[Inactive] Computer slowed down drastically

I have a Dell Inspiron 1720 with Vista SP1. I got a virus about 2 weeks ago and re installed Vista. Everything worked fine for a week, then the computer became slow at some point. I use the computer for music production so I noticed everything slowed down because my projects were suddenly overloading the system.

Anyway, I have tried to work what is wrong. I have scanned with Kaperksy, Ad Aware, Spybot and not found anything. I have checked device manager and everything is working fine. There is plenty of space on the hard disk. I have checked programs running at startup and disabled any unnecessary. I have checked disks for errors.

So what else could it be? And everything worked fine for a week after re installing the operating system, then everything seemed to suddenly slow down. I had been installing a lot of software, but only programs I had on before I re installed the operating system.

Any help appreciated

AW

Have you defraged the hard drive?

I recommend that you install SP 2.

Please, download DDS from one of the 2 mirrors and save it to your desktop.

Mirror 1
Mirror 2

* Disable any script blocking protection (if present)
* Double click the dds icon to run the tool.
* When done, DDS will open two logs:
1. DDS.txt
2. Attach.txt
* Save both reports to your desktop by clicking File>Save As in each log.

Include the contents of both logs in your new topic. The scan will instruct you to post Attach.txt as an attachment. No need for that though ..... just post it's contents as you would any other log.

__________________
My Home Page

Thanks for the replies

Yeah i tried defragging, it said it didn't need doing because it does it automatically so i didn't bother. Il see if SP2 makes a difference as well then.



Heres the 2 logs for Broni,

DDS



DDS (Ver_09-07-30.01) - NTFSx86
Run by Jack at 23:59:31.56 on 09/08/2009
Internet Explorer: 8.0.6001.18813
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2045.1133 [GMT 1:00]

AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
SP: Kaspersky Anti-Virus *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}

============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\STacSV.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\ico.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Windows\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\Jack\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Users\Jack\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Users\Jack\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Users\Jack\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Users\Jack\AppData\Local\Google\Chrome\Applicat ion\chrome.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Jack\Desktop\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www1.euro.dell.com/content/default.aspx?c=eu&l=en&s=gen
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www1.euro.dell.com/content/default.aspx?c=eu&l=en&s=gen
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll
BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\ievkbd.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
uRun: [DellSupport] "c:\program files\dellsupport\DSAgnt.exe" /startup
uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun: [Apoint] c:\program files\delltpad\Apoint.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [PMX Daemon] ICO.EXE
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [<NO NAME>]
mRun: [adiras] adiras.exe
mRun: [AVP] "c:\program files\kaspersky lab\kaspersky anti-virus 2010\avp.exe"
mRun: [M-Audio Taskbar Icon] c:\windows\system32\M-AudioTaskBarIcon.exe
mRun: [SigmatelSysTrayApp] sttray.exe
mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [NVHotkey] rundll32.exe c:\windows\system32\nvHotkey.dll,Start
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\sta rtup\dslmon.lnk - c:\program files\sagem\sagem f@st 800-840\dslmon.exe
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\sta rtup\quickset.lnk - c:\windows\installer\{7f0c4457-8e64-491b-8d7b-991504365d1e}\NewShortcut2_53A01CC614B04512A2E710D 39BF83DC4.exe
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0\bin\npjpi160.dll
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - c:\program files\kaspersky lab\kaspersky anti-virus 2010\klwtbbho.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~1\spybot~1\SDHelper.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
TCP: {0BBFCCCF-B79E-4C90-8246-38798C641273} = 212.139.132.20 212.139.132.21
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~3\office12\GR99D3~1.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
Notify: klogon - c:\windows\system32\klogon.dll
AppInit_DLLs: c:\progra~1\kasper~1\kasper~1\mzvkbd.dll,c:\progra ~1\kasper~1\kasper~1\mzvkbd3.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~3\office12\GRA8E1~1.DLL

