Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Clunky And Slowing Computer


  • This topic is locked This topic is locked
2 replies to this topic

#1 gapartington

gapartington

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:11:57 AM

Posted 14 May 2007 - 11:09 AM

Hi I'm new here.
I read the thread on 'before posting hijackthis! logs, please read'.
The thing I notice with my system is that theres a bit more churning going on - now - immediately after applying a combofix, It ran quickly and smoothly, now
its clunky ad the cursor and toolbar boxes are delayed in opening. I thought it might be a conflict.
if i wiggle the cursor around it'll freeze briefly every few wiggles.
the only problem I may have is that I may have installed SP2 (I also installed RyanVM's upadate pack 2.1.9 - whilst I sill had malware, but this was when I knew no better.
now I know it can run much faster, I wold like some help in analysing this - attached is the combined logs from filelist, Hijackthis and Combofix
I would do a clean install if that helped since I'm running windows on its own disk, but it'd be nice to think i could nip it in the bud without that.
counterspy is often slow to initiate, and I tried to update definitions for AVG AntiSpyware 7.5 but it sayid it couldn't connect to server even though I was connected.
super antspyware showed nothing , vundo and ATF cleaner did their thing - no vundo problems.
did combofix , spyware scan and rootkit and av scan.
I'm not sure exactly what is wrong with it - its not massively slower than just after I did combofix the first time - but it does seem to get clunkier - its just that it does seem to be slower and clunkier.
I also removed all the older system restore points. - but could you have a look atthe logfile and suggest what might need doing.
if you need anymore information - I think i can fairly reliably remember what I opeed etc. I know process explorer had been showing lots of hardware interrupts before I installed sp2 and
there have also been problems on opening utorrent. Opera always seems o open from where it was rather than prompting for start with blank page etc. , aswell. I thought this may have been the firewall I use - since the ports might not be pening. and I'm not a whizzkid with talkative applications.
thanks for looking,

Ben
(combined HijackThis!, Filelist and Combofix Logs below)
------------------------------------------------------------------------------------------
HijackThis! Log

Logfile of HijackThis v1.99.1
Scan saved at 16:36:23, on 14/05/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
C:\Program Files\Comodo\Firewall\cmdagent.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe
C:\Program Files\Comodo\Firewall\CPF.exe
C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
C:\Program Files\hjt2001\HJT1991.exe

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O4 - HKLM\..\Run: [HGTXPEI] C:\WINDOWS\System32\FirstReboot.exe
O4 - HKLM\..\Run: [SoundFusion] RunDll32 hercplgs.cpl,BootEntryPoint
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Premium\avgnt.exe" /min
O4 - HKLM\..\Run: [COMODO Firewall Pro] "C:\Program Files\Comodo\Firewall\CPF.exe" /background
O4 - HKLM\..\Run: [SBCSTray] C:\Program Files\Sunbelt Software\CounterSpy\SBCSTray.exe
O4 - HKCU\..\Run: [Windows Firewall] C:\WINDOWS\System32\drivers\svchost.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O8 - Extra context menu item: Download All Links with IDM - C:\Program Files\Internet Download Manager\IEGetAll.htm
O8 - Extra context menu item: Download with IDM - C:\Program Files\Internet Download Manager\IEExt.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Broken Internet access because of LSP provider 'avsda.dll' missing
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O23 - Service: AntiVir PersonalEdition Premium MailGuard (AntiVirMailService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avmailc.exe
O23 - Service: AntiVir PersonalEdition Premium Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\sched.exe
O23 - Service: AntiVir PersonalEdition Premium Guard (AntiVirService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avguard.exe
O23 - Service: AntiVir PersonalEdition Premium MailGuard helper service (AVEService) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Premium\avesvc.exe
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C:\Program Files\Comodo\Firewall\cmdagent.exe
O23 - Service: Sunbelt CounterSpy Antispyware (SBCSSvc) - Sunbelt Software - C:\Program Files\Sunbelt Software\CounterSpy\SBCSSvc.exe


-------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------

filelist log

----- Root -----------------------------
Volume in drive C has no label.
Volume Serial Number is 2818-156A

Directory of C:\

14/05/2007 15:29 19,780 SBCSTray.log
14/05/2007 15:25 536,403,968 hiberfil.sys
14/05/2007 15:24 805,306,368 pagefile.sys
14/05/2007 15:21 54,213 ComboFix.txt
14/05/2007 15:21 130 ComboFix-quarantined-files.txt
13/05/2007 22:54 164 VundoFix.txt
13/05/2007 21:47 211 boot.ini
13/05/2007 16:40 89,198 ComboFix2.txt
09/05/2007 20:38 47,564 ntdetect.com
09/05/2007 20:38 250,032 ntldr
16/04/2007 13:24 0 AUTOEXEC.BAT
16/04/2007 13:24 0 MSDOS.SYS
16/04/2007 13:24 0 IO.SYS
16/04/2007 13:24 0 CONFIG.SYS
23/03/2007 03:07 2,478 filelist.bat
15 File(s) 1,342,174,106 bytes
0 Dir(s) 33,422,381,056 bytes free

----- System32 -------------------------
Volume in drive C has no label.
Volume Serial Number is 2818-156A

Directory of C:\WINDOWS\system32

14/05/2007 10:19 2,550 Uninstall.ico
14/05/2007 10:19 1,406 Help.ico
14/05/2007 10:19 30,590 pavas.ico
12/05/2007 23:17 95,072 FNTCACHE.DAT
12/05/2007 20:18 436,888 perfh009.dat
12/05/2007 20:18 70,590 perfc009.dat
12/05/2007 20:18 505,354 PerfStringBackup.INI
11/05/2007 11:16 26,112 infocardcpl.cpl
11/05/2007 11:16 83,968 infocardapi.dll
11/05/2007 11:16 572,176 icardres.dll.mui
11/05/2007 11:16 9,480 icardres.dll
11/05/2007 11:16 556,296 icardagt.exe
11/05/2007 10:58 32,768 netfxperf.dll
11/05/2007 10:58 74,240 mscories.dll
11/05/2007 10:58 150,016 mscorier.dll
11/05/2007 10:58 270,848 mscoree.dll
11/05/2007 10:58 83,456 dfshim.dll
10/05/2007 16:30 122,198 TZLog.log
10/05/2007 12:41 263 spupdwxp.log
10/05/2007 12:40 2,206 wpa.dbl
02/05/2007 02:00 0 SBFC.dat
02/05/2007 02:00 0 SBRC.dat
27/04/2007 21:45 14,970,328 MRT.exe
24/04/2007 13:52 4,027 jupdate-1.6.0_01-b06.log
19/04/2007 21:52 0 winsvcup.exe
19/04/2007 12:25 69,672 avsda.dll
16/04/2007 18:24 25,065 wmpscheme.xml
16/04/2007 14:11 0 h323log.txt
16/04/2007 13:35 261 $winnt$.inf
16/04/2007 13:24 2,577 CONFIG.NT
16/04/2007 13:24 16,832 amcompat.tlb
16/04/2007 13:24 23,392 nscompat.tlb
16/04/2007 13:21 488 WindowsLogon.manifest
16/04/2007 13:21 488 logonui.exe.manifest
16/04/2007 13:21 749 sapi.cpl.manifest
16/04/2007 13:21 749 wuaucpl.cpl.manifest
16/04/2007 13:21 749 cdplayer.exe.manifest
16/04/2007 13:21 749 nwc.cpl.manifest
16/04/2007 13:21 749 ncpa.cpl.manifest
16/04/2007 13:17 21,640 emptyregdb.dat
02/04/2007 14:21 428,032 swreg.exe

2044 File(s) 399,629,736 bytes
0 Dir(s) 33,422,254,080 bytes free

----- Prefetch -------------------------
Volume in drive C has no label.
Volume Serial Number is 2818-156A

