\Windows\system32\shell32.dll
2009-03-06 14:44:07 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-03-06 14:44:07 ----A---- C:\Windows\system32\mf.dll
2009-03-06 14:44:06 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-03-06 14:44:06 ----A---- C:\Windows\system32\logagent.exe
2009-03-06 14:44:03 ----A---- C:\Windows\system32\rpcrt4.dll
2009-03-06 14:44:02 ----A---- C:\Windows\system32\pacerprf.dll
2009-03-06 14:44:02 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-03-06 14:44:02 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-03-06 14:44:02 ----A---- C:\Windows\system32\BFE.DLL
2009-03-06 14:44:01 ----A---- C:\Windows\system32\msxml3.dll
2009-03-06 14:43:59 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-03-06 14:43:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-03-06 14:43:59 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-03-06 14:43:58 ----A---- C:\Windows\system32\netapi32.dll
2009-03-06 14:43:56 ----A---- C:\Windows\system32\gdi32.dll
2009-03-06 14:43:52 ----A---- C:\Windows\system32\win32spl.dll
2009-03-06 14:43:51 ----A---- C:\Windows\system32\wersvc.dll
2009-03-06 14:43:51 ----A---- C:\Windows\system32\Faultrep.dll
2009-03-06 14:43:50 ----A---- C:\Windows\system32\emdmgmt.dll
2009-03-06 14:43:50 ----A---- C:\Windows\system32\dataclen.dll
2009-03-06 14:43:50 ----A---- C:\Windows\system32\cdd.dll
2009-03-06 14:43:47 ----A---- C:\Windows\system32\wmpeffects.dll
2009-03-06 14:43:47 ----A---- C:\Windows\system32\es.dll
2009-03-06 14:43:45 ----A---- C:\Windows\system32\wshext.dll
2009-03-06 14:43:45 ----A---- C:\Windows\system32\wscript.exe
2009-03-06 14:43:45 ----A---- C:\Windows\system32\scrrun.dll
2009-03-06 14:43:45 ----A---- C:\Windows\system32\scrobj.dll
2009-03-06 14:43:45 ----A---- C:\Windows\system32\cscript.exe
2009-03-06 14:43:44 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-03-06 14:43:42 ----A---- C:\Windows\system32\connect.dll
2009-03-06 14:43:40 ----A---- C:\Windows\system32\inetcomm.dll
2009-03-06 14:43:39 ----A---- C:\Windows\system32\msxml6.dll
2009-03-06 14:40:05 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-03-06 14:40:05 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-03-06 14:32:36 ----A---- C:\Windows\system32\wups2.dll
2009-03-06 14:32:35 ----A---- C:\Windows\system32\wucltux.dll
2009-03-06 14:32:35 ----A---- C:\Windows\system32\wuaueng.dll
2009-03-06 14:32:35 ----A---- C:\Windows\system32\wuauclt.exe
2009-03-06 14:32:24 ----A---- C:\Windows\system32\wups.dll
2009-03-06 14:32:24 ----A---- C:\Windows\system32\wudriver.dll
2009-03-06 14:32:24 ----A---- C:\Windows\system32\wuapi.dll
2009-03-06 14:32:19 ----A---- C:\Windows\system32\wuwebv.dll
2009-03-06 14:32:19 ----A---- C:\Windows\system32\wuapp.exe
2009-03-06 14:32:17 ----D---- C:\Users\Steven\AppData\Roaming\Intel
2009-03-06 14:28:20 ----D---- C:\ProgramData\Pure Networks
2009-03-06 14:18:40 ----D---- C:\Users\Steven\AppData\Roaming\Symantec
2009-03-06 14:18:13 ----D---- C:\Users\Steven\AppData\Roaming\Identities
2009-03-06 14:17:40 ----SD---- C:\Users\Steven\AppData\Roaming\Microsoft
2009-03-06 14:17:40 ----D---- C:\Users\Steven\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 1 months======

