Computer Slow after startup, firefox and flash player especially

willianr1179 · 12-04-2008, 07:04 PM

DDS (Version 1.0) - NTFSx86
Run by Nathan Williams at 20:49:50.82 on Thu 12/04/2008
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.503.297 [GMT -5:00]

============== Running Processes ===============

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\WINDOWS\System32\svchost.exe -k HTTPFilter
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Viewpoint\Viewpoint Manager\ViewMgr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Documents and Settings\Nathan Williams\Desktop\gmer.exe
C:\Documents and Settings\Nathan Williams\Desktop\dds.com

============== Pseudo HJT Report ===============

uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
BHO: {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
uRun: [CTSyncU.exe] "c:\program files\creative\sync manager unicode\CTSyncU.exe"
mRun: [igfxtray] c:\windows\system32\igfxtray.exe
mRun: [igfxpers] c:\windows\system32\igfxpers.exe
mRun: [ISUSPM Startup] "c:\program files\common files\installshield\updateservice\isuspm.exe" -startup
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [HP Software Update] c:\program files\hp\hp software update\HPWuSchd2.exe
mRun: [QuickTime Task] "c:\program files\quicktime\QTTask.exe" -atboottime
mRun: [SunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"
mRunOnce: [NSSInstallation] c:\windows\system32\adobe\shockwave 11\nssstub.exe /RunOnce
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hp\digital imaging\bin\hpqtra08.exe
IE: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\program files\wordperfect office x3\programs\WPLauncher.hta
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
Handler: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - c:\program files\hp\hpcoretech\comp\hpuiprot.dll
Notify: igfxcui - igfxdev.dll
Notify: WRNotifier - WRLogonNTF.dll
AppInit_DLLs: c:\windows\system32\negonito.dll,c:\windows\system32\yiwinizu.dll,c:\windows\system32\wahakilo.dll,c:\windows\system32\verimowe.dll,c:\windows\system32\sadezaji.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll
LSA: Notification Packages = scecli c:\windows\system32\negonito.dll

============= SERVICES / DRIVERS ===============

R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\viewpoint\common\ViewpointService.exe" [2007-1-10 24652]
S2 rzzrzjbr;rzzrzjbr;\??\c:\windows\system32\drivers\rzzrzjbr.sys []

