Logfile of random's system information tool 1.05 (written by random/random)
Run by Administrator at 2009-01-30 22:14:59
Microsoft Windows XP Professional Service Pack 3
System drive C: has 43 GB (71%) free of 61 GB
Total RAM: 3071 MB (78% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:15:02, on 30/01/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Checkpoint\ZAForceField\IswSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\PDF Complete\pdfsvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\CTXFIHLP.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\SYSTEM32\CTXFISPI.EXE
E:\Program Files\APC\APC PowerChute Personal Edition\apcsystray.exe
E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
E:\PROGRA~1\ZONELA~1\ZONEAL~1\MAILFR~1\mantispm.exe
C:\Program Files\Checkpoint\ZAForceField\forcefield.exe
C:\Program Files\Checkpoint\ZAForceField\ISWMGR.exe
C:\Program Files\Checkpoint\ZAForceField\ISWMGR.exe
E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Checkpoint\ZAForceField\ISWMGR.exe
C:\Program Files\Checkpoint\ZAForceField\ISWMGR.exe
E:\Program Files\Firefox\firefox.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Utility\New Folder\RSIT.exe
C:\Program Files\trend micro\Administrator.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=81&bd=smb&pf=workstation
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_gb&c=81&bd=smb&pf=workstation
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: ForceField Toolbar Registrar - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\Checkpoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: ForceField Toolbar - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\Checkpoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [VolPanel] "C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe" /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [ZoneAlarm Client] "E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: APC UPS Status.lnk = ?
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O20 - Winlogon Notify: !SASWinLogon - E:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: APC UPS Service - American Power Conversion Corporation - E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Dolby Digital Live Pack Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: ForceField IswSvc (IswSvc) - Check Point Software Technologies - C:\Program Files\Checkpoint\ZAForceField\IswSvc.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files\PDF Complete\pdfsvc.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies LTD - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

--
End of file - 7784 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre6\bin\ssv.dll [2009-01-28 320920]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3}]
ForceField Toolbar Registrar - C:\Program Files\Checkpoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2009-01-15 451976]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-01-28 34816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-01-28 73728]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - ForceField Toolbar - C:\Program Files\Checkpoint\ZAForceField\TrustChecker\bin\TrustCheckerIEPlugin.dll [2009-01-15 451976]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"nwiz"=nwiz.exe /install []
"NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2008-12-26 13680640]
"VolPanel"=C:\Program Files\Creative\Sound Blaster X-Fi\Volume Panel\VolPanlu.exe [2008-05-06 221300]
"UpdReg"=C:\WINDOWS\UpdReg.EXE [2000-05-11 90112]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-01-28 136600]
"Syslog"= []
"ZoneAlarm Client"=E:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe [2009-01-16 985480]
"CTxfiHlp"=C:\WINDOWS\system32\CTXFIHLP.EXE [2008-08-06 23040]