Directory of C:\WINDOWS\Prefetch

14/05/2007 15:30 11,188 FIND.EXE-0EC32F1E.pf
14/05/2007 15:30 12,294 CMD.EXE-087B4001.pf
14/05/2007 15:29 13,800 SBCSTRAY.EXE-0D646526.pf
14/05/2007 15:29 48,114 COUNTERSPY.EXE-33357AC7.pf
14/05/2007 15:27 39,534 WMIPRVSE.EXE-28F301A9.pf
14/05/2007 15:27 29,458 ALG.EXE-0F138680.pf
14/05/2007 15:27 39,176 IMAPI.EXE-0BF740A4.pf
14/05/2007 15:26 39,720 WUAUCLT.EXE-399A8E72.pf
14/05/2007 15:26 31,334 AVMAILC.EXE-24371E76.pf
14/05/2007 15:26 479,916 NTOSBOOT-B00DFAAD.pf
14/05/2007 15:22 16,090 LOGONUI.EXE-0AF22957.pf
14/05/2007 15:21 14,896 NOTEPAD.EXE-336351A9.pf
14/05/2007 15:21 4,280 HANDLE.CFEXE-13427ED2.pf
14/05/2007 15:21 5,224 TREE.COM-0A9AA73A.pf
14/05/2007 15:21 11,042 SORT.EXE-194AE83C.pf
14/05/2007 15:21 40,110 13846.CFEXE-2A052970.pf
14/05/2007 15:20 8,420 NIRCMD.CFEXE-19FF4781.pf
14/05/2007 15:20 3,932 SED.CFEXE-268D7E58.pf
14/05/2007 15:20 3,622 CUT.CFEXE-05D0D161.pf
14/05/2007 15:20 8,758 SWREG.CFEXE-2BF4FFCD.pf
14/05/2007 15:20 21,474 FINDSTR.EXE-0CA6274B.pf
14/05/2007 15:20 63,006 EXPLORER.EXE-082F38A9.pf
14/05/2007 15:20 13,870 VERCLSID.EXE-3667BD89.pf
14/05/2007 15:19 4,928 VFIND.CFEXE-2033727F.pf
14/05/2007 15:18 5,236 CHCP.COM-18156052.pf
14/05/2007 15:18 10,448 REGT.CFEXE-15DB5DAE.pf
14/05/2007 15:18 3,446 REGBINDUMP.CFEXE-28A4A438.pf
14/05/2007 15:18 6,254 SWXCACLS.CFEXE-365F7973.pf
14/05/2007 15:18 6,774 SWSC.CFEXE-3B4FE4FE.pf
14/05/2007 15:18 5,798 DUMPHIVE.CFEXE-2ED3B134.pf
14/05/2007 15:17 2,890 VFIND.EXE-0CB9A64E.pf
14/05/2007 15:16 24,324 SBWSC.EXE-336DA1C5.pf
14/05/2007 15:16 3,940 MTEE.CFEXE-1E067BC7.pf
14/05/2007 15:14 10,998 ATTRIB.EXE-39EAFB02.pf
14/05/2007 15:13 19,314 SETPATH.CFEXE-034E3D26.pf
14/05/2007 15:13 8,524 SWREG.EXE-3560BE42.pf
14/05/2007 15:13 9,538 NIRCMD.EXE-00AD4ABC.pf
14/05/2007 15:13 36,500 CF2001.EXE-1887E1E5.pf
14/05/2007 15:11 31,178 SBCSSVC.EXE-3A1A70B0.pf
14/05/2007 15:11 5,736 SBCSSVCCONTROL.EXE-15E26E23.pf
14/05/2007 15:11 85,238 WINRAR.EXE-39C6DAD9.pf
14/05/2007 15:09 15,088 ABIWORD.EXE-02AADE0F.pf
14/05/2007 15:04 35,496 TU.EXE-0D0AD33C.pf
14/05/2007 14:54 55,064 HELPSVC.EXE-2878DDA2.pf
14/05/2007 12:21 41,640 UPDATE.EXE-10FF4240.pf
14/05/2007 12:21 13,724 PREUPD.EXE-32B4668B.pf
14/05/2007 12:21 28,058 STDIALUP.EXE-1583FB2A.pf
14/05/2007 12:12 42,822 MYUNINST.EXE-3A26CA49.pf
14/05/2007 12:09 77,174 AVGAS.EXE-27525987.pf
14/05/2007 12:08 64,512 PROCEXP.EXE-12E609F2.pf
14/05/2007 12:00 58,322 GUARD.EXE-0ED6BFA5.pf
14/05/2007 11:49 15,180 AU_.EXE-068F11E2.pf
14/05/2007 11:49 15,922 UNINSTALL.EXE-117BA7E2.pf
14/05/2007 11:41 35,600 CPF.EXE-0C6CB07E.pf
14/05/2007 11:41 34,464 AVGNT.EXE-15BDDFDF.pf
14/05/2007 11:41 12,556 CMDAGENT.EXE-3A3E4699.pf
14/05/2007 11:41 14,220 DRAGDIAG.EXE-0317E0C9.pf
14/05/2007 11:41 10,422 RUNDLL32.EXE-3D70F02D.pf
14/05/2007 11:41 3,360 FIRSTREBOOT.EXE-36F0883A.pf
14/05/2007 11:41 32,224 AVGUARD.EXE-289716A1.pf
14/05/2007 11:41 10,824 SPOOLSV.EXE-282F76A7.pf
14/05/2007 11:41 13,266 USERINIT.EXE-30B18140.pf
14/05/2007 11:41 31,476 SVCHOST.EXE-3530F672.pf
14/05/2007 11:22 232,388 Layout.ini
14/05/2007 10:30 21,042 BIT_CHE.EXE-0E527FEA.pf
14/05/2007 10:25 50,870 THEBAT.EXE-30F4781E.pf
14/05/2007 10:18 80,240 IEXPLORE.EXE-27122324.pf
14/05/2007 10:17 15,590 WINHLP32.EXE-2C18E975.pf
14/05/2007 10:16 21,858 AVNOTIFY.EXE-0D5E09CB.pf
14/05/2007 10:15 53,832 AVCONFIG.EXE-301BCBFD.pf
14/05/2007 10:10 53,504 AVCENTER.EXE-344F240A.pf
14/05/2007 10:08 61,594 OPERA.EXE-12085680.pf
14/05/2007 10:06 43,754 CPFUPDAT.EXE-18C6DFD4.pf
13/05/2007 21:56 36,492 FOOBAR2000.EXE-1007AE10.pf
13/05/2007 21:47 29,400 MSCONFIG.EXE-35E4DAE9.pf
13/05/2007 21:45 12,474 VUNDOFIX.EXE-06582D55.pf
13/05/2007 21:44 14,894 ATF-CLEANER.EXE-0F45099E.pf
13/05/2007 21:13 5,180 RUNDLL32.EXE-451FC2C0.pf
13/05/2007 21:12 35,468 BURN4FREE.EXE-240CEFF4.pf
13/05/2007 20:51 25,790 UTORRENT.EXE-0722F18C.pf
13/05/2007 20:35 17,728 RUNDLL32.EXE-2C7B5C4A.pf
13/05/2007 20:34 50,348 RUNDLL32.EXE-2905E326.pf
13/05/2007 20:32 11,314 RUNDLL32.EXE-3506F07E.pf
13/05/2007 19:52 11,574 RUNONCE.EXE-2803F297.pf
13/05/2007 19:52 18,796 REGSVR32.EXE-25EEFE2F.pf
13/05/2007 19:51 14,416 GUARDGUI.EXE-38F75FFF.pf
13/05/2007 19:39 2,718 CLEANMGR.EXE-1F86EA8E.pf
13/05/2007 19:18 48,136 AVSCAN.EXE-02D890D8.pf
13/05/2007 18:47 25,722 AUDITION.EXE-17D59690.pf
13/05/2007 16:52 18,290 RSTRUI.EXE-03C49A96.pf
13/05/2007 16:44 12,836 NOTEPAD.EXE-189578DA.pf
13/05/2007 16:43 19,226 HJT2001.EXE-21D80EAC.pf
13/05/2007 16:21 33,994 DRWTSN32.EXE-2B4B52AC.pf
13/05/2007 16:21 49,184 DWWIN.EXE-30875ADC.pf
12/05/2007 20:20 100,092 MSCORSVW.EXE-1BF30400.pf
95 File(s) 3,130,480 bytes
0 Dir(s) 33,422,270,464 bytes free

----- Windows --------------------------
Volume in drive C has no label.
Volume Serial Number is 2818-156A