=============== Created Last 30 ================

2008-12-04 20:09 250 a------- c:\windows\gmer.ini
2008-12-04 20:00 <DIR> --d----- c:\program files\Trend Micro
2008-12-04 18:00 <DIR> --d----- c:\windows\system32\Adobe
2008-12-04 05:23 116,224 a------- c:\windows\system32\dllcache\xrxwiadr.dll
2008-12-04 05:22 23,040 a------- c:\windows\system32\dllcache\xrxwbtmp.dll
2008-12-04 05:22 18,944 a------- c:\windows\system32\dllcache\xrxscnui.dll
2008-12-04 05:21 27,648 a------- c:\windows\system32\dllcache\xrxftplt.exe
2008-12-04 05:20 4,608 a------- c:\windows\system32\dllcache\xrxflnch.exe
2008-12-04 05:18 99,865 a------- c:\windows\system32\dllcache\xlog.exe
2008-12-04 05:18 28,288 a------- c:\windows\system32\dllcache\xjis.nls
2008-12-04 05:17 16,970 a------- c:\windows\system32\dllcache\xem336n5.sys
2008-12-04 05:17 19,455 a------- c:\windows\system32\dllcache\wvchntxx.sys
2008-12-04 05:16 19,200 a------- c:\windows\system32\dllcache\wstcodec.sys
2008-12-04 05:16 12,063 a------- c:\windows\system32\dllcache\wsiintxx.sys
2008-12-04 05:16 8,192 a------- c:\windows\system32\dllcache\wshirda.dll
2008-12-04 05:14 8,832 a------- c:\windows\system32\dllcache\wmiacpi.sys
2008-12-04 05:14 154,624 a------- c:\windows\system32\dllcache\wlluc48.sys
2008-12-04 05:13 34,890 a------- c:\windows\system32\dllcache\wlandrv2.sys
2008-12-04 05:12 771,581 a------- c:\windows\system32\dllcache\winacisa.sys
2008-12-04 05:11 53,760 a------- c:\windows\system32\dllcache\wiamsmud.dll
2008-12-04 05:10 87,040 a------- c:\windows\system32\dllcache\wiafbdrv.dll
2008-12-04 05:10 31,232 a------- c:\windows\system32\dllcache\weitekp9.sys
2008-12-04 05:10 41,600 a------- c:\windows\system32\dllcache\weitekp9.dll
2008-12-04 05:09 701,386 a------- c:\windows\system32\dllcache\wdhaalba.sys
2008-12-04 05:08 23,615 a------- c:\windows\system32\dllcache\wch7xxnt.sys
2008-12-04 05:08 31,744 a------- c:\windows\system32\dllcache\wceusbsh.sys
2008-12-04 05:07 35,871 a------- c:\windows\system32\dllcache\wbfirdma.sys
2008-12-04 05:07 33,599 a------- c:\windows\system32\dllcache\watv04nt.sys
2008-12-04 05:07 19,551 a------- c:\windows\system32\dllcache\watv02nt.sys
2008-12-04 05:06 29,311 a------- c:\windows\system32\dllcache\watv01nt.sys
2008-12-04 05:06 9,216 a------- c:\windows\system32\dllcache\wamps51.dll
2008-12-04 05:06 11,775 a------- c:\windows\system32\dllcache\wadv05nt.sys
2008-12-04 05:06 12,127 a------- c:\windows\system32\dllcache\wadv02nt.sys
2008-12-04 05:06 12,415 a------- c:\windows\system32\dllcache\wadv01nt.sys
2008-12-04 05:05 16,925 a------- c:\windows\system32\dllcache\w940nd.sys
2008-12-04 05:04 19,016 a------- c:\windows\system32\dllcache\w926nd.sys
2008-12-04 05:03 19,528 a------- c:\windows\system32\dllcache\w840nd.sys
2008-12-04 05:03 5,632 a------- c:\windows\system32\dllcache\w3svapi.dll
2008-12-04 05:03 73,728 a------- c:\windows\system32\dllcache\w3ext.dll
2008-12-04 05:02 4,608 a------- c:\windows\system32\dllcache\w3ctrs51.dll
2008-12-04 05:02 48,256 a------- c:\windows\system32\dllcache\w32.dll
2008-12-04 05:01 64,605 a------- c:\windows\system32\dllcache\vvoice.sys
2008-12-04 05:00 397,502 a------- c:\windows\system32\dllcache\vpctcom.sys
2008-12-04 04:59 604,253 a------- c:\windows\system32\dllcache\vmodem.sys
2008-12-04 04:58 249,402 a------- c:\windows\system32\dllcache\vinwm.sys
2008-12-04 04:58 24,576 a------- c:\windows\system32\dllcache\viairda.sys
2008-12-04 04:57 53,760 a------- c:\windows\system32\dllcache\vfwwdm32.dll
2008-12-04 04:56 687,999 a------- c:\windows\system32\dllcache\usrwdxjs.sys
2008-12-04 04:55 765,884 a------- c:\windows\system32\dllcache\usrti.sys
2008-12-04 04:54 113,762 a------- c:\windows\system32\dllcache\usrpda.sys
2008-12-04 04:53 7,556 a------- c:\windows\system32\dllcache\usroslba.sys
2008-12-04 04:52 224,802 a------- c:\windows\system32\dllcache\usr1807a.sys
2008-12-04 04:51 794,399 a------- c:\windows\system32\dllcache\usr1806v.sys
2008-12-04 04:51 793,598 a------- c:\windows\system32\dllcache\usr1806.sys
2008-12-04 04:50 794,654 a------- c:\windows\system32\dllcache\usr1801.sys
2008-12-04 04:49 26,112 a------- c:\windows\system32\dllcache\usbser.sys
2008-12-04 04:49 17,152 a------- c:\windows\system32\dllcache\usbohci.sys
2008-12-04 04:49 60,032 a------- c:\windows\system32\dllcache\usbaudio.sys
2008-12-04 04:48 32,384 a------- c:\windows\system32\dllcache\usb101et.sys
2008-12-04 04:47 94,720 a------- c:\windows\system32\dllcache\umaxud32.dll
2008-12-04 04:46 28,160 a------- c:\windows\system32\dllcache\umaxu40.dll
2008-12-04 04:45 26,624 a------- c:\windows\system32\dllcache\umaxu22.dll
2008-12-04 04:44 69,632 a------- c:\windows\system32\dllcache\umaxu12.dll
2008-12-04 04:44 50,688 a------- c:\windows\system32\dllcache\umaxscan.dll
2008-12-04 04:43 22,912 a------- c:\windows\system32\dllcache\umaxpcls.sys
2008-12-04 04:42 50,176 a------- c:\windows\system32\dllcache\umaxp60.dll
2008-12-04 04:41 47,616 a------- c:\windows\system32\dllcache\umaxcam.dll
2008-12-04 04:40 211,968 a------- c:\windows\system32\dllcache\um54scan.dll
2008-12-04 04:39 216,064 a------- c:\windows\system32\dllcache\um34scan.dll
2008-12-04 04:38 11,520 a------- c:\windows\system32\dllcache\twotrack.sys
2008-12-04 04:38 14,336 a------- c:\windows\system32\dllcache\tsprof.exe
2008-12-04 04:37 166,784 a------- c:\windows\system32\dllcache\tridxpm.sys
2008-12-04 04:36 525,568 a------- c:\windows\system32\dllcache\tridxp.dll
2008-12-04 04:35 159,232 a------- c:\windows\system32\dllcache\tridkbm.sys
2008-12-04 04:34 440,576 a------- c:\windows\system32\dllcache\tridkb.dll
2008-12-04 04:33 222,336 a------- c:\windows\system32\dllcache\trid3dm.sys
2008-12-04 04:32 315,520 a------- c:\windows\system32\dllcache\trid3d.dll
2008-12-04 04:31 34,375 a------- c:\windows\system32\dllcache\tpro4.sys
2008-12-04 04:30 42,496 a------- c:\windows\system32\dllcache\tp4res.dll
2008-12-04 04:30 82,944 a------- c:\windows\system32\dllcache\tp4mon.exe
2008-12-04 04:29 31,744 a------- c:\windows\system32\dllcache\tp4.dll
2008-12-04 04:28 230,912 a------- c:\windows\system32\dllcache\tosdvd03.sys
2008-12-04 04:27 241,664 a------- c:\windows\system32\dllcache\tosdvd02.sys
2008-12-04 04:26 28,232 a------- c:\windows\system32\dllcache\tos4mo.sys
2008-12-04 04:25 123,995 a------- c:\windows\system32\dllcache\tjisdn.sys
2008-12-04 04:25 185,344 a------- c:\windows\system32\dllcache\thawbrkr.dll
2008-12-04 04:24 138,528 a------- c:\windows\system32\dllcache\tgiulnt5.sys
2008-12-04 04:23 81,408 a------- c:\windows\system32\dllcache\tgiul50.dll
2008-12-04 04:23 149,376 a------- c:\windows\system32\dllcache\tffsport.sys
2008-12-04 04:23 19,464 a------- c:\windows\system32\dllcache\tdspx.sys
2008-12-04 04:22 17,129 a------- c:\windows\system32\dllcache\tdkcd31.sys
2008-12-04 04:21 37,961 a------- c:\windows\system32\dllcache\tdk100b.sys
2008-12-04 04:21 21,896 a------- c:\windows\system32\dllcache\tdipx.sys
2008-12-04 04:21 13,192 a------- c:\windows\system32\dllcache\tdasync.sys
2008-12-04 04:20 30,464 a------- c:\windows\system32\dllcache\tbatm155.sys
2008-12-04 04:20 7,040 a------- c:\windows\system32\dllcache\tandqic.sys
2008-12-04 04:19 36,640 a------- c:\windows\system32\dllcache\t2r4mini.sys
2008-12-04 04:18 172,768 a------- c:\windows\system32\dllcache\t2r4disp.dll
2008-12-04 04:17 94,293 a------- c:\windows\system32\dllcache\sxports.dll
2008-12-04 04:16 103,936 a------- c:\windows\system32\dllcache\sx.sys
2008-12-04 04:15 3,968 a------- c:\windows\system32\dllcache\swusbflt.sys
2008-12-04 04:14 10,240 a------- c:\windows\system32\dllcache\swpidflt.dll
2008-12-04 04:14 10,240 a------- c:\windows\system32\dllcache\swpdflt2.dll
2008-12-04 04:13 53,760 a------- c:\windows\system32\dllcache\sw_wheel.dll
2008-12-04 04:12 41,472 a------- c:\windows\system32\dllcache\sw_effct.dll
2008-12-04 04:12 15,232 a------- c:\windows\system32\dllcache\streamip.sys
2008-12-04 04:11 155,648 a------- c:\windows\system32\dllcache\stlnprop.dll
2008-12-04 04:10 53,248 a------- c:\windows\system32\dllcache\stlncoin.dll
2008-12-04 04:09 285,760 a------- c:\windows\system32\dllcache\stlnata.sys
2008-12-04 04:08 16,896 a------- c:\windows\system32\dllcache\stcusb.sys
2008-12-04 04:08 16,896 a------- c:\windows\system32\dllcache\status.dll
2008-12-04 04:07 48,736 a------- c:\windows\system32\dllcache\srwlnd5.sys
2008-12-04 04:06 99,328 a------- c:\windows\system32\dllcache\srusd.dll
2008-12-04 04:06 101,376 a------- c:\windows\system32\dllcache\srusbusd.dll
2008-12-04 04:05 24,660 a------- c:\windows\system32\dllcache\spxupchk.dll
2008-12-04 04:04 61,824 a------- c:\windows\system32\dllcache\speed.sys
2008-12-04 04:04 106,584 a------- c:\windows\system32\dllcache\spdports.dll
2008-12-04 04:03 7,552 a------- c:\windows\system32\dllcache\sonypvu1.sys
2008-12-04 04:02 37,040 a------- c:\windows\system32\dllcache\sonypi.sys
2008-12-04 04:01 114,688 a------- c:\windows\system32\dllcache\sonypi.dll
2008-12-04 04:00 20,752 a------- c:\windows\system32\dllcache\sonync.sys
2008-12-04 03:59 9,600 a------- c:\windows\system32\dllcache\sonymc.sys
2008-12-04 03:59 7,552 a------- c:\windows\system32\dllcache\sonyait.sys
2008-12-04 03:59 143,422 a------- c:\windows\system32\dllcache\softkey.dll
2008-12-04 03:58 7,040 a------- c:\windows\system32\dllcache\snyaitmc.sys
2008-12-04 03:58 7,168 a------- c:\windows\system32\dllcache\EXCH_snprfdll.dll
2008-12-04 03:58 10,240 a------- c:\windows\system32\dllcache\snmpstup.dll
2008-12-04 03:58 12,288 a------- c:\windows\system32\dllcache\EXCH_smtpctrs.dll
2008-12-04 03:58 5,632 a------- c:\windows\system32\dllcache\smimsgif.dll
2008-12-04 03:57 58,368 a------- c:\windows\system32\dllcache\smiminib.sys
2008-12-04 03:57 5,632 a------- c:\windows\system32\dllcache\smierrsy.dll
2008-12-04 03:57 15,872 a------- c:\windows\system32\dllcache\smierrsm.dll
2008-12-04 03:56 147,200 a------- c:\windows\system32\dllcache\smidispb.dll
2008-12-04 03:55 25,034 a------- c:\windows\system32\dllcache\smcpwr2n.sys
2008-12-04 03:54 35,913 a------- c:\windows\system32\dllcache\smcirda.sys
2008-12-04 03:54 24,576 a------- c:\windows\system32\dllcache\smc8000n.sys
2008-12-04 03:53 6,784 a------- c:\windows\system32\dllcache\smbhc.sys
2008-12-04 03:52 6,912 a------- c:\windows\system32\dllcache\smbclass.sys
2008-12-04 03:52 16,000 a------- c:\windows\system32\dllcache\smbbatt.sys
2008-12-04 03:52 31,744 a------- c:\windows\system32\dllcache\smb6w.dll
2008-12-04 03:51 45,568 a------- c:\windows\system32\dllcache\smb3w.dll
2008-12-04 03:51 33,792 a------- c:\windows\system32\dllcache\smb0w.dll
2008-12-04 03:50 31,744 a------- c:\windows\system32\dllcache\sma3w.dll
2008-12-04 03:50 28,672 a------- c:\windows\system32\dllcache\sma0w.dll
2008-12-04 03:50 38,912 a------- c:\windows\system32\dllcache\sm9aw.dll
2008-12-04 03:50 26,624 a------- c:\windows\system32\dllcache\sm93w.dll
2008-12-04 03:50 26,624 a------- c:\windows\system32\dllcache\sm92w.dll
2008-12-04 03:49 28,160 a------- c:\windows\system32\dllcache\sm91w.dll
2008-12-04 03:49 26,112 a------- c:\windows\system32\dllcache\sm90w.dll
2008-12-04 03:49 26,112 a------- c:\windows\system32\dllcache\sm8dw.dll
2008-12-04 03:49 29,184 a------- c:\windows\system32\dllcache\sm8cw.dll
2008-12-04 03:48 26,112 a------- c:\windows\system32\dllcache\sm8aw.dll
2008-12-04 03:48 26,112 a------- c:\windows\system32\dllcache\sm89w.dll
2008-12-04 03:48 30,208 a------- c:\windows\system32\dllcache\sm87w.dll
2008-12-04 03:48 30,208 a------- c:\windows\system32\dllcache\sm81w.dll
2008-12-04 03:48 25,088 a------- c:\windows\system32\dllcache\sm59w.dll
2008-12-04 03:48 11,136 a------- c:\windows\system32\dllcache\slip.sys
2008-12-04 03:48 63,547 a------- c:\windows\system32\dllcache\sla30nd5.sys
2008-12-04 03:47 91,294 a------- c:\windows\system32\dllcache\skfpwin.sys
2008-12-04 03:46 94,698 a------- c:\windows\system32\dllcache\sk98xwin.sys
2008-12-04 03:45 157,696 a------- c:\windows\system32\dllcache\sisv256.dll
2008-12-04 03:44 50,432 a------- c:\windows\system32\dllcache\sisv.sys
2008-12-04 03:44 32,768 a------- c:\windows\system32\dllcache\sisnic.sys
2008-12-04 03:43 238,592 a------- c:\windows\system32\dllcache\sisgrv.dll
2008-12-04 03:43 104,064 a------- c:\windows\system32\dllcache\sisgrp.sys
2008-12-04 03:42 150,144 a------- c:\windows\system32\dllcache\sis6306v.dll
2008-12-04 03:41 68,608 a------- c:\windows\system32\dllcache\sis6306p.sys
2008-12-04 03:40 252,032 a------- c:\windows\system32\dllcache\sis300iv.dll
2008-12-04 03:39 101,760 a------- c:\windows\system32\dllcache\sis300ip.sys
2008-12-04 03:39 18,944 a------- c:\windows\system32\dllcache\simptcp.dll
2008-12-04 03:38 161,568 a------- c:\windows\system32\dllcache\sgsmusb.sys
2008-12-04 03:38 18,400 a------- c:\windows\system32\dllcache\sgsmld.sys
2008-12-04 03:37 98,080 a------- c:\windows\system32\dllcache\sgiulnt5.sys
2008-12-04 03:36 386,560 a------- c:\windows\system32\dllcache\sgiul50.dll
2008-12-04 03:35 36,480 a------- c:\windows\system32\dllcache\sfmanm.sys
2008-12-04 03:34 6,784 a------- c:\windows\system32\dllcache\serscan.sys
2008-12-04 03:33 17,664 a------- c:\windows\system32\dllcache\sermouse.sys
2008-12-04 03:33 26,112 a------- c:\windows\system32\dllcache\EXCH_seos.dll
2008-12-04 03:32 6,912 a------- c:\windows\system32\dllcache\seaddsmc.sys
2008-12-04 03:32 11,520 a------- c:\windows\system32\dllcache\scsiscan.sys
2008-12-04 03:31 11,648 a------- c:\windows\system32\dllcache\scsiprnt.sys
2008-12-04 03:31 57,856 a------- c:\windows\system32\dllcache\EXCH_scripto.dll
2008-12-04 03:31 17,280 a------- c:\windows\system32\dllcache\scr111.sys
2008-12-04 03:30 16,640 a------- c:\windows\system32\dllcache\scmstcs.sys
2008-12-04 03:29 23,936 a------- c:\windows\system32\dllcache\sccmusbm.sys
2008-12-04 03:28 23,936 a------- c:\windows\system32\dllcache\sccmn50m.sys
2008-12-04 03:28 43,904 a------- c:\windows\system32\dllcache\sbp2port.sys
2008-12-04 03:27 495,616 a------- c:\windows\system32\dllcache\sblfx.dll
2008-12-04 03:26 75,392 a------- c:\windows\system32\dllcache\s3savmxm.sys
2008-12-04 03:25 245,632 a------- c:\windows\system32\dllcache\s3savmx.dll
2008-12-04 03:25 77,824 a------- c:\windows\system32\dllcache\s3sav4m.sys
2008-12-04 03:24 198,400 a------- c:\windows\system32\dllcache\s3sav4.dll
2008-12-04 03:23 61,504 a------- c:\windows\system32\dllcache\s3sav3dm.sys
2008-12-04 03:22 179,264 a------- c:\windows\system32\dllcache\s3sav3d.dll
2008-12-04 03:21 210,496 a------- c:\windows\system32\dllcache\s3mvirge.dll
2008-12-04 03:21 62,496 a------- c:\windows\system32\dllcache\s3mtrio.dll
2008-12-04 03:20 41,216 a------- c:\windows\system32\dllcache\s3mt3d.sys
2008-12-04 03:19 182,272 a------- c:\windows\system32\dllcache\s3mt3d.dll
2008-12-04 03:18 166,720 a------- c:\windows\system32\dllcache\s3m.sys
2008-12-04 03:17 65,664 a------- c:\windows\system32\dllcache\s3legacy.sys
2008-12-04 03:17 82,432 a------- c:\windows\system32\dllcache\rwia450.dll
2008-12-04 03:16 79,872 a------- c:\windows\system32\dllcache\rwia430.dll
2008-12-04 03:16 79,872 a------- c:\windows\system32\dllcache\rwia330.dll
2008-12-04 03:16 79,872 a------- c:\windows\system32\dllcache\rwia001.dll
2008-12-04 03:15 29,696 a------- c:\windows\system32\dllcache\rw450ext.dll
2008-12-04 03:15 27,648 a------- c:\windows\system32\dllcache\rw430ext.dll
2008-12-04 03:15 20,992 a------- c:\windows\system32\dllcache\rtl8139.sys
2008-12-04 03:14 19,017 a------- c:\windows\system32\dllcache\rtl8029.sys
2008-12-04 03:13 30,720 a------- c:\windows\system32\dllcache\rthwcls.sys
2008-12-04 03:12 9,216 a------- c:\windows\system32\dllcache\rsmgrstr.dll
2008-12-04 03:12 3,840 a------- c:\windows\system32\dllcache\rpfun.sys
2008-12-04 03:11 79,104 a------- c:\windows\system32\dllcache\rocket.sys
2008-12-04 03:10 37,563 a------- c:\windows\system32\dllcache\rlnet5.sys
2008-12-04 03:10 86,097 a------- c:\windows\system32\dllcache\reslog32.dll
2008-12-04 03:09 23,040 a------- c:\windows\system32\dllcache\EXCH_regtrace.exe
2008-12-04 03:09 14,848 a------- c:\windows\system32\dllcache\register.exe
2008-12-04 03:08 19,584 a------- c:\windows\system32\dllcache\rasirda.sys
2008-12-04 03:08 714,762 a------- c:\windows\system32\dllcache\r2mdmkxx.sys
2008-12-04 03:07 899,146 a------- c:\windows\system32\dllcache\r2mdkxga.sys
2008-12-04 03:06 41,472 a------- c:\windows\system32\dllcache\qvusd.dll
2008-12-04 03:05 3,328 a------- c:\windows\system32\dllcache\qv2kux.sys
2008-12-04 03:05 16,384 a------- c:\windows\system32\dllcache\quser.exe
2008-12-04 03:05 9,728 a------- c:\windows\system32\dllcache\query.exe
2008-12-04 03:05 6,016 a------- c:\windows\system32\dllcache\qic157.sys
2008-12-04 03:04 130,942 a------- c:\windows\system32\dllcache\ptserlv.sys
2008-12-04 03:03 112,574 a------- c:\windows\system32\dllcache\ptserlp.sys
2008-12-04 03:02 128,286 a------- c:\windows\system32\dllcache\ptserli.sys
2008-12-04 03:02 159,232 a------- c:\windows\system32\dllcache\ptpusd.dll
2008-12-04 03:01 5,632 a------- c:\windows\system32\dllcache\ptpusb.dll
2008-12-04 03:01 33,280 a------- c:\windows\system32\dllcache\psisrndr.ax
2008-12-04 03:00 35,328 a------- c:\windows\system32\dllcache\psisload.dll
2008-12-04 03:00 363,520 a------- c:\windows\system32\dllcache\psisdecd.dll
2008-12-04 02:59 16,128 a------- c:\windows\system32\dllcache\pscr.sys
2008-12-04 02:59 83,748 a------- c:\windows\system32\dllcache\prcp.nls
2008-12-04 02:59 83,748 a------- c:\windows\system32\dllcache\prc.nls
2008-12-04 02:59 17,664 a------- c:\windows\system32\dllcache\ppa3.sys
2008-12-04 02:58 17,792 a------- c:\windows\system32\dllcache\ppa.sys
2008-12-04 02:58 8,832 a------- c:\windows\system32\dllcache\powerfil.sys
2008-12-04 02:57 7,168 a------- c:\windows\system32\dllcache\pnrmc.sys
2008-12-04 02:57 131,584 a------- c:\windows\system32\dllcache\pmxviceo.dll
2008-12-04 02:57 11,264 a------- c:\windows\system32\dllcache\pmxmcro.dll
2008-12-04 02:57 6,144 a------- c:\windows\system32\dllcache\pmxgl.dll
2008-12-04 02:56 121,344 a------- c:\windows\system32\dllcache\phvfwext.dll
2008-12-04 02:55 19,840 a------- c:\windows\system32\dllcache\philtune.sys
2008-12-04 02:54 92,416 a------- c:\windows\system32\dllcache\phildec.sys
2008-12-04 02:53 173,696 a------- c:\windows\system32\dllcache\philcam2.sys
2008-12-04 02:53 75,776 a------- c:\windows\system32\dllcache\philcam1.sys
2008-12-04 02:52 16,384 a------- c:\windows\system32\dllcache\philcam1.dll
2008-12-04 02:51 105,984 a------- c:\windows\system32\dllcache\phdsext.ax
2008-12-04 02:51 20,992 a------- c:\windows\system32\dllcache\permchk.dll
2008-12-04 02:51 259,328 a------- c:\windows\system32\dllcache\perm3dd.dll
2008-12-04 02:51 28,032 a------- c:\windows\system32\dllcache\perm3.sys
2008-12-04 02:50 211,584 a------- c:\windows\system32\dllcache\perm2dll.dll
2008-12-04 02:50 27,904 a------- c:\windows\system32\dllcache\perm2.sys
2008-12-04 02:50 169,984 a------- c:\windows\system32\dllcache\pcx500.sys
2008-12-04 02:49 86,016 a------- c:\windows\system32\dllcache\pctspk.exe
2008-12-04 02:48 35,328 a------- c:\windows\system32\dllcache\pcntpci5.sys
2008-12-04 02:48 29,769 a------- c:\windows\system32\dllcache\pcntn5m.sys
2008-12-04 02:47 30,282 a------- c:\windows\system32\dllcache\pcntn5hl.sys
2008-12-04 02:46 26,153 a------- c:\windows\system32\dllcache\pcmlm56.sys
2008-12-04 02:46 29,502 a------- c:\windows\system32\dllcache\pca200e.sys
2008-12-04 02:45 30,495 a------- c:\windows\system32\dllcache\pc100nds.sys
2008-12-04 02:45 31,744 a------- c:\windows\system32\dllcache\pagecnt.dll
2008-12-04 02:45 14,336 a------- c:\windows\system32\dllcache\padrs412.dll
2008-12-04 02:45 36,927 a------- c:\windows\system32\dllcache\padrs411.dll
2008-12-04 02:44 41,984 a------- c:\windows\system32\dllcache\ovui2rc.dll
2008-12-04 02:43 44,544 a------- c:\windows\system32\dllcache\ovui2.dll
2008-12-04 02:42 25,216 a------- c:\windows\system32\dllcache\ovsound2.sys
2008-12-04 02:42 39,424 a------- c:\windows\system32\dllcache\ovcoms.exe
2008-12-04 02:41 20,480 a------- c:\windows\system32\dllcache\ovcomc.dll
2008-12-04 02:40 351,616 a------- c:\windows\system32\dllcache\ovcodek2.sys
2008-12-04 02:39 116,736 a------- c:\windows\system32\dllcache\ovcodec2.dll
2008-12-04 02:38 31,872 a------- c:\windows\system32\dllcache\ovce.sys
2008-12-04 02:38 28,032 a------- c:\windows\system32\dllcache\ovcd.sys
2008-12-04 02:37 48,000 a------- c:\windows\system32\dllcache\ovcam2.sys
2008-12-04 02:36 25,088 a------- c:\windows\system32\dllcache\ovca.sys
2008-12-04 02:35 54,186 a------- c:\windows\system32\dllcache\otcsercb.sys
2008-12-04 02:34 43,689 a------- c:\windows\system32\dllcache\otceth5.sys
2008-12-04 02:34 27,209 a------- c:\windows\system32\dllcache\otc06x5.sys
2008-12-04 02:33 54,528 a------- c:\windows\system32\dllcache\opl3sax.sys
2008-12-04 02:33 61,696 a------- c:\windows\system32\dllcache\ohci1394.sys
2008-12-04 02:32 198,144 a------- c:\windows\system32\dllcache\nv3.sys
2008-12-04 02:31 123,776 a------- c:\windows\system32\dllcache\nv3.dll
2008-12-04 02:30 51,552 a------- c:\windows\system32\dllcache\ntgrip.sys
2008-12-04 02:30 38,912 a------- c:\windows\system32\dllcache\EXCH_ntfsdrv.dll
2008-12-04 02:29 9,344 a------- c:\windows\system32\dllcache\ntapm.sys
2008-12-04 02:28 7,552 a------- c:\windows\system32\dllcache\nsmmc.sys
2008-12-04 02:28 28,672 a------- c:\windows\system32\dllcache\nscirda.sys
2008-12-04 02:27 87,040 a------- c:\windows\system32\dllcache\nm6wdm.sys
2008-12-04 02:27 126,080 a------- c:\windows\system32\dllcache\nm5a2wdm.sys
2008-12-04 02:26 32,840 a------- c:\windows\system32\dllcache\ngrpci.sys
2008-12-04 02:26 53,248 a------- c:\windows\system32\dllcache\nextlink.dll
2008-12-04 02:25 132,695 a------- c:\windows\system32\dllcache\netwlan5.sys
2008-12-04 02:25 65,278 a------- c:\windows\system32\dllcache\netflx3.sys
2008-12-04 02:24 39,264 a------- c:\windows\system32\dllcache\neo20xx.sys
2008-12-04 02:23 60,480 a------- c:\windows\system32\dllcache\neo20xx.dll
2008-12-04 02:22 15,872 a------- c:\windows\system32\dllcache\ne2000.sys
2008-12-04 02:22 10,880 a------- c:\windows\system32\dllcache\ndisip.sys
2008-12-04 02:22 85,248 a------- c:\windows\system32\dllcache\nabtsfec.sys
2008-12-04 02:21 91,488 a------- c:\windows\system32\dllcache\n9i3disp.dll
2008-12-04 02:20 27,936 a------- c:\windows\system32\dllcache\n9i3d.sys
2008-12-04 02:20 33,088 a------- c:\windows\system32\dllcache\n9i128v2.sys
2008-12-04 02:19 59,104 a------- c:\windows\system32\dllcache\n9i128v2.dll
2008-12-04 02:18 13,664 a------- c:\windows\system32\dllcache\n9i128.sys
2008-12-04 02:17 35,392 a------- c:\windows\system32\dllcache\n9i128.dll
2008-12-04 02:17 128,000 a------- c:\windows\system32\dllcache\n100325.sys
2008-12-04 02:16 52,255 a------- c:\windows\system32\dllcache\n1000nt5.sys
2008-12-04 02:15 75,520 a------- c:\windows\system32\dllcache\mxport.sys
2008-12-04 02:15 7,168 a------- c:\windows\system32\dllcache\mxport.dll
2008-12-04 02:14 19,968 a------- c:\windows\system32\dllcache\mxnic.sys
2008-12-04 02:13 19,968 a------- c:\windows\system32\dllcache\mxicfg.dll
2008-12-04 02:12 21,888 a------- c:\windows\system32\dllcache\mxcard.sys
2008-12-04 02:12 229,439 a------- c:\windows\system32\dllcache\multibox.dll
2008-12-04 02:11 103,296 a------- c:\windows\system32\dllcache\mtxvideo.sys
2008-12-04 02:11 5,504 a------- c:\windows\system32\dllcache\mstee.sys
2008-12-04 02:11 49,024 a------- c:\windows\system32\dllcache\mstape.sys
2008-12-04 02:10 12,416 a------- c:\windows\system32\dllcache\msriffwv.sys
2008-12-04 02:09 2,944 a------- c:\windows\system32\dllcache\msmpu401.sys
2008-12-04 02:09 22,016 a------- c:\windows\system32\dllcache\msircomm.sys
2008-12-04 02:09 1,875,968 a------- c:\windows\system32\dllcache\msir3jp.lex
2008-12-04 02:09 98,304 a------- c:\windows\system32\dllcache\msir3jp.dll
2008-12-04 02:08 35,200 a------- c:\windows\system32\dllcache\msgame.sys
2008-12-04 02:07 6,016 a------- c:\windows\system32\dllcache\msfsio.sys
2008-12-04 02:07 56,832 a------- c:\windows\system32\dllcache\msdvbnp.ax
2008-12-04 02:07 51,200 a------- c:\windows\system32\dllcache\msdv.sys
2008-12-04 02:06 15,232 a------- c:\windows\system32\dllcache\mpe.sys
2008-12-04 02:06 16,128 a------- c:\windows\system32\dllcache\modemcsa.sys
2008-12-04 02:05 6,528 a------- c:\windows\system32\dllcache\miniqic.sys
2008-12-04 02:05 34,304 a------- c:\windows\system32\dllcache\migisol.exe
2008-12-04 02:04 320,384 a------- c:\windows\system32\dllcache\mgaum.sys
2008-12-04 02:03 235,648 a------- c:\windows\system32\dllcache\mgaud.dll
2008-12-04 02:03 92,416 a------- c:\windows\system32\dllcache\mga.sys
2008-12-04 02:03 92,032 a------- c:\windows\system32\dllcache\mga.dll
2008-12-04 02:03 26,112 a------- c:\windows\system32\dllcache\memstpci.sys
2008-12-04 02:02 47,616 a------- c:\windows\system32\dllcache\memgrp.dll
2008-12-04 02:01 8,320 a------- c:\windows\system32\dllcache\memcard.sys
2008-12-04 02:01 26,624 a------- c:\windows\system32\dllcache\mdsync.dll
2008-12-04 02:01 164,586 a------- c:\windows\system32\dllcache\mdgndis5.sys
2008-12-04 02:00 7,424 a------- c:\windows\system32\dllcache\mammoth.sys
2008-12-04 02:00 65,536 a------- c:\windows\system32\dllcache\EXCH_mailmsg.dll
2008-12-04 01:59 48,768 a------- c:\windows\system32\dllcache\maestro.sys
2008-12-04 01:58 58,880 a------- c:\windows\system32\dllcache\m3092dc.dll
2008-12-04 01:57 58,368 a------- c:\windows\system32\dllcache\m3091dc.dll
2008-12-04 01:57 22,848 a------- c:\windows\system32\dllcache\lwusbhid.sys
2008-12-04 01:57 20,864 a------- c:\windows\system32\dllcache\lwadihid.sys
2008-12-04 01:56 797,500 a------- c:\windows\system32\dllcache\ltsmt.sys
2008-12-04 01:55 802,683 a------- c:\windows\system32\dllcache\ltsm.sys
2008-12-04 01:55 7,040 a------- c:\windows\system32\dllcache\ltotape.sys
2008-12-04 01:55 420,992 a------- c:\windows\system32\dllcache\ltmdmntt.sys
2008-12-04 01:54 576,746 a------- c:\windows\system32\dllcache\ltmdmntl.sys
2008-12-04 01:54 606,684 a------- c:\windows\system32\dllcache\ltmdmnt.sys
2008-12-04 01:53 727,786 a------- c:\windows\system32\dllcache\ltck000c.sys
2008-12-04 01:53 4,992 a------- c:\windows\system32\dllcache\loop.sys
2008-12-04 01:53 22,016 a------- c:\windows\system32\dllcache\logscrpt.dll
2008-12-04 01:52 70,730 a------- c:\windows\system32\dllcache\lne100tx.sys
2008-12-04 01:51 20,573 a------- c:\windows\system32\dllcache\lne100.sys
2008-12-04 01:51 25,065 a------- c:\windows\system32\dllcache\lmndis3.sys
2008-12-04 01:50 15,744 a------- c:\windows\system32\dllcache\lit220p.sys
2008-12-04 01:50 34,688 a------- c:\windows\system32\dllcache\lbrtfdc.sys
2008-12-04 01:49 26,442 a------- c:\windows\system32\dllcache\lanepic5.sys
2008-12-04 01:48 19,016 a------- c:\windows\system32\dllcache\ktc111.sys
2008-12-04 01:48 43,008 a------- c:\windows\system32\dllcache\ksxbar.ax
2008-12-04 01:48 91,136 a------- c:\windows\system32\dllcache\kswdmcap.ax
2008-12-04 01:48 61,952 a------- c:\windows\system32\dllcache\kstvtune.ax
2008-12-04 01:48 47,066 a------- c:\windows\system32\dllcache\ksc.nls
2008-12-04 01:47 37,376 a------- c:\windows\system32\dllcache\kousd.dll
2008-12-04 01:47 1,158,818 a------- c:\windows\system32\dllcache\korwbrkr.lex
2008-12-04 01:47 70,656 a------- c:\windows\system32\dllcache\korwbrkr.dll
2008-12-04 01:47 253,952 a------- c:\windows\system32\dllcache\kdsusd.dll
2008-12-04 01:47 48,640 a------- c:\windows\system32\dllcache\kdsui.dll
2008-12-04 01:47 5,632 a------- c:\windows\system32\dllcache\kbdusa.dll
2008-12-04 01:46 7,680 a------- c:\windows\system32\dllcache\kbdnecnt.dll
2008-12-04 01:46 9,216 a------- c:\windows\system32\dllcache\kbdnecat.dll
2008-12-04 01:46 7,168 a------- c:\windows\system32\dllcache\kbdnec95.dll
2008-12-04 01:45 8,192 a------- c:\windows\system32\dllcache\kbdkor.dll
2008-12-04 01:45 8,704 a------- c:\windows\system32\dllcache\kbdjpn.dll
2008-12-04 01:44 14,592 a------- c:\windows\system32\dllcache\kbdhid.sys
2008-12-04 01:43 6,144 a------- c:\windows\system32\dllcache\kbd106.dll
2008-12-04 01:43 5,632 a------- c:\windows\system32\dllcache\kbd103.dll
2008-12-04 01:42 6,144 a------- c:\windows\system32\dllcache\kbd101c.dll
2008-12-04 01:41 6,144 a------- c:\windows\system32\dllcache\kbd101b.dll
2008-12-04 01:41 6,144 a------- c:\windows\system32\dllcache\kbd101a.dll
2008-12-04 01:41 18,432 a------- c:\windows\system32\dllcache\jupiw.dll
2008-12-04 01:41 9,216 a------- c:\windows\system32\dllcache\iwrps.dll
2008-12-04 01:41 7,168 a------- c:\windows\system32\dllcache\isapips.dll
2008-12-04 01:40 26,624 a------- c:\windows\system32\dllcache\irstusb.sys
2008-12-04 01:40 18,688 a------- c:\windows\system32\dllcache\irsir.sys
2008-12-04 01:40 28,160 a------- c:\windows\system32\dllcache\irmon.dll
2008-12-04 01:39 23,552 a------- c:\windows\system32\dllcache\irmk7.sys
2008-12-04 01:39 151,552 a------- c:\windows\system32\dllcache\irftp.exe
2008-12-04 01:39 88,192 a------- c:\windows\system32\dllcache\irda.sys
2008-12-04 01:39 16,384 a------- c:\windows\system32\dllcache\ipsink.ax
2008-12-04 01:38 45,632 a------- c:\windows\system32\dllcache\ip5515.sys
2008-12-04 01:37 90,200 a------- c:\windows\system32\dllcache\io8ports.dll
2008-12-04 01:37 38,784 a------- c:\windows\system32\dllcache\io8.sys
2008-12-04 01:36 13,056 a------- c:\windows\system32\dllcache\inport.sys
2008-12-04 01:36 8,704 a------- c:\windows\system32\dllcache\infoctrs.dll
2008-12-04 01:36 471,102 a------- c:\windows\system32\dllcache\imskdic.dll
2008-12-04 01:35 59,904 a------- c:\windows\system32\dllcache\imkrinst.exe
2008-12-04 01:35 45,109 a------- c:\windows\system32\dllcache\imjpuex.exe
2008-12-04 01:35 57,398 a------- c:\windows\system32\dllcache\imjpdadm.exe
2008-12-04 01:35 311,359 a------- c:\windows\system32\dllcache\imepadsv.exe
2008-12-04 01:35 102,463 a------- c:\windows\system32\dllcache\imepadsm.dll
2008-12-04 01:35 44,032 a------- c:\windows\system32\dllcache\imekrmig.exe
2008-12-04 01:34 134,339 a------- c:\windows\system32\dllcache\imekr.lex
2008-12-04 01:34 6,656 a------- c:\windows\system32\dllcache\iissync.exe
2008-12-04 01:34 3,584 a------- c:\windows\system32\dllcache\iismui.dll
2008-12-04 01:34 19,456 a------- c:\windows\system32\dllcache\iiscrmap.dll
2008-12-04 01:34 60,928 a------- c:\windows\system32\dllcache\iisclex4.dll
