Thread: SVCHOST.EXE Keeps the CPU useage at 100% for awhile.
View Single Post
Old 07-30-2006, 11:26 AM   #5 (permalink)
willmon18
Registered User
 
willmon18's Avatar
 
Join Date: Apr 2006
Location: Missouri
Posts: 386
OS: Windows XP Professional Service Pack 3

My System

Send a message via AIM to willmon18 Send a message via MSN to willmon18 Send a message via Yahoo to willmon18
Start Time= Sun 07/30/2006 12:09:58.59
Running from: C:\Documents and Settings\William\Desktop

QuickScan did not find any signs of infected files

(((((((((((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))))


2006-07-30 10:26:28 53739574 ( A.... ) "C:\backup.reg"
2006-07-19 20:47:46 ( .D... ) "C:\Program Files\MSN Messenger"
2006-07-18 10:48:12 ( .D... ) "C:\Program Files\BitLord"
2006-07-18 10:19:54 34308 ( A.... ) "C:\WINDOWS\system32\BASSMOD.dll"
2006-07-18 10:00:50 ( .D... ) "C:\Program Files\ReflexiveArcade"
2006-07-16 09:22:22 ( .D... ) "C:\Program Files\CP-Autos"
2006-07-16 09:21:22 ( .D... ) "C:\Program Files\CP-AUTOS.COM"
2006-07-12 15:35:46 ( .D... ) "C:\Program Files\Common Files\Adobe"
2006-07-07 13:43:00 61440 ( A.... ) "C:\WINDOWS\system32\Big Kahuna Reef 2.scr"
2006-07-07 13:42:58 57344 ( A.... ) "C:\WINDOWS\system32\Big Kahuna Reef.scr"
2006-07-05 07:24:42 ( .D... ) "C:\Documents and Settings\William\Application Data\Lavasoft"
2006-07-02 13:17:38 23104 ( A.... ) "C:\WINDOWS\system32\svcprmpt.dll"
2006-07-02 13:17:34 30976 ( A.... ) "C:\WINDOWS\rascntrl.dll"
2006-07-02 11:32:54 5 ( A.... ) "C:\WINDOWS\Modemx.dll"
2006-07-01 22:07:14 ( .D... ) "C:\Documents and Settings\William\Application Data\Sun"
2006-07-01 08:15:18 ( .D... ) "C:\Documents and Settings\William\Application Data\Yahoo!"
2006-06-23 06:46:52 3120 ( A.... ) "C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll"
2006-06-22 05:05:16 ( .D... ) "C:\Documents and Settings\William\Application Data\LimeWire"
2006-06-20 15:51:38 ( .D... ) "C:\Program Files\NZSearch"
2006-06-19 21:30:44 184808 ( A.... ) "C:\Documents and Settings\William\Application Data\shb.dat"
2006-06-19 16:20:42 702768 ( ..... ) "C:\WINDOWS\system32\WgaLogon.dll"
2006-06-18 20:52:10 249856 ( ..... ) "C:\WINDOWS\Setup1.exe"
2006-06-18 20:52:08 73216 ( A.... ) "C:\WINDOWS\ST6UNST.EXE"
2006-06-18 19:02:42 ( .D... ) "C:\Program Files\Common Files\L&H"
2006-06-18 19:02:22 ( .D... ) "C:\Program Files\Microsoft.NET"
2006-06-18 19:02:02 ( .D... ) "C:\Program Files\Microsoft ActiveSync"
2006-06-18 19:00:56 ( .D... ) "C:\Program Files\Common Files\DESIGNER"
2006-06-18 19:00:44 ( .D... ) "C:\Program Files\Microsoft Works"
2006-06-18 19:00:22 ( .D... ) "C:\Program Files\Microsoft Visual Studio"
2006-06-18 18:51:04 ( .D... ) "C:\Program Files\Common Files\Java"
2006-06-18 18:45:18 ( .D... ) "C:\Documents and Settings\William\Application Data\Google"
2006-06-18 18:45:14 ( .D... ) "C:\Program Files\Google"
2006-06-18 18:31:52 ( .D... ) "C:\Program Files\Yahoo!"
2006-06-18 18:22:46 ( .D... ) "C:\Documents and Settings\William\Application Data\IDM"
2006-06-18 18:22:46 ( .D... ) "C:\Documents and Settings\William\Application Data\DMCache"
2006-06-18 18:19:04 ( .D... ) "C:\Program Files\hp deskjet 930c series"
2006-06-18 18:18:54 ( .D... ) "C:\Program Files\Hewlett-Packard"
2006-06-18 18:08:08 ( .D... ) "C:\Documents and Settings\William\Application Data\TuneUp Software"
2006-06-18 18:07:16 ( .D... ) "C:\Program Files\Common Files\Wise Installation Wizard"
2006-06-18 18:05:14 ( .D... ) "C:\Documents and Settings\William\Application Data\Webroot"
2006-06-18 18:05:12 ( .D... ) "C:\Program Files\Common Files\Webroot Shared"