2009-03-29 16:47:44 ----D---- C:\Windows\Prefetch
2009-03-29 16:47:42 ----D---- C:\Windows\Temp
2009-03-29 16:47:38 ----D---- C:\Program Files
2009-03-29 16:10:03 ----SHD---- C:\Windows\Installer
2009-03-29 16:10:00 ----HD---- C:\ProgramData
2009-03-29 16:07:44 ----D---- C:\Windows\system32\drivers
2009-03-29 16:07:30 ----AD---- C:\Windows\System32
2009-03-29 16:06:19 ----D---- C:\Windows
2009-03-29 15:37:58 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-03-29 15:30:02 ----D---- C:\Windows\system32\catroot
2009-03-29 15:30:01 ----D---- C:\Windows\inf
2009-03-29 12:52:14 ----D---- C:\Windows\Microsoft.NET
2009-03-29 12:52:09 ----RSD---- C:\Windows\assembly
2009-03-29 05:23:47 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-03-29 05:17:21 ----D---- C:\Windows\registration
2009-03-29 05:16:32 ----D---- C:\Windows\system32\catroot2
2009-03-29 05:07:19 ----D---- C:\Program Files\Internet Explorer
2009-03-29 04:24:33 ----RD---- C:\Users
2009-03-28 14:42:55 ----D---- C:\Windows\system32\config
2009-03-28 14:02:04 ----A---- C:\Windows\win.ini
2009-03-28 02:48:02 ----HD---- C:\Program Files\InstallShield Installation Information
2009-03-28 02:00:32 ----D---- C:\Windows\Tasks
2009-03-28 01:07:55 ----SHD---- C:\Boot
2009-03-27 04:08:40 ----SHD---- C:\System Volume Information
2009-03-26 20:16:32 ----D---- C:\Program Files\Common Files
2009-03-26 15:48:35 ----SD---- C:\Windows\Downloaded Program Files
2009-03-25 21:25:58 ----D---- C:\Windows\system32\Tasks
2009-03-25 19:58:59 ----HD---- C:\Windows\system32\GroupPolicyUsers
2009-03-25 13:52:38 ----D---- C:\Windows\winsxs
2009-03-25 13:52:34 ----D---- C:\Windows\Debug
2009-03-25 13:49:09 ----D---- C:\Windows\rescache
2009-03-25 13:07:19 ----D---- C:\Windows\system32\inetsrv
2009-03-25 13:07:19 ----D---- C:\Windows\system32\0409
2009-03-25 13:07:18 ----D---- C:\Windows\system32\en-US
2009-03-25 13:03:40 ----D---- C:\Windows\system32\migration
2009-03-22 02:55:10 ----D---- C:\Windows\system32\WDI
2009-03-20 16:53:16 ----D---- C:\Windows\Panther
2009-03-19 20:15:02 ----D---- C:\Windows\SoftwareDistribution
2009-03-16 16:34:52 ----D---- C:\Windows\PolicyDefinitions
2009-03-15 04:17:59 ----D---- C:\Windows\system32\LogFiles
2009-03-14 22:17:18 ----D---- C:\Windows\system32\wbem
2009-03-14 22:17:17 ----RSD---- C:\Windows\Fonts
2009-03-13 22:03:38 ----D---- C:\Windows\Downloaded Installations
2009-03-13 11:00:53 ----D---- C:\ProgramData\Microsoft Help
2009-03-13 11:00:34 ----D---- C:\Program Files\Common Files\microsoft shared
2009-03-13 11:00:23 ----D---- C:\Windows\ShellNew
2009-03-13 10:57:34 ----D---- C:\Program Files\Common Files\System
2009-03-12 18:31:59 ----D---- C:\Windows\LiveKernelReports
2009-03-12 02:24:11 ----SHD---- C:\$RECYCLE.BIN
2009-03-12 02:10:05 ----D---- C:\Windows\system
2009-03-11 19:04:19 ----D---- C:\DOCS
2009-03-11 19:04:15 ----D---- C:\Windows\system32\spool
2009-03-11 19:04:15 ----D---- C:\Windows\system32\CodeIntegrity
2009-03-11 19:04:15 ----D---- C:\Windows\Help
2009-03-11 19:04:14 ----D---- C:\Program Files\Windows Media Player
