Jump to content

mr_banana_pants

Members
 View Profile  See their activity

  • Posts

    82

  • Joined

  • Last visited

 Content Type 

Everything posted by mr_banana_pants

  1. mr_banana_pants
    Randy, my thanks to you and the other members of this fine forum We see to have had success. Kind regards
  2. mr_banana_pants
    Thanks Randy. I'm going to get him to try that. It's difficult because he lives about 300miles away from me! But I'll let you know what happens and how he fares! Thanks again
  3. mr_banana_pants
    He'd tried it after the issue occurred. And it hasn't helped the matter. Thanks
  4. mr_banana_pants
    Me and my family aren't having much luck! You guys sorted my problem out the other day, hopefully you can help with this one also. My dad has had a similar problem to me with windows update. He logged off windows the other night and it installed the updates. Now when he switches on the PC, you can get to the Windows "Log-On" page with all the Users listed. But only he can log onto correctly. Every other User get this message when they log on: "The application failed to initialise properly (0xc0000022). Click on ok to terminate the application" After they click "ok" they just see the desktop but with nothing on it and no option to do anything. He's tried making new user profiles but they dont' work either. Any ideas? Thanks again
  5. mr_banana_pants
    Brilliant!!thanks for link I've just tried it now and all seems to be working fine again. Much appreciated! Cheers Darrell
  6. mr_banana_pants
    Last night I let Windows XP install its automatic updates upon shutdown. Today I switch my computer on...and I get BSoD. I start in "Last Known Good Configurations"...and I get BSoD Same with Safe Mode. I get the following error: It asks me to check if I have adequate disc space (I'm sure I did). Or if a driver identified in the stop message to disable it. STOP: 0X0000007E (0x80000003, 0x8053355E, 0xF79593BC, 0xF79590B8) I'm sorry but this level of computing is way beyond me. I tried repairing windows. I must point out that I bought my PC 2nd hand from an office that were selling on they're hardware. Its a legitimate buy with a proper Windows disc/Windows Product Key. After Windows has thought about repairing itself the computer restarts, it asks me to press 1 to select the copy of Windows I wish to repair. Then it asks me to enter an administrator key, which I do. Then nothing. It just says c: windows and expect me to put in a command prompt from one of those listed under Help. I apologise for my dimness. I really want to avoid reformatting the computer if I can help. Especially when it seems to have been caused by an automatic windows update! Thanks so much in advance. Darrell
  7. mr_banana_pants
    I'm not doing much at the moment. And temperature is reading 49c I have 2 sticks of 512mb Unfortunately I'm unable to run that Memory test. I'm not able to make a bootable disc with the programme on. I tried using the USB stick version and it didn't work. It said that a file was missing. I can't see how cos theres only one file there! Thanks again
  8. mr_banana_pants
    I haven't got any PCI cards in. But I think it could be the RAM still. It seemed to go off just when my computer was at its peak, and about to blow up. My fault for pushing to old girl too hard lol Thanks again though
  9. mr_banana_pants
    Thanks guys! I will try those links to resolve the errors. Is it likely that those errors would cause BSOD?
  10. mr_banana_pants
    Its only a happened a couple of times. But it happened twice very close together. I've looked over the System Event Viewer for the last week or so. And these are the errors that appear: Source: MRxSmb Event: 8003 (Appears quite a lot) Source: Service Control Manager Event: 7000 (Also appears a few times) Source: System Error Event: 1003 (Appears a couple of times) Source: Dhcp Event:1001 (Appears once or twice)
  11. mr_banana_pants
    Hi, thanks for replying. How exactly do I check if the RAM is okay? Also, on the System Event Viewer there are quite a few Red X and Yellow ! warning boxes. What information do you need from them? Thanks
  12. mr_banana_pants
    I normally wouldn't be too worried about a random Blue Screen error. But this one has happened twice in as many days. I apologise I didn't manage to grab any info from the Blue Screen itself before the computer rebooted. But I did get some error information when the computer booted back up 1st time I got the error It mentioned the following: C:\DOCUME~1\TARDIS\LOCALS~1\Temp\WER008a.dir00\Mini102909-01.dmp C:\DOCUME~1\TARDIS\LOCALS~1\Temp\WER008a.dir00\sysdata.xml 2nd the I got the error C:\DOCUME~1\TARDIS\LOCALS~1\Temp\WER33e2.dir00\Mini103009-01.dmp C:\DOCUME~1\TARDIS\LOCALS~1\Temp\WER33e2.dir00\sysdata.xml BCCode : 1000008e BCP1 : C0000005 BCP2 : BF8124D9 BCP3 : A96969CC BCP4 : 00000000 OSVer : 5_1_2600 SP : 3_0 Product : 256_1 I'm not sure if I'm just pushing her too hard or what. I've noticed though my internet connect has been funny lately. And the last time it started it wouldn't recognise my wireless adapter till I fiddled round. Not sure if that has anything to do with it:confused: Thanks in advance:)
  13. mr_banana_pants
    Guys. Its sorted. It appeared to be a dodgy screensaver after all. Thank you so much for your help. As stupid as it turned out to be I never would have pin pointed it with out you all Sorry for wasting your time though. Thanks again:cool:
  14. mr_banana_pants
    Still there:(. How do I go about using selective start up? I looked for the vortex.exe to stop it. Couldn't see it when I pressed Ctrl-Alt-Delete However I do remember it being a screensaver. Could this be it? The form1 only appears when my computer is inactive for say 10mins
  15. mr_banana_pants
    Unfortunately, its still there. Here are the scan results: ;*********************************************************************************************************************************************************************************** ANALYSIS: 2009-09-18 20:46:27 PROTECTIONS: 1 MALWARE: 12 SUSPECTS: 1 ;*********************************************************************************************************************************************************************************** PROTECTIONS Description Version Active Updated ;=================================================================================================================================================================================== avast! antivirus 4.8.1351 [VPS 090917-0] 4.8.1351 Yes Yes ;=================================================================================================================================================================================== MALWARE Id Description Type Active Severity Disinfectable Disinfected Location ;=================================================================================================================================================================================== 00139060 Cookie/Casalemedia TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@casalemedia[2].txt 00139061 Cookie/Doubleclick TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@doubleclick[2].txt 00139064 Cookie/Atlas DMT TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@atdmt[1].txt 00145393 Cookie/Tradedoubler TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@tradedoubler[1].txt 00145731 Cookie/Tribalfusion TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@tribalfusion[2].txt 00145738 Cookie/Mediaplex TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@mediaplex[1].txt 00168056 Cookie/YieldManager TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@ad.yieldmanager[2].txt 00168061 Cookie/Apmebf TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@apmebf[1].txt 00168090 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@serving-sys[2].txt 00168093 Cookie/Serving-sys TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@bs.serving-sys[1].txt 00168110 Cookie/Server.iad.Liveperson TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@server.iad.liveperson[1].txt 00207936 Cookie/Adviva TrackingCookie No 0 Yes No C:\Documents and Settings\TARDIS\Cookies\tardis@adviva[1].txt ;=================================================================================================================================================================================== SUSPECTS Sent Location I ;=================================================================================================================================================================================== No C:\Documents and Settings\TARDIS\Local Settings\Temp\RunWizards.exe I ;=================================================================================================================================================================================== VULNERABILITIES Id Severity Description I ;=================================================================================================================================================================================== ;===================================================================================================================================================================================
