Logfile of random's system information tool 1.04 (written by random/random)
Run by Mishu at 2008-12-13 20:05:03
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 60 GB (77%) free of 79 GB
Total RAM: 1982 MB (66% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 8:05:16 PM, on 12/13/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTDevSrv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ClamWin\bin\ClamTray.exe
C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\Mishu\Desktop\RSIT.exe
C:\Program Files\trend micro\Mishu.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.cbc.ca/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {26B454CA-084A-4F0A-BCB9-CA4CB63F1E9C} - (no file)
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {fd5beef0-6cef-458b-ab65-ba499e760e73} - C:\WINDOWS\system32\fupilito.dll (file missing)
O4 - HKLM\..\Run: [ClamWin] "C:\Program Files\ClamWin\bin\ClamTray.exe" --logon
O4 - HKLM\..\Run: [SpywareBot] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [CPMeb58d793] Rundll32.exe "c:\windows\system32\vufulowe.dll",a
O4 - HKLM\..\Run: [tibopomisa] Rundll32.exe "C:\WINDOWS\system32\lamisefi.dll",s
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\OFFICE~1\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\OFFICE~1\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\OFFICE~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.micros...b?1175003273562O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zon...nt.cab56907.cabO16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Typer%20Shark/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://fpdownload2.m...ash/swflash.cabO18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Office Enterprise 2007\Office12\GrooveSystemServices.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll c:\windows\system32\vufulowe.dll,C:\WINDOWS\system32\fetezeme.dll c:\windows\system32\woyadolu.dll c:\windows\system32\gukehere.dll
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vufulowe.dll
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vufulowe.dll
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Creative Centrale Media Server (CTUPnPSv) - Creative Technology Ltd - C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe
--
End of file - 5924 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\Microsoft_Hardware_Launch_IType_exe.job
C:\WINDOWS\tasks\RegCure Program Check.job
C:\WINDOWS\tasks\RegCure.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{26B454CA-084A-4F0A-BCB9-CA4CB63F1E9C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\PROGRA~1\SPYBOT~1\SDHelper.dll [2008-09-15 1562960]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{fd5beef0-6cef-458b-ab65-ba499e760e73}]
C:\WINDOWS\system32\fupilito.dll []
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ClamWin"=C:\Program Files\ClamWin\bin\ClamTray.exe [2008-11-09 86016]
"SpywareBot"=C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe [2005-10-26 159744]
"CPMeb58d793"=c:\windows\system32\vufulowe.dll [2008-12-13 91934]
"tibopomisa"=C:\WINDOWS\system32\lamisefi.dll []
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2008-11-07 21633320]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2008-09-16 1833296]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonSolutionMenu]
C:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe [2007-04-03 644696]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RemoteControl]