"NvMediaCenter"=C:\WINDOWS\system32\NvMcTray.dll [2008-12-26 86016]
"Kernel and Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-01-23 101136]
"Logitech Hardware Abstraction Layer"=C:\WINDOWS\KHALMNPR.EXE [2007-01-23 101136]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2007-07-12 178712]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"SUPERAntiSpyware"=E:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-01-15 1830128]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
APC UPS Status.lnk - E:\Program Files\APC\APC PowerChute Personal Edition\Display.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
E:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2008-09-05 241704]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=E:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"authentication packages"=msv1_0
relog_ap

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\vsmon]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WdfLoadGroup]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"E:\Program Files\ITunes\iTunes.exe"="E:\Program Files\ITunes\iTunes.exe:*:Enabled:iTunes"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-01-30 22:13:21 ----D---- C:\Program Files\trend micro
2009-01-30 22:13:20 ----D---- C:\rsit
2009-01-30 22:02:26 ----A---- C:\egd.txt
2009-01-30 22:02:25 ----D---- C:\WINDOWS\system32\bfubackups
2009-01-30 21:59:46 ----D---- C:\Utility
2009-01-30 21:30:26 ----D---- C:\WINDOWS\ERUNT
2009-01-30 21:29:08 ----A---- C:\WINDOWS\ntbtlog.txt
2009-01-30 21:15:24 ----D---- C:\SDFix
2009-01-30 14:33:20 ----D---- C:\Documents and Settings\Administrator\Application Data\BACS.exe
2009-01-29 10:18:12 ----A---- C:\WINDOWS\system32\qtintf.dll
2009-01-29 09:09:24 ----D---- C:\WINDOWS\system32\ENU
2009-01-29 09:09:24 ----A---- C:\WINDOWS\system32\Imsmudlg.exe
2009-01-29 09:09:00 ----D---- C:\Documents and Settings\Administrator\Application Data\InstallShield
2009-01-28 22:34:45 ----D---- C:\Documents and Settings\Administrator\Application Data\Logitech
2009-01-28 22:31:57 ----HDC---- C:\WINDOWS\$NtUninstallWdf01005$
2009-01-28 22:31:37 ----A---- C:\WINDOWS\KHALMNPR.Exe
2009-01-28 22:31:36 ----A---- C:\WINDOWS\system32\WdfCoInstaller01005.dll
2009-01-28 22:31:33 ----A---- C:\WINDOWS\system32\KemXML.dll
2009-01-28 22:31:33 ----A---- C:\WINDOWS\system32\KemWnd.dll
2009-01-28 22:31:33 ----A---- C:\WINDOWS\system32\KemUtil.dll
2009-01-28 22:31:33 ----A---- C:\WINDOWS\system32\kemutb.dll
2009-01-28 22:31:27 ----D---- C:\Documents and Settings\All Users\Application Data\Logitech
2009-01-28 22:31:25 ----D---- C:\Program Files\Logitech
2009-01-28 22:31:24 ----D---- C:\Program Files\Common Files\Logitech
2009-01-28 20:52:42 ----D---- C:\Documents and Settings\All Users\Application Data\PC Drivers Headquarters
2009-01-28 16:53:54 ----A---- C:\WINDOWS\system32\AppSetup.exe
2009-01-28 11:34:38 ----A---- C:\WINDOWS\system32\deploytk.dll
2009-01-28 09:03:54 ----D---- C:\Program Files\iPod
2009-01-28 09:03:53 ----D---- C:\Documents and Settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2009-01-28 09:03:21 ----D---- C:\Program Files\Bonjour
2009-01-28 09:02:57 ----D---- C:\Program Files\QuickTime
2009-01-27 14:22:25 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
2009-01-27 14:22:19 ----D---- C:\Documents and Settings\Administrator\Application Data\SUPERAntiSpyware.com
2009-01-27 14:20:34 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-01-26 16:36:42 ----D---- C:\Program Files\NOS
2009-01-26 16:36:42 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2009-01-26 13:48:07 ----D---- C:\Program Files\Adobe
2009-01-26 13:48:01 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-01-25 21:30:31 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$
