Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

cpu 100% for last two weeks


  • This topic is locked This topic is locked
6 replies to this topic

#1 dohunky

dohunky

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:03 AM

Posted 06 July 2009 - 07:24 PM

Howdy all, thanks in advance for looking into my problem. I' ve never had a problem like this before. mmmm... took 8 hours to get to the point were i could copy this log. The computer is dell5300 core2duo vista os. Works great in safe mode though. The dell apache folder looks odd. Malware scans showed nothing suspect.

Logfile of random's system information tool 1.06 (written by random/random)
Run by brendan at 2009-07-05 22:03:49
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 14 GB (17%) free of 82 GB
Total RAM: 3325 MB (28% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:19:29 PM, on 7/5/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Registry Mechanic\RMTray.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Windows Home Server\WHSTrayApp.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
Q:\RSIT.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
Q:\RSIT.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Program Files\Trend Micro\HijackThis\brendan.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe
C:\Windows\system32\cmd.exe
C:\Program Files\Common Files\Dell\apache\php.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: RoboForm - {724d43a9-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: BrowserHelper Class - {9A065C65-4EE7-4DDD-9918-F129089A894A} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Home Server Banner - {D73E76A3-F902-45BD-8FC8-95AE8E014671} - C:\Program Files\Windows Home Server\WHSDeskBands.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [AsioReg] REGSVR32.EXE /S CTASIO.DLL
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKCU\..\Run: [ehTray.exe] E:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [RegistryMechanic] C:\Program Files\Registry Mechanic\RMTray.exe /H
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-858447262-2221547657-2754108100-1010\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'RA Media Server')
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O4 - Global Startup: Windows Home Server.lnk = ?
O8 - Extra context menu item: Add to Evernote - res://C:\Program Files\Evernote\Evernote3\enbar.dll/2000
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Customize Menu - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComCustomizeIEMenu.html
O8 - Extra context menu item: Fill Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O8 - Extra context menu item: RoboForm Toolbar - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O8 - Extra context menu item: Save Forms - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O8 - Extra context menu item: Send by Bluetooth - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tsinfo.htm
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O8 - Extra context menu item: Send via &Message... - C:\Program Files\IVT Corporation\BlueSoleil\TransSend\IE\tssms.htm
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra 'Tools' menuitem: @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra 'Tools' menuitem: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComFillForms.html
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra 'Tools' menuitem: Save Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComSavePass.html
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra 'Tools' menuitem: RoboForm Toolbar - {724d43aa-0d85-11d4-9908-00400523e39a} - file://C:\Program Files\Siber Systems\AI RoboForm\RoboFormComShowToolbar.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O9 - Extra 'Tools' menuitem: Add to Evernote - {E0B8C461-F8FB-49b4-8373-FE32E9252800} - C:\Program Files\Evernote\Evernote3\enbar.dll
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O17 - HKLM\System\CCS\Services\Tcpip\..\{019D2B0E-1D31-4852-95B0-99162C409935}: NameServer = 192.168.0.1
O17 - HKLM\System\CCS\Services\Tcpip\..\{3551FF43-8149-4F1A-B503-EEAC357B2F1C}: NameServer = 192.168.0.1
O17 - HKLM\System\CS1\Services\Tcpip\..\{019D2B0E-1D31-4852-95B0-99162C409935}: NameServer = 192.168.0.1
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Acronis OS Selector Reinstall Service (AcronisOSSReinstallSvc) - Unknown owner - C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Andrea RT Filters Service (AERTFilters) - Andrea Electronics Corporation - C:\Windows\system32\AERTSrv.exe
O23 - Service: AMD External Events Utility - AMD - C:\Windows\system32\atiesrxx.exe
O23 - Service: Remote Access Media Server (Apache2.2) - Apache Software Foundation - C:\Program Files\Common Files\Dell\apache\bin\httpd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BlueSoleilCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: BsHelpCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe
O23 - Service: BsMobileCS - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe
O23 - Service: Remote Access DB (dsl-db) - Unknown owner - C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe
O23 - Service: Remote Access File Sync Service (dsl-fs-sync) - SingleClick Systems - C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe
O23 - Service: Portrait Displays Display Tune Service (DTSRVC) - Unknown owner - C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Advanced Networking Service (hnmsvc) - Dell Inc. - C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LVCOMSer - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: UltraVNC Server (uvnc_service) - UltraVNC - C:\ProgramData\UltraVNC\winvnc.exe

