This topic is locked
Thanks!!
Logfile of random's system information tool 1.05 (written by random/random)
Run by Carlos at 2009-01-01 13:02:39
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 18 GB (14%) free of 131 GB
Total RAM: 1023 MB (45% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:03:12 PM, on 1/1/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\McAfee\MPF\MPFSrv.exe
c:\PROGRA~1\mcafee.com\agent\mcagent.exe
C:\Program Files\Maxtor\Utils\SyncServices.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Maxtor\ManagerApp\Onetouch.exe
C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe
C:\Program Files\Nero\Nero 7\InCD\InCD.exe
C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Lexar Media\USB Card Reader Driver v2.1g\Disk_Monitor.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\WINDOWS\system32\PnkBstrB.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater.exe
C:\Documents and Settings\Carlos\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Carlos.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = About:Blank
R1 - HKLM\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = About:Blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - (no file)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Yahoo! IE Services Button - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O2 - BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) - {82fd5216-c710-43a9-b8c3-a9e56fd22e13} - (no file)
O2 - BHO: (no name) - {901CE412-BB4C-45F1-A9B7-5EFD60184BF1} - (no file)
O2 - BHO: McAfee SiteAdvisor BHO - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O2 - BHO: (no name) - {BB21F9F6-F56F-4D45-ACBF-6662FC8C0205} - (no file)
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll
O3 - Toolbar: McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [MaxtorOneTouch] C:\Program Files\Maxtor\ManagerApp\Onetouch.exe
O4 - HKLM\..\Run: [mxomssmenu] "C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [Adobe_ID0EYTHM] C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe -startup
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe /runkey
O4 - HKLM\..\Run: [McENUI] C:\PROGRA~1\McAfee\MHN\McENUI.exe /hide
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [Disk Monitor] C:\Program Files\Lexar Media\USB Card Reader Driver v2.1g\Disk_Monitor.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\RunOnce: [] C:\Program Files\Mozilla Firefox\firefox.exe http://www.symantec....000049.000000d2
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe
O8 - Extra context menu item: &Yahoo! Search - file:///C:\Program Files\Yahoo!\Common/ycsrch.htm
O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Yahoo! &Dictionary - file:///C:\Program Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! &Maps - file:///C:\Program Files\Yahoo!\Common/ycmap.htm
O8 - Extra context menu item: Yahoo! &SMS - file:///C:\Program Files\Yahoo!\Common/ycsms.htm
O9 - Extra button: Yahoo! Services - {5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897} - C:\Program Files\Yahoo!\Common\yiesrvc.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - Cmdmapping - (no file) (HKCU)
O15 - Trusted Zone: http://*.mcafee.com
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) -
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft....k/?LinkID=39204
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.micros...b?1169404667234
O16 - DPF: {CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA} (Java Plug-in 1.6.0_10) -
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} (PCPitstop Exam) - http://utilities.pcp.../pcpitstop2.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: linkscanner - (no CLSID) - (no file)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll
O20 - Winlogon Notify: !SASWinLogon - C:\WINDOWS\
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Adobe Version Cue CS3 - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe
O23 - Service: AdobeVersionCue - Adobe Sytems - C:\Program Files\Adobe\Adobe Version Cue\service\VersionCue.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe
O23 - Service: Inpqmc - Nero AG - (no file)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: LeapFrog Connect Device Service - Unknown owner - C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
O23 - Service: MaxBackServiceInt - Unknown owner - C:\Program Files\Maxtor\Maxtor Backup\MaxBackServiceInt.exe