2009-01-25 21:30:25 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2009-01-24 09:56:39 ----D---- C:\WINDOWS\Sun
2009-01-22 17:33:42 ----D---- C:\Documents and Settings\Administrator\Application Data\Macromedia
2009-01-22 17:30:53 ----D---- C:\Documents and Settings\Administrator\Application Data\MailFrontier
2009-01-22 17:25:23 ----A---- C:\XES7.tmp
2009-01-21 21:22:52 ----D---- C:\Documents and Settings\Administrator\Application Data\Leadertech
2009-01-21 17:11:55 ----D---- C:\Documents and Settings\All Users\Application Data\WinZip
2009-01-21 13:20:45 ----A---- C:\WINDOWS\system32\ptpusd.dll
2009-01-21 13:20:45 ----A---- C:\WINDOWS\system32\ptpusb.dll
2009-01-21 10:50:40 ----D---- C:\Documents and Settings\All Users\Application Data\NVIDIA
2009-01-16 14:35:36 ----A---- C:\WINDOWS\system32\CSVer.dll
2009-01-16 14:35:04 ----D---- C:\Intel
2009-01-05 13:16:31 ----D---- C:\WINDOWS\system32\appmgmt
2009-01-04 16:05:49 ----D---- C:\Program Files\SonicWallES
2009-01-04 15:59:48 ----A---- C:\WINDOWS\ODBC.INI
2009-01-04 15:59:45 ----A---- C:\WINDOWS\system32\mdimon.dll
2009-01-04 15:23:25 ----D---- C:\Documents and Settings\Administrator\Application Data\Talkback
2009-01-04 15:23:13 ----D---- C:\Documents and Settings\Administrator\Application Data\Thunderbird
2009-01-04 13:57:07 ----D---- C:\WINDOWS\system32\XPSViewer
2009-01-04 13:57:06 ----D---- C:\Program Files\MSBuild
2009-01-04 13:57:02 ----D---- C:\Program Files\Reference Assemblies
2009-01-04 13:56:46 ----N---- C:\WINDOWS\system32\xpsshhdr.dll
2009-01-04 13:56:46 ----N---- C:\WINDOWS\system32\prntvpt.dll
2009-01-04 13:56:45 ----N---- C:\WINDOWS\system32\xpssvcs.dll
2009-01-04 13:56:38 ----D---- C:\WINDOWS\SxsCaPendDel
2009-01-04 13:36:13 ----HD---- C:\WINDOWS\system32\GroupPolicy
2009-01-04 12:59:07 ----D---- C:\Documents and Settings\Administrator\Application Data\TravelerSafe+
2009-01-02 18:47:51 ----D---- C:\Documents and Settings\Administrator\Application Data\OpenOffice.org
2009-01-02 18:43:39 ----A---- C:\WINDOWS\system32\javaws.exe
2009-01-02 18:43:39 ----A---- C:\WINDOWS\system32\javaw.exe
2009-01-02 18:43:39 ----A---- C:\WINDOWS\system32\java.exe
2009-01-02 18:43:15 ----D---- C:\Documents and Settings\Administrator\Application Data\Sun
2009-01-02 15:46:41 ----D---- C:\Documents and Settings\Administrator\Application Data\CopyTrans
2009-01-02 15:45:15 ----D---- C:\Documents and Settings\Administrator\Application Data\CopyTransControlCenter
2009-01-02 14:12:02 ----A---- C:\rollback.ini
2009-01-02 12:53:56 ----A---- C:\WINDOWS\system32\stci.dll
2009-01-02 12:40:54 ----D---- C:\Program Files\Common Files\Acronis
2009-01-02 12:37:50 ----D---- C:\Documents and Settings\Administrator\Application Data\Adobe
2009-01-02 12:37:46 ----D---- C:\Program Files\Common Files\Adobe
2009-01-02 12:37:46 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2009-01-02 12:33:42 ----D---- C:\Documents and Settings\Administrator\Application Data\Mozilla
2009-01-02 12:30:22 ----D---- C:\Documents and Settings\Administrator\Application Data\Apple Computer
2009-01-02 12:29:57 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer
2009-01-02 12:29:49 ----D---- C:\Program Files\Apple Software Update
2009-01-02 12:29:46 ----DC---- C:\WINDOWS\system32\DRVSTORE
2009-01-02 12:29:39 ----D---- C:\Program Files\Common Files\Apple
2009-01-02 12:29:39 ----D---- C:\Documents and Settings\All Users\Application Data\Apple
2009-01-02 12:22:51 ----D---- C:\Documents and Settings\Administrator\Application Data\#ISW.FS#
2009-01-02 12:22:45 ----D---- C:\Documents and Settings\Administrator\Application Data\CheckPoint
2009-01-02 12:19:14 ----D---- C:\Program Files\Checkpoint
2009-01-02 12:19:12 ----A---- C:\WINDOWS\zllsputility.exe
2009-01-02 12:19:09 ----A---- C:\WINDOWS\system32\vsregexp.dll