--
End of file - 21783 bytes

======Scheduled tasks folder======

C:\Windows\tasks\1-Click Maintenance.job
C:\Windows\tasks\AWC AutoSweep.job
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\Run RoboForm Process.job
C:\Windows\tasks\SmartDefrag.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2009-02-27 61816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{724d43a9-0d85-11d4-9908-00400523e39a}]
C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-04-13 5931848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-10-26 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9A065C65-4EE7-4DDD-9918-F129089A894A}]
BrowserHelper Class - C:\Program Files\Windows Home Server\WHSDeskBands.dll [2009-04-20 244592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-14 251504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE7CD045-E861-484f-8273-0445EE161910}]
Adobe PDF Conversion Toolbar Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-06-25 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll [2008-12-14 522224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-10-26 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F4971EE7-DAA0-4053-9964-665D8EE6A077}]
SmartSelect Class - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{724d43a0-0d85-11d4-9908-00400523e39a} - &RoboForm - C:\Program Files\Siber Systems\AI RoboForm\roboform.dll [2009-04-13 5931848]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll [2008-12-14 251504]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2009-02-27 349576]
{D73E76A3-F902-45BD-8FC8-95AE8E014671} - Home Server Banner - C:\Program Files\Windows Home Server\WHSDeskBands.dll [2009-04-20 244592]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-05-01 13781536]
"AsioReg"=REGSVR32.EXE /S CTASIO.DLL []
"Kernel and Hardware Abstraction Layer"=C:\Windows\KHALMNPR.EXE [2008-12-18 76304]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ehTray.exe"=E:\Windows\ehome\ehTray.exe []
"RegistryMechanic"=C:\Program Files\Registry Mechanic\RMTray.exe [2008-07-03 812952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bluetooth Connection Assistant]
LBTWIZ.EXE -silent []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
C:\Windows\system32\CTHELPER.EXE [2008-06-27 19456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IndexSearch]
C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe [2008-05-10 46368]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM]
C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe [2006-09-11 218032]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr]
C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\My Movies Tray]
C:\Program Files\MCE\My Movies\My Movies Tray.exe [2009-04-23 298456]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmapp]
C:\Program Files\Pure Networks\Network Magic\nmapp.exe -autorun -nosplash []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PaperPort PTD]
C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe [2008-05-10 29984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDVDDXSrv]
C:\Program Files\CyberLink\PowerDVD DX\PDVDDXSrv.exe [2009-04-02 128232]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PPort11reminder]
C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe [2007-08-31 328992]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
C:\Program Files\Quicktime\QTTask.exe [2009-05-26 413696]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RoboForm]
C:\Program Files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe [2009-04-13 160592]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2008-01-17 4907008]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SSBkgdUpdate]
C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [2006-10-25 210472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StartCCC]
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe MSRun []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-05-14 1830128]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2008-07-15 68856]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zinio DLM]
C:\Program Files\Zinio\ZinioReader.exe [2008-10-29 2699334]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk]
C:\PROGRA~1\WIDCOMM\BLUETO~1\BTTray.exe [2007-03-29 719664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Scheduler.lnk]
[]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^SetPointII.lnk]
C:\PROGRA~1\Logitech\SETPOI~1\SETPOI~1.EXE [2007-08-30 319488]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Windows Home Server.lnk]
C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe [2009-06-27 555880]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Users^brendan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Scheduler.lnk]
[]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
Windows Home Server.lnk - C:\Windows\Installer\{21E49794-7C13-4E84-8659-55BD378267D5}\WHSTrayApp.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-02-11 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe"="C:\Program Files\Logitech\Logitech Harmony Remote Software 7\HarmonyRemote.exe:*:Enabled:Logitech Harmony Remote Software 7"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{769ca4dc-554d-11dd-848c-001d0990ed2e}]
shell\AutoRun\command - J:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{86541acd-f736-11dd-93a6-001c26dcad51}]
shell\AutoRun\command - Q:\.\Vado\Vado.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a1127601-0690-11de-9309-0011676b7652}]
shell\AutoRun\command - P:\SETUP.EXE
shell\configure\command - P:\SETUP.EXE
shell\install\command - P:\SETUP.EXE

