[barzi]

I get like every 5 minutes a warning saying that windows securty alert has found the trojan:

trojan-spy.win32.keylogger.aa

I have been searching on the internet what that is, and I know that it is a REAL virus. But the windows security alert is spyware (it wants you tu buy a fake anti virus).
I have already used Ad-ware and spyware doctor. I also checked my ocmputer for virusses with Avira Antivir.
I'm running Windows XP SP3 with all updates.

This is the Hijacklog:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:48:00, on 31-8-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
F:\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\CTHELPER.EXE
F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\Nokia\Nokia PC Suite 7\PCSync2.exe
F:\Nokia\Nokia PC Suite 7\PCSuite.exe
F:\Colibri\Colibri.exe
F:\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\hcdgnize.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\Mozilla Firefox\firefox.exe
C:\Documents and Settings\BarziG\Bureaublad\HiJackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {88F5B540-80DC-4760-9A5E-58F0B95820EF} - C:\WINDOWS\system32\awtQjKCS.dll (file missing)
O2 - BHO: getsn32.msiesn - {A55CA42C-BF8A-4491-9073-6E32FC4E6250} - C:\WINDOWS\system32\getsn32.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [RemoteControl8] F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] F:\PowerDVD8\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "F:\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Colibri] F:\Colibri\Colibri.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [genhlp] C:\WINDOWS\system32\hcdgnize.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\ckvo.exe
O4 - HKCU\..\Run: [ActSysDb] C:\WINDOWS\system32\alwxyvyv.exe
O4 - HKCU\..\Run: [monmsg] C:\WINDOWS\system32\exkryxez.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0062F6F6-3F63-4429-B2B4-4FC9DD793724}: NameServer = 213.51.129.37,213.51.144.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{0062F6F6-3F63-4429-B2B4-4FC9DD793724}: NameServer = 213.51.129.37,213.51.144.37
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6480 bytes


Please help!

[Advertisements]

Hello barzi

Welcome to G2Go.
=====================

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

[kahdah]

Hello barzi

Welcome to G2Go.
=====================

• Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
• Double click on RSIT.exe to run RSIT.
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

[barzi]

Thanks:

log.txt:

Logfile of random's system information tool (written by random/random)
Run by BarziG at 2008-09-01 14:56:07
Microsoft Windows XP Professional Service Pack 3
System drive C: has 23 GB (75%) free of 30 GB
Total RAM: 2047 MB (76% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:56:15, on 1-9-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
F:\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\CTHELPER.EXE
F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\Nokia\Nokia PC Suite 7\PCSync2.exe
F:\Nokia\Nokia PC Suite 7\PCSuite.exe
F:\Colibri\Colibri.exe
F:\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\hcdgnize.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\BarziG\Bureaublad\RSIT.exe
C:\Documents and Settings\BarziG\Bureaublad\BarziG.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: (no name) - {88F5B540-80DC-4760-9A5E-58F0B95820EF} - C:\WINDOWS\system32\awtQjKCS.dll (file missing)
O2 - BHO: getsn32.msiesn - {A55CA42C-BF8A-4491-9073-6E32FC4E6250} - C:\WINDOWS\system32\getsn32.dll
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [RemoteControl8] F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] F:\PowerDVD8\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "F:\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Colibri] F:\Colibri\Colibri.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [genhlp] C:\WINDOWS\system32\hcdgnize.exe
O4 - HKCU\..\Run: [kamsoft] C:\WINDOWS\system32\ckvo.exe
O4 - HKCU\..\Run: [ActSysDb] C:\WINDOWS\system32\alwxyvyv.exe
O4 - HKCU\..\Run: [monmsg] C:\WINDOWS\system32\exkryxez.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0062F6F6-3F63-4429-B2B4-4FC9DD793724}: NameServer = 213.51.129.37,213.51.144.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{0062F6F6-3F63-4429-B2B4-4FC9DD793724}: NameServer = 213.51.129.37,213.51.144.37
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6562 bytes

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - F:\AVG8\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88F5B540-80DC-4760-9A5E-58F0B95820EF}]
C:\WINDOWS\system32\awtQjKCS.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55CA42C-BF8A-4491-9073-6E32FC4E6250}]
getsn32.msiesn - C:\WINDOWS\system32\getsn32.dll [2008-08-31 15360]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2008-06-27 19456]
"RemoteControl8"=F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=F:\PowerDVD8\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=C:\WINDOWS\system32\nwiz.exe [2008-05-16 1630208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Nokia.PCSync"=F:\Nokia\Nokia PC Suite 7\PCSync2.exe [2008-06-17 1249280]
"PC Suite Tray"=F:\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-08-11 1124352]
"Colibri"=F:\Colibri\Colibri.exe [2006-11-24 778240]
"DAEMON Tools Lite"=F:\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]
"genhlp"=C:\WINDOWS\system32\hcdgnize.exe [2008-08-31 90112]
"kamsoft"=C:\WINDOWS\system32\ckvo.exe []
"ActSysDb"=C:\WINDOWS\system32\alwxyvyv.exe [2008-08-31 90112]
"monmsg"=C:\WINDOWS\system32\exkryxez.exe [2008-08-31 90112]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
C:\Program Files\Spyware Doctor\pctsTray.exe [2008-06-10 1163656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NodLogin]
F:\ESET\ESET Smart Security\nodlogin.exe [2008-07-29 358448]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
ASUS WiFi-AP Solo.lnk - C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll schannel.dll digest.dll msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Microsoft Office\Office12\OUTLOOK.EXE"="F:\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"F:\uTorrent\uTorrent.exe"="F:\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\BarziG\Local Settings\Temp\pft269.tmp\setup.exe"="C:\Documents and Settings\BarziG\Local Settings\Temp\pft269.tmp\setup.exe:*:Enabled:Kaspersky Anti-Virus 2009 Installatie"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87286650-75da-11dd-b5b5-0015af2aeafd}]
shell\AutoRun\command - K:\ph.com
shell\explore\command - K:\ph.com
shell\open\command - K:\ph.com