2009-01-02 12:19:08 ----A---- C:\WINDOWS\system32\zlcommdb.dll
2009-01-02 12:19:08 ----A---- C:\WINDOWS\system32\zlcomm.dll
2009-01-02 12:19:07 ----A---- C:\WINDOWS\system32\zpeng25.dll
2009-01-02 12:19:07 ----A---- C:\WINDOWS\system32\vsxml.dll
2009-01-02 12:19:07 ----A---- C:\WINDOWS\system32\vswmi.dll
2009-01-02 12:19:06 ----D---- C:\WINDOWS\system32\ZoneLabs
2009-01-02 12:19:06 ----A---- C:\WINDOWS\system32\vspubapi.dll
2009-01-02 12:19:06 ----A---- C:\WINDOWS\system32\vsmonapi.dll
2009-01-02 12:16:57 ----A---- C:\WINDOWS\system32\vsutil.dll
2009-01-02 12:16:57 ----A---- C:\WINDOWS\system32\vsinit.dll
2009-01-02 12:16:57 ----A---- C:\WINDOWS\system32\vsdata.dll
2009-01-02 12:16:56 ----D---- C:\WINDOWS\Internet Logs
2009-01-02 12:15:00 ----D---- C:\WINDOWS\Minidump

======List of files/folders modified in the last 1 months======

2009-01-30 22:13:21 ----RD---- C:\Program Files
2009-01-30 22:02:25 ----D---- C:\WINDOWS\system32
2009-01-30 22:02:06 ----D---- C:\WINDOWS\Temp
2009-01-30 21:44:28 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2009-01-30 21:38:59 ----D---- C:\WINDOWS\system32\CatRoot2
2009-01-30 21:30:55 ----RSHD---- C:\WINDOWS\system32\dllcache
2009-01-30 21:30:26 ----D---- C:\WINDOWS
2009-01-30 21:27:26 ----A---- C:\WINDOWS\SchedLgU.Txt
2009-01-30 17:47:09 ----D---- C:\WINDOWS\Prefetch
2009-01-30 15:47:18 ----D---- C:\WINDOWS\security
2009-01-30 15:15:29 ----D---- C:\WINDOWS\system32\drivers
2009-01-30 14:34:06 ----SHD---- C:\WINDOWS\Installer
2009-01-30 14:34:00 ----D---- C:\WINDOWS\Downloaded Installations
2009-01-30 14:34:00 ----D---- C:\Program Files\Broadcom
2009-01-30 14:33:58 ----RSD---- C:\WINDOWS\assembly
2009-01-30 14:33:56 ----HD---- C:\WINDOWS\inf
2009-01-30 14:25:18 ----D---- C:\SWSetup
2009-01-30 13:24:14 ----D---- C:\WINDOWS\system32\CatRoot
2009-01-30 11:55:55 ----D---- C:\WINDOWS\system32\ReinstallBackups
2009-01-29 10:18:05 ----HD---- C:\Program Files\InstallShield Installation Information
2009-01-29 09:09:23 ----D---- C:\Program Files\Intel
2009-01-29 09:07:52 ----D---- C:\WINDOWS\system32\config
2009-01-28 22:34:11 ----D---- C:\WINDOWS\WinSxS
2009-01-28 22:31:24 ----SD---- C:\Documents and Settings\Administrator\Application Data\Microsoft
2009-01-28 22:31:24 ----D---- C:\Program Files\Common Files
2009-01-28 21:20:44 ----D---- C:\WINDOWS\nview
2009-01-28 21:20:44 ----D---- C:\WINDOWS\Help
2009-01-28 16:54:20 ----A---- C:\WINDOWS\system32\wrap_oal.dll
2009-01-28 16:54:20 ----A---- C:\WINDOWS\system32\OpenAL32.dll
2009-01-28 16:54:14 ----D---- C:\WINDOWS\system32\Data
2009-01-28 11:34:29 ----D---- C:\Program Files\Java
2009-01-28 08:57:24 ----D---- C:\WINDOWS\system32\Macromed
2009-01-27 23:40:03 ----SD---- C:\WINDOWS\Downloaded Program Files
2009-01-27 14:48:12 ----D---- C:\WINDOWS\repair
2009-01-27 14:18:02 ----D---- C:\WINDOWS\Debug
2009-01-25 21:30:31 ----HD---- C:\WINDOWS\$hf_mig$
2009-01-21 12:42:16 ----D---- C:\Documents and Settings\All Users\Application Data\Creative
2009-01-10 01:35:28 ----A---- C:\WINDOWS\system32\MRT.exe
2009-01-05 13:16:24 ----D---- C:\Program Files\Common Files\Microsoft Shared
2009-01-05 13:16:23 ----D---- C:\Program Files\Common Files\System
2009-01-05 13:16:14 ----RSD---- C:\WINDOWS\Fonts
2009-01-05 13:16:13 ----A---- C:\WINDOWS\win.ini
2009-01-04 16:00:43 ----D---- C:\WINDOWS\system32\wbem
2009-01-04 15:59:11 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2009-01-04 15:57:18 ----D---- C:\WINDOWS\system
2009-01-04 14:36:42 ----D---- C:\WINDOWS\Microsoft.NET
2009-01-04 13:57:06 ----D---- C:\WINDOWS\system32\en-us
2009-01-04 13:56:54 ----D---- C:\WINDOWS\system32\spool
2009-01-04 13:53:58 ----D---- C:\Program Files\Internet Explorer
2009-01-02 14:25:30 ----SD---- C:\WINDOWS\Tasks
2009-01-02 12:53:31 ----D---- C:\Program Files\Common Files\InstallShield