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ac9a77da-5fda-11dd-b984-001d0990ed2e}]
shell\AutoRun\command - E:\LaunchU3.exe -a

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{ce9f4417-5904-11dd-a83c-806e6f6e6963}]
shell\AutoRun\command - D:\whsconnectorinstall.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb6b5fac-c013-11dd-af2c-0011676b7652}]
shell\AutoRun\command - Q:\setupSNK.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{fb6b5faf-c013-11dd-af2c-0011676b7652}]
shell\AutoRun\command - O:\LaunchU3.exe -a


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -
.vbs - open - NOTEPAD.EXE %1

======List of files/folders created in the last 1 months======

2009-07-02 20:15:53 ----D---- C:\rsit
2009-07-01 22:09:09 ----D---- C:\Users\brendan\AppData\Roaming\Malwarebytes
2009-07-01 22:09:04 ----D---- C:\ProgramData\Malwarebytes
2009-07-01 22:09:04 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-30 21:27:04 ----A---- C:\Windows\ntbtlog.txt
2009-06-29 23:43:38 ----D---- C:\ProgramData\SecTaskMan
2009-06-29 23:43:35 ----D---- C:\Program Files\Security Task Manager
2009-06-29 23:34:38 ----DC---- C:\ProgramData\{2BAE6915-8510-4B9F-B498-02DA86258AA0}
2009-06-29 23:28:30 ----D---- C:\Program Files\Trend Micro
2009-06-29 23:24:26 ----A---- C:\Windows\system32\STKIT432.DLL
2009-06-29 23:24:26 ----A---- C:\Windows\system32\msxml.dll
2009-06-29 23:24:24 ----D---- C:\Program Files\Registry Mechanic
2009-06-28 16:29:29 ----D---- C:\Windows\Sun
2009-06-27 17:50:15 ----D---- C:\Program Files\PC Inspector File Recovery
2009-06-27 09:44:20 ----D---- C:\Program Files\DVD Copy Creator Ripper
2009-06-24 20:30:58 ----D---- C:\Program Files\WebSite X5 v8 - Smart
2009-06-24 20:26:55 ----A---- C:\Windows\system32\VB5STKIT.DLL
2009-06-24 20:26:54 ----A---- C:\Windows\system32\iwpsetup.exe
2009-06-22 19:48:53 ----A---- C:\Tmp9112.tmp
2009-06-22 19:45:00 ----D---- C:\Program Files\ZebraNetworkSystems
2009-06-22 19:42:47 ----A---- C:\TmpFA40.tmp
2009-06-22 19:42:45 ----D---- C:\Users\brendan\AppData\Roaming\ZebraNetworkSystems
2009-06-20 18:40:53 ----D---- C:\Program Files\Saga
2009-06-19 08:34:51 ----D---- C:\Users\brendan\AppData\Roaming\ArcticLine
2009-06-19 08:34:49 ----D---- C:\Program Files\Folder Marker
2009-06-17 21:15:41 ----RA---- C:\Windows\system32\AdobePDFUI.dll
2009-06-16 20:16:29 ----D---- C:\DriveKey
2009-06-15 20:25:01 ----D---- C:\Program Files\Sony
2009-06-14 11:42:49 ----D---- C:\ProgramData\Dell Remote Desktop Client
2009-06-14 11:38:55 ----A---- C:\Windows\RtlExUpd.dll
2009-06-14 11:26:44 ----D---- C:\ProgramData\UltraVNC
2009-06-14 11:18:04 ----D---- C:\Program Files\Dell Remote Access
2009-06-14 11:18:04 ----D---- C:\Program Files\Common Files\Dell
2009-06-14 10:24:57 ----D---- C:\Program Files\RadarSync
2009-06-14 10:06:47 ----D---- C:\Program Files\Extra Screen Capture Pro
2009-06-14 09:13:14 ----D---- C:\ATI
2009-06-09 11:53:52 ----A---- C:\Windows\system32\localspl.dll
2009-06-09 11:53:51 ----A---- C:\Windows\system32\mshtml.dll
2009-06-09 11:53:50 ----A---- C:\Windows\system32\urlmon.dll
2009-06-09 11:53:50 ----A---- C:\Windows\system32\iertutil.dll
2009-06-09 11:53:50 ----A---- C:\Windows\system32\ieframe.dll
2009-06-09 11:53:49 ----A---- C:\Windows\system32\wininet.dll
2009-06-09 11:53:49 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-09 11:53:49 ----A---- C:\Windows\system32\ieui.dll
2009-06-09 11:53:49 ----A---- C:\Windows\system32\iesetup.dll
2009-06-09 11:53:49 ----A---- C:\Windows\system32\iernonce.dll
2009-06-09 11:53:49 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-09 11:53:49 ----A---- C:\Windows\system32\ie4uinit.exe
2009-06-09 11:53:41 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-07 11:05:40 ----A---- C:\Windows\system32\GEARAspi.dll
2009-06-07 11:05:28 ----D---- C:\Program Files\iPod
2009-06-07 11:05:27 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-06-07 11:05:27 ----D---- C:\Program Files\iTunes
2009-06-07 11:03:52 ----D---- C:\Program Files\Quicktime
2009-06-07 11:02:13 ----D---- C:\Program Files\Apple Software Update
2009-06-07 10:14:21 ----D---- C:\temp