============= SERVICES / DRIVERS ===============

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\system32\drivers\klbg.sys [2008-12-15 33808]
R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [2009-8-5 64160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\system32\drivers\klim6.sys [2009-5-15 21008]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\spybot - search & destroy\SDWinSec.exe [2009-8-5 1153368]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\system32\drivers\klmouflt.sys [2009-5-16 19472]
R3 MAUSBFTP;Service for M-Audio Fast Track Pro (WDM);c:\windows\system32\drivers\mausb.sys [2009-7-23 143624]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\system32\drivers\OEM02Dev.sys [2007-10-10 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\system32\drivers\OEM02Vfx.sys [2007-11-8 7424]
R3 USBKT1X1;M-Audio USB Keystation;c:\windows\system32\drivers\usbkt1x1.sy s [2009-7-23 22304]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\lavasoft\ad-aware\AAWService.exe [2009-7-3 1029456]
S3 UKS11LDR;M-Audio USB Keystation Loader;c:\windows\system32\drivers\uks11ldr.sys [2009-7-23 13504]

=============== Created Last 30 ================

2009-08-06 14:20 <DIR> --d----- C:\registry backup
2009-08-06 14:17 <DIR> --d----- c:\program files\CCleaner
2009-08-05 19:44 <DIR> --d----- c:\programdata\Spybot - Search & Destroy
2009-08-05 19:44 <DIR> --d----- c:\program files\Spybot - Search & Destroy
2009-08-05 19:44 <DIR> --d----- c:\progra~2\Spybot - Search & Destroy
2009-08-05 19:35 15,688 a------- c:\windows\system32\lsdelete.exe
2009-08-05 16:36 64,160 a------- c:\windows\system32\drivers\Lbd.sys
2009-08-05 16:30 <DIR> -cd-h--- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-05 16:30 <DIR> -cd-h--- c:\progra~2\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-05 16:30 <DIR> --d----- c:\programdata\Lavasoft
2009-08-05 16:30 <DIR> --d----- c:\program files\Lavasoft
2009-08-04 19:41 <DIR> --d----- c:\users\jack\appdata\roaming\Uniblue
2009-08-04 19:40 <DIR> -cd-h--- c:\programdata\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
2009-08-04 19:40 <DIR> -cd-h--- c:\progra~2\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
2009-08-04 19:10 <DIR> --d----- c:\users\jack\appdata\roaming\Malwarebytes
2009-08-04 19:10 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-04 19:10 <DIR> --d----- c:\programdata\Malwarebytes
2009-08-04 19:10 <DIR> --d----- c:\progra~2\Malwarebytes
2009-08-04 19:09 19,096 a------- c:\windows\system32\drivers\mbam.sys
2009-08-04 19:09 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware
2009-08-04 18:15 <DIR> --d----- c:\programdata\NVIDIA
2009-08-04 17:43 97,800 a------- c:\windows\system32\infocardapi.dll
2009-08-04 17:43 105,016 a------- c:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2009-08-04 17:43 37,384 a------- c:\windows\system32\infocardcpl.cpl
2009-08-04 17:43 622,080 a------- c:\windows\system32\icardagt.exe
2009-08-04 17:43 11,264 a------- c:\windows\system32\icardres.dll
2009-08-04 17:43 43,544 a------- c:\windows\system32\PresentationHostProxy.dll
2009-08-04 17:43 781,344 a------- c:\windows\system32\PresentationNative_v0300.dll
