Logfile of random's system information tool 1.04 (written by random/random)
Run by Mr Clark at 2008-11-11 14:45:14
Microsoft® Windows Vista™ Home Premium  Service Pack 1
System drive C: has 24 GB (34%) free of 71 GB
Total RAM: 3032 MB (63% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:46:03, on 11/11/2008
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Samsung\Samsung Magic Doctor\MagicDoctorKbdHk.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe
C:\Program Files\Samsung\EBM\EasyBatteryMgr3.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Windows\system32\igfxext.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\Macromed\Flash\FlashUtil9d.exe
C:\Users\Mr Clark\Desktop\RSIT.exe
C:\Program Files\trend micro\Mr Clark.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http:\\www.samsungcomputer.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = 
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = 
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix: 
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel(R) Corporation - C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\Windows\System32\LEXBCES.EXE
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel(R) Corporation - C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe
O23 - Service: Samsung Update Plus - Unknown owner - C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe

--
End of file - 7330 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre6\bin\ssv.dll [2008-11-07 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2008-11-07 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{32099AAC-C132-4136-9E9A-4E364A424E17} - DAEMON Tools Toolbar - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll [2008-10-14 863688]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-12-18 817936]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2008-06-18 150040]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2008-06-18 170520]
"Persistence"=C:\Windows\system32\igfxpers.exe [2008-06-18 145944]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-04-17 6111232]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-10-26 1029416]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2007-05-10 40048]
"LanguageShortcut"=C:\Program Files\CyberLink\PowerDVD\Language\Language.exe [2007-01-08 52256]
"avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2008-07-19 78008]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2008-11-07 136600]
"4oD"=C:\Program Files\Kontiki\KHost.exe [2007-04-23 1032640]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-10-01 289576]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"kdx"=C:\Program Files\Kontiki\KHost.exe [2007-04-23 1032640]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LightScribe Control Panel]
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe [2008-03-17 2289664]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe [2007-03-14 71216]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2008-06-12 208896]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com d:
shell\Open\command - resycled\boot.com d:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{294c1c8a-aa7b-11dd-8c02-0013779252fd}]
shell\AutoRun\command - F:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{294c1c9f-aa7b-11dd-8c02-0013779252fd}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22e67ed-aa7a-11dd-bd02-806e6f6e6963}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL resycled\boot.com d:
shell\Open\command - resycled\boot.com d:

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{c22e67f9-aa7a-11dd-bd02-806e6f6e6963}]
shell\AutoRun\command - G:\AutoRun.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7211c92-af52-11dd-8efe-0013779252fd}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - Recycled\ctfmon.exe

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f7211c98-af52-11dd-8efe-0013779252fd}]
shell\AutoRun\command - C:\Windows\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL Recycled\ctfmon.exe
shell\Open(0)\command - Recycled\ctfmon.exe