O23 - Service: McAfee SiteAdvisor Service - Unknown owner - C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc.exe
O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy.exe
O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: MaxSyncService (NTService1) - - C:\Program Files\Maxtor\Utils\SyncServices.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
O23 - Service: ScsiAccess - Unknown owner - C:\Program Files\Photodex\ProShowGold\ScsiAccess.exe
--
End of file - 14671 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\McDefragTask.job
C:\WINDOWS\tasks\McQcTask.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2008-12-17 455960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897}]
Yahoo! IE Services Button - C:\Program Files\Yahoo!\Common\yiesrvc.dll [2006-10-31 198136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java™ Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-10 320920]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82fd5216-c710-43a9-b8c3-a9e56fd22e13}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{901CE412-BB4C-45F1-A9B7-5EFD60184BF1}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}]
McAfee SiteAdvisor BHO - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BB21F9F6-F56F-4D45-ACBF-6662FC8C0205}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-10 34816]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2008-11-10 73728]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{47833539-D0C5-4125-9FA8-0819E2EAAC93} - Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll [2007-05-10 321120]
{517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - Contribute Toolbar - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll [2007-03-16 118784]
{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - McAfee SiteAdvisor Toolbar - c:\PROGRA~1\mcafee\SITEAD~1\mcieplg.dll [2008-09-30 145424]
SITEguard
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2005-05-31 122941]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2007-06-01 257088]
"MaxtorOneTouch"=C:\Program Files\Maxtor\ManagerApp\Onetouch.exe [2006-08-11 712704]
"mxomssmenu"=C:\Program Files\Maxtor\OneTouch Status\maxmenumgr.exe [2006-08-11 81920]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"InCD"=C:\Program Files\Nero\Nero 7\InCD\InCD.exe [2006-07-18 1028096]
"Acrobat Assistant 8.0"=C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe [2008-10-14 623992]
"Adobe_ID0EYTHM"=C:\PROGRA~1\COMMON~1\Adobe\ADOBEV~1\Server\bin\VERSIO~2.EXE [2007-03-20 1884160]
"ISUSPM Startup"=C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM.exe [2005-02-16 221184]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-05-27 413696]
"mcagent_exe"=C:\Program Files\McAfee.com\Agent\mcagent.exe [2007-11-01 582992]
"McENUI"=C:\PROGRA~1\McAfee\MHN\McENUI.exe [2007-11-30 1164576]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2008-02-29 76304]
"ATIPTA"=C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe [2004-08-25 339968]
"Disk Monitor"=C:\Program Files\Lexar Media\USB Card Reader Driver v2.1g\Disk_Monitor.exe [2003-10-28 438784]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-10 136600]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2006-06-01 94208]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-12-04 1809648]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
""=C:\Program Files\Mozilla Firefox\firefox.exe [2008-12-17 307704]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Carlos^Start Menu^Programs^Startup^Delta Force-Black Hawk Down Team Sabre Registration.lnk]
C:\Documents and Settings\Carlos\Local Settings\Temp\{F56727F1-5F43-401C-8834-BE5EAFA6F902}\{6164D2E7-986B-42F5-B3A6-64D5E53FB889}\NOVG.EXE /remind /language=ENU /PRNM=Delta Force-Black Hawk Down Team Sabre []
C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
Logitech SetPoint.lnk - C:\Program Files\Logitech\SetPoint\SetPoint.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\LBTWlgn]
c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll [2008-05-02 72208]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2006-09-20 441136]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
UPnPMonitor - {e57ce738-33e8-4c51-8354-bb4de9d215d1} - C:\WINDOWS\system32\upnpui.dll [2008-04-13 239616]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\PSEXESVC]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"NoColorChoice"=0