2009-08-04 17:43 326,160 a------- c:\windows\system32\PresentationHost.exe
2009-08-04 17:21 96,760 a------- c:\windows\system32\dfshim.dll
2009-08-04 17:21 282,112 a------- c:\windows\system32\mscoree.dll
2009-08-04 17:21 41,984 a------- c:\windows\system32\netfxperf.dll
2009-08-04 17:20 158,720 a------- c:\windows\system32\mscorier.dll
2009-08-04 17:20 83,968 a------- c:\windows\system32\mscories.dll
2009-08-04 17:15 <DIR> --d----- c:\windows\pss
2009-07-28 11:13 106,605 a------- c:\windows\system32\StructuredQuerySchema.bin
2009-07-28 10:32 891,448 a------- c:\windows\system32\drivers\tcpip.sys
2009-07-27 23:06 <DIR> --d----- C:\PerfLogs
2009-07-27 11:34 32,592 a------- c:\windows\system32\msonpmon.dll
2009-07-27 11:31 <DIR> --d----- c:\windows\PCHEALTH
2009-07-27 11:29 <DIR> --d----- c:\program files\Microsoft Visual Studio 8
2009-07-27 11:27 <DIR> --d----- c:\programdata\Microsoft Help
2009-07-27 10:35 <DIR> --d----- c:\program files\PowerISO
2009-07-27 00:01 <DIR> --d----- c:\users\jack\appdata\roaming\BitTorrent
2009-07-27 00:01 <DIR> --d----- c:\program files\BitTorrent
2009-07-26 22:54 <DIR> --d----- c:\program files\common files\PX Storage Engine
2009-07-26 21:58 <DIR> --d----- c:\program files\BitLord
2009-07-26 20:27 280,809,151 a------- c:\windows\MEMORY.DMP
2009-07-24 19:32 0 a------- c:\users\jack\appdata\roaming\wklnhst.dat
2009-07-24 18:03 <DIR> --d----- c:\program files\HarBal 1.5
2009-07-24 17:57 <DIR> --d----- c:\program files\Roger Nichols Digital, Inc
2009-07-24 17:47 295,000 a------- c:\windows\system32\temp.000
2009-07-24 17:47 <DIR> --d----- c:\program files\TC Native Bundle DX 2.02
2009-07-24 17:44 <DIR> --d----- c:\program files\PSP VintageWarmer
2009-07-24 17:43 <DIR> --d----- c:\program files\common files\iZotope
2009-07-24 17:43 <DIR> --d----- c:\program files\iZotope
2009-07-24 17:12 765,952 a------- c:\windows\system32\msvcp71d.dll
2009-07-24 17:12 544,768 a------- c:\windows\system32\msvcr71d.dll
2009-07-24 17:12 <DIR> --d----- c:\program files\Nomad Factory
2009-07-24 16:58 86,016 a------- c:\windows\unvise32.exe
2009-07-24 16:58 <DIR> --d----- C:\Ohm Force
2009-07-24 14:55 <DIR> --d----- c:\program files\VirSyn Software Synthesizer
2009-07-24 14:54 1,777,664 a------- c:\windows\system32\gdiplus.dll
2009-07-24 14:34 <DIR> --d----- c:\program files\common files\Native Instruments
2009-07-24 14:34 <DIR> --d----- c:\program files\Native Instruments
2009-07-24 14:28 <DIR> --d----- c:\program files\Steinberg
2009-07-24 14:19 <DIR> --d----- c:\program files\GFORCE_SOFTWARE
2009-07-24 14:05 368,640 a------- c:\windows\system32\ReWire.dll
2009-07-24 14:05 233,472 a------- c:\windows\system32\REX Shared Library.dll
2009-07-24 11:15 1,788,928 a------- c:\windows\system32\d3d9.dll
2009-07-24 11:14 444,416 a------- c:\windows\system32\dsound.dll
2009-07-24 11:13 407,040 a------- c:\windows\system32\dpapimig.exe
2009-07-24 11:12 86,528 a------- c:\windows\system32\dskquota.dll
2009-07-24 11:11 723 a------- c:\windows\system32\wbem\wzcdlg.mof
2009-07-24 11:10 218,624 a------- c:\windows\system32\wdscore.dll
2009-07-24 11:10 130,560 a------- c:\windows\system32\PkgMgr.exe
2009-07-24 11:10 246,784 a------- c:\windows\system32\drvstore.dll