  16. mr_banana_pants
    Those programmes are removed. New log above. Thanks again
  17. mr_banana_pants
    Logfile of random's system information tool 1.06 (written by random/random) Run by TARDIS at 2009-09-18 11:28:58 Microsoft Windows XP Professional Service Pack 3 System drive C: has 4 GB (19%) free of 20 GB Total RAM: 1014 MB (47% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:29:03, on 18/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\3\3Connect\AutoUpdateSrv.exe C:\Program Files\EDIMAX\Common\RaUI.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\vortex.scr C:\Program Files\Windows Media Player\wmplayer.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\wuauclt.exe C:\Documents and Settings\TARDIS\Desktop\RSIT.exe C:\Program Files\trend micro\TARDIS.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sky.com - Home R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Update Agent.lnk = ? O4 - Global Startup: Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - Sky.com - Home (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1250816177859 O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.9.909.2235 (GoogleDesktopManager-090209-075101) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe -- End of file - 8313 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1003UA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1011Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1011UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-10 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-10 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688] "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-09-09 30192] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-10 149280] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-20 133104] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-09-11 1994480] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE Update Agent.lnk - C:\Program Files\3\3Connect\AutoUpdateSrv.exe Wireless Utility.lnk - C:\Program Files\EDIMAX\Common\RaUI.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-11 548352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{23cb3181-8db3-11de-ae9a-001372909d17}] shell\AutoRun\command - F:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8d8a0c7-8dc3-11de-ae9b-001372909d17}] shell\AutoRun\command - F:\AutoRun.exe
  18. mr_banana_pants
    Sorry guys. I'll remove these programmes and reply shortly
  19. mr_banana_pants
    I hope thats all of some use to you guys I googled "Form1 Malware", still can't find anything to help but a few people do seem to have had similar problems. Worrying thing is, one person seemed to have the same problem but it seemed to be eating away at his hard drive too:confused::(
  20. mr_banana_pants
    And the 2nd scan info.txt logfile of random's system information tool 1.06 2009-09-16 18:43:01 ======Uninstall list====== -->MsiExec.exe /I{0CDCA5CD-C404-41FD-9216-9B4B3D24A7AA} -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL 3Connect-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{A899DA1F-D626-401C-8651-F2921E3B4CB3}\setup.exe" -l0x9 -removeonly /z"Uninstall" Adobe Flash Player 10 Plugin-->C:\WINDOWS\system32\Macromed\Flash\uninstall_plugin.exe Adobe Reader 9.1-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001} Adobe Shockwave Player 11.5-->"C:\WINDOWS\system32\Adobe\Shockwave 11\uninstaller.exe" AoA Audio Extractor 1.0-->"C:\Program Files\AoA Audio Extractor\unins000.exe" Apple Application Support-->MsiExec.exe /I{0C34B801-6AEC-4667-B053-03A67E2D0415} Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE} Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033} a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe" Audacity 1.2.6-->"C:\Program Files\Audacity\unins000.exe" avast! Antivirus-->C:\Program Files\Alwil Software\Avast4\aswRunDll.exe "C:\Program Files\Alwil Software\Avast4\Setup\setiface.dll",RunSetup Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B} Broadcom Gigabit Integrated Controller-->MsiExec.exe /X{B7F54262-AB66-44B3-88BF-9FC69941B643} Codec Pack - All In 1 6.0.3.0-->C:\WINDOWS\iun6002.exe "C:\Program Files\Codec Pack - All In 1\irunin.ini" Dell Resource CD-->MsiExec.exe /X{FCD9CD52-7222-4672-94A0-A722BA702FD0} Download Accelerator Plus (DAP)-->C:\PROGRA~1\DAP\DAPREMOVE.EXE Edimax Wireless LAN-->C:\Program Files\InstallShield Installation Information\{28DA7D8B-F9A4-4F18-8AA0-551B1E084D0D}\setup.exe -runfromtemp -l0x0009 -removeonly Final Draft 7-->MsiExec.exe /I{78D62D17-D970-42DA-B8CF-5E5576293B33} FLAC 1.2.1b (remove only)-->C:\Program Files\FLAC\uninstall.exe Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall Half-Life: Blue Shift-->E:\Sierra\BLUE-S~1\bshift\UNWISE.EXE E:\Sierra\BLUE-S~1\bshift\install.log Half-Life: Counter-Strike-->E:\Sierra\COUNTE~1\UNWISE.EXE E:\Sierra\COUNTE~1\INSTALL.LOG Half-Life: Opposing Force-->E:\Sierra\HALF-L~1\UNWISE.EXE /u E:\Sierra\HALF-L~1\OPFOR.LOG Half-Life-->E:\Sierra\HALF-L~1\UNWISE.EXE E:\Sierra\HALF-L~1\INSTALL.LOG HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall Hotfix for Windows Media Format 11 SDK (KB929399)-->"C:\WINDOWS\$NtUninstallKB929399$\spuninst\spuninst.exe" Hotfix for Windows Media Player 11 (KB939683)-->"C:\WINDOWS\$NtUninstallKB939683$\spuninst\spuninst.exe" Hotfix for Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Hotfix for Windows XP (KB970653-v3)-->"C:\WINDOWS\$NtUninstallKB970653-v3$\spuninst\spuninst.exe" Huawei Modems-->C:\WINDOWS\Huawei ModemsUninstall.exe Intel® Graphics Media Accelerator Driver-->RUNDLL32.EXE C:\WINDOWS\system32\ialmrem.dll,UninstallW2KIGfx2ID PCI\VEN_8086&DEV_2776 PCI\VEN_8086&DEV_2772 iTunes-->MsiExec.exe /I{EC2A8F27-4FBF-4E41-B27B-FE822511B761} Java 6 Update 16-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216016FF} Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Compression Client Pack 1.0 for Windows XP-->"C:\WINDOWS\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe" Microsoft Office XP Professional with FrontPage-->MsiExec.exe /I{90280409-6000-11D3-8CFE-0050048383C9} Microsoft User-Mode Driver Framework Feature Pack 1.0-->"C:\WINDOWS\$NtUninstallWudf01000$\spuninst\spuninst.exe" Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118} Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d} Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Monkey's Audio-->"C:\Program Files\Monkey's Audio\unins000.exe" Mp3tag v2.44-->C:\Program Files\Mp3tag\Mp3tagUninstall.EXE MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} Outpost Firewall 2009-->"C:\Program Files\Agnitum\Outpost Firewall\unins000.exe" PeerGuardian 2.0-->"C:\Program Files\PeerGuardian2\unins000.exe" QuickTime-->MsiExec.exe /I{A429C2AE-EBF1-4F81-A221-1C115CAADDAD} Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Security Update for Windows Internet Explorer 8 (KB972260)-->"C:\WINDOWS\ie8updates\KB972260-IE8\spuninst\spuninst.exe" Security Update for Windows Media Player (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9$\spuninst\spuninst.exe" Security Update for Windows Media Player 11 (KB954154)-->"C:\WINDOWS\$NtUninstallKB954154_WM11$\spuninst\spuninst.exe" Security Update for Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Security Update for Windows XP (KB923789)-->C:\WINDOWS\system32\MacroMed\Flash\genuinst.exe C:\WINDOWS\system32\MacroMed\Flash\KB923789.inf Security Update for Windows XP (KB938464-v2)-->"C:\WINDOWS\$NtUninstallKB938464-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Security Update for Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Security Update for Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Security Update for Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Security Update for Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Security Update for Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Security Update for Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Security Update for Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Security Update for Windows XP (KB954459)-->"C:\WINDOWS\$NtUninstallKB954459$\spuninst\spuninst.exe" Security Update for Windows XP (KB954600)-->"C:\WINDOWS\$NtUninstallKB954600$\spuninst\spuninst.exe" Security Update for Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Security Update for Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Security Update for Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Security Update for Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Security Update for Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Security Update for Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Security Update for Windows XP (KB957097)-->"C:\WINDOWS\$NtUninstallKB957097$\spuninst\spuninst.exe" Security Update for Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Security Update for Windows XP (KB958687)-->"C:\WINDOWS\$NtUninstallKB958687$\spuninst\spuninst.exe" Security