======List of files/folders created in the last 3 months======

2008-11-11 14:45:14 ----D---- C:\rsit
2008-11-11 14:45:14 ----D---- C:\Program Files\trend micro
2008-11-10 23:02:27 ----D---- C:\Program Files\VirtualDJ
2008-11-09 11:30:12 ----D---- C:\ProgramData\Yahoo! Companion
2008-11-09 11:26:30 ----D---- C:\Program Files\Common Files\PX Storage Engine
2008-11-09 11:26:10 ----D---- C:\Users\Mr Clark\AppData\Roaming\Yahoo!
2008-11-09 11:26:07 ----D---- C:\Program Files\Yahoo!
2008-11-09 11:26:06 ----D---- C:\Program Files\DivX
2008-11-08 22:17:27 ----D---- C:\Users\Mr Clark\AppData\Roaming\My Battle for Middle-earth Files
2008-11-08 22:00:58 ----D---- C:\Program Files\EA GAMES
2008-11-08 21:40:34 ----D---- C:\Program Files\FriendBlasterPro
2008-11-08 21:40:34 ----A---- C:\Windows\system32\VB6STKIT.DLL
2008-11-08 21:12:53 ----D---- C:\Program Files\Hijackthis
2008-11-08 17:41:35 ----D---- C:\ProgramData\Lavasoft
2008-11-08 17:41:35 ----D---- C:\Program Files\Lavasoft
2008-11-08 17:40:50 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-11-08 10:34:59 ----A---- C:\Windows\ODBC.INI
2008-11-08 10:33:05 ----D---- C:\Program Files\Microsoft ActiveSync
2008-11-08 10:32:55 ----D---- C:\Program Files\Common Files\Designer
2008-11-08 10:32:11 ----D---- C:\Program Files\Microsoft Office
2008-11-07 21:45:42 ----D---- C:\Users\Mr Clark\AppData\Roaming\CyberLink
2008-11-07 21:45:33 ----D---- C:\ProgramData\CyberLink
2008-11-07 21:22:51 ----A---- C:\Windows\system32\mdimon.dll
2008-11-07 21:01:03 ----A---- C:\Windows\system32\MSVCP50.DLL
2008-11-07 20:37:15 ----D---- C:\Users\Mr Clark\AppData\Roaming\Apple Computer
2008-11-07 20:37:04 ----DC---- C:\Windows\system32\DRVSTORE
2008-11-07 20:37:04 ----A---- C:\Windows\system32\GEARAspi.dll
2008-11-07 20:36:41 ----D---- C:\Program Files\iPod
2008-11-07 20:36:39 ----D---- C:\ProgramData\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-11-07 20:36:39 ----D---- C:\Program Files\iTunes
2008-11-07 20:36:06 ----D---- C:\Program Files\Bonjour
2008-11-07 20:35:17 ----D---- C:\Program Files\QuickTime
2008-11-07 20:35:14 ----D---- C:\ProgramData\Apple Computer
2008-11-07 20:34:48 ----D---- C:\Program Files\Apple Software Update
2008-11-07 20:34:07 ----D---- C:\Program Files\Common Files\Apple
2008-11-07 20:34:06 ----D---- C:\ProgramData\Apple
2008-11-07 17:46:11 ----D---- C:\Users\Mr Clark\AppData\Roaming\LimeWire
2008-11-07 17:44:22 ----D---- C:\Program Files\LimeWire
2008-11-07 15:45:17 ----D---- C:\Program Files\Kontiki
2008-11-07 15:45:16 ----D---- C:\ProgramData\Kontiki
2008-11-07 15:45:16 ----D---- C:\Program Files\Channel4
2008-11-07 15:44:50 ----D---- C:\ProgramData\Channel4
2008-11-07 15:26:32 ----D---- C:\Users\Mr Clark\AppData\Roaming\WinRAR
2008-11-07 15:25:28 ----A---- C:\Windows\system32\ff_vfw.dll.manifest
2008-11-07 15:25:26 ----A---- C:\Windows\system32\ff_vfw.dll
2008-11-07 15:25:25 ----D---- C:\Program Files\ffdshow
2008-11-07 12:47:27 ----D---- C:\Users\Mr Clark\AppData\Roaming\OpenOffice.org
2008-11-07 12:39:15 ----D---- C:\Program Files\OpenOffice.org 3
2008-11-07 12:38:37 ----A---- C:\Windows\system32\javaws.exe
2008-11-07 12:38:37 ----A---- C:\Windows\system32\javaw.exe
2008-11-07 12:38:37 ----A---- C:\Windows\system32\java.exe
2008-11-07 12:38:04 ----D---- C:\Program Files\Common Files\Java
2008-11-07 12:24:39 ----A---- C:\Windows\LEXSTAT.INI
2008-11-07 12:23:49 ----A---- C:\Windows\system32\deploytk.dll
2008-11-07 12:23:29 ----D---- C:\Program Files\Java
2008-11-07 12:12:22 ----A---- C:\Windows\uninst.exe
2008-11-06 15:41:22 ----D---- C:\Program Files\WinRAR
2008-11-06 09:46:22 ----D---- C:\Users\Mr Clark\AppData\Roaming\InstallShield
2008-11-05 14:09:51 ----A---- C:\Windows\system32\tzres.dll
2008-11-05 14:09:30 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2008-11-05 14:09:26 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2008-11-05 14:09:04 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2008-11-04 18:58:09 ----D---- C:\Users\Mr Clark\AppData\Roaming\Adobe
2008-11-04 18:15:08 ----D---- C:\Program Files\DAEMON Tools Toolbar