======List of files/folders modified in the last 1 months======

2009-07-05 22:19:30 ----D---- C:\Windows\Temp
2009-07-05 21:09:22 ----D---- C:\Windows\System32
2009-07-05 21:09:11 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-05 21:08:57 ----D---- C:\Windows\inf
2009-07-05 20:59:04 ----AD---- C:\ProgramData\TEMP
2009-07-05 20:44:44 ----D---- C:\Windows\Tasks
2009-07-05 20:40:36 ----A---- C:\Windows\system32\bscs.ini
2009-07-05 19:07:51 ----D---- C:\Windows
2009-07-05 18:45:10 ----D---- C:\ProgramData\Google Updater
2009-07-02 20:52:50 ----D---- C:\Windows\system32\Tasks
2009-07-02 16:52:59 ----D---- C:\Program Files\Mozilla Firefox
2009-07-01 22:09:05 ----D---- C:\Windows\system32\drivers
2009-07-01 22:09:04 ----HD---- C:\ProgramData
2009-07-01 22:09:04 ----D---- C:\Program Files
2009-06-29 23:59:49 ----D---- C:\Windows\Debug
2009-06-29 23:21:12 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-06-28 23:41:19 ----A---- C:\Windows\win.ini
2009-06-28 23:41:18 ----D---- C:\Program Files\DB CIF Cam
2009-06-28 23:40:30 ----D---- C:\Program Files\Common Files\Logishrd
2009-06-28 23:40:23 ----D---- C:\Windows\system32\catroot
2009-06-28 23:39:44 ----D---- C:\Windows\system32\catroot2
2009-06-28 16:01:57 ----D---- C:\Users\brendan\AppData\Roaming\.oit
2009-06-28 14:35:50 ----D---- C:\ProgramData\FLEXnet
2009-06-28 11:58:14 ----D---- C:\Users\brendan\AppData\Roaming\Windows Home Server
2009-06-28 11:50:56 ----D---- C:\Windows\system32\Msdtc
2009-06-28 11:50:51 ----D---- C:\Windows\system32\wbem
2009-06-28 11:49:45 ----D---- C:\Windows\system32\config
2009-06-28 11:49:33 ----D---- C:\Windows\system32\spool
2009-06-28 11:49:32 ----SHD---- C:\Windows\Installer
2009-06-28 11:49:32 ----D---- C:\ProgramData\LogiShrd
2009-06-28 11:49:32 ----D---- C:\Program Files\Logitech
2009-06-28 11:49:31 ----D---- C:\Windows\registration
2009-06-28 11:41:41 ----SHD---- C:\System Volume Information
2009-06-28 10:11:36 ----D---- C:\Windows\pss
2009-06-27 22:37:13 ----D---- C:\Windows\Prefetch
2009-06-27 20:19:54 ----D---- C:\ProgramData\Logitech
