Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Unknown Virus. Please help


  • This topic is locked This topic is locked
2 replies to this topic

#1 Redmondplayboy

Redmondplayboy

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:07:03 AM

Posted 15 June 2009 - 01:42 AM

I cant download anything from microsoft.com, The microsoft update page is redirected to www.google.com, I cant download a lot of virus protection programs. I looked around on here and found someone that has a problem very similar to this one and this is what the technician helping him said to do...........

here is the RSIT.exe iformation......

info.notpade

info.txt logfile of random's system information tool 1.06 2009-06-14 23:14:50

======Uninstall list======

-->"I:\Program Files\Creative\SBAudigy2ZS\Program\Ctzapxx.EXE" /W /U /S
-->MsiExec /X{AC54E544-3E42-443C-A91D-A00A6974C592}
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{169F8893-C1C5-4847-972C-EA1E008112AC}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{236FADD8-58FD-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{435E969D-867E-4364-8E74-3DC8A69C5BDB}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{5210ED6D-52A9-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{5CDDF96A-BC34-4D72-9ABA-E1FFF0C39977}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{7201B853-5833-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{72A810B1-EE62-455A-A086-E1C9FEDE7F29}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{72A810B1-EE62-455A-A086-E1C9FEDE7F29}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{9154ED7C-926E-49CC-B677-0CF3C5267457}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{9A4D2983-4662-4387-BE3D-4CFC2FA9C100}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{A1185190-514F-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{AC157741-3285-4D6A-B934-9174587A3493}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{B3549608-69D3-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{B3549608-69D3-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{DEBD7BF3-5856-11D6-A285-00A0CC51B2FE}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{FB2292C6-1F0A-11D7-AB2D-0090271A23A2}\setup.exe" -l0x9 /remove
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9
-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{FD851F7E-F887-405D-9E1C-488811113EF3}\setup.exe" -l0x9 /remove
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 I:\WINDOWS\INF\PCHealth.inf
avast! Antivirus-->I:\Program Files\Anit Virus Software\Avast Anti Virus\aswRunDll.exe "I:\Program Files\Anit Virus Software\Avast Anti Virus\Setup\setiface.dll",RunSetup
Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0}
GemMaster Mystic-->"I:\Program Files\GemMaster\uninstallgemmaster.exe"
HijackThis 2.0.2-->"I:\Program Files\Anit Virus Software\HiJackThis\HijackThis.exe" /uninstall
Hotfix for Windows Media Player 10 (KB903157)-->"I:\WINDOWS\$NtUninstallKB903157$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB888795)-->"I:\WINDOWS\$NtUninstallKB888795$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB891593)-->"I:\WINDOWS\$NtUninstallKB891593$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB895961)-->"I:\WINDOWS\$NtUninstallKB895961$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB899337)-->"I:\WINDOWS\$NtUninstallKB899337$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB899510)-->"I:\WINDOWS\$NtUninstallKB899510$\spuninst\spuninst.exe"
Hotfix for Windows XP (KB902841)-->"I:\WINDOWS\$NtUninstallKB902841$\spuninst\spuninst.exe"
Java™ 6 Update 14-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216014FF}
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
NVIDIA Drivers-->I:\WINDOWS\system32\nvuninst.exe UninstallGUI
NVIDIA PhysX v8.10.13-->MsiExec.exe /X{AC54E544-3E42-443C-A91D-A00A6974C592}
Otto-->"I:\Program Files\EnglishOtto\uninstallotto.exe"
Sonic Encoders-->MsiExec.exe /I{9941F0AA-B903-4AF4-A055-83A9815CC011}
Sound Blaster Audigy 2 ZS-->RunDll32 I:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "I:\Program Files\InstallShield Installation Information\{9E2514D9-DC24-4634-B348-61F3EF0F1628}\SETUP.EXE" -l0x9
Update Rollup 2 for Windows XP Media Center Edition 2005-->I:\WINDOWS\$NtUninstallKB900325$\spuninst\spuninst.exe
Vuze-->I:\Program Files\Vuze\uninstall.exe
Windows Media Format Runtime-->"I:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll

======Hosts File======

127.0.0.1 localhost
::1 localhost
209.44.111.57 2009antivirpro.com
209.44.111.57 www.2009antivirpro.com

======Security center information======

AV: avast! antivirus 4.8.1335 [VPS 090614-0]

======System event log======

Computer Name: MARKS-BEDROOM
Event Code: 32
Message: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.


Record Number: 124
Source Name: SideBySide
Time Written: 20090613160926.000000-420
Event Type: error
User:

Computer Name: MARKS-BEDROOM
Event Code: 59
Message: Generate Activation Context failed for I:\Program Files\Trend Micro\TrendSecure\Microsoft.VC80.MFC\MFC80U.DLL.
Reference error message: The operation completed successfully.
.

Record Number: 123
Source Name: SideBySide
Time Written: 20090613160926.000000-420
Event Type: error
User:

Computer Name: MARKS-BEDROOM
Event Code: 59
Message: Resolve Partial Assembly failed for Microsoft.VC80.MFCLOC.
Reference error message: The referenced assembly is not installed on your system.
.

Record Number: 122
Source Name: SideBySide
Time Written: 20090613160926.000000-420
Event Type: error
User:

Computer Name: MARKS-BEDROOM
Event Code: 32
Message: Dependent Assembly Microsoft.VC80.MFCLOC could not be found and Last Error was The referenced assembly is not installed on your system.


Record Number: 121
Source Name: SideBySide
Time Written: 20090613160926.000000-420
Event Type: error
User:

Computer Name: MACHINENAME
Event Code: 7
Message: The device, \Device\CdRom0, has a bad block.

Record Number: 7
Source Name: Cdrom
Time Written: 20090613064907.000000-420
Event Type: error
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0404
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------