2008-11-04 18:14:58 ----D---- C:\Program Files\DAEMON Tools Lite
2008-11-04 18:12:31 ----D---- C:\Users\Mr Clark\AppData\Roaming\DAEMON Tools
2008-11-04 17:57:50 ----A---- C:\Windows\IsUninst.exe
2008-11-04 16:42:46 ----A---- C:\Windows\system32\aswBoot.exe
2008-11-04 16:42:44 ----D---- C:\Program Files\Alwil Software
2008-11-04 16:13:50 ----A---- C:\Windows\system32\shell32.dll
2008-11-04 16:05:24 ----A---- C:\Windows\system32\ntkrnlpa.exe
2008-11-04 16:05:23 ----A---- C:\Windows\system32\ntoskrnl.exe
2008-11-04 16:03:39 ----A---- C:\Windows\system32\inetcomm.dll
2008-11-04 16:03:36 ----A---- C:\Windows\system32\mshtml.dll
2008-11-04 16:03:35 ----A---- C:\Windows\system32\ieframe.dll
2008-11-04 16:03:34 ----A---- C:\Windows\system32\wininet.dll
2008-11-04 16:03:34 ----A---- C:\Windows\system32\urlmon.dll
2008-11-04 16:03:34 ----A---- C:\Windows\system32\iertutil.dll
2008-11-04 16:03:31 ----A---- C:\Windows\system32\mstime.dll
2008-11-04 16:03:28 ----A---- C:\Windows\system32\jsproxy.dll
2008-11-04 16:01:03 ----A---- C:\Windows\system32\quartz.dll
2008-11-04 15:58:45 ----A---- C:\Windows\system32\IPSECSVC.DLL
2008-11-04 15:58:39 ----A---- C:\Windows\system32\rpcrt4.dll
2008-11-04 15:58:36 ----A---- C:\Windows\system32\pacerprf.dll
2008-11-04 15:53:13 ----A---- C:\Windows\system32\es.dll
2008-11-04 15:52:56 ----A---- C:\Windows\system32\wmpeffects.dll
2008-11-04 15:52:25 ----A---- C:\Windows\system32\win32spl.dll
2008-11-04 15:52:12 ----A---- C:\Windows\system32\emdmgmt.dll
2008-11-04 15:52:11 ----A---- C:\Windows\system32\dataclen.dll
2008-11-04 15:52:11 ----A---- C:\Windows\system32\cdd.dll
2008-11-04 15:52:00 ----A---- C:\Windows\system32\vbscript.dll
2008-11-04 15:51:59 ----A---- C:\Windows\system32\jscript.dll
2008-11-04 15:51:58 ----A---- C:\Windows\system32\wshext.dll
2008-11-04 15:51:58 ----A---- C:\Windows\system32\wscript.exe
2008-11-04 15:51:58 ----A---- C:\Windows\system32\scrrun.dll
2008-11-04 15:51:58 ----A---- C:\Windows\system32\scrobj.dll
2008-11-04 15:51:58 ----A---- C:\Windows\system32\cscript.exe
2008-11-04 15:35:39 ----A---- C:\Windows\system32\netapi32.dll
2008-11-04 15:27:09 ----D---- C:\Users\Mr Clark\AppData\Roaming\Macromedia
2008-11-04 14:24:23 ----D---- C:\Program Files\Huawei technologies
2008-11-04 14:22:13 ----D---- C:\ProgramData\LightScribe
2008-10-28 22:36:00 ----A---- C:\Windows\system32\divx_xx0c.dll
2008-10-28 22:36:00 ----A---- C:\Windows\system32\divx_xx07.dll
2008-10-28 22:35:58 ----A---- C:\Windows\system32\divx_xx11.dll
2008-10-28 22:35:58 ----A---- C:\Windows\system32\divx_xx0a.dll
2008-10-28 22:35:56 ----A---- C:\Windows\system32\DivX.dll
2008-09-25 08:03:44 ----A---- C:\Windows\system32\DivXsm.exe
2008-09-25 08:03:38 ----A---- C:\Windows\system32\dtu100.dll
2008-09-25 08:03:38 ----A---- C:\Windows\system32\dpl100.dll
2008-09-25 08:03:34 ----A---- C:\Windows\system32\dpuGUI10.dll
2008-09-25 08:03:32 ----A---- C:\Windows\system32\dpv11.dll
2008-09-25 08:03:32 ----A---- C:\Windows\system32\dpus11.dll
2008-09-25 08:03:32 ----A---- C:\Windows\system32\dpuGUI11.dll
2008-09-25 08:03:30 ----A---- C:\Windows\system32\dpu11.dll
2008-09-25 08:03:30 ----A---- C:\Windows\system32\dpu10.dll
2008-09-25 08:03:18 ----A---- C:\Windows\system32\DivXCodecVersionChecker.exe
2008-09-19 21:57:34 ----A---- C:\Windows\system32\qt-dx331.dll
2008-09-19 21:55:58 ----A---- C:\Windows\system32\ssldivx.dll
2008-09-19 21:55:58 ----A---- C:\Windows\system32\libdivx.dll
2008-09-19 21:55:10 ----A---- C:\Windows\system32\dtu100.dll.manifest
2008-09-19 21:55:10 ----A---- C:\Windows\system32\dpl100.dll.manifest
2008-09-19 21:54:18 ----A---- C:\Windows\system32\DivXWMPExtType.dll
2008-09-08 01:21:47 ----D---- C:\Users\Mr Clark\AppData\Roaming\Identities
2008-09-08 01:20:16 ----SD---- C:\Users\Mr Clark\AppData\Roaming\Microsoft
2008-09-08 01:20:16 ----D---- C:\Users\Mr Clark\AppData\Roaming\Media Center Programs
2008-08-29 10:18:58 ----A---- C:\Windows\system32\dns-sd.exe
2008-08-29 09:53:50 ----A---- C:\Windows\system32\dnssd.dll
2008-08-20 02:01:03 ----D---- C:\Windows\SoftwareDistribution