[]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^RAMIdle.lnk]
C:\Tweaks\CUSTOM~1\RAMIdle.exe [2001-09-27 160256]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^Documents and Settings^Mishu^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk]
C:\PROGRA~1\ERUNT\AUTOBACK.EXE [2005-10-20 38912]
C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup
AutorunsDisabled
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll c:\windows\system32\vufulowe.dll,C:\WINDOWS\system32\fetezeme.dll c:\windows\system32\woyadolu.dll c:\windows\system32\gukehere.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]
SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vufulowe.dll [2008-12-13 91934]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\SharedTaskScheduler]
STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\vufulowe.dll [2008-12-13 91934]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Office Enterprise 2007\Office12\GrooveShellExtensions.dll [2007-08-24 2212224]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\fetezeme.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\nm.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoInstrumentation"=1
"NoToolbarCustomize"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\WINDOWS\system32\sessmgr.exe"="C:\WINDOWS\system32\sessmgr.exe:*:Disabled:@xpsp2res.dll,-22019"
"C:\Program Files\Ovis\bin\OvisPdf-Office.exe"="C:\Program Files\Ovis\bin\OvisPdf-Office.exe:*:Disabled:OvisPdf-Office"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\id Software\Quake 4\Quake4Ded.exe"="C:\Program Files\id Software\Quake 4\Quake4Ded.exe:*:Disabled:Quake 4"
"C:\Program Files\Quake III Arena\quake3.exe"="C:\Program Files\Quake III Arena\quake3.exe:*:Disabled:quake3"
"C:\Program Files\Tremulous\tremulous.exe"="C:\Program Files\Tremulous\tremulous.exe:*:Disabled:tremulous"
"C:\Program Files\LimeWire\LimeWire.exe"="C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire"
"C:\WINDOWS\system32\rtcshare.exe"="C:\WINDOWS\system32\rtcshare.exe:*:Enabled:RTC App Sharing"
"C:\Program Files\NetMeeting\conf.exe"="C:\Program Files\NetMeeting\conf.exe:*:Enabled:Windows® NetMeeting®"
"C:\Program Files\Shaw Messenger\bin\SMC.exe"="C:\Program Files\Shaw Messenger\bin\SMC.exe:*:Enabled:Shaw Messenger"
"C:\Program Files\Shareaza.exe"="C:\Program Files\Shareaza.exe:*:Enabled:Shareaza"
"C:\WINDOWS\system32\mmc.exe"="C:\WINDOWS\system32\mmc.exe:*:Enabled:Microsoft Management Console"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Winamp Remote\bin\Orb.exe"="C:\Program Files\Winamp Remote\bin\Orb.exe:*:Enabled:Orb"
"C:\Program Files\Winamp Remote\bin\OrbTray.exe"="C:\Program Files\Winamp Remote\bin\OrbTray.exe:*:Enabled:OrbTray"
"C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe"="C:\Program Files\Winamp Remote\bin\OrbStreamerClient.exe:*:Enabled:Orb Stream Client"
"C:\Program Files\Real\RealPlayer\realplay.exe"="C:\Program Files\Real\RealPlayer\realplay.exe:*:Enabled:RealPlayer"
"C:\Office Enterprise 2007\Office12\OUTLOOK.EXE"="C:\Office Enterprise 2007\Office12\OUTLOOK.EXE:*:Enabled:Microsoft Office Outlook"
"C:\Office Enterprise 2007\Office12\GROOVE.EXE"="C:\Office Enterprise 2007\Office12\GROOVE.EXE:*:Enabled:Microsoft Office Groove"
"C:\Office Enterprise 2007\Office12\ONENOTE.EXE"="C:\Office Enterprise 2007\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
"C:\WINDOWS\system32\lsass.exe"="C:\WINDOWS\system32\lsass.exe:*:Enabled:lsass"
