Adware, malware, spyware, hijacker discussion and information

[Gain Knowledge]  [Install Prevention]  [Maintain Security]  [Spyware Removal Help]


It is currently Wed Jun 19, 2013 12:43 pm

Board index » HiJackThis! Log Assessment-Spyware Help » Countermeasures: HijackThis! Spyware Help

All times are UTC - 7 hours


Forum rules


ATTN:!! Only users pre-approved by TeMerc may offer help and assistance in malware removal. Any and all unauthorized posts will be removed without notice. Please read this thread for proper HijackThis! installation.



Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 
  Print view Previous topic | Next topic 
Author Message
GotMalware
 Post subject: Please help with malware removal
PostPosted: Sun Jun 27, 2010 12:30 pm 
Offline

Joined: Sun Jun 27, 2010 12:06 pm
Posts: 3
If I am not doing this correctly, please let me know. I am trying to follow all instructions. My computer has been running slowly since I downloaded a torrent downloading program, but I wonder whether malware had already been there.

It is often running well into the 90 percentiles. IT is much worse when the torrent program is on. What is more, I downloaded another one, but still the same. So it doesnt seem to be about the particular program. And when the torrent program isn't running, the computer is still running at a higher level than I would expect (30, 40 percentiles) Here is the logfile from the scan:

Logfile of HijackThis v1.99.1
Scan saved at 12:01:36 PM, on 6/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE:

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\mdmcls32.exe
C:\WINDOWS\system32\svcprs32.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CAGlobal.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Light\CAGlobalLight.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Hijackthis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll
O2 - BHO: CA Toolbar Helper - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDIE.dll
O3 - Toolbar: CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDIE.dll
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\casc.exe"
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\winsflt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winsflt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winsflt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winsflt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winsflt.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\winsflt.dll
O11 - Options group: [INTERNATIONAL] International
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6453335437
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6464013796
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: callingid - {086D03BA-57AC-4C8E-A33D-0BAABF742411} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDToolbar.dll
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)
O20 - Winlogon Notify: PFW - C:\WINDOWS\SYSTEM32\UmxWnp.Dll
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
O23 - Service: CA Common Scheduler Service (ccSchedulerSVC) - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: WinSock Extention Manager (WinExtManager) - Unknown owner - C:\WINDOWS\system32\mdmcls32.exe
O23 - Service: WinSock Svchost Manager (WinSvchostManager) - Unknown owner - C:\WINDOWS\system32\svcprs32.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe



IP:
top
Top
 Profile Send private message  
 
TeMerc
 Post subject: Re: Please help with malware removal
PostPosted: Sun Jun 27, 2010 4:15 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15967
Location: PHX, AZ
Hello and welcome to TeMerc Internet Countermeasures.

I'm not seeing anything odd in HijackThis, let's collect some more information off the system.

Download RSIT from the link below and save it to your desktop.
http://images.malwareremoval.com/random/RSIT.exe
You may have to change the name, change it to winlogon.exe
Double click on the file to run it.
Click Continue at the disclaimer screen. Please allow the download of Trend Micro's HijackThis to collect additional information not included in the default RSIT output.
Once it has finished, two logs will open.

Please paste the contents of LOG.txt (<<will be maximized-displayed on desktop)

_________________
Image


IP:
top
Top
 Profile Send private message  
 
GotMalware
 Post subject: Re: Please help with malware removal
PostPosted: Sun Jun 27, 2010 7:19 pm 
Offline

Joined: Sun Jun 27, 2010 12:06 pm
Posts: 3
yeah, my computer seems to be performing better than I originally thought ... it seems that it is the torrent downloading software that really slows it down.

But I have re-installed windows and my computer is definitely performing slower than it was before the re-install. I'm wondering if it is because I have now downloaded CA2010 anti-virus software... For instance, my uploading speed is atrocious. I wonder if the software is doing this ...

Here is the paste from the log file:

Logfile of random's system information tool 1.07 (written by random/random)
Run by El Fabuloso at 2010-06-27 19:09:06
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 23 GB (61%) free of 38 GB
Total RAM: 767 MB (33% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 7:09:13 PM, on 6/27/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE:
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\mdmcls32.exe
C:\WINDOWS\system32\svcprs32.exe
C:\WINDOWS\System32\wltrysvc.exe
C:\WINDOWS\System32\bcmwltry.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\CA\CA Internet Security Suite\ccEvtMgr.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\WINDOWS\BCMSMMSG.exe
C:\Program Files\CA\CA Internet Security Suite\casc.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\AIM\aim.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CAGlobal.exe
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Light\CAGlobalLight.exe
C:\Documents and Settings\El Fabuloso\Desktop\RSIT.exe
C:\Program Files\trend micro\El Fabuloso.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O2 - BHO: CA Toolbar Helper - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDIE.dll
O3 - Toolbar: CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDIE.dll
O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [BCMSMMSG] BCMSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\casc.exe"
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Aim] "C:\Program Files\AIM\aim.exe" /d locale=en-US
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll/206 (file missing)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 6453335437
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 6464013796
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: callingid - {086D03BA-57AC-4C8E-A33D-0BAABF742411} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDToolbar.dll
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: CaCCProvSP - Unknown owner - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe
O23 - Service: CA Common Scheduler Service (ccSchedulerSVC) - Unknown owner - C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: SupportSoft RemoteAssist - SupportSoft, Inc. - C:\Program Files\Common Files\supportsoft\bin\ssrc.exe
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: WinSock Extention Manager (WinExtManager) - Unknown owner - C:\WINDOWS\system32\mdmcls32.exe
O23 - Service: WinSock Svchost Manager (WinSvchostManager) - Unknown owner - C:\WINDOWS\system32\svcprs32.exe
O23 - Service: WLTRYSVC - Unknown owner - C:\WINDOWS\System32\wltrysvc.exe