Log.notpad

Logfile of random's system information tool 1.06 (written by random/random)
Run by Mark at 2009-06-14 23:14:46
Microsoft Windows XP Professional Service Pack 2
System drive I: has 145 GB (95%) free of 153 GB
Total RAM: 2045 MB (79% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:14:48 PM, on 6/14/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
I:\WINDOWS\System32\smss.exe
I:\WINDOWS\system32\winlogon.exe
I:\WINDOWS\system32\services.exe
I:\WINDOWS\system32\lsass.exe
I:\WINDOWS\system32\svchost.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Anit Virus Software\Avast Anti Virus\aswUpdSv.exe
I:\Program Files\Anit Virus Software\Avast Anti Virus\ashServ.exe
I:\WINDOWS\Explorer.EXE
I:\WINDOWS\ehome\ehtray.exe
I:\WINDOWS\system32\RUNDLL32.EXE
I:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe
I:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE
I:\WINDOWS\system32\CTHELPER.EXE
I:\PROGRA~1\ANITVI~1\AVASTA~1\ashDisp.exe
I:\Program Files\Java\jre6\bin\jusched.exe
I:\WINDOWS\system32\spoolsv.exe
I:\WINDOWS\system32\CTsvcCDA.EXE
I:\WINDOWS\eHome\ehRecvr.exe
I:\WINDOWS\eHome\ehSched.exe
I:\Program Files\Java\jre6\bin\jqs.exe
I:\WINDOWS\system32\nvsvc32.exe
I:\WINDOWS\system32\dllhost.exe
I:\WINDOWS\eHome\ehmsas.exe
I:\WINDOWS\System32\svchost.exe
I:\Program Files\Anit Virus Software\Avast Anti Virus\ashMaiSv.exe
I:\Program Files\Anit Virus Software\Avast Anti Virus\ashWebSv.exe
I:\Program Files\Internet Explorer\iexplore.exe
I:\Documents and Settings\Mark\Desktop\RSIT.exe
I:\Program Files\Anit Virus Software\HiJackThis\Mark.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = https://pccreg.trendmicro.com/16/wcoBuy/?SN...;LOCALE=en%2DUS
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - Default URLSearchHook is missing
O1 - Hosts: ::1 localhost
O1 - Hosts: 209.44.111.57 2009antivirpro.com
O1 - Hosts: 209.44.111.57 www.2009antivirpro.com
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - I:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O4 - HKLM\..\Run: [ehTray] I:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE I:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE I:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [CTSysVol] I:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [CTDVDDET] "I:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE"
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] I:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [avast!] I:\PROGRA~1\ANITVI~1\AVASTA~1\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "I:\Program Files\Java\jre6\bin\jusched.exe"
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - I:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{D8CAEA2A-AD71-4A8A-89CE-7056EE90B788}: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: NameServer = 85.255.112.127,85.255.112.196
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.127,85.255.112.196
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - I:\Program Files\Anit Virus Software\Avast Anti Virus\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - I:\Program Files\Anit Virus Software\Avast Anti Virus\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - I:\Program Files\Anit Virus Software\Avast Anti Virus\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - I:\Program Files\Anit Virus Software\Avast Anti Virus\ashWebSv.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - I:\WINDOWS\system32\CTsvcCDA.EXE
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - I:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - I:\WINDOWS\system32\nvsvc32.exe

--
End of file - 4584 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - I:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-14 41368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - I:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-14 73728]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray"=I:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512]
"NvCplDaemon"=I:\WINDOWS\system32\NvCpl.dll [2008-11-11 13672448]
"nwiz"=nwiz.exe /install []
"NvMediaCenter"=I:\WINDOWS\system32\NvMcTray.dll [2008-11-11 86016]
"CTSysVol"=I:\Program Files\Creative\SBAudigy2ZS\Surround Mixer\CTSysVol.exe [2003-09-17 57344]
"CTDVDDET"=I:\Program Files\Creative\SBAudigy2ZS\DVDAudio\CTDVDDET.EXE [2003-06-18 45056]
"CTHelper"=I:\WINDOWS\system32\CTHELPER.EXE [2004-03-10 28672]
"UpdReg"=I:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"avast!"=I:\PROGRA~1\ANITVI~1\AVASTA~1\ashDisp.exe [2009-02-05 81000]
"SunJavaUpdateSched"=I:\Program Files\Java\jre6\bin\jusched.exe [2009-06-14 148888]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"InstallVisualStyle"=I:\WINDOWS\Resources\Themes\Royale\Royale.msstyles
"InstallTheme"=I:\WINDOWS\Resources\Themes\Royale.theme

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"I:\Program Files\Vuze\Azureus.exe"="I:\Program Files\Vuze\Azureus.exe:*:Enabled:Azureus"
"I:\Program Files\Messenger\msmsgs.exe"="I:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{24dd8b9c-586b-11de-afeb-ef7855d3cc3c}]
shell\AutoRun\command - G:\CTRun\Start.EXE


