Random Virus, Please Help!

Status
Not open for further replies.
+ 2008-04-14 00:12:09 102,400 -c----w c:\windows\$NtUninstallwmp11$\wmpshell.dll
- 2002-06-04 12:58:12 49,152 ----a-w c:\windows\ctdcres.dll
+ 2002-06-04 11:58:12 49,152 ----a-w c:\windows\CTDCRES.DLL
+ 2002-07-19 15:08:10 94,208 ----a-w c:\windows\DEVREG.DLL
+ 2009-02-02 22:07:40 1,914,440 ----a-w c:\windows\Downloaded Program Files\CONFLICT.9\FP_AX_CAB_INSTALLER.exe
- 2008-04-14 00:12:38 208,896 ----a-w c:\windows\inf\unregmp2.exe
+ 2006-11-01 22:31:34 315,904 ----a-w c:\windows\inf\unregmp2.exe
- 2002-06-04 12:45:38 20,480 ----a-w c:\windows\inRes.dll
+ 2002-06-04 11:45:38 20,480 ----a-w c:\windows\inRes.dll
- 2002-01-14 19:42:34 61,440 ----a-w c:\windows\mididef.exe
+ 2002-01-14 18:42:34 61,440 ----a-w c:\windows\mididef.exe
- 2002-07-19 16:08:02 184,320 ----a-w c:\windows\psconv.exe
+ 2002-07-19 15:08:02 184,320 ----a-w c:\windows\psconv.exe
- 2002-07-19 16:07:52 176,128 ----a-w c:\windows\readreg.exe
+ 2002-07-19 15:07:52 176,128 ----a-w c:\windows\readreg.exe
- 2002-07-19 15:43:04 65,536 ----a-w c:\windows\system32\a3d.dll
+ 2007-04-09 16:32:58 34,816 ----a-w c:\windows\system32\a3d.dll
- 2002-07-19 16:07:32 53,248 ----a-w c:\windows\system32\ac3api.dll
+ 2007-04-09 16:32:46 27,648 ----a-w c:\windows\system32\ac3api.dll
+ 2007-04-09 15:25:36 48,400 ----a-w c:\windows\system32\AddCat.exe
+ 2007-04-12 12:10:28 105,728 ----a-w c:\windows\system32\APOMgrH.dll
- 2008-04-13 17:23:38 8,192 ----a-w c:\windows\system32\asferror.dll
+ 2006-10-19 01:47:08 7,168 ----a-w c:\windows\system32\asferror.dll
+ 2006-10-19 01:47:08 276,992 ------w c:\windows\system32\audiodev.dll
- 2008-04-14 00:11:50 286,720 ----a-w c:\windows\system32\blackbox.dll
+ 2006-10-19 01:47:10 542,720 ----a-w c:\windows\system32\blackbox.dll
- 2008-04-14 00:11:50 159,232 ----a-w c:\windows\system32\cewmdm.dll
+ 2006-10-19 01:47:10 229,376 ----a-w c:\windows\system32\cewmdm.dll
- 2002-07-19 15:54:08 110,592 ----a-w c:\windows\system32\commonfx.dll
+ 2007-04-18 12:59:40 98,600 ----a-w c:\windows\system32\COMMONFX.DLL
+ 2007-04-09 16:22:04 205,312 ----a-w c:\windows\system32\ct_oal.dll
+ 2007-04-09 16:29:30 10,752 ----a-w c:\windows\system32\Ct20xspi.dll
+ 2007-04-12 12:10:26 164,608 ----a-w c:\windows\system32\CT20XUT.DLL
- 2002-03-13 20:25:36 57,344 ------w c:\windows\system32\ctagent.dll
+ 2007-04-09 16:32:30 8,704 ----a-w c:\windows\system32\ctagent.dll
+ 2007-04-09 15:25:04 444,928 ----a-w c:\windows\system32\CTAPO32.dll
- 2002-07-19 15:54:20 106,496 ----a-w c:\windows\system32\ctasio.dll
+ 2007-04-09 16:22:02 79,872 ----a-w c:\windows\system32\ctasio.dll
+ 2007-04-12 12:10:16 546,048 ----a-w c:\windows\system32\CTAUDFX.DLL
- 2002-07-19 16:07:24 113,273 ----a-w c:\windows\system32\ctbas2w.dat
+ 2007-04-09 16:21:28 149,838 ----a-w c:\windows\system32\ctbas2w.dat
+ 2002-07-19 15:02:24 113,373 ----a-w c:\windows\system32\CTBASICW.DAT
+ 2007-04-09 16:33:50 43,520 ----a-w c:\windows\system32\CTBurst.dll
+ 2007-04-09 16:33:36 86,016 ----a-w c:\windows\system32\ctcoinst.dll
- 2002-07-19 15:56:48 44,055 ----a-w c:\windows\system32\ctdaught.dat
+ 2007-04-09 16:19:20 53,932 ----a-w c:\windows\system32\ctdaught.dat
+ 2007-04-09 16:32:20 227,840 ----a-w c:\windows\system32\ctdc0000.dll
+ 2007-04-09 16:32:22 335,872 ----a-w c:\windows\system32\ctdc0001.dll
+ 2007-04-09 16:32:22 131,072 ----a-w c:\windows\system32\ctdcifce.dll
+ 2007-04-09 16:32:20 10,240 ----a-w c:\windows\system32\ctdcres.dll
- 2002-07-19 16:07:42 319,488 ----a-w c:\windows\system32\ctdevcon.dll
+ 2002-07-19 15:07:42 319,488 ----a-w c:\windows\system32\ctdevcon.dll
- 2002-07-19 16:07:28 164,044 ------w c:\windows\system32\ctdlang.dat
+ 2002-07-19 15:07:30 164,044 ------w c:\windows\system32\ctdlang.dat
- 2007-04-09 17:24:30 46,273 ----a-w c:\windows\system32\ctdnlstr.dat
+ 2007-04-09 16:24:30 46,273 ----a-w c:\windows\system32\ctdnlstr.dat
- 2002-07-19 15:53:52 106,496 ----a-w c:\windows\system32\ctdproxy.dll
+ 2007-04-09 16:22:00 76,800 ----a-w c:\windows\system32\ctdproxy.dll
+ 2007-04-09 16:33:36 163,328 ----a-w c:\windows\system32\ctdvinst.dll
+ 2007-04-12 12:10:18 168,192 ----a-w c:\windows\system32\CTEAPSFX.DLL
+ 2007-04-09 16:22:04 50,176 ----a-w c:\windows\system32\ctedasio.dll
+ 2007-04-12 12:10:20 280,320 ----a-w c:\windows\system32\CTEDSPFX.DLL
+ 2007-04-12 12:10:22 128,768 ----a-w c:\windows\system32\CTEDSPIO.DLL
+ 2007-04-12 12:10:22 323,328 ----a-w c:\windows\system32\CTEDSPSY.DLL
- 2002-07-19 15:54:40 36,864 ----a-w c:\windows\system32\ctemupia.dll
+ 2007-04-09 16:24:06 110,080 ----a-w c:\windows\system32\ctemupia.dll