2008-12-04 01:33 372,824 a------- c:\windows\system32\dllcache\iconf32.dll
2008-12-04 01:33 100,992 a------- c:\windows\system32\dllcache\icam5usb.sys
2008-12-04 01:32 20,480 a------- c:\windows\system32\dllcache\icam5ext.dll
2008-12-04 01:31 45,056 a------- c:\windows\system32\dllcache\icam5com.dll
2008-12-04 01:31 154,496 a------- c:\windows\system32\dllcache\icam4usb.sys
2008-12-04 01:30 61,952 a------- c:\windows\system32\dllcache\icam4ext.dll
2008-12-04 01:29 91,136 a------- c:\windows\system32\dllcache\icam4com.dll
2008-12-04 01:29 26,624 a------- c:\windows\system32\dllcache\icam3ext.dll
2008-12-04 01:28 141,056 a------- c:\windows\system32\dllcache\icam3.sys
2008-12-04 01:28 38,528 a------- c:\windows\system32\dllcache\ibmvcap.sys
2008-12-04 01:27 109,085 a------- c:\windows\system32\dllcache\ibmtrp.sys
2008-12-04 01:26 100,936 a------- c:\windows\system32\dllcache\ibmtok.sys
2008-12-04 01:26 9,216 a------- c:\windows\system32\dllcache\ibmsgnet.dll
2008-12-04 01:25 28,700 a------- c:\windows\system32\dllcache\ibmexmp.sys
2008-12-04 01:25 161,020 a------- c:\windows\system32\dllcache\i81xnt5.sys
2008-12-04 01:25 702,845 a------- c:\windows\system32\dllcache\i81xdnt5.dll
2008-12-04 01:24 58,592 a------- c:\windows\system32\dllcache\i740nt5.sys
2008-12-04 01:23 353,184 a------- c:\windows\system32\dllcache\i740dnt5.dll
2008-12-04 01:23 10,129,408 a------- c:\windows\system32\dllcache\hwxkor.dll
2008-12-04 01:23 10,096,640 a------- c:\windows\system32\dllcache\hwxcht.dll
2008-12-04 01:22 488,383 a------- c:\windows\system32\dllcache\hsf_v124.sys
2008-12-04 01:22 50,751 a------- c:\windows\system32\dllcache\hsf_tone.sys
2008-12-04 01:21 73,279 a------- c:\windows\system32\dllcache\hsf_spkp.sys
2008-12-04 01:20 44,863 a------- c:\windows\system32\dllcache\hsf_soar.sys
2008-12-04 01:20 57,471 a------- c:\windows\system32\dllcache\hsf_samp.sys
2008-12-04 01:19 542,879 a------- c:\windows\system32\dllcache\hsf_msft.sys
2008-12-04 01:18 391,199 a------- c:\windows\system32\dllcache\hsf_k56k.sys
2008-12-04 01:18 9,759 a------- c:\windows\system32\dllcache\hsf_inst.dll
2008-12-04 01:17 115,807 a------- c:\windows\system32\dllcache\hsf_fsks.sys
2008-12-04 01:17 199,711 a------- c:\windows\system32\dllcache\hsf_faxx.sys
2008-12-04 01:16 289,887 a------- c:\windows\system32\dllcache\hsf_fall.sys
2008-12-04 01:15 67,167 a------- c:\windows\system32\dllcache\hsf_bsc2.sys
2008-12-04 01:15 150,239 a------- c:\windows\system32\dllcache\hsf_amos.sys
2008-12-04 01:14 19,456 a------- c:\windows\system32\dllcache\hr1w.dll
2008-12-04 01:13 5,760 a------- c:\windows\system32\dllcache\hpt4qic.sys
2008-12-04 01:13 13,312 a------- c:\windows\system32\dllcache\hpsjmcro.dll
2008-12-04 01:12 324,608 a------- c:\windows\system32\dllcache\hpojwia.dll
2008-12-04 01:12 32,768 a------- c:\windows\system32\dllcache\hpgtmcro.dll
2008-12-04 01:11 68,608 a------- c:\windows\system32\dllcache\hpgt53tk.dll
2008-12-04 01:10 165,888 a------- c:\windows\system32\dllcache\hpgt53.dll
2008-12-04 01:10 31,232 a------- c:\windows\system32\dllcache\hpgt42tk.dll
2008-12-04 01:09 93,696 a------- c:\windows\system32\dllcache\hpgt42.dll
2008-12-04 01:09 126,976 a------- c:\windows\system32\dllcache\hpgt34tk.dll
2008-12-04 01:08 101,376 a------- c:\windows\system32\dllcache\hpgt34.dll
2008-12-04 01:07 48,128 a------- c:\windows\system32\dllcache\hpgt33tk.dll
2008-12-04 01:07 89,088 a------- c:\windows\system32\dllcache\hpgt33.dll
2008-12-04 01:06 123,392 a------- c:\windows\system32\dllcache\hpgt21tk.dll
2008-12-04 01:06 83,968 a------- c:\windows\system32\dllcache\hpgt21.dll
2008-12-04 01:05 119,296 a------- c:\windows\system32\dllcache\hpdigwia.dll
2008-12-04 01:04 2,688 a------- c:\windows\system32\dllcache\hidswvd.sys
2008-12-04 01:04 8,576 a------- c:\windows\system32\dllcache\hidgame.sys
2008-12-04 01:04 20,352 a------- c:\windows\system32\dllcache\hidbatt.sys
2008-12-04 01:03 907,456 a------- c:\windows\system32\dllcache\hcf_msft.sys
2008-12-04 01:03 36,864 a------- c:\windows\system32\dllcache\hanjadic.dll
2008-12-04 01:03 108,827 a------- c:\windows\system32\dllcache\hanja.lex
2008-12-04 01:03 28,288 a------- c:\windows\system32\dllcache\grserial.sys
2008-12-04 01:02 82,304 a------- c:\windows\system32\dllcache\grclass.sys
2008-12-04 01:02 17,408 a------- c:\windows\system32\dllcache\gpr400.sys
2008-12-04 01:02 59,136 a------- c:\windows\system32\dllcache\gckernel.sys
2008-12-04 01:02 10,624 a------- c:\windows\system32\dllcache\gameenum.sys
2008-12-04 01:01 322,432 a------- c:\windows\system32\dllcache\g400m.sys
2008-12-04 01:01 1,733,120 a------- c:\windows\system32\dllcache\g400d.dll
2008-12-04 01:00 320,384 a------- c:\windows\system32\dllcache\g200m.sys
2008-12-04 00:59 470,144 a------- c:\windows\system32\dllcache\g200d.dll
2008-12-04 00:59 454,912 a------- c:\windows\system32\dllcache\fxusbase.sys
2008-12-04 00:58 92,160 a------- c:\windows\system32\dllcache\fuusd.dll
2008-12-04 00:58 455,296 a------- c:\windows\system32\dllcache\fusbbase.sys
2008-12-04 00:57 455,680 a------- c:\windows\system32\dllcache\fus2base.sys
2008-12-04 00:57 7,680 a------- c:\windows\system32\dllcache\ftpctrs2.dll
2008-12-04 00:57 6,144 a------- c:\windows\system32\dllcache\ftlx041e.dll
2008-12-04 00:57 442,240 a------- c:\windows\system32\dllcache\fpnpbase.sys
2008-12-04 00:56 441,728 a------- c:\windows\system32\dllcache\fpcmbase.sys
2008-12-04 00:56 444,416 a------- c:\windows\system32\dllcache\fpcibase.sys
2008-12-04 00:55 34,173 a------- c:\windows\system32\dllcache\forehe.sys
2008-12-04 00:55 71,680 a------- c:\windows\system32\dllcache\fnfilter.dll
2008-12-04 00:55 14,848 a------- c:\windows\system32\dllcache\flattemp.exe
2008-12-04 00:54 27,165 a------- c:\windows\system32\dllcache\fetnd5.sys
2008-12-04 00:53 22,090 a------- c:\windows\system32\dllcache\fem556n5.sys
2008-12-04 00:53 43,520 a------- c:\windows\system32\dllcache\EXCH_fcachdll.dll
2008-12-04 00:52 24,618 a------- c:\windows\system32\dllcache\fa410nd5.sys
2008-12-04 00:52 16,074 a------- c:\windows\system32\dllcache\fa312nd5.sys
2008-12-04 00:51 11,850 a------- c:\windows\system32\dllcache\f3ab18xj.sys
2008-12-04 00:51 12,362 a------- c:\windows\system32\dllcache\f3ab18xi.sys
2008-12-04 00:50 7,040 a------- c:\windows\system32\dllcache\exabyte2.sys
2008-12-04 00:50 16,998 a------- c:\windows\system32\dllcache\ex10.sys
2008-12-04 00:50 25,856 a------- c:\windows\system32\dllcache\et4000.sys
2008-12-04 00:50 45,056 a------- c:\windows\system32\dllcache\esunid.dll
2008-12-04 00:49 45,568 a------- c:\windows\system32\dllcache\esunib.dll
2008-12-04 00:49 45,568 a------- c:\windows\system32\dllcache\esuni.dll
2008-12-04 00:49 57,856 a------- c:\windows\system32\dllcache\esuimgd.dll
2008-12-04 00:48 34,816 a------- c:\windows\system32\dllcache\esuimg.dll
2008-12-04 00:48 31,744 a------- c:\windows\system32\dllcache\esucmd.dll
2008-12-04 00:47 43,008 a------- c:\windows\system32\dllcache\esucm.dll
2008-12-04 00:47 137,088 a------- c:\windows\system32\dllcache\essm2e.sys
2008-12-04 00:47 63,360 a------- c:\windows\system32\dllcache\ess.sys
2008-12-04 00:46 347,550 a------- c:\windows\system32\dllcache\es56tpi.sys
2008-12-04 00:46 594,238 a------- c:\windows\system32\dllcache\es56hpi.sys
2008-12-04 00:45 595,647 a------- c:\windows\system32\dllcache\es56cvmp.sys
2008-12-04 00:45 174,464 a------- c:\windows\system32\dllcache\es198x.sys
2008-12-04 00:44 72,192 a------- c:\windows\system32\dllcache\es1969.sys
2008-12-04 00:44 40,704 a------- c:\windows\system32\dllcache\es1371mp.sys
2008-12-04 00:44 37,120 a------- c:\windows\system32\dllcache\es1370mp.sys
2008-12-04 00:43 61,952 a------- c:\windows\system32\dllcache\eqnloop.exe
2008-12-04 00:43 51,200 a------- c:\windows\system32\dllcache\eqnlogr.exe
2008-12-04 00:42 53,248 a------- c:\windows\system32\dllcache\eqndiag.exe
2008-12-04 00:42 629,952 a------- c:\windows\system32\dllcache\eqn.sys
2008-12-04 00:41 114,944 a------- c:\windows\system32\dllcache\epstw2k.sys
2008-12-04 00:41 18,503 a------- c:\windows\system32\dllcache\epro4.sys
2008-12-04 00:40 144,896 a------- c:\windows\system32\dllcache\epcfw2k.sys
2008-12-04 00:40 6,400 a------- c:\windows\system32\dllcache\enum1394.sys
2008-12-04 00:40 283,904 a------- c:\windows\system32\dllcache\emu10k1m.sys
2008-12-04 00:39 19,996 a------- c:\windows\system32\dllcache\em556n4.sys
2008-12-04 00:38 25,159 a------- c:\windows\system32\dllcache\elnk3.sys
2008-12-04 00:38 7,296 a------- c:\windows\system32\dllcache\elmsmc.sys
2008-12-04 00:38 171,520 a------- c:\windows\system32\dllcache\el99xn51.sys
2008-12-04 00:37 70,174 a------- c:\windows\system32\dllcache\el98xn5.sys
2008-12-04 00:37 455,199 a------- c:\windows\system32\dllcache\el985n51.sys
2008-12-04 00:37 153,631 a------- c:\windows\system32\dllcache\el90xnd5.sys
2008-12-04 00:36 66,591 a------- c:\windows\system32\dllcache\el90xbc5.sys
2008-12-04 00:36 241,206 a------- c:\windows\system32\dllcache\el656se5.sys
2008-12-04 00:36 77,386 a------- c:\windows\system32\dllcache\el656nd5.sys
2008-12-04 00:35 634,134 a------- c:\windows\system32\dllcache\el656ct5.sys
2008-12-04 00:35 69,194 a------- c:\windows\system32\dllcache\el656cd5.sys
2008-12-04 00:35 26,141 a------- c:\windows\system32\dllcache\el589nd5.sys
2008-12-04 00:34 69,692 a------- c:\windows\system32\dllcache\el575nd5.sys
2008-12-04 00:34 24,653 a------- c:\windows\system32\dllcache\el574nd4.sys
2008-12-04 00:34 55,999 a------- c:\windows\system32\dllcache\el556nd5.sys
2008-12-04 00:33 44,103 a------- c:\windows\system32\dllcache\el515.sys
2008-12-04 00:33 514,587 a------- c:\windows\system32\dllcache\edb500.dll
2008-12-04 00:33 19,594 a------- c:\windows\system32\dllcache\e100isa4.sys
2008-12-04 00:32 50,719 a------- c:\windows\system32\dllcache\e1000nt5.sys
2008-12-04 00:32 20,992 a------- c:\windows\system32\dllcache\dshowext.ax
2008-12-04 00:32 334,208 a------- c:\windows\system32\dllcache\ds1wdm.sys
2008-12-04 00:31 28,062 a------- c:\windows\system32\dllcache\dp83820.sys
2008-12-04 00:31 23,808 a------- c:\windows\system32\dllcache\dot4usb.sys
2008-12-04 00:31 8,704 a------- c:\windows\system32\dllcache\dot4scan.sys
2008-12-04 00:31 12,928 a------- c:\windows\system32\dllcache\dot4prt.sys
2008-12-04 00:30 206,976 a------- c:\windows\system32\dllcache\dot4.sys
2008-12-04 00:30 29,696 a------- c:\windows\system32\dllcache\dm9pci5.sys
2008-12-04 00:30 8,320 a------- c:\windows\system32\dllcache\dlttape.sys
2008-12-04 00:30 26,698 a------- c:\windows\system32\dllcache\dlh5xnd5.sys
2008-12-04 00:29 952,007 a------- c:\windows\system32\dllcache\diwan.sys
2008-12-04 00:29 29,768 a------- c:\windows\system32\dllcache\divasu.dll
2008-12-04 00:29 37,962 a------- c:\windows\system32\dllcache\divaprop.dll
2008-12-04 00:28 6,216 a------- c:\windows\system32\dllcache\divaci.dll
2008-12-04 00:28 236,060 a------- c:\windows\system32\dllcache\ditrace.exe
2008-12-04 00:28 38,985 a------- c:\windows\system32\dllcache\disrvsu.dll
2008-12-04 00:28 31,305 a------- c:\windows\system32\dllcache\disrvpp.dll
2008-12-04 00:27 6,729 a------- c:\windows\system32\dllcache\disrvci.dll
2008-12-04 00:27 91,305 a------- c:\windows\system32\dllcache\dimaint.sys
2008-12-04 00:27 614,429 a------- c:\windows\system32\dllcache\digiview.exe
2008-12-04 00:26 42,432 a------- c:\windows\system32\dllcache\digirlpt.sys
2008-12-04 00:26 110,621 a------- c:\windows\system32\dllcache\digirlpt.dll
2008-12-04 00:26 21,606 a------- c:\windows\system32\dllcache\digiisdn.sys
2008-12-04 00:26 41,046 a------- c:\windows\system32\dllcache\digiisdn.dll
2008-12-04 00:25 102,484 a------- c:\windows\system32\dllcache\digiinf.dll
2008-12-04 00:25 159,828 a------- c:\windows\system32\dllcache\digihlc.dll
2008-12-04 00:25 229,462 a------- c:\windows\system32\dllcache\digifwrk.dll
2008-12-04 00:24 90,525 a------- c:\windows\system32\dllcache\digifep5.sys
2008-12-04 00:24 103,044 a------- c:\windows\system32\dllcache\digidxb.sys
2008-12-04 00:24 131,156 a------- c:\windows\system32\dllcache\digidbp.dll
2008-12-04 00:24 37,735 a------- c:\windows\system32\dllcache\digiasyn.sys
2008-12-04 00:23 65,622 a------- c:\windows\system32\dllcache\digiasyn.dll
2008-12-04 00:23 419,357 a------- c:\windows\system32\dllcache\dgconfig.dll
2008-12-04 00:23 29,531 a------- c:\windows\system32\dllcache\dgapci.sys
2008-12-04 00:22 24,649 a------- c:\windows\system32\dllcache\dfe650d.sys
2008-12-04 00:22 24,648 a------- c:\windows\system32\dllcache\dfe650.sys
2008-12-04 00:22 24,064 a------- c:\windows\system32\dllcache\devldr32.exe
2008-12-04 00:22 256,512 a------- c:\windows\system32\dllcache\devcon32.dll
2008-12-04 00:21 20,928 a------- c:\windows\system32\dllcache\defpa.sys
2008-12-04 00:21 7,424 a------- c:\windows\system32\dllcache\ddsmc.sys
2008-12-04 00:21 110,592 a------- c:\windows\system32\dllcache\dc260usd.dll
2008-12-04 00:20 86,016 a------- c:\windows\system32\dllcache\dc240usd.dll
2008-12-04 00:20 63,208 a------- c:\windows\system32\dllcache\dc21x4.sys
2008-12-04 00:20 80,896 a------- c:\windows\system32\dllcache\dc210usd.dll
2008-12-04 00:20 25,600 a------- c:\windows\system32\dllcache\dc210_32.dll
2008-12-04 00:19 117,760 a------- c:\windows\system32\dllcache\d100ib5.sys
2008-12-04 00:19 27,648 a------- c:\windows\system32\dllcache\cyzports.dll
2008-12-04 00:19 49,792 a------- c:\windows\system32\dllcache\cyzport.sys
2008-12-04 00:18 27,136 a------- c:\windows\system32\dllcache\cyzcoins.dll
2008-12-04 00:18 27,648 a------- c:\windows\system32\dllcache\cyyports.dll
2008-12-04 00:18 50,176 a------- c:\windows\system32\dllcache\cyyport.sys
2008-12-04 00:18 28,672 a------- c:\windows\system32\dllcache\cyycoins.dll
2008-12-04 00:17 14,848 a------- c:\windows\system32\dllcache\cyclom-y.sys
2008-12-04 00:17 17,152 a------- c:\windows\system32\dllcache\cyclad-z.sys
2008-12-04 00:17 48,640 a------- c:\windows\system32\dllcache\cwrwdm.sys
2008-12-04 00:17 93,952 a------- c:\windows\system32\dllcache\cwcwdm.sys
2008-12-04 00:16 111,872 a------- c:\windows\system32\dllcache\cwcspud.sys
2008-12-04 00:16 3,584 a------- c:\windows\system32\dllcache\cwcosnt5.sys
2008-12-04 00:16 72,832 a------- c:\windows\system32\dllcache\cwbwdm.sys
2008-12-04 00:16 3,072 a------- c:\windows\system32\dllcache\cwbmidi.sys
2008-12-04 00:15 3,072 a------- c:\windows\system32\dllcache\cwbase.sys
2008-12-04 00:15 4,096 a------- c:\windows\system32\dllcache\ctwdm32.dll
2008-12-04 00:15 249,856 a------- c:\windows\system32\dllcache\ctmasetp.dll
2008-12-04 00:15 96,256 a------- c:\windows\system32\dllcache\ctlsb16.sys
2008-12-04 00:14 3,712 a------- c:\windows\system32\dllcache\ctljystk.sys
2008-12-04 00:14 6,912 a------- c:\windows\system32\dllcache\ctlfacem.sys
2008-12-04 00:14 175,104 a------- c:\windows\system32\dllcache\csamsp.dll
2008-12-04 00:14 42,112 a------- c:\windows\system32\dllcache\crtaud.sys
2008-12-04 00:13 216,064 a------- c:\windows\system32\dllcache\cpscan.dll
2008-12-04 00:13 18,944 a------- c:\windows\system32\dllcache\cprofile.exe
2008-12-04 00:13 60,970 a------- c:\windows\system32\dllcache\cpqtrnd5.sys
2008-12-04 00:13 21,533 a------- c:\windows\system32\dllcache\cpqndis5.sys
2008-12-04 00:13 20,480 a------- c:\windows\system32\dllcache\counters.dll
2008-12-04 00:13 56,320 a------- c:\windows\system32\dllcache\convlog.exe
2008-12-04 00:13 33,792 a------- c:\windows\system32\dllcache\controt.dll
2008-12-04 00:12 39,936 a------- c:\windows\system32\dllcache\cnxt1803.sys
2008-12-04 00:12 44,032 a------- c:\windows\system32\dllcache\cnusd.dll
2008-12-04 00:12 20,736 a------- c:\windows\system32\dllcache\cmbp0wdm.sys
2008-12-04 00:11 248,064 a------- c:\windows\system32\dllcache\cl546xm.sys
2008-12-04 00:11 170,880 a------- c:\windows\system32\dllcache\cl546x.dll
2008-12-04 00:11 111,232 a------- c:\windows\system32\dllcache\cl5465.dll
2008-12-04 00:11 45,696 a------- c:\windows\system32\dllcache\cirrus.sys
2008-12-04 00:11 91,264 a------- c:\windows\system32\dllcache\cirrus.dll
2008-12-04 00:10 272,640 a------- c:\windows\system32\dllcache\cinemclc.sys
2008-12-04 00:10 980,034 a------- c:\windows\system32\dllcache\cicap.sys
2008-12-04 00:10 838,144 a------- c:\windows\system32\dllcache\chtbrkr.dll
2008-12-04 00:10 1,677,824 a------- c:\windows\system32\dllcache\chsbrkr.dll
2008-12-04 00:10 14,336 a------- c:\windows\system32\dllcache\chgusr.exe
2008-12-04 00:10 15,872 a------- c:\windows\system32\dllcache\chgport.exe
2008-12-04 00:10 13,312 a------- c:\windows\system32\dllcache\chglogon.exe
2008-12-04 00:10 8,192 a------- c:\windows\system32\dllcache\changer.sys
2008-12-04 00:10 9,728 a------- c:\windows\system32\dllcache\change.exe
2008-12-04 00:09 49,182 a------- c:\windows\system32\dllcache\cem56n5.sys
2008-12-04 00:09 22,044 a------- c:\windows\system32\dllcache\cem33n5.sys
2008-12-04 00:09 22,044 a------- c:\windows\system32\dllcache\cem28n5.sys
2008-12-04 00:09 27,164 a------- c:\windows\system32\dllcache\ce3n5.sys
2008-12-04 00:09 21,530 a------- c:\windows\system32\dllcache\ce2n5.sys
2008-12-04 00:09 17,024 a------- c:\windows\system32\dllcache\ccdecode.sys
2008-12-04 00:08 714,698 a------- c:\windows\system32\dllcache\cbmdmkxx.sys
2008-12-04 00:08 46,108 a------- c:\windows\system32\dllcache\cben5.sys
2008-12-04 00:08 39,680 a------- c:\windows\system32\dllcache\cb325.sys
2008-12-04 00:08 37,916 a------- c:\windows\system32\dllcache\cb102.sys
2008-12-04 00:08 32,256 a------- c:\windows\system32\dllcache\diapi2NT.dll
2008-12-04 00:07 164,923 a------- c:\windows\system32\dllcache\diapi2.sys
2008-12-04 00:07 54,528 a------- c:\windows\system32\dllcache\cap7146.sys
2008-12-04 00:07 121,856 a------- c:\windows\system32\dllcache\camext30.dll
2008-12-04 00:07 116,736 a------- c:\windows\system32\dllcache\camext30.ax
2008-12-04 00:07 236,032 a------- c:\windows\system32\dllcache\camext20.dll
2008-12-04 00:07 244,224 a------- c:\windows\system32\dllcache\camext20.ax
2008-12-04 00:07 74,240 a------- c:\windows\system32\dllcache\camexo20.dll
2008-12-04 00:06 73,216 a------- c:\windows\system32\dllcache\camexo20.ax
2008-12-04 00:06 171,264 a------- c:\windows\system32\dllcache\camdrv30.sys
2008-12-04 00:06 223,232 a------- c:\windows\system32\dllcache\camdrv21.sys
2008-12-04 00:06 314,752 a------- c:\windows\system32\dllcache\camdro21.sys
2008-12-04 00:06 10,752 a------- c:\windows\system32\dllcache\c_iscii.dll
2008-12-04 00:06 6,656 a------- c:\windows\system32\dllcache\c_is2022.dll
2008-12-04 00:06 66,082 a------- c:\windows\system32\dllcache\c_870.nls
2008-12-04 00:06 66,594 a------- c:\windows\system32\dllcache\c_864.nls
2008-12-04 00:04 66,082 a------- c:\windows\system32\dllcache\c_20838.nls
2008-12-04 00:03 66,082 a------- c:\windows\system32\dllcache\c_20105.nls
2008-12-04 00:02 66,082 a------- c:\windows\system32\dllcache\c_1141.nls
2008-12-04 00:02 66,082 a------- c:\windows\system32\dllcache\c_1140.nls
2008-12-04 00:02 66,082 a------- c:\windows\system32\dllcache\c_1047.nls
2008-12-04 00:02 66,082 a------- c:\windows\system32\dllcache\c_10021.nls
2008-12-04 00:02 173,602 a------- c:\windows\system32\dllcache\c_10008.nls
2008-12-04 00:02 66,082 a------- c:\windows\system32\dllcache\c_10005.nls
2008-12-04 00:02 66,082 a------- c:\windows\system32\dllcache\c_10004.nls
2008-12-04 00:02 177,698 a------- c:\windows\system32\dllcache\c_10003.nls
2008-12-04 00:02 195,618 a------- c:\windows\system32\dllcache\c_10002.nls
2008-12-04 00:02 162,850 a------- c:\windows\system32\dllcache\c_10001.nls
2008-12-04 00:02 13,824 a------- c:\windows\system32\dllcache\bulltlp3.sys
2008-12-04 00:02 31,529 a------- c:\windows\system32\dllcache\brzwlan.sys
2008-12-04 00:01 10,368 a------- c:\windows\system32\dllcache\brusbscn.sys
2008-12-04 00:01 11,008 a------- c:\windows\system32\dllcache\brusbmdm.sys
2008-12-04 00:01 60,416 a------- c:\windows\system32\dllcache\brserwdm.sys
2008-12-04 00:01 9,728 a------- c:\windows\system32\dllcache\brserif.dll
2008-12-04 00:01 5,120 a------- c:\windows\system32\dllcache\brscnrsm.dll
2008-12-04 00:01 39,552 a------- c:\windows\system32\dllcache\brparwdm.sys
2008-12-04 00:01 3,168 a------- c:\windows\system32\dllcache\brparimg.sys
2008-12-04 00:00 45,568 a------- c:\windows\system32\dllcache\browscap.dll
2008-12-04 00:00 41,472 a------- c:\windows\system32\dllcache\brmfusb.dll
2008-12-04 00:00 32,256 a------- c:\windows\system32\dllcache\brmfrsmg.exe
2008-12-04 00:00 29,696 a------- c:\windows\system32\dllcache\brmflpt.dll
2008-12-04 00:00 81,408 a------- c:\windows\system32\dllcache\brmfcwia.dll
2008-12-04 00:00 15,360 a------- c:\windows\system32\dllcache\brmfbidi.dll
2008-12-04 00:00 3,968 a------- c:\windows\system32\dllcache\brfiltup.sys
2008-12-03 23:59 12,160 a------- c:\windows\system32\dllcache\brfiltlo.sys
2008-12-03 23:59 2,944 a------- c:\windows\system32\dllcache\brfilt.sys
2008-12-03 23:59 12,800 a------- c:\windows\system32\dllcache\brevif.dll
2008-12-03 23:59 9,728 a------- c:\windows\system32\dllcache\brcoinst.dll
2008-12-03 23:59 19,456 a------- c:\windows\system32\dllcache\brbidiif.dll
2008-12-03 23:59 82,172 a------- c:\windows\system32\dllcache\bopomofo.nls
2008-12-03 23:59 102,400 a------- c:\windows\system32\dllcache\binlsvc.dll
2008-12-03 23:59 66,728 a------- c:\windows\system32\dllcache\big5.nls
2008-12-03 23:58 11,776 a------- c:\windows\system32\dllcache\bdasup.sys
2008-12-03 23:58 18,432 a------- c:\windows\system32\dllcache\bdaplgin.ax
2008-12-03 23:58 871,388 a------- c:\windows\system32\dllcache\bcmdm.sys
2008-12-03 23:58 26,568 a------- c:\windows\system32\dllcache\bcm4e5.sys
2008-12-03 23:58 54,271 a------- c:\windows\system32\dllcache\bcm42xx5.sys
2008-12-03 23:58 66,557 a------- c:\windows\system32\dllcache\bcm42u.sys
2008-12-03 23:58 36,128 a------- c:\windows\system32\dllcache\banshee.sys
2008-12-03 23:57 342,336 a------- c:\windows\system32\dllcache\banshee.dll
2008-12-03 23:57 96,640 a------- c:\windows\system32\dllcache\b57xp32.sys
2008-12-03 23:57 89,952 a------- c:\windows\system32\dllcache\b1cbase.sys
2008-12-03 23:57 36,992 a------- c:\windows\system32\dllcache\aztw2320.sys
2008-12-03 23:57 37,568 a------- c:\windows\system32\dllcache\avmwan.sys
2008-12-03 23:57 144,384 a------- c:\windows\system32\dllcache\avmenum.dll
2008-12-03 23:57 87,552 a------- c:\windows\system32\dllcache\avmcoxp.dll
2008-12-03 23:56 13,696 a------- c:\windows\system32\dllcache\avcstrm.sys
2008-12-03 23:56 36,096 a------- c:\windows\system32\dllcache\avcaudio.sys
2008-12-03 23:56 38,912 a------- c:\windows\system32\dllcache\avc.sys
2008-12-03 23:56 9,216 a------- c:\windows\system32\dllcache\authfilt.dll
2008-12-03 23:56 23,552 a------- c:\windows\system32\dllcache\atixbar.sys
2008-12-03 23:56 26,624 a------- c:\windows\system32\dllcache\ativxbar.sys
2008-12-03 23:56 19,456 a------- c:\windows\system32\dllcache\ativttxx.sys
2008-12-03 23:56 9,472 a------- c:\windows\system32\dllcache\ativmdcd.sys
2008-12-03 23:55 17,152 a------- c:\windows\system32\dllcache\atitvsnd.sys
2008-12-03 23:55 17,152 a------- c:\windows\system32\dllcache\atitunep.sys
2008-12-03 23:55 26,880 a------- c:\windows\system32\dllcache\atirtsnd.sys
2008-12-03 23:55 49,920 a------- c:\windows\system32\dllcache\atirtcap.sys
2008-12-03 23:55 70,528 a------- c:\windows\system32\dllcache\atiragem.sys
2008-12-03 23:55 104,832 a------- c:\windows\system32\dllcache\atiraged.dll
2008-12-03 23:55 10,240 a------- c:\windows\system32\dllcache\atipcxxx.sys
2008-12-03 23:55 281,600 a------- c:\windows\system32\dllcache\atimtai.sys
2008-12-03 23:54 75,136 a------- c:\windows\system32\dllcache\atimpae.sys
2008-12-03 23:54 289,664 a------- c:\windows\system32\dllcache\atimpab.sys
2008-12-03 23:54 37,376 a------- c:\windows\system32\dllcache\atievxx.exe
2008-12-03 23:54 268,160 a------- c:\windows\system32\dllcache\atidvai.dll
2008-12-03 23:54 137,216 a------- c:\windows\system32\dllcache\atidrae.dll
2008-12-03 23:54 382,592 a------- c:\windows\system32\dllcache\atidrab.dll
2008-12-03 23:54 46,464 a------- c:\windows\system32\dllcache\atibt829.sys
2008-12-03 23:53 77,568 a------- c:\windows\system32\dllcache\ati.sys
2008-12-03 23:53 96,128 a------- c:\windows\system32\dllcache\ati.dll
2008-12-03 23:53 29,184 a------- c:\windows\system32\dllcache\asptxn.dll
2008-12-03 23:53 10,240 a------- c:\windows\system32\dllcache\aspperf.dll
2008-12-03 23:53 97,354 a------- c:\windows\system32\dllcache\aspndis3.sys
2008-12-03 23:53 45,056 a------- c:\windows\system32\dllcache\EXCH_aqadmin.dll
2008-12-03 23:53 6,272 a------- c:\windows\system32\dllcache\apmbatt.sys
2008-12-03 23:53 36,224 a------- c:\windows\system32\dllcache\an983.sys
2008-12-03 23:52 16,969 a------- c:\windows\system32\dllcache\amb8002.sys
2008-12-03 23:52 26,624 a------- c:\windows\system32\dllcache\alifir.sys
2008-12-03 23:52 27,678 a------- c:\windows\system32\dllcache\ali5261.sys
2008-12-03 23:52 24,576 a------- c:\windows\system32\dllcache\agcgauge.ax
2008-12-03 23:51 5,632 a------- c:\windows\system32\dllcache\EXCH_adsiisex.dll
2008-12-03 23:51 49,664 a------- c:\windows\system32\dllcache\adrot.dll
2008-12-03 23:51 46,112 a------- c:\windows\system32\dllcache\adptsf50.sys
2008-12-03 23:51 6,144 a------- c:\windows\system32\dllcache\admxprox.dll
2008-12-03 23:51 10,880 a------- c:\windows\system32\dllcache\admjoy.sys
2008-12-03 23:51 747,392 a------- c:\windows\system32\dllcache\adm8830.sys
2008-12-03 23:51 553,984 a------- c:\windows\system32\dllcache\adm8820.sys
2008-12-03 23:51 584,448 a------- c:\windows\system32\dllcache\adm8810.sys
2008-12-03 23:51 20,160 a------- c:\windows\system32\dllcache\adm8511.sys
2008-12-03 23:51 7,424 a------- c:\windows\system32\dllcache\adicvls.sys
2008-12-03 23:50 61,440 a------- c:\windows\system32\dllcache\acerscad.dll
2008-12-03 23:50 84,480 a------- c:\windows\system32\dllcache\ac97via.sys
2008-12-03 23:50 297,728 a------- c:\windows\system32\dllcache\ac97sis.sys
2008-12-03 23:50 96,256 a------- c:\windows\system32\dllcache\ac97intc.sys
2008-12-03 23:50 231,552 a------- c:\windows\system32\dllcache\ac97ali.sys
2008-12-03 23:50 462,848 a------- c:\windows\system32\dllcache\a3dapi.dll
2008-12-03 23:50 98,304 a------- c:\windows\system32\dllcache\a3d.dll
2008-12-03 23:50 38,400 a------- c:\windows\system32\dllcache\8514a.dll
2008-12-03 23:50 48,128 a------- c:\windows\system32\dllcache\61883.sys
2008-12-03 23:50 12,288 a------- c:\windows\system32\dllcache\4mmdat.sys
2008-12-03 23:50 148,352 a------- c:\windows\system32\dllcache\3dfxvsm.sys
2008-12-03 23:50 689,216 a------- c:\windows\system32\dllcache\3dfxvs.dll
2008-12-03 23:49 762,780 a------- c:\windows\system32\dllcache\3cwmcru.sys
2008-12-03 23:49 11,264 a------- c:\windows\system32\dllcache\1394vdbg.sys
2008-12-03 23:49 53,376 a------- c:\windows\system32\dllcache\1394bus.sys
2008-12-03 23:49 7,168 a------- c:\windows\system32\dllcache\wamregps.dll
2008-12-03 23:47 66,048 a------- c:\windows\system32\dllcache\s3legacy.dll
2008-12-03 23:46 19,968 a------- c:\windows\system32\dllcache\inetsloc.dll
2008-12-03 23:46 7,680 a------- c:\windows\system32\dllcache\inetmgr.exe
2008-12-03 23:46 169,984 a------- c:\windows\system32\dllcache\iisui.dll
2008-12-03 23:46 5,632 a------- c:\windows\system32\dllcache\iisrstap.dll
2008-12-03 23:46 14,336 a------- c:\windows\system32\dllcache\iisreset.exe
2008-12-03 23:46 6,144 a------- c:\windows\system32\dllcache\ftpsapi2.dll
2008-12-03 23:45 94,720 a------- c:\windows\system32\dllcache\certmap.ocx
2008-12-03 19:58 <DIR> --d----- c:\windows\system32\WSG32
2008-11-28 18:33 38 a------- c:\windows\avisplitter.ini
2008-11-28 18:32 414 a------- c:\windows\system32\lame_acm.xml
2008-11-28 18:32 839,680 a------- c:\windows\system32\lameACM.acm
2008-11-28 18:32 118,784 a------- c:\windows\system32\ac3acm.acm
2008-11-28 18:32 217,088 a------- c:\windows\system32\yv12vfw.dll
2008-11-28 18:32 755,027 a------- c:\windows\system32\xvidcore.dll
2008-11-28 18:32 159,839 a------- c:\windows\system32\xvidvfw.dll
2008-11-28 18:32 3,596,288 a------- c:\windows\system32\qt-dx331.dll
2008-11-28 18:32 81,920 a------- c:\windows\system32\dpl100.dll
2008-11-28 18:31 684,032 a------- c:\windows\system32\divx.dll
2008-11-28 18:31 547 a------- c:\windows\system32\ff_vfw.dll.manifest
2008-11-28 18:31 57,344 a------- c:\windows\system32\ff_vfw.dll
2008-11-28 18:26 164,352 a------- c:\windows\system32\unrar.dll
2008-11-28 18:25 <DIR> --d----- c:\program files\K-Lite Codec Pack
2008-11-28 14:13 73,728 a------- c:\windows\system32\javacpl.cpl
2008-11-27 23:05 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2008-11-27 23:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy
2008-11-26 00:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Avg8
2008-11-23 18:39 2,713 ---sh--- c:\windows\system32\pedisasa.dll
2008-11-23 18:39 2,713 ---sh--- c:\windows\system32\doguvuvo.dll
2008-11-23 01:29 <DIR> --d----- c:\program files\AVG
2008-11-12 20:01 410,984 a------- c:\windows\system32\deploytk.dll
2008-11-10 18:07 <DIR> --d----- c:\program files\Free Registry Fix
2008-11-10 12:18 <DIR> --d----- c:\program files\RegistryFix7
2008-11-09 11:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SecTaskMan
2008-11-06 13:18 <DIR> --d----- c:\docume~1\nathan~1\applic~1\Malwarebytes
2008-11-06 13:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes
2008-11-06 13:05 <DIR> --d----- c:\temp\tn3
2008-11-06 12:49 29 a------- c:\windows\system32\ursydpwh.tmp
2008-11-06 12:39 <DIR> --d----- c:\windows\ERUNT
2008-11-06 12:19 <DIR> --d----- C:\SDFix
2008-11-06 11:50 <DIR> --d----- c:\docume~1\nathan~1\applic~1\IUpd721
2008-11-06 11:35 28,672 a------- c:\windows\system32\ceg.sdr
2008-11-06 11:35 32,768 a------- c:\windows\system32\fes.ra
2008-11-06 11:35 32,768 a------- c:\windows\system32\fe.sp
2008-11-06 11:35 28,672 a------- c:\windows\system32\def.help
2008-11-06 11:35 63,488 a------- c:\windows\system32\rgv.xl
2008-11-06 11:34 <DIR> --d----- c:\windows\TmF0aGFuIFdpbGxpYW1z
2008-11-06 11:34 <DIR> --d----- c:\windows\system32\uvb
2008-11-06 11:34 <DIR> --d----- c:\windows\system32\T2
2008-11-06 11:34 <DIR> --d----- c:\windows\system32\NPX
2008-11-06 11:34 <DIR> --d----- c:\windows\system32\im
2008-11-06 11:34 <DIR> --d----- c:\windows\system32\QI19
2008-11-06 11:34 <DIR> --d----- c:\temp\NT32