======List of files/folders created in the last 3 months======

2009-06-14 23:14:46 ----D---- I:\rsit
2009-06-14 23:06:33 ----D---- I:\WINDOWS\system32\appmgmt
2009-06-14 22:47:47 ----D---- I:\Program Files\Common Files\Adobe
2009-06-14 22:43:14 ----D---- I:\WINDOWS\LastGood
2009-06-14 22:33:55 ----D---- I:\WINDOWS\Sun
2009-06-14 16:35:12 ----D---- I:\WINDOWS\CSC
2009-06-14 16:08:27 ----A---- I:\WINDOWS\ntbtlog.txt
2009-06-14 15:28:12 ----SHD---- I:\Config.Msi
2009-06-14 15:08:40 ----A---- I:\WINDOWS\system32\javaws.exe
2009-06-14 15:08:40 ----A---- I:\WINDOWS\system32\javaw.exe
2009-06-14 15:08:40 ----A---- I:\WINDOWS\system32\java.exe
2009-06-14 15:08:40 ----A---- I:\WINDOWS\system32\deploytk.dll
2009-06-14 15:08:29 ----D---- I:\Program Files\Java
2009-06-14 15:08:16 ----D---- I:\Documents and Settings\All Users\Application Data\McAfee
2009-06-14 15:07:37 ----D---- I:\Documents and Settings\Mark\Application Data\Sun
2009-06-13 17:09:49 ----A---- I:\WINDOWS\system32\MSVCR71.dll
2009-06-13 17:09:49 ----A---- I:\WINDOWS\system32\MSVCP71.dll
2009-06-13 17:09:49 ----A---- I:\WINDOWS\system32\MFC71.dll
2009-06-13 17:09:49 ----A---- I:\WINDOWS\system32\aswBoot.exe
2009-06-13 17:01:07 ----D---- I:\Documents and Settings\All Users\Application Data\Azureus
2009-06-13 17:01:06 ----D---- I:\Documents and Settings\Mark\Application Data\Azureus
2009-06-13 17:00:38 ----D---- I:\Program Files\Vuze
2009-06-13 17:00:38 ----D---- I:\Program Files\Common Files\i4j_jres
2009-06-13 16:58:05 ----N---- I:\WINDOWS\{00000003-00000000-00000005-00001102-00000004-20061102}.BAK
2009-06-13 16:55:07 ----D---- I:\Documents and Settings\Mark\Application Data\Macromedia
2009-06-13 16:45:18 ----N---- I:\WINDOWS\Updreg.EXE
2009-06-13 16:45:14 ----N---- I:\WINDOWS\system32\SFCVRT32.DLL
2009-06-13 16:45:14 ----N---- I:\WINDOWS\system32\MFCUIA32.DLL
2009-06-13 16:45:14 ----N---- I:\WINDOWS\system32\MFCANS32.DLL
2009-06-13 16:45:14 ----N---- I:\WINDOWS\CTRES.DLL
2009-06-13 16:45:14 ----N---- I:\WINDOWS\CTCCW.DLL
2009-06-13 16:45:14 ----N---- I:\WINDOWS\AC3API.INI
2009-06-13 16:45:13 ----N---- I:\WINDOWS\system32\INETWH32.DLL
2009-06-13 16:45:13 ----N---- I:\WINDOWS\system32\CTWFLT32.DLL
2009-06-13 16:45:13 ----N---- I:\WINDOWS\system32\CTL3D.DLL
2009-06-13 16:45:12 ----D---- I:\WINDOWS\system32\Defaults
2009-06-13 16:44:43 ----A---- I:\WINDOWS\system32\ksuser.dll
2009-06-13 16:44:40 ----D---- I:\Documents and Settings\Mark\Application Data\Creative
2009-06-13 16:44:37 ----D---- I:\WINDOWS\system32\Data
2009-06-13 16:44:37 ----A---- I:\WINDOWS\system32\ctzapxx.ini
2009-06-13 16:44:37 ----A---- I:\WINDOWS\system32\Aud2_Del.ini
2009-06-13 16:44:29 ----A---- I:\WINDOWS\INRES.DLL
2009-06-13 16:44:28 ----A---- I:\WINDOWS\system32\SFMS32.DLL
2009-06-13 16:44:28 ----A---- I:\WINDOWS\system32\sfman32.dll
2009-06-13 16:44:28 ----A---- I:\WINDOWS\system32\REGPLIB.EXE
2009-06-13 16:44:28 ----A---- I:\WINDOWS\READREG.EXE
2009-06-13 16:44:28 ----A---- I:\WINDOWS\PSCONV.EXE
2009-06-13 16:44:28 ----A---- I:\WINDOWS\CTDCRES.DLL
2009-06-13 16:44:27 ----A---- I:\WINDOWS\system32\PIAPROXY.DLL
2009-06-13 16:44:27 ----A---- I:\WINDOWS\system32\OPENAL32.DLL
2009-06-13 16:44:27 ----A---- I:\WINDOWS\system32\KILLAPPS.EXE
2009-06-13 16:44:27 ----A---- I:\WINDOWS\system32\KILL.INI
2009-06-13 16:44:27 ----A---- I:\WINDOWS\system32\EAXAC3.DLL
2009-06-13 16:44:27 ----A---- I:\WINDOWS\MIDIDEF.EXE
2009-06-13 16:44:27 ----A---- I:\WINDOWS\DEVREG.DLL
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\CTTHXCAL.DLL
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\CTSPKHLP.DLL
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\CTSCAL.DLL
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\ctsblfx.dll
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\CTOSUSER.DLL
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\CTMMEP.DLL
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\CTHELPER.EXE
2009-06-13 16:44:26 ----A---- I:\WINDOWS\system32\CTEMUPIA.DLL
2009-06-13 16:44:24 ----A---- I:\WINDOWS\system32\CTDPROXY.DLL
2009-06-13 16:44:24 ----A---- I:\WINDOWS\system32\CTDCIFCE.DLL
2009-06-13 16:44:24 ----A---- I:\WINDOWS\system32\CTDC0001.DLL
2009-06-13 16:44:24 ----A---- I:\WINDOWS\system32\CTDC0000.DLL
2009-06-13 16:44:23 ----A---- I:\WINDOWS\system32\ctaudfx.dll
2009-06-13 16:44:23 ----A---- I:\WINDOWS\system32\CTASIO.DLL
2009-06-13 16:44:23 ----A---- I:\WINDOWS\system32\CTAGENT.DLL
2009-06-13 16:44:21 ----A---- I:\WINDOWS\system32\commonfx.dll
2009-06-13 16:44:21 ----A---- I:\WINDOWS\system32\AC3API.DLL
2009-06-13 16:44:21 ----A---- I:\WINDOWS\system32\a3d.dll
2009-06-13 16:43:59 ----A---- I:\WINDOWS\system32\ctdvda32.dll
2009-06-13 16:43:54 ----A---- I:\WINDOWS\system32\AHQCpURes.dll
2009-06-13 16:43:18 ----A---- I:\WINDOWS\SBWIN.INI
2009-06-13 16:43:09 ----A---- I:\WINDOWS\system32\CTDetres.dll
2009-06-13 16:43:08 ----N---- I:\WINDOWS\system32\CTSVCCTL.EXE
2009-06-13 16:43:08 ----N---- I:\WINDOWS\system32\CTSVCCDA.EXE
2009-06-13 16:43:06 ----N---- I:\WINDOWS\system32\CTMEDENG.DLL
2009-06-13 16:43:05 ----A---- I:\WINDOWS\system32\CTMERes.DLL
2009-06-13 16:42:21 ----D---- I:\Program Files\Creative
2009-06-13 16:42:20 ----HD---- I:\Program Files\InstallShield Installation Information
2009-06-13 16:34:45 ----D---- I:\WINDOWS\NV32041208.TMP
2009-06-13 16:32:59 ----D---- I:\WINDOWS\system32\AGEIA
2009-06-13 16:32:59 ----D---- I:\Program Files\AGEIA Technologies
2009-06-13 16:32:51 ----D---- I:\Program Files\Common Files\Wise Installation Wizard
2009-06-13 16:32:04 ----D---- I:\WINDOWS\nview
2009-06-13 16:32:04 ----A---- I:\WINDOWS\system32\nvudisp.exe
2009-06-13 16:31:22 ----A---- I:\WINDOWS\system32\XAudio2_3.dll
2009-06-13 16:31:22 ----A---- I:\WINDOWS\system32\XAPOFX1_2.dll
2009-06-13 16:31:22 ----A---- I:\WINDOWS\system32\xactengine3_3.dll
2009-06-13 16:31:22 ----A---- I:\WINDOWS\system32\X3DAudio1_5.dll
2009-06-13 16:31:22 ----A---- I:\WINDOWS\system32\D3DX9_40.dll
2009-06-13 16:31:22 ----A---- I:\WINDOWS\system32\d3dx10_40.dll