+ 2007-04-12 12:10:20 94,976 ----a-w c:\windows\system32\CTERFXFX.DLL
+ 2007-04-12 12:10:24 1,317,632 ----a-w c:\windows\system32\CTEXFIFX.DLL
- 2002-07-02 22:56:00 24,576 ----a-w c:\windows\system32\cthelper.exe
+ 2007-04-09 16:32:32 19,456 ----a-w c:\windows\system32\CtHelper.exe
+ 2007-04-12 12:10:26 66,816 ----a-w c:\windows\system32\CTHWIUT.DLL
+ 2005-06-16 14:17:16 71,680 ----a-w c:\windows\system32\ctmmactl.dll
+ 2007-04-09 16:32:28 12,800 ----a-w c:\windows\system32\ctmmep.dll
- 2002-07-19 15:54:16 155,648 ----a-w c:\windows\system32\ctosuser.dll
+ 2007-04-09 16:21:50 137,728 ----a-w c:\windows\system32\ctosuser.dll
+ 2007-04-09 16:32:30 56,832 ----a-w c:\windows\system32\CTpcmcia.dll
+ 2007-04-09 15:25:26 45,568 ----a-w c:\windows\system32\ctppld.dll
+ 2007-04-09 16:32:24 9,216 ----a-w c:\windows\system32\ctpres.dll
+ 2006-11-14 13:01:30 58,104 ----a-w c:\windows\system32\ctpxinst.exe
- 2002-07-19 16:07:24 211,126 ----a-w c:\windows\system32\ctsbas2w.dat
+ 2007-04-09 16:19:44 274,587 ----a-w c:\windows\system32\ctsbas2w.dat
- 2002-07-19 15:55:42 643,072 ----a-w c:\windows\system32\ctsblfx.dll
+ 2007-04-12 12:10:16 560,384 ----a-w c:\windows\system32\CTSBLFX.DLL
+ 2007-04-09 16:32:22 78,336 ----a-w c:\windows\system32\ctscal.dll
+ 2005-06-30 11:24:14 121,856 ----a-w c:\windows\system32\ctsfinst.dll
- 2002-07-19 16:07:48 28,672 ----a-w c:\windows\system32\ctspkhlp.dll
+ 2007-04-09 16:32:30 45,568 ----a-w c:\windows\system32\ctspkhlp.dll
- 2002-07-19 15:59:30 179,669 ----a-w c:\windows\system32\ctstatic.dat
+ 2007-04-09 16:19:20 313,207 ----a-w c:\windows\system32\ctstatic.dat
+ 2007-04-09 16:32:24 69,632 ----a-w c:\windows\system32\ctthxcal.dll
+ 2007-04-09 16:32:34 35,840 ----a-w c:\windows\system32\CTxfiBtn.dll
+ 2007-04-09 16:32:32 19,968 ----a-w c:\windows\system32\Ctxfihlp.exe
+ 2007-04-09 16:29:30 43,520 ----a-w c:\windows\system32\Ctxfireg.exe
+ 2007-04-09 16:29:28 934,400 ----a-w c:\windows\system32\CTxfispi.exe
+ 2007-04-09 16:32:34 46,592 ----a-w c:\windows\system32\CTxfiSpk.dll
- 2007-04-09 17:19:28 235,142 ----a-w c:\windows\system32\data\CT0060W.DAT
+ 2007-04-09 16:19:28 235,142 ----a-w c:\windows\system32\data\CT0060W.DAT
- 2007-04-09 17:19:20 26,783 ----a-w c:\windows\system32\data\ctd20x.dat
+ 2007-04-09 16:19:20 26,783 ----a-w c:\windows\system32\data\ctd20x.dat
- 2007-04-09 17:19:36 201,502 ----a-w c:\windows\system32\data\CTEAPSW.DAT
+ 2007-04-09 16:19:36 201,502 ----a-w c:\windows\system32\data\CTEAPSW.DAT
- 2007-04-09 17:19:58 374,041 ----a-w c:\windows\system32\data\CTEDSP2W.DAT
+ 2007-04-09 16:19:58 374,041 ----a-w c:\windows\system32\data\CTEDSP2W.DAT
- 2007-04-09 17:20:00 348,425 ----a-w c:\windows\system32\data\CTEDSPHW.DAT
+ 2007-04-09 16:20:00 348,425 ----a-w c:\windows\system32\data\CTEDSPHW.DAT
- 2007-04-09 17:19:58 294,775 ----a-w c:\windows\system32\data\CTEDSPKW.DAT
+ 2007-04-09 16:19:58 294,775 ----a-w c:\windows\system32\data\CTEDSPKW.DAT
- 2007-04-09 17:19:58 294,775 ----a-w c:\windows\system32\data\CTEDSPLW.DAT
+ 2007-04-09 16:19:58 294,775 ----a-w c:\windows\system32\data\CTEDSPLW.DAT
- 2007-04-09 17:20:00 330,665 ----a-w c:\windows\system32\data\CTEDSPPW.DAT
+ 2007-04-09 16:20:00 330,665 ----a-w c:\windows\system32\data\CTEDSPPW.DAT
- 2007-04-09 17:20:00 270,927 ----a-w c:\windows\system32\data\CTEDSPTW.DAT
+ 2007-04-09 16:20:00 270,927 ----a-w c:\windows\system32\data\CTEDSPTW.DAT
- 2007-04-09 17:20:00 270,927 ----a-w c:\windows\system32\data\CTEDSPUW.DAT
+ 2007-04-09 16:20:00 270,927 ----a-w c:\windows\system32\data\CTEDSPUW.DAT
- 2007-04-09 17:19:50 374,041 ----a-w c:\windows\system32\data\CTEDSPW.DAT
+ 2007-04-09 16:19:50 374,041 ----a-w c:\windows\system32\data\CTEDSPW.DAT
- 2007-04-09 17:19:28 235,259 ----a-w c:\windows\system32\data\CTP0060W.DAT
+ 2007-04-09 16:19:28 235,259 ----a-w c:\windows\system32\data\CTP0060W.DAT
- 2007-04-09 17:19:30 235,259 ----a-w c:\windows\system32\data\CTP0061W.DAT
+ 2007-04-09 16:19:30 235,259 ----a-w c:\windows\system32\data\CTP0061W.DAT
- 2007-04-09 17:19:38 289,409 ----a-w c:\windows\system32\data\CTP0070W.DAT
+ 2007-04-09 16:19:38 289,409 ----a-w c:\windows\system32\data\CTP0070W.DAT
- 2007-04-09 17:19:38 289,409 ----a-w c:\windows\system32\data\CTP0073W.DAT
+ 2007-04-09 16:19:38 289,409 ----a-w c:\windows\system32\data\CTP0073W.DAT
- 2007-04-09 17:19:38 276,738 ----a-w c:\windows\system32\data\CTP0090W.DAT
+ 2007-04-09 16:19:38 276,738 ----a-w c:\windows\system32\data\CTP0090W.DAT
- 2007-04-09 17:19:42 275,169 ----a-w c:\windows\system32\data\CTP0091W.DAT