2006-06-18 18:02:48 ( .D... ) "C:\Documents and Settings\William\Application Data\Apple Computer"
2006-06-18 17:58:54 ( .D... ) "C:\Program Files\Common Files\xing shared"
2006-06-18 17:58:46 176167 ( A.... ) "C:\WINDOWS\system32\rmoc3260.dll"
2006-06-18 17:58:40 6656 ( A.... ) "C:\WINDOWS\system32\pndx5016.dll"
2006-06-18 17:58:40 5632 ( A.... ) "C:\WINDOWS\system32\pndx5032.dll"
2006-06-18 17:58:36 ( .D... ) "C:\Program Files\Common Files\Real"
2006-06-18 17:57:16 ( .D... ) "C:\Documents and Settings\William\Application Data\Real"
2006-06-18 17:55:36 ( .D.H. ) "C:\Program Files\InstallShield Installation Information"
2006-06-18 17:54:58 394872 ( A.... ) "C:\WINDOWS\system32\vsdatant.sys"
2006-06-18 17:54:58 394872 ( A.... ) "C:\WINDOWS\system32\vsdatant.sys"
2006-06-18 17:54:48 75776 ( A.... ) "C:\WINDOWS\zllsputility.exe"
2006-06-18 17:54:26 83960 ( A.... ) "C:\WINDOWS\system32\zlcomm.dll"
2006-06-18 17:54:26 71672 ( A.... ) "C:\WINDOWS\system32\zlcommdb.dll"
2006-06-18 17:54:24 100344 ( A.... ) "C:\WINDOWS\system32\vsxml.dll"
2006-06-18 17:54:24 59384 ( A.... ) "C:\WINDOWS\system32\vswmi.dll"
2006-06-18 17:54:22 440312 ( A.... ) "C:\WINDOWS\system32\vsutil.dll"
2006-06-18 17:54:22 71672 ( A.... ) "C:\WINDOWS\system32\vsregexp.dll"
2006-06-18 17:54:20 268280 ( A.... ) "C:\WINDOWS\system32\vspubapi.dll"
2006-06-18 17:54:20 157688 ( A.... ) "C:\WINDOWS\system32\vsinit.dll"
2006-06-18 17:54:20 104440 ( A.... ) "C:\WINDOWS\system32\vsmonapi.dll"
2006-06-18 17:54:18 83960 ( A.... ) "C:\WINDOWS\system32\vsdata.dll"
2006-06-18 17:53:38 ( .D... ) "C:\Program Files\Common Files\InstallShield"
2006-06-18 17:44:16 ( .D... ) "C:\Program Files\WildTangent"
2006-06-18 17:05:42 ( .D... ) "C:\Program Files\Common Files\DirectX"
2006-06-18 16:51:48 ( .D... ) "C:\Documents and Settings\William\Application Data\PlayFirst"
2006-06-18 16:42:12 20 ( A.... ) "C:\WINDOWS\prefs_bg.dll"
2006-06-18 16:09:14 ( .D... ) "C:\Documents and Settings\William\Application Data\Macromedia"
2006-06-18 16:02:44 ( .D... ) "C:\Program Files\TryMedia"
2006-06-18 14:59:22 ( .D... ) "C:\Documents and Settings\William\Application Data\Identities"
2006-06-18 14:59:16 ( .D.H. ) "C:\Program Files\Uninstall Information"
2006-06-18 14:59:06 ( .DS.. ) "C:\Documents and Settings\William\Application Data\Microsoft"
2006-06-18 14:42:38 ( .D... ) "C:\Program Files\xerox"
2006-06-18 14:42:38 ( .D... ) "C:\Program Files\microsoft frontpage"
2006-06-18 14:42:20 0 ( A.... ) "C:\AUTOEXEC.BAT"
2006-06-18 14:39:00 ( .D.H. ) "C:\Program Files\WindowsUpdate"
2006-06-18 14:37:42 ( .D... ) "C:\Program Files\Common Files\Services"
2006-06-18 14:37:36 ( .D... ) "C:\Program Files\Common Files\MSSoap"
2006-06-18 14:37:20 ( .D... ) "C:\Program Files\Movie Maker"
2006-06-18 14:37:08 ( .D... ) "C:\Program Files\NetMeeting"
2006-06-18 14:37:04 ( .D... ) "C:\Program Files\Outlook Express"
2006-06-18 14:36:54 ( .D... ) "C:\Program Files\Internet Explorer"
2006-06-18 14:36:54 ( .D... ) "C:\Program Files\Common Files\System"
2006-06-18 14:36:00 ( .D... ) "C:\Program Files\ComPlus Applications"
2006-06-18 14:34:30 ( .D... ) "C:\Program Files\Windows Media Player"
2006-06-18 14:34:30 ( .D... ) "C:\Program Files\Online Services"
2006-06-18 14:34:18 ( .D... ) "C:\Program Files\Messenger"
2006-06-18 14:34:14 ( .D... ) "C:\Program Files\MSN Gaming Zone"
2006-06-18 14:33:24 ( .D... ) "C:\Program Files\Windows NT"
2006-06-18 14:20:00 ( .D... ) "C:\Program Files\Common Files\ODBC"
2006-06-18 14:19:54 ( .D... ) "C:\Program Files\Common Files\SpeechEngines"
2006-06-18 14:19:54 ( .D... ) "C:\Program Files\Common Files\Microsoft Shared"