Update for Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Security Update for Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Security Update for Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Security Update for Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Security Update for Windows XP (KB961371-v2)-->"C:\WINDOWS\$NtUninstallKB961371-v2$\spuninst\spuninst.exe" Security Update for Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Security Update for Windows XP (KB968537)-->"C:\WINDOWS\$NtUninstallKB968537$\spuninst\spuninst.exe" Security Update for Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Security Update for Windows XP (KB971557)-->"C:\WINDOWS\$NtUninstallKB971557$\spuninst\spuninst.exe" Security Update for Windows XP (KB971633)-->"C:\WINDOWS\$NtUninstallKB971633$\spuninst\spuninst.exe" Security Update for Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Security Update for Windows XP (KB972260)-->"C:\WINDOWS\$NtUninstallKB972260$\spuninst\spuninst.exe" Security Update for Windows XP (KB973346)-->"C:\WINDOWS\$NtUninstallKB973346$\spuninst\spuninst.exe" Security Update for Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Security Update for Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Security Update for Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Sky Broadband Browser Branding-->MsiExec.exe /I{5BBD0D3F-E4B2-4EE4-806A-07A95D4E2683} Sky Broadband-->MsiExec.exe /I{14C35072-D7D0-4B29-B5BF-C94E426D77E9} SoulSeek 157 NS 13e-->"C:\Program Files\SoulseekNS\uninstall.exe" SoundMAX-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\SETUP.exe" -l0x9 -removeonly Spotify-->"C:\Program Files\Spotify\uninstall.exe" SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA} tunnel Screen Saver-->C:\WINDOWS\system32\tunnel.scr /u Unlocker 1.8.7-->C:\Program Files\Unlocker\uninst.exe Update for Windows Internet Explorer 8 (KB972636)-->"C:\WINDOWS\ie8updates\KB972636-IE8\spuninst\spuninst.exe" Update for Windows XP (KB898461)-->"C:\WINDOWS\$NtUninstallKB898461$\spuninst\spuninst.exe" Update for Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Update for Windows XP (KB955839)-->"C:\WINDOWS\$NtUninstallKB955839$\spuninst\spuninst.exe" Update for Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Update for Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Update for Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Update for Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" VLC media player 1.0.1-->C:\Program Files\VideoLAN\VLC\uninstall.exe Windows Internet Explorer 8-->"C:\WINDOWS\ie8\spuninst\spuninst.exe" Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE} Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52} Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe Windows Live Essentials-->MsiExec.exe /I{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71} Windows Live Messenger-->MsiExec.exe /X{A85FD55B-891B-4314-97A5-EA96C0BD80B5} Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5} Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} Windows Media Format 11 runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows Media Format 11 runtime-->"C:\WINDOWS\$NtUninstallWMFDist11$\spuninst\spuninst.exe" Windows Media Player 11-->"C:\Program Files\Windows Media Player\Setup_wm.exe" /Uninstall Windows Media Player 11-->"C:\WINDOWS\$NtUninstallwmp11$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe XP Codec Pack-->C:\Program Files\XP Codec Pack\Uninstall.exe ======Security center information====== AV: avast! antivirus 4.8.1351 [VPS 090916-0] FW: Outpost Firewall ======System event log====== Computer Name: SARAH-69AAB5CF6 Event Code: 3019 Message: The redirector failed to determine the connection type. Record Number: 103 Source Name: MRxSmb Time Written: 20090820144134.000000+060 Event Type: warning User: Computer Name: SARAH-69AAB5CF6 Event Code: 3019 Message: The redirector failed to determine the connection type. Record Number: 102 Source Name: MRxSmb Time Written: 20090820144133.000000+060 Event Type: warning User: Computer Name: SARAH-69AAB5CF6 Event Code: 3019 Message: The redirector failed to determine the connection type. Record Number: 101 Source Name: MRxSmb Time Written: 20090820144131.000000+060 Event Type: warning User: Computer Name: SARAH-69AAB5CF6 Event Code: 3019 Message: The redirector failed to determine the connection type. Record Number: 100 Source Name: MRxSmb Time Written: 20090820144129.000000+060 Event Type: warning User: Computer Name: SARAH-69AAB5CF6 Event Code: 3019 Message: The redirector failed to determine the connection type. Record Number: 99 Source Name: MRxSmb Time Written: 20090820144127.000000+060 Event Type: warning User: =====Application event log===== Computer Name: TARDIS Event Code: 1004 Message: Detection of product '{90280409-6000-11D3-8CFE-0050048383C9}', feature 'OfficeUserData', component '{4A31E933-6F67-11D2-AAA2-00A0C90F57B0}' failed. The resource 'HKEY_CURRENT_USER\Software\ODBC\ODBC.INI\MS Access Database\' does not exist. Record Number: 137 Source Name: MsiInstaller Time Written: 20090821015707.000000+060 Event Type: warning User: TARDIS\TARDIS Computer Name: TARDIS Event Code: 5000 Message: Record Number: 136 Source Name: MPSampleSubmission Time Written: 20090821010727.000000+060 Event Type: error User: Computer Name: COMPUTER Event Code: 5000 Message: Record Number: 133 Source Name: MPSampleSubmission Time Written: 20090820233232.000000+060 Event Type: error User: Computer Name: COMPUTER Event Code: 1002 Message: Hanging application iexplore.exe, version 8.0.6001.18702, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Record Number: 125 Source Name: Application Hang Time Written: 20090820223527.000000+060 Event Type: error User: Computer Name: SARAH-69AAB5CF6 Event Code: 1000 Message: Faulting application iexplore.exe, version 8.0.6001.18702, faulting module mshtml.dll, version 8.0.6001.18812, fault address 0x001b9e98. Record Number: 85 Source Name: Application Error Time Written: 20090820192951.000000+060 Event Type: error User: ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\Program Files\QuickTime\QTSystem\ "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 4 Stepping 9, GenuineIntel "PROCESSOR_REVISION"=0409 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip "QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip -----------------EOF-----------------
  21. mr_banana_pants
    2009-08-20 13:57:02 ----D---- C:\Program Files\Common Files\Services 2009-08-20 13:57:02 ----A---- C:\WINDOWS\system32\acctres.dll 2009-08-20 13:57:00 ----SD---- C:\WINDOWS\Tasks 2009-08-20 13:57:00 ----A---- C:\WINDOWS\system32\icfgnt5.dll 2009-08-20 13:56:59 ----D---- C:\Program Files\Common Files\MSSoap 2009-08-20 13:56:56 ----D---- C:\WINDOWS\srchasst 2009-08-20 13:56:55 ----D---- C:\WINDOWS\system32\Macromed 2009-08-20 13:56:53 ----A---- C:\WINDOWS\system32\wuweb.dll 2009-08-20 13:56:53 ----A---- C:\WINDOWS\system32\wucltui.dll 2009-08-20 13:56:53 ----A---- C:\WINDOWS\system32\wuauserv.dll 2009-08-20 13:56:53 ----A---- C:\WINDOWS\system32\wuaueng1.dll 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\wups.dll 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\wuaueng.dll 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\wuauclt1.exe 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\wuauclt.exe 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\wuapi.dll 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\qmgrprxy.dll 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\qmgr.dll 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\bitsprx3.dll 2009-08-20 13:56:52 ----A---- C:\WINDOWS\system32\bitsprx2.dll 2009-08-20 13:56:48 ----D---- C:\Program Files\Movie Maker 2009-08-20 13:56:45 ----A---- C:\WINDOWS\system32\safrslv.dll 2009-08-20 13:56:45 ----A---- C:\WINDOWS\system32\safrdm.dll 2009-08-20 13:56:45 ----A---- C:\WINDOWS\system32\safrcdlg.dll 2009-08-20 13:56:45 ----A---- C:\WINDOWS\system32\racpldlg.dll 2009-08-20 13:56:42 ----D---- C:\WINDOWS\system32\Restore 2009-08-20 13:56:42 ----A---- C:\WINDOWS\system32\fltmc.exe 2009-08-20 13:56:42 ----A---- C:\WINDOWS\system32\fltlib.dll 2009-08-20 13:56:41 ----A---- C:\WINDOWS\system32\srsvc.dll 2009-08-20 13:56:41 ----A---- C:\WINDOWS\system32\srrstr.dll 2009-08-20 13:56:41 ----A---- C:\WINDOWS\system32\srclient.dll 2009-08-20 13:56:41 ----A---- C:\WINDOWS\system32\nmmkcert.dll 2009-08-20 13:56:41 ----A---- C:\WINDOWS\system32\mnmdd.dll 2009-08-20 13:56:41 ----A---- C:\WINDOWS\system32\isrdbg32.dll 2009-08-20 13:56:41 ----A---- C:\WINDOWS\system32\ils.dll 2009-08-20 13:56:40 ----A---- C:\WINDOWS\system32\msconf.dll 2009-08-20 13:56:40 ----A---- C:\WINDOWS\system32\mnmsrvc.exe 2009-08-20 13:56:38 ----D---- C:\Program Files\NetMeeting 2009-08-20 13:56:38 ----A---- C:\WINDOWS\system32\msoert2.dll 2009-08-20 13:56:38 ----A---- C:\WINDOWS\system32\msoeacct.dll 2009-08-20 13:56:37 ----A---- C:\WINDOWS\system32\inetres.dll 2009-08-20 13:56:37 ----A---- C:\WINDOWS\system32\inetcomm.dll 2009-08-20 13:56:36 ----D---- C:\Program Files\Outlook Express 