+ 2007-04-09 16:19:42 275,169 ----a-w c:\windows\system32\data\CTP0091W.DAT
- 2007-04-09 17:19:40 276,738 ----a-w c:\windows\system32\data\CTP0092W.DAT
+ 2007-04-09 16:19:40 276,738 ----a-w c:\windows\system32\data\CTP0092W.DAT
- 2007-04-09 17:19:44 274,587 ----a-w c:\windows\system32\data\CTP0095W.DAT
+ 2007-04-09 16:19:44 274,587 ----a-w c:\windows\system32\data\CTP0095W.DAT
- 2007-04-09 17:19:28 235,259 ----a-w c:\windows\system32\data\CTP0100W.DAT
+ 2007-04-09 16:19:28 235,259 ----a-w c:\windows\system32\data\CTP0100W.DAT
- 2007-04-09 17:19:30 235,259 ----a-w c:\windows\system32\data\CTP0101W.DAT
+ 2007-04-09 16:19:30 235,259 ----a-w c:\windows\system32\data\CTP0101W.DAT
- 2007-04-09 17:19:30 235,259 ----a-w c:\windows\system32\data\CTP0102W.DAT
+ 2007-04-09 16:19:30 235,259 ----a-w c:\windows\system32\data\CTP0102W.DAT
- 2007-04-09 17:19:32 235,259 ----a-w c:\windows\system32\data\CTP0103W.DAT
+ 2007-04-09 16:19:32 235,259 ----a-w c:\windows\system32\data\CTP0103W.DAT
- 2007-04-09 17:19:32 235,259 ----a-w c:\windows\system32\data\CTP0105W.DAT
+ 2007-04-09 16:19:32 235,259 ----a-w c:\windows\system32\data\CTP0105W.DAT
- 2007-04-09 17:19:26 232,158 ----a-w c:\windows\system32\data\CTP0150W.DAT
+ 2007-04-09 16:19:26 232,158 ----a-w c:\windows\system32\data\CTP0150W.DAT
- 2007-04-09 17:19:40 275,427 ----a-w c:\windows\system32\data\CTP0161W.DAT
+ 2007-04-09 16:19:40 275,427 ----a-w c:\windows\system32\data\CTP0161W.DAT
- 2007-04-09 17:19:40 276,738 ----a-w c:\windows\system32\data\CTP0162W.DAT
+ 2007-04-09 16:19:40 276,738 ----a-w c:\windows\system32\data\CTP0162W.DAT
- 2007-04-09 17:19:32 235,259 ----a-w c:\windows\system32\data\CTP0170W.DAT
+ 2007-04-09 16:19:32 235,259 ----a-w c:\windows\system32\data\CTP0170W.DAT
- 2007-04-09 17:19:32 235,142 ----a-w c:\windows\system32\data\CTP017AW.DAT
+ 2007-04-09 16:19:32 235,142 ----a-w c:\windows\system32\data\CTP017AW.DAT
- 2007-04-09 17:19:34 235,142 ----a-w c:\windows\system32\data\CTP017BW.DAT
+ 2007-04-09 16:19:34 235,142 ----a-w c:\windows\system32\data\CTP017BW.DAT
- 2007-04-09 17:19:34 235,142 ----a-w c:\windows\system32\data\CTP017CW.DAT
+ 2007-04-09 16:19:34 235,142 ----a-w c:\windows\system32\data\CTP017CW.DAT
- 2007-04-09 17:19:34 235,142 ----a-w c:\windows\system32\data\CTP017DW.DAT
+ 2007-04-09 16:19:34 235,142 ----a-w c:\windows\system32\data\CTP017DW.DAT
- 2007-04-09 17:19:34 235,142 ----a-w c:\windows\system32\data\CTP017EW.DAT
+ 2007-04-09 16:19:34 235,142 ----a-w c:\windows\system32\data\CTP017EW.DAT
- 2007-04-09 17:19:34 235,142 ----a-w c:\windows\system32\data\CTP017FW.DAT
+ 2007-04-09 16:19:34 235,142 ----a-w c:\windows\system32\data\CTP017FW.DAT
- 2007-04-09 17:19:36 235,142 ----a-w c:\windows\system32\data\CTP017GW.DAT
+ 2007-04-09 16:19:36 235,142 ----a-w c:\windows\system32\data\CTP017GW.DAT
- 2007-04-09 17:19:36 235,142 ----a-w c:\windows\system32\data\CTP017HW.DAT
+ 2007-04-09 16:19:36 235,142 ----a-w c:\windows\system32\data\CTP017HW.DAT
- 2007-04-09 17:19:40 275,169 ----a-w c:\windows\system32\data\CTP0191W.DAT
+ 2007-04-09 16:19:40 275,169 ----a-w c:\windows\system32\data\CTP0191W.DAT
- 2007-04-09 17:19:40 276,738 ----a-w c:\windows\system32\data\CTP0192W.DAT
+ 2007-04-09 16:19:40 276,738 ----a-w c:\windows\system32\data\CTP0192W.DAT
- 2007-04-09 17:19:30 236,189 ----a-w c:\windows\system32\data\CTP0221W.DAT
+ 2007-04-09 16:19:30 236,189 ----a-w c:\windows\system32\data\CTP0221W.DAT
- 2007-04-09 17:19:30 236,189 ----a-w c:\windows\system32\data\CTP0222W.DAT
+ 2007-04-09 16:19:30 236,189 ----a-w c:\windows\system32\data\CTP0222W.DAT
- 2007-04-09 17:19:42 277,159 ----a-w c:\windows\system32\data\CTP0230W.DAT
+ 2007-04-09 16:19:42 277,159 ----a-w c:\windows\system32\data\CTP0230W.DAT
- 2007-04-09 17:19:42 275,816 ----a-w c:\windows\system32\data\CTP0231W.DAT
+ 2007-04-09 16:19:42 275,816 ----a-w c:\windows\system32\data\CTP0231W.DAT
- 2007-04-09 17:19:42 277,159 ----a-w c:\windows\system32\data\CTP0232W.DAT
+ 2007-04-09 16:19:42 277,159 ----a-w c:\windows\system32\data\CTP0232W.DAT
- 2007-04-09 17:19:42 275,517 ----a-w c:\windows\system32\data\CTP0238W.DAT
+ 2007-04-09 16:19:42 275,517 ----a-w c:\windows\system32\data\CTP0238W.DAT
- 2007-04-09 17:19:44 319,070 ----a-w c:\windows\system32\data\CTP0240W.DAT
+ 2007-04-09 16:19:44 319,070 ----a-w c:\windows\system32\data\CTP0240W.DAT
- 2007-04-09 17:19:46 319,730 ----a-w c:\windows\system32\data\CTP0242W.DAT
+ 2007-04-09 16:19:46 319,730 ----a-w c:\windows\system32\data\CTP0242W.DAT
- 2007-04-09 17:19:46 318,800 ----a-w c:\windows\system32\data\CTP0243W.DAT
+ 2007-04-09 16:19:46 318,800 ----a-w c:\windows\system32\data\CTP0243W.DAT