File associations

.scr - open - "%1" %*

List of files/folders created in the last three months

2008-09-01 14:56:07 ----D---- C:\rsit
2008-08-31 23:30:55 ----D---- C:\WINDOWS\ERUNT
2008-08-31 22:52:18 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-08-31 22:52:18 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-08-31 22:50:29 ----A---- C:\WINDOWS\system32\tmp.txt
2008-08-31 22:50:16 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-08-31 22:50:16 ----A---- C:\WINDOWS\system32\Process.exe
2008-08-31 22:32:18 ----D---- C:\WINDOWS\Sun
2008-08-31 22:32:18 ----D---- C:\Documents and Settings\BarziG\Application Data\Sun
2008-08-31 22:04:23 ----D---- C:\WINDOWS\Minidump
2008-08-31 22:04:20 ----A---- C:\WINDOWS\ntbtlog.txt
2008-08-31 21:21:23 ----D---- C:\Program Files\Spyware Doctor
2008-08-31 21:21:23 ----D---- C:\Documents and Settings\BarziG\Application Data\PC Tools
2008-08-31 21:09:38 ----D---- C:\Program Files\Common Files\Download Manager
2008-08-31 21:04:15 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-31 20:59:08 ----D---- C:\Program Files\Enigma Software Group
2008-08-31 20:47:58 ----D---- C:\Program Files\Avira
2008-08-31 20:47:58 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-08-31 20:47:06 ----A---- C:\WINDOWS\system32\exkryxez.exe
2008-08-31 20:39:59 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-31 20:39:41 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-31 20:11:08 ----A---- C:\WINDOWS\system32\alwxyvyv.exe
2008-08-31 19:57:16 ----D---- C:\Program Files\WinAVI Video Converter
2008-08-31 19:51:35 ----D---- C:\Documents and Settings\BarziG\Application Data\Malwarebytes
2008-08-31 19:51:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-31 19:51:33 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-31 19:51:30 ----A---- C:\WINDOWS\system32\031de0a0-.txt
2008-08-31 19:50:56 ----D---- C:\Documents and Settings\All Users\Application Data\psvqhsds
2008-08-31 19:50:56 ----A---- C:\WINDOWS\system32\hcdgnize.exe
2008-08-31 19:50:27 ----D---- C:\Program Files\SAV
2008-08-31 19:46:32 ----D---- C:\Program Files\uTorrent
2008-08-31 19:46:23 ----A---- C:\WINDOWS\system32\getsn32.dll
2008-08-31 14:53:06 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-08-31 14:52:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-08-31 14:52:47 ----D---- C:\Program Files\MSXML 4.0
2008-08-31 13:45:32 ----D---- C:\Program Files\Foxit Software
2008-08-31 12:51:09 ----A---- C:\WINDOWS\NeroDigital.ini
2008-08-31 11:21:39 ----A---- C:\WINDOWS\system32\SET198.tmp
2008-08-30 13:30:43 ----D---- C:\Documents and Settings\BarziG\Application Data\Nero
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\TwnLib4.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagXRA7.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagXR7.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagXpr7.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagX7.dll
2008-08-30 13:29:55 ----D---- C:\Program Files\Nero
2008-08-30 13:29:55 ----D---- C:\Program Files\Common Files\Nero
2008-08-30 13:29:55 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-08-30 13:25:23 ----D---- C:\WINDOWS\RegisteredPackages
2008-08-30 13:25:08 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-08-30 13:25:06 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-08-30 08:25:19 ----D---- C:\WINDOWS\nview
2008-08-30 08:25:19 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-08-30 08:25:13 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-08-29 20:03:49 ----D---- C:\NVIDIA
2008-08-27 22:32:31 ----D---- C:\Documents and Settings\BarziG\Application Data\LimeWire
2008-08-27 22:32:23 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-27 22:32:23 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-27 22:32:23 ----A---- C:\WINDOWS\system32\java.exe
2008-08-27 22:32:15 ----D---- C:\Program Files\Java
2008-08-27 22:31:56 ----D---- C:\Program Files\Common Files\Java
2008-08-27 15:38:56 ----D---- C:\WINDOWS\pss
2008-08-27 15:38:17 ----D---- C:\WINDOWS\system32\appmgmt
2008-08-27 15:28:22 ----D---- C:\Documents and Settings\BarziG\Application Data\ESET
2008-08-27 15:25:34 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2008-08-27 15:23:55 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2008-08-26 17:29:25 ----D---- C:\Documents and Settings\BarziG\Application Data\Media Player Classic
2008-08-26 17:29:19 ----A---- C:\WINDOWS\system32\unrar.dll
2008-08-26 17:29:19 ----A---- C:\WINDOWS\avisplitter.ini
2008-08-26 17:18:55 ----D---- C:\Documents and Settings\BarziG\Application Data\DAEMON Tools
2008-08-26 17:16:56 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-08-26 17:16:55 ----D---- C:\Documents and Settings\BarziG\Application Data\CyberLink
2008-08-26 17:16:04 ----D---- C:\Program Files\Common Files\CyberLink
2008-08-26 17:15:51 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-08-25 15:55:26 ----A---- C:\WINDOWS\system32\muweb.dll
2008-08-25 15:55:26 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-08-25 15:55:26 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-08-25 15:25:04 ----D---- C:\Documents and Settings\BarziG\Application Data\Colibri
2008-08-24 21:33:59 ----A---- C:\WINDOWS\system32\h323log.txt
2008-08-24 21:26:55 ----A---- C:\WINDOWS\system32\usbui.dll
2008-08-24 21:26:28 ----A---- C:\WINDOWS\imsins.BAK
2008-08-24 21:26:26 ----SHD---- C:\WINDOWS\Installer
2008-08-24 21:26:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-08-24 21:26:26 ----A---- C:\WINDOWS\ODBCINST.INI
2008-08-24 21:26:22 ----RD---- C:\Program Files
2008-08-24 21:26:22 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-08-24 21:26:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-08-24 21:26:22 ----D---- C:\Program Files\Common Files
2008-08-24 21:26:20 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-08-24 21:26:20 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-08-24 21:26:20 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\irclass.dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-08-24 21:26:07 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-08-24 21:26:07 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-08-24 21:26:06 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-24 21:26:06 ----A---- C:\WINDOWS\notepad.exe
2008-08-24 21:26:01 ----A---- C:\WINDOWS\system32\storprop.dll
2008-08-24 21:25:59----ASH----C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-08-24 21:24:18 ----RA---- C:\WINDOWS\SET8.tmp
2008-08-24 21:24:16 ----RA---- C:\WINDOWS\SET4.tmp
2008-08-24 21:24:15 ----RA---- C:\WINDOWS\SET3.tmp
2008-08-24 21:24:12 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-24 21:24:12 ----D---- C:\WINDOWS\system32\CatRoot
2008-08-24 21:24:06 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-08-24 21:23:42 ----A---- C:\WINDOWS\setuplog.txt
2008-08-24 21:23:40 ----SHD---- C:\System Volume Information
2008-08-24 21:23:40 ----D---- C:\Documents and Settings
2008-08-24 21:22:55 ----SH---- C:\boot.ini
2008-08-24 21:19:41 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-08-24 21:18:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-08-24 21:18:56 ----RSD---- C:\WINDOWS\Fonts
2008-08-24 21:18:56 ----RD---- C:\WINDOWS\Web
2008-08-24 21:18:56 ----HD---- C:\WINDOWS\inf
2008-08-24 21:18:56 ----D---- C:\WINDOWS\WinSxS
2008-08-24 21:18:56 ----D---- C:\WINDOWS\twain_32
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Temp
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\wins
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\wbem
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\usmt
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\spool
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\ShellExt
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\Setup
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\ras
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\oobe
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\npp
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\mui
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\inetsrv
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\IME
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\icsxml
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\ias
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\export
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\drivers
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\dhcp
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\config
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\3com_dmi
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\3076
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\2052
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1054
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1043
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1042
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1041
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1037
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1033
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1031
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1028
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1025
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system
2008-08-24 21:18:56 ----D---- C:\WINDOWS\security
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Resources
2008-08-24 21:18:56 ----D---- C:\WINDOWS\repair
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Provisioning
2008-08-24 21:18:56 ----D---- C:\WINDOWS\PeerNet
2008-08-24 21:18:56 ----D---- C:\WINDOWS\pchealth
2008-08-24 21:18:56 ----D---- C:\WINDOWS\NLDRV
2008-08-24 21:18:56 ----D---- C:\WINDOWS\mui
2008-08-24 21:18:56 ----D---- C:\WINDOWS\msapps
2008-08-24 21:18:56 ----D---- C:\WINDOWS\msagent
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Media
2008-08-24 21:18:56 ----D---- C:\WINDOWS\java
2008-08-24 21:18:56 ----D---- C:\WINDOWS\ime
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Help
2008-08-24 21:18:56 ----D---- C:\WINDOWS\ehome
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Driver Cache
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Debug
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Cursors
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Connection Wizard
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Config
2008-08-24 21:18:56 ----D---- C:\WINDOWS\AppPatch
2008-08-24 21:18:56 ----D---- C:\WINDOWS\addins
2008-08-24 21:18:56 ----D---- C:\WINDOWS
2008-08-24 21:05:32 ----D---- C:\Documents and Settings\BarziG\Application Data\Nokia
2008-08-24 21:05:31 ----D---- C:\Documents and Settings\BarziG\Application Data\PC Suite
2008-08-24 21:05:31 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-08-24 21:04:40 ----D---- C:\Program Files\Common Files\PCSuite
2008-08-24 21:04:40 ----D---- C:\Program Files\Common Files\Nokia
2008-08-24 21:04:36 ----D---- C:\Program Files\DIFX
2008-08-24 21:04:33 ----D---- C:\Program Files\PC Connectivity Solution
2008-08-24 21:04:32 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-08-24 21:04:32 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2008-08-24 21:04:31 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2008-08-24 21:04:12 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2008-08-24 20:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-24 20:51:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-24 20:51:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-24 20:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-24 20:51:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-24 20:51:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-24 20:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-24 20:50:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-08-24 20:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-24 20:50:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-24 20:50:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-24 20:50:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-24 20:50:13 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-08-24 20:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-24 20:47:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-24 20:45:54 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-24 20:45:37 ----D---- C:\Program Files\Windows Live
2008-08-24 20:45:33 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-24 20:41:46 ----D---- C:\Documents and Settings\BarziG\Application Data\uTorrent
2008-08-24 20:41:00 ----D---- C:\Documents and Settings\BarziG\Application Data\Macromedia
2008-08-24 20:41:00 ----D---- C:\Documents and Settings\BarziG\Application Data\Adobe
2008-08-24 20:38:18 ----D---- C:\Documents and Settings\BarziG\Application Data\foobar2000
2008-08-24 20:36:36 ----D---- C:\WINDOWS\system32\PreInstall
2008-08-24 20:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-08-24 20:36:35 ----HD---- C:\WINDOWS\$hf_mig$
2008-08-24 20:36:16 ----D---- C:\Program Files\Microsoft Works
2008-08-24 20:36:14 ----D---- C:\Program Files\MSBuild
2008-08-24 20:36:08 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-24 20:36:08 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-24 20:35:57 ----D---- C:\Program Files\Common Files\ODBC
2008-08-24 20:34:33 ----D---- C:\Documents and Settings\BarziG\Application Data\Mozilla
2008-08-24 20:34:22 ----D---- C:\WINDOWS\SHELLNEW
2008-08-24 20:34:15 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-24 20:31:27 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-08-24 20:30:18 ----D---- C:\WINDOWS\Prefetch
2008-08-24 20:29:15 ----A---- C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20021102}.BAK
2008-08-24 20:28:07 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-24 20:28:07 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-24 20:28:04 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-08-24 20:28:04 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-08-24 20:28:04 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slserv.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slgen.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\slrundll.exe
2008-08-24 20:28:01 ----D---- C:\WINDOWS\system32\nl-nl
2008-08-24 20:28:01 ----D---- C:\WINDOWS\system32\nl
2008-08-24 20:28:01 ----D---- C:\WINDOWS\system32\bits
2008-08-24 20:28:01 ----D---- C:\WINDOWS\l2schemas
2008-08-24 20:27:39 ----SHD---- C:\RECYCLER
2008-08-24 20:27:17 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-24 20:26:50 ----D---- C:\WINDOWS\network diagnostic
2008-08-24 20:26:35 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-24 20:26:34 ----A---- C:\WINDOWS\002688_.tmp
2008-08-24 20:26:32 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-08-24 20:26:30 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-08-24 20:26:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-24 20:24:34 ----A---- C:\WINDOWS\RTacDbg.txt
2008-08-24 20:24:17 ----D---- C:\WINDOWS\OPTIONS
2008-08-24 20:24:17 ----D---- C:\Program Files\ASUS WiFi-AP Solo
2008-08-24 20:23:54 ----D---- C:\WINDOWS\system32\Defaults
2008-08-24 20:23:22 ----D---- C:\Program Files\Creative
2008-08-24 20:23:14 ----D---- C:\Documents and Settings\BarziG\Application Data\Creative
2008-08-24 20:23:14 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-08-24 20:23:14 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-08-24 20:23:09 ----D---- C:\WINDOWS\system32\Data
2008-08-24 20:23:09 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-08-24 20:23:04 ----HD---- C:\Program Files\InstallShield Installation Information
2008-08-24 20:22:47 ----D---- C:\Program Files\Marvell
2008-08-24 20:22:13 ----D---- C:\Program Files\Intel
2008-08-24 20:22:08 ----D---- C:\Intel
2008-08-24 20:21:54 ----D---- C:\Documents and Settings\BarziG\Application Data\WinRAR
2008-08-24 20:19:30 ----D---- C:\Program Files\Common Files\InstallShield
2008-08-24 19:40:33 ----D---- C:\Documents and Settings\BarziG\Application Data\Identities
2008-08-24 19:40:24 ----SD---- C:\Documents and Settings\BarziG\Application Data\Microsoft
2008-08-24 19:40:24 ----ASH---- C:\Documents and Settings\BarziG\Application Data\desktop.ini
2008-08-24 19:39:28 ----D---- C:\WINDOWS\SoftwareDistribution
2008-08-24 19:39:27 ----SD---- C:\WINDOWS\system32\Microsoft
2008-08-24 19:39:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-08-24 19:37:09 ----D---- C:\WINDOWS\system32\xircom
2008-08-24 19:37:09 ----D---- C:\Program Files\xerox
2008-08-24 19:37:09 ----D---- C:\Program Files\microsoft frontpage
2008-08-24 19:36:58 ----A---- C:\WINDOWS\control.ini
2008-08-24 19:36:58 ----A---- C:\AUTOEXEC.BAT
2008-08-24 19:36:55 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-08-24 19:36:55 ----A---- C:\WINDOWS\OEWABLog.txt
2008-08-24 19:36:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-24 19:36:31 ----RD---- C:\WINDOWS\Offline Web Pages
2008-08-24 19:36:31 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-08-24 19:36:28 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-08-24 19:36:26 ----D---- C:\Program Files\Online Services
2008-08-24 19:36:16 ----D---- C:\WINDOWS\system32\DirectX
2008-08-24 19:35:56 ----A---- C:\WINDOWS\system32\atrace.dll
2008-08-24 19:35:53 ----A---- C:\WINDOWS\system32\desktop.ini
2008-08-24 19:35:53 ----A---- C:\WINDOWS\desktop.ini
2008-08-24 19:35:46 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-08-24 19:35:44 ----D---- C:\Program Files\Common Files\Services
2008-08-24 19:35:44 ----A---- C:\WINDOWS\system32\acctres.dll
2008-08-24 19:35:42 ----SD---- C:\WINDOWS\Tasks
2008-08-24 19:35:42 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-08-24 19:35:41 ----D---- C:\Program Files\Common Files\MSSoap
2008-08-24 19:35:36 ----D---- C:\WINDOWS\srchasst
2008-08-24 19:35:35 ----D---- C:\WINDOWS\system32\Macromed
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wups.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-08-24 19:35:31 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-24 19:35:27 ----D---- C:\Program Files\Movie Maker
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-08-24 19:35:19 ----D---- C:\WINDOWS\system32\Restore
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-08-24 19:35:18 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-24 19:35:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-08-24 19:35:18 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-24 19:35:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-24 19:35:17 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-24 19:35:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-08-24 19:35:15 ----D---- C:\Program Files\NetMeeting
2008-08-24 19:35:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-24 19:35:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-24 19:35:14 ----A---- C:\WINDOWS\system32\inetres.dll
2008-08-24 19:35:13 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-24 19:35:11 ----D---- C:\Program Files\Outlook Express
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\isign32.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-08-24 19:35:10 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-08-24 19:35:06 ----D---- C:\Program Files\Common Files\System
2008-08-24 19:35:05 ----D---- C:\Program Files\Internet Explorer
2008-08-24 19:34:55 ----A---- C:\WINDOWS\vbaddin.ini
2008-08-24 19:34:55 ----A---- C:\WINDOWS\vb.ini
2008-08-24 19:34:54 ----D---- C:\WINDOWS\Registration
2008-08-24 19:34:52 ----D---- C:\Program Files\Windows Media Player
2008-08-24 19:34:50 ----D---- C:\Program Files\Messenger
2008-08-24 19:34:47 ----D---- C:\Program Files\MSN Gaming Zone
2008-08-24 19:34:47 ----A---- C:\WINDOWS\system32\write.exe
2008-08-24 19:34:40 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-08-24 19:34:40 ----A---- C:\WINDOWS\system32\hticons.dll
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\winchat.exe
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\avwav.dll
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-08-24 19:34:33 ----A---- C:\WINDOWS\system32\getuname.dll
2008-08-24 19:34:33 ----A---- C:\WINDOWS\system32\charmap.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\winmine.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\sol.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\calc.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tskill.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tscon.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\shadow.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\reset.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\regini.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\freecell.exe
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\msg.exe
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\logoff.exe
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\stclient.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-08-24 19:34:24 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-08-24 19:34:22 ----D---- C:\Program Files\Windows NT
2008-08-24 19:34:22 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-24 19:34:22 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-24 19:34:22 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-08-24 19:34:19 ----D---- C:\WINDOWS\system32\MsDtc
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-24 19:34:18 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-08-24 19:34:18 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-08-24 19:34:18 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-08-24 19:34:17 ----D---- C:\WINDOWS\system32\Com
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\colbact.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-08-24 19:34:16 ----A---- C:\WINDOWS\system32\comuid.dll
2008-08-24 19:34:16 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-24 19:34:16 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-06-27 18:05:08 ----A---- C:\WINDOWS\system32\instwdm.ini
2008-06-27 18:05:06 ----A---- C:\WINDOWS\system32\ctzapxx.ini
2008-06-27 17:27:54 ----A---- C:\WINDOWS\system32\CTBurst.dll
2008-06-27 17:27:28 ----A---- C:\WINDOWS\system32\inres.dll
2008-06-27 17:27:26 ----A---- C:\WINDOWS\system32\ctdvinst.dll
2008-06-27 17:27:24 ----A---- C:\WINDOWS\system32\ctcoinst.dll
2008-06-27 17:26:00 ----A---- C:\WINDOWS\system32\a3d.dll
2008-06-27 17:25:32 ----A---- C:\WINDOWS\system32\ac3api.dll
2008-06-27 17:25:10 ----A---- C:\WINDOWS\system32\readreg.exe
2008-06-27 17:25:02 ----A---- C:\WINDOWS\system32\psconv.exe
2008-06-27 17:24:58 ----A---- C:\WINDOWS\system32\CtHelper.exe
2008-06-27 17:24:56 ----A---- C:\WINDOWS\system32\ctagent.dll
2008-06-27 17:24:54 ----A---- C:\WINDOWS\system32\ctspkhlp.dll
2008-06-27 17:24:52 ----A---- C:\WINDOWS\system32\CTpcmcia.dll
2008-06-27 17:24:46 ----A---- C:\WINDOWS\system32\ctmmep.dll
2008-06-27 17:24:38 ----A---- C:\WINDOWS\system32\ctthxcal.dll
2008-06-27 17:24:38 ----A---- C:\WINDOWS\system32\ctpres.dll
2008-06-27 17:24:36 ----A---- C:\WINDOWS\system32\ctscal.dll
2008-06-27 17:24:32 ----A---- C:\WINDOWS\system32\ctdcifce.dll
2008-06-27 17:24:30 ----A---- C:\WINDOWS\system32\ctdc0001.dll
2008-06-27 17:24:24 ----A---- C:\WINDOWS\system32\ctdc0000.dll
2008-06-27 17:24:22 ----A---- C:\WINDOWS\system32\ctdcres.dll
2008-06-27 17:08:54 ----A---- C:\WINDOWS\system32\ctemupia.dll
2008-06-27 17:05:24 ----A---- C:\WINDOWS\system32\ct_oal.dll
2008-06-27 17:05:22 ----A---- C:\WINDOWS\system32\ctasio.dll
2008-06-27 17:05:20 ----A---- C:\WINDOWS\system32\ctdproxy.dll
2008-06-27 17:04:12 ----A---- C:\WINDOWS\system32\sfman32.dll
2008-06-27 17:04:12 ----A---- C:\WINDOWS\system32\ctosuser.dll
2008-06-27 17:04:08 ----A---- C:\WINDOWS\system32\sfms32.dll
2008-06-27 17:03:54 ----A---- C:\WINDOWS\system32\regplib.exe
2008-06-27 17:03:46 ----A---- C:\WINDOWS\system32\piaproxy.dll
2008-06-27 16:59:54 ----A---- C:\WINDOWS\system32\enlocstr.exe
2008-06-27 16:59:50 ----A---- C:\WINDOWS\system32\killapps.exe
2008-06-27 16:59:14 ----A---- C:\WINDOWS\system32\MIDIDEF.EXE
2008-06-27 16:59:12 ----A---- C:\WINDOWS\system32\devreg.dll
2008-06-06 11:59:16 ----A---- C:\WINDOWS\system32\APOIM32.exe