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352]
R1 KLIF;KLIF; C:\WINDOWS\system32\DRIVERS\klif.sys [2008-12-11 148496]
R1 SASDIFSV;SASDIFSV; \??\E:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\E:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 vsdatant;vsdatant; C:\WINDOWS\System32\vsdatant.sys [2009-01-16 353160]
R1 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\WINDOWS\system32\DRIVERS\wmiacpi.sys [2008-04-14 8832]
R2 ISWKL;ForceField ISWKL; \??\C:\Program Files\Checkpoint\ZAForceField\ISWKL.sys []
R2 tifsfilter;Acronis True Image FS Filter; C:\WINDOWS\system32\DRIVERS\tifsfilt.sys [2009-01-02 32768]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-14 60800]
R3 b57w2k;Broadcom NetXtreme Gigabit Ethernet; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2007-09-17 161792]
R3 catchme;catchme; \??\C:\DOCUME~1\ADMINI~1\LOCALS~1\Temp\catchme.sys []
R3 CT20XUT.SYS;CT20XUT.SYS; C:\WINDOWS\System32\drivers\CT20XUT.SYS [2008-08-06 198168]
R3 ctaud2k;Creative Audio Driver (WDM); C:\WINDOWS\system32\drivers\ctaud2k.sys [2008-08-06 534808]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS; C:\WINDOWS\System32\drivers\CTEXFIFX.SYS [2008-08-06 1353240]
R3 CTHWIUT.SYS;CTHWIUT.SYS; C:\WINDOWS\System32\drivers\CTHWIUT.SYS [2008-08-06 73752]
R3 ctprxy2k;Creative Proxy Driver; C:\WINDOWS\system32\drivers\ctprxy2k.sys [2008-08-06 14360]
R3 ctsfm2k;Creative SoundFont Management Device Driver; C:\WINDOWS\system32\drivers\ctsfm2k.sys [2008-08-06 159256]
R3 emupia;E-mu Plug-in Architecture Driver; C:\WINDOWS\system32\drivers\emupia2k.sys [2008-08-06 95768]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\System32\Drivers\GEARAspiWDM.sys [2008-04-17 15464]
R3 ha20x22k;Creative 20X2 HAL Driver; C:\WINDOWS\system32\drivers\ha20x22k.sys [2008-08-06 1221144]
R3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 icsak;icsak; \??\C:\Program Files\Checkpoint\ZAForceField\AK\icsak.sys []
R3 L8042Kbd;Logitech SetPoint Keyboard Driver; C:\WINDOWS\system32\DRIVERS\L8042Kbd.sys [2007-01-23 20496]
R3 L8042mou;SetPoint PS/2 Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\L8042mou.Sys [2007-01-23 62992]
R3 LMouKE;SetPoint Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouKE.Sys [2007-01-23 78864]
R3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\WINDOWS\System32\Drivers\LUsbFilt.Sys [2007-01-23 28176]
R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-14 61824]
R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2008-12-26 6301344]
R3 ossrv;Creative OS Services Driver; C:\WINDOWS\system32\drivers\ctoss2k.sys [2008-08-06 129560]
R3 SASENUM;SASENUM; \??\E:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520]
R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608]
R3 Wdf01000;Wdf01000; C:\WINDOWS\system32\DRIVERS\Wdf01000.sys [2006-11-02 492000]
S1 P3;Intel PentiumIII Processor Driver; C:\WINDOWS\system32\DRIVERS\p3.sys [2008-04-14 42752]
S3 ac97intc;Intel(r) 82801 Audio Driver Install Service (WDM); C:\WINDOWS\system32\drivers\ac97intc.sys [2001-08-17 96256]
S3 alcan5wn;SpeedTouch USB ADSL PPP Networking Driver (NDISWAN); C:\WINDOWS\system32\DRIVERS\alcan5wn.sys [2003-12-08 53600]
S3 alcaudsl;SpeedTouch ADSL Modem ATM Transport; C:\WINDOWS\system32\DRIVERS\alcaudsl.sys [2003-12-08 70688]
S3 CT20XUT;CT20XUT; C:\WINDOWS\system32\drivers\CT20XUT.SYS [2008-08-06 198168]
S3 ctac32k;Creative AC3 Software Decoder; C:\WINDOWS\system32\drivers\ctac32k.sys [2008-08-06 511000]
S3 CTEXFIFX;CTEXFIFX; C:\WINDOWS\system32\drivers\CTEXFIFX.SYS [2008-08-06 1353240]
S3 CTHWIUT;CTHWIUT; C:\WINDOWS\system32\drivers\CTHWIUT.SYS [2008-08-06 73752]
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 ha20x2k;Creative 20X HAL Driver; C:\WINDOWS\system32\drivers\ha20x2k.sys [2008-08-06 1178136]