"NoSizeChoice"=0
"NoVisualStyleChoice"=0
"NoDispSettingsPage"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Adobe\Adobe GoLive CS\GoLive.exe"="C:\Program Files\Adobe\Adobe GoLive CS\GoLive.exe:*:Enabled:Adobe GoLive CS (ENG)"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\expansion\jox01\PACK.EXE"="C:\Program Files\NovaLogic\Joint Operations Typhoon Rising\expansion\jox01\PACK.EXE:*:Disabled:PACK"
"C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe"="C:\Program Files\Nero\Nero 7\Nero Home\NeroHome.exe:*:Enabled:Nero Home"
"C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe"="C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe:*:Enabled:Adobe Version Cue CS3 Server"
"C:\WINDOWS\system32\PnkBstrA.exe"="C:\WINDOWS\system32\PnkBstrA.exe:*:Enabled:PnkBstrA"
"C:\WINDOWS\system32\PnkBstrB.exe"="C:\WINDOWS\system32\PnkBstrB.exe:*:Enabled:PnkBstrB"
"C:\WINDOWS\system32\dpvsetup.exe"="C:\WINDOWS\system32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ "
"C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe"="C:\Program Files\Adobe\Adobe After Effects CS3\Support Files\AfterFX.exe:*:Enabled:Adobe After Effects CS3"
"C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe"="C:\Program Files\Common Files\McAfee\MNA\McNASvc.exe:*:Enabled:McAfee Network Agent"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaW.exe:*:Enabled:Call of Duty® - World at War™ "
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
"C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe"="C:\Program Files\Activision\Call of Duty - World at War\CoDWaWmp.exe:*:Enabled:Call of Duty® - World at War™ "
"C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe"="C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe:*:Enabled:Ad-Aware"
"C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe"="C:\Program Files\Lavasoft\Ad-Aware\Ad-Watch.exe:*:Disabled:Ad-Watch"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Disabled:Bonjour"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\McAfee\MSC\mcshell.exe"="C:\Program Files\McAfee\MSC\mcshell.exe:*:Enabled:McAfee SecurityCenter"
"C:\Program Files\McAfee\MHN\McENUI.exe"="C:\Program Files\McAfee\MHN\McENUI.exe:*:Enabled:McAfee EasyNetwork"
"C:\Program Files\CCleaner\ccleaner.exe"="C:\Program Files\CCleaner\ccleaner.exe:*:Enabled:CCleaner"
"C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe"="C:\Program Files\Activision\Call of Duty 4 - Modern Warfare\iw3sp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare™ Singleplayer"
"C:\Program Files\ExpressDigital\Darkroom WE\Darkroom WE.exe"="C:\Program Files\ExpressDigital\Darkroom WE\Darkroom WE.exe:*:Enabled:Darkroom Web Edition 8.7"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe:*:Enabled:Desktop Messenger"
"C:\Program Files\Adobe\Adobe Photoshop CS\Plug-Ins\MysticalTTC.exe"="C:\Program Files\Adobe\Adobe Photoshop CS\Plug-Ins\MysticalTTC.exe:*:Enabled:Launch MysticalTTC"
"C:\Program Files\Auto FX Software\PGE\PGE.exe"="C:\Program Files\Auto FX Software\PGE\PGE.exe:*:Enabled:Launch PhotoGraphic Edges"
"C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe"="C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe:*:Enabled:Update Spybot-S&D"
"C:\Program Files\Spybot - Search & Destroy\unins001.exe"="C:\Program Files\Spybot - Search & Destroy\unins001.exe:*:Enabled:Uninstall Spybot-S&D"
"C:\Program Files\AVG\AVG8\avgupd.exe"="C:\Program Files\AVG\AVG8\avgupd.exe:*:Enabled:avgupd.exe"
"C:\Program Files\AVG\AVG8\avgui.exe"="C:\Program Files\AVG\AVG8\avgui.exe:*:Enabled:AVG Free User Interface"
"C:\Program Files\AVG\AVG8\avgtray.exe"="C:\Program Files\AVG\AVG8\avgtray.exe:*:Enabled:AVG Free Tray Icon"
"C:\Program Files\Lavasoft\Ad-Aware\lsupdatemanager.exe"="C:\Program Files\Lavasoft\Ad-Aware\lsupdatemanager.exe:*:Enabled:Software update"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe:*:Enabled:Logitech Desktop Messenger"
======File associations======
.js - open - "C:\Program Files\Adobe\Adobe Dreamweaver CS3\Dreamweaver.exe","%1"
======List of files/folders created in the last 3 months======
2009-01-01 13:02:39 ----D---- C:\rsit
2009-01-01 12:37:06 ----SHD---- C:\Config.Msi
2008-12-31 12:03:33 ----D---- C:\Documents and Settings\All Users\Application Data\SITEguard
2008-12-31 12:00:32 ----D---- C:\Program Files\Common Files\iS3
2008-12-31 12:00:27 ----D---- C:\Documents and Settings\All Users\Application Data\STOPzilla!