2009-06-13 16:31:22 ----A---- I:\WINDOWS\system32\D3DCompiler_40.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\XAudio2_2.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\XAudio2_1.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\XAPOFX1_1.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\XAPOFX1_0.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\xactengine3_2.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\D3DX9_39.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\d3dx10_39.dll
2009-06-13 16:31:21 ----A---- I:\WINDOWS\system32\D3DCompiler_39.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\XAudio2_0.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\xactengine3_1.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\xactengine3_0.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\X3DAudio1_4.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\X3DAudio1_3.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\D3DX9_38.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\d3dx10_38.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\d3dx10_37.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\D3DCompiler_38.dll
2009-06-13 16:31:20 ----A---- I:\WINDOWS\system32\D3DCompiler_37.dll
2009-06-13 16:31:19 ----A---- I:\WINDOWS\system32\xactengine2_10.dll
2009-06-13 16:31:19 ----A---- I:\WINDOWS\system32\D3DX9_37.dll
2009-06-13 16:31:19 ----A---- I:\WINDOWS\system32\d3dx9_36.dll
2009-06-13 16:31:19 ----A---- I:\WINDOWS\system32\d3dx10_36.dll
2009-06-13 16:31:19 ----A---- I:\WINDOWS\system32\D3DCompiler_36.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\xactengine2_9.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\xactengine2_8.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\X3DAudio1_2.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\d3dx9_35.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\d3dx10_35.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\d3dx10_34.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\D3DCompiler_35.dll
2009-06-13 16:31:18 ----A---- I:\WINDOWS\system32\D3DCompiler_34.dll
2009-06-13 16:31:17 ----A---- I:\WINDOWS\system32\xinput1_3.dll
2009-06-13 16:31:17 ----A---- I:\WINDOWS\system32\d3dx9_34.dll
2009-06-13 16:31:16 ----A---- I:\WINDOWS\system32\xactengine2_7.dll
2009-06-13 16:31:16 ----A---- I:\WINDOWS\system32\d3dx10_33.dll
2009-06-13 16:31:16 ----A---- I:\WINDOWS\system32\D3DCompiler_33.dll
2009-06-13 16:31:14 ----A---- I:\WINDOWS\system32\xactengine2_6.dll
2009-06-13 16:31:14 ----A---- I:\WINDOWS\system32\xactengine2_5.dll
2009-06-13 16:31:14 ----A---- I:\WINDOWS\system32\d3dx9_33.dll
2009-06-13 16:31:14 ----A---- I:\WINDOWS\system32\d3dx9_32.dll
2009-06-13 16:31:13 ----A---- I:\WINDOWS\system32\xinput1_2.dll
2009-06-13 16:31:13 ----A---- I:\WINDOWS\system32\xactengine2_4.dll
2009-06-13 16:31:13 ----A---- I:\WINDOWS\system32\xactengine2_3.dll
2009-06-13 16:31:13 ----A---- I:\WINDOWS\system32\x3daudio1_1.dll
2009-06-13 16:31:13 ----A---- I:\WINDOWS\system32\d3dx9_31.dll
2009-06-13 16:31:12 ----A---- I:\WINDOWS\system32\xinput1_1.dll
2009-06-13 16:31:12 ----A---- I:\WINDOWS\system32\xactengine2_2.dll
2009-06-13 16:31:11 ----A---- I:\WINDOWS\system32\xactengine2_1.dll
2009-06-13 16:31:10 ----A---- I:\WINDOWS\system32\d3dx9_30.dll
2009-06-13 16:31:09 ----A---- I:\WINDOWS\system32\xinput9_1_0.dll
2009-06-13 16:31:09 ----A---- I:\WINDOWS\system32\xactengine2_0.dll
2009-06-13 16:31:09 ----A---- I:\WINDOWS\system32\x3daudio1_0.dll
2009-06-13 16:31:09 ----A---- I:\WINDOWS\system32\d3dx9_29.dll
2009-06-13 16:31:09 ----A---- I:\WINDOWS\system32\d3dx9_28.dll
2009-06-13 16:31:08 ----A---- I:\WINDOWS\system32\d3dx9_27.dll
2009-06-13 16:31:08 ----A---- I:\WINDOWS\system32\d3dx9_26.dll
2009-06-13 16:31:08 ----A---- I:\WINDOWS\system32\d3dx9_25.dll
2009-06-13 16:31:07 ----A---- I:\WINDOWS\system32\d3dx9_24.dll
2009-06-13 16:30:42 ----D---- I:\WINDOWS\Logs
2009-06-13 16:08:12 ----D---- I:\WINDOWS\system32\SoftwareDistribution
2009-06-13 16:07:34 ----A---- I:\WINDOWS\system32\nvunrm.exe
2009-06-13 16:07:19 ----A---- I:\WINDOWS\system32\nvconrmins.dll
2009-06-13 16:07:19 ----A---- I:\WINDOWS\system32\nvconrm.dll
2009-06-13 16:07:19 ----A---- I:\WINDOWS\system32\fdco1ins.dll
2009-06-13 16:07:19 ----A---- I:\WINDOWS\system32\fdco1.dll
2009-06-13 16:07:19 ----A---- I:\WINDOWS\system32\bdco1ins.dll
2009-06-13 16:07:19 ----A---- I:\WINDOWS\system32\bdco1.dll
2009-06-13 16:05:06 ----D---- I:\Documents and Settings\All Users\Application Data\Trend Micro
2009-06-13 16:02:11 ----D---- I:\Program Files\Anit Virus Software
2009-06-13 15:57:25 ----A---- I:\WINDOWS\system32\nvusmb.exe
2009-06-13 15:55:44 ----A---- I:\WINDOWS\system32\NVUNINST.EXE
2009-06-13 15:55:43 ----D---- I:\WINDOWS\system32\ReinstallBackups
2009-06-13 15:54:33 ----D---- I:\WINDOWS\system32\vmm32
2009-06-13 15:54:33 ----D---- I:\Program Files\Dell
2009-06-13 15:54:21 ----D---- I:\Program Files\Common Files\InstallShield
2009-06-13 15:54:20 ----SHD---- I:\RECYCLER
2009-06-13 15:52:20 ----D---- I:\Documents and Settings\Mark\Application Data\Identities
2009-06-13 15:50:04 ----D---- I:\WINDOWS\RegisteredPackages
2009-06-13 15:49:35 ----HDC---- I:\WINDOWS\$NtUninstallKB900325$
2009-06-13 15:49:20 ----HDC---- I:\WINDOWS\$NtUninstallKB902841$
2009-06-13 15:49:13 ----HDC---- I:\WINDOWS\$NtUninstallKB888795$
2009-06-13 15:49:07 ----HDC---- I:\WINDOWS\$NtUninstallKB899510$
2009-06-13 15:49:01 ----HDC---- I:\WINDOWS\$NtUninstallKB899337$
2009-06-13 15:49:00 ----N---- I:\WINDOWS\system32\xpsp3res.dll
2009-06-13 15:48:55 ----HDC---- I:\WINDOWS\$NtUninstallKB895961$
2009-06-13 15:48:49 ----HDC---- I:\WINDOWS\$NtUninstallKB891593$
2009-06-13 15:48:38 ----A---- I:\WINDOWS\system32\spupdsvc.exe
2009-06-13 15:48:37 ----HDC---- I:\WINDOWS\$NtUninstallKB903157$
2009-06-13 15:47:20 ----D---- I:\WINDOWS\system32\URTTemp
2009-06-13 15:47:04 ----D---- I:\Program Files\RGB
2009-06-13 15:45:34 ----D---- I:\Program Files\GemMaster
2009-06-13 15:45:31 ----D---- I:\Program Files\EnglishOtto
2009-06-13 15:40:51 ----SD---- I:\Documents and Settings\Mark\Application Data\Microsoft
2009-06-13 15:40:51 ----ASH---- I:\Documents and Settings\Mark\Application Data\desktop.ini
2009-06-13 15:39:55 ----D---- I:\WINDOWS\SoftwareDistribution