Directory of C:\WINDOWS

14/05/2007 15:27 0 0.log
14/05/2007 15:25 1,921,994 WindowsUpdate.log
14/05/2007 15:25 2,048 bootstat.dat
14/05/2007 15:23 22,352 SchedLgU.Txt
13/05/2007 21:47 533 win.ini
13/05/2007 21:47 271 system.ini
13/05/2007 19:52 306,199 setupapi.log
13/05/2007 19:39 185,746 setupact.log
12/05/2007 23:14 1,448 COM+.log
11/05/2007 13:52 7,110 XpsEPSC.log
11/05/2007 13:49 1,382,490 iis6.log
11/05/2007 13:49 366,417 comsetup.log
11/05/2007 13:49 220,353 ntdtcsetup.log
11/05/2007 13:49 64,410 tabletoc.log
11/05/2007 13:49 1,374 imsins.log
11/05/2007 13:49 574,622 tsoc.log
11/05/2007 13:49 47,416 ocmsn.log
11/05/2007 13:49 12,418 KB925720.log
11/05/2007 13:49 219,390 netfxocm.log
11/05/2007 13:49 87,657 MedCtrOC.log
11/05/2007 13:49 613,919 ocgen.log
11/05/2007 13:49 62,146 msgsocm.log
11/05/2007 13:49 1,251,264 FaxSetup.log
11/05/2007 13:48 387,310 msmqinst.log
11/05/2007 10:56 1,374 imsins.BAK
10/05/2007 19:05 59,612 spupdsvc.log
10/05/2007 16:38 35,267 KB917734.log
10/05/2007 16:38 27,455 wmsetup.log
10/05/2007 16:37 24,247 KB931784.log
10/05/2007 16:35 22,139 KB929969.log
10/05/2007 16:34 12,368 KB925398.log
10/05/2007 16:34 22,266 KB923980.log
10/05/2007 16:33 19,511 KB924667.log
10/05/2007 16:32 24,254 KB900485.log
10/05/2007 16:32 21,945 KB924270.log
10/05/2007 16:32 80,199 updspapi.log
10/05/2007 16:31 20,099 KB931261.log
10/05/2007 16:31 30,880 KB931836.log
10/05/2007 16:30 19,557 KB887472.log
10/05/2007 16:29 11,890 KB923689.log
10/05/2007 16:28 20,135 KB925902.log
10/05/2007 16:27 19,078 KB926436.log
10/05/2007 16:27 22,036 KB920872.log
10/05/2007 16:26 18,701 KB930178.log
10/05/2007 16:25 9,196 KB922582.log
10/05/2007 16:25 17,298 KB918118.log
10/05/2007 16:24 16,478 KB926255.log
10/05/2007 16:23 15,893 KB920213.log
10/05/2007 16:23 6,716 KB886185.log
10/05/2007 16:23 15,845 KB916595.log
10/05/2007 16:22 16,200 KB930916.log
10/05/2007 16:22 16,550 KB923694.log
10/05/2007 16:20 20,524 KB928843.log
10/05/2007 15:37 23,421 KB927779.log
10/05/2007 15:36 20,202 KB927802.log
10/05/2007 15:36 20,848 KB928255.log
10/05/2007 15:34 17,177 KB931768.log
10/05/2007 15:31 17,066 KB932168.log
10/05/2007 12:42 592 DtcInstall.log
10/05/2007 12:42 316,640 WMSysPr9.prx
10/05/2007 12:42 1,178 OEWABLog.txt
10/05/2007 12:39 781,562 setuplog.txt
10/05/2007 12:33 790,148 svcpack.log
10/05/2007 11:47 255,600 KB924496.log
10/05/2007 11:43 269,741 KB924191.log
10/05/2007 11:39 266,587 KB923414.log
10/05/2007 11:35 236,542 KB923191.log
10/05/2007 11:31 280,970 KB922819.log
10/05/2007 11:27 261,665 KB922616.log
10/05/2007 11:23 263,971 KB921883.log
10/05/2007 11:19 256,179 KB921398.log
10/05/2007 11:14 262,362 KB920685.log
10/05/2007 11:10 217,499 KB920683.log
10/05/2007 11:06 242,349 KB920670.log
10/05/2007 11:02 241,973 KB919007.log
10/05/2007 10:58 232,895 KB917953.log
10/05/2007 10:55 228,365 KB917422.log
10/05/2007 10:51 231,272 KB917344.log
10/05/2007 10:46 215,720 KB914389.log
10/05/2007 10:43 412,066 KB913580.log
10/05/2007 10:39 422,241 KB912919.log
10/05/2007 10:35 460,998 KB911927.log
10/05/2007 10:31 449,141 KB911562.log
10/05/2007 10:27 458,045 KB911280.log
10/05/2007 10:23 439,858 KB910437.log
10/05/2007 10:19 415,241 KB908531.log
10/05/2007 10:14 407,178 KB908519.log
10/05/2007 10:11 411,991 KB905749.log
10/05/2007 10:07 426,405 KB905414.log
10/05/2007 10:03 421,078 KB904706.log
10/05/2007 09:59 457,356 KB902400.log
10/05/2007 09:55 422,852 KB901214.log
10/05/2007 09:51 453,790 KB901017.log
10/05/2007 09:47 428,480 KB900725.log
10/05/2007 09:43 455,293 KB899591.log
10/05/2007 09:39 433,293 KB899589.log
10/05/2007 09:35 460,670 KB899587.log
10/05/2007 09:31 406,780 KB896428.log
10/05/2007 09:28 457,125 KB896424.log
10/05/2007 09:23 444,482 KB896423.log
10/05/2007 09:20 445,502 KB896358.log
10/05/2007 09:16 457,119 KB893756.log
10/05/2007 09:12 431,398 KB891781.log
10/05/2007 09:08 411,773 KB890859.log
10/05/2007 09:04 437,106 KB890046.log
10/05/2007 09:00 416,319 KB888302.log
10/05/2007 08:56 454,186 KB885836.log
10/05/2007 08:53 458,610 KB885835.log
10/05/2007 08:48 437,705 KB873339.log
10/05/2007 08:43 373 cmsetacl.log
10/05/2007 08:42 1,536 sessmgr.setup.log
10/05/2007 08:10 241,087 KB914388.log
09/05/2007 18:04 85,222 spslpsrm.log
07/05/2007 11:40 1,409 QTFont.for
07/05/2007 11:40 54,156 QTFont.qfn
05/05/2007 18:32 3,480 ModemLog_Best Data Data Fax Modem.txt
05/05/2007 03:39 794,948 ntbtlog.txt
01/05/2007 11:34 71 dsez6672.dat
01/05/2007 10:26 48 wiaservc.log
01/05/2007 10:26 159 wiadebug.log
27/04/2007 00:34 287,630 DirectX.log
27/04/2007 00:17 1,046,820 setupapi.log.0.old
21/04/2007 03:52 86,528 catchme.exe
19/04/2007 12:15 8,095 Q817287.log
17/04/2007 21:21 12,398 KB901190.log
17/04/2007 10:47 19,566 dahotfix.log
17/04/2007 10:47 12,276 xpsp1hfm.log
17/04/2007 10:47 35,761 KB840374.log
17/04/2007 10:45 30,398 KB823182.log
17/04/2007 10:43 25,178 KB839645.log
17/04/2007 10:42 20,307 KB839643.log
17/04/2007 10:41 22,803 Q329834.log
17/04/2007 10:41 29,443 KB823559.log
17/04/2007 10:40 22,332 Q329048.log
17/04/2007 10:40 24,633 KB828035.log
17/04/2007 10:38 26,396 KB840987.log
17/04/2007 10:37 23,924 KB837001.log
17/04/2007 10:34 21,270 KB833987.log
17/04/2007 10:33 24,155 Q810833.log
17/04/2007 10:32 19,772 Q828026.log
17/04/2007 10:30 20,452 KB873376.log
17/04/2007 10:29 20,041 Q811630.log
17/04/2007 10:28 18,150 KB841356.log
17/04/2007 10:27 20,371 KB824105.log
17/04/2007 10:25 17,943 Q814033.log
17/04/2007 10:24 16,331 KB841533.log
17/04/2007 10:23 15,631 Q810565.log
17/04/2007 10:21 13,452 Q815021.log
17/04/2007 10:20 12,701 Q329441.log
17/04/2007 10:19 12,218 Q817606.log
17/04/2007 10:18 9,624 Q329170.log
17/04/2007 10:16 2,881 Q329115.log
17/04/2007 10:16 2,523 Q329390.log
17/04/2007 10:16 1,908 Q323255.log
17/04/2007 10:16 10,068 KB841873.log
16/04/2007 22:34 64,121 KB835732.log
16/04/2007 22:09 48,081 KB914798.log
16/04/2007 22:05 43,626 KB925486-IE6SP1-20060918.120000.log
16/04/2007 22:01 43,722 KB918439-IE6SP1-20060530.145346.log
16/04/2007 21:56 50,691 KB905495.log
16/04/2007 21:54 44,376 KB911564.log
16/04/2007 21:28 29,675 KB892944.log
16/04/2007 21:21 19,723 KB918899-IE6SP1-20060725.123917.log
16/04/2007 21:18 15,650 KB911567-OE6SP1-20060316.165634.log
16/04/2007 21:09 16,492 KB835409.log
16/04/2007 19:50 7,295 KB842773.log
16/04/2007 19:49 7,821 KB893803v2.log
16/04/2007 19:47 8,490 KB898461.log
16/04/2007 18:34 558 Windows Update.log
16/04/2007 14:08 2,148 regopt.log
16/04/2007 14:03 0 Sti_Trace.log
16/04/2007 13:57 0 setuperr.log
16/04/2007 13:37 8,192 REGLOCS.OLD
16/04/2007 13:24 0 control.ini
16/04/2007 13:24 299,552 WMSysPrx.prx
16/04/2007 13:24 4,161 ODBCINST.INI
16/04/2007 13:21 749 WindowsShell.Manifest
16/04/2007 13:16 36 vb.ini
16/04/2007 13:16 37 vbaddin.ini