======List of files/folders modified in the last 3 months======

2008-11-11 14:45:18 ----D---- C:\Windows\Temp
2008-11-11 14:45:14 ----RD---- C:\Program Files
2008-11-11 10:38:07 ----D---- C:\Windows\System32
2008-11-11 10:38:07 ----D---- C:\Windows\inf
2008-11-11 10:38:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2008-11-10 23:18:52 ----SHD---- C:\System Volume Information
2008-11-10 21:37:30 ----D---- C:\Windows\Prefetch
2008-11-09 21:12:51 ----D---- C:\Windows\system32\catroot2
2008-11-09 11:30:12 ----HD---- C:\ProgramData
2008-11-09 11:26:30 ----D---- C:\Program Files\Common Files
2008-11-08 17:42:23 ----SHD---- C:\Windows\Installer
2008-11-08 17:42:23 ----D---- C:\Windows
2008-11-08 17:41:35 ----D---- C:\Windows\system32\drivers
2008-11-08 15:15:23 ----D---- C:\Windows\system32\LogFiles
2008-11-08 10:34:19 ----A---- C:\Windows\win.ini
2008-11-08 10:33:03 ----D---- C:\Program Files\Common Files\microsoft shared
2008-11-08 10:33:00 ----D---- C:\Windows\ShellNew
2008-11-08 10:32:32 ----D---- C:\Program Files\Common Files\System
2008-11-08 10:32:20 ----RSD---- C:\Windows\Fonts
2008-11-08 10:32:15 ----D---- C:\Windows\Help
2008-11-08 10:32:11 ----SD---- C:\ProgramData\Microsoft
2008-11-08 10:30:49 ----D---- C:\Windows\system
2008-11-07 22:41:45 ----D---- C:\Windows\system32\Tasks
2008-11-07 22:35:11 ----RSD---- C:\Windows\assembly
2008-11-07 21:53:04 ----D---- C:\ProgramData\Microsoft Help
2008-11-07 21:50:53 ----D---- C:\Program Files\MSBuild
2008-11-07 21:40:51 ----D---- C:\Windows\winsxs
2008-11-07 20:37:04 ----D---- C:\Windows\system32\catroot
2008-11-07 20:35:56 ----D---- C:\Program Files\Internet Explorer
2008-11-06 15:36:37 ----D---- C:\Windows\Debug
2008-11-06 09:52:46 ----D---- C:\Windows\system32\WDI
2008-11-06 00:03:56 ----D---- C:\Windows\rescache
2008-11-05 14:27:40 ----D---- C:\Windows\system32\en-US
2008-11-04 23:08:37 ----D---- C:\Windows\WinClon
2008-11-04 17:14:56 ----D---- C:\Windows\system32\NDF
2008-11-04 17:01:52 ----D---- C:\ProgramData\McAfee
2008-11-04 16:59:45 ----D---- C:\Windows\Tasks
2008-11-04 16:49:18 ----D---- C:\Windows\Registration
2008-11-04 14:26:31 ----D---- C:\Windows\ModemLogs
2008-10-07 12:19:42 ----A---- C:\Windows\system32\mrt.exe
2008-09-08 01:22:37 ----SHD---- C:\$Recycle.Bin
2008-09-08 01:21:04 ----D---- C:\Program Files\Samsung
2008-09-08 01:21:03 ----HD---- C:\Program Files\InstallShield Installation Information
2008-09-08 01:20:41 ----D---- C:\Windows\system32\restore
2008-09-08 01:20:37 ----D---- C:\Windows\MSetup
2008-09-08 01:20:15 ----RD---- C:\Users
2008-08-20 02:57:45 ----D---- C:\Windows\system32\sysprep
2008-08-20 02:57:45 ----D---- C:\Windows\Panther