2006-06-18 14:19:54 ( .D... ) "C:\Program Files\Common Files"
2006-06-18 14:19:10 62 ( A.SH. ) "C:\Documents and Settings\William\Application Data\desktop.ini"
2006-06-16 14:34:44 48936 ( A.... ) "C:\WINDOWS\system32\sirenacm.dll"
2006-06-11 13:41:10 796584 ( A.... ) "C:\WINDOWS\system32\libeay32_0.9.6l.dll"
2006-06-01 19:09:24 208896 ( A.... ) "C:\WINDOWS\system32\NVUNINST.EXE"
2006-06-01 19:09:24 208896 ( A.... ) "C:\WINDOWS\system32\nvudisp.exe"
2006-06-01 17:22:00 7618560 ( A.... ) "C:\WINDOWS\system32\nvcpl.dll"
2006-06-01 17:22:00 5652480 ( A.... ) "C:\WINDOWS\system32\nvdisps.dll"
2006-06-01 17:22:00 5632000 ( A.... ) "C:\WINDOWS\system32\nvoglnt.dll"
2006-06-01 17:22:00 5246976 ( A.... ) "C:\WINDOWS\system32\nvdispsr.dll"
2006-06-01 17:22:00 4529408 ( A.... ) "C:\WINDOWS\system32\nv4_disp.dll"
2006-06-01 17:22:00 3100672 ( A.... ) "C:\WINDOWS\system32\nvgames.dll"
2006-06-01 17:22:00 2977792 ( A.... ) "C:\WINDOWS\system32\nvvitvsr.dll"
2006-06-01 17:22:00 2924544 ( A.... ) "C:\WINDOWS\system32\nvvitvs.dll"
2006-06-01 17:22:00 2916352 ( A.... ) "C:\WINDOWS\system32\nvgamesr.dll"
2006-06-01 17:22:00 2859008 ( A.... ) "C:\WINDOWS\system32\nvmoblsr.dll"
2006-06-01 17:22:00 1740800 ( A.... ) "C:\WINDOWS\system32\nvwssr.dll"
2006-06-01 17:22:00 1662976 ( A.... ) "C:\WINDOWS\system32\nvwdmcpl.dll"
2006-06-01 17:22:00 1519616 ( A.... ) "C:\WINDOWS\system32\nwiz.exe"
2006-06-01 17:22:00 1466368 ( A.... ) "C:\WINDOWS\system32\nview.dll"
2006-06-01 17:22:00 1339392 ( A.... ) "C:\WINDOWS\system32\nvdspsch.exe"
2006-06-01 17:22:00 1257472 ( A.... ) "C:\WINDOWS\system32\nvwss.dll"
2006-06-01 17:22:00 1019904 ( A.... ) "C:\WINDOWS\system32\nvwimg.dll"
2006-06-01 17:22:00 1011712 ( A.... ) "C:\WINDOWS\system32\nvcpluir.dll"
2006-06-01 17:22:00 888832 ( A.... ) "C:\WINDOWS\system32\nvmobls.dll"
2006-06-01 17:22:00 794624 ( A.... ) "C:\WINDOWS\system32\nvcplui.exe"
2006-06-01 17:22:00 581632 ( A.... ) "C:\WINDOWS\system32\nvhwvid.dll"
2006-06-01 17:22:00 466944 ( A.... ) "C:\WINDOWS\system32\nvshell.dll"
2006-06-01 17:22:00 462848 ( A.... ) "C:\WINDOWS\system32\nvmccssr.dll"
2006-06-01 17:22:00 442368 ( A.... ) "C:\WINDOWS\system32\nvappbar.exe"
2006-06-01 17:22:00 425984 ( A.... ) "C:\WINDOWS\system32\keystone.exe"
2006-06-01 17:22:00 311296 ( A.... ) "C:\WINDOWS\system32\nvexpbar.dll"
2006-06-01 17:22:00 286720 ( A.... ) "C:\WINDOWS\system32\nvnt4cpl.dll"
2006-06-01 17:22:00 229376 ( A.... ) "C:\WINDOWS\system32\nvmccs.dll"
2006-06-01 17:22:00 196608 ( A.... ) "C:\WINDOWS\system32\nvapi.dll"
2006-06-01 17:22:00 188416 ( A.... ) "C:\WINDOWS\system32\nvmccss.dll"
2006-06-01 17:22:00 155715 ( A.... ) "C:\WINDOWS\system32\nvsvc32.exe"
2006-06-01 17:22:00 147456 ( A.... ) "C:\WINDOWS\system32\nvcolor.exe"
2006-06-01 17:22:00 86016 ( A.... ) "C:\WINDOWS\system32\nvmctray.dll"
2006-06-01 17:22:00 81920 ( A.... ) "C:\WINDOWS\system32\nvwddi.dll"
2006-06-01 17:22:00 45056 ( A.... ) "C:\WINDOWS\system32\nvmccsrs.dll"
2006-06-01 17:22:00 35840 ( A.... ) "C:\WINDOWS\system32\nvcodins.dll"
2006-06-01 17:22:00 35840 ( A.... ) "C:\WINDOWS\system32\nvcod.dll"
2006-06-01 02:54:48 140984 ( A.... ) "C:\WINDOWS\system32\idmmbc.dll"
2006-05-19 07:59:42 148480 ( A.... ) "C:\WINDOWS\system32\dnsapi.dll"
2006-05-19 07:59:42 111616 ( A.... ) "C:\WINDOWS\system32\dhcpcsvc.dll"
2006-05-19 07:59:42 94720 ( A.... ) "C:\WINDOWS\system32\iphlpapi.dll"
2006-05-16 03:38:40 499712 ( A.... ) "C:\WINDOWS\system32\msvcp71.dll"
2006-05-03 02:56:58 127078 ( A.... ) "C:\WINDOWS\system32\javaws.exe"
2006-05-03 01:19:40 53346 ( A.... ) "C:\WINDOWS\system32\javaw.exe"
2006-05-03 01:19:30 49248 ( A.... ) "C:\WINDOWS\system32\java.exe"