==================== Find3M ====================

2008-11-28 08:58 <DIR> --d----- c:\program files\Enigma Software Group
2008-11-27 11:46 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Viewpoint
2008-11-27 11:46 <DIR> --d----- c:\program files\Viewpoint
2008-11-27 11:14 <DIR> --d----- c:\program files\InterActual
2008-11-25 23:59 <DIR> --d----- c:\program files\common files\Symantec Shared
2008-11-23 00:24 <DIR> --d----- c:\program files\Kl
2008-11-18 21:56 59,444 a--sh--- c:\windows\system32\nugedezo.dll
2008-11-06 12:27 14,336 a------- c:\windows\system32\svchost.exe
2008-11-06 12:27 14,336 a------- c:\windows\system32\dllcache\svchost.exe
2008-10-24 06:21 455,296 a------- c:\windows\system32\dllcache\mrxsmb.sys
2008-10-21 13:48 <DIR> --d----- c:\program files\Messenger
2008-10-21 13:45 88,135 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat
2008-10-21 13:39 <DIR> --d----- c:\program files\Windows NT
2008-10-15 11:34 337,408 a------- c:\windows\system32\dllcache\netapi32.dll
2008-10-10 15:02 <DIR> --d----- c:\program files\iTunes
2008-10-10 15:02 <DIR> --d----- c:\program files\iPod
2008-10-03 12:41 6,066,176 -------- c:\windows\system32\dllcache\ieframe.dll
2008-09-30 16:43 1,286,152 a------- c:\windows\system32\msxml4.dll
2008-09-29 00:21 <DIR> --d----- c:\docume~1\nathan~1\applic~1\LimeWire
2008-09-15 07:12 1,846,400 a------- c:\windows\system32\win32k.sys
2008-09-15 07:12 1,846,400 a------- c:\windows\system32\dllcache\win32k.sys
2008-09-09 20:14 1,307,648 a------- c:\windows\system32\dllcache\msxml6.dll
2008-09-09 20:14 1,307,648 -------- c:\windows\system32\msxml6.dll
2008-09-08 05:41 333,824 a------- c:\windows\system32\dllcache\srv.sys
2008-09-05 23:30 241,704 -------- c:\windows\system32\dllcache\wgaLogon.dll
2008-09-05 23:29 917,032 -------- c:\windows\system32\dllcache\WgaTray.exe
2008-05-07 22:28 <DIR> --d----- c:\docume~1\nathan~1\applic~1\iWin
2008-02-17 17:24 <DIR> --d----- c:\docume~1\nathan~1\applic~1\OpenOffice.org1.9.79
2008-01-30 14:08 <DIR> --d----- c:\docume~1\nathan~1\applic~1\Greyfirst
2007-09-21 08:27 <DIR> --d----- c:\docume~1\alluse~1\applic~1\PC Tools
2006-12-10 16:20 <DIR> --d----- c:\docume~1\nathan~1\applic~1\CiscoCAA
2006-11-19 19:14 <DIR> --d----- c:\docume~1\nathan~1\applic~1\??crosoft.NET
2006-10-12 10:58 <DIR> --d----- c:\docume~1\nathan~1\applic~1\Ruckus Network
2006-09-24 19:34 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Borland
2006-08-30 21:37 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Corel
2006-02-23 13:03 <DIR> --d----- c:\docume~1\nathan~1\applic~1\.bittorrent
2006-02-22 22:22 <DIR> --d----- c:\docume~1\nathan~1\applic~1\.BitTornado
2006-01-15 13:19 <DIR> --d----- c:\docume~1\nathan~1\applic~1\MSNInstaller
2005-10-23 16:50 <DIR> --d----- c:\docume~1\alluse~1\applic~1\MSScanAppDataDir
2005-10-03 13:49 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Symantec
2005-06-01 15:26 <DIR> --d----- c:\docume~1\nathan~1\applic~1\Symantec
2005-05-18 18:48 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Intuit
2004-08-11 17:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\SBSI
2006-09-14 19:28 168 -c-shr-- c:\windows\system32\C37EF2E345.sys
2006-09-14 19:28 6,580 ac-sh--- c:\windows\system32\KGyGaAvL.sys
2006-02-23 15:40 443,487 -c-sh--- c:\windows\system32\rtstv.bak1
2006-02-22 15:40 442,157 -c-sh--- c:\windows\system32\rtstv.bak2

============= FINISH: 20:51:56.18 ===============

willianr1179 · 12-07-2008, 07:27 PM

_bump

sUBs · 12-08-2008, 08:53 AM

Please visit this webpage for instructions for downloading and running ComboFix:

http://www.bleepingcomputer.com/comb...o-use-combofix

Post the log from ComboFix when you've accomplished that.

willianr1179 · 12-08-2008, 06:59 PM

ComboFix 08-12-07.04 - Nathan Williams 2008-12-08 18:43:50.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.213 [GMT -5:00]
Running from: c:\documents and settings\Nathan Williams\Desktop\ComboFix.exe
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat
c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat
c:\windows\system32\rtstv.bak1
c:\windows\system32\rtstv.bak2
c:\windows\system32\rtstv.ini
c:\windows\system32\rtstv.ini2
c:\windows\system32\rtstv.tmp
.
---- Previous Run -------
.
c:\documents and settings\Nathan Williams\Application Data\CROSOF~1.NET
c:\documents and settings\Nathan Williams\Application Data\IUpd721
c:\documents and settings\Nathan Williams\Application Data\IUpd721\Logs\scns.log
c:\documents and settings\Nathan Williams\Local Settings\Temporary Internet Files\fbk.sts
c:\program files\Common Files\sembly~1
c:\temp\tn3
c:\windows\sembly~1
c:\windows\system32\mbols~1
c:\windows\system32\T2
c:\windows\system32\wtssvtr.exe
c:\windows\Tasks\cnqotafj.job

----- BITS: Possible infected sites -----

hxxp://kakoitodomen.com
hxxp://niheradomen.com
.
((((((((((((((((((((((((( Files Created from 2008-11-09 to 2008-12-09 )))))))))))))))))))))))))))))))
.