2008-12-24 21:13:22 ----A---- C:\WINDOWS\system32\javaws.exe
2008-12-24 21:13:22 ----A---- C:\WINDOWS\system32\javaw.exe
2008-12-24 21:13:21 ----A---- C:\WINDOWS\system32\java.exe
2008-12-22 00:44:40 ----D---- C:\Program Files\CA Yahoo! Anti-Spy
2008-12-21 11:01:07 ----D---- C:\Documents and Settings\All Users\Application Data\PCPitstop
2008-12-21 04:10:37 ----D---- C:\WINDOWS\system32\LogFiles
2008-12-21 00:30:06 ----SHD---- C:\RECYCLER
2008-12-21 00:21:56 ----A---- C:\ComboFix.txt
2008-12-20 22:04:05 ----D---- C:\Program Files\SUPERAntiSpyware
2008-12-19 01:48:31 ----D---- C:\VundoFix Backups
2008-12-17 20:52:26 ----A---- C:\Boot.bak
2008-12-17 20:52:02 ----D---- C:\cmdcons
2008-12-17 20:44:18 ----A---- C:\WINDOWS\NIRCMD.exe
2008-12-17 20:44:13 ----A---- C:\WINDOWS\SWREG.exe
2008-12-17 20:43:51 ----A---- C:\WINDOWS\zip.exe
2008-12-17 20:43:51 ----A---- C:\WINDOWS\sed.exe
2008-12-17 20:43:51 ----A---- C:\WINDOWS\grep.exe
2008-12-17 20:43:50 ----A---- C:\WINDOWS\VFIND.exe
2008-12-17 20:43:50 ----A---- C:\WINDOWS\fdsv.exe
2008-12-17 20:43:46 ----A---- C:\WINDOWS\SWSC.exe
2008-12-17 20:43:45 ----A---- C:\WINDOWS\SWXCACLS.exe
2008-12-17 20:42:14 ----AD---- C:\Qoobox
2008-12-17 18:28:15 ----A---- C:\smitfiles.txt
2008-12-17 17:17:52 ----D---- C:\WINDOWS\ERDNT
2008-12-17 17:16:52 ----D---- C:\Program Files\ERUNT
2008-12-17 16:27:53 ----D---- C:\Program Files\Trend Micro
2008-12-17 16:20:18 ----D---- C:\Program Files\Photosynth
2008-12-17 14:42:04 ----D---- C:\Program Files\RogueRemover FREE
2008-12-17 05:25:20 ----D---- C:\$AVG8.VAULT$
2008-12-17 05:04:50 ----A---- C:\WINDOWS\system32\avgrsstx.dll
2008-12-17 02:52:14 ----D---- C:\Documents and Settings\Carlos\Application Data\Malwarebytes
2008-12-17 02:51:45 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-12-17 02:51:44 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-17 02:23:57 ----A---- C:\WINDOWS\system32\f0515e91-.txt
2008-12-17 01:09:59 ----A---- C:\VundoFix.txt
2008-12-16 20:32:10 ----D---- C:\Documents and Settings\Carlos\Application Data\McAfee
2008-12-15 23:03:18 ----D---- C:\Program Files\Lavasoft
2008-12-15 23:03:16 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-12-11 13:30:55 ----DC---- C:\WINDOWS\$NtUninstallKB955839$
2008-12-11 13:13:22 ----DC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2008-12-11 13:09:09 ----DC---- C:\WINDOWS\$NtUninstallKB954600$
2008-12-11 13:08:53 ----DC---- C:\WINDOWS\$NtUninstallKB956802$
2008-11-30 19:29:07 ----D---- C:\Documents and Settings\Carlos\Application Data\Logitech
2008-11-30 19:20:54 ----R---- C:\WINDOWS\bwUnin-8.1.1.87-8876480SL.exe
2008-11-30 19:15:51 ----DC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-11-30 19:13:30 ----A---- C:\WINDOWS\system32\BtCoreIf.dll
2008-11-30 19:13:20 ----A---- C:\WINDOWS\system32\KemXML.dll
2008-11-30 19:13:20 ----A---- C:\WINDOWS\system32\KemWnd.dll
2008-11-30 19:13:20 ----A---- C:\WINDOWS\system32\KemUtil.dll
2008-11-30 19:13:20 ----A---- C:\WINDOWS\system32\kemutb.dll
2008-11-30 19:12:46 ----D---- C:\Program Files\Common Files\Logishrd
2008-11-30 19:12:39 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2008-11-30 19:12:20 ----D---- C:\Program Files\Logitech
2008-11-30 19:12:16 ----D---- C:\Documents and Settings\Carlos\Application Data\InstallShield
2008-11-30 19:11:51 ----D---- C:\Documents and Settings\All Users\Application Data\LogiShrd
2008-11-30 19:03:49 ----A---- C:\WINDOWS\system32\hidserv.dll