List of drivers

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-24 21035]
R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 COMMONFX.SYS;COMMONFX.SYS; C:\WINDOWS\system32\System32\drivers\COMMONFX.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2008-07-07 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2008-07-07 532376]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\WINDOWS\system32\System32\drivers\CTAUDFX.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2008-07-07 14360]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\WINDOWS\system32\System32\drivers\CTSBLFX.SYS []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2008-07-07 157208]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2008-07-07 92696]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2008-07-07 797720]
R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2008-07-07 162840]
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid

Edited by barzi, 01 September 2008 - 06:58 AM.

[barzi]

This was from log.txt, but the post before was too large I think:

List of drivers

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-24 21035]
R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 COMMONFX.SYS;COMMONFX.SYS; C:\WINDOWS\system32\System32\drivers\COMMONFX.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2008-07-07 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2008-07-07 532376]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\WINDOWS\system32\System32\drivers\CTAUDFX.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2008-07-07 14360]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\WINDOWS\system32\System32\drivers\CTSBLFX.SYS []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2008-07-07 157208]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2008-07-07 92696]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2008-07-07 797720]
R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2008-07-07 162840]
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-07 12288]
R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2008-07-07 127512]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 176128]
R3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 aie1jdqq;aie1jdqq; C:\WINDOWS\system32\drivers\aie1jdqq.sys []
S3 COMMONFX;COMMONFX; C:\WINDOWS\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 CTAUDFX;CTAUDFX; C:\WINDOWS\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 ctdvda2k;Creative DVD-Audio Device Driver; C:\WINDOWS\system32\drivers\ctdvda2k.sys [2008-07-07 347080]
S3 CTERFXFX.SYS;CTERFXFX.SYS; C:\WINDOWS\system32\System32\drivers\CTERFXFX.SYS []
S3 CTERFXFX;CTERFXFX; C:\WINDOWS\system32\drivers\CTERFXFX.SYS [2008-06-27 100888]
S3 CTSBLFX;CTSBLFX; C:\WINDOWS\system32\drivers\CTSBLFX.SYS [2008-06-27 566296]
S3 hap17v2k;Creative P17V HAL Driver; C:\WINDOWS\system32\drivers\hap17v2k.sys [2008-07-07 189464]
S3 IKFileSec;File Security Driver; C:\WINDOWS\system32\system32\drivers\ikfilesec.sys []
S3 IKSysFlt;System Filter Driver; C:\WINDOWS\system32\drivers\iksysflt.sys [2008-06-02 66952]
S3 IKSysSec;System Security Driver; C:\WINDOWS\system32\drivers\iksyssec.sys [2008-06-10 81288]
S3 nmwcd;Nokia USB Phone Parent; C:\WINDOWS\system32\drivers\ccdcmb.sys [2008-05-07 17536]
S3 nmwcdc;Nokia USB Generic; C:\WINDOWS\system32\drivers\ccdcmbo.sys [2008-05-07 20864]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\WINDOWS\system32\DRIVERS\pccsmcfd.sys [2007-09-17 21632]
S3 upperdev;upperdev; C:\WINDOWS\system32\DRIVERS\usbser_lowerflt.sys [2008-06-06 8064]
S3 usbser;USB Modem Driver; C:\WINDOWS\system32\drivers\usbser.sys [2008-04-14 26112]
S3 UsbserFilt;UsbserFilt; C:\WINDOWS\system32\DRIVERS\usbser_lowerfltj.sys [2008-05-07 8064]
S3 USBSTOR;Stuurprogramma voor USB-massaopslag; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 yukonwxp;NDIS5.1 Miniport Driver for Marvell Yukon Ethernet Controller; C:\WINDOWS\system32\DRIVERS\yk51x86.sys [2006-07-26 248832]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
S4 sr;Stuurprogramma voor systeemherstelfilter; C:\WINDOWS\system32\system32\DRIVERS\sr.sys []
S4 WS2IFSL;Windows Socket 2.0 Non-IFS-omgeving voor serviceproviderondersteuning; C:\WINDOWS\system32\System32\drivers\ws2ifsl.sys []