2009-07-24 11:10 305,152 a------- c:\windows\system32\msdelta.dll
2009-07-24 11:10 258,560 a------- c:\windows\system32\dpx.dll
2009-07-24 11:10 35,328 a------- c:\windows\system32\mspatcha.dll
2009-07-23 16:14 <DIR> --d----- C:\Temporary Conversions
2009-07-23 16:14 <DIR> --d----- C:\presets
2009-07-23 16:14 <DIR> --d----- C:\default
2009-07-23 16:13 393,216 a------- c:\windows\system32\NI_IRC_1_2.dll
2009-07-23 16:13 1,870,336 a------- c:\windows\system32\bconvert.dll
2009-07-23 16:13 61,440 a------- c:\windows\system32\NI_DFD_1_5.dll
2009-07-23 15:49 724,992 a------- c:\windows\iun6002.exe
2009-07-23 15:48 <DIR> --d----- c:\program files\M-Audio USB Keyboard Device
2009-07-23 15:48 82,944 a------- c:\windows\system32\usbkt1x1.dll
2009-07-23 15:48 22,304 a------- c:\windows\system32\drivers\usbkt1x1.sys
2009-07-23 15:48 13,504 a------- c:\windows\system32\drivers\uks11ldr.sys
2009-07-23 15:25 <DIR> --d----- c:\program files\Ableton
2009-07-23 14:58 <DIR> --d----- c:\programdata\Ableton
2009-07-23 14:58 <DIR> --d----- c:\progra~2\Ableton
2009-07-23 14:58 <DIR> --d----- c:\users\jack\appdata\roaming\Ableton
2009-07-23 14:22 56 a---h--- c:\programdata\ezsidmv.dat
2009-07-23 14:22 56 a---h--- c:\progra~2\ezsidmv.dat
2009-07-23 14:17 <DIR> --d--r-- c:\program files\Skype
2009-07-23 14:17 <DIR> --d----- c:\programdata\Skype
2009-07-23 13:58 <DIR> --d----- C:\My tunes
2009-07-23 13:55 <DIR> --d----- C:\Music projects
2009-07-23 13:51 107,368 a------- c:\windows\system32\GEARAspi.dll
2009-07-23 13:51 23,400 a------- c:\windows\system32\drivers\GEARAspiWDM.sys
2009-07-23 13:51 <DIR> --d----- c:\program files\iPod
2009-07-23 13:51 <DIR> --d----- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-23 13:51 <DIR> --d----- c:\program files\iTunes
2009-07-23 13:51 <DIR> --d----- c:\progra~2\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-23 13:50 <DIR> --d----- c:\program files\Bonjour
2009-07-23 13:49 <DIR> --d----- c:\programdata\Apple Computer
2009-07-23 13:46 <DIR> --d----- C:\Jacks Samples
2009-07-23 13:46 <DIR> --d----- c:\programdata\Apple
2009-07-23 13:45 <DIR> --d----- C:\Jacks Comps
2009-07-23 13:33 <DIR> --d----- C:\DJ tunes
2009-07-23 11:20 2,519,712 a------- c:\windows\system32\madiousb.dll
2009-07-23 11:20 356,864 a------- c:\windows\system32\M-AudioTaskBarIcon.exe
2009-07-23 11:20 252,424 a------- c:\windows\system32\M-AudioFastTrackProControlPanelApplet.cpl
2009-07-23 11:20 143,624 a------- c:\windows\system32\drivers\mausb.sys
2009-07-23 11:20 28,680 a------- c:\windows\system32\mausbasio.dll
2009-07-23 11:19 <DIR> --d----- c:\program files\M-Audio
2009-07-23 11:18 <DIR> --d----- C:\Software
2009-07-23 10:24 269,312 a------- c:\windows\system32\es.dll
2009-07-22 11:55 361,984 a------- c:\windows\system32\IPSECSVC.DLL
2009-07-22 11:55 272,896 a------- c:\windows\system32\polstore.dll
2009-07-22 11:55 61,440 a------- c:\windows\system32\winipsec.dll
2009-07-22 11:55 28,672 a------- c:\windows\system32\FwRemoteSvr.dll
2009-07-22 11:54 1,820 a------- c:\windows\system32\rasctrnm.h
2009-07-22 11:53 241,152 a------- c:\windows\system32\PortableDeviceApi.dll