(((((((((((((((((((((((((((((((((((((( Files Created - Last 30days )))))))))))))))))))))))))))))))))))))))))))


2006-07-30 11:07 57,344 C:\WINDOWS\system32\ltremove.exe
2006-07-30 10:26 53,739,574 C:\backup.reg
2006-07-28 15:53 73,728 C:\WINDOWS\system32\asuninst.exe
2006-07-28 15:53 11,776 C:\WINDOWS\system32\ZPORT4AS.dll
2006-07-28 15:22 335,130,624 C:\hiberfil.sys
2006-07-22 05:27 57,344 C:\WINDOWS\system32\Big
2006-07-18 13:21 61,440 C:\WINDOWS\system32\Big
2006-07-08 12:21 811,008 C:\WINDOWS\FeedingFrenzy.scr
2006-07-02 13:17 30,976 C:\WINDOWS\rascntrl.dll
2006-07-02 13:17 23,104 C:\WINDOWS\system32\svcprmpt.dll
2006-07-02 11:32 5 C:\WINDOWS\Modemx.dll
2006-06-30 16:38 283,648 C:\WINDOWS\uninst.exe
2006-06-30 16:32 306,688 C:\WINDOWS\IsUninst.exe
2006-06-26 16:50 208,896 C:\WINDOWS\system32\nvudisp.exe
2006-06-26 16:49 208,896 C:\WINDOWS\system32\NVUNINST.EXE
2006-06-23 06:46 3,120 C:\WINDOWS\system32\2d2ca2ce-704a-428c-8cbe-0736b29190aa.dll
2006-06-23 06:30 77,824 C:\WINDOWS\system32\driverif.dll
2006-06-23 06:30 733,236 C:\WINDOWS\system32\vete.dll
2006-06-23 06:30 12,288 C:\WINDOWS\system32\vetntmsg.dll
2006-06-20 15:39 221,184 C:\WINDOWS\system32\wmpns.dll
2006-06-20 05:11 127,208 C:\WINDOWS\system32\mucltui.dll
2006-06-19 22:58 22,752 C:\WINDOWS\system32\spupdsvc.exe
2006-06-19 16:20 702,768 C:\WINDOWS\system32\WgaLogon.dll
2006-06-18 20:52 73,216 C:\WINDOWS\ST6UNST.EXE
2006-06-18 20:52 249,856 C:\WINDOWS\Setup1.exe
2006-06-18 19:05 24,816 C:\WINDOWS\system32\mdimon.dll
2006-06-18 18:52 53,346 C:\WINDOWS\system32\javaw.exe
2006-06-18 18:52 49,248 C:\WINDOWS\system32\java.exe
2006-06-18 18:52 127,078 C:\WINDOWS\system32\javaws.exe
2006-06-18 18:49 61,136 C:\WINDOWS\system32\xinput9_1_0.dll
2006-06-18 18:49 230,096 C:\WINDOWS\system32\xactengine2_0.dll
2006-06-18 18:49 2,337,488 C:\WINDOWS\system32\d3dx9_25.dll
2006-06-18 18:49 2,332,368 C:\WINDOWS\system32\d3dx9_29.dll
2006-06-18 18:49 2,323,664 C:\WINDOWS\system32\d3dx9_28.dll
2006-06-18 18:49 2,319,568 C:\WINDOWS\system32\d3dx9_27.dll
2006-06-18 18:49 2,297,552 C:\WINDOWS\system32\d3dx9_26.dll
2006-06-18 18:49 2,222,800 C:\WINDOWS\system32\d3dx9_24.dll
2006-06-18 18:49 14,032 C:\WINDOWS\system32\x3daudio1_0.dll
2006-06-18 18:36 83,960 C:\WINDOWS\system32\zlcomm.dll
2006-06-18 18:36 796,584 C:\WINDOWS\system32\libeay32_0.9.6l.dll
2006-06-18 18:36 75,776 C:\WINDOWS\zllsputility.exe
2006-06-18 18:36 71,672 C:\WINDOWS\system32\zlcommdb.dll
2006-06-18 18:36 71,672 C:\WINDOWS\system32\vsregexp.dll
2006-06-18 18:36 59,384 C:\WINDOWS\system32\vswmi.dll
2006-06-18 18:36 394,872 C:\WINDOWS\system32\vsdatant.sys
2006-06-18 18:36 268,280 C:\WINDOWS\system32\vspubapi.dll
2006-06-18 18:36 11,264 C:\WINDOWS\system32\SpOrder.dll
2006-06-18 18:36 104,440 C:\WINDOWS\system32\vsmonapi.dll
2006-06-18 18:36 100,344 C:\WINDOWS\system32\vsxml.dll
2006-06-18 18:35 83,960 C:\WINDOWS\system32\vsdata.dll
2006-06-18 18:35 440,312 C:\WINDOWS\system32\vsutil.dll
2006-06-18 18:35 157,688 C:\WINDOWS\system32\vsinit.dll
2006-06-18 18:23 34,308 C:\WINDOWS\system32\BASSMOD.dll
2006-06-18 18:18 53,248 C:\WINDOWS\system32\hpfinsta.exe
2006-06-18 18:18 274,432 C:\WINDOWS\system32\hpfinst.dll
2006-06-18 18:18 262,144 C:\WINDOWS\system32\hpzcon04.dll
2006-06-18 18:18 200,704 C:\WINDOWS\system32\hpzcoi04.dll
2006-06-18 18:18 114,744 C:\WINDOWS\system32\hpzlnt04.dll
2006-06-18 18:06 24,576 C:\WINDOWS\system32\STKIT432.DLL
2006-06-18 18:04 57,344 C:\WINDOWS\Unwash6.exe
2006-06-18 18:04 486,400 C:\WINDOWS\system32\wwSecure.exe