- 2007-04-09 17:19:46 319,730 ----a-w c:\windows\system32\data\CTP0244W.DAT
+ 2007-04-09 16:19:46 319,730 ----a-w c:\windows\system32\data\CTP0244W.DAT
- 2007-04-09 17:19:46 318,254 ----a-w c:\windows\system32\data\CTP0245W.DAT
+ 2007-04-09 16:19:46 318,254 ----a-w c:\windows\system32\data\CTP0245W.DAT
- 2007-04-09 17:19:48 319,730 ----a-w c:\windows\system32\data\CTP0246W.DAT
+ 2007-04-09 16:19:48 319,730 ----a-w c:\windows\system32\data\CTP0246W.DAT
- 2007-04-09 17:19:48 318,341 ----a-w c:\windows\system32\data\CTP0249W.DAT
+ 2007-04-09 16:19:48 318,341 ----a-w c:\windows\system32\data\CTP0249W.DAT
- 2007-04-09 17:19:48 318,254 ----a-w c:\windows\system32\data\CTP0280W.DAT
+ 2007-04-09 16:19:48 318,254 ----a-w c:\windows\system32\data\CTP0280W.DAT
- 2007-04-09 17:19:50 318,254 ----a-w c:\windows\system32\data\CTP0320W.DAT
+ 2007-04-09 16:19:50 318,254 ----a-w c:\windows\system32\data\CTP0320W.DAT
- 2007-04-09 17:19:50 323,640 ----a-w c:\windows\system32\data\CTP0350W.DAT
+ 2007-04-09 16:19:50 323,640 ----a-w c:\windows\system32\data\CTP0350W.DAT
- 2007-04-09 17:19:50 321,529 ----a-w c:\windows\system32\data\CTP0352W.DAT
+ 2007-04-09 16:19:50 321,529 ----a-w c:\windows\system32\data\CTP0352W.DAT
- 2007-04-09 17:19:54 322,194 ----a-w c:\windows\system32\data\CTP0355W.DAT
+ 2007-04-09 16:19:54 322,194 ----a-w c:\windows\system32\data\CTP0355W.DAT
- 2007-04-09 17:19:52 321,552 ----a-w c:\windows\system32\data\CTP0358W.DAT
+ 2007-04-09 16:19:52 321,552 ----a-w c:\windows\system32\data\CTP0358W.DAT
- 2007-04-09 17:19:52 320,622 ----a-w c:\windows\system32\data\CTP0359W.DAT
+ 2007-04-09 16:19:52 320,622 ----a-w c:\windows\system32\data\CTP0359W.DAT
- 2007-04-09 17:19:52 320,076 ----a-w c:\windows\system32\data\CTP0360W.DAT
+ 2007-04-09 16:19:52 320,076 ----a-w c:\windows\system32\data\CTP0360W.DAT
- 2007-04-09 17:19:54 320,076 ----a-w c:\windows\system32\data\CTP0380W.DAT
+ 2007-04-09 16:19:54 320,076 ----a-w c:\windows\system32\data\CTP0380W.DAT
- 2007-04-09 17:19:56 319,757 ----a-w c:\windows\system32\data\CTP0400W.DAT
+ 2007-04-09 16:19:56 319,757 ----a-w c:\windows\system32\data\CTP0400W.DAT
- 2007-04-09 17:21:28 264,130 ----a-w c:\windows\system32\data\CTP0460W.DAT
+ 2007-04-09 16:21:28 264,130 ----a-w c:\windows\system32\data\CTP0460W.DAT
- 2007-04-09 17:21:32 264,130 ----a-w c:\windows\system32\data\CTP0462W.DAT
+ 2007-04-09 16:21:32 264,130 ----a-w c:\windows\system32\data\CTP0462W.DAT
- 2007-04-09 17:21:28 264,060 ----a-w c:\windows\system32\data\CTP0463W.DAT
+ 2007-04-09 16:21:28 264,060 ----a-w c:\windows\system32\data\CTP0463W.DAT
- 2007-04-09 17:21:30 264,130 ----a-w c:\windows\system32\data\CTP0464W.DAT
+ 2007-04-09 16:21:30 264,130 ----a-w c:\windows\system32\data\CTP0464W.DAT
- 2007-04-09 17:21:30 264,130 ----a-w c:\windows\system32\data\CTP0465W.DAT
+ 2007-04-09 16:21:30 264,130 ----a-w c:\windows\system32\data\CTP0465W.DAT
- 2007-04-09 17:21:28 264,130 ----a-w c:\windows\system32\data\CTP0466W.DAT
+ 2007-04-09 16:21:28 264,130 ----a-w c:\windows\system32\data\CTP0466W.DAT
- 2007-04-09 17:21:30 264,130 ----a-w c:\windows\system32\data\CTP0468W.DAT
+ 2007-04-09 16:21:30 264,130 ----a-w c:\windows\system32\data\CTP0468W.DAT
- 2007-04-09 17:21:30 264,130 ----a-w c:\windows\system32\data\CTP0469W.DAT
+ 2007-04-09 16:21:30 264,130 ----a-w c:\windows\system32\data\CTP0469W.DAT
- 2007-04-09 17:21:30 263,802 ----a-w c:\windows\system32\data\CTP046AW.DAT
+ 2007-04-09 16:21:30 263,802 ----a-w c:\windows\system32\data\CTP046AW.DAT
- 2007-04-09 17:21:30 263,802 ----a-w c:\windows\system32\data\CTP046BW.DAT
+ 2007-04-09 16:21:30 263,802 ----a-w c:\windows\system32\data\CTP046BW.DAT
- 2007-04-09 17:21:30 263,802 ----a-w c:\windows\system32\data\CTP046CW.DAT
+ 2007-04-09 16:21:30 263,802 ----a-w c:\windows\system32\data\CTP046CW.DAT
- 2007-04-09 17:20:44 232,116 ----a-w c:\windows\system32\data\CTP0530L.DAT
+ 2007-04-09 16:20:44 232,116 ----a-w c:\windows\system32\data\CTP0530L.DAT
- 2007-04-09 17:20:02 321,377 ----a-w c:\windows\system32\data\CTP0530W.DAT
+ 2007-04-09 16:20:02 321,377 ----a-w c:\windows\system32\data\CTP0530W.DAT
- 2007-04-09 17:21:28 232,116 ----a-w c:\windows\system32\data\CTP0531L.DAT
+ 2007-04-09 16:21:28 232,116 ----a-w c:\windows\system32\data\CTP0531L.DAT
- 2007-04-09 17:20:46 321,377 ----a-w c:\windows\system32\data\CTP0531W.DAT
+ 2007-04-09 16:20:46 321,377 ----a-w c:\windows\system32\data\CTP0531W.DAT
- 2007-04-09 17:21:28 264,388 ----a-w c:\windows\system32\data\CTP0550W.DAT
+ 2007-04-09 16:21:28 264,388 ----a-w c:\windows\system32\data\CTP0550W.DAT
 