2009-03-11 19:04:14 ----D---- C:\Program Files\Windows Mail
2009-03-11 19:04:14 ----D---- C:\Program Files\Microsoft Games
2009-03-11 01:40:01 ----HD---- C:\Windows\system32\GroupPolicy
2009-03-10 01:28:47 ----A---- C:\Windows\system32\javaws.exe
2009-03-10 01:28:47 ----A---- C:\Windows\system32\javaw.exe
2009-03-10 01:28:47 ----A---- C:\Windows\system32\java.exe
2009-03-10 01:28:46 ----D---- C:\Program Files\Java
2009-03-09 19:57:49 ----D---- C:\Windows\system32\Msdtc
2009-03-08 20:17:53 ----D---- C:\Program Files\Google
2009-03-07 15:07:42 ----D---- C:\Windows\system32\zh-TW
2009-03-07 15:07:42 ----D---- C:\Windows\system32\zh-CN
2009-03-07 15:07:42 ----D---- C:\Windows\system32\tr-TR
2009-03-07 15:07:42 ----D---- C:\Windows\system32\sv-SE
2009-03-07 15:07:42 ----D---- C:\Windows\system32\ru-RU
2009-03-07 15:07:42 ----D---- C:\Windows\system32\pt-PT
2009-03-07 15:07:42 ----D---- C:\Windows\system32\pl-PL
2009-03-07 15:07:42 ----D---- C:\Windows\system32\nl-NL
2009-03-07 15:07:42 ----D---- C:\Windows\system32\ko-KR
2009-03-07 15:07:42 ----D---- C:\Windows\system32\ja-JP
2009-03-07 15:07:42 ----D---- C:\Windows\system32\it-IT
2009-03-07 15:07:42 ----D---- C:\Windows\system32\hu-HU
2009-03-07 15:07:42 ----D---- C:\Windows\system32\fr-FR
2009-03-07 15:07:42 ----D---- C:\Windows\system32\fi-FI
2009-03-07 15:07:42 ----D---- C:\Windows\system32\es-ES
2009-03-07 15:07:42 ----D---- C:\Windows\system32\el-GR
2009-03-07 15:07:42 ----D---- C:\Windows\system32\de-DE
2009-03-07 15:07:42 ----D---- C:\Windows\system32\da-DK
2009-03-07 15:07:42 ----D---- C:\Windows\system32\cs-CZ
2009-03-07 15:01:31 ----D---- C:\Windows\system32\tr
2009-03-07 15:01:31 ----D---- C:\Windows\system32\sv
2009-03-07 15:01:31 ----D---- C:\Windows\system32\sk
2009-03-07 15:01:31 ----D---- C:\Windows\system32\ru
2009-03-07 15:01:31 ----D---- C:\Windows\system32\pt
2009-03-07 15:01:31 ----D---- C:\Windows\system32\pl
2009-03-07 15:01:31 ----D---- C:\Windows\system32\no
2009-03-07 15:01:31 ----D---- C:\Windows\system32\nl
2009-03-07 15:01:31 ----D---- C:\Windows\system32\it
2009-03-07 15:01:31 ----D---- C:\Windows\system32\hu
2009-03-07 15:01:31 ----D---- C:\Windows\system32\fr
2009-03-07 15:01:31 ----D---- C:\Windows\system32\fi
2009-03-07 15:01:31 ----D---- C:\Windows\system32\es
2009-03-07 15:01:31 ----D---- C:\Windows\system32\el
2009-03-07 15:01:31 ----D---- C:\Windows\system32\de
2009-03-07 15:01:31 ----D---- C:\Windows\system32\da
2009-03-07 15:01:31 ----D---- C:\Windows\system32\cs
2009-03-07 15:01:31 ----D---- C:\Program Files\Toshiba
2009-03-07 12:58:41 ----D---- C:\ProgramData\WildTangent
2009-03-07 06:35:49 ----RSD---- C:\Windows\Media
2009-03-06 23:27:23 ----SD---- C:\ProgramData\Microsoft
2009-03-06 22:13:47 ----D---- C:\Windows\Logs
2009-03-06 17:12:43 ----D---- C:\ProgramData\CyberLink
2009-03-06 15:13:16 ----D---- C:\Windows\AppPatch
2009-03-06 15:13:14 ----D---- C:\Windows\ehome
2009-03-06 14:58:22 ----HD---- C:\Windows\msdownld.tmp
2009-03-06 14:27:09 ----D---- C:\Windows\system32\NDF
2009-03-06 14:18:17 ----AD---- C:\Windows\system32\sysprep