2008-11-28 15:39:55 ----D---- C:\Program Files\Common Files\Adobe AIR
2008-11-28 15:25:50 ----D---- C:\Documents and Settings\Carlos\Application Data\com.raptr.Raptr.848BBC53270CAC248E8FA0F339176201CDEB525F.1
2008-11-28 15:23:01 ----D---- C:\Documents and Settings\Carlos\Application Data\Raptr
2008-11-28 14:49:30 ----A---- C:\WINDOWS\system32\pbsvc.exe
2008-11-28 10:57:35 ----A---- C:\WINDOWS\system32\deploytk.dll
2008-11-23 17:58:47 ----D---- C:\Documents and Settings\All Users\Application Data\SiteAdvisor
2008-11-23 17:54:32 ----D---- C:\Program Files\McAfee.com
2008-11-23 17:54:27 ----D---- C:\Program Files\Common Files\McAfee
2008-11-23 17:54:19 ----D---- C:\Program Files\McAfee
2008-11-23 17:48:49 ----D---- C:\Documents and Settings\All Users\Application Data\McAfee
2008-11-23 17:29:57 ----D---- C:\Documents and Settings\All Users\Application Data\NortonInstaller
2008-11-18 18:19:20 ----N---- C:\WINDOWS\SchedLgU.Txt
2008-11-16 03:06:45 ----DC---- C:\WINDOWS\$NtUninstallKB957097$
2008-11-16 03:05:35 ----DC---- C:\WINDOWS\$NtUninstallKB954459$
2008-11-16 03:02:47 ----DC---- C:\WINDOWS\$NtUninstallKB955069$
2008-11-14 22:58:38 ----D---- C:\Program Files\DIFX
2008-11-14 22:56:50 ----A---- C:\WINDOWS\{B81CEB20-4C48-44C8-8312-A44A64A8EB90}_WiseFW.ini
2008-11-14 22:52:54 ----D---- C:\Documents and Settings\All Users\Application Data\Leapfrog
2008-11-14 22:52:10 ----D---- C:\Program Files\LeapFrog
2008-11-09 03:00:48 ----DC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-08 15:47:04 ----D---- C:\WINDOWS\Prefetch
2008-11-07 17:45:35 ----DC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-07 17:45:26 ----DC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-07 17:45:13 ----DC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-07 17:45:01 ----DC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-07 17:44:48 ----DC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-07 17:44:37 ----DC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-07 17:44:26 ----DC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-07 17:44:14 ----DC---- C:\WINDOWS\$NtUninstallKB951748$
2008-11-07 17:44:03 ----DC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-07 17:43:52 ----DC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-07 17:43:41 ----DC---- C:\WINDOWS\$NtUninstallKB951376$
2008-11-07 17:43:28 ----DC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-07 17:43:17 ----DC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-07 17:43:07 ----DC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-07 17:42:55 ----DC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-07 17:42:44 ----DC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-07 17:37:18 ----D---- C:\WINDOWS\system32\scripting
2008-11-07 17:37:16 ----D---- C:\WINDOWS\l2schemas
2008-11-07 17:37:16 ----D---- C:\Program Files\msn
2008-11-07 17:37:15 ----D---- C:\WINDOWS\system32\en
2008-11-07 17:14:35 ----DC---- C:\WINDOWS\$NtServicePackUninstall$
2008-10-26 02:01:06 ----DC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-19 02:14:12 ----DC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-19 02:14:01 ----DC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-19 02:13:49 ----DC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-19 02:09:09 ----DC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-19 02:08:40 ----DC---- C:\WINDOWS\$NtUninstallKB956841_0$
======List of files/folders modified in the last 3 months======