Sorry I had to actually cut n past in four parts. As for system restore I never disabled it but I did find that I can't restore farther back than this month, which means something compromised it.


ComboFix 09-03-12.01 - Owner 2009-03-13 9:25:19.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.3.1252.1.1033.18.511.209 [GMT -4:00]
Running from: c:\combofix\ComboFix.exe
AV: CA Anti-Virus *On-access scanning enabled* (Updated)
FW: CA Personal Firewall *enabled*
* Created a new restore point
.
((((((((((((((((((((((((( Files Created from 2009-02-13 to 2009-03-13 )))))))))))))))))))))))))))))))
.
2009-03-13 09:21 . 2009-03-13 09:22 <DIR> d-------- C:\32788R22FWJFW.0.tmp
2009-03-13 00:28 . 2009-03-13 00:28 1,374 --a------ c:\windows\imsins.BAK
2009-03-12 23:43 . 2009-03-12 23:43 <DIR> d-------- c:\program files\Microsoft Silverlight
2009-03-12 22:25 . 2009-03-12 23:06 3,207,475 --a------ c:\windows\{00000002-00000000-0000000D-00001102-00000004-00581102}.BAK
2009-03-12 20:45 . 2009-03-12 23:06 3,207,475 --a------ c:\windows\{00000002-00000000-0000000D-00001102-00000004-00581102}.CDF
2009-03-12 20:43 . 2009-03-12 20:43 <DIR> d-------- c:\program files\Creative Tech
2009-03-12 20:43 . 2009-03-13 00:30 4,860 --a------ c:\windows\system32\BMXCtrlState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
2009-03-12 20:43 . 2009-03-13 00:30 4,860 --a------ c:\windows\system32\BMXBkpCtrlState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
2009-03-12 20:43 . 2009-03-13 00:30 192 --a------ c:\windows\system32\BMXStateBkp-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
2009-03-12 20:43 . 2009-03-13 00:30 192 --a------ c:\windows\system32\BMXState-{00000002-00000000-0000000D-00001102-00000004-00581102}.rfx
2009-03-12 20:43 . 2009-03-12 23:32 24 --a------ c:\windows\system32\DVCStateBkp-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
2009-03-12 20:43 . 2009-03-12 23:32 24 --a------ c:\windows\system32\DVCState-{00000002-00000000-0000000D-00001102-00000004-00581102}.dat
2009-03-12 20:41 . 2005-01-03 04:18 4,958,588 --a------ c:\windows\CTDVAUDY.CDF
2009-03-12 20:01 . 2009-03-12 20:01 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{51019853-129C-4EDE-9030-D5FD7BBD9AD0}
2009-03-12 19:31 . 2009-03-12 19:31 <DIR> d-------- c:\program files\Uniblue
2009-03-12 19:30 . 2009-03-12 19:31 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{B46E1EF5-0B37-4DB4-A4E2-9F2B41036185}
2009-03-12 18:54 . 2009-03-12 19:35 <DIR> d-------- c:\documents and settings\Owner\Application Data\Uniblue
2009-03-12 18:54 . 2009-03-12 18:56 <DIR> d-------- c:\documents and settings\All Users\Application Data\DriverScanner
2009-03-12 18:52 . 2009-03-12 18:54 <DIR> d--h-c--- c:\documents and settings\All Users\Application Data\{D5ABFFAD-D592-4F98-B02B-587125B4801F}
2009-03-10 22:47 . 2009-03-10 22:47 2,002 --a------ c:\windows\system32\PerfStringBackup.TMP
2009-03-10 12:30 . 2009-03-10 23:51 <DIR> d-------- c:\windows\rnapxs
2009-03-03 18:11 . 2009-03-03 18:11 <DIR> d-------- c:\documents and settings\Owner\IECompatCache
2009-03-03 16:01 . 2009-03-10 12:30 <DIR> d-------- c:\documents and settings\All Users\Application Data\CA-SupportBridge
2009-03-02 19:00 . 2009-03-02 19:00 <DIR> d-------- c:\documents and settings\Owner\Freeze Tag - Dream Machine
2009-03-01 21:53 . 2009-03-01 21:53 <DIR> d-------- c:\documents and settings\Owner\Application Data\VisualShape
2009-03-01 21:53 . 2009-03-01 21:53 <DIR> d-------- c:\documents and settings\All Users\Application Data\VisualShape
2009-02-27 22:57 . 2009-02-27 22:57 <DIR> d--hs---- c:\documents and settings\Efrain\PrivacIE
2009-02-27 22:57 . 2009-02-27 22:57 <DIR> d--hs---- c:\documents and settings\Efrain\IETldCache
2009-02-27 19:58 . 2009-02-27 19:58 <DIR> d-------- c:\documents and settings\All Users\Application Data\Free Ride Games
2009-02-27 19:58 . 2008-06-21 17:28 37,033 --------- c:\windows\FRGT.ico
2009-02-27 19:58 . 2009-02-27 19:58 64 --a------ c:\windows\GPlrLanc.dat
2009-02-27 16:39 . 2009-02-27 16:39 <DIR> d-------- c:\documents and settings\All Users\Application Data\Alawar Stargaze
2009-02-27 13:15 . 2009-02-27 13:15 <DIR> d-------- c:\documents and settings\All Users\Application Data\FlyWheelGames
2009-02-27 12:48 . 2009-02-27 12:48 <DIR> d--hs---- c:\documents and settings\Owner\PrivacIE
2009-02-27 12:03 . 2009-02-27 12:03 <DIR> d--hs---- c:\documents and settings\Owner\IETldCache
2009-02-26 00:16 . 2009-02-26 00:16 <DIR> d-------- c:\windows\ie8updates
2009-02-26 00:10 . 2009-02-26 00:14 <DIR> d--h-c--- c:\windows\ie8
2009-02-26 00:05 . 2009-01-11 01:00 79,360 -----c--- c:\windows\system32\dllcache\iecompat.dll
2009-02-19 14:14 . 2009-02-19 14:14 <DIR> d-------- c:\documents and settings\Owner\Application Data\Boolat Games
2009-02-18 14:23 . 2009-02-18 14:23 <DIR> d-------- c:\windows\Sun
2009-02-15 02:53 . 2009-03-12 22:14 <DIR> d-------- c:\windows\system32\LogFiles
2009-02-14 20:37 . 2008-04-13 20:12 221,184 --a------ c:\windows\system32\wmpns.dll
2009-02-14 20:12 . 2002-07-25 11:33 1,160 --a------ c:\windows\ADDREG.REG
2009-02-14 20:10 . 2009-02-14 20:10 <DIR> d-------- C:\Media
2009-02-14 20:10 . 1999-11-18 02:00 25,088 --------- c:\windows\system32\CTsvcCtl.EXE
2009-02-14 20:10 . 2000-04-20 02:00 24,576 --------- c:\windows\system32\CTMERes.DLL
2009-02-14 20:09 . 2001-05-28 14:47 12,288 --------- c:\windows\system32\AHQCpURes.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-03-13 13:28 --------- d-----w c:\documents and settings\Owner\Application Data\Skype
2009-03-13 13:15 --------- d-----w c:\documents and settings\Owner\Application Data\skypePM
2009-03-13 04:30 64 ----a-w c:\windows\system32\drivers\kmxcfg.u2k7
2009-03-13 04:30 64 ----a-w c:\windows\system32\drivers\kmxcfg.u2k6
2009-03-13 04:30 64 ----a-w c:\windows\system32\drivers\kmxcfg.u2k5
2009-03-13 04:30 64 ----a-w c:\windows\system32\drivers\kmxcfg.u2k4
2009-03-13 04:30 64 ----a-w c:\windows\system32\drivers\kmxcfg.u2k3
2009-03-13 04:30 64 ----a-w c:\windows\system32\drivers\kmxcfg.u2k2
2009-03-13 04:30 64 ----a-w c:\windows\system32\drivers\kmxcfg.u2k1
2009-03-13 04:30 267,350 ----a-w c:\windows\system32\drivers\kmxcfg.u2k0
2009-03-13 04:04 --------- d-----w c:\documents and settings\Owner\Application Data\CallingID
2009-03-13 03:50 --------- d--h--w c:\program files\InstallShield Installation Information
2009-03-13 02:27 --------- d-----w c:\documents and settings\All Users\Application Data\DriverCure
2009-03-13 01:57 --------- d-----w c:\program files\CCleaner
2009-03-13 01:12 --------- d-----w c:\program files\Windows Media Connect 2
2009-03-13 01:02 --------- d-----w c:\program files\MSN Games
2009-03-12 18:29 --------- d-----w c:\program files\Real
2009-03-12 18:21 --------- d-----w c:\program files\Common Files\Adobe AIR
2009-03-10 16:30 --------- d-----w c:\program files\Oberon Media
2009-03-10 16:29 --------- d-----w c:\documents and settings\Owner\Application Data\Pogo Games
2009-03-09 03:52 --------- d---a-w c:\documents and settings\All Users\Application Data\TEMP
2009-03-03 20:08 --------- d-----w c:\program files\CA
2009-03-02 21:59 --------- d-----w c:\program files\RealArcade
2009-02-28 01:18 --------- d-----w c:\program files\Alawar
2009-02-28 00:06 --------- d-----w c:\documents and settings\All Users\Application Data\AlawarWrapper
2009-02-27 23:50 --------- d-----w c:\program files\PlayFirst
2009-02-23 18:21 --------- d-----w c:\documents and settings\Efrain\Application Data\CallingID
2009-02-18 18:31 --------- d-----w c:\documents and settings\Owner\Application Data\WebEx
2009-02-15 00:10 --------- d-----w c:\program files\Creative
2009-02-11 17:05 --------- d-----w c:\program files\Logitech
2009-02-11 17:05 --------- d-----w c:\program files\Common Files\FotoWire
2009-02-11 17:05 --------- d-----w c:\documents and settings\Owner\Application Data\FotoWire