216 File(s) 35,345,565 bytes
0 Dir(s) 33,422,262,272 bytes free

----- Tasks ----------------------------
Volume in drive C has no label.
Volume Serial Number is 2818-156A

Directory of C:\WINDOWS\tasks

14/05/2007 15:25 6 SA.DAT
11/07/2003 03:30 65 desktop.ini
2 File(s) 71 bytes
0 Dir(s) 33,422,266,368 bytes free

----- Wintemp --------------------------
Volume in drive C has no label.
Volume Serial Number is 2818-156A

Directory of C:\WINDOWS\temp

14/05/2007 15:23 0 etilqs_5K7IGBe1wpXCd6Q
1 File(s) 0 bytes
0 Dir(s) 33,422,266,368 bytes free

----- Temp -----------------------------
Volume in drive C has no label.
Volume Serial Number is 2818-156A

Directory of C:\DOCUME~1\Ben\LOCALS~1\Temp

14/05/2007 15:30 118,771 filelist.txt
14/05/2007 15:26 131,072 ~DF7A03.tmp
14/05/2007 11:54 131,072 ~DF63FD.tmp
3 File(s) 380,915 bytes
0 Dir(s) 33,422,262,272 bytes free

-------------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------------

Combofix Log

"Ben" - 2007-05-14 15:14:08 Service Pack 2
ComboFix 07-05.13.V - Running from: "C:\Documents and Settings\Ben\Desktop\"


((((((((((((((((((((((((((((((( Files Created from 2007-04-05 to 2007-05-14 ))))))))))))))))))))))))))))))))))