2008-12-08 18:51 . <DIR> c:\windows\LastGood.Tmp
2008-12-07 19:30 . 2008-09-19 16:57 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2008-12-07 19:30 . 2008-09-24 13:41 839,680 --a------ c:\windows\system32\lameACM.acm
2008-12-07 19:30 . 2008-01-10 07:15 755,027 --a------ c:\windows\system32\xvidcore.dll
2008-12-07 19:30 . 2008-10-28 17:35 684,032 --a------ c:\windows\system32\divx.dll
2008-12-07 19:30 . 2004-01-25 11:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2008-12-07 19:30 . 2007-09-04 11:56 164,352 --a------ c:\windows\system32\unrar.dll
2008-12-07 19:30 . 2008-01-10 07:16 159,839 --a------ c:\windows\system32\xvidvfw.dll
2008-12-07 19:30 . 2007-09-20 19:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2008-12-07 19:30 . 2008-09-25 03:03 81,920 --a------ c:\windows\system32\dpl100.dll
2008-12-07 19:30 . 2008-10-03 07:30 414 --a------ c:\windows\system32\lame_acm.xml
2008-12-07 19:30 . 2008-07-30 14:09 38 --a------ c:\windows\avisplitter.ini
2008-12-07 19:29 . 2008-12-07 19:30 <DIR> d-------- c:\program files\K-Lite Codec Pack
2008-12-07 19:29 . 2008-11-24 09:32 57,344 --a------ c:\windows\system32\ff_vfw.dll
2008-12-07 19:29 . 2007-07-10 11:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2008-12-06 19:22 . 2008-12-07 01:53 <DIR> d--h----- C:\$AVG8.VAULT$
2008-12-06 15:20 . 2008-12-06 15:20 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-12-06 15:19 . 2008-12-08 17:41 <DIR> d-------- c:\windows\system32\drivers\Avg
2008-12-06 15:19 . 2008-12-06 15:19 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-04 20:09 . 2008-12-04 20:09 250 --a------ c:\windows\gmer.ini
2008-12-04 20:00 . 2008-12-04 20:00 <DIR> d-------- c:\program files\Trend Micro
2008-12-04 18:00 . 2008-12-06 14:37 <DIR> d-------- c:\windows\system32\Adobe
2008-12-04 05:23 . 2008-04-13 20:12 116,224 --a------ c:\windows\system32\dllcache\xrxwiadr.dll
2008-12-04 05:22 . 2001-08-17 22:36 23,040 --a------ c:\windows\system32\dllcache\xrxwbtmp.dll
2008-12-04 05:22 . 2008-04-13 20:12 18,944 --a------ c:\windows\system32\dllcache\xrxscnui.dll
2008-12-04 05:21 . 2001-08-17 22:37 27,648 --a------ c:\windows\system32\dllcache\xrxftplt.exe
2008-12-04 05:20 . 2001-08-17 22:37 4,608 --a------ c:\windows\system32\dllcache\xrxflnch.exe
2008-12-04 05:18 . 2001-08-17 22:37 99,865 --a------ c:\windows\system32\dllcache\xlog.exe
2008-12-04 05:18 . 2004-08-04 05:00 28,288 --a------ c:\windows\system32\dllcache\xjis.nls
2008-12-04 05:17 . 2004-08-03 22:29 19,455 --a------ c:\windows\system32\dllcache\wvchntxx.sys
2008-12-04 05:17 . 2001-08-17 12:11 16,970 --a------ c:\windows\system32\dllcache\xem336n5.sys
2008-12-04 05:16 . 2008-04-13 14:46 19,200 --a------ c:\windows\system32\dllcache\wstcodec.sys
2008-12-04 05:16 . 2004-08-03 22:29 12,063 --a------ c:\windows\system32\dllcache\wsiintxx.sys
2008-12-04 05:16 . 2008-04-13 20:12 8,192 --a------ c:\windows\system32\dllcache\wshirda.dll
2008-12-04 05:14 . 2004-08-03 22:31 154,624 --a------ c:\windows\system32\dllcache\wlluc48.sys
2008-12-04 05:14 . 2008-04-13 14:36 8,832 --a------ c:\windows\system32\dllcache\wmiacpi.sys
2008-12-04 05:13 . 2001-08-17 12:12 34,890 --a------ c:\windows\system32\dllcache\wlandrv2.sys
2008-12-04 05:12 . 2001-08-17 13:28 771,581 --a------ c:\windows\system32\dllcache\winacisa.sys
2008-12-04 05:11 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\wiamsmud.dll
2008-12-04 05:10 . 2001-08-17 22:36 87,040 --a------ c:\windows\system32\dllcache\wiafbdrv.dll
2008-12-04 05:10 . 2004-08-04 05:00 41,600 --a------ c:\windows\system32\dllcache\weitekp9.dll
2008-12-04 05:10 . 2004-08-04 05:00 31,232 --a------ c:\windows\system32\dllcache\weitekp9.sys
2008-12-04 05:09 . 2001-08-17 13:28 701,386 --a------ c:\windows\system32\dllcache\wdhaalba.sys
2008-12-04 05:08 . 2008-04-13 14:45 31,744 --a------ c:\windows\system32\dllcache\wceusbsh.sys
2008-12-04 05:08 . 2004-08-03 22:29 23,615 --a------ c:\windows\system32\dllcache\wch7xxnt.sys
2008-12-04 05:07 . 2001-08-17 12:10 35,871 --a------ c:\windows\system32\dllcache\wbfirdma.sys
2008-12-04 05:07 . 2004-08-03 22:29 33,599 --a------ c:\windows\system32\dllcache\watv04nt.sys
2008-12-04 05:07 . 2004-08-03 22:29 19,551 --a------ c:\windows\system32\dllcache\watv02nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 29,311 --a------ c:\windows\system32\dllcache\watv01nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 12,415 --a------ c:\windows\system32\dllcache\wadv01nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 12,127 --a------ c:\windows\system32\dllcache\wadv02nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 11,775 --a------ c:\windows\system32\dllcache\wadv05nt.sys
2008-12-04 05:06 . 2004-08-04 05:00 9,216 --a------ c:\windows\system32\dllcache\wamps51.dll
2008-12-04 05:05 . 2001-08-17 12:13 16,925 --a------ c:\windows\system32\dllcache\w940nd.sys
2008-12-04 05:04 . 2001-08-17 12:13 19,016 --a------ c:\windows\system32\dllcache\w926nd.sys
2008-12-04 05:03 . 2004-08-04 05:00 73,728 --a------ c:\windows\system32\dllcache\w3ext.dll
2008-12-04 05:03 . 2001-08-17 12:13 19,528 --a------ c:\windows\system32\dllcache\w840nd.sys
2008-12-04 05:03 . 2004-08-04 05:00 5,632 --a------ c:\windows\system32\dllcache\w3svapi.dll
2008-12-04 05:02 . 2004-08-04 05:00 48,256 --a------ c:\windows\system32\dllcache\w32.dll
2008-12-04 05:02 . 2004-08-04 05:00 4,608 --a------ c:\windows\system32\dllcache\w3ctrs51.dll
2008-12-04 05:01 . 2001-08-17 13:28 64,605 --a------ c:\windows\system32\dllcache\vvoice.sys
2008-12-04 05:00 . 2001-08-17 13:28 397,502 --a------ c:\windows\system32\dllcache\vpctcom.sys
2008-12-04 04:59 . 2001-08-17 13:28 604,253 --a------ c:\windows\system32\dllcache\vmodem.sys
2008-12-04 04:58 . 2001-08-17 12:14 249,402 --a------ c:\windows\system32\dllcache\vinwm.sys
2008-12-04 04:58 . 2001-08-17 13:49 24,576 --a------ c:\windows\system32\dllcache\viairda.sys
2008-12-04 04:57 . 2008-04-13 20:12 53,760 --a------ c:\windows\system32\dllcache\vfwwdm32.dll
2008-12-04 04:56 . 2001-08-17 13:28 687,999 --a------ c:\windows\system32\dllcache\usrwdxjs.sys
2008-12-04 04:55 . 2001-08-17 13:28 765,884 --a------ c:\windows\system32\dllcache\usrti.sys
2008-12-04 04:54 . 2001-08-17 13:28 113,762 --a------ c:\windows\system32\dllcache\usrpda.sys
2008-12-04 04:53 . 2001-08-17 13:28 7,556 --a------ c:\windows\system32\dllcache\usroslba.sys
2008-12-04 04:52 . 2001-08-17 13:28 224,802 --a------ c:\windows\system32\dllcache\usr1807a.sys
2008-12-04 04:51 . 2001-08-17 13:28 794,399 --a------ c:\windows\system32\dllcache\usr1806v.sys
2008-12-04 04:51 . 2001-08-17 13:28 793,598 --a------ c:\windows\system32\dllcache\usr1806.sys
2008-12-04 04:50 . 2001-08-17 13:28 794,654 --a------ c:\windows\system32\dllcache\usr1801.sys
2008-12-04 04:49 . 2008-04-13 14:45 60,032 --a------ c:\windows\system32\dllcache\usbaudio.sys
2008-12-04 04:49 . 2008-04-13 14:45 26,112 --a------ c:\windows\system32\dllcache\usbser.sys
2008-12-04 04:49 . 2008-04-13 14:45 17,152 --a------ c:\windows\system32\dllcache\usbohci.sys
2008-12-04 04:48 . 2004-08-03 22:31 32,384 --a------ c:\windows\system32\dllcache\usb101et.sys
2008-12-04 04:47 . 2001-08-17 22:36 94,720 --a------ c:\windows\system32\dllcache\umaxud32.dll
2008-12-04 04:46 . 2001-08-17 22:36 28,160 --a------ c:\windows\system32\dllcache\umaxu40.dll
2008-12-04 04:45 . 2001-08-17 22:36 26,624 --a------ c:\windows\system32\dllcache\umaxu22.dll
2008-12-04 04:44 . 2001-08-17 22:36 69,632 --a------ c:\windows\system32\dllcache\umaxu12.dll
2008-12-04 04:44 . 2001-08-17 22:36 50,688 --a------ c:\windows\system32\dllcache\umaxscan.dll
2008-12-04 04:43 . 2001-08-17 13:58 22,912 --a------ c:\windows\system32\dllcache\umaxpcls.sys
2008-12-04 04:42 . 2001-08-17 22:36 50,176 --a------ c:\windows\system32\dllcache\umaxp60.dll
2008-12-04 04:41 . 2001-08-17 22:36 47,616 --a------ c:\windows\system32\dllcache\umaxcam.dll
2008-12-04 04:40 . 2001-08-17 22:36 211,968 --a------ c:\windows\system32\dllcache\um54scan.dll
2008-12-04 04:39 . 2001-08-17 22:36 216,064 --a------ c:\windows\system32\dllcache\um34scan.dll
2008-12-04 04:38 . 2004-08-04 05:00 14,336 --a------ c:\windows\system32\dllcache\tsprof.exe
2008-12-04 04:38 . 2001-08-17 13:48 11,520 --a------ c:\windows\system32\dllcache\twotrack.sys
2008-12-04 04:37 . 2001-08-17 12:51 166,784 --a------ c:\windows\system32\dllcache\tridxpm.sys
2008-12-04 04:36 . 2001-08-17 22:36 525,568 --a------ c:\windows\system32\dllcache\tridxp.dll
2008-12-04 04:35 . 2001-08-17 12:51 159,232 --a------ c:\windows\system32\dllcache\tridkbm.sys
2008-12-04 04:34 . 2001-08-17 14:56 440,576 --a------ c:\windows\system32\dllcache\tridkb.dll
2008-12-04 04:33 . 2001-08-17 12:51 222,336 --a------ c:\windows\system32\dllcache\trid3dm.sys
2008-12-04 04:32 . 2001-08-17 14:56 315,520 --a------ c:\windows\system32\dllcache\trid3d.dll
2008-12-04 04:31 . 2001-08-17 12:12 34,375 --a------ c:\windows\system32\dllcache\tpro4.sys
2008-12-04 04:30 . 2008-04-13 20:12 82,944 --a------ c:\windows\system32\dllcache\tp4mon.exe
2008-12-04 04:30 . 2001-08-17 22:35 42,496 --a------ c:\windows\system32\dllcache\tp4res.dll
2008-12-04 04:29 . 2001-08-17 22:36 31,744 --a------ c:\windows\system32\dllcache\tp4.dll
2008-12-04 04:28 . 2001-08-17 14:02 230,912 --a------ c:\windows\system32\dllcache\tosdvd03.sys
2008-12-04 04:27 . 2001-08-17 14:01 241,664 --a------ c:\windows\system32\dllcache\tosdvd02.sys
2008-12-04 04:26 . 2001-08-17 12:10 28,232 --a------ c:\windows\system32\dllcache\tos4mo.sys
2008-12-04 04:25 . 2004-08-04 05:00 185,344 --a------ c:\windows\system32\dllcache\thawbrkr.dll
2008-12-04 04:25 . 2001-08-17 12:14 123,995 --a------ c:\windows\system32\dllcache\tjisdn.sys
2008-12-04 04:24 . 2001-08-17 12:51 138,528 --a------ c:\windows\system32\dllcache\tgiulnt5.sys
2008-12-04 04:23 . 2008-04-13 14:40 149,376 --a------ c:\windows\system32\dllcache\tffsport.sys
2008-12-04 04:23 . 2001-08-17 14:56 81,408 --a------ c:\windows\system32\dllcache\tgiul50.dll
2008-12-04 04:23 . 2004-08-04 05:00 19,464 --a------ c:\windows\system32\dllcache\tdspx.sys
2008-12-04 04:22 . 2001-08-17 12:13 17,129 --a------ c:\windows\system32\dllcache\tdkcd31.sys
2008-12-04 04:21 . 2001-08-17 12:13 37,961 --a------ c:\windows\system32\dllcache\tdk100b.sys
2008-12-04 04:21 . 2004-08-04 05:00 21,896 --a------ c:\windows\system32\dllcache\tdipx.sys
2008-12-04 04:21 . 2004-08-04 05:00 13,192 --a------ c:\windows\system32\dllcache\tdasync.sys
2008-12-04 04:20 . 2001-08-17 13:49 30,464 --a------ c:\windows\system32\dllcache\tbatm155.sys
2008-12-04 04:20 . 2001-08-17 13:52 7,040 --a------ c:\windows\system32\dllcache\tandqic.sys
2008-12-04 04:19 . 2001-08-17 12:50 36,640 --a------ c:\windows\system32\dllcache\t2r4mini.sys
2008-12-04 04:18 . 2001-08-17 14:56 172,768 --a------ c:\windows\system32\dllcache\t2r4disp.dll
2008-12-04 04:17 . 2001-08-17 22:36 94,293 --a------ c:\windows\system32\dllcache\sxports.dll
2008-12-04 04:16 . 2001-08-17 13:50 103,936 --a------ c:\windows\system32\dllcache\sx.sys
2008-12-04 04:15 . 2001-08-17 14:02 3,968 --a------ c:\windows\system32\dllcache\swusbflt.sys
2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpidflt.dll
2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpdflt2.dll
2008-12-04 04:13 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\sw_wheel.dll
2008-12-04 04:12 . 2001-08-17 22:36 41,472 --a------ c:\windows\system32\dllcache\sw_effct.dll
2008-12-04 04:12 . 2008-04-13 14:46 15,232 --a------ c:\windows\system32\dllcache\streamip.sys

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-08 01:04 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-06 19:39 --------- d-----w c:\program files\Apple Software Update
2008-12-03 02:50 --------- d-----w c:\program files\Java
2008-11-28 13:58 --------- d-----w c:\program files\Enigma Software Group
2008-11-28 03:50 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Aim
2008-11-27 16:46 --------- d-----w c:\program files\Viewpoint
2008-11-27 16:46 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-27 16:14 --------- d-----w c:\program files\InterActual
2008-11-24 00:35 --------- d-----w c:\program files\Common Files\Adobe
2008-11-23 05:24 --------- d-----w c:\program files\Kl
2008-11-13 20:38 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-08 06:30 --------- d-----w c:\program files\Common Files\Apple
2008-11-06 18:18 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Malwarebytes
2008-11-06 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-06 17:27 14,336 ----a-w c:\windows\system32\svchost.exe
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 -c--a-w c:\windows\system32\wups.dll
2008-10-10 20:02 --------- d-----w c:\program files\iTunes
2008-10-10 20:02 --------- d-----w c:\program files\iPod
2008-10-10 20:02 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-10 20:00 --------- d-----w c:\program files\QuickTime
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll
2006-09-15 00:28 168 -csh--r c:\windows\system32\C37EF2E345.sys
2006-09-15 00:28 6,580 -csha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-06 1261336]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-05-18 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a--c--- 2004-11-10 11:54 598016 c:\program files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a--c--- 2004-07-19 07:51 306688 c:\program files\Dell Support\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
-----c--- 2004-10-12 16:54 57344 c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
--a--c--- 2004-05-12 14:18 241664 c:\program files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 02:41 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2005-10-14 13:46 77824 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 17:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-13 19:12 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired]
--a--c--- 2004-12-09 13:58 86016 c:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9029:TCP"= 9029:TCP:BitComet 9029 TCP
"9029:UDP"= 9029:UDP:BitComet 9029 UDP
"9557:TCP"= 9557:TCP:BitComet 9557 TCP
"9557:UDP"= 9557:UDP:BitComet 9557 UDP

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-06 97928]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-06 231704]
R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-01-10 24652]
S2 rzzrzjbr;rzzrzjbr;\??\c:\windows\system32\drivers\rzzrzjbr.sys []
.
Contents of the 'Scheduled Tasks' folder

2008-12-08 c:\windows\Tasks\Auto-scheduled task of Free Registry Fix.job
- c:\program files\Free Registry Fix\regfixf.exe [2005-11-10 06:45]

2008-12-08 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\system32\cleanmgr.exe [2008-04-13 19:12]

2008-12-06 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe []
.
- - - - ORPHANS REMOVED - - - -

BHO-{7a4e709e-5ce2-47ca-8160-3db448504a9b} - (no file)
Notify-crypt32chain - (no file)
MSConfigStartUp-gcasServ - c:\program files\Microsoft AntiSpyware\gcasServ.exe
MSConfigStartUp-kuzalaheza - c:\windows\system32\hawajifi.dll
MSConfigStartUp-McAfeeUpdaterUI - c:\program files\Network Associates\Common Framework\UpdaterUI.exe
MSConfigStartUp-RealTray - c:\program files\Real\RealPlayer\RealPlay.exe
MSConfigStartUp-ShStatEXE - c:\program files\Network Associates\VirusScan\SHSTAT.EXE
MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\j2re1.4.2_03\bin\jusched.exe
MSConfigStartUp-SynTPEnh - c:\program files\Synaptics\SynTP\SynTPEnh.exe
MSConfigStartUp-SynTPLpr - c:\program files\Synaptics\SynTP\SynTPLpr.exe
MSConfigStartUp-UpdateManager - c:\program files\Common Files\Sonic\Update Manager\sgtray.exe

.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
FireFox -: Profile - c:\documents and settings\Nathan Williams\Application Data\Mozilla\Firefox\Profiles\xudloa12.default\
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-08 20:46:41
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\igfxsrvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\windows\system32\dllhost.exe
.
**************************************************************************
.
Completion time: 2008-12-08 20:50:50 - machine was rebooted [Nathan Williams]
ComboFix-quarantined-files.txt 2008-12-09 01:50:44

Pre-Run: 32,352,083,968 bytes free
Post-Run: 32,450,191,360 bytes free

310 --- E O F --- 2008-11-27 01:44:32

sUBs · 12-08-2008, 10:27 PM

You appear to have previously installed/uninstalled SpyHunter. I'm going to clean up the remnant files. Do not proceed if that isn't so

Open NOTEPAD and copy/paste the text in the quotebox below into it:

Code:

FOLDER::
c:\program files\Enigma Software Group
REGISTRY::
[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001
DRIVER::
rzzrzjbr

Save this as "CFScript"

Referring to the picture above, drag CFScript.txt into ComboFix.exe

When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply.

---------------

Using Internet Explorer, visit http://www.kaspersky.com/service?chapter=161739400

Vista users right click on the Internet Explorer shortcut, and choose Run As Administrator.

**Note**

To optimize scanning time and produce a more sensible report for review:

Close any open programs
Turn off the real time scanner of any existing antivirus program while performing the online scan.

Click Accept, when prompted to download and install the program files and database of malware definitions.

Click Run at the Security prompt.
The program will then begin downloading and installing and will also update the database.
Please be patient as this can take several minutes.
Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan.
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
Click View scan report at the bottom.
Click the Save Report As... button.
Click the Save as Text button to save the file to your desktop so that you may post it in your next reply.

---------------

In your next post, please include fresh logs from:

Online scan

ComboFix's log

Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now

willianr1179 · 12-09-2008, 09:39 AM

ComboFix 08-12-07.04 - Nathan Williams 2008-12-09 11:02:29.3 - NTFSx86
Running from: c:\documents and settings\Nathan Williams\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Nathan Williams\Desktop\CFScript.txt
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

c:\program files\Enigma Software Group

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_rzzrzjbr
-------\Service_rzzrzjbr

((((((((((((((((((((((((( Files Created from 2008-11-09 to 2008-12-09 )))))))))))))))))))))))))))))))
.