"C:\Program Files\Microsoft IntelliType Pro\itype.exe"="C:\Program Files\Microsoft IntelliType Pro\itype.exe:*:Enabled:itype"
"C:\WINDOWS\system32\winlogon.exe"="C:\WINDOWS\system32\winlogon.exe:*:Enabled:winlogon"
"C:\Program Files\ClamWin\bin\ClamTray.exe"="C:\Program Files\ClamWin\bin\ClamTray.exe:*:Enabled:ClamTray"
"C:\WINDOWS\explorer.exe"="C:\WINDOWS\explorer.exe:*:Enabled:Explorer"
"C:\WINDOWS\system32\services.exe"="C:\WINDOWS\system32\services.exe:*:Enabled:services"
"C:\WINDOWS\system32\rundll32.exe"="C:\WINDOWS\system32\rundll32.exe:*:Enabled:rundll32"
"C:\Program Files\Skype\Phone\Skype.exe"="C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger"
"C:\Program Files\Windows Live\Messenger\livecall.exe"="C:\Program Files\Windows Live\Messenger\livecall.exe:*:Enabled:Windows Live Messenger (Phone)"
======List of files/folders created in the last 3 months======
2008-12-13 20:03:46 ----D---- C:\WINDOWS\LastGood
2008-12-13 19:57:24 ----D---- C:\_OTMoveIt
2008-12-13 19:31:18 ----SH---- C:\WINDOWS\system32\oheroyod.ini
2008-12-13 08:06:53 ----A---- C:\WINDOWS\gmer.ini
2008-12-13 08:06:51 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-12-13 08:06:51 ----A---- C:\WINDOWS\gmer.exe
2008-12-13 08:06:51 ----A---- C:\WINDOWS\gmer.dll
2008-12-12 18:25:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-12-12 16:26:50 ----D---- C:\WINDOWS\ERDNT
2008-12-12 16:26:49 ----D---- C:\Documents and Settings\Mishu\Application Data\Sony Ericsson
2008-12-12 16:08:06 ----D---- C:\Program Files\ERUNT
2008-12-12 15:29:07 ----D---- C:\Documents and Settings\Mishu\Application Data\Malwarebytes
2008-12-12 15:29:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Malwarebytes
2008-12-12 15:28:59 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2008-12-12 12:22:05 ----D---- C:\My Downloads
2008-12-12 12:22:05 ----D---- C:\Documents and Settings\Mishu\Application Data\Shareaza
2008-12-12 12:09:08 ----D---- C:\Program Files\trend micro
2008-12-12 12:08:46 ----A---- C:\log.txt
2008-12-12 12:07:37 ----D---- C:\rsit
2008-12-12 08:55:24 ----D---- C:\Documents and Settings\Mishu\Application Data\skypePM
2008-12-10 23:35:00 ----D---- C:\Program Files\Spybot - Search & Destroy
2008-12-10 23:35:00 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2008-12-10 23:25:13 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Lavasoft
2008-12-08 08:17:30 ----D---- C:\WINDOWS\system32\Abdio
2008-12-08 07:56:27 ----D---- C:\Documents and Settings\Mishu\Application Data\.clamwin
2008-12-08 07:56:16 ----D---- C:\Program Files\ClamWin
2008-12-05 21:26:29 ----D---- C:\Program Files\PDF Editor 2
2008-12-05 21:26:29 ----A---- C:\WINDOWS\cadkasdeinst01e.exe
2008-12-05 14:35:41 ----D---- C:\Documents and Settings\Mishu\Application Data\Skype
2008-12-05 14:35:24 ----D---- C:\Program Files\Skype
2008-12-05 14:35:24 ----D---- C:\Program Files\Common Files\Skype
2008-12-05 14:35:15 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Skype
2008-12-05 14:29:26 ----D---- C:\Program Files\Microsoft SQL Server Compact Edition
2008-12-05 14:25:08 ----SHDC---- C:\Program Files\Common Files\WindowsLiveInstaller
2008-12-05 14:25:01 ----D---- C:\Program Files\Windows Live
2008-12-05 14:24:43 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\WLInstaller
2008-12-04 14:22:35 ----D---- C:\Program Files\Windows Desktop Search
2008-12-04 14:22:34 ----D---- C:\WINDOWS\system32\GroupPolicy
2008-12-04 12:02:01 ----HD---- C:\$AVG8.VAULT$
2008-12-03 20:59:34 ----A---- C:\WINDOWS\system32\msonpmon.dll