2009-01-01 13:03:12 ----D---- C:\WINDOWS\Temp
2009-01-01 12:37:36 ----D---- C:\Program Files
2009-01-01 12:37:21 ----D---- C:\WINDOWS\system32\drivers
2009-01-01 12:37:21 ----D---- C:\WINDOWS\system32
2009-01-01 12:37:02 ----SHD---- C:\WINDOWS\Installer
2009-01-01 12:22:39 ----D---- C:\Program Files\Mozilla Firefox
2008-12-31 19:42:37 ----D---- C:\WINDOWS
2008-12-31 14:05:53 ----A---- C:\WINDOWS\system32\PnkBstrB.exe
2008-12-31 13:49:12 ----D---- C:\Documents and Settings\Carlos\Application Data\SUPERAntiSpyware.com
2008-12-31 13:38:53 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-31 12:51:56 ----A---- C:\WINDOWS\NeroDigital.ini
2008-12-31 12:28:27 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
2008-12-31 12:00:32 ----D---- C:\Program Files\Common Files
2008-12-30 21:18:17 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-30 21:16:37 ----D---- C:\WINDOWS\inf
2008-12-30 21:16:18 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-28 05:43:44 ----A---- C:\WINDOWS\PhotoSnapViewer.INI
2008-12-27 13:00:46 ----D---- C:\Documents and Settings\Carlos\Application Data\Adobe
2008-12-27 13:00:46 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2008-12-24 21:13:01 ----D---- C:\Program Files\Java
2008-12-21 11:01:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-21 00:19:00 ----A---- C:\WINDOWS\system.ini
2008-12-21 00:16:44 ----D---- C:\WINDOWS\AppPatch
2008-12-19 01:43:50 ----D---- C:\WINDOWS\system32\wbem
2008-12-19 01:43:50 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-17 21:03:16 ----D---- C:\WINDOWS\system32\config
2008-12-17 20:59:58 ----SD---- C:\WINDOWS\Tasks
2008-12-17 20:52:27 ----RASH---- C:\boot.ini
2008-12-17 16:40:15 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-17 16:40:11 ----D---- C:\WINDOWS\ie7updates
2008-12-17 16:39:47 ----D---- C:\WINDOWS\$hf_mig$
2008-12-17 16:20:20 ----D---- C:\WINDOWS\WinSxS
2008-12-17 16:20:19 ----SD---- C:\Documents and Settings\Carlos\Application Data\Microsoft
2008-12-17 16:20:19 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-12-17 16:10:03 ----RSD---- C:\WINDOWS\assembly
2008-12-17 16:10:01 ----D---- C:\WINDOWS\Registration
2008-12-17 16:09:54 ----D---- C:\WINDOWS\system32\URTTemp
2008-12-17 15:06:21 ----D---- C:\DELL
2008-12-17 05:38:19 ----D---- C:\WINDOWS\Minidump
2008-12-17 05:38:19 ----D---- C:\WINDOWS\Debug
2008-12-17 05:03:48 ----D---- C:\Documents and Settings\All Users\Application Data\avg8
2008-12-17 02:19:13 ----A---- C:\WINDOWS\wininit.ini
2008-12-16 00:24:37 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-13 00:40:02 ----A---- C:\WINDOWS\system32\mshtml.dll
2008-12-11 13:37:11 ----D---- C:\Program Files\Common Files\Express Digital
2008-12-11 13:30:06 ----A---- C:\WINDOWS\win.ini
2008-12-11 13:26:45 ----D---- C:\Program Files\Internet Explorer
2008-12-09 17:24:37 ----A---- C:\WINDOWS\system32\MRT.exe
2008-12-08 07:08:53 ----D---- C:\WINDOWS\Help
2008-12-06 11:19:02 ----D---- C:\Documents and Settings\Carlos\Application Data\LimeWire
2008-11-30 22:55:39 ----D---- C:\WINDOWS\pss
2008-11-30 19:20:28 ----D---- C:\Program Files\InstallShield Installation Information
2008-11-30 19:16:48 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-11-28 17:29:41 ----D---- C:\WINDOWS\system32\DirectX
2008-11-28 17:27:21 ----A---- C:\WINDOWS\system32\PnkBstrA.exe
2008-11-28 17:13:18 ----D---- C:\Program Files\Activision
2008-11-26 16:33:14 ----HD---- C:\BJPrinter
2008-11-24 17:51:27 ----D---- C:\Program Files\Yahoo!