2009-02-11 17:03 81,920 ------r c:\windows\bwUnin-6.1.4.36-8876480L.exe
2009-02-11 16:52 --------- d-----w c:\documents and settings\Owner\Application Data\InstallShield
2009-02-11 16:43 410,984 ----a-w c:\windows\system32\deploytk.dll
2009-02-11 16:43 --------- d-----w c:\program files\Java
2009-02-10 22:59 --------- d-----w c:\documents and settings\Owner\Application Data\DriverCure
2009-02-10 22:59 --------- d-----w c:\documents and settings\All Users\Application Data\ParetoLogic
2009-02-10 22:38 --------- d-----w c:\program files\Zylom Games
2009-02-10 22:17 --------- d-----w c:\program files\Common Files\AVSMedia
2009-02-10 22:17 --------- d-----w c:\program files\AVS4YOU
2009-02-10 22:02 --------- d-----w c:\documents and settings\Owner\Application Data\AVS4YOU
2009-02-10 22:02 --------- d-----w c:\documents and settings\All Users\Application Data\AVS4YOU
2009-02-10 21:41 --------- d-----w c:\documents and settings\Owner\Application Data\GameHouse
2009-02-10 20:29 --------- d-----w c:\program files\Retro64 Games
2009-02-10 03:55 --------- d-----w c:\documents and settings\Owner\Application Data\PlayFirst
2009-02-09 11:13 1,846,784 ----a-w c:\windows\system32\win32k.sys
2009-02-07 05:42 --------- d-----w c:\documents and settings\Efrain\Application Data\Apple Computer
2009-02-06 19:37 --------- d-----w c:\program files\Common Files\logishrd
2009-02-05 04:26 --------- d-----w c:\documents and settings\Owner\Application Data\Zylom
2009-02-05 04:26 --------- d-----w c:\documents and settings\All Users\Application Data\Zylom
2009-02-05 01:32 --------- d-----w c:\program files\Mushroom Age
2009-02-04 03:28 --------- d-----w c:\documents and settings\All Users\Application Data\Trymedia
2009-02-03 22:50 --------- d-----w c:\program files\Common Files\TerraGame Shared
2009-02-03 22:41 --------- d-----w c:\program files\Chill
2009-02-02 04:25 --------- d-----w c:\program files\Common Files\Oberon Media
2009-02-01 05:38 --------- d-----w c:\documents and settings\All Users\Application Data\Mushroom Age
2009-01-30 05:18 --------- d-----w c:\documents and settings\All Users\Application Data\Gogii
2009-01-30 03:48 --------- d-----w c:\documents and settings\All Users\Application Data\MythPeople
2009-01-28 20:20 --------- d-----w c:\documents and settings\All Users\Application Data\NOS
2009-01-27 21:49 --------- d-----w c:\documents and settings\All Users\Application Data\Sandlot Games
2009-01-27 05:18 --------- d-----w c:\documents and settings\Owner\Application Data\Fabulous Finds
2009-01-26 03:38 --------- d-----w c:\documents and settings\All Users\Application Data\PlayFirst
2009-01-15 07:05 911,872 ----a-w c:\windows\system32\wininet.dll
2009-01-15 07:05 43,008 ----a-w c:\windows\system32\licmgr10.dll
2009-01-15 07:04 18,944 ----a-w c:\windows\system32\corpol.dll
2009-01-15 07:03 72,704 ----a-w c:\windows\system32\admparse.dll
2009-01-15 07:03 71,680 ----a-w c:\windows\system32\iesetup.dll
2009-01-15 07:03 420,352 ----a-w c:\windows\system32\vbscript.dll
2009-01-15 07:01 34,304 ----a-w c:\windows\system32\imgutil.dll
2009-01-15 07:00 48,128 ----a-w c:\windows\system32\mshtmler.dll
2009-01-15 07:00 45,568 ----a-w c:\windows\system32\mshta.exe
2009-01-15 06:50 156,160 ----a-w c:\windows\system32\msls31.dll
2009-01-15 06:07 --------- d-----w c:\program files\SweetIM
2009-01-15 06:07 --------- d-----w c:\documents and settings\All Users\Application Data\SweetIM
2009-01-09 03:48 64,664 ----a-w c:\documents and settings\Owner\Application Data\GDIPFONTCACHEV1.DAT
2008-08-28 14:27 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008082820080829\index.dat
2008-09-27 13:52 32,768 --sha-w c:\windows\system32\config\systemprofile\Local Settings\History\History.IE5\MSHist012008092720080928\index.dat
.
((((((((((((((((((((((((((((( SnapShot@2009-03-12_15.48.07.71 )))))))))))))))))))))))))))))))))))))))))
.
+ 2006-09-25 21:58:48 221,488 -c----w c:\windows\$NtUninstallMSCompPackV1$\spuninst\spuninst.exe
+ 2006-09-25 21:58:48 379,184 -c----w c:\windows\$NtUninstallMSCompPackV1$\spuninst\updspapi.dll
+ 2008-04-14 00:11:50 286,720 -c----w c:\windows\$NtUninstallWMFDist11$\blackbox.dll
+ 2008-04-14 00:11:50 159,232 -c----w c:\windows\$NtUninstallWMFDist11$\cewmdm.dll
+ 2008-04-14 00:12:57 695,808 -c----w c:\windows\$NtUninstallWMFDist11$\drmv2clt.dll
+ 2008-04-14 00:11:56 6,656 -c----w c:\windows\$NtUninstallWMFDist11$\laprxy.dll
+ 2008-06-10 08:11:20 103,936 -c----w c:\windows\$NtUninstallWMFDist11$\logagent.exe
+ 2008-04-14 00:11:57 310,272 -c----w c:\windows\$NtUninstallWMFDist11$\mp43dmod.dll
+ 2008-04-14 00:11:57 384,512 -c----w c:\windows\$NtUninstallWMFDist11$\mp4sdmod.dll
+ 2008-04-14 00:11:57 240,640 -c----w c:\windows\$NtUninstallWMFDist11$\mpg4dmod.dll
+ 2008-04-14 00:12:55 259,072 -c----w c:\windows\$NtUninstallWMFDist11$\msnetobj.dll
+ 2008-04-14 00:12:00 52,224 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsnsv.dll
+ 2008-04-14 00:12:00 201,728 -c----w c:\windows\$NtUninstallWMFDist11$\mspmsp.dll
+ 2008-04-14 00:12:56 356,352 -c----w c:\windows\$NtUninstallWMFDist11$\msscp.dll
+ 2008-04-14 00:12:01 245,760 -c----w c:\windows\$NtUninstallWMFDist11$\mswmdm.dll
+ 2008-04-14 00:12:03 237,568 -c----w c:\windows\$NtUninstallWMFDist11$\qasf.dll
+ 2006-05-16 22:11:54 213,216 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\spuninst.exe
+ 2006-05-16 22:11:54 371,424 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\updspapi.dll
+ 2006-11-02 15:46:52 13,312 -c----w c:\windows\$NtUninstallWMFDist11$\spuninst\wpdinstallutil.dll
+ 2008-04-14 00:12:09 408,064 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmod.dll
+ 2008-04-14 00:12:09 670,720 -c----w c:\windows\$NtUninstallWMFDist11$\wmadmoe.dll
+ 2008-04-14 00:12:09 230,912 -c----w c:\windows\$NtUninstallWMFDist11$\wmasf.dll
+ 2008-04-14 00:12:09 27,136 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmlog.dll
+ 2008-04-14 00:12:09 23,552 -c----w c:\windows\$NtUninstallWMFDist11$\wmdmps.dll
+ 2008-04-14 00:12:09 151,552 -c----w c:\windows\$NtUninstallWMFDist11$\wmidx.dll
+ 2008-06-10 11:11:46 1,053,696 -c----w c:\windows\$NtUninstallWMFDist11$\wmnetmgr.dll
+ 2008-04-14 00:12:09 759,296 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmod.dll
+ 2008-04-14 00:12:09 1,119,744 -c----w c:\windows\$NtUninstallWMFDist11$\wmsdmoe2.dll
+ 2008-04-14 00:12:09 485,376 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmod.dll
+ 2008-04-14 00:12:10 897,024 -c----w c:\windows\$NtUninstallWMFDist11$\wmspdmoe.dll
+ 2008-11-07 21:45:32 2,174,976 -c----w c:\windows\$NtUninstallWMFDist11$\wmvcore.dll
+ 2008-04-14 00:12:10 809,984 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmod.dll
+ 2008-04-14 00:12:10 1,001,472 -c----w c:\windows\$NtUninstallWMFDist11$\wmvdmoe2.dll
+ 2008-04-13 17:23:38 8,192 -c----w c:\windows\$NtUninstallwmp11$\asferror.dll
+ 2008-04-14 00:11:57 368,640 -c----w c:\windows\$NtUninstallwmp11$\mpvis.dll
+ 2008-04-14 00:12:35 774,144 -c----w c:\windows\$NtUninstallwmp11$\setup_wm.exe
+ 2006-05-16 22:11:54 213,216 -c----w c:\windows\$NtUninstallwmp11$\spuninst\spuninst.exe
+ 2006-05-16 22:11:54 371,424 -c----w c:\windows\$NtUninstallwmp11$\spuninst\updspapi.dll
+ 2008-04-14 00:12:38 208,896 -c----w c:\windows\$NtUninstallwmp11$\unregmp2.exe
+ 2008-04-13 17:23:24 168,448 -c----w c:\windows\$NtUninstallwmp11$\wmerror.dll
+ 2008-04-14 00:12:09 4,874,240 -c----w c:\windows\$NtUninstallwmp11$\wmp.dll
+ 2008-04-14 00:12:09 114,688 -c----w c:\windows\$NtUninstallwmp11$\wmpasf.dll
+ 2008-04-14 00:12:09 98,304 -c----w c:\windows\$NtUninstallwmp11$\wmpband.dll
+ 2008-04-14 00:12:09 233,472 -c----w c:\windows\$NtUninstallwmp11$\wmpdxm.dll
+ 2008-04-14 00:12:40 73,728 -c----w c:\windows\$NtUninstallwmp11$\wmplayer.exe
+ 2008-04-13 17:28:21 2,940,928 -c----w c:\windows\$NtUninstallwmp11$\wmploc.dll
 