2009-06-13 15:39:51 ----SD---- I:\WINDOWS\system32\Microsoft
2009-06-13 15:39:51 ----D---- I:\WINDOWS\Prefetch
2009-06-13 15:39:51 ----A---- I:\WINDOWS\SchedLgU.Txt
2009-06-13 15:36:07 ----D---- I:\WINDOWS\system32\xircom
2009-06-13 15:36:07 ----D---- I:\Program Files\xerox
2009-06-13 15:36:07 ----D---- I:\Program Files\microsoft frontpage
2009-06-13 15:35:55 ----D---- I:\DELL
2009-06-13 15:35:54 ----A---- I:\WINDOWS\control.ini
2009-06-13 15:35:45 ----A---- I:\WINDOWS\OEWABLog.txt
2009-06-13 15:35:44 ----A---- I:\WINDOWS\system32\mapi32.dll
2009-06-13 15:34:55 ----SD---- I:\WINDOWS\Downloaded Program Files
2009-06-13 15:34:55 ----RD---- I:\WINDOWS\Offline Web Pages
2009-06-13 15:34:55 ----RAH---- I:\WINDOWS\system32\logonui.exe.manifest
2009-06-13 15:34:50 ----RAH---- I:\WINDOWS\system32\cdplayer.exe.manifest
2009-06-13 15:34:47 ----HD---- I:\Program Files\WindowsUpdate
2009-06-13 15:34:36 ----D---- I:\WINDOWS\system32\DirectX
2009-06-13 15:34:23 ----A---- I:\WINDOWS\system32\atrace.dll
2009-06-13 15:34:21 ----A---- I:\WINDOWS\system32\desktop.ini
2009-06-13 15:34:21 ----A---- I:\WINDOWS\desktop.ini
2009-06-13 15:34:17 ----A---- I:\WINDOWS\system32\nmevtmsg.dll
2009-06-13 15:34:16 ----D---- I:\Program Files\Common Files\Services
2009-06-13 15:34:16 ----A---- I:\WINDOWS\system32\acctres.dll
2009-06-13 15:34:14 ----SD---- I:\WINDOWS\Tasks
2009-06-13 15:34:14 ----D---- I:\Program Files\Common Files\MSSoap
2009-06-13 15:34:14 ----A---- I:\WINDOWS\system32\icfgnt5.dll
2009-06-13 15:34:12 ----D---- I:\WINDOWS\srchasst
2009-06-13 15:34:11 ----D---- I:\WINDOWS\system32\Macromed
2009-06-13 15:34:10 ----A---- I:\WINDOWS\system32\wuweb.dll
2009-06-13 15:34:10 ----A---- I:\WINDOWS\system32\wucltui.dll
2009-06-13 15:34:10 ----A---- I:\WINDOWS\system32\wuauserv.dll
2009-06-13 15:34:10 ----A---- I:\WINDOWS\system32\wuaueng1.dll
2009-06-13 15:34:10 ----A---- I:\WINDOWS\system32\wuaueng.dll
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\wups.dll
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\wuauclt1.exe
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\wuauclt.exe
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\wuapi.dll
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\qmgrprxy.dll
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\qmgr.dll
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\bitsprx3.dll
2009-06-13 15:34:09 ----A---- I:\WINDOWS\system32\bitsprx2.dll
2009-06-13 15:34:05 ----A---- I:\WINDOWS\system32\safrslv.dll
2009-06-13 15:34:04 ----A---- I:\WINDOWS\system32\safrdm.dll
2009-06-13 15:34:04 ----A---- I:\WINDOWS\system32\safrcdlg.dll
2009-06-13 15:34:04 ----A---- I:\WINDOWS\system32\racpldlg.dll
2009-06-13 15:34:03 ----A---- I:\WINDOWS\system32\fltMc.exe
2009-06-13 15:34:03 ----A---- I:\WINDOWS\system32\fltlib.dll
2009-06-13 15:34:02 ----D---- I:\WINDOWS\system32\Restore
2009-06-13 15:34:02 ----A---- I:\WINDOWS\system32\srsvc.dll
2009-06-13 15:34:02 ----A---- I:\WINDOWS\system32\srrstr.dll
2009-06-13 15:34:02 ----A---- I:\WINDOWS\system32\srclient.dll
2009-06-13 15:34:02 ----A---- I:\WINDOWS\system32\mnmdd.dll
2009-06-13 15:34:02 ----A---- I:\WINDOWS\system32\isrdbg32.dll
2009-06-13 15:34:02 ----A---- I:\WINDOWS\system32\ils.dll
2009-06-13 15:34:01 ----A---- I:\WINDOWS\system32\nmmkcert.dll
2009-06-13 15:34:01 ----A---- I:\WINDOWS\system32\msconf.dll
2009-06-13 15:34:01 ----A---- I:\WINDOWS\system32\mnmsrvc.exe
2009-06-13 15:34:00 ----D---- I:\Program Files\NetMeeting
2009-06-13 15:34:00 ----A---- I:\WINDOWS\system32\msoert2.dll
2009-06-13 15:34:00 ----A---- I:\WINDOWS\system32\msoeacct.dll
2009-06-13 15:33:59 ----A---- I:\WINDOWS\system32\inetres.dll
2009-06-13 15:33:59 ----A---- I:\WINDOWS\system32\inetcomm.dll
2009-06-13 15:33:58 ----D---- I:\Program Files\Outlook Express
2009-06-13 15:33:58 ----A---- I:\WINDOWS\system32\schedsvc.dll
2009-06-13 15:33:58 ----A---- I:\WINDOWS\system32\mstinit.exe
2009-06-13 15:33:58 ----A---- I:\WINDOWS\system32\mstask.dll
2009-06-13 15:33:57 ----A---- I:\WINDOWS\system32\isign32.dll
2009-06-13 15:33:57 ----A---- I:\WINDOWS\system32\inetcfg.dll
2009-06-13 15:33:57 ----A---- I:\WINDOWS\system32\icwphbk.dll
2009-06-13 15:33:57 ----A---- I:\WINDOWS\system32\icwdial.dll
2009-06-13 15:33:54 ----D---- I:\Program Files\Common Files\System
2009-06-13 15:33:53 ----D---- I:\Program Files\Internet Explorer
2009-06-13 15:33:23 ----RSD---- I:\WINDOWS\assembly
2009-06-13 15:33:02 ----D---- I:\Program Files\ComPlus Applications
2009-06-13 15:33:02 ----A---- I:\WINDOWS\vbaddin.ini
2009-06-13 15:33:02 ----A---- I:\WINDOWS\vb.ini
2009-06-13 15:33:01 ----D---- I:\WINDOWS\Registration
2009-06-13 15:32:59 ----D---- I:\Program Files\Online Services
2009-06-13 15:32:52 ----D---- I:\WINDOWS\Microsoft.NET
2009-06-13 15:32:51 ----D---- I:\Program Files\Windows Media Player
2009-06-13 15:32:46 ----D---- I:\Program Files\Windows Plus
2009-06-13 15:32:43 ----A---- I:\WINDOWS\system32\mhn.dll
2009-06-13 15:32:43 ----A---- I:\WINDOWS\system32\igdetect.dll
2009-06-13 15:32:41 ----D---- I:\Program Files\Movie Maker
2009-06-13 15:32:24 ----D---- I:\Program Files\Messenger
2009-06-13 15:32:22 ----D---- I:\Program Files\MSN Gaming Zone
2009-06-13 15:32:22 ----A---- I:\WINDOWS\system32\write.exe
2009-06-13 15:32:16 ----A---- I:\WINDOWS\system32\sndvol32.exe
2009-06-13 15:32:15 ----A---- I:\WINDOWS\system32\winchat.exe
2009-06-13 15:32:15 ----A---- I:\WINDOWS\system32\hticons.dll
2009-06-13 15:32:15 ----A---- I:\WINDOWS\system32\avwav.dll
2009-06-13 15:32:15 ----A---- I:\WINDOWS\system32\avtapi.dll
2009-06-13 15:32:15 ----A---- I:\WINDOWS\system32\avmeter.dll
2009-06-13 15:32:10 ----A---- I:\WINDOWS\system32\winmine.exe
2009-06-13 15:32:10 ----A---- I:\WINDOWS\system32\sol.exe
2009-06-13 15:32:10 ----A---- I:\WINDOWS\system32\mshearts.exe
2009-06-13 15:32:10 ----A---- I:\WINDOWS\system32\getuname.dll
2009-06-13 15:32:10 ----A---- I:\WINDOWS\system32\charmap.exe
2009-06-13 15:32:10 ----A---- I:\WINDOWS\system32\calc.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\usrlogon.cmd
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\tsshutdn.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\tslabels.ini