S3 HDAudBus;Microsoft UAA Bus Driver for High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-13 144384]
S3 HidBatt;HID UPS Battery Driver; C:\WINDOWS\system32\DRIVERS\HidBatt.sys [2008-04-14 20352]
S3 i81x;i81x; C:\WINDOWS\system32\DRIVERS\i81xnt5.sys [2004-08-04 161020]
S3 iAimFP0;iAimFP0; C:\WINDOWS\system32\DRIVERS\wADV01nt.sys [2004-08-04 12415]
S3 iAimFP1;iAimFP1; C:\WINDOWS\system32\DRIVERS\wADV02NT.sys [2004-08-04 12127]
S3 iAimFP2;iAimFP2; C:\WINDOWS\system32\DRIVERS\wADV05NT.sys [2004-08-04 11775]
S3 iAimFP3;iAimFP3; C:\WINDOWS\system32\DRIVERS\wSiINTxx.sys [2004-08-04 12063]
S3 iAimFP4;iAimFP4; C:\WINDOWS\system32\DRIVERS\wVchNTxx.sys [2004-08-04 19455]
S3 iAimFP5;iAimFP5; C:\WINDOWS\system32\DRIVERS\wADV07nt.sys [2004-08-04 11807]
S3 iAimFP6;iAimFP6; C:\WINDOWS\system32\DRIVERS\wADV08nt.sys [2004-08-04 11295]
S3 iAimFP7;iAimFP7; C:\WINDOWS\system32\DRIVERS\wADV09nt.sys [2004-08-04 11871]
S3 iAimTV0;iAimTV0; C:\WINDOWS\system32\DRIVERS\wATV01nt.sys [2004-08-04 29311]
S3 iAimTV1;iAimTV1; C:\WINDOWS\system32\DRIVERS\wATV02NT.sys [2004-08-04 19551]
S3 iAimTV3;iAimTV3; C:\WINDOWS\system32\DRIVERS\wATV04nt.sys [2004-08-04 33599]
S3 iAimTV4;iAimTV4; C:\WINDOWS\system32\DRIVERS\wCh7xxNT.sys [2004-08-04 23615]
S3 iAimTV5;iAimTV5; C:\WINDOWS\system32\DRIVERS\wATV10nt.sys [2004-08-04 25471]
S3 iAimTV6;iAimTV6; C:\WINDOWS\system32\DRIVERS\wATV06nt.sys [2004-08-04 22271]
S3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\WINDOWS\system32\DRIVERS\LHidFilt.Sys [2007-01-23 34576]
S3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\WINDOWS\system32\DRIVERS\LMouFilt.Sys [2007-01-23 33296]
S3 TVICHW32;TVICHW32; \??\C:\WINDOWS\system32\DRIVERS\TVICHW32.SYS []
S3 usbscan;USB Scanner Driver; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-14 15104]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]
S4 adpu320;adpu320; C:\WINDOWS\system32\DRIVERS\adpu320.sys [2002-05-09 105472]
S4 IntelIde;IntelIde; C:\WINDOWS\system32\DRIVERS\intelide.sys [2008-04-14 5504]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AcrSch2Svc;Acronis Scheduler2 Service; C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe [2007-02-16 411168]
R2 APC UPS Service;APC UPS Service; E:\Program Files\APC\APC PowerChute Personal Edition\mainserv.exe [2005-12-12 176193]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-11-07 132424]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
R2 Creative Service for CDROM Access;Creative Service for CDROM Access; C:\WINDOWS\system32\CTsvcCDA.exe [1999-12-12 44032]
R2 CTAudSvcService;Creative Audio Service; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [2008-04-30 425984]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2007-07-12 354840]
R2 IswSvc;ForceField IswSvc; C:\Program Files\Checkpoint\ZAForceField\IswSvc.exe [2009-01-15 390536]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-01-28 152984]
R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2008-12-26 163908]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files\PDF Complete\pdfsvc.exe [2008-04-25 576536]
R2 vsmon;TrueVector Internet Monitor; C:\WINDOWS\system32\ZoneLabs\vsmon.exe [2009-01-16 2401160]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2008-12-18 79360]
S3 Creative Dolby Digital Live Pack Licensing Service;Creative Dolby Digital Live Pack Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\DDLLicensing.exe [2008-12-18 79360]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 getPlus(R) Helper;getPlus(R) Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-01-26 33752]
S3 idsvc;Windows CardSpace; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-01-06 536872]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------