2007-05-14 12:19 <DIR> d-------- C:\Program Files\SUPERAntiSpyware
2007-05-14 12:19 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\SUPERAntiSpyware.com
2007-05-14 10:17 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\Help
2007-05-13 21:45 <DIR> d-------- C:\VundoFix Backups
2007-05-13 19:50 <DIR> d-------- C:\WINDOWS\system32\ActiveScan
2007-05-13 16:25 49,152 --a------ C:\WINDOWS\nircmd.exe
2007-05-13 15:16 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\Nvu
2007-05-13 14:51 <DIR> d-------- C:\Program Files\Nvu
2007-05-13 14:36 <DIR> d-------- C:\Program Files\FileZilla
2007-05-13 12:01 2,478 --a------ C:\filelist.bat
2007-05-13 11:31 <DIR> d-------- C:\Program Files\hjt2001
2007-05-12 20:17 <DIR> d-------- C:\WINDOWS\system32\URTTEMP
2007-05-11 11:40 <DIR> d-------- C:\Program Files\MSBuild
2007-05-11 11:20 <DIR> d-------- C:\WINDOWS\system32\XPSViewer
2007-05-11 11:16 9,480 --a------ C:\WINDOWS\system32\icardres.dll
2007-05-11 11:16 83,968 --a------ C:\WINDOWS\system32\infocardapi.dll
2007-05-11 11:16 556,296 --a------ C:\WINDOWS\system32\icardagt.exe
2007-05-11 11:16 <DIR> d-------- C:\Program Files\Reference Assemblies
2007-05-11 11:14 14,048 --------- C:\WINDOWS\system32\spmsg2.dll
2007-05-11 11:13 583,504 --------- C:\WINDOWS\system32\XPSSHHDR.dll
2007-05-11 11:13 124,928 --------- C:\WINDOWS\system32\prntvpt.dll
2007-05-11 11:13 1,683,280 --------- C:\WINDOWS\system32\XpsSvcs.dll
2007-05-11 10:58 83,456 --a------ C:\WINDOWS\system32\dfshim.dll
2007-05-11 10:58 74,240 --a------ C:\WINDOWS\system32\mscories.dll
2007-05-11 10:58 32,768 --a------ C:\WINDOWS\system32\netfxperf.dll
2007-05-11 10:58 270,848 --a------ C:\WINDOWS\system32\mscoree.dll
2007-05-11 10:58 150,016 --a------ C:\WINDOWS\system32\mscorier.dll
2007-05-11 10:54 716,288 --------- C:\WINDOWS\system32\WindowsCodecs.dll
2007-05-11 10:54 412,160 --------- C:\WINDOWS\system32\photometadatahandler.dll
2007-05-11 10:54 352,256 --------- C:\WINDOWS\system32\WindowsCodecsExt.dll
2007-05-11 10:54 276,992 --------- C:\WINDOWS\system32\WMPhoto.dll
2007-05-11 10:54 <DIR> d-------- C:\Program Files\MSXML 6.0
2007-05-10 12:37 <DIR> d-------- C:\WINDOWS\Prefetch
2007-05-09 21:14 9,728 --------- C:\WINDOWS\system32\rwnh.dll
2007-05-09 21:14 9,728 --------- C:\WINDOWS\system32\comsdupd.exe
2007-05-09 21:14 63,663 --------- C:\WINDOWS\system32\drivers\ati1rvxx.sys
2007-05-09 21:14 56,623 --------- C:\WINDOWS\system32\drivers\ati1btxx.sys
2007-05-09 21:14 44,928 --------- C:\WINDOWS\system32\drivers\agpcpq.sys
2007-05-09 21:14 42,752 --------- C:\WINDOWS\system32\drivers\alim1541.sys
2007-05-09 21:14 42,368 --------- C:\WINDOWS\system32\drivers\agp440.sys
2007-05-09 21:14 40,832 --------- C:\WINDOWS\system32\drivers\irbus.sys
2007-05-09 21:14 4,255 --------- C:\WINDOWS\system32\drivers\adv01nt5.dll
2007-05-09 21:14 30,671 --------- C:\WINDOWS\system32\drivers\ati1raxx.sys
2007-05-09 21:14 3,967 --------- C:\WINDOWS\system32\drivers\adv02nt5.dll
2007-05-09 21:14 3,775 --------- C:\WINDOWS\system32\drivers\adv11nt5.dll
2007-05-09 21:14 3,711 --------- C:\WINDOWS\system32\drivers\adv09nt5.dll
2007-05-09 21:14 3,647 --------- C:\WINDOWS\system32\drivers\adv07nt5.dll
2007-05-09 21:14 3,615 --------- C:\WINDOWS\system32\drivers\adv05nt5.dll
2007-05-09 21:14 3,135 --------- C:\WINDOWS\system32\drivers\adv08nt5.dll
2007-05-09 21:14 26,367 --------- C:\WINDOWS\system32\drivers\ati1snxx.sys
2007-05-09 21:14 12,047 --------- C:\WINDOWS\system32\drivers\ati1pdxx.sys
2007-05-09 21:14 11,615 --------- C:\WINDOWS\system32\drivers\ati1mdxx.sys
2007-05-09 21:14 10,752 --------- C:\WINDOWS\system32\smtpapi.dll
2007-05-09 21:13 95,424 --------- C:\WINDOWS\system32\drivers\slnthal.sys
2007-05-09 21:13 870,784 --------- C:\WINDOWS\system32\ati3d1ag.dll
2007-05-09 21:13 86,016 --------- C:\WINDOWS\system32\mdmxsdk.dll
2007-05-09 21:13 81,920 --------- C:\WINDOWS\system32\ieencode.dll
2007-05-09 21:13 78,464 --------- C:\WINDOWS\system32\drivers\usbvideo.sys
2007-05-09 21:13 755,200 --------- C:\WINDOWS\system32\ir50_32.dll
2007-05-09 21:13 73,216 --------- C:\WINDOWS\system32\drivers\atintuxx.sys
2007-05-09 21:13 71,680 --------- C:\WINDOWS\system32\blastcln.exe
2007-05-09 21:13 701,440 --------- C:\WINDOWS\system32\drivers\ati2mtag.sys
2007-05-09 21:13 7,680 --------- C:\WINDOWS\system32\kbdsmsno.dll
2007-05-09 21:13 7,680 --------- C:\WINDOWS\system32\kbdsmsfi.dll
2007-05-09 21:13 7,168 --------- C:\WINDOWS\system32\kbdukx.dll
2007-05-09 21:13 7,168 --------- C:\WINDOWS\system32\kbdno1.dll
2007-05-09 21:13 7,168 --------- C:\WINDOWS\system32\kbdfi1.dll
2007-05-09 21:13 685,056 --------- C:\WINDOWS\system32\drivers\hsfcxts2.sys
2007-05-09 21:13 67,584 --------- C:\WINDOWS\system32\drivers\sdbus.sys
2007-05-09 21:13 63,488 --------- C:\WINDOWS\system32\drivers\atinxsxx.sys
2007-05-09 21:13 60,416 --------- C:\WINDOWS\system32\fwcfg.dll
2007-05-09 21:13 6,656 --------- C:\WINDOWS\system32\kbdinmal.dll
2007-05-09 21:13 6,656 --------- C:\WINDOWS\system32\kbdinben.dll
2007-05-09 21:13 6,144 --------- C:\WINDOWS\system32\kbdmlt48.dll
2007-05-09 21:13 6,144 --------- C:\WINDOWS\system32\kbdmlt47.dll
2007-05-09 21:13 6,144 --------- C:\WINDOWS\system32\kbdinbe1.dll
2007-05-09 21:13 6,016 --------- C:\WINDOWS\system32\drivers\smbali.sys
2007-05-09 21:13 59,648 --------- C:\WINDOWS\system32\drivers\rfcomm.sys
2007-05-09 21:13 57,856 --------- C:\WINDOWS\system32\drivers\atinbtxx.sys
2007-05-09 21:13 52,224 --------- C:\WINDOWS\system32\mspmsnsv.dll
2007-05-09 21:13 52,224 --------- C:\WINDOWS\system32\drivers\atinraxx.sys
2007-05-09 21:13 516,768 --------- C:\WINDOWS\system32\ativvaxx.dll
2007-05-09 21:13 50,688 --------- C:\WINDOWS\system32\btpanui.dll
2007-05-09 21:13 5,632 --------- C:\WINDOWS\system32\kbdmaori.dll
2007-05-09 21:13 46,464 --------- C:\WINDOWS\system32\drivers\gagp30kx.sys
2007-05-09 21:13 452,736 --------- C:\WINDOWS\system32\drivers\mtxparhm.sys
2007-05-09 21:13 44,672 --------- C:\WINDOWS\system32\drivers\uagp35.sys
2007-05-09 21:13 42,240 --------- C:\WINDOWS\system32\drivers\viaagp.sys
2007-05-09 21:13 41,088 --------- C:\WINDOWS\system32\drivers\sisagp.sys
2007-05-09 21:13 404,990 --------- C:\WINDOWS\system32\drivers\slntamr.sys
2007-05-09 21:13 38,016 --------- C:\WINDOWS\system32\drivers\bthmodem.sys
2007-05-09 21:13 377,984 --------- C:\WINDOWS\system32\ati2dvaa.dll
2007-05-09 21:13 36,463 --------- C:\WINDOWS\system32\drivers\ati1tuxx.sys
2007-05-09 21:13 36,096 --------- C:\WINDOWS\system32\drivers\intelppm.sys
2007-05-09 21:13 35,456 --------- C:\WINDOWS\system32\drivers\bthprint.sys
2007-05-09 21:13 34,735 --------- C:\WINDOWS\system32\drivers\ati1xsxx.sys
2007-05-09 21:13 338,432 --------- C:\WINDOWS\system32\ir41_qcx.dll
2007-05-09 21:13 327,040 --------- C:\WINDOWS\system32\drivers\ati2mtaa.sys
2007-05-09 21:13 32,768 --------- C:\WINDOWS\system32\ativtmxx.dll
2007-05-09 21:13 32,285 --------- C:\WINDOWS\system32\hsfcisp2.dll
2007-05-09 21:13 31,744 --------- C:\WINDOWS\system32\drivers\atinxbxx.sys
2007-05-09 21:13 30,208 --------- C:\WINDOWS\system32\bthserv.dll
2007-05-09 21:13 30,080 --------- C:\WINDOWS\system32\drivers\rndismpx.sys
2007-05-09 21:13 3,901 --------- C:\WINDOWS\system32\drivers\siint5.dll
2007-05-09 21:13 29,455 --------- C:\WINDOWS\system32\drivers\ati1xbxx.sys
2007-05-09 21:13 29,056 --------- C:\WINDOWS\system32\drivers\ip6fw.sys
2007-05-09 21:13 28,672 --------- C:\WINDOWS\system32\drivers\atinsnxx.sys
2007-05-09 21:13 274,304 --------- C:\WINDOWS\system32\drivers\bthport.sys
2007-05-09 21:13 262,784 --------- C:\WINDOWS\system32\drivers\http.sys
2007-05-09 21:13 25,600 --------- C:\WINDOWS\system32\drivers\hidbth.sys
2007-05-09 21:13 25,471 --------- C:\WINDOWS\system32\drivers\watv10nt.sys
2007-05-09 21:13 25,471 --------- C:\WINDOWS\system32\drivers\atv04nt5.dll
2007-05-09 21:13 24,576 --------- C:\WINDOWS\system32\httpapi.dll
2007-05-09 21:13 23,040 --a------ C:\WINDOWS\system32\fltmc.exe
2007-05-09 21:13 229,376 --------- C:\WINDOWS\system32\ati2cqag.dll
2007-05-09 21:13 220,032 --------- C:\WINDOWS\system32\drivers\hsfbs2s2.sys
2007-05-09 21:13 22,271 --------- C:\WINDOWS\system32\drivers\watv06nt.sys
2007-05-09 21:13 21,343 --------- C:\WINDOWS\system32\drivers\ati1ttxx.sys
2007-05-09 21:13 21,183 --------- C:\WINDOWS\system32\drivers\atv01nt5.dll
2007-05-09 21:13 201,728 --------- C:\WINDOWS\system32\ati2dvag.dll
2007-05-09 21:13 200,192 --------- C:\WINDOWS\system32\ir50_qc.dll
2007-05-09 21:13 20,992 --------- C:\WINDOWS\system32\bthci.dll
2007-05-09 21:13 193,024 --------- C:\WINDOWS\system32\fsquirt.exe
2007-05-09 21:13 183,808 --------- C:\WINDOWS\system32\ir50_qcx.dll
2007-05-09 21:13 180,360 --------- C:\WINDOWS\system32\drivers\ntmtlfax.sys
2007-05-09 21:13 18,944 --------- C:\WINDOWS\system32\drivers\bthusb.sys
2007-05-09 21:13 17,279 --------- C:\WINDOWS\system32\drivers\atv10nt5.dll
2007-05-09 21:13 17,024 --------- C:\WINDOWS\system32\drivers\bthenum.sys
2007-05-09 21:13 166,912 --------- C:\WINDOWS\system32\drivers\s3gnbm.sys
2007-05-09 21:13 16,896 --a------ C:\WINDOWS\system32\fltlib.dll
2007-05-09 21:13 15,488 --------- C:\WINDOWS\system32\drivers\mssmbios.sys
2007-05-09 21:13 15,423 --------- C:\WINDOWS\system32\drivers\ch7xxnt5.dll