--
End of file - 8000 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-12-21 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{39F7E362-828A-4B5A-BCAF-5B79BFDFEA60}]
BitComet Helper - C:\Program Files\BitComet\tools\BitCometBHO_1.4.4.13.dll [2010-04-13 662776]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FBF2401B-7447-4727-BE5D-C19B2075CA84}]
CA Toolbar Helper - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDIE.dll [2010-03-22 767416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - CA Toolbar - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\Toolbar\CallingIDIE.dll [2010-03-22 767416]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Ask Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2010-02-04 1197448]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2004-03-04 487424]
"DadApp"=C:\Program Files\Dell\AccessDirect\dadapp.exe [2004-03-04 211828]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-02-05 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-02-05 495616]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2004-04-11 53248]
"BCMSMMSG"=C:\WINDOWS\BCMSMMSG.exe [2003-08-29 122880]
"NvCplDaemon"=C:\WINDOWS\System32\NvCpl.dll [2004-01-08 4866048]
"nwiz"=nwiz.exe /installquiet []
"cctray"=C:\Program Files\CA\CA Internet Security Suite\casc.exe [2010-04-08 1721680]
"capfupgrade"=C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe [2010-03-22 337136]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-12-22 35760]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]
"Aim"=C:\Program Files\AIM\aim.exe [2010-05-21 3824472]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="UmxSbxExw.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\PFW]
C:\WINDOWS\system32\UmxWnp.Dll [2009-03-27 79368]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{1869181A-9F50-4FCF-8BFF-1B8588ECB85C}"=C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\1.2.1.24.01408000\LinkAdvisor\CIDLinkAdvisor.dll [2010-03-22 1852856]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListen]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SprtListenPush]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SupportSoft RemoteAssist]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=
"EnableShellExecuteHooks"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"C:\Program Files\AIM\aim.exe"="C:\Program Files\AIM\aim.exe:*:Enabled:AIM"
"C:\Program Files\BitComet\BitComet.exe"="C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet.exe"
"C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2010-06-27 19:06:35 ----D---- C:\Program Files\trend micro
2010-06-27 19:06:34 ----D---- C:\rsit
2010-06-27 12:16:12 ----D---- C:\Program Files\Ask.com
2010-06-27 12:14:49 ----D---- C:\Program Files\uTorrent
2010-06-27 12:14:07 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\uTorrent
2010-06-27 12:00:42 ----D---- C:\Program Files\Hijackthis
2010-06-26 11:03:53 ----D---- C:\Downloads
2010-06-26 11:03:50 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\BitComet
2010-06-26 10:36:53 ----D---- C:\Program Files\BitComet
2010-06-14 23:56:17 ----D---- C:\Program Files\MSXML 4.0
2010-06-14 08:47:18 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\vlc
2010-06-14 08:44:23 ----D---- C:\Program Files\VideoLAN
2010-06-14 08:20:22 ----D---- C:\WINDOWS\Microsoft.NET
2010-06-14 08:14:04 ----D---- C:\408c256647ad203150
2010-06-13 18:55:13 ----D---- C:\Program Files\Common Files\Adobe
2010-06-13 18:53:33 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe
2010-06-13 18:53:30 ----D---- C:\Program Files\Adobe
2010-06-13 18:53:21 ----D---- C:\Program Files\Common Files\Adobe AIR
2010-06-13 18:52:14 ----D---- C:\Documents and Settings\All Users\Application Data\NOS
2010-06-13 17:29:53 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\acccore
2010-06-13 17:29:41 ----D---- C:\Documents and Settings\All Users\Application Data\AIM
2010-06-13 17:29:32 ----D---- C:\Program Files\AIM
2010-06-13 17:29:31 ----D---- C:\Program Files\Common Files\Software Update Utility
2010-06-13 17:29:30 ----D---- C:\Program Files\Common Files\AOL
2010-06-13 15:57:15 ----A---- C:\WINDOWS\system32\mkghj.dll
2010-06-13 14:46:58 ----A---- C:\WINDOWS\system32\Vetredir.dll
2010-06-13 14:46:58 ----A---- C:\WINDOWS\system32\Isafprod.dll
2010-06-13 14:46:58 ----A---- C:\WINDOWS\system32\Isafeif.dll
2010-06-13 14:45:34 ----HD---- C:\Config.msi
2010-06-13 14:44:46 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\CallingID
2010-06-13 14:44:28 ----D---- C:\Program Files\ISSThirdParty
2010-06-13 14:44:27 ----A---- C:\WINDOWS\system32\cfgmig32.dll
2010-06-13 14:44:08 ----A---- C:\WINDOWS\system32\win32cpr.dll
2010-06-13 14:44:08 ----A---- C:\WINDOWS\system32\svcprs32.exe
2010-06-13 14:44:08 ----A---- C:\WINDOWS\system32\ssleay32.dll
2010-06-13 14:44:07 ----A---- C:\WINDOWS\system32\winsflte.dll
2010-06-13 14:44:07 ----A---- C:\WINDOWS\system32\winsflt_x64.dll
2010-06-13 14:44:07 ----A---- C:\WINDOWS\system32\winsflt.dll
2010-06-13 14:44:07 ----A---- C:\WINDOWS\system32\winsfinst.exe
2010-06-13 14:44:07 ----A---- C:\WINDOWS\system32\mdmcls32.exe
2010-06-13 14:44:07 ----A---- C:\WINDOWS\system32\libeay32.dll
2010-06-13 14:44:06 ----D---- C:\WINDOWS\rnapxs
2010-06-13 14:44:06 ----A---- C:\WINDOWS\system32\sporder.dll
2010-06-13 14:42:58 ----D---- C:\Program Files\CA
2010-06-13 14:13:54 ----A---- C:\WINDOWS\ODBC.INI
2010-06-13 14:13:47 ----A---- C:\WINDOWS\system32\mdimon.dll
2010-06-13 14:13:13 ----D---- C:\Program Files\Microsoft ActiveSync
2010-06-13 14:13:10 ----D---- C:\Program Files\Common Files\DESIGNER
2010-06-13 14:13:00 ----D---- C:\WINDOWS\SHELLNEW
2010-06-13 14:11:31 ----D---- C:\Program Files\Microsoft Office
2010-06-13 14:09:54 ----RHD---- C:\MSOCache
2010-06-13 14:03:12 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9$
2010-06-13 14:03:08 ----HDC---- C:\WINDOWS\$NtUninstallKB981349$
2010-06-13 14:03:03 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$
2010-06-13 14:02:57 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$
2010-06-13 14:01:57 ----D---- C:\WINDOWS\ie8updates
2010-06-13 14:01:44 ----D---- C:\WINDOWS\WBEM
2010-06-13 14:00:27 ----HDC---- C:\WINDOWS\ie8
2010-06-13 13:58:07 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$
2010-06-13 13:57:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$
2010-06-13 13:57:49 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2010-06-13 13:52:32 ----D---- C:\WINDOWS\Prefetch
2010-06-13 13:50:49 ----HDC---- C:\WINDOWS\$NtUninstallKB982381$
2010-06-13 13:50:44 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$
2010-06-13 13:50:39 ----HDC---- C:\WINDOWS\$NtUninstallKB980218$
2010-06-13 13:50:30 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$
2010-06-13 13:50:23 ----HDC---- C:\WINDOWS\$NtUninstallKB979559$
2010-06-13 13:50:18 ----HDC---- C:\WINDOWS\$NtUninstallKB979482$
2010-06-13 13:50:14 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$
2010-06-13 13:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$
2010-06-13 13:50:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$
2010-06-13 13:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$
2010-06-13 13:49:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$
2010-06-13 13:49:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$
2010-06-13 13:49:42 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$
2010-06-13 13:49:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$