List of services

R2 aawservice;Lavasoft Ad-Aware Service; F:\Ad-Aware\aawservice.exe [2008-08-31 611664]
R2 AntiVirScheduler;Avira AntiVir Personal - Free Antivirus Scheduler; C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe [2008-06-12 68865]
R2 AntiVirService;Avira AntiVir Personal - Free Antivirus Guard; C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe [2008-08-31 149761]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-05-16 159812]
R2 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2004-08-11 38912]
R3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2008-08-07 575488]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 sdAuxService;PC Tools Auxiliary Service; C:\Program Files\Spyware Doctor\pctsAuxs.exe [2008-06-05 356920]
S3 sdCoreService;PC Tools Security Service; C:\Program Files\Spyware Doctor\pctsSvc.exe [2008-06-10 1072008]
S3 usnjsvc;Messenger USN Journal Reader service voor Gedeelde mappen; C:\Program Files\Windows Live\Messenger\usnsvc.exe [2007-10-18 98328]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]

-----------------EOF-----------------





info.txt:

info.txt logfile of random's system information tool 2008-09-01 14:56:16

Uninstall list

-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x13
-->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {BEE75E01-DD3F-4D5F-B96C-609E6538D419}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0015-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0016-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0018-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0019-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001A-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001B-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0407-0000-0000000FF1CE} /uninstall {2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {3EC77D26-799B-4CD8-914F-C1565E796173}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {430971B1-C31E-45DA-81E0-72C095BAB72C}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-001F-0413-0000-0000000FF1CE} /uninstall {B3F4DC34-7F60-4B7C-A79F-1C13012D99D4}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-0044-0413-0000-0000000FF1CE} /uninstall {4059772C-68BA-4FE4-9B6E-3EC37C0C4624}
2007 Microsoft Office Suite Service Pack 1 (SP1)-->msiexec /package {90120000-006E-0413-0000-0000000FF1CE} /uninstall {1120A001-69F4-43D2-83CE-716B2DC4366F}
Ad-Aware-->MsiExec.exe /I{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}
Adobe Flash Player ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe
ASUS WiFi-AP Solo-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{8B3F4499-32E6-470D-8586-E6C03420F889}\Setup.exe" -l0x9 REMOVE
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir PersonalEdition Classic\SETUP.EXE /REMOVE
Beveiligingsupdate for Windows XP (KB923689)-->"C:\WINDOWS\$NtUninstallKB923689$\spuninst\spuninst.exe"
Beveiligingsupdate for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf
Beveiligingsupdate voor Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951698)-->"C:\WINDOWS\$NtUninstallKB951698$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB953838)-->"C:\WINDOWS\$NtUninstallKB953838$\spuninst\spuninst.exe"
Beveiligingsupdate voor Windows XP (KB953839)-->"C:\WINDOWS\$NtUninstallKB953839$\spuninst\spuninst.exe"
Colibri-->"F:\Colibri\uninstall.exe"
Creative Audio-console-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7B9AE66C-2A8F-4FB2-85D7-416AFFAE8408}\setup.exe" -l0x13 /remove
CyberLink PowerDVD 8-->"C:\Program Files\InstallShield Installation Information\{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}\Setup.exe" /z-uninstall
DH Driver Cleaner Professional Edition-->F:\Driver Cleaner Pro\Uninstall.exe
foobar2000 v0.9.5.5-->"F:\foobar2000\uninstall.exe"
Foxit Reader-->C:\Program Files\Foxit Software\Foxit Reader\Uninstall.exe
GrabIt 1.7.2 Beta (build 988)-->"F:\GrabIt\unins000.exe"
HijackThis 2.0.2-->"C:\Documents and Settings\BarziG\Bureaublad\HijackThis.exe" /uninstall
Hotfix voor Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe"
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Codec Pack 4.1.7 (Standard)-->"F:\K-Lite Codec Pack\unins000.exe"
LimeWire PRO 4.18.3-->"F:\LimeWire\uninstall.exe"
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Marvell Miniport Driver-->MsiExec.exe /X{C950420B-4182-49EA-850A-A6A2ABF06C6B}
Microsoft Kernel-Mode Driver Framework Feature Pack 1.5-->"C:\WINDOWS\$NtUninstallWdf01005$\spuninst\spuninst.exe"
Microsoft Office Access MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0015-0413-0000-0000000FF1CE}
Microsoft Office Excel MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0016-0413-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0044-0413-0000-0000000FF1CE}
Microsoft Office Outlook MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001A-0413-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0018-0413-0000-0000000FF1CE}
Microsoft Office Professional Plus 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall PROPLUS /dll OSETUP.DLL
Microsoft Office Professional Plus 2007-->MsiExec.exe /X{90120000-0011-0000-0000-0000000FF1CE}
Microsoft Office Proof (Dutch) 2007-->MsiExec.exe /X{90120000-001F-0413-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (German) 2007-->MsiExec.exe /X{90120000-001F-0407-0000-0000000FF1CE}
Microsoft Office Proofing (Dutch) 2007-->MsiExec.exe /X{90120000-002C-0413-0000-0000000FF1CE}
Microsoft Office Publisher MUI (Dutch) 2007-->MsiExec.exe /X{90120000-0019-0413-0000-0000000FF1CE}
Microsoft Office Shared MUI (Dutch) 2007-->MsiExec.exe /X{90120000-006E-0413-0000-0000000FF1CE}
Microsoft Office Word MUI (Dutch) 2007-->MsiExec.exe /X{90120000-001B-0413-0000-0000000FF1CE}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.1)-->F:\Mozilla Firefox\uninstall\helper.exe
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
Nero 8 Micro 8.3.6.0-->"C:\Program Files\Nero\unins000.exe"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
Nokia Connectivity Cable Driver-->MsiExec.exe /X{C3F19A5F-35A8-4FDB-A6ED-0F4CE398DA48}
Nokia PC Suite-->C:\Documents and Settings\All Users\Application Data\Installations\{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}\Nokia_PC_Suite_rel_7_0_8_2_dut_web.exe
Nokia PC Suite-->MsiExec.exe /I{A8C3710A-0BCA-4F10-9EC3-A302A1F1FA82}
NVIDIA Drivers-->C:\WINDOWS\system32\nvuninst.exe UninstallGUI
PC Connectivity Solution-->MsiExec.exe /I{1A524CFE-DF85-4555-8BC2-0C89DBD8BC2C}
QuickPar 0.9-->F:\QuickPar\uninst.exe
Security Update for 2007 Microsoft Office System (KB951596)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {1AFF2298-CC00-4A3B-866A-C62B8373794E}
Security Update for Microsoft Office Excel 2007 (KB951546)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {7399DD71-8E24-4E60-B6A8-6CED89C0AC26}
Security Update for Microsoft Office PowerPoint 2007 (KB951338)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {558B709B-821B-4FC5-90FC-9A8890641E77}
Security Update for Microsoft Office Publisher 2007 (KB950114)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85}
Security Update for Microsoft Office system 2007 (KB951808)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {8F375E11-4FD6-4B89-9E2B-A76D48B51E00}
Security Update for Microsoft Office Word 2007 (KB950113)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {AD72BABE-C733-4FCF-9674-4314466191B9}
Spyware Doctor 6.0-->C:\Program Files\Spyware Doctor\unins000.exe /LOG
Update for Microsoft Office Outlook 2007 (KB952142)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {4AD3A076-427C-491F-A5B7-7D1DE788A756}
Update for Office 2007 (KB946691)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {A420F522-7395-4872-9882-C591B4B92278}
Update for Outlook 2007 Junk Email Filter (kb955433)-->msiexec /package {90120000-0011-0000-0000-0000000FF1CE} /uninstall {D9806966-6AA1-4B55-9528-6748E37CEE86}
Update voor Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe"
Update voor Windows XP (KB951072-v2)-->"C:\WINDOWS\$NtUninstallKB951072-v2$\spuninst\spuninst.exe"
Update voor Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe"
VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027}
WinAVI Video Converter-->"C:\Program Files\WinAVI Video Converter\unins000.exe"
Windows Live installer-->MsiExec.exe /X{A258173E-F308-475A-951B-F1BF76A4451B}
Windows Live Messenger-->MsiExec.exe /X{A0C978B8-B82B-4FAD-8C31-EBEE8E57468A}
Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll
Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe"
Windows-stuurprogrammapakket - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokia_blue_6F90B0F4A73A2F780A1010B5D6CB5DDFB098181E\nokia_bluetooth.inf
Windows-stuurprogrammapakket - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\nokbtmdm_E68D50F7E25BFE399D47C864C3B52557346242A9\nokbtmdm.inf
Windows-stuurprogrammapakket - Nokia pccsmcfd (10/12/2007 6.85.4.0)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\WINDOWS\system32\DRVSTORE\pccsmcfd_4A1E30386F4D0DEC8F5DF262CFBD8845EEBAB175\pccsmcfd.inf
WinRAR-->F:\WinRAR\uninstall.exe

Hosts File

127.0.0.1 localhost

Security center information

AV: Avira AntiVir PersonalEdition

Environment variables

"ComSpec"=%SystemRoot%\system32\cmd.exe
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem
"windir"=%SystemRoot%
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"PROCESSOR_ARCHITECTURE"=x86
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 23 Stepping 6, GenuineIntel
"PROCESSOR_REVISION"=1706
"NUMBER_OF_PROCESSORS"=2
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP

-----------------EOF-----------------

Edited by barzi, 01 September 2008 - 06:59 AM.

[barzi]

I now get another windows security alert with: "trojan-spy.win32.greenscreen" and other trojans instead of the keylogger.aa.
I don't think it's different because it's all spyware. Please HELP.

Edited by barzi, 01 September 2008 - 07:18 AM.

[kahdah]

Please download the OTMoveIt2 by OldTimer.