2009-08-20 13:56:35 ----A---- C:\WINDOWS\system32\schedsvc.dll 2009-08-20 13:56:35 ----A---- C:\WINDOWS\system32\mstinit.exe 2009-08-20 13:56:35 ----A---- C:\WINDOWS\system32\mstask.dll 2009-08-20 13:56:35 ----A---- C:\WINDOWS\system32\isign32.dll 2009-08-20 13:56:35 ----A---- C:\WINDOWS\system32\inetcfg.dll 2009-08-20 13:56:35 ----A---- C:\WINDOWS\system32\icwphbk.dll 2009-08-20 13:56:35 ----A---- C:\WINDOWS\system32\icwdial.dll 2009-08-20 13:56:30 ----D---- C:\Program Files\Internet Explorer 2009-08-20 13:56:30 ----D---- C:\Program Files\Common Files\System 2009-08-20 13:55:54 ----D---- C:\Program Files\ComPlus Applications 2009-08-20 13:55:52 ----A---- C:\WINDOWS\vbaddin.ini 2009-08-20 13:55:52 ----A---- C:\WINDOWS\vb.ini 2009-08-20 13:55:48 ----D---- C:\WINDOWS\Registration 2009-08-20 13:55:41 ----D---- C:\Program Files\Windows Media Player 2009-08-20 13:55:41 ----D---- C:\Program Files\Online Services 2009-08-20 13:55:34 ----D---- C:\Program Files\Messenger 2009-08-20 13:55:31 ----D---- C:\Program Files\MSN Gaming Zone 2009-08-20 13:55:31 ----A---- C:\WINDOWS\system32\write.exe 2009-08-20 13:55:24 ----A---- C:\WINDOWS\system32\sndvol32.exe 2009-08-20 13:55:24 ----A---- C:\WINDOWS\system32\hticons.dll 2009-08-20 13:55:23 ----A---- C:\WINDOWS\system32\winchat.exe 2009-08-20 13:55:23 ----A---- C:\WINDOWS\system32\avwav.dll 2009-08-20 13:55:23 ----A---- C:\WINDOWS\system32\avtapi.dll 2009-08-20 13:55:23 ----A---- C:\WINDOWS\system32\avmeter.dll 2009-08-20 13:55:18 ----A---- C:\WINDOWS\system32\getuname.dll 2009-08-20 13:55:18 ----A---- C:\WINDOWS\system32\charmap.exe 2009-08-20 13:55:18 ----A---- C:\WINDOWS\system32\calc.exe 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\winmine.exe 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\usrlogon.cmd 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\tsshutdn.exe 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\tskill.exe 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\sol.exe 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\reset.exe 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\mshearts.exe 2009-08-20 13:55:17 ----A---- C:\WINDOWS\system32\freecell.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\tslabels.ini 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\tsdiscon.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\tscon.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\shadow.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\rwinsta.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\regini.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\rdpcfgex.dll 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\qwinsta.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\qappsrv.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\msg.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\msdtcprf.ini 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\logoff.exe 2009-08-20 13:55:16 ----A---- C:\WINDOWS\system32\cdmodem.dll 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\stclient.dll 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\mtxlegih.dll 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\mtxex.dll 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\mtxdm.dll 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\dcomcnfg.exe 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\comsnap.dll 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\comrepl.dll 2009-08-20 13:55:15 ----A---- C:\WINDOWS\system32\comaddin.dll 2009-08-20 13:55:11 ----A---- C:\WINDOWS\system32\wmimgmt.msc 2009-08-20 13:55:01 ----D---- C:\Program Files\MSN 2009-08-20 13:55:00 ----A---- C:\WINDOWS\system32\sndrec32.exe 2009-08-20 13:55:00 ----A---- C:\WINDOWS\system32\accwiz.exe 2009-08-20 13:54:59 ----D---- C:\Program Files\Windows NT 2009-08-20 13:54:59 ----A---- C:\WINDOWS\system32\mspaint.exe 2009-08-20 13:54:59 ----A---- C:\WINDOWS\system32\mplay32.exe 2009-08-20 13:54:59 ----A---- C:\WINDOWS\system32\hypertrm.dll 2009-08-20 13:54:59 ----A---- C:\WINDOWS\system32\clipbrd.exe 2009-08-20 13:54:58 ----A---- C:\WINDOWS\system32\tscfgwmi.dll 2009-08-20 13:54:58 ----A---- C:\WINDOWS\system32\spider.exe 2009-08-20 13:54:58 ----A---- C:\WINDOWS\system32\mstscax.dll 2009-08-20 13:54:58 ----A---- C:\WINDOWS\system32\mstsc.exe 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\tscupgrd.exe 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\termsrv.dll 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\sessmgr.exe 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\remotepg.dll 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\rdshost.exe 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\rdsaddin.exe 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\rdpwsx.dll 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\rdpsnd.dll 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\rdpclip.exe 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\rdchost.dll 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\qprocess.exe 2009-08-20 13:54:57 ----A---- C:\WINDOWS\system32\icaapi.dll 2009-08-20 13:54:56 ----D---- C:\WINDOWS\system32\MsDtc 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\xolehlp.dll 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\mtxoci.dll 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\msdtcuiu.dll 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\msdtctm.dll 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\msdtcprx.dll 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\msdtclog.dll 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\msdtc.exe 2009-08-20 13:54:56 ----A---- C:\WINDOWS\system32\cfgbkend.dll 2009-08-20 13:54:55 ----D---- C:\WINDOWS\system32\Com 2009-08-20 13:54:55 ----A---- C:\WINDOWS\system32\colbact.dll 2009-08-20 13:54:55 ----A---- C:\WINDOWS\system32\clbcatex.dll 2009-08-20 13:54:55 ----A---- C:\WINDOWS\system32\catsrvut.dll 2009-08-20 13:54:55 ----A---- C:\WINDOWS\system32\catsrvps.dll 2009-08-20 13:54:55 ----A---- C:\WINDOWS\system32\catsrv.dll 2009-08-20 13:54:54 ----A---- C:\WINDOWS\system32\comuid.dll 2009-08-20 13:54:54 ----A---- C:\WINDOWS\system32\comsvcs.dll 2009-08-20 13:54:54 ----A---- C:\WINDOWS\system32\clbcatq.dll 2009-08-20 13:54:49 ----A---- C:\WINDOWS\system32\servdeps.dll 2009-08-20 13:54:49 ----A---- C:\WINDOWS\system32\mmfutil.dll 2009-08-20 13:54:49 ----A---- C:\WINDOWS\system32\licwmi.dll 2009-08-20 13:54:49 ----A---- C:\WINDOWS\system32\cmprops.dll ======List of files/folders modified in the last 1 months====== 2009-08-20 15:29:16 ----A---- C:\WINDOWS\win.ini 2009-08-20 14:53:17 ----A---- C:\WINDOWS\system.ini ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 Aavmker4;avast! Asynchronous Virus Monitor; C:\WINDOWS\system32\drivers\Aavmker4.sys [2009-08-17 26944] R1 aswSP;avast! Self Protection; C:\WINDOWS\system32\drivers\aswSP.sys [2009-08-17 114768] R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2009-08-17 51376] R1 intelppm;Intel Processor Driver; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 36352] R1 kbdhid;Keyboard HID Driver; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592] R1 SandBox;SandBox; \??\C:\WINDOWS\system32\drivers\SandBox.sys [] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [] R2 AegisP;AEGIS Protocol (IEEE 802.1x) v3.7.5.0; C:\WINDOWS\system32\DRIVERS\AegisP.sys [2009-09-10 21361] R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-08-17 20560] R2 aswMon2;avast! Standard Shield Support; C:\WINDOWS\system32\drivers\aswMon2.sys [2009-08-17 94160] R2 mdvrmng;Mobile IP Route Manager; \??\C:\WINDOWS\system32\drivers\mdvrmng.sys [] R3 afw;Agnitum firewall driver; C:\WINDOWS\system32\DRIVERS\afw.sys [2009-02-18 31128] R3 afwcore;afwcore; C:\WINDOWS\system32\drivers\afwcore.sys [2009-02-10 257432] R3 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr.sys [2009-08-17 23152] R3 b57w2k;Broadcom NetXtreme 57xx Gigabit Controller; C:\WINDOWS\system32\DRIVERS\b57xp32.sys [2005-03-17 132608] R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600] R3 hidusb;Microsoft HID Class Driver; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368] R3 ialm;ialm; C:\WINDOWS\system32\DRIVERS\ialmnt5.sys [2005-10-14 1302812] R3 mouhid;Mouse HID Driver; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2004-08-04 12160] R3 pgfilter;pgfilter; \??