2010-06-13 13:49:31 ----HDC---- C:\WINDOWS\$NtUninstallKB975562$
2010-06-13 13:49:25 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$
2010-06-13 13:49:20 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$
2010-06-13 13:49:15 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$
2010-06-13 13:49:09 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$
2010-06-13 13:49:03 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$
2010-06-13 13:48:58 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$
2010-06-13 13:48:52 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$
2010-06-13 13:48:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$
2010-06-13 13:48:40 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$
2010-06-13 13:48:34 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$
2010-06-13 13:48:29 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$
2010-06-13 13:48:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$
2010-06-13 13:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$
2010-06-13 13:48:13 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$
2010-06-13 13:48:07 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$
2010-06-13 13:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$
2010-06-13 13:47:56 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$
2010-06-13 13:47:48 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$
2010-06-13 13:47:41 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$
2010-06-13 13:47:35 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$
2010-06-13 13:47:29 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$
2010-06-13 13:47:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$
2010-06-13 13:47:18 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$
2010-06-13 13:47:12 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$
2010-06-13 13:47:06 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2010-06-13 13:47:01 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$
2010-06-13 13:46:55 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2010-06-13 13:46:48 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$
2010-06-13 13:46:37 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$
2010-06-13 13:46:30 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$
2010-06-13 13:46:24 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$
2010-06-13 13:46:18 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$
2010-06-13 13:46:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2010-06-13 13:46:07 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2010-06-13 13:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$
2010-06-13 13:45:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2010-06-13 13:45:47 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2010-06-13 13:45:42 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2010-06-13 13:45:37 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2010-06-13 13:45:30 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2010-06-13 13:45:23 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$
2010-06-13 13:41:13 ----D---- C:\WINDOWS\system32\en-us
2010-06-13 13:41:12 ----D---- C:\WINDOWS\system32\scripting
2010-06-13 13:41:11 ----D---- C:\WINDOWS\system32\en
2010-06-13 13:41:11 ----D---- C:\WINDOWS\l2schemas
2010-06-13 13:35:24 ----D---- C:\WINDOWS\network diagnostic
2010-06-13 13:24:27 ----A---- C:\WINDOWS\system32\xmllite.dll
2010-06-13 13:24:24 ----N---- C:\WINDOWS\system32\wmphoto.dll
2010-06-13 13:24:20 ----N---- C:\WINDOWS\system32\wlanapi.dll
2010-06-13 13:24:18 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2010-06-13 13:24:18 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2010-06-13 13:24:16 ----N---- C:\WINDOWS\system32\verclsid.exe
2010-06-13 13:24:12 ----N---- C:\WINDOWS\system32\tspkg.dll
2010-06-13 13:24:12 ----N---- C:\WINDOWS\system32\tsgqec.dll
2010-06-13 13:24:01 ----N---- C:\WINDOWS\system32\setupn.exe
2010-06-13 13:23:58 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2010-06-13 13:23:57 ----N---- C:\WINDOWS\system32\rasqec.dll
2010-06-13 13:23:55 ----N---- C:\WINDOWS\system32\qutil.dll
2010-06-13 13:23:53 ----N---- C:\WINDOWS\system32\qcliprov.dll
2010-06-13 13:23:53 ----N---- C:\WINDOWS\system32\qagentrt.dll
2010-06-13 13:23:53 ----N---- C:\WINDOWS\system32\qagent.dll
2010-06-13 13:23:52 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2010-06-13 13:23:50 ----N---- C:\WINDOWS\system32\onex.dll
2010-06-13 13:23:41 ----N---- C:\WINDOWS\system32\napstat.exe
2010-06-13 13:23:41 ----N---- C:\WINDOWS\system32\napmontr.dll
2010-06-13 13:23:41 ----N---- C:\WINDOWS\system32\napipsec.dll
2010-06-13 13:23:40 ----N---- C:\WINDOWS\system32\msxml6r.dll
2010-06-13 13:23:40 ----N---- C:\WINDOWS\system32\msxml6.dll
2010-06-13 13:23:38 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2010-06-13 13:23:38 ----N---- C:\WINDOWS\system32\mssha.dll
2010-06-13 13:23:26 ----N---- C:\WINDOWS\system32\mmcperf.exe
2010-06-13 13:23:26 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2010-06-13 13:23:26 ----N---- C:\WINDOWS\system32\mmcex.dll
2010-06-13 13:23:26 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2010-06-13 13:23:19 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2010-06-13 13:23:19 ----N---- C:\WINDOWS\system32\kmsvc.dll
2010-06-13 13:23:19 ----N---- C:\WINDOWS\system32\kbdpash.dll
2010-06-13 13:23:19 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2010-06-13 13:23:19 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2010-06-13 13:23:19 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eapsvc.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eapqec.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eappprxy.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eapphost.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eappgnui.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eappcfg.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2010-06-13 13:23:12 ----N---- C:\WINDOWS\system32\eapolqec.dll
2010-06-13 13:23:12 ----A---- C:\WINDOWS\005145_.tmp
2010-06-13 13:23:11 ----N---- C:\WINDOWS\system32\dot3ui.dll
2010-06-13 13:23:11 ----N---- C:\WINDOWS\system32\dot3svc.dll
2010-06-13 13:23:11 ----N---- C:\WINDOWS\system32\dot3msm.dll
2010-06-13 13:23:11 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2010-06-13 13:23:11 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2010-06-13 13:23:11 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2010-06-13 13:23:11 ----N---- C:\WINDOWS\system32\dot3api.dll
2010-06-13 13:23:10 ----N---- C:\WINDOWS\system32\dimsroam.dll
2010-06-13 13:23:10 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2010-06-13 13:23:09 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2010-06-13 13:23:09 ----N---- C:\WINDOWS\system32\credssp.dll
2010-06-13 13:23:07 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2010-06-13 13:23:07 ----N---- C:\WINDOWS\system32\azroles.dll
2010-06-13 13:23:05 ----N---- C:\WINDOWS\system32\aaclient.dll
2010-06-13 13:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB982381_0$
2010-06-13 13:04:11 ----HDC---- C:\WINDOWS\$NtUninstallKB979559_0$
2010-06-13 13:02:56 ----HDC---- C:\WINDOWS\$NtUninstallKB975562_0$
2010-06-13 13:02:51 ----HDC---- C:\WINDOWS\$NtUninstallKB979482_0$
2010-06-13 13:02:46 ----HDC---- C:\WINDOWS\$NtUninstallKB980195$
2010-06-13 13:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978695_WM9$