• Save it to your desktop.
• Please double-click OTMoveIt2.exe to run it. (Vista users, please right click on OTMoveit2.exe and select "Run as an Administrator")
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  

  C:\WINDOWS\system32\getsn32.dll
  C:\WINDOWS\system32\hcdgnize.exe
  C:\WINDOWS\system32\ckvo.exe
  C:\WINDOWS\system32\alwxyvyv.exe
  C:\WINDOWS\system32\exkryxez.exe
  K:\ph.com
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88F5B540-80DC-4760-9A5E-58F0B95820EF}
  HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55CA42C-BF8A-4491-9073-6E32FC4E6250}
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\genhlp
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\kamsoft
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ActSysDb
  HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\monmsg
  HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87286650-75da-11dd-b5b5-0015af2aeafd}
  C:\WINDOWS\system32\031de0a0-.txt
  C:\Documents and Settings\All Users\Application Data\psvqhsds
  C:\WINDOWS\system32\hcdgnize.exe

• Return to OTMoveIt2, right click in the "Paste List of Files/Folders to be Moved" window (under the light Yellow bar) and choose Paste.
• Click the red Moveit! button.
• OTMoveit2 will create a log of moved files in the C:\_OTMoveIt\MovedFiles folder. The log's name will appear as the date and time it was created, with the format mmddyyyy_hhmmss.log. Open this log in Notepad and post its contents in your next reply.
• Close OTMoveIt2

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.
===============================
Please download Malwarebytes' Anti-Malware from Here or Here

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Quick Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatley.
===============================================
Please post these logs in your next reply:

• OtMoveit2 log
• MalwareBytes log
• New Rsit log

[barzi]

OTMoveIt:

C:\WINDOWS\system32\getsn32.dll unregistered successfully.
C:\WINDOWS\system32\getsn32.dll moved successfully.
C:\WINDOWS\system32\hcdgnize.exe moved successfully.
File/Folder C:\WINDOWS\system32\ckvo.exe not found.
C:\WINDOWS\system32\alwxyvyv.exe moved successfully.
C:\WINDOWS\system32\exkryxez.exe moved successfully.
File/Folder K:\ph.com not found.
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88F5B540-80DC-4760-9A5E-58F0B95820EF} >
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{88F5B540-80DC-4760-9A5E-58F0B95820EF}\\ deleted successfully.
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55CA42C-BF8A-4491-9073-6E32FC4E6250} >
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A55CA42C-BF8A-4491-9073-6E32FC4E6250}\\ deleted successfully.
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\genhlp >
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\genhlp deleted successfully.
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\kamsoft >
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\kamsoft deleted successfully.
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ActSysDb >
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ActSysDb deleted successfully.
< HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\monmsg >
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\monmsg deleted successfully.
< HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87286650-75da-11dd-b5b5-0015af2aeafd} >
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{87286650-75da-11dd-b5b5-0015af2aeafd}\\ deleted successfully.
C:\WINDOWS\system32\031de0a0-.txt moved successfully.
C:\Documents and Settings\All Users\Application Data\psvqhsds moved successfully.
File/Folder C:\WINDOWS\system32\hcdgnize.exe not found.

OTMoveIt2 by OldTimer - Version 1.0.4.3 log created on 09012008_152108


Malware Bytes

Malwarebytes' Anti-Malware 1.25
Database versie: 1103
Windows 5.1.2600 Service Pack 3

15:23:48 1-9-2008
mbam-log-09-01-2008 (15-23-48).txt

Scan type: Snelle Scan
Objecten gescand: 39169
Verstreken tijd: 1 minute(s), 26 second(s)

Geheugenprocessen geïnfecteerd: 0
Geheugenmodulen geïnfecteerd: 0
Registersleutels geïnfecteerd: 0
Registerwaarden geïnfecteerd: 0
Registerdata bestanden geïnfecteerd: 0
Mappen geïnfecteerd: 0
Bestanden geïnfecteerd: 0

Geheugenprocessen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Geheugenmodulen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registersleutels geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerwaarden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Registerdata bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

Mappen geïnfecteerd:
(Geen kwaadaardige items gevonden)

Bestanden geïnfecteerd:
(Geen kwaadaardige items gevonden)

[barzi]

Rsit log:

Logfile of random's system information tool (written by random/random)
Run by BarziG at 2008-09-01 15:26:12
Microsoft Windows XP Professional Service Pack 3
System drive C: has 22 GB (75%) free of 30 GB
Total RAM: 2047 MB (73% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:26:13, on 1-9-2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
F:\Ad-Aware\aawservice.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\CTHELPER.EXE
F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
F:\Nokia\Nokia PC Suite 7\PCSync2.exe
F:\Nokia\Nokia PC Suite 7\PCSuite.exe
F:\Colibri\Colibri.exe
F:\DAEMON Tools Lite\daemon.exe
C:\WINDOWS\system32\hcdgnize.exe
C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe
C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
C:\Program Files\Common Files\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe
C:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exe
F:\foobar2000\foobar2000.exe
C:\Program Files\Windows Live\Messenger\usnsvc.exe
C:\WINDOWS\system32\msiexec.exe
F:\Mozilla Firefox\firefox.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Documents and Settings\BarziG\Bureaublad\RSIT.exe
C:\Documents and Settings\BarziG\Bureaublad\BarziG.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Koppelingen
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - F:\AVG8\avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [RemoteControl8] F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe
O4 - HKLM\..\Run: [PDVD8LanguageShortcut] F:\PowerDVD8\PowerDVD8\Language\Language.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Nokia.PCSync] "F:\Nokia\Nokia PC Suite 7\PCSync2.exe" /NoDialog
O4 - HKCU\..\Run: [PC Suite Tray] "F:\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytray
O4 - HKCU\..\Run: [Colibri] F:\Colibri\Colibri.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite] "F:\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Lokale service')
O4 - HKUS\S-1-5-19\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Lokale service')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Netwerkservice')
O4 - HKUS\S-1-5-20\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Netwerkservice')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')
O4 - Global Startup: ASUS WiFi-AP Solo.lnk = ?
O8 - Extra context menu item: E&xporteren naar Microsoft Excel - res://F:\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{0062F6F6-3F63-4429-B2B4-4FC9DD793724}: NameServer = 213.51.129.37,213.51.144.37
O17 - HKLM\System\CS1\Services\Tcpip\..\{0062F6F6-3F63-4429-B2B4-4FC9DD793724}: NameServer = 213.51.129.37,213.51.144.37
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - F:\Ad-Aware\aawservice.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

--
End of file - 6330 bytes

Registry dump

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - F:\AVG8\avgssie.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7E853D72-626A-48EC-A868-BA8D5E23E045}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"CTHelper"=C:\WINDOWS\system32\CTHELPER.EXE [2008-06-27 19456]
"RemoteControl8"=F:\PowerDVD8\PowerDVD8\PDVD8Serv.exe [2008-03-20 83240]
"PDVD8LanguageShortcut"=F:\PowerDVD8\PowerDVD8\Language\Language.exe [2007-12-14 50472]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-05-16 13529088]
"nwiz"=C:\WINDOWS\system32\nwiz.exe [2008-05-16 1630208]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-05-16 86016]
"avgnt"=C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe [2008-06-12 266497]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"MsnMsgr"=C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe [2007-10-18 5724184]
"Nokia.PCSync"=F:\Nokia\Nokia PC Suite 7\PCSync2.exe [2008-06-17 1249280]
"PC Suite Tray"=F:\Nokia\Nokia PC Suite 7\PCSuite.exe [2008-08-11 1124352]
"Colibri"=F:\Colibri\Colibri.exe [2006-11-24 778240]
"DAEMON Tools Lite"=F:\DAEMON Tools Lite\daemon.exe [2008-08-08 490952]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISTray]
C:\Program Files\Spyware Doctor\pctsTray.exe [2008-06-10 1163656]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NodLogin]
F:\ESET\ESET Smart Security\nodlogin.exe [2008-07-29 358448]

C:\Documents and Settings\All Users\Menu Start\Programma's\Opstarten
ASUS WiFi-AP Solo.lnk - C:\Program Files\ASUS WiFi-AP Solo\RtWLan.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=msapsspc.dll schannel.dll digest.dll msnsspc.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\aawservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdauxservice]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\sdcoreservice]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"F:\Microsoft Office\Office12\OUTLOOK.EXE"="F:\Microsoft Office\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"F:\uTorrent\uTorrent.exe"="F:\uTorrent\uTorrent.exe:*:Enabled:µTorrent"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\Documents and Settings\BarziG\Local Settings\Temp\pft269.tmp\setup.exe"="C:\Documents and Settings\BarziG\Local Settings\Temp\pft269.tmp\setup.exe:*:Enabled:Kaspersky Anti-Virus 2009 Installatie"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"