2006-06-18 17:58 6,656 C:\WINDOWS\system32\pndx5016.dll
2006-06-18 17:58 5,632 C:\WINDOWS\system32\pndx5032.dll
2006-06-18 17:58 176,167 C:\WINDOWS\system32\rmoc3260.dll
2006-06-18 17:47 90,112 C:\WINDOWS\unvise32.exe
2006-06-18 16:49 40,960 C:\WINDOWS\system32\Fish
2006-06-18 16:39 20 C:\WINDOWS\prefs_bg.dll
2006-06-18 14:42 0 C:\MSDOS.SYS
2006-06-18 14:42 0 C:\IO.SYS
2006-06-18 14:42 0 C:\CONFIG.SYS
2006-06-18 14:42 0 C:\AUTOEXEC.BAT
2006-06-18 14:41 112,128 C:\WINDOWS\system32\mapi32.dll
2006-06-18 14:37 81,920 C:\WINDOWS\system32\isign32.dll
2006-06-18 14:37 81,920 C:\WINDOWS\system32\ils.dll
2006-06-18 14:37 8,192 C:\WINDOWS\system32\bitsprx2.dll
2006-06-18 14:37 73,728 C:\WINDOWS\system32\icwdial.dll
2006-06-18 14:37 7,168 C:\WINDOWS\system32\bitsprx3.dll
2006-06-18 14:37 69,632 C:\WINDOWS\system32\msconf.dll
2006-06-18 14:37 679,424 C:\WINDOWS\system32\inetcomm.dll
2006-06-18 14:37 67,584 C:\WINDOWS\system32\srclient.dll
2006-06-18 14:37 65,536 C:\WINDOWS\system32\icwphbk.dll
2006-06-18 14:37 64,512 C:\WINDOWS\system32\acctres.dll
2006-06-18 14:37 6,656 C:\WINDOWS\system32\wuauserv.dll
2006-06-18 14:37 48,128 C:\WINDOWS\system32\inetres.dll
2006-06-18 14:37 465,176 C:\WINDOWS\system32\wuapi.dll
2006-06-18 14:37 45,568 C:\WINDOWS\system32\safrslv.dll
2006-06-18 14:37 43,520 C:\WINDOWS\system32\safrcdlg.dll
2006-06-18 14:37 43,520 C:\WINDOWS\system32\racpldlg.dll
2006-06-18 14:37 41,240 C:\WINDOWS\system32\wups.dll
2006-06-18 14:37 382,464 C:\WINDOWS\system32\qmgr.dll
2006-06-18 14:37 34,560 C:\WINDOWS\system32\mnmdd.dll
2006-06-18 14:37 32,768 C:\WINDOWS\system32\mnmsrvc.exe
2006-06-18 14:37 32,768 C:\WINDOWS\system32\isrdbg32.dll
2006-06-18 14:37 29,696 C:\WINDOWS\system32\safrdm.dll
2006-06-18 14:37 28,672 C:\WINDOWS\system32\nmmkcert.dll
2006-06-18 14:37 274,944 C:\WINDOWS\system32\mstask.dll
2006-06-18 14:37 274,432 C:\WINDOWS\system32\inetcfg.dll
2006-06-18 14:37 252,928 C:\WINDOWS\system32\msoeacct.dll
2006-06-18 14:37 239,104 C:\WINDOWS\system32\srrstr.dll
2006-06-18 14:37 22,528 C:\WINDOWS\system32\fltMc.exe
2006-06-18 14:37 194,328 C:\WINDOWS\system32\wuaueng1.dll
2006-06-18 14:37 190,976 C:\WINDOWS\system32\schedsvc.dll
2006-06-18 14:37 18,944 C:\WINDOWS\system32\qmgrprxy.dll
2006-06-18 14:37 173,536 C:\WINDOWS\system32\wuweb.dll
2006-06-18 14:37 172,312 C:\WINDOWS\system32\wuauclt1.exe
2006-06-18 14:37 170,496 C:\WINDOWS\system32\srsvc.dll
2006-06-18 14:37 16,896 C:\WINDOWS\system32\fltlib.dll
2006-06-18 14:37 16,384 C:\WINDOWS\system32\icfgnt5.dll
2006-06-18 14:37 127,256 C:\WINDOWS\system32\wucltui.dll
2006-06-18 14:37 124,184 C:\WINDOWS\system32\wuauclt.exe
2006-06-18 14:37 12,288 C:\WINDOWS\system32\nmevtmsg.dll
2006-06-18 14:37 12,288 C:\WINDOWS\system32\mstinit.exe
2006-06-18 14:37 11,264 C:\WINDOWS\system32\atrace.dll
2006-06-18 14:37 105,984 C:\WINDOWS\system32\msoert2.dll
2006-06-18 14:37 1,343,768 C:\WINDOWS\system32\wuaueng.dll
2006-06-18 14:34 5,632 C:\WINDOWS\system32\write.exe
2006-06-18 14:33 97,792 C:\WINDOWS\system32\comrepl.dll
2006-06-18 14:33 956,416 C:\WINDOWS\system32\msdtctm.dll
2006-06-18 14:33 93,696 C:\WINDOWS\system32\tscfgwmi.dll
2006-06-18 14:33 91,136 C:\WINDOWS\system32\mtxoci.dll
2006-06-18 14:33 9,728 C:\WINDOWS\system32\reset.exe
2006-06-18 14:33 87,176 C:\WINDOWS\system32\rdpwsx.dll
2006-06-18 14:33 85,504 C:\WINDOWS\system32\catsrvps.dll
2006-06-18 14:33 80,384 C:\WINDOWS\system32\charmap.exe
2006-06-18 14:33 73,216 C:\WINDOWS\system32\avwav.dll