2007-05-09 21:13 15,104 --------- C:\WINDOWS\system32\drivers\hidir.sys
2007-05-09 21:13 14,336 --------- C:\WINDOWS\system32\drivers\atinpdxx.sys
2007-05-09 21:13 14,336 --------- C:\WINDOWS\system32\auditusr.exe
2007-05-09 21:13 14,143 --------- C:\WINDOWS\system32\drivers\atv06nt5.dll
2007-05-09 21:13 13,824 --------- C:\WINDOWS\system32\drivers\atinttxx.sys
2007-05-09 21:13 13,824 --------- C:\WINDOWS\system32\drivers\atinmdxx.sys
2007-05-09 21:13 13,824 --------- C:\WINDOWS\system32\cmsetacl.dll
2007-05-09 21:13 13,776 --------- C:\WINDOWS\system32\drivers\recagent.sys
2007-05-09 21:13 13,568 --------- C:\WINDOWS\system32\drivers\wacompen.sys
2007-05-09 21:13 13,240 --------- C:\WINDOWS\system32\drivers\slwdmsup.sys
2007-05-09 21:13 129,535 --------- C:\WINDOWS\system32\drivers\slnt7554.sys
2007-05-09 21:13 128,896 --------- C:\WINDOWS\system32\drivers\fltmgr.sys
2007-05-09 21:13 126,686 --------- C:\WINDOWS\system32\drivers\mtlmnt5.sys
2007-05-09 21:13 120,320 --------- C:\WINDOWS\system32\ir41_qc.dll
2007-05-09 21:13 12,672 --------- C:\WINDOWS\system32\drivers\usb8023x.sys
2007-05-09 21:13 12,672 --------- C:\WINDOWS\system32\drivers\mutohpen.sys
2007-05-09 21:13 118,784 --------- C:\WINDOWS\system32\msdadiag.dll
2007-05-09 21:13 11,935 --------- C:\WINDOWS\system32\drivers\wadv11nt.sys
2007-05-09 21:13 11,871 --------- C:\WINDOWS\system32\drivers\wadv09nt.sys
2007-05-09 21:13 11,868 --------- C:\WINDOWS\system32\drivers\mdmxsdk.sys
2007-05-09 21:13 11,807 --------- C:\WINDOWS\system32\drivers\wadv07nt.sys
2007-05-09 21:13 11,359 --------- C:\WINDOWS\system32\drivers\atv02nt5.dll
2007-05-09 21:13 11,325 --------- C:\WINDOWS\system32\drivers\vchnt5.dll
2007-05-09 21:13 11,295 --------- C:\WINDOWS\system32\drivers\wadv08nt.sys
2007-05-09 21:13 11,136 --------- C:\WINDOWS\system32\drivers\sffdisk.sys
2007-05-09 21:13 104,960 --------- C:\WINDOWS\system32\drivers\atinrvxx.sys
2007-05-09 21:13 100,992 --------- C:\WINDOWS\system32\drivers\bthpan.sys
2007-05-09 21:13 10,240 --------- C:\WINDOWS\system32\drivers\sffp_sd.sys
2007-05-09 21:13 1,888,992 --------- C:\WINDOWS\system32\ati3duag.dll
2007-05-09 21:13 1,737,856 --------- C:\WINDOWS\system32\mtxparhd.dll
2007-05-09 21:13 1,309,184 --------- C:\WINDOWS\system32\drivers\mtlstrm.sys
2007-05-09 21:13 1,041,536 --------- C:\WINDOWS\system32\drivers\hsfdpsp2.sys
2007-05-09 21:12 88,064 --------- C:\WINDOWS\system32\p2pnetsh.dll
2007-05-09 21:12 86,016 --------- C:\WINDOWS\system32\p2pgasvc.dll
2007-05-09 21:12 81,408 --------- C:\WINDOWS\system32\wscsvc.dll
2007-05-09 21:12 8,192 --------- C:\WINDOWS\system32\smbinst.exe
2007-05-09 21:12 75,776 --------- C:\WINDOWS\system32\strmfilt.dll
2007-05-09 21:12 73,832 --------- C:\WINDOWS\system32\slcoinst.dll
2007-05-09 21:12 73,796 --------- C:\WINDOWS\system32\slserv.exe
2007-05-09 21:12 526,848 --------- C:\WINDOWS\system32\p2psvc.dll
2007-05-09 21:12 50,176 --------- C:\WINDOWS\system32\xmlprovi.dll
2007-05-09 21:12 49,152 --------- C:\WINDOWS\system32\powercfg.exe
2007-05-09 21:12 48,640 --------- C:\WINDOWS\system32\pnrpnsp.dll
2007-05-09 21:12 44,032 --------- C:\WINDOWS\system32\twext.dll
2007-05-09 21:12 397,056 --------- C:\WINDOWS\system32\s3gnb.dll
2007-05-09 21:12 32,866 --------- C:\WINDOWS\system32\slrundll.exe
2007-05-09 21:12 32,866 --------- C:\WINDOWS\slrundll.exe
2007-05-09 21:12 312,320 --------- C:\WINDOWS\system32\p2pgraph.dll
2007-05-09 21:12 29,184 --------- C:\WINDOWS\system32\sdhcinst.dll
2007-05-09 21:12 286,792 --------- C:\WINDOWS\system32\slextspk.dll
2007-05-09 21:12 233,472 --------- C:\WINDOWS\system32\wmpdxm.dll
2007-05-09 21:12 188,508 --------- C:\WINDOWS\system32\slgen.dll
2007-05-09 21:12 17,408 --------- C:\WINDOWS\system32\winshfhc.dll
2007-05-09 21:12 168,448 --------- C:\WINDOWS\system32\wmerror.dll
2007-05-09 21:12 15,872 --------- C:\WINDOWS\system32\w3ssl.dll
2007-05-09 21:12 13,824 --------- C:\WINDOWS\system32\wscntfy.exe
2007-05-09 21:12 129,536 --------- C:\WINDOWS\system32\xmlprov.dll
2007-05-09 21:12 116,224 --------- C:\WINDOWS\system32\p2p.dll
2007-05-09 21:12 114,688 --------- C:\WINDOWS\system32\wmpasf.dll
2007-05-09 21:12 108,032 --------- C:\WINDOWS\system32\wshbth.dll
2007-05-09 21:12 <DIR> d-------- C:\WINDOWS\peernet
2007-05-09 21:11 <DIR> d-------- C:\WINDOWS\provisioning
2007-05-09 20:55 218,624 --a------ C:\WINDOWS\system32\uxtheme.dll
2007-05-09 20:54 <DIR> d-------- C:\WINDOWS\ServicePackFiles
2007-05-09 19:59 <DIR> d-------- C:\WINDOWS\EHome
2007-05-09 17:17 <DIR> d-------- C:\Program Files\Smart Projects
2007-05-08 23:29 <DIR> d-------- C:\sp2
2007-05-07 15:53 <DIR> d-------- C:\Program Files\MagicISO
2007-05-07 14:40 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\n-Track Studio5
2007-05-04 12:13 <DIR> d-------- C:\Program Files\MP3 Audio Converter
2007-05-04 12:02 <DIR> d-------- C:\Program Files\[bleep] NFO Viewer
2007-05-02 21:24 <DIR> d-------- C:\DOCUME~1\Ben\AbiSuite
2007-05-02 21:22 <DIR> d-------- C:\Program Files\AbiSuite2
2007-05-02 18:35 <DIR> d-------- C:\WINDOWS\Downloaded Installations
2007-05-02 11:58 <DIR> d-------- C:\Program Files\WinFF
2007-05-02 11:48 <DIR> d-------- C:\Program Files\PhotoFiltre Studio
2007-05-02 11:44 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Martau
2007-05-02 11:43 <DIR> d-------- C:\Program Files\Total Uninstall 3
2007-05-02 02:00 0 --a------ C:\WINDOWS\system32\SBRC.dat
2007-05-02 02:00 0 --a------ C:\WINDOWS\system32\SBFC.dat
2007-04-28 19:17 <DIR> d-------- C:\Program Files\Internet Download Manager
2007-04-28 19:17 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\IDM
2007-04-28 19:03 144,198 --a------ C:\DOCUME~1\ALLUSE~1\APPLIC~1\mainlsp.reg.dat
2007-04-28 14:26 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\DMCache
2007-04-28 11:38 <DIR> d-------- C:\WINDOWS\pss
2007-04-28 00:31 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\DivX
2007-04-28 00:18 36,624 --------- C:\WINDOWS\system32\drivers\PxHelp20.sys
2007-04-28 00:18 2,560 --------- C:\WINDOWS\system32\drivers\cdralw2k.sys
2007-04-28 00:18 2,432 --------- C:\WINDOWS\system32\drivers\cdr4_xp.sys
2007-04-28 00:18 118,520 --------- C:\WINDOWS\system32\pxinsi64.exe
2007-04-28 00:18 116,472 --------- C:\WINDOWS\system32\pxcpyi64.exe
2007-04-28 00:17 129,784 --------- C:\WINDOWS\system32\pxafs.dll
2007-04-27 18:47 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Apple Computer
2007-04-27 18:46 499,712 --a------ C:\WINDOWS\system32\msvcp71.dll
2007-04-27 18:46 348,160 --a------ C:\WINDOWS\system32\msvcr71.dll
2007-04-27 18:46 <DIR> d-------- C:\Program Files\QuickTime Alternative
2007-04-27 18:26 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\Media Player Classic
2007-04-27 18:23 <DIR> d-------- C:\Program Files\Real Alternative
2007-04-27 18:23 <DIR> d-------- C:\Program Files\Media Player Classic
2007-04-27 18:23 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\Real
2007-04-27 18:23 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Real
2007-04-27 18:20 <DIR> d-------- C:\Codecs
2007-04-27 16:00 <DIR> d-------- C:\Downloads
2007-04-27 16:00 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\Orbit
2007-04-27 00:18 68,888 --a------ C:\WINDOWS\system32\xinput1_3.dll
2007-04-27 00:18 62,744 --a------ C:\WINDOWS\system32\xinput1_2.dll
2007-04-27 00:18 3,426,072 --a------ C:\WINDOWS\system32\d3dx9_32.dll
2007-04-27 00:18 255,848 --a------ C:\WINDOWS\system32\xactengine2_6.dll
2007-04-27 00:18 251,672 --a------ C:\WINDOWS\system32\xactengine2_5.dll
2007-04-27 00:18 237,848 --a------ C:\WINDOWS\system32\xactengine2_4.dll
2007-04-27 00:18 236,824 --a------ C:\WINDOWS\system32\xactengine2_3.dll
2007-04-27 00:18 2,414,360 --a------ C:\WINDOWS\system32\d3dx9_31.dll
2007-04-27 00:18 2,297,552 --a------ C:\WINDOWS\system32\d3dx9_26.dll
2007-04-27 00:18 15,128 --a------ C:\WINDOWS\system32\x3daudio1_1.dll
2007-04-27 00:09 85,376 --a------ C:\WINDOWS\system32\drivers\nabtsfec.sys
2007-04-27 00:09 83,456 --a------ C:\WINDOWS\system32\dpvsetup.exe
2007-04-27 00:09 82,432 --a------ C:\WINDOWS\system32\dmscript.dll
2007-04-27 00:09 8,192 --a------ C:\WINDOWS\system32\d3d8thk.dll
2007-04-27 00:09 733,696 --a------ C:\WINDOWS\system32\qedwipes.dll
2007-04-27 00:09 71,680 --a------ C:\WINDOWS\system32\dsdmoprp.dll
2007-04-27 00:09 70,656 --a------ C:\WINDOWS\system32\amstream.dll
2007-04-27 00:09 7,552 --a------ C:\WINDOWS\system32\drivers\mskssrv.sys
2007-04-27 00:09 66,408 --a------ C:\WINDOWS\system32\dxdllreg.exe
2007-04-27 00:09 619,008 --a------ C:\WINDOWS\system32\dx7vb.dll
2007-04-27 00:09 61,440 --a------ C:\WINDOWS\system32\dmcompos.dll
2007-04-27 00:09 60,928 --a------ C:\WINDOWS\system32\dpnhupnp.dll
2007-04-27 00:09 59,904 --a------ C:\WINDOWS\system32\devenum.dll
2007-04-27 00:09 57,344 --a------ C:\WINDOWS\system32\dpwsockx.dll
2007-04-27 00:09 562,176 --a------ C:\WINDOWS\system32\qedit.dll
2007-04-27 00:09 51,328 --a------ C:\WINDOWS\system32\drivers\msdv.sys
2007-04-27 00:09 50,688 --a------ C:\WINDOWS\system32\wstdecod.dll
2007-04-27 00:09 5,504 --a------ C:\WINDOWS\system32\drivers\mstee.sys
2007-04-27 00:09 5,376 --a------ C:\WINDOWS\system32\drivers\mspclock.sys
2007-04-27 00:09 48,640 --a------ C:\WINDOWS\system32\drivers\stream.sys