File associations

.scr - open - "%1" %*

List of files/folders created in the last three months

2008-09-01 15:21:08 ----D---- C:\_OTMoveIt
2008-09-01 15:19:28 ----D---- C:\Program Files\QuickTime
2008-09-01 15:19:28 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2008-09-01 15:19:25 ----D---- C:\Program Files\Apple Software Update
2008-09-01 15:19:25 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2008-09-01 14:56:07 ----D---- C:\rsit
2008-08-31 23:30:55 ----D---- C:\WINDOWS\ERUNT
2008-08-31 22:52:18 ----A---- C:\WINDOWS\system32\IEDFix.C.exe
2008-08-31 22:52:18 ----A---- C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-08-31 22:50:29 ----A---- C:\WINDOWS\system32\tmp.txt
2008-08-31 22:50:16 ----A---- C:\WINDOWS\system32\SrchSTS.exe
2008-08-31 22:50:16 ----A---- C:\WINDOWS\system32\Process.exe
2008-08-31 22:32:18 ----D---- C:\WINDOWS\Sun
2008-08-31 22:32:18 ----D---- C:\Documents and Settings\BarziG\Application Data\Sun
2008-08-31 22:04:23 ----D---- C:\WINDOWS\Minidump
2008-08-31 22:04:20 ----A---- C:\WINDOWS\ntbtlog.txt
2008-08-31 21:21:23 ----D---- C:\Program Files\Spyware Doctor
2008-08-31 21:21:23 ----D---- C:\Documents and Settings\BarziG\Application Data\PC Tools
2008-08-31 21:09:38 ----D---- C:\Program Files\Common Files\Download Manager
2008-08-31 21:04:15 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP
2008-08-31 20:59:08 ----D---- C:\Program Files\Enigma Software Group
2008-08-31 20:47:58 ----D---- C:\Program Files\Avira
2008-08-31 20:47:58 ----D---- C:\Documents and Settings\All Users\Application Data\Avira
2008-08-31 20:39:59 ----D---- C:\Documents and Settings\All Users\Application Data\Lavasoft
2008-08-31 20:39:41 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-08-31 19:57:16 ----D---- C:\Program Files\WinAVI Video Converter
2008-08-31 19:51:35 ----D---- C:\Documents and Settings\BarziG\Application Data\Malwarebytes
2008-08-31 19:51:33 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-08-31 19:51:33 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-08-31 19:50:27 ----D---- C:\Program Files\SAV
2008-08-31 19:46:32 ----D---- C:\Program Files\uTorrent
2008-08-31 14:53:06 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$
2008-08-31 14:52:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923689$
2008-08-31 14:52:47 ----D---- C:\Program Files\MSXML 4.0
2008-08-31 13:45:32 ----D---- C:\Program Files\Foxit Software
2008-08-31 12:51:09 ----A---- C:\WINDOWS\NeroDigital.ini
2008-08-31 11:21:39 ----A---- C:\WINDOWS\system32\SET198.tmp
2008-08-30 13:30:43 ----D---- C:\Documents and Settings\BarziG\Application Data\Nero
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\TwnLib4.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagXRA7.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagXR7.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagXpr7.dll
2008-08-30 13:29:56 ----A---- C:\WINDOWS\system32\imagX7.dll
2008-08-30 13:29:55 ----D---- C:\Program Files\Nero
2008-08-30 13:29:55 ----D---- C:\Program Files\Common Files\Nero
2008-08-30 13:29:55 ----D---- C:\Documents and Settings\All Users\Application Data\Nero
2008-08-30 13:25:23 ----D---- C:\WINDOWS\RegisteredPackages
2008-08-30 13:25:08 ----A---- C:\WINDOWS\system32\d3dx9_30.dll
2008-08-30 13:25:06 ----A---- C:\WINDOWS\system32\d3dx9_28.dll
2008-08-30 08:25:19 ----D---- C:\WINDOWS\nview
2008-08-30 08:25:19 ----A---- C:\WINDOWS\system32\nvudisp.exe
2008-08-30 08:25:13 ----A---- C:\WINDOWS\system32\NVUNINST.EXE
2008-08-29 20:03:49 ----D---- C:\NVIDIA
2008-08-27 22:32:31 ----D---- C:\Documents and Settings\BarziG\Application Data\LimeWire
2008-08-27 22:32:23 ----A---- C:\WINDOWS\system32\javaws.exe
2008-08-27 22:32:23 ----A---- C:\WINDOWS\system32\javaw.exe
2008-08-27 22:32:23 ----A---- C:\WINDOWS\system32\java.exe
2008-08-27 22:32:15 ----D---- C:\Program Files\Java
2008-08-27 22:31:56 ----D---- C:\Program Files\Common Files\Java
2008-08-27 15:38:56 ----D---- C:\WINDOWS\pss
2008-08-27 15:38:17 ----D---- C:\WINDOWS\system32\appmgmt
2008-08-27 15:28:22 ----D---- C:\Documents and Settings\BarziG\Application Data\ESET
2008-08-27 15:25:34 ----D---- C:\Documents and Settings\All Users\Application Data\ESET
2008-08-27 15:23:55 ----D---- C:\Documents and Settings\All Users\Application Data\Avg8
2008-08-26 17:29:25 ----D---- C:\Documents and Settings\BarziG\Application Data\Media Player Classic
2008-08-26 17:29:19 ----A---- C:\WINDOWS\system32\unrar.dll
2008-08-26 17:29:19 ----A---- C:\WINDOWS\avisplitter.ini
2008-08-26 17:18:55 ----D---- C:\Documents and Settings\BarziG\Application Data\DAEMON Tools
2008-08-26 17:16:56 ----D---- C:\Documents and Settings\All Users\Application Data\CyberLink
2008-08-26 17:16:55 ----D---- C:\Documents and Settings\BarziG\Application Data\CyberLink
2008-08-26 17:16:04 ----D---- C:\Program Files\Common Files\CyberLink
2008-08-26 17:15:51 ----A---- C:\WINDOWS\system32\msxml3a.dll
2008-08-25 15:55:26 ----A---- C:\WINDOWS\system32\muweb.dll
2008-08-25 15:55:26 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-08-25 15:55:26 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-08-25 15:25:04 ----D---- C:\Documents and Settings\BarziG\Application Data\Colibri
2008-08-24 21:33:59 ----A---- C:\WINDOWS\system32\h323log.txt
2008-08-24 21:26:55 ----A---- C:\WINDOWS\system32\usbui.dll
2008-08-24 21:26:28 ----A---- C:\WINDOWS\imsins.BAK
2008-08-24 21:26:26 ----SHD---- C:\WINDOWS\Installer
2008-08-24 21:26:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-08-24 21:26:26 ----A---- C:\WINDOWS\ODBCINST.INI
2008-08-24 21:26:22 ----RD---- C:\Program Files
2008-08-24 21:26:22 ----D---- C:\Program Files\Common Files\SpeechEngines
2008-08-24 21:26:22 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-08-24 21:26:22 ----D---- C:\Program Files\Common Files
2008-08-24 21:26:20 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2008-08-24 21:26:20 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2008-08-24 21:26:20 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdur.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdru.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2008-08-24 21:26:18 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2008-08-24 21:26:16 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2008-08-24 21:26:15 ----RA---- C:\WINDOWS\system32\kbdest.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdro.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2008-08-24 21:26:13 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\spxcoins.dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\irclass.dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\dgsetup.dll
2008-08-24 21:26:09 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2008-08-24 21:26:07 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2008-08-24 21:26:07 ----A---- C:\WINDOWS\TASKMAN.EXE
2008-08-24 21:26:06 ----A---- C:\WINDOWS\system32\batt.dll
2008-08-24 21:26:06 ----A---- C:\WINDOWS\notepad.exe
2008-08-24 21:26:01 ----A---- C:\WINDOWS\system32\storprop.dll
2008-08-24 21:25:59----ASH----C:\Documents and Settings\All Users\Application Data\desktop.ini
2008-08-24 21:24:18 ----RA---- C:\WINDOWS\SET8.tmp
2008-08-24 21:24:16 ----RA---- C:\WINDOWS\SET4.tmp
2008-08-24 21:24:15 ----RA---- C:\WINDOWS\SET3.tmp
2008-08-24 21:24:12 ----D---- C:\WINDOWS\system32\CatRoot2
2008-08-24 21:24:12 ----D---- C:\WINDOWS\system32\CatRoot
2008-08-24 21:24:06 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2008-08-24 21:23:42 ----A---- C:\WINDOWS\setuplog.txt
2008-08-24 21:23:40 ----SHD---- C:\System Volume Information
2008-08-24 21:23:40 ----D---- C:\Documents and Settings
2008-08-24 21:22:55 ----SH---- C:\boot.ini
2008-08-24 21:19:41 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2008-08-24 21:18:56 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-08-24 21:18:56 ----RSD---- C:\WINDOWS\Fonts
2008-08-24 21:18:56 ----RD---- C:\WINDOWS\Web
2008-08-24 21:18:56 ----HD---- C:\WINDOWS\inf
2008-08-24 21:18:56 ----D---- C:\WINDOWS\WinSxS
2008-08-24 21:18:56 ----D---- C:\WINDOWS\twain_32
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Temp
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\wins
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\wbem
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\usmt
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\spool
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\ShellExt
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\Setup
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\ras
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\oobe
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\npp
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\mui
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\inetsrv
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\IME
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\icsxml
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\ias
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\export
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\drivers
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\dhcp
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\config
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\3com_dmi
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\3076
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\2052
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1054
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1043
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1042
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1041
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1037
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1033
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1031
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1028
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32\1025
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system32
2008-08-24 21:18:56 ----D---- C:\WINDOWS\system
2008-08-24 21:18:56 ----D---- C:\WINDOWS\security
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Resources
2008-08-24 21:18:56 ----D---- C:\WINDOWS\repair
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Provisioning
2008-08-24 21:18:56 ----D---- C:\WINDOWS\PeerNet
2008-08-24 21:18:56 ----D---- C:\WINDOWS\pchealth
2008-08-24 21:18:56 ----D---- C:\WINDOWS\NLDRV
2008-08-24 21:18:56 ----D---- C:\WINDOWS\mui
2008-08-24 21:18:56 ----D---- C:\WINDOWS\msapps
2008-08-24 21:18:56 ----D---- C:\WINDOWS\msagent
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Media
2008-08-24 21:18:56 ----D---- C:\WINDOWS\java
2008-08-24 21:18:56 ----D---- C:\WINDOWS\ime
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Help
2008-08-24 21:18:56 ----D---- C:\WINDOWS\ehome
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Driver Cache
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Debug
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Cursors
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Connection Wizard
2008-08-24 21:18:56 ----D---- C:\WINDOWS\Config
2008-08-24 21:18:56 ----D---- C:\WINDOWS\AppPatch
2008-08-24 21:18:56 ----D---- C:\WINDOWS\addins
2008-08-24 21:18:56 ----D---- C:\WINDOWS
2008-08-24 21:05:32 ----D---- C:\Documents and Settings\BarziG\Application Data\Nokia
2008-08-24 21:05:31 ----D---- C:\Documents and Settings\BarziG\Application Data\PC Suite
2008-08-24 21:05:31 ----D---- C:\Documents and Settings\All Users\Application Data\PC Suite
2008-08-24 21:04:40 ----D---- C:\Program Files\Common Files\PCSuite
2008-08-24 21:04:40 ----D---- C:\Program Files\Common Files\Nokia
2008-08-24 21:04:36 ----D---- C:\Program Files\DIFX
2008-08-24 21:04:33 ----D---- C:\Program Files\PC Connectivity Solution
2008-08-24 21:04:32 ----A---- C:\WINDOWS\system32\wdfcoinstaller01005.dll
2008-08-24 21:04:32 ----A---- C:\WINDOWS\system32\nmwcdcocls.dll
2008-08-24 21:04:31 ----A---- C:\WINDOWS\system32\nmwcdcls.dll
2008-08-24 21:04:12 ----D---- C:\Documents and Settings\All Users\Application Data\Installations
2008-08-24 20:51:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-08-24 20:51:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-08-24 20:51:25 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-08-24 20:51:23 ----HDC---- C:\WINDOWS\$NtUninstallKB953839$
2008-08-24 20:51:20 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-08-24 20:51:17 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-08-24 20:51:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-08-24 20:50:40 ----A---- C:\WINDOWS\system32\MRT.exe
2008-08-24 20:50:35 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-08-24 20:50:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951072-v2$
2008-08-24 20:50:28 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-08-24 20:50:24 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-08-24 20:50:13 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-08-24 20:50:06 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-08-24 20:47:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-08-24 20:45:54 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-08-24 20:45:37 ----D---- C:\Program Files\Windows Live
2008-08-24 20:45:33 ----D---- C:\Documents and Settings\All Users\Application Data\WLInstaller
2008-08-24 20:41:46 ----D---- C:\Documents and Settings\BarziG\Application Data\uTorrent
2008-08-24 20:41:00 ----D---- C:\Documents and Settings\BarziG\Application Data\Macromedia
2008-08-24 20:41:00 ----D---- C:\Documents and Settings\BarziG\Application Data\Adobe
2008-08-24 20:38:18 ----D---- C:\Documents and Settings\BarziG\Application Data\foobar2000
2008-08-24 20:36:36 ----D---- C:\WINDOWS\system32\PreInstall
2008-08-24 20:36:35 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2008-08-24 20:36:35 ----HD---- C:\WINDOWS\$hf_mig$
2008-08-24 20:36:16 ----D---- C:\Program Files\Microsoft Works
2008-08-24 20:36:14 ----D---- C:\Program Files\MSBuild
2008-08-24 20:36:08 ----D---- C:\Program Files\Microsoft Visual Studio
2008-08-24 20:36:08 ----D---- C:\Program Files\Common Files\DESIGNER
2008-08-24 20:35:57 ----D---- C:\Program Files\Common Files\ODBC
2008-08-24 20:34:33 ----D---- C:\Documents and Settings\BarziG\Application Data\Mozilla
2008-08-24 20:34:22 ----D---- C:\WINDOWS\SHELLNEW
2008-08-24 20:34:15 ----D---- C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-24 20:31:27 ----D---- C:\WINDOWS\system32\SoftwareDistribution
2008-08-24 20:30:18 ----D---- C:\WINDOWS\Prefetch
2008-08-24 20:29:15 ----A---- C:\WINDOWS\{00000005-00000000-00000002-00001102-00000004-20021102}.BAK
2008-08-24 20:28:07 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-08-24 20:28:07 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-08-24 20:28:04 ----N---- C:\WINDOWS\system32\smtpapi.dll