2006-06-18 14:33 67,072 C:\WINDOWS\system32\rdshost.exe
2006-06-18 14:33 655,360 C:\WINDOWS\system32\mstscax.dll
2006-06-18 14:33 625,152 C:\WINDOWS\system32\catsrvut.dll
2006-06-18 14:33 62,464 C:\WINDOWS\system32\rdpclip.exe
2006-06-18 14:33 605,696 C:\WINDOWS\system32\getuname.dll
2006-06-18 14:33 60,416 C:\WINDOWS\system32\remotepg.dll
2006-06-18 14:33 60,416 C:\WINDOWS\system32\colbact.dll
2006-06-18 14:33 6,144 C:\WINDOWS\system32\msdtc.exe
2006-06-18 14:33 58,880 C:\WINDOWS\system32\msdtclog.dll
2006-06-18 14:33 58,880 C:\WINDOWS\system32\licwmi.dll
2006-06-18 14:33 56,832 C:\WINDOWS\system32\sol.exe
2006-06-18 14:33 56,320 C:\WINDOWS\system32\servdeps.dll
2006-06-18 14:33 55,296 C:\WINDOWS\system32\freecell.exe
2006-06-18 14:33 540,160 C:\WINDOWS\system32\comuid.dll
2006-06-18 14:33 54,272 C:\WINDOWS\system32\stclient.dll
2006-06-18 14:33 538,624 C:\WINDOWS\system32\spider.exe
2006-06-18 14:33 5,120 C:\WINDOWS\system32\dcomcnfg.exe
2006-06-18 14:33 498,688 C:\WINDOWS\system32\clbcatq.dll
2006-06-18 14:33 44,544 C:\WINDOWS\system32\tscupgrd.exe
2006-06-18 14:33 44,544 C:\WINDOWS\system32\hticons.dll
2006-06-18 14:33 426,496 C:\WINDOWS\system32\msdtcprx.dll
2006-06-18 14:33 407,552 C:\WINDOWS\system32\mstsc.exe
2006-06-18 14:33 4,096 C:\WINDOWS\system32\rdpcfgex.dll
2006-06-18 14:33 4,096 C:\WINDOWS\system32\mtxex.dll
2006-06-18 14:33 38,912 C:\WINDOWS\system32\cfgbkend.dll
2006-06-18 14:33 35,328 C:\WINDOWS\system32\winchat.exe
2006-06-18 14:33 347,136 C:\WINDOWS\system32\hypertrm.dll
2006-06-18 14:33 343,040 C:\WINDOWS\system32\mspaint.exe
2006-06-18 14:33 33,792 C:\WINDOWS\system32\regini.exe
2006-06-18 14:33 295,424 C:\WINDOWS\system32\termsrv.dll
2006-06-18 14:33 25,600 C:\WINDOWS\system32\comaddin.dll
2006-06-18 14:33 25,088 C:\WINDOWS\system32\mtxlegih.dll
2006-06-18 14:33 227,840 C:\WINDOWS\system32\avtapi.dll
2006-06-18 14:33 225,792 C:\WINDOWS\system32\catsrv.dll
2006-06-18 14:33 22,016 C:\WINDOWS\system32\qwinsta.exe
2006-06-18 14:33 20,992 C:\WINDOWS\system32\msg.exe
2006-06-18 14:33 20,480 C:\WINDOWS\system32\qprocess.exe
2006-06-18 14:33 20,480 C:\WINDOWS\system32\mtxdm.dll
2006-06-18 14:33 19,968 C:\WINDOWS\system32\rdpsnd.dll
2006-06-18 14:33 185,344 C:\WINDOWS\system32\cmprops.dll
2006-06-18 14:33 183,808 C:\WINDOWS\system32\accwiz.exe
2006-06-18 14:33 17,408 C:\WINDOWS\system32\mmfutil.dll
2006-06-18 14:33 161,280 C:\WINDOWS\system32\msdtcuiu.dll
2006-06-18 14:33 16,896 C:\WINDOWS\system32\tsshutdn.exe
2006-06-18 14:33 16,896 C:\WINDOWS\system32\qappsrv.exe
2006-06-18 14:33 16,384 C:\WINDOWS\system32\tskill.exe
2006-06-18 14:33 16,384 C:\WINDOWS\system32\avmeter.dll
2006-06-18 14:33 15,872 C:\WINDOWS\system32\rwinsta.exe
2006-06-18 14:33 15,872 C:\WINDOWS\system32\cdmodem.dll
2006-06-18 14:33 15,360 C:\WINDOWS\system32\logoff.exe
2006-06-18 14:33 147,968 C:\WINDOWS\system32\rdchost.dll
2006-06-18 14:33 147,456 C:\WINDOWS\system32\comsnap.dll
2006-06-18 14:33 140,800 C:\WINDOWS\system32\sessmgr.exe
2006-06-18 14:33 14,848 C:\WINDOWS\system32\tsdiscon.exe
2006-06-18 14:33 14,848 C:\WINDOWS\system32\tscon.exe
2006-06-18 14:33 14,848 C:\WINDOWS\system32\shadow.exe
2006-06-18 14:33 138,752 C:\WINDOWS\system32\sndvol32.exe
2006-06-18 14:33 131,584 C:\WINDOWS\system32\sndrec32.exe
2006-06-18 14:33 13,824 C:\WINDOWS\system32\rdsaddin.exe
2006-06-18 14:33 126,976 C:\WINDOWS\system32\mshearts.exe
2006-06-18 14:33 123,392 C:\WINDOWS\system32\mplay32.exe
2006-06-18 14:33 119,808 C:\WINDOWS\system32\winmine.exe