2009-07-22 11:53 160,768 a------- c:\windows\system32\PortableDeviceTypes.dll
2009-07-22 11:53 94,720 a------- c:\windows\system32\PortableDeviceClassExtension.d ll
2009-07-22 11:52 428,544 a------- c:\windows\system32\EncDec.dll
2009-07-22 11:52 293,376 a------- c:\windows\system32\psisdecd.dll
2009-07-22 11:52 217,088 a------- c:\windows\system32\psisrndr.ax
2009-07-22 11:52 177,664 a------- c:\windows\system32\mpg2splt.ax
2009-07-22 11:52 80,896 a------- c:\windows\system32\MSNP.ax
2009-07-22 11:52 69,632 a------- c:\windows\system32\Mpeg2Data.ax
2009-07-22 11:52 57,856 a------- c:\windows\system32\MSDvbNP.ax
2009-07-22 11:52 12,880 a------- c:\windows\system32\wbem\wlan.mof
2009-07-22 11:50 2,033,152 a------- c:\windows\system32\win32k.sys
2009-07-22 11:50 289,792 a------- c:\windows\system32\atmfd.dll
2009-07-22 11:50 156,672 a------- c:\windows\system32\t2embed.dll
2009-07-22 11:50 34,304 a------- c:\windows\system32\atmlib.dll
2009-07-22 11:50 72,704 a------- c:\windows\system32\fontsub.dll
2009-07-22 11:50 23,552 a------- c:\windows\system32\lpk.dll
2009-07-22 11:50 10,240 a------- c:\windows\system32\dciman32.dll
2009-07-22 11:49 376,832 a------- c:\windows\system32\winhttp.dll
2009-07-22 11:48 296,960 a------- c:\windows\system32\gdi32.dll
2009-07-22 11:47 212,480 a------- c:\windows\system32\drivers\mrxsmb10.sys
2009-07-22 11:46 562,176 a------- c:\windows\system32\msdtcprx.dll
2009-07-22 11:46 38,912 a------- c:\windows\system32\xolehlp.dll
2009-07-22 11:46 28,672 a------- c:\windows\system32\Apphlpdm.dll
2009-07-22 11:46 4,240,384 a------- c:\windows\system32\GameUXLegacyGDFs.dll
2009-07-22 11:46 1,695,744 a------- c:\windows\system32\gameux.dll
2009-07-22 11:45 303,616 a------- c:\windows\system32\wmpeffects.dll
2009-07-22 11:45 1,191,936 a------- c:\windows\system32\msxml3.dll
2009-07-22 11:45 2,048 a------- c:\windows\system32\msxml3r.dll
2009-07-22 11:42 2,048 a------- c:\windows\system32\tzres.dll
2009-07-22 11:41 8,147,456 a------- c:\windows\system32\wmploc.DLL
2009-07-22 11:41 7,680 a------- c:\windows\system32\spwmp.dll
2009-07-22 11:41 4,096 a------- c:\windows\system32\msdxm.ocx
2009-07-22 11:41 4,096 a------- c:\windows\system32\dxmasf.dll
2009-07-22 11:39 636,928 a------- c:\windows\system32\localspl.dll
2009-07-22 11:37 2,927,104 a------- c:\windows\explorer.exe
2009-07-22 11:34 1,808,896 a------- c:\windows\system32\NlsLexicons0046.dll
2009-07-22 11:34 1,793,536 a------- c:\windows\system32\NlsLexicons0045.dll
2009-07-22 11:34 1,411,072 a------- c:\windows\system32\NlsLexicons0047.dll
2009-07-22 11:34 2,136,064 a------- c:\windows\system32\NlsLexicons0021.dll
2009-07-22 11:34 1,782,272 a------- c:\windows\system32\NlsLexicons0039.dll
2009-07-22 11:34 1,558,016 a------- c:\windows\system32\NlsLexicons0049.dll
2009-07-22 11:34 1,236,992 a------- c:\windows\system32\NlsLexicons0020.dll
2009-07-22 11:34 5,499,904 a------- c:\windows\system32\NlsLexicons0022.dll
2009-07-22 11:34 7,964,672 a------- c:\windows\system32\NlsLexicons0024.dll
2009-07-22 11:31 6,656 a------- c:\windows\system32\kbd106n.dll
2009-07-22 11:31 988,216 a------- c:\windows\system32\winload.exe
2009-07-22 11:31 927,288 a------- c:\windows\system32\winresume.exe