2009-06-27 17:50:15 ----HD---- C:\Program Files\InstallShield Installation Information
2009-06-27 13:58:53 ----D---- C:\Users\brendan\AppData\Roaming\uTorrent
2009-06-27 12:45:45 ----RSD---- C:\Windows\assembly
2009-06-27 12:45:35 ----D---- C:\Program Files\Windows Home Server
2009-06-23 21:44:38 ----D---- C:\Windows\winsxs
2009-06-23 21:44:38 ----D---- C:\Program Files\Internet Explorer
2009-06-21 09:18:45 ----D---- C:\Users\brendan\AppData\Roaming\U3
2009-06-19 11:26:44 ----D---- C:\Windows\rescache
2009-06-19 11:19:02 ----D---- C:\Windows\system32\en-US
2009-06-14 12:02:01 ----D---- C:\Program Files\Google
2009-06-14 11:58:54 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-06-14 11:56:26 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-06-14 11:52:13 ----D---- C:\Users\brendan\AppData\Roaming\Vso
2009-06-14 11:52:11 ----D---- C:\Program Files\DVDFab 5
2009-06-14 11:39:27 ----D---- C:\ProgramData\iolo
2009-06-14 11:39:06 ----D---- C:\Windows\system32\RTCOM
2009-06-14 11:38:58 ----A---- C:\Windows\DIFxAPI.dll
2009-06-14 11:38:55 ----A---- C:\Windows\HideWin.exe
2009-06-14 11:18:48 ----RD---- C:\Users
2009-06-14 11:18:04 ----D---- C:\ProgramData\Dell
2009-06-14 11:18:04 ----D---- C:\Program Files\Common Files
2009-06-14 10:47:37 ----DC---- C:\Windows\system32\DRVSTORE
2009-06-14 10:45:14 ----D---- C:\Program Files\MultiStage Recovery
2009-06-14 08:44:47 ----D---- C:\Windows\Microsoft.NET
2009-06-14 08:44:37 ----D---- C:\Windows\ehome
2009-06-14 08:44:22 ----D---- C:\ProgramData\Microsoft Help
2009-06-13 18:33:36 ----D---- C:\Users\brendan\AppData\Roaming\ContentGuard
2009-06-10 03:13:45 ----D---- C:\Windows\system32\migration
2009-06-07 11:05:28 ----D---- C:\Program Files\Common Files\Apple
2009-06-07 11:04:50 ----D---- C:\Program Files\Bonjour
2009-06-07 11:03:51 ----D---- C:\ProgramData\Apple Computer
2009-06-06 23:39:12 ----A---- C:\Windows\system32\AutoPartNt.exe
2009-06-06 22:15:56 ----D---- C:\Program Files\Steam
2009-06-06 21:50:55 ----D---- C:\Program Files\Common Files\Steam
2009-06-06 14:25:36 ----D---- C:\Program Files\Buildalot