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\tskill.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\tsdiscon.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\tscon.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\shadow.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\rwinsta.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\reset.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\regini.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\rdpcfgex.dll
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\qwinsta.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\qappsrv.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\msg.exe
2009-06-13 15:32:09 ----A---- I:\WINDOWS\system32\freecell.exe
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\mtxlegih.dll
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\mtxex.dll
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\mtxdm.dll
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\msdtcprf.ini
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\logoff.exe
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\dcomcnfg.exe
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\comrepl.dll
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\comaddin.dll
2009-06-13 15:32:08 ----A---- I:\WINDOWS\system32\cdmodem.dll
2009-06-13 15:32:07 ----A---- I:\WINDOWS\system32\stclient.dll
2009-06-13 15:32:07 ----A---- I:\WINDOWS\system32\comsnap.dll
2009-06-13 15:32:04 ----A---- I:\WINDOWS\system32\wmimgmt.msc
2009-06-13 15:31:59 ----D---- I:\Program Files\MSN
2009-06-13 15:31:59 ----A---- I:\WINDOWS\system32\sndrec32.exe
2009-06-13 15:31:59 ----A---- I:\WINDOWS\system32\mplay32.exe
2009-06-13 15:31:59 ----A---- I:\WINDOWS\system32\accwiz.exe
2009-06-13 15:31:58 ----D---- I:\Program Files\Windows NT
2009-06-13 15:31:58 ----A---- I:\WINDOWS\system32\spider.exe
2009-06-13 15:31:58 ----A---- I:\WINDOWS\system32\mspaint.exe
2009-06-13 15:31:58 ----A---- I:\WINDOWS\system32\hypertrm.dll
2009-06-13 15:31:58 ----A---- I:\WINDOWS\system32\clipbrd.exe
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\tscupgrd.exe
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\tscfgwmi.dll
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\termsrv.dll
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\sessmgr.exe
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\remotepg.dll
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\rdshost.exe
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\rdsaddin.exe
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\rdpwsx.dll
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\rdpsnd.dll
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\rdchost.dll
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\mstscax.dll
2009-06-13 15:31:57 ----A---- I:\WINDOWS\system32\mstsc.exe
2009-06-13 15:31:56 ----D---- I:\WINDOWS\system32\MsDtc
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\xolehlp.dll
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\rdpclip.exe
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\qprocess.exe
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\mtxoci.dll
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\msdtcuiu.dll
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\msdtctm.dll
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\msdtcprx.dll
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\msdtclog.dll
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\msdtc.exe
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\icaapi.dll
2009-06-13 15:31:56 ----A---- I:\WINDOWS\system32\cfgbkend.dll
2009-06-13 15:31:55 ----D---- I:\WINDOWS\system32\Com
2009-06-13 15:31:55 ----A---- I:\WINDOWS\system32\comsvcs.dll
2009-06-13 15:31:55 ----A---- I:\WINDOWS\system32\colbact.dll
2009-06-13 15:31:55 ----A---- I:\WINDOWS\system32\clbcatex.dll
2009-06-13 15:31:55 ----A---- I:\WINDOWS\system32\catsrvut.dll
2009-06-13 15:31:55 ----A---- I:\WINDOWS\system32\catsrvps.dll
2009-06-13 15:31:55 ----A---- I:\WINDOWS\system32\catsrv.dll
2009-06-13 15:31:54 ----A---- I:\WINDOWS\system32\comuid.dll
2009-06-13 15:31:54 ----A---- I:\WINDOWS\system32\clbcatq.dll
2009-06-13 15:31:51 ----A---- I:\WINDOWS\system32\servdeps.dll
2009-06-13 15:31:50 ----A---- I:\WINDOWS\system32\mmfutil.dll
2009-06-13 15:31:50 ----A---- I:\WINDOWS\system32\licwmi.dll
2009-06-13 15:31:50 ----A---- I:\WINDOWS\system32\cmprops.dll
2009-06-13 08:31:17 ----A---- I:\WINDOWS\system32\h323log.txt
2009-06-13 06:51:16 ----A---- I:\WINDOWS\system32\hidserv.dll
2009-06-13 06:50:32 ----A---- I:\WINDOWS\system32\usbui.dll
2009-06-13 06:49:49 ----A---- I:\WINDOWS\imsins.BAK
2009-06-13 06:49:46 ----SHD---- I:\WINDOWS\Installer
2009-06-13 06:49:46 ----D---- I:\Program Files\Common Files\ODBC
2009-06-13 06:49:46 ----A---- I:\WINDOWS\system32\PerfStringBackup.INI
2009-06-13 06:49:46 ----A---- I:\WINDOWS\ODBCINST.INI
2009-06-13 06:49:44 ----D---- I:\Program Files\Common Files\SpeechEngines
2009-06-13 06:49:44 ----D---- I:\Program Files\Common Files\Microsoft Shared
2009-06-13 06:49:43 ----RD---- I:\Program Files
2009-06-13 06:49:43 ----D---- I:\Program Files\Common Files
2009-06-13 06:49:42 ----RA---- I:\WINDOWS\system32\kbdtuq.dll
2009-06-13 06:49:42 ----RA---- I:\WINDOWS\system32\kbdtuf.dll
2009-06-13 06:49:42 ----RA---- I:\WINDOWS\system32\kbdazel.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdycc.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbduzb.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdur.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdtat.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdru1.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdru.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdmon.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdkyr.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdkaz.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdbu.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdblr.dll
2009-06-13 06:49:40 ----RA---- I:\WINDOWS\system32\kbdaze.dll
2009-06-13 06:49:39 ----RA---- I:\WINDOWS\system32\kbdhept.dll