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr.sys [2008-07-19 23152]
R1 aswSP;avast! Self Protection; C:\Windows\system32\drivers\aswSP.sys [2008-07-19 78416]
R1 aswTdi;avast! Network Shield Support; C:\Windows\system32\drivers\aswTdi.sys [2008-07-19 42912]
R2 aswFsBlk;aswFsBlk; C:\Windows\system32\DRIVERS\aswFsBlk.sys [2008-07-19 20560]
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\DRIVERS\aswMonFlt.sys [2008-07-19 51280]
R2 KMDFMEMIO;SAMSUNG Kernel Driver; C:\Windows\system32\DRIVERS\kmdfmemio.sys [2007-05-23 13312]
R3 AgereSoftModem;Agere Systems Soft Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2007-09-13 755712]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-04-17 2098904]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2008-06-04 113664]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-10-26 193456]
R3 VMC302;Vimicro Camera Service VMC302; C:\Windows\System32\Drivers\VMC302.sys [2008-04-05 242560]
R3 yukonwlh;NDIS6.0 Miniport Driver for Marvell Yukon Ethernet Controller; C:\Windows\system32\DRIVERS\yk60x86.sys [2007-12-28 298496]
S3 a7k95m7a;a7k95m7a; C:\Windows\system32\drivers\a7k95m7a.sys []
S3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\Windows\system32\DRIVERS\bcm4sbxp.sys [2006-11-02 45056]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-01-21 219648]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-01-21 29184]
S3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2008-02-13 80424]
S3 btwavdt;Bluetooth AVDT; C:\Windows\system32\drivers\btwavdt.sys [2007-07-15 80936]
S3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-07-15 16168]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-08-08 101504]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2008-06-12 2381312]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-21 2225664]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-02-21 50688]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2008-10-01 32000]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2008-01-21 88576]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aawservice;Lavasoft Ad-Aware Service; C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe [2008-05-12 611664]
R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-10-01 116040]
R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2008-07-19 16056]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2008-07-19 147640]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 EvtEng;Intel® PROSet/Wireless Event Log; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [2008-05-23 819200]
R2 KService;KService; C:\Program Files\Kontiki\KService.exe [2007-04-23 3068352]
R2 LexBceS;LexBce Server; C:\Windows\System32\LEXBCES.EXE [2004-05-24 311296]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2008-03-17 73728]
R2 RegSrvc;Intel® PROSet/Wireless Registry Service; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [2008-05-23 466944]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\CyberLink\Shared Files\RichVideo.exe [2006-12-19 272024]
R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2008-07-19 250040]
R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2008-07-23 348344]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-10-01 536872]
S2 Samsung Update Plus;Samsung Update Plus; C:\Program Files\Samsung\Samsung Update Plus\SLUBackgroundService.exe [2008-05-12 77480]
S3 SQLWriter;SQL Server VSS Writer; C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2006-04-14 87840]

-----------------EOF-----------------