I know you are going to ask for this so here's hijack log:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:32:45, on 3/13/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18372)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
C:\WINDOWS\System32\svchost.exe
C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe
C:\WINDOWS\system32\MsPMSPSv.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
C:\Program Files\Logitech\ImageStudio\LogiTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfsem.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\CAPPActiveProtection.exe
C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Light\CAGlobalLight.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Live Search
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Live Search
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R3 - URLSearchHook: SweetIM ToolbarURLSearchHook Class - {EEE6C35D-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SWEETIE - {EEE6C35C-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O2 - BHO: CA Toolbar Helper - {FBF2401B-7447-4727-BE5D-C19B2075CA84} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: CA Toolbar - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - C:\Program Files\CA\CA Internet Security Suite\CA Website Inspector\Toolbar\CallingIDIE.dll
O3 - Toolbar: SweetIM Toolbar for Internet Explorer - {EEE6C35B-6118-11DC-9C72-001320C79847} - C:\Program Files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll
O4 - HKLM\..\Run: [cctray] "C:\Program Files\CA\CA Internet Security Suite\cctray\cctray.exe"
O4 - HKLM\..\Run: [CAVRID] "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\CAVRID.exe"
O4 - HKLM\..\Run: [capfupgrade] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfupgrade.exe
O4 - HKLM\..\Run: [capfasem] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\capfasem.exe
O4 - HKLM\..\Run: [cafw] C:\Program Files\CA\CA Internet Security Suite\CA Personal Firewall\cafw.exe -cl
O4 - HKLM\..\Run: [SweetIM] C:\Program Files\SweetIM\Messenger\SweetIM.exe
O4 - HKLM\..\Run: [CTHelper] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LVCOMS] C:\Program Files\Common Files\Logitech\QCDriver\LVCOMS.EXE
O4 - HKLM\..\Run: [LogitechGalleryRepair] C:\Program Files\Logitech\ImageStudio\ISStart.exe
O4 - HKLM\..\Run: [LogitechImageStudioTray] C:\Program Files\Logitech\ImageStudio\LogiTray.exe
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2009] C:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\system32\Shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/Miriel%20the%20Magical%20Merchant/Images/stg_drm.ocx
O16 - DPF: {48DD0448-9209-4F81-9F6D-D83562940134} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader1006.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/win...ls/en/x86/client/wuweb_site.cab?1202356277156
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/mic...ls/en/x86/client/muweb_site.cab?1202361035453
O16 - DPF: {95D88B35-A521-472B-A182-BB1A98356421} (Pearson Installation Assistant 2) - http://asp.mathxl.com/books/_Players/PearsonInstallAsst2.cab
O16 - DPF: {9AA73F41-EC64-489E-9A73-9CD52E528BC4} (ZoneAxRcMgr Class) - http://cdn2.zone.msn.com/binframework/v10/ZAxRcMgr.cab31267.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn.com/binFramework/v10/ZIntro.cab56649.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/Mushroom%20Age/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} (GpcContainer Class) - https://sysmexamerica.webex.com/client/T26L10NSP49EP12/event/ieatgpc.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Brother BRAdminPro Scheduler (BRA_Scheduler) - Unknown owner - C:\Program Files\Brother\BRAdmin Professional 3\bratimer.exe
O23 - Service: CaCCProvSP - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe
O23 - Service: CAISafe - Computer Associates International, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\ISafe.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: getPlus(R) Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: CA Pest Patrol Realtime Protection Service (ITMRTSVC) - CA, Inc. - C:\Program Files\CA\SharedComponents\PPRT\bin\ITMRTSVC.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: Process Monitor (LVPrcSrv) - Unknown owner - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe (file missing)
O23 - Service: PPCtlPriv - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Spyware\PPCtlPriv.exe
O23 - Service: PrismXL - Lanovation - C:\Program Files\Common Files\Lanovation\PrismXL\PRISMXL.SYS
O23 - Service: HIPS Event Manager (UmxAgent) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe
O23 - Service: HIPS Configuration Interpreter (UmxCfg) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe
O23 - Service: HIPS Firewall Helper (UmxFwHlp) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxFwHlp.exe
O23 - Service: HIPS Policy Manager (UmxPol) - CA - C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe
O23 - Service: VET Message Service (VETMSGNT) - CA, Inc. - C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\VetMsg.exe