2009-06-13 06:49:39 ----RA---- I:\WINDOWS\system32\kbdhela3.dll
2009-06-13 06:49:39 ----RA---- I:\WINDOWS\system32\kbdhela2.dll
2009-06-13 06:49:39 ----RA---- I:\WINDOWS\system32\kbdhe319.dll
2009-06-13 06:49:39 ----RA---- I:\WINDOWS\system32\kbdhe220.dll
2009-06-13 06:49:39 ----RA---- I:\WINDOWS\system32\kbdhe.dll
2009-06-13 06:49:39 ----RA---- I:\WINDOWS\system32\kbdgkl.dll
2009-06-13 06:49:38 ----RA---- I:\WINDOWS\system32\kbdlv1.dll
2009-06-13 06:49:38 ----RA---- I:\WINDOWS\system32\kbdlv.dll
2009-06-13 06:49:38 ----RA---- I:\WINDOWS\system32\kbdlt1.dll
2009-06-13 06:49:38 ----RA---- I:\WINDOWS\system32\kbdlt.dll
2009-06-13 06:49:38 ----RA---- I:\WINDOWS\system32\kbdest.dll
2009-06-13 06:49:37 ----RA---- I:\WINDOWS\system32\kbdsl1.dll
2009-06-13 06:49:37 ----RA---- I:\WINDOWS\system32\kbdsl.dll
2009-06-13 06:49:37 ----RA---- I:\WINDOWS\system32\kbdro.dll
2009-06-13 06:49:37 ----RA---- I:\WINDOWS\system32\kbdpl1.dll
2009-06-13 06:49:37 ----RA---- I:\WINDOWS\system32\kbdpl.dll
2009-06-13 06:49:37 ----RA---- I:\WINDOWS\system32\kbdhu1.dll
2009-06-13 06:49:37 ----RA---- I:\WINDOWS\system32\kbdhu.dll
2009-06-13 06:49:36 ----RA---- I:\WINDOWS\system32\kbdycl.dll
2009-06-13 06:49:36 ----RA---- I:\WINDOWS\system32\kbdcz2.dll
2009-06-13 06:49:36 ----RA---- I:\WINDOWS\system32\kbdcz1.dll
2009-06-13 06:49:36 ----RA---- I:\WINDOWS\system32\kbdcz.dll
2009-06-13 06:49:36 ----RA---- I:\WINDOWS\system32\kbdcr.dll
2009-06-13 06:49:36 ----RA---- I:\WINDOWS\system32\KBDAL.DLL
2009-06-13 06:49:35 ----A---- I:\WINDOWS\system32\irclass.dll
2009-06-13 06:49:35 ----A---- I:\WINDOWS\system32\dgrpsetu.dll
2009-06-13 06:49:34 ----A---- I:\WINDOWS\system32\spxcoins.dll
2009-06-13 06:49:34 ----A---- I:\WINDOWS\system32\EqnClass.Dll
2009-06-13 06:49:34 ----A---- I:\WINDOWS\system32\dgsetup.dll
2009-06-13 06:49:33 ----A---- I:\WINDOWS\TASKMAN.EXE
2009-06-13 06:49:33 ----A---- I:\WINDOWS\system32\batt.dll
2009-06-13 06:49:32 ----A---- I:\WINDOWS\system32\storprop.dll
2009-06-13 06:49:32 ----A---- I:\WINDOWS\NOTEPAD.EXE
2009-06-13 06:49:29 ----ASH---- I:\Documents and Settings\All Users\Application Data\desktop.ini
2009-06-13 06:49:26 ----RA---- I:\WINDOWS\SET8.tmp
2009-06-13 06:49:25 ----RA---- I:\WINDOWS\SET4.tmp
2009-06-13 06:49:24 ----RA---- I:\WINDOWS\SET3.tmp
2009-06-13 06:49:21 ----D---- I:\WINDOWS\system32\CatRoot2
2009-06-13 06:49:21 ----D---- I:\WINDOWS\system32\CatRoot
2009-06-13 06:49:15 ----SD---- I:\Documents and Settings\All Users\Application Data\Microsoft
2009-06-13 06:48:47 ----A---- I:\WINDOWS\setuplog.txt
2009-06-13 06:48:44 ----SHD---- I:\System Volume Information
2009-06-13 06:48:44 ----D---- I:\Documents and Settings
2009-06-13 06:47:39 ----SH---- I:\boot.ini
2009-06-13 06:43:33 ----RSHDC---- I:\WINDOWS\system32\dllcache
2009-06-13 06:43:33 ----RSD---- I:\WINDOWS\Fonts
2009-06-13 06:43:33 ----RD---- I:\WINDOWS\Web
2009-06-13 06:43:33 ----HD---- I:\WINDOWS\inf
2009-06-13 06:43:33 ----D---- I:\WINDOWS\WinSxS
2009-06-13 06:43:33 ----D---- I:\WINDOWS\twain_32
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Temp
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\wins
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\wbem
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\usmt
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\spool
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\ShellExt
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\Setup
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\ras
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\oobe
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\npp
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\mui
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\inetsrv
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\IME
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\icsxml
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\ias
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\export
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\drivers
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\dhcp
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\config
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\3com_dmi
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\3076
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\2052
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1054
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1042
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1041
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1037
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1033
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1031
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1028
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32\1025
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system32
2009-06-13 06:43:33 ----D---- I:\WINDOWS\system
2009-06-13 06:43:33 ----D---- I:\WINDOWS\security
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Resources
2009-06-13 06:43:33 ----D---- I:\WINDOWS\repair
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Provisioning
2009-06-13 06:43:33 ----D---- I:\WINDOWS\PeerNet
2009-06-13 06:43:33 ----D---- I:\WINDOWS\pchealth
2009-06-13 06:43:33 ----D---- I:\WINDOWS\mui
2009-06-13 06:43:33 ----D---- I:\WINDOWS\msapps
2009-06-13 06:43:33 ----D---- I:\WINDOWS\msagent
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Media
2009-06-13 06:43:33 ----D---- I:\WINDOWS\java
2009-06-13 06:43:33 ----D---- I:\WINDOWS\ime
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Help
2009-06-13 06:43:33 ----D---- I:\WINDOWS\ehome
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Driver Cache
2009-06-13 06:43:33 ----D---- I:\WINDOWS\dell
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Debug
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Cursors
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Connection Wizard
2009-06-13 06:43:33 ----D---- I:\WINDOWS\Config
2009-06-13 06:43:33 ----D---- I:\WINDOWS\AppPatch
2009-06-13 06:43:33 ----D---- I:\WINDOWS\addins
2009-06-13 06:43:33 ----D---- I:\WINDOWS