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-02-21 49904]
R2 Packet;Auto Internet Protocol; C:\Windows\system32\DRIVERS\packet.sys [2006-12-18 12672]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2008-02-15 46592]
R2 rimsptsk;rimsptsk; C:\Windows\system32\DRIVERS\rimsptsk.sys [2007-07-30 43008]
R2 rismxdp;Ricoh xD-Picture Card Driver; C:\Windows\system32\DRIVERS\rixdptsk.sys [2007-07-30 38400]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-02 983552]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 esiasdrv;esiasdrv; \??\C:\Windows\TEMP\esiasdrv.sys [2009-03-29 33800]
R3 FwLnk;FwLnk Driver; C:\Windows\system32\DRIVERS\FwLnk.sys [2006-11-20 7168]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-01-15 23848]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-09 2095512]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2007-02-06 25632]
R3 NETw5v32;Intel® Wireless WiFi Link Adapter Driver for Windows Vista 32 Bit ; C:\Windows\system32\DRIVERS\NETw5v32.sys [2008-04-28 3658752]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-01-20 142848]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-20 88576]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2008-08-14 203312]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2007-12-14 24200]
R3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-20 134016]
R3 UVCFTR;UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [2008-07-15 17960]
R3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw4.sys [2006-11-29 33588]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 IO_Memory;IO_Memory; C:\Windows\system32\drivers\IO_Memory.sys []
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
S3 LVcKap;Logitech AEC Driver; C:\Windows\system32\DRIVERS\LVcKap.sys [2007-02-06 1691808]
S3 LVMVDrv;Logitech Machine Vision Engine Loader; C:\Windows\system32\DRIVERS\LVMVDrv.sys [2007-02-06 1964064]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 ndiscm;Motorola SURFboard USB Cable Modem Windows Driver; C:\Windows\system32\DRIVERS\NetMotCM.sys [2004-09-29 15360]
S3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [2007-06-02 8192]
S3 Ph3xIB32;Philips 713x Inbox PCI TV Card; C:\Windows\system32\DRIVERS\Ph3xIB32.sys [2007-04-03 1131136]
S3 SVRPEDRV;SVRPEDRV; \??\C:\Windows\System32\sysprep\PEDrv.sys [2008-01-18 9216]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2008-01-20 73088]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-09 219264]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-09 211072]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-20 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AOL ACS;AOL Connectivity Service; C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe [2006-10-23 46640]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2008-07-10 40960]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-04-30 815104]
R2 hnmsvc;Advanced Networking Service; C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe [2007-07-13 111912]
R2 iprip;@%Systemroot%\system32\iprip.dll,-200; C:\Windows\System32\svchost.exe [2008-01-20 21504]
R2 LVPrcSrv;Process Monitor; c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe [2007-02-06 109344]
R2 Nomad;Connection Manager; C:\Program Files\Avanquest Connection Manager\NomadSvr.exe [2007-04-04 40960]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-04-30 466944]
R2 SNMP;@%SystemRoot%\system32\snmp.exe,-3; C:\Windows\System32\snmp.exe [2008-01-20 47616]
R2 TMachInfo;TMachInfo; C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe [2008-08-04 46392]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-07-19 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-02-06 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2008-04-11 124264]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-03-12 656168]
R3 SmartFaceVWatchSrv;SmartFaceVWatchSrv; C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe [2008-04-24 73728]
S2 gupdate1c9a04ae83d2eb6;Google Update Service (gupdate1c9a04ae83d2eb6); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-08 133104]
S2 LVSrvLauncher;LVSrvLauncher; C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe [2007-02-06 105248]
S3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
S3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-