2008-12-03 20:55:13 ----D---- C:\Office Enterprise 2007
2008-12-03 20:24:26 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Help
2008-12-03 15:52:30 ----D---- C:\Program Files\Foxit PDF Creator
2008-12-03 15:31:42 ----N---- C:\WINDOWS\system32\avgrsstx.dll.install_backup
2008-12-03 15:31:29 ----D---- C:\Program Files\AVG
2008-12-03 15:31:29 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg8
2008-12-03 10:22:53 ----D---- C:\Program Files\Foxit Software
2008-12-03 09:31:12 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\pdf995
2008-12-03 09:31:12 ----A---- C:\WINDOWS\system32\pdfmona.dll
2008-12-03 09:31:12 ----A---- C:\WINDOWS\system32\pdf995mon.dll
2008-12-03 09:28:22 ----D---- C:\Documents and Settings\Mishu\Application Data\eXPert PDF Reader
2008-12-03 09:18:17 ----D---- C:\Documents and Settings\Mishu\Application Data\Foxit
2008-12-03 09:02:56 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft
2008-12-01 08:42:43 ----D---- C:\Documents and Settings\Mishu\Application Data\Creative
2008-12-01 08:38:25 ----N---- C:\WINDOWS\Ctregrun.exe
2008-12-01 08:35:24 ----N---- C:\WINDOWS\system32\msxml3a.dll
2008-12-01 08:33:32 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Creative
2008-12-01 08:33:08 ----HD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{C39CADE8-EC32-4A3E-ADF3-99FB5B7A317D}
2008-12-01 08:32:21 ----D---- C:\Program Files\Creative
2008-12-01 08:32:13 ----HD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\{90F3B5EB-A471-42F9-A905-991C2DB2312C}
2008-11-21 06:39:23 ----A---- C:\WINDOWS\system32\dzip32.dll
2008-11-21 06:39:23 ----A---- C:\WINDOWS\system32\dunzip32.dll
2008-11-21 06:39:11 ----D---- C:\Program Files\Windows Media Bonus Pack for Windows XP
2008-11-20 08:23:23 ----N---- C:\WINDOWS\system32\spmsg.dll
2008-11-20 08:09:56 ----D---- C:\Documents and Settings\Mishu\Application Data\Real
2008-11-12 07:57:55 ----D---- C:\Dhamma Talks
2008-11-03 20:42:51 ----A---- C:\WINDOWS\system32\MFCANS32.DLL
2008-11-03 20:42:44 ----A---- C:\WINDOWS\WFXDEL.BAT
2008-09-30 16:43:34 ----A---- C:\WINDOWS\system32\msxml4.dll
======List of files/folders modified in the last 3 months======
2008-12-13 20:04:52 ----HD---- C:\WINDOWS\inf
2008-12-13 20:04:52 ----D---- C:\WINDOWS\system32\CatRoot
2008-12-13 20:04:52 ----D---- C:\WINDOWS
2008-12-13 20:04:51 ----D---- C:\WINDOWS\system32
2008-12-13 20:04:08 ----D---- C:\WINDOWS\Prefetch
2008-12-13 20:04:04 ----D---- C:\WINDOWS\system32\drivers
2008-12-13 20:03:42 ----D---- C:\WINDOWS\system32\CatRoot2
2008-12-13 20:01:23 ----D---- C:\Program Files\Mozilla Firefox
2008-12-13 20:00:50 ----D---- C:\WINDOWS\Temp
2008-12-13 19:59:15 ----D---- C:\WINDOWS\Debug
2008-12-13 19:57:24 ----SD---- C:\WINDOWS\Tasks
2008-12-13 19:31:16 ----ASH---- C:\WINDOWS\system32\vufulowe.dll
2008-12-13 19:31:15 ----ASH---- C:\WINDOWS\system32\doyoreho.dll
2008-12-13 08:04:31 ----D---- C:\All Downloads
2008-12-13 07:56:08 ----RD---- C:\Program Files
2008-12-13 06:45:46 ----D---- C:\WINDOWS\network diagnostic
2008-12-12 16:28:21 ----D---- C:\WINDOWS\pss
2008-12-12 12:02:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2008-12-12 08:32:36 ----A---- C:\WINDOWS\WININIT.INI
2008-12-12 08:25:16 ----D---- C:\Documents and Settings
2008-12-11 14:52:02 ----D---- C:\temp
2008-12-10 23:33:42 ----SHD---- C:\WINDOWS\Installer
2008-12-10 23:33:41 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2008-12-10 23:33:41 ----D---- C:\Config.Msi