2008-12-07 19:30 . 2008-09-19 16:57 3,596,288 --a------ c:\windows\system32\qt-dx331.dll
2008-12-07 19:30 . 2008-09-24 13:41 839,680 --a------ c:\windows\system32\lameACM.acm
2008-12-07 19:30 . 2008-01-10 07:15 755,027 --a------ c:\windows\system32\xvidcore.dll
2008-12-07 19:30 . 2008-10-28 17:35 684,032 --a------ c:\windows\system32\divx.dll
2008-12-07 19:30 . 2004-01-25 11:18 217,088 --a------ c:\windows\system32\yv12vfw.dll
2008-12-07 19:30 . 2007-09-04 11:56 164,352 --a------ c:\windows\system32\unrar.dll
2008-12-07 19:30 . 2008-01-10 07:16 159,839 --a------ c:\windows\system32\xvidvfw.dll
2008-12-07 19:30 . 2007-09-20 19:52 118,784 --a------ c:\windows\system32\ac3acm.acm
2008-12-07 19:30 . 2008-09-25 03:03 81,920 --a------ c:\windows\system32\dpl100.dll
2008-12-07 19:30 . 2008-10-03 07:30 414 --a------ c:\windows\system32\lame_acm.xml
2008-12-07 19:30 . 2008-07-30 14:09 38 --a------ c:\windows\avisplitter.ini
2008-12-07 19:29 . 2008-12-07 19:30 <DIR> d-------- c:\program files\K-Lite Codec Pack
2008-12-07 19:29 . 2008-11-24 09:32 57,344 --a------ c:\windows\system32\ff_vfw.dll
2008-12-07 19:29 . 2007-07-10 11:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest
2008-12-06 19:22 . 2008-12-09 10:34 <DIR> d--h----- C:\$AVG8.VAULT$
2008-12-06 15:20 . 2008-12-06 15:20 10,520 --a------ c:\windows\system32\avgrsstx.dll
2008-12-06 15:19 . 2008-12-09 09:43 <DIR> d-------- c:\windows\system32\drivers\Avg
2008-12-06 15:19 . 2008-12-06 15:19 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys
2008-12-04 20:09 . 2008-12-04 20:09 250 --a------ c:\windows\gmer.ini
2008-12-04 20:00 . 2008-12-04 20:00 <DIR> d-------- c:\program files\Trend Micro
2008-12-04 18:00 . 2008-12-06 14:37 <DIR> d-------- c:\windows\system32\Adobe
2008-12-04 05:23 . 2008-04-13 20:12 116,224 --a------ c:\windows\system32\dllcache\xrxwiadr.dll
2008-12-04 05:22 . 2001-08-17 22:36 23,040 --a------ c:\windows\system32\dllcache\xrxwbtmp.dll
2008-12-04 05:22 . 2008-04-13 20:12 18,944 --a------ c:\windows\system32\dllcache\xrxscnui.dll
2008-12-04 05:21 . 2001-08-17 22:37 27,648 --a------ c:\windows\system32\dllcache\xrxftplt.exe
2008-12-04 05:20 . 2001-08-17 22:37 4,608 --a------ c:\windows\system32\dllcache\xrxflnch.exe
2008-12-04 05:18 . 2001-08-17 22:37 99,865 --a------ c:\windows\system32\dllcache\xlog.exe
2008-12-04 05:18 . 2004-08-04 05:00 28,288 --a------ c:\windows\system32\dllcache\xjis.nls
2008-12-04 05:17 . 2004-08-03 22:29 19,455 --a------ c:\windows\system32\dllcache\wvchntxx.sys
2008-12-04 05:17 . 2001-08-17 12:11 16,970 --a------ c:\windows\system32\dllcache\xem336n5.sys
2008-12-04 05:16 . 2008-04-13 14:46 19,200 --a------ c:\windows\system32\dllcache\wstcodec.sys
2008-12-04 05:16 . 2004-08-03 22:29 12,063 --a------ c:\windows\system32\dllcache\wsiintxx.sys
2008-12-04 05:16 . 2008-04-13 20:12 8,192 --a------ c:\windows\system32\dllcache\wshirda.dll
2008-12-04 05:14 . 2004-08-03 22:31 154,624 --a------ c:\windows\system32\dllcache\wlluc48.sys
2008-12-04 05:14 . 2008-04-13 14:36 8,832 --a------ c:\windows\system32\dllcache\wmiacpi.sys
2008-12-04 05:13 . 2001-08-17 12:12 34,890 --a------ c:\windows\system32\dllcache\wlandrv2.sys
2008-12-04 05:12 . 2001-08-17 13:28 771,581 --a------ c:\windows\system32\dllcache\winacisa.sys
2008-12-04 05:11 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\wiamsmud.dll
2008-12-04 05:10 . 2001-08-17 22:36 87,040 --a------ c:\windows\system32\dllcache\wiafbdrv.dll
2008-12-04 05:10 . 2004-08-04 05:00 41,600 --a------ c:\windows\system32\dllcache\weitekp9.dll
2008-12-04 05:10 . 2004-08-04 05:00 31,232 --a------ c:\windows\system32\dllcache\weitekp9.sys
2008-12-04 05:09 . 2001-08-17 13:28 701,386 --a------ c:\windows\system32\dllcache\wdhaalba.sys
2008-12-04 05:08 . 2008-04-13 14:45 31,744 --a------ c:\windows\system32\dllcache\wceusbsh.sys
2008-12-04 05:08 . 2004-08-03 22:29 23,615 --a------ c:\windows\system32\dllcache\wch7xxnt.sys
2008-12-04 05:07 . 2001-08-17 12:10 35,871 --a------ c:\windows\system32\dllcache\wbfirdma.sys
2008-12-04 05:07 . 2004-08-03 22:29 33,599 --a------ c:\windows\system32\dllcache\watv04nt.sys
2008-12-04 05:07 . 2004-08-03 22:29 19,551 --a------ c:\windows\system32\dllcache\watv02nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 29,311 --a------ c:\windows\system32\dllcache\watv01nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 12,415 --a------ c:\windows\system32\dllcache\wadv01nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 12,127 --a------ c:\windows\system32\dllcache\wadv02nt.sys
2008-12-04 05:06 . 2004-08-03 22:29 11,775 --a------ c:\windows\system32\dllcache\wadv05nt.sys
2008-12-04 05:06 . 2004-08-04 05:00 9,216 --a------ c:\windows\system32\dllcache\wamps51.dll
2008-12-04 05:05 . 2001-08-17 12:13 16,925 --a------ c:\windows\system32\dllcache\w940nd.sys
2008-12-04 05:04 . 2001-08-17 12:13 19,016 --a------ c:\windows\system32\dllcache\w926nd.sys
2008-12-04 05:03 . 2004-08-04 05:00 73,728 --a------ c:\windows\system32\dllcache\w3ext.dll
2008-12-04 05:03 . 2001-08-17 12:13 19,528 --a------ c:\windows\system32\dllcache\w840nd.sys
2008-12-04 05:03 . 2004-08-04 05:00 5,632 --a------ c:\windows\system32\dllcache\w3svapi.dll
2008-12-04 05:02 . 2004-08-04 05:00 48,256 --a------ c:\windows\system32\dllcache\w32.dll
2008-12-04 05:02 . 2004-08-04 05:00 4,608 --a------ c:\windows\system32\dllcache\w3ctrs51.dll
2008-12-04 05:01 . 2001-08-17 13:28 64,605 --a------ c:\windows\system32\dllcache\vvoice.sys
2008-12-04 05:00 . 2001-08-17 13:28 397,502 --a------ c:\windows\system32\dllcache\vpctcom.sys
2008-12-04 04:59 . 2001-08-17 13:28 604,253 --a------ c:\windows\system32\dllcache\vmodem.sys
2008-12-04 04:58 . 2001-08-17 12:14 249,402 --a------ c:\windows\system32\dllcache\vinwm.sys
2008-12-04 04:58 . 2001-08-17 13:49 24,576 --a------ c:\windows\system32\dllcache\viairda.sys
2008-12-04 04:57 . 2008-04-13 20:12 53,760 --a------ c:\windows\system32\dllcache\vfwwdm32.dll
2008-12-04 04:56 . 2001-08-17 13:28 687,999 --a------ c:\windows\system32\dllcache\usrwdxjs.sys
2008-12-04 04:55 . 2001-08-17 13:28 765,884 --a------ c:\windows\system32\dllcache\usrti.sys
2008-12-04 04:54 . 2001-08-17 13:28 113,762 --a------ c:\windows\system32\dllcache\usrpda.sys
2008-12-04 04:53 . 2001-08-17 13:28 7,556 --a------ c:\windows\system32\dllcache\usroslba.sys
2008-12-04 04:52 . 2001-08-17 13:28 224,802 --a------ c:\windows\system32\dllcache\usr1807a.sys
2008-12-04 04:51 . 2001-08-17 13:28 794,399 --a------ c:\windows\system32\dllcache\usr1806v.sys
2008-12-04 04:51 . 2001-08-17 13:28 793,598 --a------ c:\windows\system32\dllcache\usr1806.sys
2008-12-04 04:50 . 2001-08-17 13:28 794,654 --a------ c:\windows\system32\dllcache\usr1801.sys
2008-12-04 04:49 . 2008-04-13 14:45 60,032 --a------ c:\windows\system32\dllcache\usbaudio.sys
2008-12-04 04:49 . 2008-04-13 14:45 26,112 --a------ c:\windows\system32\dllcache\usbser.sys
2008-12-04 04:49 . 2008-04-13 14:45 17,152 --a------ c:\windows\system32\dllcache\usbohci.sys
2008-12-04 04:48 . 2004-08-03 22:31 32,384 --a------ c:\windows\system32\dllcache\usb101et.sys
2008-12-04 04:47 . 2001-08-17 22:36 94,720 --a------ c:\windows\system32\dllcache\umaxud32.dll
2008-12-04 04:46 . 2001-08-17 22:36 28,160 --a------ c:\windows\system32\dllcache\umaxu40.dll
2008-12-04 04:45 . 2001-08-17 22:36 26,624 --a------ c:\windows\system32\dllcache\umaxu22.dll
2008-12-04 04:44 . 2001-08-17 22:36 69,632 --a------ c:\windows\system32\dllcache\umaxu12.dll
2008-12-04 04:44 . 2001-08-17 22:36 50,688 --a------ c:\windows\system32\dllcache\umaxscan.dll
2008-12-04 04:43 . 2001-08-17 13:58 22,912 --a------ c:\windows\system32\dllcache\umaxpcls.sys
2008-12-04 04:42 . 2001-08-17 22:36 50,176 --a------ c:\windows\system32\dllcache\umaxp60.dll
2008-12-04 04:41 . 2001-08-17 22:36 47,616 --a------ c:\windows\system32\dllcache\umaxcam.dll
2008-12-04 04:40 . 2001-08-17 22:36 211,968 --a------ c:\windows\system32\dllcache\um54scan.dll
2008-12-04 04:39 . 2001-08-17 22:36 216,064 --a------ c:\windows\system32\dllcache\um34scan.dll
2008-12-04 04:38 . 2004-08-04 05:00 14,336 --a------ c:\windows\system32\dllcache\tsprof.exe
2008-12-04 04:38 . 2001-08-17 13:48 11,520 --a------ c:\windows\system32\dllcache\twotrack.sys
2008-12-04 04:37 . 2001-08-17 12:51 166,784 --a------ c:\windows\system32\dllcache\tridxpm.sys
2008-12-04 04:36 . 2001-08-17 22:36 525,568 --a------ c:\windows\system32\dllcache\tridxp.dll
2008-12-04 04:35 . 2001-08-17 12:51 159,232 --a------ c:\windows\system32\dllcache\tridkbm.sys
2008-12-04 04:34 . 2001-08-17 14:56 440,576 --a------ c:\windows\system32\dllcache\tridkb.dll
2008-12-04 04:33 . 2001-08-17 12:51 222,336 --a------ c:\windows\system32\dllcache\trid3dm.sys
2008-12-04 04:32 . 2001-08-17 14:56 315,520 --a------ c:\windows\system32\dllcache\trid3d.dll
2008-12-04 04:31 . 2001-08-17 12:12 34,375 --a------ c:\windows\system32\dllcache\tpro4.sys
2008-12-04 04:30 . 2008-04-13 20:12 82,944 --a------ c:\windows\system32\dllcache\tp4mon.exe
2008-12-04 04:30 . 2001-08-17 22:35 42,496 --a------ c:\windows\system32\dllcache\tp4res.dll
2008-12-04 04:29 . 2001-08-17 22:36 31,744 --a------ c:\windows\system32\dllcache\tp4.dll
2008-12-04 04:28 . 2001-08-17 14:02 230,912 --a------ c:\windows\system32\dllcache\tosdvd03.sys
2008-12-04 04:27 . 2001-08-17 14:01 241,664 --a------ c:\windows\system32\dllcache\tosdvd02.sys
2008-12-04 04:26 . 2001-08-17 12:10 28,232 --a------ c:\windows\system32\dllcache\tos4mo.sys
2008-12-04 04:25 . 2004-08-04 05:00 185,344 --a------ c:\windows\system32\dllcache\thawbrkr.dll
2008-12-04 04:25 . 2001-08-17 12:14 123,995 --a------ c:\windows\system32\dllcache\tjisdn.sys
2008-12-04 04:24 . 2001-08-17 12:51 138,528 --a------ c:\windows\system32\dllcache\tgiulnt5.sys
2008-12-04 04:23 . 2008-04-13 14:40 149,376 --a------ c:\windows\system32\dllcache\tffsport.sys
2008-12-04 04:23 . 2001-08-17 14:56 81,408 --a------ c:\windows\system32\dllcache\tgiul50.dll
2008-12-04 04:23 . 2004-08-04 05:00 19,464 --a------ c:\windows\system32\dllcache\tdspx.sys
2008-12-04 04:22 . 2001-08-17 12:13 17,129 --a------ c:\windows\system32\dllcache\tdkcd31.sys
2008-12-04 04:21 . 2001-08-17 12:13 37,961 --a------ c:\windows\system32\dllcache\tdk100b.sys
2008-12-04 04:21 . 2004-08-04 05:00 21,896 --a------ c:\windows\system32\dllcache\tdipx.sys
2008-12-04 04:21 . 2004-08-04 05:00 13,192 --a------ c:\windows\system32\dllcache\tdasync.sys
2008-12-04 04:20 . 2001-08-17 13:49 30,464 --a------ c:\windows\system32\dllcache\tbatm155.sys
2008-12-04 04:20 . 2001-08-17 13:52 7,040 --a------ c:\windows\system32\dllcache\tandqic.sys
2008-12-04 04:19 . 2001-08-17 12:50 36,640 --a------ c:\windows\system32\dllcache\t2r4mini.sys
2008-12-04 04:18 . 2001-08-17 14:56 172,768 --a------ c:\windows\system32\dllcache\t2r4disp.dll
2008-12-04 04:17 . 2001-08-17 22:36 94,293 --a------ c:\windows\system32\dllcache\sxports.dll
2008-12-04 04:16 . 2001-08-17 13:50 103,936 --a------ c:\windows\system32\dllcache\sx.sys
2008-12-04 04:15 . 2001-08-17 14:02 3,968 --a------ c:\windows\system32\dllcache\swusbflt.sys
2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpidflt.dll
2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpdflt2.dll
2008-12-04 04:13 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\sw_wheel.dll
2008-12-04 04:12 . 2001-08-17 22:36 41,472 --a------ c:\windows\system32\dllcache\sw_effct.dll
2008-12-04 04:12 . 2008-04-13 14:46 15,232 --a------ c:\windows\system32\dllcache\streamip.sys
2008-12-04 04:11 . 2001-08-17 22:36 155,648 --a------ c:\windows\system32\dllcache\stlnprop.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-12-08 01:04 --------- d-----w c:\program files\Common Files\Symantec Shared
2008-12-06 19:39 --------- d-----w c:\program files\Apple Software Update
2008-12-03 02:50 --------- d-----w c:\program files\Java
2008-11-28 03:50 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Aim
2008-11-27 16:46 --------- d-----w c:\program files\Viewpoint
2008-11-27 16:46 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint
2008-11-27 16:14 --------- d-----w c:\program files\InterActual
2008-11-24 00:35 --------- d-----w c:\program files\Common Files\Adobe
2008-11-23 05:24 --------- d-----w c:\program files\Kl
2008-11-13 20:38 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2008-11-08 06:30 --------- d-----w c:\program files\Common Files\Apple
2008-11-06 18:18 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Malwarebytes
2008-11-06 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes
2008-11-06 17:27 14,336 ----a-w c:\windows\system32\svchost.exe
2008-11-06 17:27 14,336 ----a-w c:\windows\system32\dllcache\svchost.exe
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys
2008-10-24 11:21 455,296 ----a-w c:\windows\system32\dllcache\mrxsmb.sys
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll
2008-10-16 19:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll
2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll
2008-10-16 19:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll
2008-10-16 19:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll
2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe
2008-10-16 19:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe
2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll
2008-10-16 19:08 34,328 -c--a-w c:\windows\system32\wups.dll
2008-10-16 19:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll
2008-10-15 16:34 337,408 ----a-w c:\windows\system32\dllcache\netapi32.dll
2008-10-10 20:02 --------- d-----w c:\program files\iTunes
2008-10-10 20:02 --------- d-----w c:\program files\iPod
2008-10-10 20:02 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6}
2008-10-10 20:00 --------- d-----w c:\program files\QuickTime
2008-10-03 17:41 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll
2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys
2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\dllcache\win32k.sys
2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\dllcache\msxml6.dll
2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll
2006-09-15 00:28 168 -csh--r c:\windows\system32\C37EF2E345.sys
2006-09-15 00:28 6,580 -csha-w c:\windows\system32\KGyGaAvL.sys
.

((((((((((((((((((((((((((((( snapshot@2008-12-08_20.49.55.29 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-11-03 21:10:26 17,318,336 ----a-w c:\windows\system32\MRT.exe
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360]
"CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208]
"igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688]
"ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856]
"ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-06 1261336]

c:\documents and settings\All Users\Start Menu\Programs\Startup\
Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-05-18 24576]
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
--a--c--- 2004-11-10 11:54 598016 c:\program files\Dell\QuickSet\quickset.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
--a--c--- 2004-07-19 07:51 306688 c:\program files\Dell Support\DSAgnt.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
-----c--- 2004-10-12 16:54 57344 c:\program files\CyberLink\PowerDVD\DVDLauncher.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager]
--a--c--- 2004-05-12 14:18 241664 c:\program files\HP\hpcoretech\hpcmpmgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
--a------ 2006-02-19 02:41 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
--a------ 2005-10-14 13:46 77824 c:\windows\system32\hkcmd.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
--a------ 2008-10-01 17:57 289576 c:\program files\iTunes\iTunesHelper.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
--a------ 2008-04-13 19:12 1695232 c:\program files\Messenger\msmsgs.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired]
--a--c--- 2004-12-09 13:58 86016 c:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
--a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe

[HKEY_LOCAL_MACHINE\software\microsoft\security center]
"UpdatesDisableNotify"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"c:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"c:\\Program Files\\Windows Media Player\\wmplayer.exe"=
"c:\\Program Files\\iTunes\\iTunes.exe"=
"c:\\Program Files\\AVG\\AVG8\\avgupd.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9029:TCP"= 9029:TCP:BitComet 9029 TCP
"9029:UDP"= 9029:UDP:BitComet 9029 UDP
"9557:TCP"= 9557:TCP:BitComet 9557 TCP
"9557:UDP"= 9557:UDP:BitComet 9557 UDP

.
Contents of the 'Scheduled Tasks' folder

2008-12-08 c:\windows\Tasks\Auto-scheduled task of Free Registry Fix.job
- c:\program files\Free Registry Fix\regfixf.exe [2005-11-10 06:45]

2008-12-08 c:\windows\Tasks\Disk Cleanup.job
- c:\windows\system32\cleanmgr.exe [2008-04-13 19:12]

2008-12-06 c:\windows\Tasks\NSSstub.job
- c:\windows\system32\Adobe\Shockwave 11\nssstub.exe []
.
.
------- Supplementary Scan -------
.
uStart Page = about:blank
uInternet Settings,ProxyOverride = *.local
IE: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta
FireFox -: Profile - c:\documents and settings\Nathan Williams\Application Data\Mozilla\Firefox\Profiles\xudloa12.default\
.

**************************************************************************

catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-09 11:25:35
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
------------------------ Other Running Processes ------------------------
.
c:\progra~1\AVG\AVG8\avgwdsvc.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe
c:\program files\Viewpoint\Common\ViewpointService.exe
c:\windows\system32\igfxsrvc.exe
c:\program files\AVG\AVG8\avgrsx.exe
c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe
c:\program files\HP\Digital Imaging\bin\hpqste08.exe
c:\windows\system32\dllhost.exe
c:\windows\system32\imapi.exe
.
**************************************************************************
.
Completion time: 2008-12-09 11:34:46 - machine was rebooted
ComboFix-quarantined-files.txt 2008-12-09 16:34:09
ComboFix2.txt 2008-12-09 01:50:58

Pre-Run: 33,935,089,664 bytes free
Post-Run: 33,931,702,272 bytes free

295 --- E O F --- 2008-12-09 08:16:25

sUBs · 12-09-2008, 09:47 AM

I shall wait for the results of the Kaspersky scan

willianr1179 · 12-09-2008, 10:54 AM

Okay thank you!

willianr1179 · 12-11-2008, 12:21 PM

I haven't forgotten about the scan, am running it now. Had a mild crisis , some jerk in a porche cut me off, hit me, and totaled my car... will post scan as soon as it's complete

willianr1179 · 12-12-2008, 06:20 PM

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Friday, December 12, 2008
Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Friday, December 12, 2008 14:32:44
Records in database: 1454842
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\

Scan statistics:
Files scanned: 49988
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 06:52:24

No malware has been detected. The scan area is clean.

The selected area was scanned.

sUBs · 12-13-2008, 01:08 AM

Your system is now clean. Kindly follow these simple steps in order to keep your computer clean and secure:

Uninstall ComboFix ... do not skip this step
This process will perform some post cleanup measures.
Do this by going to to Start > Run & typing in ComboFix /u
ANTIVIRUS SOFTWARE
It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.
Microsoft Windows Update ? http://www.windowsupdate.com
Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates.
SPYWAREBLASTER
SpywareBlaster prevents the installation of malicious ActiveX, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies & restricts the actions of potentially unwanted sites.

Unlike other programs, SpywareBlaster does not have to remain running in the background. A tutorial on installing & using this product can be found here ? http://www.bleepingcomputer.com/forums/tutorial49.html

Update all these programs regularly. Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released.

Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will further enhance your safety.

http://www.trillian.cc ? Trillian or http://www.miranda-im.com ? Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN)
http://www.mozilla.org/products/firefox/ - Firefox - Use this alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness.
http://java.com/en/index.jsp - Sun's Java - It's much more secure than Microsoft's Java Virtual Machine.
http://www.aumha.org/downloads/erunt-setup.exe - ERUNT - A useful freeware utility for users of Windows 2000/XP. It's made up of two parts - ERUNT & NTREGOPT.

ERUNT will create daily complete backups of your computer's Registry. Whilst System Restore does the same thing, a corrupt registry file may prevent Windows from booting & this effectively renders disables System Restore. With ERUNT, you're able to restore the damaged Registry.

NTREGOPT works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. In other words, it compacts the Registry to a small size which allows Windows to load & perform faster.

To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein - http://computercops.biz/postlite7736-.html

After doing all these, your system will be optimised against future threats.

It's okay to delete the Hijack This folder in a couple weeks if everything is working okay.
Have a safe & happy computing day.

Kindly respond to this thread once more so we can mark this thread as resolved.

12-07-2008, 07:27 PM	#2 (permalink)
willianr1179 Registered User Join Date: Dec 2008 Posts: 7 OS: Windows XP	Re: Computer Slow after startup, firefox and flash player especially _bump

12-08-2008, 08:53 AM	#3 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,326 OS: N/A	Re: Computer Slow after startup, firefox and flash player especially Please visit this webpage for instructions for downloading and running ComboFix: http://www.bleepingcomputer.com/comb...o-use-combofix Post the log from ComboFix when you've accomplished that.