2010-06-13 13:02:37 ----HDC---- C:\WINDOWS\$NtUninstallKB980218_0$
2010-06-13 13:02:31 ----HDC---- C:\WINDOWS\$NtUninstallKB981793$
2010-06-13 13:02:25 ----HDC---- C:\WINDOWS\$NtUninstallKB978542_0$
2010-06-13 13:02:19 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$
2010-06-13 13:02:13 ----HDC---- C:\WINDOWS\$NtUninstallKB979402_WM9L$
2010-06-13 13:02:02 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$
2010-06-13 13:01:55 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$
2010-06-13 13:01:50 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$
2010-06-13 13:01:45 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$
2010-06-13 13:01:40 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$
2010-06-13 13:01:35 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$
2010-06-13 13:01:28 ----HDC---- C:\WINDOWS\$NtUninstallKB975561_0$
2010-06-13 13:01:22 ----HDC---- C:\WINDOWS\$NtUninstallKB978706_0$
2010-06-13 13:01:17 ----HDC---- C:\WINDOWS\$NtUninstallKB971468_0$
2010-06-13 13:01:11 ----HDC---- C:\WINDOWS\$NtUninstallKB977914_0$
2010-06-13 13:01:02 ----HDC---- C:\WINDOWS\$NtUninstallKB975560_0$
2010-06-13 13:00:53 ----HDC---- C:\WINDOWS\$NtUninstallKB978037_0$
2010-06-13 13:00:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975713_0$
2010-06-13 13:00:43 ----HDC---- C:\WINDOWS\$NtUninstallKB972270_0$
2010-06-13 13:00:36 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$
2010-06-13 13:00:28 ----HDC---- C:\WINDOWS\$NtUninstallKB955759_0$
2010-06-13 13:00:23 ----HDC---- C:\WINDOWS\$NtUninstallKB974392_0$
2010-06-13 13:00:17 ----HDC---- C:\WINDOWS\$NtUninstallKB974318_0$
2010-06-13 13:00:11 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$
2010-06-13 13:00:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_0$
2010-06-13 12:59:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975467_0$
2010-06-13 12:59:50 ----HDC---- C:\WINDOWS\$NtUninstallKB968389_0$
2010-06-13 12:59:44 ----HDC---- C:\WINDOWS\$NtUninstallKB969059_0$
2010-06-13 12:59:40 ----HDC---- C:\WINDOWS\$NtUninstallKB958869$
2010-06-13 12:59:35 ----HDC---- C:\WINDOWS\$NtUninstallKB974112_0$
2010-06-13 12:59:29 ----HDC---- C:\WINDOWS\$NtUninstallKB974571_0$
2010-06-13 12:59:24 ----HDC---- C:\WINDOWS\$NtUninstallKB975025_0$
2010-06-13 12:59:19 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$
2010-06-13 12:59:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$
2010-06-13 12:59:09 ----HDC---- C:\WINDOWS\$NtUninstallKB956844_0$
2010-06-13 12:58:55 ----A---- C:\WINDOWS\system32\MRT.exe
2010-06-13 12:58:47 ----HDC---- C:\WINDOWS\$NtUninstallKB932823-v3$
2010-06-13 12:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB971657_0$
2010-06-13 12:57:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973815_0$
2010-06-13 12:57:15 ----HDC---- C:\WINDOWS\$NtUninstallKB960859_0$
2010-06-13 12:57:10 ----HDC---- C:\WINDOWS\$NtUninstallKB973507_0$
2010-06-13 12:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$
2010-06-13 12:56:55 ----HDC---- C:\WINDOWS\$NtUninstallKB973869_0$
2010-06-13 12:56:48 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$
2010-06-13 12:56:43 ----HDC---- C:\WINDOWS\$NtUninstallKB970238_0$
2010-06-13 12:56:39 ----HDC---- C:\WINDOWS\$NtUninstallKB961501_0$
2010-06-13 12:56:33 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$
2010-06-13 12:56:27 ----HDC---- C:\WINDOWS\$NtUninstallKB960803_0$
2010-06-13 12:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB952004_0$
2010-06-13 12:56:03 ----HDC---- C:\WINDOWS\$NtUninstallKB956572_0$
2010-06-13 12:55:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923561_0$
2010-06-13 12:55:41 ----HDC---- C:\WINDOWS\$NtUninstallKB967715_0$
2010-06-13 12:55:35 ----HDC---- C:\WINDOWS\$NtUninstallKB960225_0$
2010-06-13 12:55:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2010-06-13 12:55:25 ----HDC---- C:\WINDOWS\$NtUninstallKB956802_0$
2010-06-13 12:55:19 ----HDC---- C:\WINDOWS\$NtUninstallKB955069_0$
2010-06-13 12:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2010-06-13 12:55:09 ----HDC---- C:\WINDOWS\$NtUninstallKB952287_0$
2010-06-13 12:55:04 ----HDC---- C:\WINDOWS\$NtUninstallKB950974_0$
2010-06-13 12:54:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952954_0$
2010-06-13 12:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB946648_0$
2010-06-13 12:54:48 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$
2010-06-13 12:54:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951748_0$
2010-06-13 12:54:36 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2_0$
2010-06-13 12:54:30 ----HDC---- C:\WINDOWS\$NtUninstallKB950762_0$
2010-06-13 12:54:22 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$
2010-06-13 12:52:18 ----N---- C:\WINDOWS\system32\tzchange.exe
2010-06-13 12:44:02 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\ICAClient
2010-06-13 12:41:50 ----D---- C:\Program Files\Citrix
2010-06-13 12:41:42 ----N---- C:\WINDOWS\system32\xpsp4res.dll
2010-06-13 12:41:37 ----A---- C:\WINDOWS\system32\xpsp3res.dll
2010-06-13 12:39:10 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\Macromedia
2010-06-13 12:35:53 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\Adobe
2010-06-13 12:26:38 ----D---- C:\WINDOWS\peernet
2010-06-13 12:26:37 ----D---- C:\WINDOWS\provisioning
2010-06-13 12:24:28 ----D---- C:\WINDOWS\ServicePackFiles
2010-06-13 12:05:45 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2010-06-13 12:05:40 ----D---- C:\WINDOWS\EHome
2010-06-13 11:59:02 ----N---- C:\WINDOWS\system32\spnpinst.exe
2010-06-13 11:50:27 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage
2010-06-13 11:47:35 ----D---- C:\WINDOWS\system32\PreInstall
2010-06-13 11:47:32 ----A---- C:\WINDOWS\system32\spupdsvc.exe
2010-06-13 11:47:31 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$
2010-06-13 11:47:31 ----HD---- C:\WINDOWS\$hf_mig$
2010-06-13 11:47:03 ----HDC---- C:\WINDOWS\$MSI31Uninstall_KB893803v2$
2010-06-13 11:46:41 ----D---- C:\WINDOWS\system32\bits
2010-06-13 11:46:31 ----HDC---- C:\WINDOWS\$NtUninstallKB842773$
2010-06-13 11:46:04 ----N---- C:\WINDOWS\system32\xpob2res.dll
2010-06-13 11:46:04 ----N---- C:\WINDOWS\system32\bitsprx3.dll
2010-06-13 11:46:04 ----N---- C:\WINDOWS\system32\bitsprx2.dll
2010-06-13 11:46:04 ----A---- C:\WINDOWS\system32\winhttp.dll
2010-06-13 11:46:04 ----A---- C:\WINDOWS\system32\qmgrprxy.dll
2010-06-13 11:44:41 ----A---- C:\WINDOWS\system32\wups2.dll
2010-06-13 11:44:41 ----A---- C:\WINDOWS\system32\wups.dll
2010-06-13 11:44:41 ----A---- C:\WINDOWS\system32\wucltui.dll.mui
2010-06-13 11:44:41 ----A---- C:\WINDOWS\system32\wucltui.dll
2010-06-13 11:44:41 ----A---- C:\WINDOWS\system32\wuaueng.dll.mui
2010-06-13 11:44:40 ----A---- C:\WINDOWS\system32\wuapi.dll.mui
2010-06-13 11:44:40 ----A---- C:\WINDOWS\system32\wuapi.dll
2010-06-13 11:22:23 ----D---- C:\WINDOWS\SoftwareDistribution
2010-06-13 11:16:05 ----A---- C:\caisslog.txt
2010-06-13 11:16:04 ----D---- C:\Documents and Settings\All Users\Application Data\CA
2010-06-13 11:10:52 ----D---- C:\Documents and Settings\All Users\Application Data\CA-SupportBridge
2010-06-13 11:06:32 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\SupportSoft
2010-06-13 10:52:05 ----D---- C:\Program Files\Common Files\supportsoft
2010-06-13 10:46:25 ----D---- C:\Program Files\Broadcom
2010-06-13 10:45:17 ----A---- C:\WINDOWS\system32\BCMSMI32.dll
2010-06-13 10:45:17 ----A---- C:\WINDOWS\system32\BCMSM168.dll
2010-06-13 10:45:17 ----A---- C:\WINDOWS\BCMSMU.exe
2010-06-13 10:45:17 ----A---- C:\WINDOWS\BCMSMMSG.exe
2010-06-13 10:45:17 ----A---- C:\WINDOWS\BCMSMD2K.exe
2010-06-13 10:44:56 ----D---- C:\Program Files\Intel
2010-06-13 10:44:55 ----A---- C:\WINDOWS\system32\iuengine.dll
2010-06-13 10:44:45 ----D---- C:\WINDOWS\nview
2010-06-13 10:44:43 ----A---- C:\WINDOWS\system32\usbui.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nwiz.exe
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrszht.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrszhc.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrsptb.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrsko.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrsja.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrsit.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrsfr.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrses.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwrsde.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvwddi.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvsvc32.exe
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvshell.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvrszht.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvrszhc.dll
2010-06-13 10:44:22 ----A---- C:\WINDOWS\system32\nvrsptb.dll
2010-06-13 10:44:21 ----A---- C:\WINDOWS\system32\nvrsko.dll
2010-06-13 10:44:20 ----A---- C:\WINDOWS\system32\nvrsja.dll
2010-06-13 10:44:20 ----A---- C:\WINDOWS\system32\nvrsit.dll
2010-06-13 10:44:20 ----A---- C:\WINDOWS\system32\nvrsfr.dll
2010-06-13 10:44:20 ----A---- C:\WINDOWS\system32\nvrses.dll
2010-06-13 10:44:20 ----A---- C:\WINDOWS\system32\nvrsde.dll
2010-06-13 10:44:19 ----A---- C:\WINDOWS\system32\nvoglnt.dll
2010-06-13 10:44:19 ----A---- C:\WINDOWS\system32\nvmctray.dll
2010-06-13 10:44:19 ----A---- C:\WINDOWS\system32\nvinstnt.dll
2010-06-13 10:44:19 ----A---- C:\WINDOWS\system32\nviewimg.dll
2010-06-13 10:44:19 ----A---- C:\WINDOWS\system32\nview.dll
2010-06-13 10:44:18 ----A---- C:\WINDOWS\system32\nvcpl.dll
2010-06-13 10:44:17 ----A---- C:\WINDOWS\system32\nv4_disp.dll
2010-06-13 10:44:17 ----A---- C:\WINDOWS\system32\keystone.exe
2010-06-13 10:44:16 ----A---- C:\WINDOWS\system32\dmcpl.exe
2010-06-13 10:43:35 ----D---- C:\Program Files\SigmaTel
2010-06-13 10:42:03 ----N---- C:\WINDOWS\system32\WLTRYSVC.EXE
2010-06-13 10:42:03 ----N---- C:\WINDOWS\system32\BCMWLTRY.EXE
2010-06-13 10:42:03 ----N---- C:\WINDOWS\system32\BCMLogon.dll
2010-06-13 10:42:03 ----N---- C:\WINDOWS\system32\AegisE5.dll
2010-06-13 10:41:54 ----N---- C:\WINDOWS\system32\BCMWLU00.EXE
2010-06-13 10:41:54 ----N---- C:\WINDOWS\system32\BCMWLD2K.EXE
2010-06-13 10:32:35 ----D---- C:\Program Files\CyberLink
2010-06-13 10:31:04 ----D---- C:\Program Files\Dell Computer Corporation
2010-06-13 10:29:45 ----D---- C:\WINDOWS\system32\ReinstallBackups
2010-06-13 10:29:38 ----A---- C:\WINDOWS\system32\SynTPFcs.dll
2010-06-13 10:29:37 ----D---- C:\Program Files\Synaptics
2010-06-13 10:29:37 ----A---- C:\WINDOWS\system32\SynTPCoI.dll
2010-06-13 10:29:37 ----A---- C:\WINDOWS\system32\SynTPAPI.dll
2010-06-13 10:29:37 ----A---- C:\WINDOWS\system32\SynCtrl.dll
2010-06-13 10:29:37 ----A---- C:\WINDOWS\system32\SynCOM.dll
2010-06-13 10:24:06 ----D---- C:\WINDOWS\RegisteredPackages
2010-06-13 10:23:34 ----A---- C:\WINDOWS\system32\wstdecod.dll
2010-06-13 10:23:34 ----A---- C:\WINDOWS\system32\qedwipes.dll
2010-06-13 10:23:34 ----A---- C:\WINDOWS\system32\qedit.dll
2010-06-13 10:23:34 ----A---- C:\WINDOWS\system32\psisdecd.dll
2010-06-13 10:23:34 ----A---- C:\WINDOWS\system32\msyuv.dll
2010-06-13 10:23:34 ----A---- C:\WINDOWS\system32\msvidctl.dll
2010-06-13 10:23:34 ----A---- C:\WINDOWS\system32\ksuser.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\quartz.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\qdvd.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\qdv.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\qcap.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\qasf.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\mswebdvd.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\msdmo.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\mciqtz32.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\encapi.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dxdllreg.exe
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dxdiagn.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dxdiag.exe
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dx8vb.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dx7vb.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dswave.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dsound3d.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dsound.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dsdmoprp.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dsdmo.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpwsockx.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpvvox.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpvsetup.exe
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpvoice.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpvacm.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpnsvr.exe
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpnlobby.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpnhupnp.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpnhpast.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpnet.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpnaddr.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dpmodemx.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dplayx.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dplaysvr.exe
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmusic.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmsynth.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmstyle.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmscript.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmloader.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmime.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmcompos.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\dmband.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\devenum.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\ddrawex.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\ddraw.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\d3d9.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\d3d8thk.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\d3d8.dll
2010-06-13 10:23:33 ----A---- C:\WINDOWS\system32\amstream.dll
2010-06-13 10:23:32 ----A---- C:\WINDOWS\system32\d3dim700.dll
2010-06-13 10:20:36 ----A---- C:\WINDOWS\system32\BMAPI.dll
2010-06-13 10:20:31 ----A---- C:\WINDOWS\system32\DellSys.dll
2010-06-13 10:20:26 ----D---- C:\Program Files\Dell
2010-06-13 10:18:50 ----RA---- C:\WINDOWS\system32\hhactivex.dll
2010-06-13 10:18:50 ----A---- C:\WINDOWS\system32\RcdScan.dll
2010-06-13 10:18:48 ----A---- C:\WINDOWS\system32\VB5DB.DLL
2010-06-13 10:18:47 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-13 10:18:40 ----D---- C:\Program Files\Common Files\InstallShield
2010-06-13 10:13:17 ----SD---- C:\WINDOWS\system32\Microsoft
2010-06-12 15:46:40 ----SHD---- C:\RECYCLER
2010-06-12 15:18:30 ----SHD---- C:\WINDOWS\Installer
2010-06-12 15:18:27 ----D---- C:\Documents and Settings\El Fabuloso\Application Data\Identities