BC AdBot (Login to Remove)

 


#2 mi2xist

mi2xist
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Raleigh, NC
  • Local time:07:53 AM

Posted 30 March 2009 - 07:24 PM

Someone help! I can't deal with this anymore......my system is only two weeks old and I already feel like smashing it!! Not sure if this is where I post the log files, but I will in hopes of anyone's assistance! Much appreciated!!

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:11:46 PM, on 3/30/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Safe mode with network support

Running processes:
C:\Windows\system32\csrss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\vds.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\IObit\Advanced SystemCare 3\AWC.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\AOL\ACS\AOLacsd.exe
C:\Program Files\Common Files\aol\1236995941\ee\aolsoftware.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\REGEDIT.EXE
C:\Windows\REGEDIT.EXE
C:\Windows\REGEDIT.EXE
C:\Windows\REGEDIT.EXE
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\AOL 9.5\waol.exe
C:\Program Files\AOL 9.5\shellmon.exe
C:\Windows\REGEDIT.EXE
C:\Windows\REGEDIT.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://home.microsoft.com/search/search.asp
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MSN Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - (no file)
O3 - Toolbar: MSN Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - C:\Program Files\MSN\Toolbar\3.0.1203.0\msneshellx.dll
O4 - HKLM\..\Run: [NswUiTray] C:\Program Files\Norton SystemWorks\NswUiTray.exe
O4 - HKCU\..\Run: [AOL Fast Start] "C:\Program Files\AOL 9.5\AOL.EXE" -b
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [Connection Manager] "C:\Program Files\Avanquest Connection Manager\Nomad.exe" /runstart (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Connection Manager] "C:\Program Files\Avanquest Connection Manager\Nomad.exe" /runstart (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Connection Manager] "C:\Program Files\Avanquest Connection Manager\Nomad.exe" /runstart (User 'Default user')
O4 - Startup: Norton Disk Doctor.lnk = C:\Program Files\Norton SystemWorks\SrtStub.exe
O4 - Startup: Norton System Doctor.lnk = C:\Program Files\Norton SystemWorks\SrtStub.exe
O4 - Global Startup: HomeNet Manager.lnk = C:\Program Files\SingleClick Systems\HomeNet Manager\ezi_hnm2.exe
O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O9 - Extra 'Tools' menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1238455696843
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C:\Program Files\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel® Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: Google Update Service (gupdate1c9a04ae83d2eb6) (gupdate1c9a04ae83d2eb6) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Advanced Networking Service (hnmsvc) - SingleClick Systems - C:\Program Files\SingleClick Systems\HomeNet Manager\hnm_svc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: Connection Manager (Nomad) - Unknown owner - C:\Program Files\Avanquest Connection Manager\NomadSvr.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel® Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: SmartFaceVWatchSrv - Toshiba - C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatchSrv.exe
O23 - Service: TMachInfo - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 6872 bytes

Edited by Orange Blossom, 30 March 2009 - 10:10 PM.
Merged topics. ~ OB


#3 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:07:53 AM

Posted 07 April 2009 - 01:37 AM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)

#4 KoanYorel

KoanYorel

    Bleepin' Conundrum


  • Members
  • 19,461 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:65 miles due East of the "Logic Free Zone", in Md, USA
  • Local time:07:53 AM

Posted 12 April 2009 - 12:52 PM

Due to the lack of feedback This Topic is closed.

Should you need it reopened, please contact a Forum Moderator. Include the address of this thread in your request.

If you have a new issue, please start a New Topic.

This applies only to the original poster. Everyone else please begin a New Topic.

R,
K
The only easy day was yesterday.

...some do, some don't; some will, some won't (WR)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users