12-08-2008, 06:59 PM	#4 (permalink)
willianr1179 Registered User Join Date: Dec 2008 Posts: 7 OS: Windows XP	Re: Computer Slow after startup, firefox and flash player especially ComboFix 08-12-07.04 - Nathan Williams 2008-12-08 18:43:50.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.213 [GMT -5:00] Running from: c:\documents and settings\Nathan Williams\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\windows\system32\rtstv.bak1 c:\windows\system32\rtstv.bak2 c:\windows\system32\rtstv.ini c:\windows\system32\rtstv.ini2 c:\windows\system32\rtstv.tmp . ---- Previous Run ------- . c:\documents and settings\Nathan Williams\Application Data\CROSOF~1.NET c:\documents and settings\Nathan Williams\Application Data\IUpd721 c:\documents and settings\Nathan Williams\Application Data\IUpd721\Logs\scns.log c:\documents and settings\Nathan Williams\Local Settings\Temporary Internet Files\fbk.sts c:\program files\Common Files\sembly~1 c:\temp\tn3 c:\windows\sembly~1 c:\windows\system32\mbols~1 c:\windows\system32\T2 c:\windows\system32\wtssvtr.exe c:\windows\Tasks\cnqotafj.job ----- BITS: Possible infected sites ----- hxxp://kakoitodomen.com hxxp://niheradomen.com . ((((((((((((((((((((((((( Files Created from 2008-11-09 to 2008-12-09 ))))))))))))))))))))))))))))))) . 2008-12-08 18:51 . <DIR> c:\windows\LastGood.Tmp 2008-12-07 19:30 . 2008-09-19 16:57 3,596,288 --a------ c:\windows\system32\qt-dx331.dll 2008-12-07 19:30 . 2008-09-24 13:41 839,680 --a------ c:\windows\system32\lameACM.acm 2008-12-07 19:30 . 2008-01-10 07:15 755,027 --a------ c:\windows\system32\xvidcore.dll 2008-12-07 19:30 . 2008-10-28 17:35 684,032 --a------ c:\windows\system32\divx.dll 2008-12-07 19:30 . 2004-01-25 11:18 217,088 --a------ c:\windows\system32\yv12vfw.dll 2008-12-07 19:30 . 2007-09-04 11:56 164,352 --a------ c:\windows\system32\unrar.dll 2008-12-07 19:30 . 2008-01-10 07:16 159,839 --a------ c:\windows\system32\xvidvfw.dll 2008-12-07 19:30 . 2007-09-20 19:52 118,784 --a------ c:\windows\system32\ac3acm.acm 2008-12-07 19:30 . 2008-09-25 03:03 81,920 --a------ c:\windows\system32\dpl100.dll 2008-12-07 19:30 . 2008-10-03 07:30 414 --a------ c:\windows\system32\lame_acm.xml 2008-12-07 19:30 . 2008-07-30 14:09 38 --a------ c:\windows\avisplitter.ini 2008-12-07 19:29 . 2008-12-07 19:30 <DIR> d-------- c:\program files\K-Lite Codec Pack 2008-12-07 19:29 . 2008-11-24 09:32 57,344 --a------ c:\windows\system32\ff_vfw.dll 2008-12-07 19:29 . 2007-07-10 11:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest 2008-12-06 19:22 . 2008-12-07 01:53 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-12-06 15:20 . 2008-12-06 15:20 10,520 --a------ c:\windows\system32\avgrsstx.dll 2008-12-06 15:19 . 2008-12-08 17:41 <DIR> d-------- c:\windows\system32\drivers\Avg 2008-12-06 15:19 . 2008-12-06 15:19 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys 2008-12-04 20:09 . 2008-12-04 20:09 250 --a------ c:\windows\gmer.ini 2008-12-04 20:00 . 2008-12-04 20:00 <DIR> d-------- c:\program files\Trend Micro 2008-12-04 18:00 . 2008-12-06 14:37 <DIR> d-------- c:\windows\system32\Adobe 2008-12-04 05:23 . 2008-04-13 20:12 116,224 --a------ c:\windows\system32\dllcache\xrxwiadr.dll 2008-12-04 05:22 . 2001-08-17 22:36 23,040 --a------ c:\windows\system32\dllcache\xrxwbtmp.dll 2008-12-04 05:22 . 2008-04-13 20:12 18,944 --a------ c:\windows\system32\dllcache\xrxscnui.dll 2008-12-04 05:21 . 2001-08-17 22:37 27,648 --a------ c:\windows\system32\dllcache\xrxftplt.exe 2008-12-04 05:20 . 2001-08-17 22:37 4,608 --a------ c:\windows\system32\dllcache\xrxflnch.exe 2008-12-04 05:18 . 2001-08-17 22:37 99,865 --a------ c:\windows\system32\dllcache\xlog.exe 2008-12-04 05:18 . 2004-08-04 05:00 28,288 --a------ c:\windows\system32\dllcache\xjis.nls 2008-12-04 05:17 . 2004-08-03 22:29 19,455 --a------ c:\windows\system32\dllcache\wvchntxx.sys 2008-12-04 05:17 . 2001-08-17 12:11 16,970 --a------ c:\windows\system32\dllcache\xem336n5.sys 2008-12-04 05:16 . 2008-04-13 14:46 19,200 --a------ c:\windows\system32\dllcache\wstcodec.sys 2008-12-04 05:16 . 2004-08-03 22:29 12,063 --a------ c:\windows\system32\dllcache\wsiintxx.sys 2008-12-04 05:16 . 2008-04-13 20:12 8,192 --a------ c:\windows\system32\dllcache\wshirda.dll 2008-12-04 05:14 . 2004-08-03 22:31 154,624 --a------ c:\windows\system32\dllcache\wlluc48.sys 2008-12-04 05:14 . 2008-04-13 14:36 8,832 --a------ c:\windows\system32\dllcache\wmiacpi.sys 2008-12-04 05:13 . 2001-08-17 12:12 34,890 --a------ c:\windows\system32\dllcache\wlandrv2.sys 2008-12-04 05:12 . 2001-08-17 13:28 771,581 --a------ c:\windows\system32\dllcache\winacisa.sys 2008-12-04 05:11 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\wiamsmud.dll 2008-12-04 05:10 . 2001-08-17 22:36 87,040 --a------ c:\windows\system32\dllcache\wiafbdrv.dll 2008-12-04 05:10 . 2004-08-04 05:00 41,600 --a------ c:\windows\system32\dllcache\weitekp9.dll 2008-12-04 05:10 . 2004-08-04 05:00 31,232 --a------ c:\windows\system32\dllcache\weitekp9.sys 2008-12-04 05:09 . 2001-08-17 13:28 701,386 --a------ c:\windows\system32\dllcache\wdhaalba.sys 2008-12-04 05:08 . 2008-04-13 14:45 31,744 --a------ c:\windows\system32\dllcache\wceusbsh.sys 2008-12-04 05:08 . 2004-08-03 22:29 23,615 --a------ c:\windows\system32\dllcache\wch7xxnt.sys 2008-12-04 05:07 . 2001-08-17 12:10 35,871 --a------ c:\windows\system32\dllcache\wbfirdma.sys 2008-12-04 05:07 . 2004-08-03 22:29 33,599 --a------ c:\windows\system32\dllcache\watv04nt.sys 2008-12-04 05:07 . 2004-08-03 22:29 19,551 --a------ c:\windows\system32\dllcache\watv02nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 29,311 --a------ c:\windows\system32\dllcache\watv01nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 12,415 --a------ c:\windows\system32\dllcache\wadv01nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 12,127 --a------ c:\windows\system32\dllcache\wadv02nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 11,775 --a------ c:\windows\system32\dllcache\wadv05nt.sys 2008-12-04 05:06 . 2004-08-04 05:00 9,216 --a------ c:\windows\system32\dllcache\wamps51.dll 2008-12-04 05:05 . 2001-08-17 12:13 16,925 --a------ c:\windows\system32\dllcache\w940nd.sys 2008-12-04 05:04 . 2001-08-17 12:13 19,016 --a------ c:\windows\system32\dllcache\w926nd.sys 2008-12-04 05:03 . 2004-08-04 05:00 73,728 --a------ c:\windows\system32\dllcache\w3ext.dll 2008-12-04 05:03 . 2001-08-17 12:13 19,528 --a------ c:\windows\system32\dllcache\w840nd.sys 2008-12-04 05:03 . 2004-08-04 05:00 5,632 --a------ c:\windows\system32\dllcache\w3svapi.dll 2008-12-04 05:02 . 2004-08-04 05:00 48,256 --a------ c:\windows\system32\dllcache\w32.dll 2008-12-04 05:02 . 2004-08-04 05:00 4,608 --a------ c:\windows\system32\dllcache\w3ctrs51.dll 2008-12-04 05:01 . 2001-08-17 13:28 64,605 --a------ c:\windows\system32\dllcache\vvoice.sys 2008-12-04 05:00 . 2001-08-17 13:28 397,502 --a------ c:\windows\system32\dllcache\vpctcom.sys 2008-12-04 04:59 . 2001-08-17 13:28 604,253 --a------ c:\windows\system32\dllcache\vmodem.sys 2008-12-04 04:58 . 2001-08-17 12:14 249,402 --a------ c:\windows\system32\dllcache\vinwm.sys 2008-12-04 04:58 . 2001-08-17 13:49 24,576 --a------ c:\windows\system32\dllcache\viairda.sys 2008-12-04 04:57 . 2008-04-13 20:12 53,760 --a------ c:\windows\system32\dllcache\vfwwdm32.dll 2008-12-04 04:56 . 2001-08-17 13:28 687,999 --a------ c:\windows\system32\dllcache\usrwdxjs.sys 2008-12-04 04:55 . 2001-08-17 13:28 765,884 --a------ c:\windows\system32\dllcache\usrti.sys 2008-12-04 04:54 . 2001-08-17 13:28 113,762 --a------ c:\windows\system32\dllcache\usrpda.sys 2008-12-04 04:53 . 2001-08-17 13:28 7,556 --a------ c:\windows\system32\dllcache\usroslba.sys 2008-12-04 04:52 . 2001-08-17 13:28 224,802 --a------ c:\windows\system32\dllcache\usr1807a.sys 2008-12-04 04:51 . 2001-08-17 13:28 794,399 --a------ c:\windows\system32\dllcache\usr1806v.sys 2008-12-04 04:51 . 2001-08-17 13:28 793,598 --a------ c:\windows\system32\dllcache\usr1806.sys 2008-12-04 04:50 . 2001-08-17 13:28 794,654 --a------ c:\windows\system32\dllcache\usr1801.sys 2008-12-04 04:49 . 2008-04-13 14:45 60,032 --a------ c:\windows\system32\dllcache\usbaudio.sys 2008-12-04 04:49 . 2008-04-13 14:45 26,112 --a------ c:\windows\system32\dllcache\usbser.sys 2008-12-04 04:49 . 2008-04-13 14:45 17,152 --a------ c:\windows\system32\dllcache\usbohci.sys 2008-12-04 04:48 . 2004-08-03 22:31 32,384 --a------ c:\windows\system32\dllcache\usb101et.sys 2008-12-04 04:47 . 2001-08-17 22:36 94,720 --a------ c:\windows\system32\dllcache\umaxud32.dll 2008-12-04 04:46 . 2001-08-17 22:36 28,160 --a------ c:\windows\system32\dllcache\umaxu40.dll 2008-12-04 04:45 . 2001-08-17 22:36 26,624 --a------ c:\windows\system32\dllcache\umaxu22.dll 2008-12-04 04:44 . 2001-08-17 22:36 69,632 --a------ c:\windows\system32\dllcache\umaxu12.dll 2008-12-04 04:44 . 2001-08-17 22:36 50,688 --a------ c:\windows\system32\dllcache\umaxscan.dll 2008-12-04 04:43 . 2001-08-17 13:58 22,912 --a------ c:\windows\system32\dllcache\umaxpcls.sys 2008-12-04 04:42 . 2001-08-17 22:36 50,176 --a------ c:\windows\system32\dllcache\umaxp60.dll 2008-12-04 04:41 . 2001-08-17 22:36 47,616 --a------ c:\windows\system32\dllcache\umaxcam.dll 2008-12-04 04:40 . 2001-08-17 22:36 211,968 --a------ c:\windows\system32\dllcache\um54scan.dll 2008-12-04 04:39 . 2001-08-17 22:36 216,064 --a------ c:\windows\system32\dllcache\um34scan.dll 2008-12-04 04:38 . 2004-08-04 05:00 14,336 --a------ c:\windows\system32\dllcache\tsprof.exe 2008-12-04 04:38 . 2001-08-17 13:48 11,520 --a------ c:\windows\system32\dllcache\twotrack.sys 2008-12-04 04:37 . 2001-08-17 12:51 166,784 --a------ c:\windows\system32\dllcache\tridxpm.sys 2008-12-04 04:36 . 2001-08-17 22:36 525,568 --a------ c:\windows\system32\dllcache\tridxp.dll 2008-12-04 04:35 . 2001-08-17 12:51 159,232 --a------ c:\windows\system32\dllcache\tridkbm.sys 2008-12-04 04:34 . 2001-08-17 14:56 440,576 --a------ c:\windows\system32\dllcache\tridkb.dll 2008-12-04 04:33 . 2001-08-17 12:51 222,336 --a------ c:\windows\system32\dllcache\trid3dm.sys 2008-12-04 04:32 . 2001-08-17 14:56 315,520 --a------ c:\windows\system32\dllcache\trid3d.dll 2008-12-04 04:31 . 2001-08-17 12:12 34,375 --a------ c:\windows\system32\dllcache\tpro4.sys 2008-12-04 04:30 . 2008-04-13 20:12 82,944 --a------ c:\windows\system32\dllcache\tp4mon.exe 2008-12-04 04:30 . 2001-08-17 22:35 42,496 --a------ c:\windows\system32\dllcache\tp4res.dll 2008-12-04 04:29 . 2001-08-17 22:36 31,744 --a------ c:\windows\system32\dllcache\tp4.dll 2008-12-04 04:28 . 2001-08-17 14:02 230,912 --a------ c:\windows\system32\dllcache\tosdvd03.sys 2008-12-04 04:27 . 2001-08-17 14:01 241,664 --a------ c:\windows\system32\dllcache\tosdvd02.sys 2008-12-04 04:26 . 2001-08-17 12:10 28,232 --a------ c:\windows\system32\dllcache\tos4mo.sys 2008-12-04 04:25 . 2004-08-04 05:00 185,344 --a------ c:\windows\system32\dllcache\thawbrkr.dll 2008-12-04 04:25 . 2001-08-17 12:14 123,995 --a------ c:\windows\system32\dllcache\tjisdn.sys 2008-12-04 04:24 . 2001-08-17 12:51 138,528 --a------ c:\windows\system32\dllcache\tgiulnt5.sys 2008-12-04 04:23 . 2008-04-13 14:40 149,376 --a------ c:\windows\system32\dllcache\tffsport.sys 2008-12-04 04:23 . 2001-08-17 14:56 81,408 --a------ c:\windows\system32\dllcache\tgiul50.dll 2008-12-04 04:23 . 2004-08-04 05:00 19,464 --a------ c:\windows\system32\dllcache\tdspx.sys 2008-12-04 04:22 . 2001-08-17 12:13 17,129 --a------ c:\windows\system32\dllcache\tdkcd31.sys 2008-12-04 04:21 . 2001-08-17 12:13 37,961 --a------ c:\windows\system32\dllcache\tdk100b.sys 2008-12-04 04:21 . 2004-08-04 05:00 21,896 --a------ c:\windows\system32\dllcache\tdipx.sys 2008-12-04 04:21 . 2004-08-04 05:00 13,192 --a------ c:\windows\system32\dllcache\tdasync.sys 2008-12-04 04:20 . 2001-08-17 13:49 30,464 --a------ c:\windows\system32\dllcache\tbatm155.sys 2008-12-04 04:20 . 2001-08-17 13:52 7,040 --a------ c:\windows\system32\dllcache\tandqic.sys 2008-12-04 04:19 . 2001-08-17 12:50 36,640 --a------ c:\windows\system32\dllcache\t2r4mini.sys 2008-12-04 04:18 . 2001-08-17 14:56 172,768 --a------ c:\windows\system32\dllcache\t2r4disp.dll 2008-12-04 04:17 . 2001-08-17 22:36 94,293 --a------ c:\windows\system32\dllcache\sxports.dll 2008-12-04 04:16 . 2001-08-17 13:50 103,936 --a------ c:\windows\system32\dllcache\sx.sys 2008-12-04 04:15 . 2001-08-17 14:02 3,968 --a------ c:\windows\system32\dllcache\swusbflt.sys 2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpidflt.dll 2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpdflt2.dll 2008-12-04 04:13 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\sw_wheel.dll 2008-12-04 04:12 . 2001-08-17 22:36 41,472 --a------ c:\windows\system32\dllcache\sw_effct.dll 2008-12-04 04:12 . 2008-04-13 14:46 15,232 --a------ c:\windows\system32\dllcache\streamip.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-08 01:04 --------- d-----w c:\program files\Common Files\Symantec Shared 2008-12-06 19:39 --------- d-----w c:\program files\Apple Software Update 2008-12-03 02:50 --------- d-----w c:\program files\Java 2008-11-28 13:58 --------- d-----w c:\program files\Enigma Software Group 2008-11-28 03:50 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Aim 2008-11-27 16:46 --------- d-----w c:\program files\Viewpoint 2008-11-27 16:46 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint 2008-11-27 16:14 --------- d-----w c:\program files\InterActual 2008-11-24 00:35 --------- d-----w c:\program files\Common Files\Adobe 2008-11-23 05:24 --------- d-----w c:\program files\Kl 2008-11-13 20:38 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-11-08 06:30 --------- d-----w c:\program files\Common Files\Apple 2008-11-06 18:18 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Malwarebytes 2008-11-06 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2008-11-06 17:27 14,336 ----a-w c:\windows\system32\svchost.exe 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 19:08 34,328 -c--a-w c:\windows\system32\wups.dll 2008-10-10 20:02 --------- d-----w c:\program files\iTunes 2008-10-10 20:02 --------- d-----w c:\program files\iPod 2008-10-10 20:02 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-10 20:00 --------- d-----w c:\program files\QuickTime 2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys 2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll 2006-09-15 00:28 168 -csh--r c:\windows\system32\C37EF2E345.sys 2006-09-15 00:28 6,580 -csha-w c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-06 1261336] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-05-18 24576] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] --a--c--- 2004-11-10 11:54 598016 c:\program files\Dell\QuickSet\quickset.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] --a--c--- 2004-07-19 07:51 306688 c:\program files\Dell Support\DSAgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] -----c--- 2004-10-12 16:54 57344 c:\program files\CyberLink\PowerDVD\DVDLauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a--c--- 2004-05-12 14:18 241664 c:\program files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2006-02-19 02:41 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd] --a------ 2005-10-14 13:46 77824 c:\windows\system32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-10-01 17:57 289576 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2008-04-13 19:12 1695232 c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired] --a--c--- 2004-12-09 13:58 86016 c:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Media Player\\wmplayer.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "9029:TCP"= 9029:TCP:BitComet 9029 TCP "9029:UDP"= 9029:UDP:BitComet 9029 UDP "9557:TCP"= 9557:TCP:BitComet 9557 TCP "9557:UDP"= 9557:UDP:BitComet 9557 UDP R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\Drivers\avgldx86.sys [2008-12-06 97928] R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [2008-12-06 231704] R2 Viewpoint Manager Service;Viewpoint Manager Service;"c:\program files\Viewpoint\Common\ViewpointService.exe" [2007-01-10 24652] S2 rzzrzjbr;rzzrzjbr;\??\c:\windows\system32\drivers\rzzrzjbr.sys [] . Contents of the 'Scheduled Tasks' folder 2008-12-08 c:\windows\Tasks\Auto-scheduled task of Free Registry Fix.job - c:\program files\Free Registry Fix\regfixf.exe [2005-11-10 06:45] 2008-12-08 c:\windows\Tasks\Disk Cleanup.job - c:\windows\system32\cleanmgr.exe [2008-04-13 19:12] 2008-12-06 c:\windows\Tasks\NSSstub.job - c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [] . - - - - ORPHANS REMOVED - - - - BHO-{7a4e709e-5ce2-47ca-8160-3db448504a9b} - (no file) Notify-crypt32chain - (no file) MSConfigStartUp-gcasServ - c:\program files\Microsoft AntiSpyware\gcasServ.exe MSConfigStartUp-kuzalaheza - c:\windows\system32\hawajifi.dll MSConfigStartUp-McAfeeUpdaterUI - c:\program files\Network Associates\Common Framework\UpdaterUI.exe MSConfigStartUp-RealTray - c:\program files\Real\RealPlayer\RealPlay.exe MSConfigStartUp-ShStatEXE - c:\program files\Network Associates\VirusScan\SHSTAT.EXE MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\j2re1.4.2_03\bin\jusched.exe MSConfigStartUp-SynTPEnh - c:\program files\Synaptics\SynTP\SynTPEnh.exe MSConfigStartUp-SynTPLpr - c:\program files\Synaptics\SynTP\SynTPLpr.exe MSConfigStartUp-UpdateManager - c:\program files\Common Files\Sonic\Update Manager\sgtray.exe . ------- Supplementary Scan ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = .local IE: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta FireFox -: Profile - c:\documents and settings\Nathan Williams\Application Data\Mozilla\Firefox\Profiles\xudloa12.default\ . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-08 20:46:41 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\igfxsrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe c:\program files\AVG\AVG8\avgrsx.exe c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe c:\program files\HP\Digital Imaging\bin\hpqste08.exe c:\windows\system32\dllhost.exe . ************************************************************************ . Completion time: 2008-12-08 20:50:50 - machine was rebooted [Nathan Williams] ComboFix-quarantined-files.txt 2008-12-09 01:50:44 Pre-Run: 32,352,083,968 bytes free Post-Run: 32,450,191,360 bytes free 310 --- E O F --- 2008-11-27 01:44:32

12-08-2008, 10:27 PM	#5 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,326 OS: N/A	Re: Computer Slow after startup, firefox and flash player especially You appear to have previously installed/uninstalled SpyHunter. I'm going to clean up the remnant files. Do not proceed if that isn't so Open NOTEPAD and copy/paste the text in the quotebox below into it: Code: FOLDER:: c:\program files\Enigma Software Group REGISTRY:: [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 DRIVER:: rzzrzjbr Save this as "CFScript" Referring to the picture above, drag CFScript.txt into ComboFix.exe When finished, it shall produce a log for you, C:\ComboFix.txt. Post that log in your next reply. --------------- Using Internet Explorer, visit http://www.kaspersky.com/service?chapter=161739400 Vista users right click on the Internet Explorer shortcut, and choose Run As Administrator. Note To optimize scanning time and produce a more sensible report for review: Close any open programs Turn off the real time scanner of any existing antivirus program while performing the online scan. Click Accept, when prompted to download and install the program files and database of malware definitions. Click Run at the Security prompt. The program will then begin downloading and installing and will also update the database. Please be patient as this can take several minutes. Once the update is complete, click on My Computer under the green Scan bar to the left to start the scan. Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it. Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined. Click View scan report at the bottom. Click the Save Report As... button. Click the Save as Text button to save the file to your desktop so that you may post it in your next reply. --------------- In your next post, please include fresh logs from: Online scan ComboFix's log Please provide details of any problems you encountered whilst performing the above steps & update us on how the computer behaves now __________________ Question - what have you done for the community today?