2008-12-10 22:51:19 ----D---- C:\Program Files\CCleaner
2008-12-10 22:48:27 ----D---- C:\WINDOWS\tracing
2008-12-08 11:00:06 ----D---- C:\All My Stuff
2008-12-08 08:37:29 ----SD---- C:\Documents and Settings\Mishu\Application Data\Microsoft
2008-12-06 17:29:22 ----D---- C:\WINDOWS\ie7updates
2008-12-06 17:22:50 ----HD---- C:\WINDOWS\$hf_mig$
2008-12-06 17:22:25 ----RSHDC---- C:\WINDOWS\system32\dllcache
2008-12-06 17:22:19 ----D---- C:\Program Files\Internet Explorer
2008-12-06 17:21:15 ----D---- C:\WINDOWS\system32\wbem
2008-12-06 17:21:15 ----D---- C:\WINDOWS\system32\en-US
2008-12-06 17:20:36 ----D---- C:\WINDOWS\WinSxS
2008-12-06 17:20:35 ----D---- C:\Program Files\Common Files
2008-12-05 18:15:33 ----SD---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2008-12-05 14:32:32 ----D---- C:\Images
2008-12-05 14:30:22 ----D---- C:\WINDOWS\system32\DirectX
2008-12-05 14:28:51 ----D---- C:\Program Files\MSN Messenger
2008-12-05 14:27:54 ----DC---- C:\WINDOWS\system32\DRVSTORE
2008-12-04 14:51:37 ----HD---- C:\Program Files\InstallShield Installation Information
2008-12-04 14:32:12 ----A---- C:\WINDOWS\win.ini
2008-12-04 14:23:02 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-12-04 14:13:19 ----HD---- C:\WINDOWS\ShellNew
2008-12-04 14:06:24 ----D---- C:\Program Files\MSBuild
2008-12-04 14:05:19 ----RSD---- C:\WINDOWS\Fonts
2008-12-04 14:04:14 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-12-04 14:04:13 ----D---- C:\Program Files\Microsoft Office
2008-12-04 14:03:43 ----D---- C:\Program Files\Microsoft Works
2008-12-04 14:03:40 ----D---- C:\WINDOWS\Help
2008-12-04 13:52:15 ----D---- C:\WINDOWS\Media
2008-12-03 21:49:15 ----D---- C:\Program Files\Common Files\Designer
2008-12-03 20:59:15 ----D---- C:\WINDOWS\system32\config
2008-12-03 15:03:58 ----D---- C:\Program Files\Common Files\Logitech
2008-12-03 15:02:23 ----D---- C:\Program Files\Common Files\Logishrd
2008-12-03 09:36:33 ----D---- C:\Program Files\Windows Media Player
2008-12-03 09:14:27 ----D---- C:\Program Files\Adobe
2008-11-24 08:12:26 ----A---- C:\WINDOWS\NeroDigital.ini
2008-11-16 08:05:37 ----D---- C:\Program Files\Mozilla Thunderbird
2008-11-16 07:54:40 ----D---- C:\Program Files\lg_fwupdate
2008-11-16 07:54:35 ----A---- C:\WINDOWS\lgfwup.ini
2008-11-16 07:48:54 ----D---- C:\Documents and Settings\Mishu\Application Data\InterTrust
2008-11-15 17:46:41 ----D---- C:\Program Files\Common Files\Symantec Shared
2008-11-15 17:45:17 ----D---- C:\Program Files\Common Files\Real
2008-11-11 09:57:25 ----A---- C:\WINDOWS\SYSTEM.INI
2008-11-02 13:19:11 ----D---- C:\Program Files\Setup Files
2008-11-01 09:53:40 ----D---- C:\Program Files\Microsoft Windows Vista Upgrade Advisor
2008-11-01 09:53:40 ----D---- C:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft Corporation
2008-11-01 09:50:49 ----D---- C:\Program Files\Google
2008-11-01 09:44:41 ----D---- C:\Program Files\Logitech
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuweb.dll
2008-10-16 14:13:40 ----A---- C:\WINDOWS\system32\wuaueng.dll
2008-10-16 14:12:22 ----A---- C:\WINDOWS\system32\wucltui.dll
2008-10-16 14:12:20 ----A---- C:\WINDOWS\system32\wuapi.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wups2.dll
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\wuauclt.exe
2008-10-16 14:09:44 ----A---- C:\WINDOWS\system32\cdm.dll
2008-10-16 14:09:40 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2008-10-16 14:08:58 ----A---- C:\WINDOWS\system32\wups.dll