2008-08-24 20:28:04 ----N---- C:\WINDOWS\system32\rwnh.dll
2008-08-24 20:28:04 ----N---- C:\WINDOWS\system32\comsdupd.exe
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\napstat.exe
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mssha.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\mdmxsdk.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\credssp.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\azroles.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-08-24 20:28:03 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ativvaxx.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati3duag.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati3d1ag.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati2dvag.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati2dvaa.dll
2008-08-24 20:28:03 ----A---- C:\WINDOWS\system32\ati2cqag.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\xpsp3res.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\verclsid.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\tzchange.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slserv.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slgen.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\setupn.exe
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qutil.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\qagent.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\system32\onex.dll
2008-08-24 20:28:02 ----N---- C:\WINDOWS\slrundll.exe
2008-08-24 20:28:01 ----D---- C:\WINDOWS\system32\nl-nl
2008-08-24 20:28:01 ----D---- C:\WINDOWS\system32\nl
2008-08-24 20:28:01 ----D---- C:\WINDOWS\system32\bits
2008-08-24 20:28:01 ----D---- C:\WINDOWS\l2schemas
2008-08-24 20:27:39 ----SHD---- C:\RECYCLER
2008-08-24 20:27:17 ----D---- C:\WINDOWS\ServicePackFiles
2008-08-24 20:26:50 ----D---- C:\WINDOWS\network diagnostic
2008-08-24 20:26:35 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-08-24 20:26:34 ----A---- C:\WINDOWS\002688_.tmp
2008-08-24 20:26:32 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-08-24 20:26:30 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2008-08-24 20:26:09 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-08-24 20:24:34 ----A---- C:\WINDOWS\RTacDbg.txt
2008-08-24 20:24:17 ----D---- C:\WINDOWS\OPTIONS
2008-08-24 20:24:17 ----D---- C:\Program Files\ASUS WiFi-AP Solo
2008-08-24 20:23:54 ----D---- C:\WINDOWS\system32\Defaults
2008-08-24 20:23:22 ----D---- C:\Program Files\Creative
2008-08-24 20:23:14 ----D---- C:\Documents and Settings\BarziG\Application Data\Creative
2008-08-24 20:23:14 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2008-08-24 20:23:14 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2008-08-24 20:23:09 ----D---- C:\WINDOWS\system32\Data
2008-08-24 20:23:09 ----A---- C:\WINDOWS\system32\ksuser.dll
2008-08-24 20:23:04 ----HD---- C:\Program Files\InstallShield Installation Information
2008-08-24 20:22:47 ----D---- C:\Program Files\Marvell
2008-08-24 20:22:13 ----D---- C:\Program Files\Intel
2008-08-24 20:22:08 ----D---- C:\Intel
2008-08-24 20:21:54 ----D---- C:\Documents and Settings\BarziG\Application Data\WinRAR
2008-08-24 20:19:30 ----D---- C:\Program Files\Common Files\InstallShield
2008-08-24 19:40:33 ----D---- C:\Documents and Settings\BarziG\Application Data\Identities
2008-08-24 19:40:24 ----SD---- C:\Documents and Settings\BarziG\Application Data\Microsoft
2008-08-24 19:40:24 ----ASH---- C:\Documents and Settings\BarziG\Application Data\desktop.ini
2008-08-24 19:39:28 ----D---- C:\WINDOWS\SoftwareDistribution
2008-08-24 19:39:27 ----SD---- C:\WINDOWS\system32\Microsoft
2008-08-24 19:39:27 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-08-24 19:37:09 ----D---- C:\WINDOWS\system32\xircom
2008-08-24 19:37:09 ----D---- C:\Program Files\xerox
2008-08-24 19:37:09 ----D---- C:\Program Files\microsoft frontpage
2008-08-24 19:36:58 ----A---- C:\WINDOWS\control.ini
2008-08-24 19:36:58 ----A---- C:\AUTOEXEC.BAT
2008-08-24 19:36:55 ----A---- C:\WINDOWS\system32\mapi32.dll
2008-08-24 19:36:55 ----A---- C:\WINDOWS\OEWABLog.txt
2008-08-24 19:36:31 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-08-24 19:36:31 ----RD---- C:\WINDOWS\Offline Web Pages
2008-08-24 19:36:31 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2008-08-24 19:36:28 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2008-08-24 19:36:26 ----D---- C:\Program Files\Online Services
2008-08-24 19:36:16 ----D---- C:\WINDOWS\system32\DirectX
2008-08-24 19:35:56 ----A---- C:\WINDOWS\system32\atrace.dll
2008-08-24 19:35:53 ----A---- C:\WINDOWS\system32\desktop.ini
2008-08-24 19:35:53 ----A---- C:\WINDOWS\desktop.ini
2008-08-24 19:35:46 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2008-08-24 19:35:44 ----D---- C:\Program Files\Common Files\Services
2008-08-24 19:35:44 ----A---- C:\WINDOWS\system32\acctres.dll
2008-08-24 19:35:42 ----SD---- C:\WINDOWS\Tasks
2008-08-24 19:35:42 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2008-08-24 19:35:41 ----D---- C:\Program Files\Common Files\MSSoap
2008-08-24 19:35:36 ----D---- C:\WINDOWS\srchasst
2008-08-24 19:35:35 ----D---- C:\WINDOWS\system32\Macromed
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wuauserv.dll
2008-08-24 19:35:33 ----A---- C:\WINDOWS\system32\wuaueng1.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wups.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuauclt1.exe
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\bitsprx3.dll
2008-08-24 19:35:32 ----A---- C:\WINDOWS\system32\bitsprx2.dll
2008-08-24 19:35:31 ----A---- C:\WINDOWS\system32\qmgr.dll
2008-08-24 19:35:27 ----D---- C:\Program Files\Movie Maker
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\safrslv.dll
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\safrdm.dll
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2008-08-24 19:35:23 ----A---- C:\WINDOWS\system32\racpldlg.dll
2008-08-24 19:35:19 ----D---- C:\WINDOWS\system32\Restore
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\srsvc.dll
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\srrstr.dll
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\srclient.dll
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\fltmc.exe
2008-08-24 19:35:19 ----A---- C:\WINDOWS\system32\fltlib.dll
2008-08-24 19:35:18 ----A---- C:\WINDOWS\system32\mnmdd.dll
2008-08-24 19:35:18 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2008-08-24 19:35:18 ----A---- C:\WINDOWS\system32\ils.dll
2008-08-24 19:35:17 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2008-08-24 19:35:17 ----A---- C:\WINDOWS\system32\msconf.dll
2008-08-24 19:35:17 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2008-08-24 19:35:15 ----D---- C:\Program Files\NetMeeting
2008-08-24 19:35:15 ----A---- C:\WINDOWS\system32\msoert2.dll
2008-08-24 19:35:15 ----A---- C:\WINDOWS\system32\msoeacct.dll
2008-08-24 19:35:14 ----A---- C:\WINDOWS\system32\inetres.dll
2008-08-24 19:35:13 ----A---- C:\WINDOWS\system32\inetcomm.dll
2008-08-24 19:35:11 ----D---- C:\Program Files\Outlook Express
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\schedsvc.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\mstinit.exe
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\mstask.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\isign32.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\icwphbk.dll
2008-08-24 19:35:11 ----A---- C:\WINDOWS\system32\icwdial.dll
2008-08-24 19:35:10 ----A---- C:\WINDOWS\system32\inetcfg.dll
2008-08-24 19:35:06 ----D---- C:\Program Files\Common Files\System
2008-08-24 19:35:05 ----D---- C:\Program Files\Internet Explorer
2008-08-24 19:34:55 ----A---- C:\WINDOWS\vbaddin.ini
2008-08-24 19:34:55 ----A---- C:\WINDOWS\vb.ini
2008-08-24 19:34:54 ----D---- C:\WINDOWS\Registration
2008-08-24 19:34:52 ----D---- C:\Program Files\Windows Media Player
2008-08-24 19:34:50 ----D---- C:\Program Files\Messenger
2008-08-24 19:34:47 ----D---- C:\Program Files\MSN Gaming Zone
2008-08-24 19:34:47 ----A---- C:\WINDOWS\system32\write.exe
2008-08-24 19:34:40 ----A---- C:\WINDOWS\system32\sndvol32.exe
2008-08-24 19:34:40 ----A---- C:\WINDOWS\system32\hticons.dll
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\winchat.exe
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\avwav.dll
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\avtapi.dll
2008-08-24 19:34:39 ----A---- C:\WINDOWS\system32\avmeter.dll
2008-08-24 19:34:33 ----A---- C:\WINDOWS\system32\getuname.dll
2008-08-24 19:34:33 ----A---- C:\WINDOWS\system32\charmap.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\winmine.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\sol.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\mshearts.exe
2008-08-24 19:34:32 ----A---- C:\WINDOWS\system32\calc.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tslabels.ini
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tskill.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\tscon.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\shadow.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\rwinsta.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\reset.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\regini.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\qwinsta.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\qappsrv.exe
2008-08-24 19:34:31 ----A---- C:\WINDOWS\system32\freecell.exe
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\msg.exe
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\logoff.exe
2008-08-24 19:34:30 ----A---- C:\WINDOWS\system32\cdmodem.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\stclient.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\mtxex.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\mtxdm.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\comsnap.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\comrepl.dll
2008-08-24 19:34:29 ----A---- C:\WINDOWS\system32\comaddin.dll
2008-08-24 19:34:24 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\sndrec32.exe
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\mplay32.exe
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\hypertrm.dll
2008-08-24 19:34:23 ----A---- C:\WINDOWS\system32\accwiz.exe
2008-08-24 19:34:22 ----D---- C:\Program Files\Windows NT
2008-08-24 19:34:22 ----A---- C:\WINDOWS\system32\spider.exe
2008-08-24 19:34:22 ----A---- C:\WINDOWS\system32\mspaint.exe
2008-08-24 19:34:22 ----A---- C:\WINDOWS\system32\clipbrd.exe
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\remotepg.dll
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\mstscax.dll
2008-08-24 19:34:21 ----A---- C:\WINDOWS\system32\mstsc.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\termsrv.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\sessmgr.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdshost.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdpclip.exe
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\rdchost.dll
2008-08-24 19:34:20 ----A---- C:\WINDOWS\system32\qprocess.exe
2008-08-24 19:34:19 ----D---- C:\WINDOWS\system32\MsDtc
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\mtxoci.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\msdtctm.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\icaapi.dll
2008-08-24 19:34:19 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2008-08-24 19:34:18 ----A---- C:\WINDOWS\system32\xolehlp.dll
2008-08-24 19:34:18 ----A---- C:\WINDOWS\system32\msdtclog.dll
2008-08-24 19:34:18 ----A---- C:\WINDOWS\system32\msdtc.exe
2008-08-24 19:34:17 ----D---- C:\WINDOWS\system32\Com
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\colbact.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\clbcatex.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\catsrvut.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\catsrvps.dll
2008-08-24 19:34:17 ----A---- C:\WINDOWS\system32\catsrv.dll
2008-08-24 19:34:16 ----A---- C:\WINDOWS\system32\comuid.dll
2008-08-24 19:34:16 ----A---- C:\WINDOWS\system32\comsvcs.dll
2008-08-24 19:34:16 ----A---- C:\WINDOWS\system32\clbcatq.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\servdeps.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\mmfutil.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\licwmi.dll
2008-08-24 19:34:10 ----A---- C:\WINDOWS\system32\cmprops.dll
2008-06-27 18:05:08 ----A---- C:\WINDOWS\system32\instwdm.ini
2008-06-27 18:05:06 ----A---- C:\WINDOWS\system32\ctzapxx.ini
2008-06-27 17:27:54 ----A---- C:\WINDOWS\system32\CTBurst.dll
2008-06-27 17:27:28 ----A---- C:\WINDOWS\system32\inres.dll
2008-06-27 17:27:26 ----A---- C:\WINDOWS\system32\ctdvinst.dll
2008-06-27 17:27:24 ----A---- C:\WINDOWS\system32\ctcoinst.dll
2008-06-27 17:26:00 ----A---- C:\WINDOWS\system32\a3d.dll
2008-06-27 17:25:32 ----A---- C:\WINDOWS\system32\ac3api.dll
2008-06-27 17:25:10 ----A---- C:\WINDOWS\system32\readreg.exe
2008-06-27 17:25:02 ----A---- C:\WINDOWS\system32\psconv.exe
2008-06-27 17:24:58 ----A---- C:\WINDOWS\system32\CtHelper.exe
2008-06-27 17:24:56 ----A---- C:\WINDOWS\system32\ctagent.dll
2008-06-27 17:24:54 ----A---- C:\WINDOWS\system32\ctspkhlp.dll
2008-06-27 17:24:52 ----A---- C:\WINDOWS\system32\CTpcmcia.dll
2008-06-27 17:24:46 ----A---- C:\WINDOWS\system32\ctmmep.dll
2008-06-27 17:24:38 ----A---- C:\WINDOWS\system32\ctthxcal.dll
2008-06-27 17:24:38 ----A---- C:\WINDOWS\system32\ctpres.dll
2008-06-27 17:24:36 ----A---- C:\WINDOWS\system32\ctscal.dll
2008-06-27 17:24:32 ----A---- C:\WINDOWS\system32\ctdcifce.dll
2008-06-27 17:24:30 ----A---- C:\WINDOWS\system32\ctdc0001.dll
2008-06-27 17:24:24 ----A---- C:\WINDOWS\system32\ctdc0000.dll
2008-06-27 17:24:22 ----A---- C:\WINDOWS\system32\ctdcres.dll
2008-06-27 17:08:54 ----A---- C:\WINDOWS\system32\ctemupia.dll
2008-06-27 17:05:24 ----A---- C:\WINDOWS\system32\ct_oal.dll
2008-06-27 17:05:22 ----A---- C:\WINDOWS\system32\ctasio.dll
2008-06-27 17:05:20 ----A---- C:\WINDOWS\system32\ctdproxy.dll
2008-06-27 17:04:12 ----A---- C:\WINDOWS\system32\sfman32.dll
2008-06-27 17:04:12 ----A---- C:\WINDOWS\system32\ctosuser.dll
2008-06-27 17:04:08 ----A---- C:\WINDOWS\system32\sfms32.dll
2008-06-27 17:03:54 ----A---- C:\WINDOWS\system32\regplib.exe
2008-06-27 17:03:46 ----A---- C:\WINDOWS\system32\piaproxy.dll
2008-06-27 16:59:54 ----A---- C:\WINDOWS\system32\enlocstr.exe
2008-06-27 16:59:50 ----A---- C:\WINDOWS\system32\killapps.exe
2008-06-27 16:59:14 ----A---- C:\WINDOWS\system32\MIDIDEF.EXE
2008-06-27 16:59:12 ----A---- C:\WINDOWS\system32\devreg.dll
2008-06-06 11:59:16 ----A---- C:\WINDOWS\system32\APOIM32.exe