12-09-2008, 09:39 AM	#6 (permalink)
willianr1179 Registered User Join Date: Dec 2008 Posts: 7 OS: Windows XP	Re: Computer Slow after startup, firefox and flash player especially ComboFix 08-12-07.04 - Nathan Williams 2008-12-09 11:02:29.3 - NTFSx86 Running from: c:\documents and settings\Nathan Williams\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Nathan Williams\Desktop\CFScript.txt . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\program files\Enigma Software Group . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_rzzrzjbr -------\Service_rzzrzjbr ((((((((((((((((((((((((( Files Created from 2008-11-09 to 2008-12-09 ))))))))))))))))))))))))))))))) . 2008-12-07 19:30 . 2008-09-19 16:57 3,596,288 --a------ c:\windows\system32\qt-dx331.dll 2008-12-07 19:30 . 2008-09-24 13:41 839,680 --a------ c:\windows\system32\lameACM.acm 2008-12-07 19:30 . 2008-01-10 07:15 755,027 --a------ c:\windows\system32\xvidcore.dll 2008-12-07 19:30 . 2008-10-28 17:35 684,032 --a------ c:\windows\system32\divx.dll 2008-12-07 19:30 . 2004-01-25 11:18 217,088 --a------ c:\windows\system32\yv12vfw.dll 2008-12-07 19:30 . 2007-09-04 11:56 164,352 --a------ c:\windows\system32\unrar.dll 2008-12-07 19:30 . 2008-01-10 07:16 159,839 --a------ c:\windows\system32\xvidvfw.dll 2008-12-07 19:30 . 2007-09-20 19:52 118,784 --a------ c:\windows\system32\ac3acm.acm 2008-12-07 19:30 . 2008-09-25 03:03 81,920 --a------ c:\windows\system32\dpl100.dll 2008-12-07 19:30 . 2008-10-03 07:30 414 --a------ c:\windows\system32\lame_acm.xml 2008-12-07 19:30 . 2008-07-30 14:09 38 --a------ c:\windows\avisplitter.ini 2008-12-07 19:29 . 2008-12-07 19:30 <DIR> d-------- c:\program files\K-Lite Codec Pack 2008-12-07 19:29 . 2008-11-24 09:32 57,344 --a------ c:\windows\system32\ff_vfw.dll 2008-12-07 19:29 . 2007-07-10 11:10 547 --a------ c:\windows\system32\ff_vfw.dll.manifest 2008-12-06 19:22 . 2008-12-09 10:34 <DIR> d--h----- C:\$AVG8.VAULT$ 2008-12-06 15:20 . 2008-12-06 15:20 10,520 --a------ c:\windows\system32\avgrsstx.dll 2008-12-06 15:19 . 2008-12-09 09:43 <DIR> d-------- c:\windows\system32\drivers\Avg 2008-12-06 15:19 . 2008-12-06 15:19 97,928 --a------ c:\windows\system32\drivers\avgldx86.sys 2008-12-04 20:09 . 2008-12-04 20:09 250 --a------ c:\windows\gmer.ini 2008-12-04 20:00 . 2008-12-04 20:00 <DIR> d-------- c:\program files\Trend Micro 2008-12-04 18:00 . 2008-12-06 14:37 <DIR> d-------- c:\windows\system32\Adobe 2008-12-04 05:23 . 2008-04-13 20:12 116,224 --a------ c:\windows\system32\dllcache\xrxwiadr.dll 2008-12-04 05:22 . 2001-08-17 22:36 23,040 --a------ c:\windows\system32\dllcache\xrxwbtmp.dll 2008-12-04 05:22 . 2008-04-13 20:12 18,944 --a------ c:\windows\system32\dllcache\xrxscnui.dll 2008-12-04 05:21 . 2001-08-17 22:37 27,648 --a------ c:\windows\system32\dllcache\xrxftplt.exe 2008-12-04 05:20 . 2001-08-17 22:37 4,608 --a------ c:\windows\system32\dllcache\xrxflnch.exe 2008-12-04 05:18 . 2001-08-17 22:37 99,865 --a------ c:\windows\system32\dllcache\xlog.exe 2008-12-04 05:18 . 2004-08-04 05:00 28,288 --a------ c:\windows\system32\dllcache\xjis.nls 2008-12-04 05:17 . 2004-08-03 22:29 19,455 --a------ c:\windows\system32\dllcache\wvchntxx.sys 2008-12-04 05:17 . 2001-08-17 12:11 16,970 --a------ c:\windows\system32\dllcache\xem336n5.sys 2008-12-04 05:16 . 2008-04-13 14:46 19,200 --a------ c:\windows\system32\dllcache\wstcodec.sys 2008-12-04 05:16 . 2004-08-03 22:29 12,063 --a------ c:\windows\system32\dllcache\wsiintxx.sys 2008-12-04 05:16 . 2008-04-13 20:12 8,192 --a------ c:\windows\system32\dllcache\wshirda.dll 2008-12-04 05:14 . 2004-08-03 22:31 154,624 --a------ c:\windows\system32\dllcache\wlluc48.sys 2008-12-04 05:14 . 2008-04-13 14:36 8,832 --a------ c:\windows\system32\dllcache\wmiacpi.sys 2008-12-04 05:13 . 2001-08-17 12:12 34,890 --a------ c:\windows\system32\dllcache\wlandrv2.sys 2008-12-04 05:12 . 2001-08-17 13:28 771,581 --a------ c:\windows\system32\dllcache\winacisa.sys 2008-12-04 05:11 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\wiamsmud.dll 2008-12-04 05:10 . 2001-08-17 22:36 87,040 --a------ c:\windows\system32\dllcache\wiafbdrv.dll 2008-12-04 05:10 . 2004-08-04 05:00 41,600 --a------ c:\windows\system32\dllcache\weitekp9.dll 2008-12-04 05:10 . 2004-08-04 05:00 31,232 --a------ c:\windows\system32\dllcache\weitekp9.sys 2008-12-04 05:09 . 2001-08-17 13:28 701,386 --a------ c:\windows\system32\dllcache\wdhaalba.sys 2008-12-04 05:08 . 2008-04-13 14:45 31,744 --a------ c:\windows\system32\dllcache\wceusbsh.sys 2008-12-04 05:08 . 2004-08-03 22:29 23,615 --a------ c:\windows\system32\dllcache\wch7xxnt.sys 2008-12-04 05:07 . 2001-08-17 12:10 35,871 --a------ c:\windows\system32\dllcache\wbfirdma.sys 2008-12-04 05:07 . 2004-08-03 22:29 33,599 --a------ c:\windows\system32\dllcache\watv04nt.sys 2008-12-04 05:07 . 2004-08-03 22:29 19,551 --a------ c:\windows\system32\dllcache\watv02nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 29,311 --a------ c:\windows\system32\dllcache\watv01nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 12,415 --a------ c:\windows\system32\dllcache\wadv01nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 12,127 --a------ c:\windows\system32\dllcache\wadv02nt.sys 2008-12-04 05:06 . 2004-08-03 22:29 11,775 --a------ c:\windows\system32\dllcache\wadv05nt.sys 2008-12-04 05:06 . 2004-08-04 05:00 9,216 --a------ c:\windows\system32\dllcache\wamps51.dll 2008-12-04 05:05 . 2001-08-17 12:13 16,925 --a------ c:\windows\system32\dllcache\w940nd.sys 2008-12-04 05:04 . 2001-08-17 12:13 19,016 --a------ c:\windows\system32\dllcache\w926nd.sys 2008-12-04 05:03 . 2004-08-04 05:00 73,728 --a------ c:\windows\system32\dllcache\w3ext.dll 2008-12-04 05:03 . 2001-08-17 12:13 19,528 --a------ c:\windows\system32\dllcache\w840nd.sys 2008-12-04 05:03 . 2004-08-04 05:00 5,632 --a------ c:\windows\system32\dllcache\w3svapi.dll 2008-12-04 05:02 . 2004-08-04 05:00 48,256 --a------ c:\windows\system32\dllcache\w32.dll 2008-12-04 05:02 . 2004-08-04 05:00 4,608 --a------ c:\windows\system32\dllcache\w3ctrs51.dll 2008-12-04 05:01 . 2001-08-17 13:28 64,605 --a------ c:\windows\system32\dllcache\vvoice.sys 2008-12-04 05:00 . 2001-08-17 13:28 397,502 --a------ c:\windows\system32\dllcache\vpctcom.sys 2008-12-04 04:59 . 2001-08-17 13:28 604,253 --a------ c:\windows\system32\dllcache\vmodem.sys 2008-12-04 04:58 . 2001-08-17 12:14 249,402 --a------ c:\windows\system32\dllcache\vinwm.sys 2008-12-04 04:58 . 2001-08-17 13:49 24,576 --a------ c:\windows\system32\dllcache\viairda.sys 2008-12-04 04:57 . 2008-04-13 20:12 53,760 --a------ c:\windows\system32\dllcache\vfwwdm32.dll 2008-12-04 04:56 . 2001-08-17 13:28 687,999 --a------ c:\windows\system32\dllcache\usrwdxjs.sys 2008-12-04 04:55 . 2001-08-17 13:28 765,884 --a------ c:\windows\system32\dllcache\usrti.sys 2008-12-04 04:54 . 2001-08-17 13:28 113,762 --a------ c:\windows\system32\dllcache\usrpda.sys 2008-12-04 04:53 . 2001-08-17 13:28 7,556 --a------ c:\windows\system32\dllcache\usroslba.sys 2008-12-04 04:52 . 2001-08-17 13:28 224,802 --a------ c:\windows\system32\dllcache\usr1807a.sys 2008-12-04 04:51 . 2001-08-17 13:28 794,399 --a------ c:\windows\system32\dllcache\usr1806v.sys 2008-12-04 04:51 . 2001-08-17 13:28 793,598 --a------ c:\windows\system32\dllcache\usr1806.sys 2008-12-04 04:50 . 2001-08-17 13:28 794,654 --a------ c:\windows\system32\dllcache\usr1801.sys 2008-12-04 04:49 . 2008-04-13 14:45 60,032 --a------ c:\windows\system32\dllcache\usbaudio.sys 2008-12-04 04:49 . 2008-04-13 14:45 26,112 --a------ c:\windows\system32\dllcache\usbser.sys 2008-12-04 04:49 . 2008-04-13 14:45 17,152 --a------ c:\windows\system32\dllcache\usbohci.sys 2008-12-04 04:48 . 2004-08-03 22:31 32,384 --a------ c:\windows\system32\dllcache\usb101et.sys 2008-12-04 04:47 . 2001-08-17 22:36 94,720 --a------ c:\windows\system32\dllcache\umaxud32.dll 2008-12-04 04:46 . 2001-08-17 22:36 28,160 --a------ c:\windows\system32\dllcache\umaxu40.dll 2008-12-04 04:45 . 2001-08-17 22:36 26,624 --a------ c:\windows\system32\dllcache\umaxu22.dll 2008-12-04 04:44 . 2001-08-17 22:36 69,632 --a------ c:\windows\system32\dllcache\umaxu12.dll 2008-12-04 04:44 . 2001-08-17 22:36 50,688 --a------ c:\windows\system32\dllcache\umaxscan.dll 2008-12-04 04:43 . 2001-08-17 13:58 22,912 --a------ c:\windows\system32\dllcache\umaxpcls.sys 2008-12-04 04:42 . 2001-08-17 22:36 50,176 --a------ c:\windows\system32\dllcache\umaxp60.dll 2008-12-04 04:41 . 2001-08-17 22:36 47,616 --a------ c:\windows\system32\dllcache\umaxcam.dll 2008-12-04 04:40 . 2001-08-17 22:36 211,968 --a------ c:\windows\system32\dllcache\um54scan.dll 2008-12-04 04:39 . 2001-08-17 22:36 216,064 --a------ c:\windows\system32\dllcache\um34scan.dll 2008-12-04 04:38 . 2004-08-04 05:00 14,336 --a------ c:\windows\system32\dllcache\tsprof.exe 2008-12-04 04:38 . 2001-08-17 13:48 11,520 --a------ c:\windows\system32\dllcache\twotrack.sys 2008-12-04 04:37 . 2001-08-17 12:51 166,784 --a------ c:\windows\system32\dllcache\tridxpm.sys 2008-12-04 04:36 . 2001-08-17 22:36 525,568 --a------ c:\windows\system32\dllcache\tridxp.dll 2008-12-04 04:35 . 2001-08-17 12:51 159,232 --a------ c:\windows\system32\dllcache\tridkbm.sys 2008-12-04 04:34 . 2001-08-17 14:56 440,576 --a------ c:\windows\system32\dllcache\tridkb.dll 2008-12-04 04:33 . 2001-08-17 12:51 222,336 --a------ c:\windows\system32\dllcache\trid3dm.sys 2008-12-04 04:32 . 2001-08-17 14:56 315,520 --a------ c:\windows\system32\dllcache\trid3d.dll 2008-12-04 04:31 . 2001-08-17 12:12 34,375 --a------ c:\windows\system32\dllcache\tpro4.sys 2008-12-04 04:30 . 2008-04-13 20:12 82,944 --a------ c:\windows\system32\dllcache\tp4mon.exe 2008-12-04 04:30 . 2001-08-17 22:35 42,496 --a------ c:\windows\system32\dllcache\tp4res.dll 2008-12-04 04:29 . 2001-08-17 22:36 31,744 --a------ c:\windows\system32\dllcache\tp4.dll 2008-12-04 04:28 . 2001-08-17 14:02 230,912 --a------ c:\windows\system32\dllcache\tosdvd03.sys 2008-12-04 04:27 . 2001-08-17 14:01 241,664 --a------ c:\windows\system32\dllcache\tosdvd02.sys 2008-12-04 04:26 . 2001-08-17 12:10 28,232 --a------ c:\windows\system32\dllcache\tos4mo.sys 2008-12-04 04:25 . 2004-08-04 05:00 185,344 --a------ c:\windows\system32\dllcache\thawbrkr.dll 2008-12-04 04:25 . 2001-08-17 12:14 123,995 --a------ c:\windows\system32\dllcache\tjisdn.sys 2008-12-04 04:24 . 2001-08-17 12:51 138,528 --a------ c:\windows\system32\dllcache\tgiulnt5.sys 2008-12-04 04:23 . 2008-04-13 14:40 149,376 --a------ c:\windows\system32\dllcache\tffsport.sys 2008-12-04 04:23 . 2001-08-17 14:56 81,408 --a------ c:\windows\system32\dllcache\tgiul50.dll 2008-12-04 04:23 . 2004-08-04 05:00 19,464 --a------ c:\windows\system32\dllcache\tdspx.sys 2008-12-04 04:22 . 2001-08-17 12:13 17,129 --a------ c:\windows\system32\dllcache\tdkcd31.sys 2008-12-04 04:21 . 2001-08-17 12:13 37,961 --a------ c:\windows\system32\dllcache\tdk100b.sys 2008-12-04 04:21 . 2004-08-04 05:00 21,896 --a------ c:\windows\system32\dllcache\tdipx.sys 2008-12-04 04:21 . 2004-08-04 05:00 13,192 --a------ c:\windows\system32\dllcache\tdasync.sys 2008-12-04 04:20 . 2001-08-17 13:49 30,464 --a------ c:\windows\system32\dllcache\tbatm155.sys 2008-12-04 04:20 . 2001-08-17 13:52 7,040 --a------ c:\windows\system32\dllcache\tandqic.sys 2008-12-04 04:19 . 2001-08-17 12:50 36,640 --a------ c:\windows\system32\dllcache\t2r4mini.sys 2008-12-04 04:18 . 2001-08-17 14:56 172,768 --a------ c:\windows\system32\dllcache\t2r4disp.dll 2008-12-04 04:17 . 2001-08-17 22:36 94,293 --a------ c:\windows\system32\dllcache\sxports.dll 2008-12-04 04:16 . 2001-08-17 13:50 103,936 --a------ c:\windows\system32\dllcache\sx.sys 2008-12-04 04:15 . 2001-08-17 14:02 3,968 --a------ c:\windows\system32\dllcache\swusbflt.sys 2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpidflt.dll 2008-12-04 04:14 . 2001-08-17 22:36 10,240 --a------ c:\windows\system32\dllcache\swpdflt2.dll 2008-12-04 04:13 . 2001-08-17 22:36 53,760 --a------ c:\windows\system32\dllcache\sw_wheel.dll 2008-12-04 04:12 . 2001-08-17 22:36 41,472 --a------ c:\windows\system32\dllcache\sw_effct.dll 2008-12-04 04:12 . 2008-04-13 14:46 15,232 --a------ c:\windows\system32\dllcache\streamip.sys 2008-12-04 04:11 . 2001-08-17 22:36 155,648 --a------ c:\windows\system32\dllcache\stlnprop.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2008-12-08 01:04 --------- d-----w c:\program files\Common Files\Symantec Shared 2008-12-06 19:39 --------- d-----w c:\program files\Apple Software Update 2008-12-03 02:50 --------- d-----w c:\program files\Java 2008-11-28 03:50 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Aim 2008-11-27 16:46 --------- d-----w c:\program files\Viewpoint 2008-11-27 16:46 --------- d-----w c:\documents and settings\All Users\Application Data\Viewpoint 2008-11-27 16:14 --------- d-----w c:\program files\InterActual 2008-11-24 00:35 --------- d-----w c:\program files\Common Files\Adobe 2008-11-23 05:24 --------- d-----w c:\program files\Kl 2008-11-13 20:38 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP 2008-11-08 06:30 --------- d-----w c:\program files\Common Files\Apple 2008-11-06 18:18 --------- d-----w c:\documents and settings\Nathan Williams\Application Data\Malwarebytes 2008-11-06 18:17 --------- d-----w c:\documents and settings\All Users\Application Data\Malwarebytes 2008-11-06 17:27 14,336 ----a-w c:\windows\system32\svchost.exe 2008-11-06 17:27 14,336 ----a-w c:\windows\system32\dllcache\svchost.exe 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\drivers\mrxsmb.sys 2008-10-24 11:21 455,296 ----a-w c:\windows\system32\dllcache\mrxsmb.sys 2008-10-16 19:13 202,776 ----a-w c:\windows\system32\wuweb.dll 2008-10-16 19:13 202,776 ----a-w c:\windows\system32\dllcache\wuweb.dll 2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\wuaueng.dll 2008-10-16 19:13 1,809,944 ----a-w c:\windows\system32\dllcache\wuaueng.dll 2008-10-16 19:12 561,688 ----a-w c:\windows\system32\wuapi.dll 2008-10-16 19:12 561,688 ----a-w c:\windows\system32\dllcache\wuapi.dll 2008-10-16 19:12 323,608 ----a-w c:\windows\system32\wucltui.dll 2008-10-16 19:12 323,608 ----a-w c:\windows\system32\dllcache\wucltui.dll 2008-10-16 19:09 92,696 ----a-w c:\windows\system32\dllcache\cdm.dll 2008-10-16 19:09 92,696 ----a-w c:\windows\system32\cdm.dll 2008-10-16 19:09 51,224 ----a-w c:\windows\system32\wuauclt.exe 2008-10-16 19:09 51,224 ----a-w c:\windows\system32\dllcache\wuauclt.exe 2008-10-16 19:09 43,544 ----a-w c:\windows\system32\wups2.dll 2008-10-16 19:08 34,328 -c--a-w c:\windows\system32\wups.dll 2008-10-16 19:08 34,328 ----a-w c:\windows\system32\dllcache\wups.dll 2008-10-15 16:34 337,408 ----a-w c:\windows\system32\dllcache\netapi32.dll 2008-10-10 20:02 --------- d-----w c:\program files\iTunes 2008-10-10 20:02 --------- d-----w c:\program files\iPod 2008-10-10 20:02 --------- d-----w c:\documents and settings\All Users\Application Data\{3276BE95_AF08_429F_A64F_CA64CB79BCF6} 2008-10-10 20:00 --------- d-----w c:\program files\QuickTime 2008-10-03 17:41 6,066,176 ------w c:\windows\system32\dllcache\ieframe.dll 2008-09-30 21:43 1,286,152 ----a-w c:\windows\system32\msxml4.dll 2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\win32k.sys 2008-09-15 12:12 1,846,400 ----a-w c:\windows\system32\dllcache\win32k.sys 2008-09-10 01:14 1,307,648 ----a-w c:\windows\system32\dllcache\msxml6.dll 2008-09-10 01:14 1,307,648 ------w c:\windows\system32\msxml6.dll 2006-09-15 00:28 168 -csh--r c:\windows\system32\C37EF2E345.sys 2006-09-15 00:28 6,580 -csha-w c:\windows\system32\KGyGaAvL.sys . ((((((((((((((((((((((((((((( snapshot@2008-12-08_20.49.55.29 ))))))))))))))))))))))))))))))))))))))))) . + 2008-11-03 21:10:26 17,318,336 ----a-w c:\windows\system32\MRT.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . Note empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-13 15360] "CTSyncU.exe"="c:\program files\Creative\Sync Manager Unicode\CTSyncU.exe" [2006-08-07 700416] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "igfxtray"="c:\windows\system32\igfxtray.exe" [2005-10-14 94208] "igfxpers"="c:\windows\system32\igfxpers.exe" [2005-10-14 114688] "ISUSPM Startup"="c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe" [2005-08-11 249856] "ISUSScheduler"="c:\program files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 81920] "HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2006-02-19 49152] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2008-09-06 413696] "AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2008-12-06 1261336] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Digital Line Detect.lnk - c:\program files\Digital Line Detect\DLG.exe [2005-05-18 24576] HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2006-02-19 288472] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet] --a--c--- 2004-11-10 11:54 598016 c:\program files\Dell\QuickSet\quickset.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport] --a--c--- 2004-07-19 07:51 306688 c:\program files\Dell Support\DSAgnt.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher] -----c--- 2004-10-12 16:54 57344 c:\program files\CyberLink\PowerDVD\DVDLauncher.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Component Manager] --a--c--- 2004-05-12 14:18 241664 c:\program files\HP\hpcoretech\hpcmpmgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update] --a------ 2006-02-19 02:41 49152 c:\program files\HP\HP Software Update\hpwuSchd2.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd] --a------ 2005-10-14 13:46 77824 c:\windows\system32\hkcmd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper] --a------ 2008-10-01 17:57 289576 c:\program files\iTunes\iTunesHelper.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS] --a------ 2008-04-13 19:12 1695232 c:\program files\Messenger\msmsgs.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PRONoMgrWired] --a--c--- 2004-12-09 13:58 86016 c:\program files\Intel\PROSetWired\NCS\PROSet\PRONoMgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] --a------ 2008-09-06 14:09 413696 c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UpdatesDisableNotify"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Media Player\\wmplayer.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\AVG\\AVG8\\avgupd.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "9029:TCP"= 9029:TCP:BitComet 9029 TCP "9029:UDP"= 9029:UDP:BitComet 9029 UDP "9557:TCP"= 9557:TCP:BitComet 9557 TCP "9557:UDP"= 9557:UDP:BitComet 9557 UDP . Contents of the 'Scheduled Tasks' folder 2008-12-08 c:\windows\Tasks\Auto-scheduled task of Free Registry Fix.job - c:\program files\Free Registry Fix\regfixf.exe [2005-11-10 06:45] 2008-12-08 c:\windows\Tasks\Disk Cleanup.job - c:\windows\system32\cleanmgr.exe [2008-04-13 19:12] 2008-12-06 c:\windows\Tasks\NSSstub.job - c:\windows\system32\Adobe\Shockwave 11\nssstub.exe [] . . ------- Supplementary Scan ------- . uStart Page = about:blank uInternet Settings,ProxyOverride = .local IE: &Search - http://kl.bar.need2find.com/KL/menusearch.html?p=KL IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Open with WordPerfect - c:\program files\WordPerfect Office X3\Programs\WPLauncher.hta FireFox -: Profile - c:\documents and settings\Nathan Williams\Application Data\Mozilla\Firefox\Profiles\xudloa12.default\ . *********************************************************************** catchme 0.3.1367 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2008-12-09 11:25:35 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ********************************************************************** . ------------------------ Other Running Processes ------------------------ . c:\progra~1\AVG\AVG8\avgwdsvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\Dell\NicConfigSvc\NicConfigSvc.exe c:\program files\Viewpoint\Common\ViewpointService.exe c:\windows\system32\igfxsrvc.exe c:\program files\AVG\AVG8\avgrsx.exe c:\program files\Viewpoint\Viewpoint Manager\ViewMgr.exe c:\program files\HP\Digital Imaging\bin\hpqste08.exe c:\windows\system32\dllhost.exe c:\windows\system32\imapi.exe . ************************************************************************ . Completion time: 2008-12-09 11:34:46 - machine was rebooted ComboFix-quarantined-files.txt 2008-12-09 16:34:09 ComboFix2.txt 2008-12-09 01:50:58 Pre-Run: 33,935,089,664 bytes free Post-Run: 33,931,702,272 bytes free 295 --- E O F --- 2008-12-09 08:16:25

12-09-2008, 09:47 AM	#7 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,326 OS: N/A	Re: Computer Slow after startup, firefox and flash player especially I shall wait for the results of the Kaspersky scan __________________ Question - what have you done for the community today?

12-09-2008, 10:54 AM	#8 (permalink)
willianr1179 Registered User Join Date: Dec 2008 Posts: 7 OS: Windows XP	Re: Computer Slow after startup, firefox and flash player especially Okay thank you!

12-11-2008, 12:21 PM	#9 (permalink)
willianr1179 Registered User Join Date: Dec 2008 Posts: 7 OS: Windows XP	Re: Computer Slow after startup, firefox and flash player especially I haven't forgotten about the scan, am running it now. Had a mild crisis , some jerk in a porche cut me off, hit me, and totaled my car... will post scan as soon as it's complete

12-12-2008, 06:20 PM	#10 (permalink)
willianr1179 Registered User Join Date: Dec 2008 Posts: 7 OS: Windows XP	Re: Computer Slow after startup, firefox and flash player especially -------------------------------------------------------------------------------- KASPERSKY ONLINE SCANNER 7 REPORT Friday, December 12, 2008 Operating System: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner 7 version: 7.0.25.0 Program database last update: Friday, December 12, 2008 14:32:44 Records in database: 1454842 -------------------------------------------------------------------------------- Scan settings: Scan using the following database: extended Scan archives: yes Scan mail databases: yes Scan area - My Computer: C:\ D:\ Scan statistics: Files scanned: 49988 Threat name: 0 Infected objects: 0 Suspicious objects: 0 Duration of the scan: 06:52:24 No malware has been detected. The scan area is clean. The selected area was scanned.

12-13-2008, 01:08 AM	#11 (permalink)
sUBs Asst Manager Security, Expert Analyst, Moderator, Security Team; Rangemaster, Moderator, TSF Academy Join Date: May 2005 Posts: 24,326 OS: N/A	Re: Computer Slow after startup, firefox and flash player especially Your system is now clean. Kindly follow these simple steps in order to keep your computer clean and secure: Uninstall ComboFix ... do not skip this step This process will perform some post cleanup measures. Do this by going to to Start > Run & typing in ComboFix /u ANTIVIRUS SOFTWARE It is imperative that you update your Antivirus software at least once a week (Even more if you wish). If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out. Microsoft Windows Update ? http://www.windowsupdate.com Visit regularly. This will ensure your computer always has the latest security updates. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates. SPYWAREBLASTER SpywareBlaster prevents the installation of malicious ActiveX, adware, browser hijackers, dialers, and other potentially unwanted software. Blocks spyware/tracking cookies & restricts the actions of potentially unwanted sites. Unlike other programs, SpywareBlaster does not have to remain running in the background. A tutorial on installing & using this product can be found here ? http://www.bleepingcomputer.com/forums/tutorial49.html Update all these programs regularly. Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released. Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will further enhance your safety. http://www.trillian.cc ? Trillian or http://www.miranda-im.com ? Miranda-IM - These are Malware free Instant Messenger programs which allow you to connect to multiple IM services in one program! (AOL, Yahoo, ICQ, IRC, MSN) http://www.mozilla.org/products/firefox/ - Firefox - Use this alternate browser. Whilst Internet Explorer is not a bad browser, almost every exploit crafted is targeted to take advantage of an IE weakness. http://java.com/en/index.jsp - Sun's Java - It's much more secure than Microsoft's Java Virtual Machine. http://www.aumha.org/downloads/erunt-setup.exe - ERUNT - A useful freeware utility for users of Windows 2000/XP. It's made up of two parts - ERUNT & NTREGOPT. ERUNT will create daily complete backups of your computer's Registry. Whilst System Restore does the same thing, a corrupt registry file may prevent Windows from booting & this effectively renders disables System Restore. With ERUNT, you're able to restore the damaged Registry. NTREGOPT works by recreating each registry hive "from scratch", thus removing any slack space that may be left from previously modified or deleted keys. In other words, it compacts the Registry to a small size which allows Windows to load & perform faster. To find out more information about how you got infected in the first place and some great guidelines to follow to prevent future infections you can read this article by Tony Klein - http://computercops.biz/postlite7736-.html After doing all these, your system will be optimised against future threats. It's okay to delete the Hijack This folder in a couple weeks if everything is working okay. Have a safe & happy computing day. Kindly respond to this thread once more so we can mark this thread as resolved. __________________ Question - what have you done for the community today?