2008-11-23 17:33:18 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-23 12:44:30 ----D---- C:\Program Files\ATT Internet Tools
2008-11-23 12:25:55 ----D---- C:\Program Files\Canon
2008-11-23 11:59:14 ----A---- C:\YServer.txt
2008-11-23 11:58:42 ----D---- C:\Documents and Settings\All Users\Application Data\yahoo!
2008-11-21 04:02:07 ----D---- C:\Program Files\ATTToolbar
2008-11-21 03:20:28 ----D---- C:\Documents and Settings\Carlos\Application Data\Lavasoft
2008-11-14 22:58:35 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-11-08 15:45:57 ----D---- C:\WINDOWS\system32\Setup
2008-11-08 15:45:55 ----RSD---- C:\WINDOWS\Fonts
2008-11-07 17:48:26 ----D---- C:\WINDOWS\security
2008-11-07 17:42:56 ----D---- C:\Program Files\Messenger
2008-11-07 17:37:50 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-07 17:37:44 ----D---- C:\WINDOWS\network diagnostic
2008-11-07 17:37:44 ----D---- C:\WINDOWS\ime
2008-11-07 17:37:21 ----D---- C:\WINDOWS\system32\usmt
2008-11-07 17:37:21 ----D---- C:\WINDOWS\system32\en-US
2008-11-07 17:37:15 ----D---- C:\WINDOWS\system32\bits
2008-11-07 17:37:15 ----D---- C:\WINDOWS\peernet
2008-11-07 17:37:14 ----D---- C:\Program Files\Movie Maker
2008-11-07 17:28:47 ----D---- C:\WINDOWS\system32\Restore
2008-11-07 17:28:46 ----D---- C:\WINDOWS\system32\npp
2008-11-07 17:28:41 ----D---- C:\WINDOWS\msagent
2008-11-07 17:28:36 ----D---- C:\WINDOWS\srchasst
2008-11-07 17:28:32 ----D---- C:\Program Files\NetMeeting
2008-11-07 17:28:27 ----D---- C:\WINDOWS\system32\Com
2008-11-07 17:28:20 ----D---- C:\Program Files\Windows Media Player
2008-11-07 17:28:19 ----D---- C:\Program Files\Windows NT
2008-11-07 17:28:19 ----D---- C:\Program Files\Outlook Express
2008-11-07 17:28:13 ----D---- C:\Program Files\Common Files\System
2008-11-07 17:27:38 ----D---- C:\WINDOWS\system32\oobe
2008-11-07 17:27:33 ----D---- C:\WINDOWS\system
2008-11-07 17:14:32 ----D---- C:\WINDOWS\EHome
2008-10-26 08:31:27 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-23 06:36:14 ----A---- C:\WINDOWS\system32\gdi32.dll
2008-10-23 04:06:59 ----A---- C:\WINDOWS\system32\tzchange.exe
2008-10-16 14:38:40 ----A---- C:\WINDOWS\system32\wininet.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\webcheck.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\urlmon.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\url.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\pngfilt.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\occache.dll
2008-10-16 14:38:39 ----A---- C:\WINDOWS\system32\mstime.dll
2008-10-16 14:38:38 ----A---- C:\WINDOWS\system32\msrating.dll
2008-10-16 14:38:38 ----A---- C:\WINDOWS\system32\mshtmled.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeedsbs.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\msfeeds.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\jsproxy.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\iertutil.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\iernonce.dll
2008-10-16 14:38:37 ----A---- C:\WINDOWS\system32\ieframe.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\ieaksie.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\ieakeng.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\icardie.dll
2008-10-16 14:38:35 ----A---- C:\WINDOWS\system32\extmgr.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtrans.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\dxtmsft.dll
2008-10-16 14:38:34 ----A---- C:\WINDOWS\system32\advpack.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-16 07:11:09 ----A---- C:\WINDOWS\system32\ieudinit.exe