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2009-02-05 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2009-02-05 51376]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-07-23 30064]
R1 ElbyCDIO;ElbyCDIO Driver; C:\Windows\System32\Drivers\ElbyCDIO.sys [2009-02-17 24232]
R1 ElRawDisk;ElRawDisk; \??\C:\Windows\system32\drivers\elrawdsk.sys [2008-09-03 12800]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-05-14 9968]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-05-14 72944]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2009-02-05 51792]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\Drivers\DLABMFSM.SYS [2007-07-23 37360]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\Drivers\DLABOIOM.SYS [2007-07-23 32848]
R2 DLADResM;DLADResM; C:\Windows\System32\Drivers\DLADResM.SYS [2007-07-23 9104]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\Drivers\DLAIFS_M.SYS [2007-07-23 108752]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\Drivers\DLAOPIOM.SYS [2007-07-23 27216]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\Drivers\DLAPoolM.SYS [2007-07-23 16304]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\Drivers\DLAUDF_M.SYS [2007-07-23 98448]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\Drivers\DLAUDFAM.SYS [2007-07-23 93552]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-07-23 52000]
R2 Packet;Auto Internet Protocol; C:\Windows\system32\DRIVERS\packet.sys [2008-06-17 22016]
R2 tifsfilter;Acronis True Image FS Filter; C:\Windows\system32\DRIVERS\tifsfilt.sys [2009-05-24 44384]
R3 AnyDVD;AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [2009-06-11 104512]
R3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-12-10 223232]
R3 BrSerIf;Brother MFC Serial Port Interface WDM Driver; C:\Windows\System32\Drivers\BrSerIf.sys [2006-09-03 53248]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2008-01-21 14600]
R3 COMMONFX.SYS;COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [2008-06-27 99352]
R3 ctac32k;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2008-07-07 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2008-07-07 532376]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [2008-06-27 555032]
R3 ctprxy2k;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2008-07-07 14360]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [2008-06-27 566296]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2008-07-07 157208]
R3 e1express;Intel® PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2007-04-13 228224]
R3 emupia;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2008-07-07 92696]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2008-07-07 797720]
R3 hap16v2k;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2008-07-07 162840]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 IvtBtBUs;IVT Bluetooth Bus Service; C:\Windows\System32\Drivers\IvtBtBus.sys [2008-07-02 26248]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2008-12-18 35472]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2008-12-18 37392]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2008-07-26 25624]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-04-30 9850016]
R3 ossrv;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2008-07-07 127512]
R3 pcouffin;VSO Software pcouffin; C:\Windows\System32\Drivers\pcouffin.sys [2008-07-15 47360]
R3 PdiPorts;Portrait Displays low level device driver; C:\Windows\System32\Drivers\PdiPorts.sys [2006-11-16 15920]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-20 35328]
R3 VClone;VClone; C:\Windows\system32\DRIVERS\VClone.sys [2009-05-22 29696]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2008-07-02 29960]
S1 archlp;archlp; C:\Windows\system32\drivers\archlp.sys []
S3 AtiHdmiService;ATI Function Driver for HDMI Service; C:\Windows\system32\drivers\AtiHdmi.sys [2009-02-19 95760]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-03-16 4361216]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2008-07-02 38920]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-10 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-20 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-10 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-10 29696]
S3 btusbflt;Bluetooth USB Filter; C:\Windows\system32\drivers\btusbflt.sys []
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-02-05 79664]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-02-05 80688]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-05-07 16432]
S3 COMMONFX;COMMONFX; C:\Windows\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 CTAUDFX;CTAUDFX; C:\Windows\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\Windows\system32\drivers\ctdvda2k.sys [2008-07-07 347080]
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTERFXFX;CTERFXFX; C:\Windows\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTSBLFX;CTSBLFX; C:\Windows\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
S3 DFUBTUSB;WIDCOMM USB Bluetooth Driver in DFU State; C:\Windows\System32\Drivers\frmupgr.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 ENTECH;ENTECH; \??\C:\Windows\system32\DRIVERS\ENTECH.sys [2008-04-22 27672]
S3 epmntdrv;epmntdrv; \??\C:\Windows\system32\epmntdrv.sys [2009-02-25 9728]
S3 EuGdiDrv;EuGdiDrv; \??\C:\Windows\system32\EuGdiDrv.sys [2009-02-25 3072]
S3 hap17v2k;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2008-07-07 189464]
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-02-11 2302976]