======List of files/folders modified in the last 3 months======

2009-06-13 15:35:53 ----A---- I:\WINDOWS\win.ini
2009-06-13 06:49:43 ----N---- I:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; I:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 aswSP;avast! Self Protection; I:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; I:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 intelppm;Intel Processor Driver; I:\WINDOWS\system32\DRIVERS\intelppm.sys [2004-08-10 36096]
R1 kbdhid;Keyboard HID Driver; I:\WINDOWS\system32\DRIVERS\kbdhid.sys [2004-08-10 14848]
R2 aswFsBlk;aswFsBlk; I:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; I:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R3 Arp1394;1394 ARP Client Protocol; I:\WINDOWS\system32\DRIVERS\arp1394.sys [2004-08-10 60800]
R3 aswRdr;aswRdr; I:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ctac32k;Creative AC3 Software Decoder; I:\WINDOWS\system32\drivers\ctac32k.sys [2004-07-12 645360]
R3 ctaud2k;Creative Audio Driver (WDM); I:\WINDOWS\system32\drivers\ctaud2k.sys [2004-08-05 366384]
R3 ctprxy2k;Creative Proxy Driver; I:\WINDOWS\system32\drivers\ctprxy2k.sys [2004-07-12 6096]
R3 ctsfm2k;Creative SoundFont Management Device Driver; I:\WINDOWS\system32\drivers\ctsfm2k.sys [2004-07-12 130288]
R3 emupia;E-mu Plug-in Architecture Driver; I:\WINDOWS\system32\drivers\emupia2k.sys [2004-07-12 145488]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; I:\WINDOWS\system32\drivers\ha10kx2k.sys [2004-08-12 904752]
R3 hap16v2k;Creative P16V HAL Driver; I:\WINDOWS\system32\drivers\hap16v2k.sys [2004-07-12 148432]
R3 hidusb;Microsoft HID Class Driver; I:\WINDOWS\system32\DRIVERS\hidusb.sys [2004-08-10 9600]
R3 mouhid;Mouse HID Driver; I:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-10 12160]
R3 NIC1394;1394 Net Driver; I:\WINDOWS\system32\DRIVERS\nic1394.sys [2004-08-10 61824]
R3 nv;nv; I:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-11-11 6188320]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; I:\WINDOWS\system32\DRIVERS\NVENETFD.sys [2005-07-26 33664]
R3 nvnetbus;NVIDIA Network Bus Enumerator; I:\WINDOWS\system32\DRIVERS\nvnetbus.sys [2005-07-26 12928]
R3 ossrv;Creative OS Services Driver; I:\WINDOWS\system32\drivers\ctoss2k.sys [2004-07-12 178672]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbehci.sys [2004-08-10 26624]
R3 usbhub;Microsoft USB Standard Hub Driver; I:\WINDOWS\system32\DRIVERS\usbhub.sys [2004-08-10 57600]
R3 usbohci;Microsoft USB Open Host Controller Miniport Driver; I:\WINDOWS\system32\DRIVERS\usbohci.sys [2004-08-10 17024]
R3 usbprint;Microsoft USB PRINTER Class; I:\WINDOWS\system32\DRIVERS\usbprint.sys [2004-08-03 25856]
R3 usbstor;USB Mass Storage Driver; I:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2004-08-10 26496]
S3 ctdvda2k;Creative DVD-Audio Device Driver; I:\WINDOWS\system32\drivers\ctdvda2k.sys [2003-11-12 333600]
S3 MHNDRV;MHN driver; I:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008]
S3 neokdss;neokdss; I:\WINDOWS\system32\Drivers\neokdss.sys []
S4 IntelIde;IntelIde; I:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; I:\Program Files\Anit Virus Software\Avast Anti Virus\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; I:\Program Files\Anit Virus Software\Avast Anti Virus\ashServ.exe [2009-02-05 138680]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; I:\WINDOWS\system32\CTsvcCDA.EXE [1999-12-12 44032]
R2 ehRecvr;Media Center Receiver Service; I:\WINDOWS\eHome\ehRecvr.exe [2005-08-05 235520]
R2 ehSched;Media Center Scheduler Service; I:\WINDOWS\eHome\ehSched.exe [2005-08-05 102912]
R2 JavaQuickStarterService;Java Quick Starter; I:\Program Files\Java\jre6\bin\jqs.exe [2009-06-14 152984]
R2 McrdSvc;Media Center Extender Service; I:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328]
R2 NVSvc;NVIDIA Display Driver Service; I:\WINDOWS\system32\nvsvc32.exe [2008-11-11 163908]
R3 avast! Mail Scanner;avast! Mail Scanner; I:\Program Files\Anit Virus Software\Avast Anti Virus\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; I:\Program Files\Anit Virus Software\Avast Anti Virus\ashWebSv.exe [2009-02-05 352920]
S3 aspnet_state;ASP.NET State Service; I:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 MHN;MHN; I:\WINDOWS\System32\svchost.exe [2004-08-10 14336]
S3 UMWdf;Windows User Mode Driver Framework; I:\WINDOWS\system32\wdfmgr.exe [2005-08-03 38912]

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:09:03 AM

Posted 22 June 2009 - 02:17 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 Orange Blossom

Orange Blossom

    OBleepin Investigator


  • Moderator
  • 36,801 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Bloomington, IN
  • Local time:10:03 AM

Posted 25 June 2009 - 08:16 PM

Due to the lack of feedback, this Topic is now closed.

In case you still have problems, please send me a Private message to reopen this topic within the next 5 days. Beyond that point, please start a new topic.

Orange Blossom :thumbup2:
Help us help you. If HelpBot replies, you MUST follow step 1 in its reply so we know you need help.

Orange Blossom

An ounce of prevention is worth a pound of cure

SpywareBlaster, WinPatrol Plus, ESET Smart Security, Malwarebytes' Anti-Malware, NoScript Firefox ext., Norton noscript




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users