List of drivers

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgio.sys []
R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2008-06-27 75072]
R1 intelppm;Intel GV3-processorstuurprogramma; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40448]
R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2007-03-01 28352]
R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.4.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2008-08-24 21035]
R3 Arp1394;1394 ARP-clientprotocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 avgntflt;avgntflt; \??\C:\Program Files\Avira\AntiVir PersonalEdition Classic\avgntflt.sys []
R3 COMMONFX.SYS;COMMONFX.SYS; C:\WINDOWS\system32\System32\drivers\COMMONFX.SYS []
R3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2008-07-07 511000]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2008-07-07 532376]
R3 CTAUDFX.SYS;CTAUDFX.SYS; C:\WINDOWS\system32\System32\drivers\CTAUDFX.SYS []
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2008-07-07 14360]
R3 CTSBLFX.SYS;CTSBLFX.SYS; C:\WINDOWS\system32\System32\drivers\CTSBLFX.SYS []
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2008-07-07 157208]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2008-07-07 92696]
R3 ha10kx2k;Creative Hardware Abstract Layer Driver; C:\WINDOWS\system32\drivers\ha10kx2k.sys [2008-07-07 797720]
R3 hap16v2k;Creative P16V HAL Driver; C:\WINDOWS\system32\drivers\hap16v2k.sys [2008-07-07 162840]
R3 hidusb;Microsoft HID Class-stuurprogramma; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\mbamswissarmy.sys []
R3 mouhid;Stuurprogramma voor muis-HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-09-07 12288]
R3 NIC1394;1394-stuurprogramma; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-05-16 6557408]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2008-07-07 127512]
R3 RTLWUSB;Realtek RTL8187 Wireless 802.11g 54Mbps USB 2.0 Network Adapter; C:\WINDOWS\system32\DRIVERS\RTL8187.sys [2006-06-16 176128]
R3 SjyPkt;SjyPkt; \??\C:\WINDOWS\System32\Drivers\SjyPkt.sys []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
S3 aie1jdqq;aie1jdqq; C:\WINDOWS\system32\drivers\aie1jdqq.sys []
S3 COMMONFX;COMMONFX; C:\WINDOWS\system32\drivers\COMMONFX.SYS [2008-06-27 99352]
S3 CTAUDFX;CTAUDFX; C:\WINDOWS\system32\drivers\CTAUDFX.SYS [2008-06-27 555032]
S3 ctdv

Edited by barzi, 01 September 2008 - 07:26 AM.

[kahdah]

How are things now?
Anymore popups?

[barzi]

i have to wait like 15 minutes. I will post a reply over like 30 minutes(so please don't close this topic yet).

Thank you very much!

[kahdah]

I will not close it until all is good don't worry.

You can even wait a day or so and post here if all is well.

[barzi]

I think the alerts are gone. Thank you very much!
Do you know a program that deletes all the programs you have said to install?

[kahdah]

You can delete the Rsit icon off of your desktop.
Then also delete this folder >C:\Rsit
=========================
Cleanup:

Please download OT CLeanit from Here save it to your desktop.
Double click on OT Clean it to run it.
Then click on Clean up.
Restart your computer when prompted.
This will remove what tools we used.
===============
Use a Firewall:

Install and use a firewall with outbound protection
While the firewall built into Windows XP is adequate to protect you from incoming attacks, it will not be much help in alerting you to programs already on your PC attempting to connect to remote servers
I therefore strongly recommend that you install one of the following free firewalls: Sunbelt Free Firewall or Zonealarm
See Bleepingcomputer's excellent tutorial to help using and understanding a firewall here
Note: You should only have one firewall installed at a time. Having more than one antivirus program installed at once is likely to cause conflicts and may well decrease your overall protection as well as seriously impairing the performance of your PC.


=============================
Delete\uninstall anything else that we have used.

System Restore
Then I will need you to reset your System Restore points.
The link below shows how to create a clean restore point.
How to Turn On and Turn Off System Restore in Windows XP
http://support.micro...kb/310405/en-us

If you are using Vista then see this link > http://www.bleepingc...143.html#manual
=====================================
After that your log is clean.

The following is a list of tools and utilities that I like to suggest to people.
You do not have to have all or any of them they are only suggestions.
This list is full of great tools and utilities to help you understand how you got infected and how to keep from getting infected again.

Spybot Search & Destroy-Uber powerful tool which can search and annhilate nasties that make it onto your system. Now with an Immunize section that will help prevent future infections.

Spyware Blaster - Great prevention tool to keep nasties from installing on your system.

Spywareguard-Works as a Spyware "Shield" to protect your computer from getting malware in the first place.

Windows Updates - It is very important to make sure that both Internet Explorer and Windows are kept current with the latest critical security patches from Microsoft. To do this just start Internet Explorer and select Tools > Windows Update, and follow the online instructions from there.

Tony Klein article To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein.