Thread: Need help getting rid of possible trojans (prun.exe, tmpa9.exe...)
View Single Post
Old 11-08-2008, 05:08 PM   #1 (permalink)
hfraser
Registered User
 
Join Date: Apr 2008
Posts: 22
OS: XP SP2


Need help getting rid of possible trojans (prun.exe, tmpa9.exe...)
Hi,

I scanned my computer using SuperAntiSpyware today and it found several trojans which were .exe files and which were trying to gain access to the internet (including wavvsnet.exe, prun.exe, snapsnet.exe, tmpa9.exe).

I have run the required reports and here are my logs:

Logfile of random's system information tool 1.04 (written by random/random)
Run by Helen Fraser at 2008-11-08 23:52:51
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 9 GB (25%) free of 34 GB
Total RAM: 510 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:53:06, on 08/11/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\LEXPPS.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
C:\Program Files\Kontiki\KService.exe
c:\program files\mcafee.com\agent\mcdetect.exe
c:\PROGRA~1\mcafee.com\vso\mcshield.exe
c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
c:\PROGRA~1\mcafee.com\vso\OasClnt.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
C:\Program Files\Dell Support Center\bin\sprtsvc.exe
c:\program files\mcafee.com\vso\mcvsshld.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
c:\program files\mcafee.com\agent\mcagent.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfAgent.exe
C:\Documents and Settings\Helen Fraser\Application Data\Microsoft\Windows\lsass.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Dell\AccessDirect\dadapp.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Dell\Media Experience\PCMService.exe
C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe
C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\WINDOWS\system32\dla\tfswctrl.exe
C:\Program Files\Dell\AccessDirect\DadTray.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Dell Support Center\bin\sprtcmd.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\AOL 9.0\aoltray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\TEMP\TMPC1.exe
C:\WINDOWS\TEMP\TMPC7.exe
C:\WINDOWS\system32\rundll32.exe
C:\Documents and Settings\Helen Fraser\Desktop\RSIT.exe
C:\Documents and Settings\Helen Fraser\Desktop\RSIT.exe
C:\Documents and Settings\Helen Fraser\Desktop\RSIT.exe
C:\Program Files\trend micro\Helen Fraser.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ig?hl=en
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dell.co.uk/myway
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\system32\dla\tfswshx.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {a82b002d-b784-4ccf-8b86-8d910baa2fe5} - C:\WINDOWS\system32\fagometo.dll
O3 - Toolbar: McAfee VirusScan - {BA52B914-B692-46c4-B683-905236F6F655} - c:\progra~1\mcafee.com\vso\mcvsshl.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [DadApp] C:\Program Files\Dell\AccessDirect\dadapp.exe
O4 - HKLM\..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [UpdateManager] "C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Dell\Media Experience\PCMService.exe"
O4 - HKLM\..\Run: [DVDLauncher] "C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe"
O4 - HKLM\..\Run: [VSOCheckTask] "C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe" /checktask
O4 - HKLM\..\Run: [MCAgentExe] c:\PROGRA~1\mcafee.com\agent\mcagent.exe
O4 - HKLM\..\Run: [MCUpdateExe] c:\PROGRA~1\mcafee.com\agent\mcupdate.exe
O4 - HKLM\..\Run: [AOL Spyware Protection] "C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe"
O4 - HKLM\..\Run: [VirusScan Online] C:\Program Files\McAfee.com\VSO\mcvsshld.exe
O4 - HKLM\..\Run: [MPFExe] C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [dla] C:\WINDOWS\system32\dla\tfswctrl.exe
O4 - HKLM\..\Run: [OASClnt] C:\Program Files\McAfee.com\VSO\oasclnt.exe
O4 - HKLM\..\Run: [dscactivate] "C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [NI.GSCNS] "C:\DOCUME~1\HELENF~1\LOCALS~1\Temp\winvsnet.exe"
O4 - HKLM\..\Run: [vikideyozo] Rundll32.exe "C:\WINDOWS\system32\goyevayo.dll",s
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [updateMgr] "C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [DellSupportCenter] "C:\Program Files\Dell Support Center\bin\sprtcmd.exe" /P DellSupportCenter
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-GB ee://aol/imApp
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKLM\..\Policies\Explorer\Run: [Lsass Service] C:\Documents and Settings\Helen Fraser\Application Data\Microsoft\Windows\lsass.exe
O4 - HKUS\S-1-5-19\..\Run: [vikideyozo] Rundll32.exe "C:\WINDOWS\system32\goyevayo.dll",s (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [vikideyozo] Rundll32.exe "C:\WINDOWS\system32\goyevayo.dll",s (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: AOL 9.0 Tray Icon.lnk = C:\Program Files\AOL 9.0\aoltray.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX ActiveX Control) - http://www.ipix.com/download/ipixx.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: {74E4A24D-5224-4F05-8A41-99445E0FC22B} (GameHouse Games Player) - http://aolsvc.aol.com/onlinegames/fr...ouseplayer.cab
O16 - DPF: {8FA2192F-B95D-40E3-898F-8D7ABB8E00D0} (SpinTop Games Launcher) - http://aolsvc.aol.com/onlinegames/fr...esLauncher.cab
O16 - DPF: {A8739816-022C-11D6-A85D-00C04F9AEAFB} (WebEyeControl) - http://www.rockefellercenter.com/viewer/wg_webeye.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/Ms...Downloader.cab
O16 - DPF: {B49C4597-8721-4789-9250-315DFBD9F525} (IWinAmpActiveX Class) - http://cdn.digitalcity.com/radio/amp...1.11_en_dl.cab
O16 - DPF: {BE71A78B-77DB-451C-A761-59B37022D544} (AOL Newport Downloader Ctrl) - http://o.aolcdn.com/pictures/ap/Reso...s.10.6.0.6.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game07.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C9386579-3C0F-4713-82C6-5BA8088C7C8D} (Windows Live SkyDrive Upload Tool) - https://secure.shared.live.com/Pa6vG...RichUpload.cab
O16 - DPF: {CE69F98F-2AF3-4306-BAC6-A79070EDA1B4} (Zylom Loader Object) - http://game14.zylomgames.com/activex/zylomloader.cab
O16 - DPF: {D6E7CFB5-C074-4D1C-B647-663D1A8D96BF} (Facebook Photo Uploader 4) - http://upload.facebook.com/controls/...ploader4_5.cab
O16 - DPF: {D77EF652-9A6B-40C8-A4B9-1C0697C6CF41} (TikGames Online Control) - http://download.games.yahoo.com/game...nematycoon.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/.../en/crlocx.ocx
O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://download.games.yahoo.com/game...ploader_v6.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download...basetup161.cab
O20 - AppInit_DLLs: C:\WINDOWS\system32\vumefesa.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL
O20 - Winlogon Notify: c00ADF46 - C:\WINDOWS\SYSTEM32\c00ADF46.mat
O20 - Winlogon Notify: sys32 - sys32.dll (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc. - C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: McAfee WSC Integration (McDetect.exe) - McAfee, Inc - c:\program files\mcafee.com\agent\mcdetect.exe
O23 - Service: McAfee.com McShield (McShield) - McAfee Inc. - c:\PROGRA~1\mcafee.com\vso\mcshield.exe
O23 - Service: McAfee Task Scheduler (McTskshd.exe) - McAfee, Inc - c:\PROGRA~1\mcafee.com\agent\mctskshd.exe
O23 - Service: McAfee SecurityCenter Update Manager (mcupdmgr.exe) - McAfee, Inc - C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe
O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee Corporation - C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe
O23 - Service: SupportSoft Sprocket Service (dellsupportcenter) (sprtsvc_dellsupportcenter) - SupportSoft, Inc. - C:\Program Files\Dell Support Center\bin\sprtsvc.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 12824 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\favwayzi.job
C:\WINDOWS\tasks\McAfee.com Scan for Viruses - My Computer (HELEN-Helen Fraser).job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2006-01-12 63128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5CA3D70E-1895-11CF-8E15-001234567890}]
DriveLetterAccess - C:\WINDOWS\system32\dla\tfswshx.dll [2004-11-16 118842]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a82b002d-b784-4ccf-8b86-8d910baa2fe5}]
C:\WINDOWS\system32\fagometo.dll [2008-08-08 59904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BA52B914-B692-46c4-B683-905236F6F655} - McAfee VirusScan - c:\progra~1\mcafee.com\vso\mcvsshl.dll [2005-07-01 114688]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\WINDOWS\system32\igfxtray.exe [2004-08-20 155648]
"HotKeysCmds"=C:\WINDOWS\system32\hkcmd.exe [2004-08-20 118784]
"DadApp"=C:\Program Files\Dell\AccessDirect\dadapp.exe [2004-03-04 211828]
"Dell QuickSet"=C:\Program Files\Dell\QuickSet\quickset.exe [2004-03-04 487424]
"SynTPLpr"=C:\Program Files\Synaptics\SynTP\SynTPLpr.exe [2004-05-13 98304]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2004-05-14 536576]
"UpdateManager"=C:\Program Files\Common Files\Sonic\Update Manager\sgtray.exe [2003-08-19 110592]
"PCMService"=C:\Program Files\Dell\Media Experience\PCMService.exe [2004-04-11 290816]
"DVDLauncher"=C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe [2004-04-11 53248]
"VSOCheckTask"=C:\PROGRA~1\McAfee.com\VSO\mcmnhdlr.exe [2005-07-08 151552]
"MCAgentExe"=c:\PROGRA~1\mcafee.com\agent\mcagent.exe [2005-09-22 303104]
"MCUpdateExe"=c:\PROGRA~1\mcafee.com\agent\mcupdate.exe [2006-01-11 212992]
"AOL Spyware Protection"=C:\PROGRA~1\COMMON~1\AOL\AOLSPY~1\AOLSP Scheduler.exe [2004-02-16 147456]
"VirusScan Online"=C:\Program Files\McAfee.com\VSO\mcvsshld.exe [2005-08-10 163840]
"MPFExe"=C:\PROGRA~1\McAfee.com\PERSON~1\MpfTray.exe [2004-03-24 1380352]
"SunJavaUpdateSched"=C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe [2008-06-10 144784]
"dla"=C:\WINDOWS\system32\dla\tfswctrl.exe [2004-11-16 127035]
"OASClnt"=C:\Program Files\McAfee.com\VSO\oasclnt.exe [2005-08-11 53248]
"dscactivate"=C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [2007-11-15 16384]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-03-30 185896]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-09-06 413696]
"AppleSyncNotifier"=C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe [2008-09-03 111936]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2008-09-08 289576]
"NI.GSCNS"=C:\DOCUME~1\HELENF~1\LOCALS~1\Temp\winvsnet.exe [2008-11-08 54784]
"vikideyozo"=C:\WINDOWS\system32\goyevayo.dll [2008-08-08 59904]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run]
"Lsass Service"=C:\Documents and Settings\Helen Fraser\Application Data\Microsoft\Windows\lsass.exe [2008-11-08 65024]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DellSupport"=C:\Program Files\DellSupport\DSAgnt.exe [2007-03-15 460784]
"updateMgr"=C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager.exe [2005-10-24 307200]
"kdx"=C:\Program Files\Kontiki\KHost.exe [2007-04-23 1032640]
"DellSupportCenter"=C:\Program Files\Dell Support Center\bin\sprtcmd.exe [2008-08-13 206064]
"Aim6"=C:\Program Files\AIM6\aim6.exe [2007-05-09 50736]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2008-09-05 1576176]
"Veoh"=C:\Program Files\Veoh Networks\Veoh\VeohClient.exe [2008-09-26 3660848]
""= []

C:\Documents and Settings\All Users\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
AOL 9.0 Tray Icon.lnk - C:\Program Files\AOL 9.0\aoltray.exe
Digital Line Detect.lnk - C:\Program Files\Digital Line Detect\DLG.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\WINDOWS\system32\vumefesa.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2008-08-27 352256]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\c00ADF46]
C:\WINDOWS\system32\c00ADF46.mat [2008-11-08 20992]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\WINDOWS\system32\igfxsrvc.dll [2004-08-20 344064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\sys32]
sys32.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon]
C:\WINDOWS\system32\WgaLogon.dll [2007-03-15 236928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-22 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
C:\WINDOWS\system32\vumefesa.dll

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"RunStartupScriptSync"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"RunStartupScriptSync"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveAutoRun"=
"NoDriveTypeAutoRun"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"C:\Program Files\Internet Explorer\IEXPLORE.EXE"="C:\Program Files\Internet Explorer\IEXPLORE.EXE:*:Enabled:Internet Explorer"
"C:\Program Files\Kontiki\KService.exe"="C:\Program Files\Kontiki\KService.exe:*:Enabled:Delivery Manager Service"
"C:\Program Files\Veoh Networks\Veoh\VeohClient.exe"="C:\Program Files\Veoh Networks\Veoh\VeohClient.exe:*:Enabled:Veoh Client"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"C:\Program Files\Common Files\AOL\Loader\aolload.exe"="C:\Program Files\Common Files\AOL\Loader\aolload.exe:*:Enabled:AOL Loader"
"C:\Program Files\AIM6\aim6.exe"="C:\Program Files\AIM6\aim6.exe:*:Enabled:AIM"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\MSN Messenger\msnmsgr.exe"="C:\Program Files\MSN Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger 8.1"
"C:\Program Files\MSN Messenger\livecall.exe"="C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone)"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2008-11-08 23:44:32 ----D---- C:\rsit
2008-11-08 23:17:52 ----A---- C:\WINDOWS\gmer.ini
2008-11-08 23:17:50 ----A---- C:\WINDOWS\gmer_uninstall.cmd
2008-11-08 23:17:49 ----A---- C:\WINDOWS\gmer.exe
2008-11-08 23:17:49 ----A---- C:\WINDOWS\gmer.dll
2008-11-08 14:52:39 ----D---- C:\Documents and Settings\Helen Fraser\Application Data\NI.GSCNS
2008-11-08 14:52:25 ----ASH---- C:\WINDOWS\system32\rqRKARiG.dll
2008-11-08 14:52:22 ----A---- C:\WINDOWS\system32\urqPghiG.dll
2008-11-08 14:52:18 ----D---- C:\WINDOWS\system32\sX3i19
2008-11-08 14:52:18 ----D---- C:\Temp
2008-11-02 00:09:03 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$
2008-11-01 15:20:08 ----D---- C:\WINDOWS\Prefetch
2008-11-01 1506 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$
2008-11-01 15:05:48 ----HDC---- C:\WINDOWS\$NtUninstallKB957095$
2008-11-01 15:05:19 ----HDC---- C:\WINDOWS\$NtUninstallKB956841$
2008-11-01 15:04:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$
2008-11-01 15:04:44 ----HDC---- C:\WINDOWS\$NtUninstallKB956390$
2008-11-01 15:04:33 ----HDC---- C:\WINDOWS\$NtUninstallKB954211$
2008-11-01 15:04:19 ----HDC---- C:\WINDOWS\$NtUninstallKB953838$
2008-11-01 15:04:10 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$
2008-11-01 15:04:02 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$
2008-11-01 15:03:54 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$
2008-11-01 15:03:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951698$
2008-11-01 15:03:38 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$
2008-11-01 15:03:32 ----HDC---- C:\WINDOWS\$NtUninstallKB951376$
2008-11-01 15:03:22 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$
2008-11-01 15:03:15 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$
2008-11-01 15:03:07 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$
2008-11-01 15:02:56 ----HDC---- C:\WINDOWS\$NtUninstallKB950759$
2008-11-01 15:02:48 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$
2008-11-01 15:02:40 ----HDC---- C:\WINDOWS\$NtUninstallKB938464$
2008-11-01 14:57:38 ----D---- C:\WINDOWS\system32\en-us
2008-11-01 14:57:37 ----D---- C:\WINDOWS\system32\scripting
2008-11-01 14:57:35 ----D---- C:\WINDOWS\l2schemas
2008-11-01 14:57:34 ----D---- C:\WINDOWS\system32\en
2008-11-01 14:57:33 ----D---- C:\WINDOWS\system32\bits
2008-11-01 14:54:00 ----D---- C:\WINDOWS\ServicePackFiles
2008-11-01 14:50:41 ----D---- C:\WINDOWS\network diagnostic
2008-11-01 14:45:55 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$
2008-11-01 14:45:52 ----D---- C:\WINDOWS\EHome
2008-10-23 22:05:23 ----HDC---- C:\WINDOWS\$NtUninstallKB958644_0$
2008-10-20 21:21:47 ----N---- C:\WINDOWS\system32\xmllite.dll
2008-10-20 21:21:44 ----N---- C:\WINDOWS\system32\wmphoto.dll
2008-10-20 21:21:42 ----N---- C:\WINDOWS\system32\wlanapi.dll
2008-10-20 21:21:40 ----N---- C:\WINDOWS\system32\windowscodecsext.dll
2008-10-20 21:21:40 ----N---- C:\WINDOWS\system32\windowscodecs.dll
2008-10-20 21:21:25 ----N---- C:\WINDOWS\system32\tspkg.dll
2008-10-20 21:21:25 ----N---- C:\WINDOWS\system32\tsgqec.dll
2008-10-20 21:21:19 ----N---- C:\WINDOWS\system32\spupdwxp.exe
2008-10-20 21:21:18 ----A---- C:\WINDOWS\system32\spdwnwxp.exe
2008-10-20 21:21:16 ----N---- C:\WINDOWS\system32\slserv.exe
2008-10-20 21:21:16 ----N---- C:\WINDOWS\system32\slrundll.exe
2008-10-20 21:21:16 ----N---- C:\WINDOWS\slrundll.exe
2008-10-20 21:21:15 ----N---- C:\WINDOWS\system32\slgen.dll
2008-10-20 21:21:15 ----N---- C:\WINDOWS\system32\slextspk.dll
2008-10-20 21:21:15 ----N---- C:\WINDOWS\system32\slcoinst.dll
2008-10-20 21:21:10 ----N---- C:\WINDOWS\system32\setupn.exe
2008-10-20 21:21:03 ----N---- C:\WINDOWS\system32\s3gnb.dll
2008-10-20 21:21:02 ----N---- C:\WINDOWS\system32\rhttpaa.dll
2008-10-20 21:21:01 ----N---- C:\WINDOWS\system32\rasqec.dll
2008-10-20 21:21:00 ----N---- C:\WINDOWS\system32\qutil.dll
2008-10-20 21:20:59 ----N---- C:\WINDOWS\system32\qcliprov.dll
2008-10-20 21:20:58 ----N---- C:\WINDOWS\system32\qagentrt.dll
2008-10-20 21:20:58 ----N---- C:\WINDOWS\system32\qagent.dll
2008-10-20 21:20:57 ----N---- C:\WINDOWS\system32\photometadatahandler.dll
2008-10-20 21:20:53 ----N---- C:\WINDOWS\system32\onex.dll
2008-10-20 21:20:37 ----N---- C:\WINDOWS\system32\napstat.exe
2008-10-20 21:20:36 ----N---- C:\WINDOWS\system32\napmontr.dll
2008-10-20 21:20:36 ----N---- C:\WINDOWS\system32\napipsec.dll
2008-10-20 21:20:33 ----N---- C:\WINDOWS\system32\mtxparhd.dll
2008-10-20 21:20:31 ----N---- C:\WINDOWS\system32\msxml6r.dll
2008-10-20 21:20:30 ----N---- C:\WINDOWS\system32\msxml6.dll
2008-10-20 21:20:22 ----N---- C:\WINDOWS\system32\msshavmsg.dll
2008-10-20 21:20:22 ----N---- C:\WINDOWS\system32\mssha.dll
2008-10-20 21:19:50 ----N---- C:\WINDOWS\system32\mmcperf.exe
2008-10-20 21:19:50 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll
2008-10-20 21:19:49 ----N---- C:\WINDOWS\system32\mmcex.dll
2008-10-20 21:19:48 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll
2008-10-20 21:19:08 ----N---- C:\WINDOWS\system32\l2gpstore.dll
2008-10-20 21:19:07 ----N---- C:\WINDOWS\system32\kmsvc.dll
2008-10-20 21:19:06 ----N---- C:\WINDOWS\system32\kbdpash.dll
2008-10-20 21:19:06 ----N---- C:\WINDOWS\system32\kbdnepr.dll
2008-10-20 21:19:05 ----N---- C:\WINDOWS\system32\kbdiultn.dll
2008-10-20 21:19:05 ----N---- C:\WINDOWS\system32\kbdbhc.dll
2008-10-20 21:18:50 ----N---- C:\WINDOWS\system32\hsfcisp2.dll
2008-10-20 21:18:36 ----N---- C:\WINDOWS\system32\faxpatch.exe
2008-10-20 21:18:36 ----A---- C:\WINDOWS\002750_.tmp
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eapsvc.dll
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eapqec.dll
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eappprxy.dll
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eapphost.dll
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eappgnui.dll
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eappcfg.dll
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eapp3hst.dll
2008-10-20 21:18:34 ----N---- C:\WINDOWS\system32\eapolqec.dll
2008-10-20 21:18:24 ----N---- C:\WINDOWS\system32\dot3ui.dll
2008-10-20 21:18:24 ----N---- C:\WINDOWS\system32\dot3svc.dll
2008-10-20 21:18:24 ----N---- C:\WINDOWS\system32\dot3msm.dll
2008-10-20 21:18:24 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll
2008-10-20 21:18:24 ----N---- C:\WINDOWS\system32\dot3dlg.dll
2008-10-20 21:18:23 ----N---- C:\WINDOWS\system32\dot3cfg.dll
2008-10-20 21:18:23 ----N---- C:\WINDOWS\system32\dot3api.dll
2008-10-20 21:18:20 ----N---- C:\WINDOWS\system32\dimsroam.dll
2008-10-20 21:18:20 ----N---- C:\WINDOWS\system32\dimsntfy.dll
2008-10-20 21:18:19 ----N---- C:\WINDOWS\system32\dhcpqec.dll
2008-10-20 21:18:14 ----N---- C:\WINDOWS\system32\credssp.dll
2008-10-20 21:18:03 ----N---- C:\WINDOWS\system32\bitsprx4.dll
2008-10-20 21:18:02 ----N---- C:\WINDOWS\system32\azroles.dll
2008-10-20 21:18:01 ----N---- C:\WINDOWS\system32\ativvaxx.dll
2008-10-20 21:18:01 ----N---- C:\WINDOWS\system32\ativtmxx.dll
2008-10-20 21:18:00 ----N---- C:\WINDOWS\system32\ati3duag.dll
2008-10-20 21:18:00 ----N---- C:\WINDOWS\system32\ati3d1ag.dll
2008-10-20 21:18:00 ----N---- C:\WINDOWS\system32\ati2dvag.dll
2008-10-20 21:18:00 ----N---- C:\WINDOWS\system32\ati2dvaa.dll
2008-10-20 21:18:00 ----N---- C:\WINDOWS\system32\ati2cqag.dll
2008-10-20 21:17:44 ----N---- C:\WINDOWS\system32\aaclient.dll
2008-10-19 00:28:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956803_0$
2008-10-19 00:27:43 ----HDC---- C:\WINDOWS\$NtUninstallKB956391$
2008-10-19 00:27:35 ----HDC---- C:\WINDOWS\$NtUninstallKB957095_0$
2008-10-19 00:27:15 ----HDC---- C:\WINDOWS\$NtUninstallKB954211_0$
2008-10-19 00:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB956841_0$
2008-10-19 00:23:29 ----HDC---- C:\WINDOWS\$NtUninstallKB956390_0$
2008-10-18 17:31:20 ----A---- C:\WINDOWS\system32\muweb.dll
2008-10-18 17:31:19 ----A---- C:\WINDOWS\system32\mucltui.dll.mui
2008-10-18 17:31:18 ----A---- C:\WINDOWS\system32\mucltui.dll
2008-10-18 16:14:53 ----A---- C:\Program Files\Silverlight.2.0.exe

======List of files/folders modified in the last 1 months======

2008-11-08 23:53:06 ----D---- C:\Program Files\Trend Micro
2008-11-08 23:52:51 ----D---- C:\Documents and Settings\All Users\Application Data\Kontiki
2008-11-08 23:48:26 ----D---- C:\Program Files\Mozilla Firefox
2008-11-08 23:17:52 ----D---- C:\WINDOWS
2008-11-08 23:17:50 ----D---- C:\WINDOWS\system32\DRIVERS
2008-11-08 23:04:36 ----HD---- C:\WINDOWS\INF
2008-11-08 21:00:23 ----D---- C:\WINDOWS\Temp
2008-11-08 19:52:40 ----D---- C:\WINDOWS\SYSTEM32
2008-11-08 17:03:45 ----D---- C:\WINDOWS\system32\CatRoot2
2008-11-08 16:51:40 ----A---- C:\WINDOWS\ModemLog_Conexant D480 MDC V.9x Modem.txt
2008-11-08 16:50:20 ----A---- C:\WINDOWS\SchedLgU.Txt
2008-11-08 14:52:30 ----SD---- C:\WINDOWS\Tasks
2008-11-07 19:48:07 ----SHD---- C:\WINDOWS\Installer
2008-11-07 19:43:47 ----A---- C:\WINDOWS\WIN.INI
2008-11-06 22:17:06 ----RSD---- C:\WINDOWS\ASSEMBLY
2008-11-06 22:15:59 ----RSD---- C:\WINDOWS\Fonts
2008-11-06 22:15:13 ----D---- C:\Program Files\Common Files\Microsoft Shared
2008-11-02 00:09:08 ----RSHD---- C:\WINDOWS\system32\DLLCACHE
2008-11-01 16:01:10 ----HD---- C:\WINDOWS\$hf_mig$
2008-11-01 15:23:26 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2008-11-01 15:22:22 ----A---- C:\WINDOWS\OEWABLog.txt
2008-11-01 15:20:42 ----A---- C:\WINDOWS\setuplog.txt
2008-11-01 15:19:30 ----D---- C:\WINDOWS\system32\Setup
2008-11-01 15:19:30 ----D---- C:\WINDOWS\AppPatch
2008-11-01 15:19:29 ----D---- C:\WINDOWS\system32\WBEM
2008-11-01 15:08:12 ----D---- C:\WINDOWS\SECURITY
2008-11-01 1531 ----A---- C:\WINDOWS\imsins.BAK
2008-11-01 1514 ----D---- C:\WINDOWS\system32\CatRoot
2008-11-01 15:02:51 ----D---- C:\Program Files\Messenger
2008-11-01 14:58:13 ----D---- C:\WINDOWS\WinSxS
2008-11-01 14:58:00 ----D---- C:\WINDOWS\IME
2008-11-01 14:57:59 ----D---- C:\WINDOWS\Help
2008-11-01 14:57:38 ----D---- C:\WINDOWS\system32\USMT
2008-11-01 14:57:37 ----D---- C:\Program Files\Internet Explorer
2008-11-01 14:57:33 ----D---- C:\WINDOWS\PeerNet
2008-11-01 14:57:33 ----D---- C:\Program Files\Movie Maker
2008-11-01 14:53:52 ----D---- C:\WINDOWS\system32\Restore
2008-11-01 14:53:52 ----D---- C:\WINDOWS\system32\NPP
2008-11-01 14:53:50 ----D---- C:\WINDOWS\MSAGENT
2008-11-01 14:53:49 ----D---- C:\WINDOWS\SRCHASST
2008-11-01 14:53:48 ----D---- C:\Program Files\NetMeeting
2008-11-01 14:53:46 ----D---- C:\WINDOWS\system32\Com
2008-11-01 14:53:43 ----D---- C:\Program Files\Windows Media Player
2008-11-01 14:53:42 ----D---- C:\Program Files\Windows NT
2008-11-01 14:53:42 ----D---- C:\Program Files\Outlook Express
2008-11-01 14:53:38 ----D---- C:\Program Files\Common Files\System
2008-11-01 14:53:13 ----D---- C:\WINDOWS\system32\OOBE
2008-11-01 14:53:08 ----D---- C:\WINDOWS\SYSTEM
2008-11-01 14:49:31 ----D---- C:\WINDOWS\system32\ReinstallBackups
2008-10-21 19:39:05 ----D---- C:\Program Files\DivX
2008-10-20 20:05:07 ----D---- C:\WINDOWS\Debug
2008-10-19 10:51:15 ----D---- C:\Program Files\Microsoft Silverlight
2008-10-18 16:18:46 ----RD---- C:\Program Files
2008-10-15 16:34:24 ----A---- C:\WINDOWS\system32\netapi32.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-13 36352]
R1 MPFIREWL;MPFIREWL; C:\WINDOWS\System32\Drivers\MpFirewall.sys [2004-05-06 83181]
R1 omci;OMCI WDM Device Driver; C:\WINDOWS\system32\DRIVERS\omci.sys [2004-02-13 17153]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS []
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys []
R1 sscdbhk5;sscdbhk5; C:\WINDOWS\system32\drivers\sscdbhk5.sys [2004-07-14 5627]
R1 ssrtln;ssrtln; C:\WINDOWS\system32\drivers\ssrtln.sys [2004-07-14 23545]
R1 StarOpen;StarOpen; C:\WINDOWS\system32\drivers\StarOpen.sys [2008-07-02 5632]
R2 Aspi32;Aspi32; C:\WINDOWS\system32\drivers\Aspi32.sys [1999-09-10 25244]
R2 drvnddm;drvnddm; C:\WINDOWS\system32\drivers\drvnddm.sys [2004-11-23 40480]
R2 dsunidrv;DellSupport UniDriver; C:\WINDOWS\system32\DRIVERS\dsunidrv.sys [2007-02-25 5376]
R2 mdmxsdk;mdmxsdk; C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys [2003-04-09 11043]
R2 STEC3;STEC3; \??\C:\WINDOWS\system32\STEC3.sys []
R2 tfsnboio;tfsnboio; C:\WINDOWS\system32\dla\tfsnboio.sys [2004-11-16 25883]
R2 tfsncofs;tfsncofs; C:\WINDOWS\system32\dla\tfsncofs.sys [2004-11-16 34843]
R2 tfsndrct;tfsndrct; C:\WINDOWS\system32\dla\tfsndrct.sys [2004-11-16 4123]
R2 tfsndres;tfsndres; C:\WINDOWS\system32\dla\tfsndres.sys [2004-11-16 2239]
R2 tfsnifs;tfsnifs; C:\WINDOWS\system32\dla\tfsnifs.sys [2004-11-16 86554]
R2 tfsnopio;tfsnopio; C:\WINDOWS\system32\dla\tfsnopio.sys [2004-11-16 15227]
R2 tfsnpool;tfsnpool; C:\WINDOWS\system32\dla\tfsnpool.sys [2004-11-16 6363]
R2 tfsnudf;tfsnudf; C:\WINDOWS\system32\dla\tfsnudf.sys [2004-11-16 98714]
R2 tfsnudfa;tfsnudfa; C:\WINDOWS\system32\dla\tfsnudfa.sys [2004-11-16 100603]
R3 bcm4sbxp;Broadcom 440x 10/100 Integrated Controller XP Driver; C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys [2004-01-02 44032]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\WINDOWS\system32\DRIVERS\CmBatt.sys [2008-04-13 13952]
R3 DSproct;DSproct; \??\C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\SYSTEM32\DRIVERS\GEARAspiWDM.sys [2008-04-17 15464]
R3 HSF_DP;HSF_DP; C:\WINDOWS\system32\DRIVERS\HSF_DP.sys [2003-11-13 1042816]
R3 HSFHWICH;HSFHWICH; C:\WINDOWS\system32\DRIVERS\HSFHWICH.sys [2003-11-13 197120]
R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2004-08-20 737874]
R3 NaiAvFilter1;NaiAvFilter1; C:\WINDOWS\system32\drivers\naiavf5x.sys [2005-08-10 114464]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS []
R3 SIS162u;SiS 162 usb Wireless LAN Adapter Driver; C:\WINDOWS\system32\DRIVERS\sis162u.sys [2004-04-06 153600]
R3 STAC97;Audio Driver (WDM) - SigmaTel CODEC; C:\WINDOWS\system32\drivers\stac97.sys [2003-11-07 248752]
R3 SynTP;Synaptics TouchPad Driver; C:\WINDOWS\system32\DRIVERS\SynTP.sys [2004-05-13 182688]
R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208]
R3 usbhub;Microsoft USB Standard Hub Driver; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608]
R3 wanatw;WAN Miniport (ATW); C:\WINDOWS\system32\DRIVERS\wanatw4.sys [2003-01-10 33588]
R3 winachsf;winachsf; C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys [2003-11-13 679808]