2007-04-27 00:09 4,992 --a------ C:\WINDOWS\system32\drivers\mspqm.sys
2007-04-27 00:09 4,352 --a------ C:\WINDOWS\system32\drivers\swenum.sys
2007-04-27 00:09 4,096 --a------ C:\WINDOWS\system32\ksuser.dll
2007-04-27 00:09 385,024 --a------ C:\WINDOWS\system32\qdvd.dll
2007-04-27 00:09 375,296 --a------ C:\WINDOWS\system32\dpnet.dll
2007-04-27 00:09 367,616 --a------ C:\WINDOWS\system32\dsound.dll
2007-04-27 00:09 363,520 --a------ C:\WINDOWS\system32\psisdecd.dll
2007-04-27 00:09 35,840 --a------ C:\WINDOWS\system32\dmloader.dll
2007-04-27 00:09 35,328 --a------ C:\WINDOWS\system32\pid.dll
2007-04-27 00:09 35,328 --a------ C:\WINDOWS\system32\mciqtz32.dll
2007-04-27 00:09 35,328 --a------ C:\WINDOWS\system32\dpnhpast.dll
2007-04-27 00:09 30,208 --a------ C:\WINDOWS\system32\dplaysvr.exe
2007-04-27 00:09 3,584 --a------ C:\WINDOWS\system32\dpnlobby.dll
2007-04-27 00:09 3,584 --a------ C:\WINDOWS\system32\dpnaddr.dll
2007-04-27 00:09 28,672 --a------ C:\WINDOWS\system32\dmband.dll
2007-04-27 00:09 279,040 --a------ C:\WINDOWS\system32\qdv.dll
2007-04-27 00:09 23,552 --a------ C:\WINDOWS\system32\dpmodemx.dll
2007-04-27 00:09 229,888 --a------ C:\WINDOWS\system32\dplayx.dll
2007-04-27 00:09 212,480 --a------ C:\WINDOWS\system32\dpvoice.dll
2007-04-27 00:09 21,504 --a------ C:\WINDOWS\system32\dpvacm.dll
2007-04-27 00:09 204,288 --a------ C:\WINDOWS\system32\mswebdvd.dll
2007-04-27 00:09 20,480 --a------ C:\WINDOWS\system32\encapi.dll
2007-04-27 00:09 2,113,536 --a------ C:\WINDOWS\system32\dxdiagn.dll
2007-04-27 00:09 192,512 --a------ C:\WINDOWS\system32\qcap.dll
2007-04-27 00:09 19,456 --a------ C:\WINDOWS\system32\dswave.dll
2007-04-27 00:09 19,328 --a------ C:\WINDOWS\system32\drivers\wstcodec.sys
2007-04-27 00:09 181,760 --a------ C:\WINDOWS\system32\dsdmo.dll
2007-04-27 00:09 181,760 --a------ C:\WINDOWS\system32\dinput8.dll
2007-04-27 00:09 181,248 --a------ C:\WINDOWS\system32\dmime.dll
2007-04-27 00:09 18,432 --a------ C:\WINDOWS\system32\dpnsvr.exe
2007-04-27 00:09 17,408 --a------ C:\WINDOWS\system32\msyuv.dll
2007-04-27 00:09 17,024 --a------ C:\WINDOWS\system32\drivers\ccdecode.sys
2007-04-27 00:09 159,232 --a------ C:\WINDOWS\system32\dinput.dll
2007-04-27 00:09 15,360 --a------ C:\WINDOWS\system32\drivers\streamip.sys
2007-04-27 00:09 15,360 --a------ C:\WINDOWS\system32\drivers\mpe.sys
2007-04-27 00:09 140,928 --a------ C:\WINDOWS\system32\drivers\ks.sys
2007-04-27 00:09 14,336 --a------ C:\WINDOWS\system32\msdmo.dll
2007-04-27 00:09 116,736 --a------ C:\WINDOWS\system32\dpvvox.dll
2007-04-27 00:09 11,776 --a------ C:\WINDOWS\system32\drivers\bdasup.sys
2007-04-27 00:09 11,136 --a------ C:\WINDOWS\system32\drivers\slip.sys
2007-04-27 00:09 105,984 --a------ C:\WINDOWS\system32\dmstyle.dll
2007-04-27 00:09 104,448 --a------ C:\WINDOWS\system32\dmusic.dll
2007-04-27 00:09 103,424 --a------ C:\WINDOWS\system32\dmsynth.dll
2007-04-27 00:09 10,880 --a------ C:\WINDOWS\system32\drivers\ndisip.sys
2007-04-27 00:09 1,689,088 --a------ C:\WINDOWS\system32\d3d9.dll
2007-04-27 00:09 1,428,480 --a------ C:\WINDOWS\system32\msvidctl.dll
2007-04-27 00:09 1,298,432 --a------ C:\WINDOWS\system32\dxdiag.exe
2007-04-27 00:09 1,294,336 --a------ C:\WINDOWS\system32\dsound3d.dll
2007-04-27 00:09 1,287,168 --a------ C:\WINDOWS\system32\quartz.dll
2007-04-27 00:09 1,227,264 --a------ C:\WINDOWS\system32\dx8vb.dll
2007-04-27 00:09 1,179,648 --a------ C:\WINDOWS\system32\d3d8.dll
2007-04-27 00:08 825,344 --a------ C:\WINDOWS\system32\d3dim700.dll
2007-04-27 00:08 27,136 --a------ C:\WINDOWS\system32\ddrawex.dll
2007-04-27 00:08 266,240 --a------ C:\WINDOWS\system32\ddraw.dll
2007-04-26 18:59 <DIR> d-------- C:\Program Files\DirectX Happy Uninstall
2007-04-26 18:57 <DIR> d-------- C:\Program Files\directX
2007-04-26 15:55 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\AntispamSniper
2007-04-26 15:53 <DIR> d-------- C:\Program Files\AntispamSniper for TheBat!
2007-04-24 08:03 <DIR> d-------- C:\DOCUME~1\ADMINI~1\APPLIC~1\AntiVir PersonalEdition Premium
2007-04-22 02:19 2,621,440 --a------ C:\DOCUME~1\Ben\ntuser.dat
2007-04-21 14:45 15,544 --a------ C:\WINDOWS\system32\drivers\sbhr.sys
2007-04-21 14:42 <DIR> d-------- C:\DOCUME~1\ALLUSE~1\APPLIC~1\Sunbelt Software
2007-04-21 14:38 <DIR> d-------- C:\Program Files\Sunbelt Software
2007-04-21 12:47 <DIR> d-------- C:\Program Files\Burn4Free
2007-04-20 21:28 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\vlc
2007-04-20 21:25 <DIR> d-------- C:\Program Files\VideoLAN
2007-04-19 22:23 809,984 --a------ C:\WINDOWS\system32\wmvdmod.dll
2007-04-19 22:23 759,296 --a------ C:\WINDOWS\system32\wmsdmod.dll
2007-04-19 22:23 484,864 --a------ C:\WINDOWS\system32\wmspdmod.dll
2007-04-19 22:23 384,512 --a------ C:\WINDOWS\system32\mp4sdmod.dll
2007-04-19 22:23 310,272 --a------ C:\WINDOWS\system32\mp43dmod.dll
2007-04-19 22:23 240,640 --a------ C:\WINDOWS\system32\mpg4dmod.dll
2007-04-19 22:22 896,512 --a------ C:\WINDOWS\system32\wmspdmoe.dll
2007-04-19 22:22 87,040 --a------ C:\WINDOWS\system32\drmstor.dll
2007-04-19 22:22 695,296 --a------ C:\WINDOWS\system32\drmv2clt.dll
2007-04-19 22:22 670,720 --a------ C:\WINDOWS\system32\wmadmoe.dll
2007-04-19 22:22 6,656 --a------ C:\WINDOWS\system32\laprxy.dll
2007-04-19 22:22 408,064 --a------ C:\WINDOWS\system32\wmadmod.dll
2007-04-19 22:22 299,520 --a------ C:\WINDOWS\system32\drmclien.dll
2007-04-19 22:22 286,208 --a------ C:\WINDOWS\system32\blackbox.dll
2007-04-19 22:22 259,072 --a------ C:\WINDOWS\system32\msnetobj.dll
2007-04-19 22:22 237,568 --a------ C:\WINDOWS\system32\qasf.dll
2007-04-19 22:22 230,400 --a------ C:\WINDOWS\system32\wmasf.dll
2007-04-19 22:22 151,552 --a------ C:\WINDOWS\system32\wmidx.dll
2007-04-19 22:22 103,936 --a------ C:\WINDOWS\system32\logagent.exe
2007-04-19 22:22 1,119,744 --a------ C:\WINDOWS\system32\wmsdmoe2.dll
2007-04-19 22:22 1,050,624 --a------ C:\WINDOWS\system32\wmnetmgr.dll
2007-04-19 22:22 1,001,472 --a------ C:\WINDOWS\system32\wmvdmoe2.dll
2007-04-19 22:15 <DIR> d-------- C:\Temp
2007-04-19 22:14 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\Syntrillium
2007-04-19 22:09 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\AntiVir PersonalEdition Premium
2007-04-19 21:52 0 --a------ C:\WINDOWS\system32\winsvcup.exe
2007-04-19 19:16 <DIR> d-------- C:\Program Files\DivX
2007-04-19 13:17 <DIR> d---s---- C:\DOCUME~1\Ben\UserData
2007-04-19 12:25 43,584 --a------ C:\WINDOWS\system32\drivers\avipbb.sys
2007-04-19 12:25 28,352 --a------ C:\WINDOWS\system32\drivers\ssmdrv.sys
2007-04-19 12:11 <DIR> d-------- C:\WINDOWS\system32\CatRoot2
2007-04-19 09:58 <DIR> d-------- C:\Program Files\The Bat!
2007-04-18 12:25 <DIR> d-------- C:\Program Files\JL2005A
2007-04-17 14:17 <DIR> d-------- C:\Program Files\AusLogics Disk Defrag
2007-04-17 12:28 <DIR> d-------- C:\Program Files\foobar2000
2007-04-17 11:14 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\DeepBurner Pro
2007-04-17 10:49 <DIR> d-------- C:\Program Files\7-Zip
2007-04-17 10:46 <DIR> d-------- C:\Program Files\ToniArts
2007-04-17 10:38 33,792 --a------ C:\WINDOWS\system32\msgsvc.dll
2007-04-17 10:34 831,519 --a------ C:\WINDOWS\system32\mswdat10.dll
2007-04-17 10:34 614,429 --a------ C:\WINDOWS\system32\mswstr10.dll
2007-04-17 10:34 552,989 --a------ C:\WINDOWS\system32\msrepl40.dll
2007-04-17 10:34 53,279 --a------ C:\WINDOWS\system32\msjter40.dll
2007-04-17 10:34 512,029 --a------ C:\WINDOWS\system32\msexch40.dll
2007-04-17 10:34 421,919 --a------ C:\WINDOWS\system32\msrd2x40.dll
2007-04-17 10:34 380,957 --a------ C:\WINDOWS\system32\expsrv.dll
2007-04-17 10:34 358,976 --a------ C:\WINDOWS\system32\msjetoledb40.dll
2007-04-17 10:34 348,189 --a------ C:\WINDOWS\system32\msxbde40.dll
2007-04-17 10:34 348,189 --a------ C:\WINDOWS\system32\mspbde40.dll
2007-04-17 10:34 319,517 --a------ C:\WINDOWS\system32\msexcl40.dll
2007-04-17 10:34 315,423 --a------ C:\WINDOWS\system32\msrd3x40.dll
2007-04-17 10:34 30,749 --a------ C:\WINDOWS\system32\vbajet32.dll
2007-04-17 10:34 258,077 --a------ C:\WINDOWS\system32\mstext40.dll
2007-04-17 10:34 241,693 --a------ C:\WINDOWS\system32\msjtes40.dll
2007-04-17 10:34 213,023 --a------ C:\WINDOWS\system32\msltus40.dll
2007-04-17 10:34 151,583 --a------ C:\WINDOWS\system32\msjint40.dll
2007-04-17 10:34 1,507,356 --a------ C:\WINDOWS\system32\msjet40.dll
2007-04-17 10:31 71 ---h----- C:\WINDOWS\dsez6672.dat
2007-04-17 10:21 <DIR> d-------- C:\WINDOWS\RegisteredPackages
2007-04-17 10:13 274,944 --a------ C:\WINDOWS\system32\mstask.dll
2007-04-17 10:13 190,976 --a------ C:\WINDOWS\system32\schedsvc.dll
2007-04-17 10:13 12,288 --a------ C:\WINDOWS\system32\mstinit.exe
2007-04-17 01:14 524,288 --ah----- C:\DOCUME~1\ADMINI~1\ntuser.dat
2007-04-17 00:27 <DIR> d-------- C:\Program Files\NetMeter
2007-04-16 22:31 614,912 --a------ C:\WINDOWS\system32\h323msp.dll
2007-04-16 22:31 331,264 --a------ C:\WINDOWS\system32\ipnathlp.dll
2007-04-16 22:31 26,112 --a------ C:\WINDOWS\system32\xpsp1hfm.exe
2007-04-16 22:24 262,144 --a------ C:\DOCUME~1\ALLUSE~1\ntuser.dat
2007-04-16 22:18 <DIR> d-------- C:\Program Files\Foxit Software
2007-04-16 20:19 1,082,368 --a------ C:\WINDOWS\system32\esent.dll
2007-04-16 20:00 <DIR> d-------- C:\DOCUME~1\Ben\APPLIC~1\uTorrent
2007-04-16 19:49 &l