S3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys []
S3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys []
S3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys []
S3 motccgp;Motorola USB Composite Device Driver; C:\Windows\system32\DRIVERS\motccgp.sys []
S3 motccgpfl;MotCcgpFlService; C:\Windows\system32\DRIVERS\motccgpfl.sys []
S3 MotDev;Motorola Inc. USB Device; C:\Windows\system32\DRIVERS\motodrv.sys [2007-10-10 42112]
S3 motmodem;Motorola USB CDC ACM Driver; C:\Windows\system32\DRIVERS\motmodem.sys [2007-06-18 23680]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys []
S3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS []
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-10 148992]
S3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-20 8192]
S3 RTHDMIAzAudService;Service for HDMI; C:\Windows\system32\drivers\RtHDMIV.sys [2008-02-27 141408]
S3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-05-14 7408]
S3 Ser2pl;Prolific2 Serial port driver; C:\Windows\system32\DRIVERS\ser2pl.sys [2005-11-04 48640]
S3 SQTECH905C;DB CIF Cam; C:\Windows\System32\Drivers\Capt905c.sys []
S3 TVICHW32;TVICHW32; \??\C:\Windows\system32\DRIVERS\TVICHW32.SYS [2009-01-13 23600]
S3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
S3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2008-01-21 14856]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2008-07-03 109056]
R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2008-04-09 431384]
R2 AERTFilters;Andrea RT Filters Service; C:\Windows\system32\AERTSrv.exe [2007-12-05 77824]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-03-16 180224]
R2 Apache2.2;Remote Access Media Server; C:\Program Files\Common Files\Dell\apache\bin\httpd.exe [2007-09-21 15872]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-05-29 144712]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 BcmSqlStartupSvc;Business Contact Manager SQL Server Startup Service; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-11 30312]
R2 BlueSoleilCS;BlueSoleilCS; C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [2008-11-11 775168]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BsMobileCS;BsMobileCS; C:\Program Files\IVT Corporation\BlueSoleil\BsMobileCS.exe [2008-08-01 143467]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 CISVC;@%systemroot%\system32\CISVC.EXE,-1; C:\Windows\system32\CISVC.EXE [2008-01-20 11264]
R2 dsl-db;Remote Access DB; C:\Program Files\Common Files\Dell\MySQL\bin\mysqld.exe [2007-09-14 5730304]
R2 dsl-fs-sync;Remote Access File Sync Service; C:\Program Files\Common Files\Dell\Remote Access File Sync Service\dsl_fs_sync.exe [2009-04-13 189680]
R2 DTSRVC;Portrait Displays Display Tune Service; C:\Program Files\Common Files\Portrait Displays\Shared\DTSRVC.exe [2008-07-14 69632]
R2 esClient;Windows Media Center Client Service; C:\Program Files\Windows Home Server\esClient.exe [2009-04-20 94064]
R2 hnmsvc;Advanced Networking Service; C:\Program Files\Common Files\Dell\Advanced Networking Service\hnm_svc.exe [2009-04-13 828656]
R2 LBTServ;Logitech Bluetooth Service; C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe [2009-02-19 121360]
R2 LVCOMSer;LVCOMSer; C:\Program Files\Common Files\LogiShrd\LVCOMSER\LVComSer.exe [2008-07-26 186904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-07-26 150040]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-05-01 211488]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-20 21504]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared files\RichVideo.exe [2007-10-15 243056]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-24 239968]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-24 87904]
R2 uvnc_service;UltraVNC Server; C:\ProgramData\UltraVNC\winvnc.exe [2008-08-31 1519168]
R2 UxTuneUp;@%SystemRoot%\System32\uxtuneup.dll,-4096; C:\Windows\System32\svchost.exe [2008-01-20 21504]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
R3 BsHelpCS;BsHelpCS; C:\Program Files\IVT Corporation\BlueSoleil\BsHelpCS.exe [2008-08-01 69735]
R3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-24 29263712]
S2 AcronisOSSReinstallSvc;Acronis OS Selector Reinstall Service; C:\Program Files\Common Files\Acronis\Acronis Disk Director\oss_reinstall_svc.exe [2007-02-22 2217416]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-23 183280]
S3 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-29 31048]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2008-09-06 85096]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-01-05 651720]
S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2008-12-01 33752]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-05-30 541992]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe [2008-06-24 537896]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 Steam Client Service;Steam Client Service; C:\Program Files\Common Files\Steam\SteamService.exe [2009-05-31 322032]
S4 Amazon Download Agent;Amazon Download Agent; C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2009-02-02 317440]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-24 45408]
S4 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864]
S4 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\Windows\system32\IoctlSvc.exe [2006-12-19 81920]
S4 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-07-11 69632]
S4 TryAndDecideService;Acronis Try And Decide Service; C:\Program Files\Common Files\Acronis\Fomatik\TrueImageTryStartService.exe [2008-04-09 492896]