2010-06-12 15:18:21 ----HD---- C:\Program Files\Uninstall Information
2010-06-12 15:18:17 ----SD---- C:\Documents and Settings\El Fabuloso\Application Data\Microsoft
2010-06-12 15:18:17 ----ASH---- C:\Documents and Settings\El Fabuloso\Application Data\desktop.ini
2010-06-12 15:15:01 ----SHD---- C:\System Volume Information
2010-06-12 15:14:58 ----A---- C:\WINDOWS\SchedLgU.Txt
2010-06-12 15:12:23 ----D---- C:\WINDOWS\system32\xircom
2010-06-12 15:12:23 ----D---- C:\Program Files\xerox
2010-06-12 15:12:23 ----D---- C:\Program Files\microsoft frontpage
2010-06-12 15:12:21 ----D---- C:\DELL
2010-06-12 15:09:46 ----A---- C:\WINDOWS\system32\xpsp1hfm.exe
2010-06-12 15:08:59 ----N---- C:\WINDOWS\system32\spmsg.dll
2010-06-12 15:08:36 ----A---- C:\WINDOWS\control.ini
2010-06-12 15:08:36 ----A---- C:\AUTOEXEC.BAT
2010-06-12 15:08:29 ----A---- C:\WINDOWS\OEWABLog.txt
2010-06-12 15:08:24 ----A---- C:\WINDOWS\system32\mapi32.dll
2010-06-12 15:07:38 ----SD---- C:\WINDOWS\Downloaded Program Files
2010-06-12 15:07:38 ----RD---- C:\WINDOWS\Offline Web Pages
2010-06-12 15:07:38 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest
2010-06-12 15:07:33 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest
2010-06-12 15:07:12 ----D---- C:\WINDOWS\system32\DirectX
2010-06-12 15:06:50 ----A---- C:\WINDOWS\system32\safrslv.dll
2010-06-12 15:06:50 ----A---- C:\WINDOWS\system32\safrdm.dll
2010-06-12 15:06:50 ----A---- C:\WINDOWS\system32\safrcdlg.dll
2010-06-12 15:06:50 ----A---- C:\WINDOWS\system32\racpldlg.dll
2010-06-12 15:06:49 ----A---- C:\WINDOWS\system32\atrace.dll
2010-06-12 15:06:47 ----A---- C:\WINDOWS\system32\desktop.ini
2010-06-12 15:06:47 ----A---- C:\WINDOWS\desktop.ini
2010-06-12 15:06:41 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
2010-06-12 15:06:41 ----A---- C:\WINDOWS\system32\mnmsrvc.exe
2010-06-12 15:06:41 ----A---- C:\WINDOWS\system32\isrdbg32.dll
2010-06-12 15:06:40 ----A---- C:\WINDOWS\system32\acctres.dll
2010-06-12 15:06:39 ----D---- C:\Program Files\Common Files\Services
2010-06-12 15:06:38 ----A---- C:\WINDOWS\system32\inetres.dll
2010-06-12 15:06:36 ----SD---- C:\WINDOWS\Tasks
2010-06-12 15:06:35 ----A---- C:\WINDOWS\system32\isign32.dll
2010-06-12 15:06:35 ----A---- C:\WINDOWS\system32\inetcfg.dll
2010-06-12 15:06:35 ----A---- C:\WINDOWS\system32\icwphbk.dll
2010-06-12 15:06:35 ----A---- C:\WINDOWS\system32\icwdial.dll
2010-06-12 15:06:35 ----A---- C:\WINDOWS\system32\icfgnt5.dll
2010-06-12 15:06:33 ----D---- C:\Program Files\Common Files\MSSoap
2010-06-12 15:06:29 ----D---- C:\WINDOWS\srchasst
2010-06-12 15:06:28 ----D---- C:\WINDOWS\system32\Macromed
2010-06-12 15:06:27 ----D---- C:\Program Files\Movie Maker
2010-06-12 15:06:27 ----A---- C:\WINDOWS\system32\qmgr.dll
2010-06-12 15:06:23 ----D---- C:\WINDOWS\system32\Restore
2010-06-12 15:06:23 ----D---- C:\WINDOWS\PCHealth
2010-06-12 15:06:23 ----A---- C:\WINDOWS\system32\srsvc.dll
2010-06-12 15:06:23 ----A---- C:\WINDOWS\system32\srrstr.dll
2010-06-12 15:06:23 ----A---- C:\WINDOWS\system32\srclient.dll
2010-06-12 15:06:22 ----A---- C:\WINDOWS\system32\nmmkcert.dll
2010-06-12 15:06:22 ----A---- C:\WINDOWS\system32\msconf.dll
2010-06-12 15:06:22 ----A---- C:\WINDOWS\system32\mnmdd.dll
2010-06-12 15:06:22 ----A---- C:\WINDOWS\system32\ils.dll
2010-06-12 15:06:20 ----D---- C:\Program Files\NetMeeting
2010-06-12 15:06:20 ----A---- C:\WINDOWS\system32\msoert2.dll
2010-06-12 15:06:20 ----A---- C:\WINDOWS\system32\msoeacct.dll
2010-06-12 15:06:19 ----D---- C:\Program Files\Outlook Express
2010-06-12 15:06:19 ----A---- C:\WINDOWS\system32\schedsvc.dll
2010-06-12 15:06:19 ----A---- C:\WINDOWS\system32\mstinit.exe
2010-06-12 15:06:19 ----A---- C:\WINDOWS\system32\mstask.dll
2010-06-12 15:06:19 ----A---- C:\WINDOWS\system32\inetcomm.dll
2010-06-12 15:06:16 ----D---- C:\Program Files\Common Files\System
2010-06-12 15:06:13 ----D---- C:\Program Files\Internet Explorer
2010-06-12 15:05:57 ----D---- C:\Program Files\ComPlus Applications
2010-06-12 15:05:55 ----A---- C:\WINDOWS\vbaddin.ini
2010-06-12 15:05:55 ----A---- C:\WINDOWS\vb.ini
2010-06-12 15:05:49 ----D---- C:\WINDOWS\Registration
2010-06-12 15:05:20 ----HD---- C:\Program Files\WindowsUpdate
2010-06-12 15:05:20 ----D---- C:\Program Files\Online Services
2010-06-12 15:05:19 ----D---- C:\Program Files\Windows Media Player
2010-06-12 15:05:14 ----D---- C:\Program Files\Messenger
2010-06-12 15:05:10 ----D---- C:\Program Files\MSN Gaming Zone
2010-06-12 15:05:10 ----A---- C:\WINDOWS\system32\write.exe
2010-06-12 15:05:03 ----A---- C:\WINDOWS\system32\accwiz.exe
2010-06-12 15:05:02 ----A---- C:\WINDOWS\system32\sndvol32.exe
2010-06-12 15:05:02 ----A---- C:\WINDOWS\system32\sndrec32.exe
2010-06-12 15:05:02 ----A---- C:\WINDOWS\system32\hypertrm.dll
2010-06-12 15:05:02 ----A---- C:\WINDOWS\system32\hticons.dll
2010-06-12 15:05:02 ----A---- C:\WINDOWS\system32\avwav.dll
2010-06-12 15:05:02 ----A---- C:\WINDOWS\system32\avtapi.dll
2010-06-12 15:05:02 ----A---- C:\WINDOWS\system32\avmeter.dll
2010-06-12 15:05:01 ----A---- C:\WINDOWS\system32\winchat.exe
2010-06-12 15:04:56 ----A---- C:\WINDOWS\system32\getuname.dll
2010-06-12 15:04:56 ----A---- C:\WINDOWS\system32\charmap.exe
2010-06-12 15:04:55 ----A---- C:\WINDOWS\system32\winmine.exe
2010-06-12 15:04:55 ----A---- C:\WINDOWS\system32\sol.exe
2010-06-12 15:04:55 ----A---- C:\WINDOWS\system32\mshearts.exe
2010-06-12 15:04:55 ----A---- C:\WINDOWS\system32\freecell.exe
2010-06-12 15:04:55 ----A---- C:\WINDOWS\system32\calc.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\usrlogon.cmd
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\tsshutdn.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\tslabels.ini
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\tskill.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\tsdiscon.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\tscon.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\shadow.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\rwinsta.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\reset.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\regini.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\rdshost.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\rdpcfgex.dll
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\qwinsta.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\qprocess.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\qappsrv.exe
2010-06-12 15:04:54 ----A---- C:\WINDOWS\system32\msg.exe
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\xolehlp.dll
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\mtxoci.dll
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\msdtcuiu.dll
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\msdtctm.dll
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\msdtcprf.ini
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\msdtclog.dll
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\logoff.exe
2010-06-12 15:04:53 ----A---- C:\WINDOWS\system32\cdmodem.dll
2010-06-12 15:04:52 ----A---- C:\WINDOWS\system32\msdtc.exe
2010-06-12 15:04:52 ----A---- C:\WINDOWS\system32\dcomcnfg.exe
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\stclient.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\mtxlegih.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\mtxex.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\mtxdm.dll
2010-06-12 15:04:51