\C:\Program Files\PeerGuardian2\pgfilter.sys [] R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver; C:\WINDOWS\system32\DRIVERS\rt2870.sys [2008-07-30 619136] R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [] R3 senfilt;senfilt; C:\WINDOWS\system32\drivers\senfilt.sys [2004-09-17 732928] R3 smwdm;smwdm; C:\WINDOWS\system32\drivers\smwdm.sys [2005-01-27 260352] R3 usbehci;Microsoft USB 2.0 Enhanced Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-14 30208] R3 usbhub;USB2 Enabled Hub; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-14 59520] R3 USBSTOR;USB Mass Storage Driver; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368] R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-14 20608] S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\WINDOWS\system32\DRIVERS\ewusbmdm.sys [2007-08-08 101120] S3 usbccgp;Microsoft USB Generic Parent Driver; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-14 32128] S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568] S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944] S4 IntelIde;IntelIde; C:\WINDOWS\system32\drivers\IntelIde.sys [] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-09-10 980512] R2 acssrv;Agnitum Client Security Service; C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe [2009-04-28 1195008] R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672] R2 aswUpdSv;avast! iAVS4 Control Service; C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-08-17 18752] R2 avast! Antivirus;avast! Antivirus; C:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-08-17 138680] R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2009-09-10 153376] R2 RalinkRegistryWriter;Ralink Registry Writer; C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe [2008-07-09 69632] R3 avast! Mail Scanner;avast! Mail Scanner; C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-08-17 254040] R3 avast! Web Scanner;avast! Web Scanner; C:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-08-17 352920] R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-09-08 545568] S3 GoogleDesktopManager-090209-075101;Google Desktop Manager 5.9.909.2235; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-09-09 30192] S3 WMPNetworkSvc;Windows Media Player Network Sharing Service; C:\Program Files\Windows Media Player\WMPNetwk.exe [2006-10-18 913408] S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336] -----------------EOF-----------------
  22. mr_banana_pants
    2009-08-20 15:12:04 ----HDC---- C:\WINDOWS\ie8 2009-08-20 15:11:26 ----A---- C:\WINDOWS\system32\MRT.exe 2009-08-20 15:09:25 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2009-08-20 15:09:20 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2009-08-20 15:09:14 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2009-08-20 15:09:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2009-08-20 15:08:57 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2009-08-20 15:08:49 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2009-08-20 15:08:45 ----HDC---- C:\WINDOWS\$NtUninstallKB938464-v2$ 2009-08-20 15:08:40 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2009-08-20 15:08:35 ----HDC---- C:\WINDOWS\$NtUninstallKB958687$ 2009-08-20 15:08:30 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2009-08-20 15:08:25 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2009-08-20 15:08:20 ----HDC---- C:\WINDOWS\$NtUninstallKB955839$ 2009-08-20 15:08:15 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2009-08-20 15:08:11 ----HDC---- C:\WINDOWS\$NtUninstallKB954600$ 2009-08-20 15:08:06 ----HDC---- C:\WINDOWS\$NtUninstallKB957097$ 2009-08-20 15:08:01 ----HDC---- C:\WINDOWS\$NtUninstallKB954459$ 2009-08-20 15:07:55 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2009-08-20 15:07:51 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2009-08-20 15:07:46 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2009-08-20 15:07:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2009-08-20 15:07:37 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2009-08-20 15:07:32 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2009-08-20 15:07:27 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2009-08-20 15:07:21 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2009-08-20 15:07:15 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2009-08-20 15:07:11 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2009-08-20 15:07:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2009-08-20 15:01:30 ----N---- C:\WINDOWS\system32\xpsp4res.dll 2009-08-20 14:58:54 ----D---- C:\Documents and Settings\All Users\Application Data\Windows Genuine Advantage 2009-08-20 14:58:45 ----D---- C:\WINDOWS\system32\PreInstall 2009-08-20 14:58:43 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2009-08-20 14:56:48 ----D---- C:\WINDOWS\Prefetch 2009-08-20 14:53:47 ----A---- C:\WINDOWS\system32\h323log.txt 2009-08-20 14:52:15 ----N---- C:\WINDOWS\system32\msxml6r.dll 2009-08-20 14:52:15 ----A---- C:\WINDOWS\system32\msxml6.dll 2009-08-20 14:52:04 ----N---- C:\WINDOWS\system32\smtpapi.dll 2009-08-20 14:52:04 ----N---- C:\WINDOWS\system32\rwnh.dll 2009-08-20 14:52:04 ----N---- C:\WINDOWS\system32\comsdupd.exe 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dot3svc.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dot3msm.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dot3api.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dimsroam.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\credssp.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\azroles.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\ati3duag.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\ati2dvag.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2009-08-20 14:52:02 ----N---- C:\WINDOWS\system32\aaclient.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eapsvc.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eapqec.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eappprxy.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eapphost.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eappgnui.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eappcfg.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\eapolqec.dll 2009-08-20 14:52:01 ----N---- C:\WINDOWS\system32\dot3ui.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\onex.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\nv4_disp.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\napstat.exe 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\napmontr.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\napipsec.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\mssha.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\mmcperf.exe 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\mmcex.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\kmsvc.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\kbdpash.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2009-08-20 14:52:00 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\verclsid.exe 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\tzchange.exe 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\tspkg.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\tsgqec.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\slserv.exe 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\slrundll.exe 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\slgen.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\slextspk.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\slcoinst.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\setupn.exe 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\s3gnb.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\rasqec.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\qutil.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\qcliprov.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\qagentrt.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\qagent.dll 2009-08-20 14:51:59 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2009-08-20 14:51:58 ----N---- C:\WINDOWS\system32\wmphoto.dll 2009-08-20 14:51:58 ----N---- C:\WINDOWS\system32\wlanapi.dll 2009-08-20 14:51:58 ----N---- C:\WINDOWS\slrundll.exe 2009-08-20 14:51:58 ----A---- C:\WINDOWS\system32\xmllite.dll 2009-08-20 14:51:57 ----D---- C:\WINDOWS\system32\scripting 2009-08-20 14:51:57 ----D---- C:\WINDOWS\system32\en-us 2009-08-20 14:51:57 ----D---- C:\WINDOWS\l2schemas 2009-08-20 14:51:56 ----D---- C:\WINDOWS\system32\en 2009-08-20 14:51:56 ----D---- C:\WINDOWS\system32\bits 2009-08-20 14:50:24 ----D---- C:\WINDOWS\ServicePackFiles 2009-08-20 14:48:43 ----D---- C:\WINDOWS\network diagnostic 2009-08-20 14:47:30 ----A---- C:\WINDOWS\002882_.tmp 2009-08-20 14:47:08 ----A---- C:\WINDOWS\system32\spupdsvc.exe 2009-08-20 14:45:04 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2009-08-20 14:41:53 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2009-08-20 14:41:05 ----D---- C:\Program Files\Broadcom 2009-08-20 14:39:01 ----A---- C:\WINDOWS\system32\ksuser.dll 2009-08-20 14:38:56 ----HD---- C:\Program Files\InstallShield Installation Information 2009-08-20 14:38:56 ----D---- C:\WINDOWS\VirtualEar 2009-08-20 14:38:56 ----D---- C:\Program Files\Analog Devices 2009-08-20 14:38:56 ----A---- C:\WINDOWS\system32\virtear.dll 2009-08-20 14:38:56 ----A---- C:\WINDOWS\system32\DSndUp.exe 2009-08-20 14:38:56 ----A---- C:\WINDOWS\system32\CleanUp.exe 2009-08-20 14:38:56 ----A---- C:\WINDOWS\system32\Audio3d.dll 2009-08-20 14:38:45 ----A---- C:\WINDOWS\system32\PostProc.dll 2009-08-20 14:38:45 ----A---- C:\WINDOWS\system32\Edcrypt.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxzoom.exe 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxtray.exe 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxsrvc.exe 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxsrvc.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxress.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxpph.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxpers.exe 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxext.exe 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxexps.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxdo.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxdev.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\igfxcfg.exe 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\ialmrnt5.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\ialmrem.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\ialmgicd.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\ialmgdev.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\ialmdnt5.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\ialmdev5.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\ialmdd5.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\iAlmCoIn_v4299.dll 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\hkcmd.exe 2009-08-20 14:37:00 ----A---- C:\WINDOWS\system32\hccutils.dll 2009-08-20 14:32:09 ----D---- C:\WINDOWS\system32\ReinstallBackups 2009-08-20 14:32:07 ----D---- C:\Program Files\Intel 2009-08-20 14:31:43 ----D---- C:\WINDOWS\system32\vmm32 2009-08-20 14:31:43 ----D---- C:\Program Files\Dell 2009-08-20 14:31:32 ----D---- C:\Program Files\Common Files\InstallShield 2009-08-20 14:20:32 ----A---- C:\WINDOWS\system32\usbui.dll 2009-08-20 14:19:21 ----A---- C:\WINDOWS\imsins.BAK 2009-08-20 14:19:19 ----SHD---- C:\WINDOWS\Installer 2009-08-20 14:19:19 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2009-08-20 14:19:18 ----D---- C:\Program Files\Common Files\ODBC 2009-08-20 14:19:18 ----A---- C:\WINDOWS\ODBCINST.INI 2009-08-20 14:19:15 ----D---- C:\Program Files\Common Files\SpeechEngines 2009-08-20 14:19:15 ----D---- C:\Program Files\Common Files\Microsoft Shared 2009-08-20 14:19:14 ----RD---- C:\Program Files 2009-08-20 14:19:14 ----D---- C:\Program Files\Common Files 2009-08-20 14:19:12 ----RA---- C:\WINDOWS\system32\kbdtuq.dll 2009-08-20 14:19:12 ----RA---- C:\WINDOWS\system32\kbdtuf.dll 2009-08-20 14:19:12 ----RA---- C:\WINDOWS\system32\kbdazel.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdycc.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbduzb.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdur.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdtat.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdru1.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdru.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdmon.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdkyr.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdkaz.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdbu.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdblr.dll 2009-08-20 14:19:11 ----RA---- C:\WINDOWS\system32\kbdaze.dll 2009-08-20 14:19:09 ----RA---- C:\WINDOWS\system32\kbdhept.dll 2009-08-20 14:19:09 ----RA---- C:\WINDOWS\system32\kbdhela3.dll 2009-08-20 14:19:09 ----RA---- C:\WINDOWS\system32\kbdhela2.dll 2009-08-20 14:19:09 ----RA---- C:\WINDOWS\system32\kbdhe319.dll 2009-08-20 14:19:09 ----RA---- C:\WINDOWS\system32\kbdhe220.dll 2009-08-20 14:19:09 ----RA---- C:\WINDOWS\system32\kbdhe.dll 2009-08-20 14:19:09 ----RA---- C:\WINDOWS\system32\kbdgkl.dll 2009-08-20 14:19:08 ----RA---- C:\WINDOWS\system32\kbdlv1.dll 2009-08-20 14:19:08 ----RA---- C:\WINDOWS\system32\kbdlv.dll 2009-08-20 14:19:08 ----RA---- C:\WINDOWS\system32\kbdlt1.dll 2009-08-20 14:19:08 ----RA---- C:\WINDOWS\system32\kbdlt.dll 2009-08-20 14:19:08 ----RA---- C:\WINDOWS\system32\kbdest.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdycl.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdsl1.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdsl.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdro.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdpl1.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdpl.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdhu1.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdhu.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdcz2.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdcz1.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdcz.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\kbdcr.dll 2009-08-20 14:19:07 ----RA---- C:\WINDOWS\system32\KBDAL.DLL 2009-08-20 14:19:05 ----A---- C:\WINDOWS\system32\irclass.dll 2009-08-20 14:19:04 ----A---- C:\WINDOWS\system32\spxcoins.dll 2009-08-20 14:19:04 ----A---- C:\WINDOWS\system32\EqnClass.Dll 2009-08-20 14:19:04 ----A---- C:\WINDOWS\system32\dgsetup.dll 2009-08-20 14:19:04 ----A---- C:\WINDOWS\system32\dgrpsetu.dll 2009-08-20 14:19:03 ----A---- C:\WINDOWS\TASKMAN.EXE 2009-08-20 14:19:02 ----N---- C:\WINDOWS\system32\CONFIG.TMP 2009-08-20 14:19:02 ----A---- C:\WINDOWS\system32\batt.dll 2009-08-20 14:19:02 ----A---- C:\WINDOWS\notepad.exe 2009-08-20 14:19:01 ----A---- C:\WINDOWS\system32\storprop.dll 2009-08-20 14:18:52 ----RA---- C:\WINDOWS\SET2A.tmp 2009-08-20 14:18:52 ----RA---- C:\WINDOWS\SET29.tmp 2009-08-20 14:18:52 ----ASH---- C:\Documents and Settings\All Users\Application Data\desktop.ini 2009-08-20 14:18:49 ----RA---- C:\WINDOWS\SET8.tmp 2009-08-20 14:18:47 ----RA---- C:\WINDOWS\SET4.tmp 2009-08-20 14:18:46 ----RA---- C:\WINDOWS\SET3.tmp 2009-08-20 14:18:40 ----D---- C:\WINDOWS\system32\CatRoot2 2009-08-20 14:18:40 ----D---- C:\WINDOWS\system32\CatRoot 2009-08-20 14:18:35 ----SD---- C:\Documents and Settings\All Users\Application Data\Microsoft 2009-08-20 14:18:17 ----A---- C:\WINDOWS\setuplog.txt 2009-08-20 14:18:14 ----D---- C:\Documents and Settings 2009-08-20 14:18:13 ----SHD---- C:\System Volume Information 2009-08-20 14:17:14 ----SH---- C:\boot.ini 2009-08-20 14:10:46 ----RSHDC---- C:\WINDOWS\system32\dllcache 2009-08-20 14:10:46 ----RSD---- C:\WINDOWS\Fonts 2009-08-20 14:10:46 ----RD---- C:\WINDOWS\Web 2009-08-20 14:10:46 ----HD---- C:\WINDOWS\inf 2009-08-20 14:10:46 ----D---- C:\WINDOWS\WinSxS 2009-08-20 14:10:46 ----D---- C:\WINDOWS\twain_32 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Temp 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\wins 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\wbem 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\usmt 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\spool 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\ShellExt 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\Setup 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\ras 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\oobe 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\npp 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\mui 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\inetsrv 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\IME 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\icsxml 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\ias 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\export 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\drivers 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\dhcp 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\config 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\3com_dmi 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\3076 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\2052 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1054 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1042 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1041 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1037 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1033 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1031 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1028 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32\1025 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system32 2009-08-20 14:10:46 ----D---- C:\WINDOWS\system 2009-08-20 14:10:46 ----D---- C:\WINDOWS\security 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Resources 2009-08-20 14:10:46 ----D---- C:\WINDOWS\repair 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Provisioning 2009-08-20 14:10:46 ----D---- C:\WINDOWS\PeerNet 2009-08-20 14:10:46 ----D---- C:\WINDOWS\pchealth 2009-08-20 14:10:46 ----D---- C:\WINDOWS\mui 2009-08-20 14:10:46 ----D---- C:\WINDOWS\msapps 2009-08-20 14:10:46 ----D---- C:\WINDOWS\msagent 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Media 2009-08-20 14:10:46 ----D---- C:\WINDOWS\java 2009-08-20 14:10:46 ----D---- C:\WINDOWS\ime 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Help 2009-08-20 14:10:46 ----D---- C:\WINDOWS\ehome 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Driver Cache 2009-08-20 14:10:46 ----D---- C:\WINDOWS\dell 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Debug 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Cursors 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Connection Wizard 2009-08-20 14:10:46 ----D---- C:\WINDOWS\Config 2009-08-20 14:10:46 ----D---- C:\WINDOWS\AppPatch 2009-08-20 14:10:46 ----D---- C:\WINDOWS\addins 2009-08-20 14:10:46 ----D---- C:\WINDOWS 2009-08-20 14:08:33 ----HD---- C:\Program Files\Uninstall Information 2009-08-20 14:07:40 ----D---- C:\WINDOWS\SoftwareDistribution 2009-08-20 14:07:39 ----SD---- C:\WINDOWS\system32\Microsoft 2009-08-20 14:07:39 ----A---- C:\WINDOWS\SchedLgU.Txt 2009-08-20 13:59:42 ----D---- C:\WINDOWS\system32\xircom 2009-08-20 13:59:42 ----D---- C:\Program Files\xerox 2009-08-20 13:59:42 ----D---- C:\Program Files\microsoft frontpage 2009-08-20 13:59:31 ----D---- C:\DELL 2009-08-20 13:59:22 ----HD---- C:\WINDOWS\$hf_mig$ 2009-08-20 13:59:20 ----N---- C:\WINDOWS\system32\xpsp3res.dll 2009-08-20 13:59:07 ----A---- C:\WINDOWS\control.ini 2009-08-20 13:59:07 ----A---- C:\AUTOEXEC.BAT 2009-08-20 13:58:51 ----A---- C:\WINDOWS\OEWABLog.txt 2009-08-20 13:58:48 ----A---- C:\WINDOWS\system32\mapi32.dll 2009-08-20 13:57:55 ----SD---- C:\WINDOWS\Downloaded Program Files 2009-08-20 13:57:55 ----RD---- C:\WINDOWS\Offline Web Pages 2009-08-20 13:57:55 ----RAH---- C:\WINDOWS\system32\logonui.exe.manifest 2009-08-20 13:57:49 ----RAH---- C:\WINDOWS\system32\cdplayer.exe.manifest 2009-08-20 13:57:45 ----HD---- C:\Program Files\WindowsUpdate 2009-08-20 13:57:27 ----D---- C:\WINDOWS\system32\DirectX 2009-08-20 13:57:11 ----A---- C:\WINDOWS\system32\atrace.dll 2009-08-20 13:57:09 ----A---- C:\WINDOWS\system32\desktop.ini 2009-08-20 13:57:09 ----A---- C:\WINDOWS\desktop.ini 2009-08-20 13:57:03 ----A---- C:\WINDOWS\system32\nmevtmsg.dll
  23. mr_banana_pants
    ======List of files/folders created in the last 1 months====== 2009-09-16 18:41:49 ----D---- C:\Program Files\trend micro 2009-09-16 18:41:48 ----D---- C:\rsit 2009-09-15 18:28:17 ----D---- C:\Program Files\iPod 2009-09-15 18:28:13 ----D---- C:\Program Files\iTunes 2009-09-15 18:28:13 ----D---- C:\Documents and Settings\All Users\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} 2009-09-15 18:26:23 ----D---- C:\Program Files\Bonjour 2009-09-15 18:25:23 ----D---- C:\Program Files\QuickTime 2009-09-15 18:24:38 ----SHD---- C:\Config.Msi 2009-09-10 20:10:54 ----D---- C:\Program Files\a-squared Free 2009-09-10 20:09:54 ----D---- C:\WINDOWS\Sun 2009-09-10 20:02:11 ----A---- C:\WINDOWS\ntbtlog.txt 2009-09-10 19:12:27 ----A---- C:\WINDOWS\system32\javaws.exe 2009-09-10 19:12:27 ----A---- C:\WINDOWS\system32\javaw.exe 2009-09-10 19:12:27 ----A---- C:\WINDOWS\system32\java.exe 2009-09-10 19:12:27 ----A---- C:\WINDOWS\system32\deploytk.dll 2009-09-10 19:12:08 ----D---- C:\Program Files\Java 2009-09-10 19:10:40 ----D---- C:\Documents and Settings\TARDIS\Application Data\Sun 2009-09-10 18:33:43 ----AD---- C:\Documents and Settings\All Users\Application Data\TEMP 2009-09-10 18:33:34 ----D---- C:\Documents and Settings\All Users\Application Data\SpeedBit 2009-09-10 18:33:26 ----D---- C:\Program Files\DAP 2009-09-10 13:42:14 ----D---- C:\Program Files\Sky Broadband 2009-09-10 13:37:51 ----A---- C:\WINDOWS\system32\RaCoInst.dll 2009-09-10 13:37:41 ----D---- C:\Program Files\EDIMAX 2009-09-10 13:37:28 ----D---- C:\Documents and Settings\TARDIS\Application Data\InstallShield 2009-09-09 17:41:17 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2009-09-09 17:41:11 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2009-09-09 17:07:06 ----D---- C:\Program Files\Google 2009-08-27 14:59:28 ----D---- C:\Documents and Settings\TARDIS\Application Data\Mp3tag 2009-08-27 14:51:14 ----D---- C:\Documents and Settings\TARDIS\Application Data\Apple Computer 2009-08-27 11:31:43 ----D---- C:\Documents and Settings\All Users\Application Data\Soulseek 2009-08-27 11:01:21 ----A---- C:\WINDOWS\VORTEX.TXT 2009-08-27 10:51:03 ----A---- C:\WINDOWS\system32\stkit432.dll 2009-08-27 10:51:03 ----A---- C:\WINDOWS\ST4UNST.EXE 2009-08-27 10:33:38 ----D---- C:\WINDOWS\system32\tunnel dir 2009-08-27 10:10:05 ----D---- C:\WINDOWS\system32\Adobe 2009-08-27 09:00:15 ----D---- C:\Documents and Settings\TARDIS\Application Data\WinRAR 2009-08-26 22:34:11 ----D---- C:\Documents and Settings\TARDIS\Application Data\Spotify 2009-08-26 22:30:53 ----D---- C:\Program Files\Spotify 2009-08-26 22:24:59 ----D---- C:\Program Files\SoulseekNS 2009-08-26 20:07:36 ----HDC---- C:\WINDOWS\$NtUninstallKB970653-v3$ 2009-08-23 19:08:28 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2009-08-23 19:08:14 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2 2009-08-21 11:29:20 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2009-08-21 11:29:19 ----A---- C:\WINDOWS\system32\mucltui.dll 2009-08-21 11:28:59 ----D---- C:\WINDOWS\system32\appmgmt 2009-08-21 01:45:11 ----D---- C:\Documents and Settings\TARDIS\Application Data\vlc 2009-08-21 01:40:52 ----D---- C:\Program Files\XP Codec Pack 2009-08-21 01:38:51 ----A---- C:\WINDOWS\iun6002.exe 2009-08-21 01:38:38 ----D---- C:\Program Files\Codec Pack - All In 1 2009-08-21 01:37:54 ----A---- C:\WINDOWS\Codec Pack - All In 1 Setup Log.txt 2009-08-21 01:16:26 ----A---- C:\WINDOWS\cdplayer.ini 2009-08-21 01:15:44 ----D---- C:\Documents and Settings\All Users\Application Data\FreeRIP 2009-08-20 23:27:12 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2009-08-20 23:27:07 ----D---- C:\Program Files\SUPERAntiSpyware 2009-08-20 23:27:07 ----D---- C:\Documents and Settings\TARDIS\Application Data\SUPERAntiSpyware.com 2009-08-20 23:26:36 ----D---- C:\Program Files\Agnitum 2009-08-20 23:26:00 ----D---- C:\Documents and Settings\All Users\Application Data\Agnitum 2009-08-20 23:25:46 ----D---- C:\Documents and Settings\TARDIS\Application Data\Malwarebytes 2009-08-20 23:25:41 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2009-08-20 23:25:41 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2009-08-20 23:24:52 ----A---- C:\WINDOWS\system32\MSVCR71.dll 2009-08-20 23:24:52 ----A---- C:\WINDOWS\system32\MSVCP71.dll 2009-08-20 23:24:52 ----A---- C:\WINDOWS\system32\MFC71.dll 2009-08-20 23:24:52 ----A---- C:\WINDOWS\system32\aswBoot.exe 2009-08-20 23:24:50 ----D---- C:\Program Files\Alwil Software 2009-08-20 23:13:48 ----D---- C:\Documents and Settings\All Users\Application Data\Adobe 2009-08-20 23:13:38 ----D---- C:\Program Files\Common Files\Adobe 2009-08-20 23:13:38 ----D---- C:\Program Files\Adobe 2009-08-20 22:33:16 ----D---- C:\Documents and Settings\TARDIS\Application Data\Macromedia 2009-08-20 22:33:14 ----D---- C:\Documents and Settings\TARDIS\Application Data\Adobe 2009-08-20 22:26:08 ----D---- C:\Documents and Settings\TARDIS\Application Data\uTorrent 2009-08-20 22:24:54 ----D---- C:\Documents and Settings\TARDIS\Application Data\Birdstep Technology 2009-08-20 22:24:30 ----D---- C:\Documents and Settings\TARDIS\Application Data\Identities 2009-08-20 22:24:24 ----SD---- C:\Documents and Settings\TARDIS\Application Data\Microsoft 2009-08-20 22:24:24 ----ASH---- C:\Documents and Settings\TARDIS\Application Data\desktop.ini 2009-08-20 21:27:51 ----HD---- C:\WINDOWS\system32\GroupPolicy 2009-08-20 21:17:45 ----D---- C:\WINDOWS\Minidump 2009-08-20 21:00:45 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem #2.txt 2009-08-20 20:45:02 ----A---- C:\WINDOWS\system32\libmySQL.dll 2009-08-20 20:39:53 ----D---- C:\Program Files\Sierra On-Line 2009-08-20 20:35:04 ----D---- C:\Program Files\WON 2009-08-20 20:24:50 ----A---- C:\WINDOWS\sierra.ini 2009-08-20 20:11:08 ----D---- C:\Program Files\AVG 2009-08-20 20:08:05 ----DC---- C:\WINDOWS\system32\DRVSTORE 2009-08-20 20:08:05 ----A---- C:\WINDOWS\system32\GEARAspi.dll 2009-08-20 20:06:40 ----D---- C:\Program Files\Common Files\Apple 2009-08-20 20:06:23 ----D---- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} 2009-08-20 19:42:08 ----D---- C:\Program Files\Microsoft 2009-08-20 19:41:51 ----D---- C:\Program Files\Windows Live SkyDrive 2009-08-20 19:41:26 ----D---- C:\Program Files\Windows Live 2009-08-20 19:28:07 ----D---- C:\Program Files\Monkey's Audio 2009-08-20 19:28:07 ----A---- C:\WINDOWS\system32\unicows.dll 2009-08-20 19:28:07 ----A---- C:\WINDOWS\system32\MACDll.dll 2009-08-20 19:27:58 ----D---- C:\Program Files\FLAC 2009-08-20 19:27:31 ----D---- C:\Program Files\PeerGuardian2 2009-08-20 19:24:24 ----D---- C:\Program Files\Common Files\Windows Live 2009-08-20 19:24:03 ----D---- C:\Program Files\uTorrent 2009-08-20 19:23:40 ----D---- C:\Program Files\Audacity 2009-08-20 19:21:59 ----A---- C:\WINDOWS\ModemLog_HUAWEI Mobile Connect - 3G Modem.txt 2009-08-20 19:21:54 ----A---- C:\WINDOWS\system32\pthreadGC2.dll 2009-08-20 19:21:51 ----D---- C:\Program Files\AoA Audio Extractor 2009-08-20 19:21:36 ----D---- C:\Program Files\Mp3tag 2009-08-20 19:20:10 ----SHD---- C:\RECYCLER 2009-08-20 19:19:01 ----N---- C:\WINDOWS\system32\spmsg.dll 2009-08-20 19:18:03 ----D---- C:\Documents and Settings\All Users\Application Data\Final Draft 2009-08-20 19:17:58 ----D---- C:\Program Files\Final Draft Tagger 2009-08-20 19:17:58 ----D---- C:\Program Files\Final Draft 7 2009-08-20 19:17:44 ----D---- C:\Program Files\Common Files\Wise Installation Wizard 2009-08-20 19:17:10 ----D---- C:\Program Files\Unlocker 2009-08-20 19:14:15 ----D---- C:\Documents and Settings\All Users\Application Data\Apple Computer 2009-08-20 19:14:03 ----D---- C:\Program Files\Apple Software Update 2009-08-20 19:14:03 ----D---- C:\Documents and Settings\All Users\Application Data\Apple 2009-08-20 19:13:46 ----A---- C:\WINDOWS\ODBC.INI 2009-08-20 19:13:17 ----D---- C:\Program Files\Microsoft ActiveSync 2009-08-20 19:13:08 ----D---- C:\Program Files\VideoLAN 2009-08-20 19:13:05 ----D---- C:\Program Files\Common Files\Designer 2009-08-20 19:12:50 ----D---- C:\WINDOWS\ShellNew 2009-08-20 19:12:42 ----D---- C:\Program Files\Microsoft Office 2009-08-20 19:09:03 ----D---- C:\Documents and Settings\All Users\Application Data\Birdstep Technology 2009-08-20 19:08:06 ----D---- C:\Program Files\Huawei Modems 2009-08-20 19:08:06 ----D---- C:\Program Files\3 2009-08-20 19:08:06 ----A---- C:\WINDOWS\Huawei ModemsUninstall.exe 2009-08-20 19:01:36 ----D---- C:\Program Files\WinRAR 2009-08-20 15:33:25 ----HDC---- C:\WINDOWS\$NtUninstallKB954154_WM11$ 2009-08-20 15:33:21 ----HDC---- C:\WINDOWS\$NtUninstallKB929399$ 2009-08-20 15:33:06 ----HDC---- C:\WINDOWS\$NtUninstallKB939683$ 2009-08-20 15:32:49 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2009-08-20 15:31:02 ----A---- C:\WINDOWS\system32\igfxres.dll 2009-08-20 15:29:25 ----HDC---- C:\WINDOWS\$NtUninstallMSCompPackV1$ 2009-08-20 15:29:12 ----D---- C:\Program Files\Windows Media Connect 2 2009-08-20 15:29:04 ----HDC---- C:\WINDOWS\$NtUninstallwmp11$ 2009-08-20 15:28:30 ----HDC---- C:\WINDOWS\$NtUninstallWMFDist11$ 2009-08-20 15:28:10 ----D---- C:\WINDOWS\system32\LogFiles 2009-08-20 15:28:06 ----HDC---- C:\WINDOWS\$NtUninstallWudf01000$ 2009-08-20 15:15:37 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2009-08-20 15:15:32 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2009-08-20 15:15:26 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2009-08-20 15:15:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2009-08-20 15:15:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2009-08-20 15:15:10 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2009-08-20 15:15:05 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2009-08-20 15:14:58 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2009-08-20 15:14:54 ----HDC---- C:\WINDOWS\$NtUninstallKB971557$ 2009-08-20 15:14:47 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2009-08-20 15:14:42 ----HDC---- C:\WINDOWS\$NtUninstallKB961371-v2$ 2009-08-20 15:14:05 ----HDC---- C:\WINDOWS\$NtUninstallKB972260$ 2009-08-20 15:13:59 ----HDC---- C:\WINDOWS\$NtUninstallKB973346$ 2009-08-20 15:13:53 ----HDC---- C:\WINDOWS\$NtUninstallKB971633$ 2009-08-20 15:13:48 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2009-08-20 15:13:42 ----HDC---- C:\WINDOWS\$NtUninstallKB968537$ 2009-08-20 15:13:37 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2009-08-20 15:13:10 ----D---- C:\WINDOWS\ie8updates 2009-08-20 15:12:54 ----D---- C:\WINDOWS\WBEM
  24. mr_banana_pants
    -- End of file - 9172 bytes ======Scheduled tasks folder====== C:\WINDOWS\tasks\AppleSoftwareUpdate.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1003Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1003UA.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1011Core.job C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-1078081533-688789844-682003330-1011UA.job ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}] Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}] AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}] Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-09-10 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-09-10 73728] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2004-10-14 1404928] "igfxtray"=C:\WINDOWS\system32\igfxtray.exe [2005-10-14 94208] "igfxhkcmd"=C:\WINDOWS\system32\hkcmd.exe [2005-10-14 77824] "igfxpers"=C:\WINDOWS\system32\igfxpers.exe [2005-10-14 114688] "UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2008-05-02 15872] "Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696] "avast!"=C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-08-17 81000] "OutpostMonitor"=C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe [2009-04-28 2374464] "OutpostFeedBack"=C:\Program Files\Agnitum\Outpost Firewall\feedback.exe [2009-04-28 428032] "Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2009-09-09 30192] "SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-09-10 149280] "QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-09-05 417792] "iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-09-08 305440] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "Google Update"=C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2009-08-20 133104] "PeerGuardian"=C:\Program Files\PeerGuardian2\pg2.exe [2007-01-30 1432064] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-09-11 1994480] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] C:\Documents and Settings\All Users\Start Menu\Programs\Startup Microsoft Office.lnk - C:\Program Files\Microsoft Office\Office10\OSA.EXE Update Agent.lnk - C:\Program Files\3\3Connect\AutoUpdateSrv.exe Wireless Utility.lnk - C:\Program Files\EDIMAX\Common\RaUI.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "AppInit_DLLS"="c:\progra~1\agnitum\outpos~1\wl_hook.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL" [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-11 548352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui] C:\WINDOWS\system32\igfxdev.dll [2005-10-14 135168] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\WgaLogon] C:\WINDOWS\system32\WgaLogon.dll [2009-03-10 239496] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad] WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "HonorAutoRunSetting"= [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\Spotify\spotify.exe"="C:\Program Files\Spotify\spotify.exe:*:Enabled:Spotify" "C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour" "C:\Program Files\iTunes\iTunes.exe"="C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\wlcsdk.exe"="C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{e8d8a0c7-8dc3-11de-ae9b-001372909d17}] shell\AutoRun\command - F:\AutoRun.exe
  25. mr_banana_pants
    Logfile of random's system information tool 1.06 (written by random/random) Run by TARDIS at 2009-09-16 18:41:48 Microsoft Windows XP Professional Service Pack 3 System drive C: has 3 GB (13%) free of 20 GB Total RAM: 1014 MB (40% free) Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:42:53, on 16/09/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\system32\igfxpers.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\Program Files\Java\jre6\bin\jusched.exe C:\Program Files\iTunes\iTunesHelper.exe C:\Program Files\PeerGuardian2\pg2.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\EDIMAX\Common\RaUI.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe C:\Program Files\iPod\bin\iPodService.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\a-squared Free\a2service.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINDOWS\vortex.scr C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Program Files\uTorrent\uTorrent.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\TARDIS\My Documents\Downloads\RSIT.exe C:\Program Files\trend micro\TARDIS.exe C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Chrome\Application\chrome.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Sky.com - Home R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Google R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Internet Explorer Provided By Sky Broadband R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll (file missing) O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" -H O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [OutpostMonitor] C:\PROGRA~1\Agnitum\OUTPOS~1\op_mon.exe /tray /noservice O4 - HKLM\..\Run: [OutpostFeedBack] "C:\Program Files\Agnitum\Outpost Firewall\feedback.exe" /dump:os_startup O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\TARDIS\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c O4 - HKCU\..\Run: [PeerGuardian] C:\Program Files\PeerGuardian2\pg2.exe O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Update Agent.lnk = ? O4 - Global Startup: Wireless Utility.lnk = C:\Program Files\EDIMAX\Common\RaUI.exe O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Sky - {08E730A4-FB02-45BD-A900-01E4AD8016F6} - Sky.com - Home (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1250816177859 O20 - AppInit_DLLs: c:\progra~1\agnitum\outpos~1\wl_hook.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe O23 - Service: Agnitum Client Security Service (acssrv) - Agnitum Ltd. - C:\PROGRA~1\Agnitum\OUTPOS~1\acs.exe O23 - Service: Application Layer Gateway Service (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Google Desktop Manager 5.9.909.2235 (GoogleDesktopManager-090209-075101) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: Ralink Registry Writer (RalinkRegistryWriter) - Ralink Technology, Corp. - C:\Program Files\EDIMAX\Common\RalinkRegistryWriter.exe
×
×
  • Create New...