BC AdBot (Login to Remove)

 


#2 DaveM59

DaveM59

    Bleepin' Grandpa


  • Members
  • 1,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:TN USA
  • Local time:05:57 AM

Posted 18 May 2007 - 10:29 PM

Hi gapartington,

You have a backdoor on your computer. This basically gives a hacker access to all the information on your computer.

It is very important that, starting immediately, this machine be kept off the internet and physically disconnected from any network it may be part of. The only time you should connect to the internet is for downloads or other actions necessary to clean this machine.

If you use or have used this computer for online banking or shopping or for accessing or storing personal information such as school records, then you need to take steps to protect your information that may have been compromised. I recommend these steps for action:

How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud?

At a minimum, go to a clean computer (not this one!) and change all passwords -- bank and other financial institutions, school, library, e-mail, forums, everything. Then call your financial institutions and tell them to put a watch on your accounts. In addition, you should watch them yourself.

You should consider whether a reformat and reinstall of the operating system might be better than attempting to remove the backdoor. Basically, it depends on how this computer is used and how much risk you are comfortable with. Here is a link to help you decide:

When Should I Format, How Should I Reinstall

The article is aimed at helpers like me, but it gives a picture of the relative weight that various factors play in making this decision.

Please let me know what you decide.

Edit: I have read your introduction and found that you are a stockbroker. If you have client information on this computer, please consider the liability issues discussed in the article.

Dave

#3 DaveM59

DaveM59

    Bleepin' Grandpa


  • Members
  • 1,355 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:TN USA
  • Local time:05:57 AM

Posted 02 June 2007 - 07:26 AM

Due to lack of feedback, this topic is now closed. If you want it re-opened, please PM me and put the url in your request.

This applies to the original poster only. Everyone else please start a new topic.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users