IP:
top
Top
 Profile Send private message  
 
GotMalware
 Post subject: Re: Please help with malware removal
PostPosted: Sun Jun 27, 2010 7:26 pm 
Offline

Joined: Sun Jun 27, 2010 12:06 pm
Posts: 3
The rest ...


----A---- C:\WINDOWS\system32\comrepl.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\comaddin.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\colbact.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\clbcatex.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\catsrvps.dll
2010-06-12 15:04:51 ----A---- C:\WINDOWS\system32\catsrv.dll
2010-06-12 15:04:50 ----A---- C:\WINDOWS\system32\comuid.dll
2010-06-12 15:04:50 ----A---- C:\WINDOWS\system32\comsnap.dll
2010-06-12 15:04:50 ----A---- C:\WINDOWS\system32\clbcatq.dll
2010-06-12 15:04:45 ----A---- C:\WINDOWS\system32\wmimgmt.msc
2010-06-12 15:04:45 ----A---- C:\WINDOWS\system32\servdeps.dll
2010-06-12 15:04:45 ----A---- C:\WINDOWS\system32\mmfutil.dll
2010-06-12 15:04:44 ----A---- C:\WINDOWS\system32\cmprops.dll
2010-06-12 15:04:40 ----D---- C:\Program Files\Windows NT
2010-06-12 15:04:40 ----D---- C:\Program Files\MSN
2010-06-12 15:04:40 ----A---- C:\WINDOWS\system32\mplay32.exe
2010-06-12 15:04:39 ----A---- C:\WINDOWS\system32\wuauserv.dll
2010-06-12 15:04:39 ----A---- C:\WINDOWS\system32\wuaueng.dll
2010-06-12 15:04:39 ----A---- C:\WINDOWS\system32\wuauclt.exe
2010-06-12 15:04:39 ----A---- C:\WINDOWS\system32\spider.exe
2010-06-12 15:04:39 ----A---- C:\WINDOWS\system32\mspaint.exe
2010-06-12 15:04:39 ----A---- C:\WINDOWS\system32\clipbrd.exe
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\tscupgrd.exe
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\tscfgwmi.dll
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\termsrv.dll
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\sessmgr.exe
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\remotepg.dll
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\rdsaddin.exe
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\rdchost.dll
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\mstscax.dll
2010-06-12 15:04:38 ----A---- C:\WINDOWS\system32\mstsc.exe
2010-06-12 15:04:37 ----D---- C:\WINDOWS\system32\MsDtc
2010-06-12 15:04:37 ----D---- C:\WINDOWS\system32\Com
2010-06-12 15:04:37 ----A---- C:\WINDOWS\system32\rdpwsx.dll
2010-06-12 15:04:37 ----A---- C:\WINDOWS\system32\rdpsnd.dll
2010-06-12 15:04:37 ----A---- C:\WINDOWS\system32\rdpclip.exe
2010-06-12 15:04:37 ----A---- C:\WINDOWS\system32\msdtcprx.dll
2010-06-12 15:04:37 ----A---- C:\WINDOWS\system32\icaapi.dll
2010-06-12 15:04:37 ----A---- C:\WINDOWS\system32\cfgbkend.dll
2010-06-12 15:04:36 ----A---- C:\WINDOWS\system32\comsvcs.dll
2010-06-12 15:04:36 ----A---- C:\WINDOWS\system32\catsrvut.dll
2010-06-12 15:04:33 ----A---- C:\WINDOWS\system32\licwmi.dll
2010-06-12 07:56:13 ----A---- C:\WINDOWS\system32\h323log.txt
2010-06-12 07:43:19 ----A---- C:\WINDOWS\imsins.BAK
2010-06-12 07:43:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2010-06-12 07:43:15 ----D---- C:\Program Files\Common Files\ODBC
2010-06-12 07:43:15 ----A---- C:\WINDOWS\ODBCINST.INI
2010-06-12 07:43:12 ----RD---- C:\Program Files
2010-06-12 07:43:12 ----D---- C:\Program Files\Common Files\SpeechEngines
2010-06-12 07:43:12 ----D---- C:\Program Files\Common Files\Microsoft Shared
2010-06-12 07:43:12 ----D---- C:\Program Files\Common Files
2010-06-12 07:43:08 ----RA---- C:\WINDOWS\system32\kbdazel.dll
2010-06-12 07:43:07 ----RA---- C:\WINDOWS\system32\kbdtuq.dll
2010-06-12 07:43:07 ----RA---- C:\WINDOWS\system32\kbdtuf.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdycc.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbduzb.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdur.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdtat.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdru1.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdru.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdmon.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdkyr.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdkaz.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdbu.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdblr.dll
2010-06-12 07:43:06 ----RA---- C:\WINDOWS\system32\kbdaze.dll
2010-06-12 07:43:04 ----RA---- C:\WINDOWS\system32\kbdhept.dll
2010-06-12 07:43:04 ----RA---- C:\WINDOWS\system32\kbdhela3.dll
2010-06-12 07:43:04 ----RA---- C:\WINDOWS\system32\kbdhela2.dll
2010-06-12 07:43:04 ----RA---- C:\WINDOWS\system32\kbdhe319.dll
2010-06-12 07:43:04 ----RA---- C:\WINDOWS\system32\kbdhe220.dll
2010-06-12 07:43:04 ----RA---- C:\WINDOWS\system32\kbdhe.dll
2010-06-12 07:43:04 ----RA---- C:\WINDOWS\system32\kbdgkl.dll
2010-06-12 07:43:03 ----RA---- C:\WINDOWS\system32\kbdlv1.dll
2010-06-12 07:43:03 ----RA---- C:\WINDOWS\system32\kbdlv.dll
2010-06-12 07:43:03 ----RA---- C:\WINDOWS\system32\kbdlt1.dll
2010-06-12 07:43:03 ----RA---- C:\WINDOWS\system32\kbdlt.dll
2010-06-12 07:43:03 ----RA---- C:\WINDOWS\system32\kbdest.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdycl.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdsl1.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdsl.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdro.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdpl1.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdpl.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdhu1.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdhu.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdcz2.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdcz1.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdcz.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\kbdcr.dll
2010-06-12 07:43:00 ----RA---- C:\WINDOWS\system32\KBDAL.DLL
2010-06-12 07:42:58 ----A---- C:\WINDOWS\system32\irclass.dll
2010-06-12 07:42:58 ----A---- C:\WINDOWS\system32\dgrpsetu.dll
2010-06-12 07:42:57 ----A---- C:\WINDOWS\system32\spxcoins.dll
2010-06-12 07:42:57 ----A---- C:\WINDOWS\system32\EqnClass.Dll
2010-06-12 07:42:57 ----A---- C:\WINDOWS\system32\dgsetup.dll
2010-06-12 07:42:55 ----N---- C:\WINDOWS\system32\CONFIG.TMP
2010-06-12 07:42:55 ----A---- C:\WINDOWS\TASKMAN.EXE
2010-06-12 07:42:55 ----A---- C:\WINDOWS\system32\batt.dll
2010-06-12 07:42:55 ----A---- C:\WINDOWS\notepad.exe
2010-06-12 07:42:53 ----A---- C:\WINDOWS\system32\storprop.dll
2010-06-12 07:42:43 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini
2010-06-12 07:42:41 ----RA---- C:\WINDOWS\SETD.tmp
2010-06-12 07:42:41 ----RA---- C:\WINDOWS\SET7.tmp
2010-06-12 07:42:37 ----RA---- C:\WINDOWS\SET3.tmp
2010-06-12 07:42:29 ----D---- C:\WINDOWS\system32\CatRoot2
2010-06-12 07:42:29 ----D---- C:\WINDOWS\system32\CatRoot
2010-06-12 07:42:23 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft
2010-06-12 07:42:09 ----A---- C:\WINDOWS\setuplog.txt
2010-06-12 07:42:02 ----D---- C:\Documents and Settings
2010-06-12 07:41:21 ----RASH---- C:\boot.ini
2010-06-12 07:38:04 ----RSHDC---- C:\WINDOWS\system32\dllcache
2010-06-12 07:38:04 ----RSD---- C:\WINDOWS\Fonts
2010-06-12 07:38:04 ----RD---- C:\WINDOWS\Web
2010-06-12 07:38:04 ----HD---- C:\WINDOWS\inf
2010-06-12 07:38:04 ----D---- C:\WINDOWS\WinSxS
2010-06-12 07:38:04 ----D---- C:\WINDOWS\twain_32
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Temp
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\wins
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\wbem
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\usmt
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\spool
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\ShellExt
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\Setup
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\ras
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\oobe
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\npp
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\mui
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\inetsrv
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\IME
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\icsxml
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\ias
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\export
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\drivers
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\dhcp
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\config
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\3com_dmi
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\3076
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\2052
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1054
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1042
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1041
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1037
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1033
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1031
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1028
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32\1025
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system32
2010-06-12 07:38:04 ----D---- C:\WINDOWS\system
2010-06-12 07:38:04 ----D---- C:\WINDOWS\security
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Resources
2010-06-12 07:38:04 ----D---- C:\WINDOWS\repair
2010-06-12 07:38:04 ----D---- C:\WINDOWS\mui
2010-06-12 07:38:04 ----D---- C:\WINDOWS\msapps
2010-06-12 07:38:04 ----D---- C:\WINDOWS\msagent
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Media
2010-06-12 07:38:04 ----D---- C:\WINDOWS\java
2010-06-12 07:38:04 ----D---- C:\WINDOWS\ime
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Help
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Driver Cache
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Debug
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Cursors
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Connection Wizard
2010-06-12 07:38:04 ----D---- C:\WINDOWS\Config
2010-06-12 07:38:04 ----D---- C:\WINDOWS\AppPatch
2010-06-12 07:38:04 ----D---- C:\WINDOWS\addins
2010-06-12 07:38:04 ----D---- C:\WINDOWS