2006-06-18 14:33 114,688 C:\WINDOWS\system32\calc.exe
2006-06-18 14:33 110,080 C:\WINDOWS\system32\clbcatex.dll
2006-06-18 14:33 11,776 C:\WINDOWS\system32\xolehlp.dll
2006-06-18 14:33 11,264 C:\WINDOWS\system32\icaapi.dll
2006-06-18 14:33 102,912 C:\WINDOWS\system32\clipbrd.exe
2006-06-18 14:33 1,267,200 C:\WINDOWS\system32\comsvcs.dll
2006-06-18 14:33 1,161 C:\WINDOWS\system32\usrlogon.cmd
2006-06-18 14:23 4,529,408 C:\WINDOWS\system32\nv4_disp.dll
2006-06-18 14:23 137,216 C:\WINDOWS\system32\atidrae.dll
2006-06-18 14:22 74,240 C:\WINDOWS\system32\usbui.dll
2006-06-18 14:22 4,096 C:\WINDOWS\system32\ksuser.dll
2006-06-18 14:19 85,020 C:\WINDOWS\system32\dgsetup.dll
2006-06-18 14:19 8,704 C:\WINDOWS\system32\batt.dll
2006-06-18 14:19 8,192 C:\WINDOWS\system32\kbdhept.dll
2006-06-18 14:19 74,752 C:\WINDOWS\system32\storprop.dll
2006-06-18 14:19 7,168 C:\WINDOWS\system32\kbdcz.dll
2006-06-18 14:19 69,120 C:\WINDOWS\NOTEPAD.EXE
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdycl.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdsl1.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdsl.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdpl.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdhu.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdhela3.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdcz2.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdcz1.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\kbdcr.dll
2006-06-18 14:19 6,656 C:\WINDOWS\system32\KBDAL.DLL
2006-06-18 14:19 6,144 C:\WINDOWS\system32\kbdtuq.dll
2006-06-18 14:19 6,144 C:\WINDOWS\system32\kbdtuf.dll
2006-06-18 14:19 6,144 C:\WINDOWS\system32\kbdlv1.dll
2006-06-18 14:19 6,144 C:\WINDOWS\system32\kbdlv.dll
2006-06-18 14:19 6,144 C:\WINDOWS\system32\kbdhela2.dll
2006-06-18 14:19 6,144 C:\WINDOWS\system32\kbdgkl.dll
2006-06-18 14:19 6,144 C:\WINDOWS\system32\kbdest.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdycc.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbduzb.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdur.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdtat.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdru1.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdru.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdro.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdpl1.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdmon.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdlt1.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdlt.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdkyr.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdkaz.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdhu1.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdhe319.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdhe220.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdhe.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdbu.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdblr.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdazel.dll
2006-06-18 14:19 5,632 C:\WINDOWS\system32\kbdaze.dll
2006-06-18 14:19 24,661 C:\WINDOWS\system32\spxcoins.dll
2006-06-18 14:19 176,157 C:\WINDOWS\system32\dgrpsetu.dll
2006-06-18 14:19 15,360 C:\WINDOWS\TASKMAN.EXE
2006-06-18 14:19 13,312 C:\WINDOWS\system32\irclass.dll
2006-06-18 14:19 103,424 C:\WINDOWS\system32\EqnClass.Dll
2006-06-18 14:02 503,316,480 C:\pagefile.sys
2006-06-16 14:34 48,936 C:\WINDOWS\system32\sirenacm.dll