2008-10-16 14:07:44 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2008-10-16 14:07:14 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-16 14:06:48 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-15 08:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 AmdK8;AMD Processor Driver; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-08 36352]
R1 InCDPass;InCDPass; C:\WINDOWS\System32\DRIVERS\InCDPass.sys [2005-07-08 29696]
R1 incdrm;InCD Reader; C:\WINDOWS\system32\drivers\incdrm.sys [2006-03-13 28672]
R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-13 14592]
R1 SCDEmu;SCDEmu; C:\WINDOWS\system32\drivers\SCDEmu.sys [2006-06-05 30556]
R3 FETNDISB;VIA Rhine Family Fast Ethernet Adapter Driver Service; C:\WINDOWS\system32\DRIVERS\fetnd5b.sys [2004-04-14 42496]
R3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2006-11-15 4225920]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 S3G700;S3G700; C:\WINDOWS\system32\DRIVERS\S3G700m.sys [2005-12-13 794624]
R3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R4 InCDfs;InCD File System; C:\WINDOWS\system32\drivers\InCDfs.sys [2005-07-08 99584]
S2 LBeepKE;LBeepKE; C:\WINDOWS\System32\Drivers\LBeepKE.sys []
S3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; C:\WINDOWS\system32\DRIVERS\fetnd5.sys [2001-08-17 27165]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-12-13 85969]
S3 GMSIPCI;GMSIPCI; \??\D:\INSTALL\GMSIPCI.SYS []
S3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2008-02-29 20240]
S3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2008-02-29 63120]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2008-02-29 35344]
S3 LHidKe;Logitech SetPoint HID Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidKE.Sys [2006-05-10 27264]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2008-02-29 36880]
S3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2008-02-29 79120]
S3 MSICPL;MSICPL; \??\C:\Documents and Settings\Mishu\install4\MSICPL.sys []
S3 nm;Network Monitor Driver; C:\WINDOWS\system32\DRIVERS\NMnt.sys [2008-04-13 40320]
S3 NTACCESS;NTACCESS; \??\D:\NTACCESS.sys []
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 w300bus;Sony Ericsson W300 Driver driver (WDM); C:\WINDOWS\system32\DRIVERS\w300bus.sys [2006-03-13 60800]
S3 w300mdfl;Sony Ericsson W300 USB WMC Modem Filter; C:\WINDOWS\system32\DRIVERS\w300mdfl.sys [2006-03-13 9264]
S3 w300mdm;Sony Ericsson W300 USB WMC Modem Driver; C:\WINDOWS\system32\DRIVERS\w300mdm.sys [2006-03-13 96352]
S3 w300mgmt;Sony Ericsson W300 USB WMC Device Management Drivers (WDM); C:\WINDOWS\system32\DRIVERS\w300mgmt.sys [2006-03-13 87824]
S3 w300obex;Sony Ericsson W300 USB WMC OBEX Interface; C:\WINDOWS\system32\DRIVERS\w300obex.sys [2006-03-13 85696]
S3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-01 61440]
R2 InCDsrv;InCD Helper; C:\Program Files\Ahead\InCD\InCDsrv.exe [2005-07-08 871424]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe [2003-06-19 322120]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-13 14336]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768]
S3 CTUPnPSv;Creative Centrale Media Server; C:\Program Files\Creative\Creative Centrale\CTUPnPSv.exe [2008-05-21 64000]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Office Enterprise 2007\Office12\GrooveAuditService.exe [2007-08-24 68464]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2007-08-24 443776]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
-----------------EOF-----------------