======List of files/folders modified in the last 1 months======

2010-06-13 12:27:44 ----A---- C:\WINDOWS\win.ini
2010-06-13 12:16:54 ----RASH---- C:\NTDETECT.COM
2010-06-12 07:43:11 ----A---- C:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\System32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 KmxAgent;KmxAgent; C:\WINDOWS\System32\DRIVERS\kmxagent.sys [2009-12-23 78840]
R1 KmxFile;KmxFile; C:\WINDOWS\System32\DRIVERS\KmxFile.sys [2009-09-02 53240]
R1 KmxFw;KmxFw; C:\WINDOWS\System32\DRIVERS\kmxfw.sys [2009-06-08 115704]
R1 OMCI;OMCI WDM Device Driver; C:\WINDOWS\System32\DRIVERS\omci.sys [2004-02-13 17153]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2003-07-16 12032]
R2 KmxCF;KmxCF; C:\WINDOWS\System32\DRIVERS\KmxCF.sys [2009-08-14 145912]
R2 KmxSbx;KmxSbx; C:\WINDOWS\System32\DRIVERS\KmxSbx.sys [2009-09-30 60920]
R2 MDC8021X;AEGIS Protocol (IEEE 802.1x) v2.3.1.7; C:\WINDOWS\System32\DRIVERS\mdc8021x.sys [2010-06-13 15781]
R3 Arp1394;1394 ARP Client Protocol; C:\WINDOWS\System32\DRIVERS\arp1394.sys [2008-04-13 60800]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\System32\DRIVERS\bcm4sbxp.sys [2003-05-15 43136]
R3 BCMModem;BCM V.92 56K Modem; C:\WINDOWS\System32\DRIVERS\BCMSM.sys [2003-08-29 1101696]
R3 CmBatt;Microsoft AC Adapter Driver; C:\WINDOWS\System32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 KmxCfg;KmxCfg; C:\WINDOWS\System32\DRIVERS\kmxcfg.sys [2009-09-30 239608]
R3 NIC1394;1394 Net Driver; C:\WINDOWS\System32\DRIVERS\nic1394.sys [2008-04-13 61824]
R3 nv;nv; C:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-01-08 1378636]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\STAC97.sys [2003-04-25 220176]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\System32\DRIVERS\SynTP.sys [2004-02-05 178496]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 BCM43XX;Dell Wireless WLAN Card Driver; C:\WINDOWS\System32\DRIVERS\bcmwl5.sys [2004-02-20 312960]
S3 KmxAMVet;KmxAMVet; \??\C:\WINDOWS\system32\Drivers\KmxAMVet.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 NVSvc;NVIDIA Driver Helper Service; C:\WINDOWS\System32\nvsvc32.exe [2004-01-08 77824]
R2 WinExtManager;WinSock Extention Manager; C:\WINDOWS\system32\mdmcls32.exe [2010-02-28 2347760]
R2 WinSvchostManager;WinSock Svchost Manager; C:\WINDOWS\system32\svcprs32.exe [2010-02-28 1377008]
R2 WLTRYSVC;WLTRYSVC; C:\WINDOWS\System32\wltrysvc.exe [2004-02-20 45056]
S2 CAISafe;CAISafe; C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe [2010-03-20 212992]
S2 ccSchedulerSVC;CA Common Scheduler Service; C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe [2010-04-06 206160]
S2 SupportSoft RemoteAssist;SupportSoft RemoteAssist; C:\Program Files\Common Files\supportsoft\bin\ssrc.exe [2010-04-16 386424]
S2 UmxAgent;HIPS Event Manager; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe [2009-08-04 887288]
S2 UmxCfg;HIPS Configuration Interpreter; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe [2009-07-13 760664]
S2 UmxFwHlp;HIPS Firewall Helper; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe [2009-07-31 150008]
S2 UmxPol;HIPS Policy Manager; C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe [2009-07-27 227832]
S3 CaCCProvSP;CaCCProvSP; C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe [2010-04-06 251216]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------



IP:
top
Top
 Profile Send private message  
 
TeMerc
 Post subject: Re: Please help with malware removal
PostPosted: Sun Jun 27, 2010 11:50 pm 
Offline
Site Admin
Site Admin
User avatar

Joined: Fri Jan 28, 2005 5:16 pm
Posts: 15967
Location: PHX, AZ
Thanks for the log. Nothing odd that I can tell.

Using any torrent though is recipe for disaster as they're typically seeded with malware so infections lurk at every download.

We strongly suggest you uninstall and get your media from reliable sources.

_________________
Image


IP:
top
Top
 Profile Send private message  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 5 posts ] 

Board index » HiJackThis! Log Assessment-Spyware Help » Countermeasures: HijackThis! Spyware Help

All times are UTC - 7 hours


Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Jump to:  

Who is online
Who is online In total there is 1 user online :: 0 registered, 0 hidden and 1 guest (based on users active over the past 5 minutes)
Most users ever online was 282 on Tue Sep 25, 2012 11:30 am

Users browsing this forum: No registered users and 1 guest

New posts    No new posts    Forum locked
cron
Powered by phpBB