S3 {6080A529-897E-4629-A488-ABA0C29B635E};Intel(R) Graphics Platform (SoftBIOS) Driver; C:\WINDOWS\system32\drivers\ialmsbw.sys [2003-10-27 120830]
S3 {D31A0762-0CEB-444e-ACFF-B049A1F6FE91};Intel(R) Graphics Chipset (KCH) Driver; C:\WINDOWS\system32\drivers\ialmkchw.sys [2003-10-27 98938]
S3 bvrp_pci;bvrp_pci; C:\WINDOWS\system32\drivers\bvrp_pci.sys []
S3 catchme;catchme; \??\C:\DOCUME~1\HELENF~1\LOCALS~1\Temp\catchme.sys []
S3 E100B;Intel(R) PRO Adapter Driver; C:\WINDOWS\system32\DRIVERS\e100b325.sys [2001-08-17 117760]
S3 gmer;gmer; C:\WINDOWS\System32\DRIVERS\gmer.sys [2008-11-08 85969]
S3 HidUsb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-13 10368]
S3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-08-17 12160]
S3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\WINDOWS\system32\DRIVERS\ss_bus.sys [2005-08-30 58320]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\WINDOWS\system32\DRIVERS\ss_mdfl.sys [2005-08-30 8304]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\WINDOWS\system32\DRIVERS\ss_mdm.sys [2005-08-30 94000]
S3 sscdbus;SAMSUNG USB Composite Device driver (WDM); C:\WINDOWS\system32\DRIVERS\sscdbus.sys [2005-12-22 80272]
S3 sscdmdfl;SAMSUNG CDMA Modem Filter; C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys [2005-12-22 10864]
S3 sscdmdm;SAMSUNG CDMA Modem Drivers; C:\WINDOWS\system32\DRIVERS\sscdmdm.sys [2005-12-22 137884]
S3 usbprint;Microsoft USB PRINTER Class; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S3 WpdUsb;WpdUsb; C:\WINDOWS\system32\DRIVERS\wpdusb.sys [2006-10-18 38528]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AOL ACS;AOL Connectivity Service; C:\PROGRA~1\COMMON~1\AOL\ACS\AOLacsd.exe [2004-02-25 1123440]
R2 KService;KService; C:\Program Files\Kontiki\KService.exe [2007-04-23 3068352]
R2 LexBceS;LexBce Server; C:\WINDOWS\system32\LEXBCES.EXE [2004-03-04 311296]
R2 McDetect.exe;McAfee WSC Integration; c:\program files\mcafee.com\agent\mcdetect.exe [2005-10-13 126976]
R2 McShield;McAfee.com McShield; c:\PROGRA~1\mcafee.com\vso\mcshield.exe [2005-08-10 221184]
R2 McTskshd.exe;McAfee Task Scheduler; c:\PROGRA~1\mcafee.com\agent\mctskshd.exe [2005-08-24 122368]
R2 MpfService;McAfee Personal Firewall Service; C:\PROGRA~1\McAfee.com\PERSON~1\MPFSERVICE.exe [2003-09-02 503808]
R2 sprtsvc_dellsupportcenter;SupportSoft Sprocket Service (dellsupportcenter); C:\Program Files\Dell Support Center\bin\sprtsvc.exe [2008-08-13 201968]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R2 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2008-09-08 536872]
S2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2008-09-05 116040]
S2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-08-29 238888]
S2 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 267776]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2007-10-24 33800]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2007-10-24 70144]
S3 DSBrokerService;DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [2007-03-07 76848]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 mcupdmgr.exe;McAfee SecurityCenter Update Manager; C:\PROGRA~1\McAfee.com\Agent\mcupdmgr.exe [2005-07-01 245760]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 usnjsvc;Messenger Sharing Folders USN Journal Reader service; C:\Program Files\MSN Messenger\usnsvc.exe [2007-01-19 97136]
S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408]

-----------------EOF-----------------



Many thanks in advance for your help.
Attached Files
File Type: txt info.txt (16.6 KB, 2 views)
File Type: txt gmer.txt (13.3 KB, 3 views)
hfraser is offline  
Important Information
Join the #1 Tech Support Forum Today - It's Totally Free!

TechSupportForum.com is a leading support website for your computer needs. We offer free, friendly and personalized computer support. Why pay to have your computer fixed when you can do it for free.

Join TechSupportforum.com Today - Click Here