(((((((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))

*Note* empty entries are not shown

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run]
"HPDJ Taskbar Utility"="C:\\WINDOWS\\system32\\spool\\drivers\\w32x86\\3\\hpztsb04.exe"
"Zone Labs Client"="\"D:\\Zone Labs\\ZoneAlarm\\zlclient.exe\""
"NvCplDaemon"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup"
"nwiz"="nwiz.exe /install"
"NvMediaCenter"="RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit"
"TkBellExe"="\"C:\\Program Files\\Common Files\\Real\\Update_OB\\realsched.exe\" -osboot"
"!ewido"="\"D:\\ewido anti-spyware 4.0\\ewido.exe\" /minimized"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\IMAIL]
"Installed"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MAPI]
"Installed"="1"
"NoChange"="1"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\OptionalComponents\MSFS]
"Installed"="1"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run]
"Karen's Alarm Clock"="D:\\Karen's Alarm Clock\\PTAlarm.exe"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"
"spc_w"="\"C:\\Program Files\\NZSearch\\nzspc.exe\" -w"

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"spc_w"="\"C:\\Program Files\\NZSearch\\nzspc.exe\" -w"
"ctfmon.exe"="C:\\WINDOWS\\system32\\ctfmon.exe"

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components]
"DeskHtmlVersion"=dword:00000110
"DeskHtmlMinorVersion"=dword:00000005
"Settings"=dword:00000001
"GeneralFlags"=dword:00000005

[HKEY_CURRENT_USER\software\microsoft\internet explorer\desktop\components\0]
"Source"="About:Home"
"SubscribedURL"="About:Home"
"FriendlyName"="My Current Home Page"
"Flags"=dword:00000002
"Position"=hex:2c,00,00,00,4e,00,00,00,00,00,00,00,b2,03,00,00,e2,02,00,00,00,\
00,00,00,01,00,00,00,01,00,00,00,01,00,00,00,00,00,00,00,00,00,00,00
"CurrentState"=hex:04,00,00,40
"OriginalStateInfo"=hex:18,00,00,00,ff,ff,00,00,ff,ff,00,00,ff,ff,ff,ff,ff,ff,\
ff,ff,04,00,00,00
"RestoredStateInfo"=hex:18,00,00,00,6a,02,00,00,23,00,00,00,a4,00,00,00,9a,00,\
00,00,01,00,00,00

[HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_USERS\s-1-5-18\software\microsoft\windows\currentversion\policies\explorer]
"NoDriveTypeAutoRun"=dword:00000091

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\sharedtaskscheduler]
"{438755C2-A8BA-11D1-B96B-00A0C90312E1}"="Browseui preloader"
"{8C7461EF-2B13-11d2-BE35-3078302C2030}"="Component Categories cache daemon"

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shellexecutehooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"=""
"{57B86673-276A-48B2-BAE7-C6DBB3020EB8}"="ewido anti-spyware 4.0"

HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system
DisableRegistryTools REG_DWORD 0 (0x0)



Contents of the 'Scheduled Tasks' folder
C:\WINDOWS\tasks\1-Click Maintenance.job

Completion time: Sun 07/30/2006 12:11:05.96
ComboFix ver 06.07.15/28 - This logfile is located at C:\ComboFix.txt
willmon18 is offline