-----------------EOF-----------------

BC AdBot (Login to Remove)

 


#2 schrauber

schrauber

    Mr.Mechanic


  • Malware Response Team
  • 24,794 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Munich,Germany
  • Local time:03:03 PM

Posted 14 July 2009 - 12:02 PM

Hello dohunky and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

If you have not done so, include a clear description of the problems you're having, along with any steps you may have performed so far.

Upon completing the steps below another staff member will review and take the steps necessary with you to get your machine back in working order clean and free of malware.

If you have already posted a DDS log, please do so again, as your situation may have changed.
Use the 'Add Reply' and add the new log to this thread.


Thanks and again sorry for the delay.

We need to see some information about what is happening in your machine. Please perform the following scan:
  • Download DDS by sUBs from one of the following links. Save it to your desktop.
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explaination about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control HERE
regards,
schrauber

Posted Image
Posted Image

If I've not posted back within 48 hrs., feel free to send a PM with your topic link. Thank you!

If I have helped you then please consider donating to continue the fight against malware Posted Image

#3 dohunky

dohunky
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:03 AM

Posted 14 July 2009 - 09:02 PM

Thanks for getting back to me. The CPU is at 100% so it takes 3-4 minutes to open one folder. The CPU has been at 100% for the past 3 weeks so I am unable to use it. Actions that might have triggered a change are trying to add remote access for my files or adding webcam surveillance software. Since the problem started I downloaded and installed a couple of spyware/ malware detection programs, ran them and they show no signs of infection. As requested a DDS log is attached.

Attached Files

  • Attached File  DDS.txt   16.49KB   3 downloads


#4 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:03 PM

Posted 16 July 2009 - 06:21 PM

Hi dohunky,

Welcome to Bleeping Computer. My name is m0le and I will be helping you with your log.
  • Please subscribe to this topic, if you haven't already.

  • Please avoid installing/uninstalling or updating any programs and attempting any unsupervised fixes or scans. This can make helping you impossible.

  • Please reply to this post so I know you are there.
The forum is busy and we need to have replies as soon as possible. If I haven't had a reply after 3 days I will bump the topic and if you do not reply by the following day after that then I will close the topic.

------------------------------------

This looks like we need to remove the Apache folder as it is running similtaneously a large amount of times incorrectly.

Use Windows Explorer to find and delete this folder:

C:\Program Files\Common Files\Dell\apache

As an example:
To delete C:\WINDOWS\badfile.dll
Double click the My Computer icon on your Desktop. Or click on the Windows KEY + E.
Double click on Local Disc (C:\)
Double click on the Windows folder,
Right click on badfile.dll and then from the menu that appears, click on Delete


Please reboot and let me know if the problem is still as it was.

Thanks :thumbup2:
Posted Image
m0le is a proud member of UNITE

#5 dohunky

dohunky
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:07:03 AM

Posted 17 July 2009 - 08:51 AM

Beautiful. So simple yet never would have figured it out.

Deleted folder and all is back to working order. Culprit was a Dell install program for remote access.

Thanks for much for your expert diagnosis. My computer thanks you too. I’ll definitely donate to help the cause. You others out there should do the same. There’s some quality info here.

#6 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:03 PM

Posted 17 July 2009 - 12:08 PM

You're welcome dohunky. I'm glad I could get your PC back to normal :thumbup2:

m0le
Posted Image
m0le is a proud member of UNITE

#7 m0le

m0le

    Can U Dig It?


  • Malware Response Team
  • 34,527 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:London, UK
  • Local time:02:03 PM

Posted 22 July 2009 - 03:28 PM

Since this issue appears to be resolved ... this topic has been closed. Glad we could help. :thumbup2:

If you're the topic starter, and need this topic reopened, please contact me via pm with the address of the thread.

Everyone else please begin a New Topic.
Posted Image
m0le is a proud member of UNITE




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users