2008-10-16 07:11:09 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2008-10-15 10:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
2008-10-15 01:04:53 ----A---- C:\WINDOWS\system32\ieakui.dll
2008-10-03 04:02:42 ----A---- C:\WINDOWS\system32\strmdll.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\WINDOWS\System32\Drivers\avgldx86.sys [2008-12-17 97928]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\WINDOWS\System32\Drivers\avgmfx86.sys [2008-12-17 26824]
R1 InCDPass;InCDPass; C:\WINDOWS\system32\drivers\InCDPass.sys [2006-07-18 29568]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\InCDRm.sys [2006-07-18 33792]
R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 mfehidk;McAfee Inc. mfehidk; C:\WINDOWS\system32\drivers\mfehidk.sys [2007-11-22 201320]
R1 MPFP;MPFP; C:\WINDOWS\System32\Drivers\Mpfp.sys [2007-07-13 113952]
R1 OMCI;OMCI; C:\WINDOWS\SYSTEM32\DRIVERS\OMCI.SYS [2001-08-22 13632]
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2005-05-13 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2005-05-13 23545]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2005-04-21 40544]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\System32\DRIVERS\mdmxsdk.sys [2002-07-09 9855]
R2 symlcbrd;symlcbrd; \??\C:\WINDOWS\System32\drivers\symlcbrd.sys []
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2005-05-31 25725]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2005-05-31 34845]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2005-05-31 4125]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2005-05-31 2241]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2005-05-31 86876]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2005-05-31 15069]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2005-05-31 6365]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2005-05-31 98716]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2005-05-31 100605]
R3 aeaudio;aeaudio; C:\WINDOWS\system32\drivers\aeaudio.sys [2002-04-01 4816]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 ati2mtag;ati2mtag; C:\WINDOWS\System32\DRIVERS\ati2mtag.sys [2004-08-25 787456]
R3 E100B;Intel® PRO Adapter Driver; C:\WINDOWS\System32\DRIVERS\e100b325.sys [2002-09-19 139776]
R3 GearAspiWDM;GearAspiWDM; C:\WINDOWS\system32\drivers\GearAspiWDM.sys [2006-09-19 15664]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 HSF_DP;HSF_DP; C:\WINDOWS\System32\DRIVERS\HSF_DP.sys [2002-07-09 1172416]
R3 HSFHWBS2;HSFHWBS2; C:\WINDOWS\System32\DRIVERS\HSFHWBS2.sys [2002-07-09 167155]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
R3 mfeavfk;McAfee Inc. mfeavfk; C:\WINDOWS\system32\drivers\mfeavfk.sys [2007-11-22 79304]
R3 mfebopk;McAfee Inc. mfebopk; C:\WINDOWS\system32\drivers\mfebopk.sys [2007-11-22 35240]
R3 MODEMCSA;Unimodem Streaming Filter Device; C:\WINDOWS\system32\drivers\MODEMCSA.sys [2001-08-17 16128]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\System32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 MXOPSWD;Maxtor OneTouch Security Driver; C:\WINDOWS\system32\DRIVERS\mxopswd.sys [2005-04-06 15360]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2002-12-19 539008]
R3 usbaudio;USB Audio Driver (WDM); C:\WINDOWS\system32\drivers\usbaudio.sys [2008-04-13 60032]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\System32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\System32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\System32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
R3 winachsf;winachsf; C:\WINDOWS\System32\DRIVERS\HSF_CNXT.sys [2002-07-09 594832]
R
Edited by Rampag3, 01 January 2009 - 02:23 PM.
Sign In
Create Account