--
End of file - 10964 bytes
 
Do you use SweetIM?

Is System Restore isnt working, disable it, then when we are finished, if you want, you can re-enable it, creating a new restore point.

Are you still having Random Virus issues?
 
No I don't use Sweet IM at all. Thought I would but I don't.

Disable system restore I don't remember how but if you explain I'll do it.

I was the one who had the Win32/VMalum.vvf virus but never finished cleaning up my system and couldn't refigure out how to post a new thread so I posted accidentally to someone else's. But according to you I did get a small virus which is what probably helped wipe my previous system restore dates.
 
Ok, I disabled system restore. It took some looking with these sleepy eyes of mine (since I just woke up and walked straight to the comp), but I did it.
 
Since you asked (LMAO)...

How do you post a new thread cuz i'm getting dizzy reading all about and haven't had my cup of coffee. How often should one check for new driver updates for their system especially a newb? And which website you recommend that's cost efficient and should give no problems to gateway with XP? If I can get the driver updates for free even better. I did registry booster but it only allows to update 15 for free.

I'm having trouble with my Sound Blaster Audigy speakers system I tried the driver update thingy and it didn't update all of it and I still have no sound.
But I'm also having trouble with the logitech cam and I can't web cam my extra curricular activities.
Also having trouble with the original internet card I'm using an ethernet card now. Everything is Drive related from what I see and they are also listed in drives to fix along with some other ones I have no problems with. I'm hopeless ... but still appreciated of ya.
 
Click "New Thread" Red Circled in image below


Almost always go to the manufactures website to get new driver updates.

Remove Registry Booster, waste of space and $$$ if you buy.
 
Status
Not open for further replies.
Back
Top Bottom