2009-07-22 11:31 378,368 a------- c:\windows\system32\srcore.dll
2009-07-22 11:31 318,464 a------- c:\windows\system32\rstrui.exe
2009-07-22 11:31 40,960 a------- c:\windows\system32\srclient.dll
2009-07-22 11:31 14,848 a------- c:\windows\system32\srdelayed.exe
2009-07-22 11:31 615,992 a------- c:\windows\system32\ci.dll
2009-07-22 11:31 46,592 a------- c:\windows\system32\setbcdlocale.dll
2009-07-22 11:31 19,000 a------- c:\windows\system32\kd1394.dll
2009-07-22 11:27 1,255,936 a------- c:\windows\system32\lsasrv.dll
2009-07-22 11:27 441,400 a------- c:\windows\system32\drivers\ksecdd.sys
2009-07-22 11:27 72,704 a------- c:\windows\system32\secur32.dll
2009-07-22 11:27 9,728 a------- c:\windows\system32\lsass.exe
2009-07-22 11:27 24,064 a------- c:\windows\system32\amxread.dll
2009-07-22 11:27 13,824 a------- c:\windows\system32\apilogen.dll
2009-07-22 11:27 13,780 a------- c:\windows\system32\wbem\lsasrv.mof
2009-07-22 11:27 712,704 a------- c:\windows\system32\WindowsCodecs.dll
2009-07-22 11:27 425,472 a------- c:\windows\system32\PhotoMetadataHandler.dll
2009-07-22 11:27 347,136 a------- c:\windows\system32\WindowsCodecsExt.dll
2009-07-22 11:25 443,392 a------- c:\windows\system32\win32spl.dll
2009-07-22 11:25 37,888 a------- c:\windows\system32\printcom.dll
2009-07-22 11:25 113,664 a------- c:\windows\system32\drivers\rmcast.sys
2009-07-22 11:25 14,848 a------- c:\windows\system32\wshrm.dll
2009-07-22 11:16 288,768 a------- c:\windows\system32\drivers\srv.sys
2009-07-22 11:09 268,288 a------- c:\windows\system32\schannel.dll
2009-07-22 11:02 2,868,736 a------- c:\windows\system32\mf.dll
2009-07-22 11:02 98,816 a------- c:\windows\system32\mfps.dll
2009-07-22 11:02 53,248 a------- c:\windows\system32\rrinstaller.exe
2009-07-22 11:02 2,048 a------- c:\windows\system32\mferror.dll
2009-07-22 11:02 24,576 a------- c:\windows\system32\mfpmp.exe
2009-07-22 11:02 94,720 a------- c:\windows\system32\logagent.exe
2009-07-22 11:02 996,352 a------- c:\windows\system32\WMNetMgr.dll
2009-07-22 10:54 84,480 a------- c:\windows\system32\INETRES.dll
2009-07-22 10:54 738,304 a------- c:\windows\system32\inetcomm.dll
2009-07-22 10:53 1,645,568 a------- c:\windows\system32\connect.dll
2009-07-22 10:52 784,896 a------- c:\windows\system32\rpcrt4.dll
2009-07-22 10:52 1,314,816 a------- c:\windows\system32\quartz.dll
2009-07-22 10:50 <DIR> --d----- c:\program files\MSXML 4.0
2009-07-22 10:47 1,334,272 a------- c:\windows\system32\msxml6.dll
2009-07-22 10:47 2,048 a------- c:\windows\system32\msxml6r.dll
2009-07-21 16:18 604,140 a--sh--- c:\windows\system32\drivers\ISwift3.dat
2009-07-21 16:18 105,395 a------- c:\windows\system32\drivers\klin.dat
2009-07-21 16:18 94,643 a------- c:\windows\system32\drivers\klick.dat
2009-07-21 16:17 <DIR> --d----- c:\programdata\Kaspersky Lab
2009-07-21 16:17 <DIR> --d----- c:\program files\Kaspersky Lab
2009-07-21 16:17 <DIR> --d----- c:\progra~2\Kaspersky Lab
2009-07-21 16:06 1,524,736 a------- c:\windows\system32\wucltux.dll
2009-07-21 16:05 <DIR> --d----- c:\programdata\Kaspersky Lab Setup Files
2009-07-21 16:05 <DIR> --d----- c:\progra~2\Kaspersky Lab Setup Files
2009-07-21 16:05 83,456 a------- c:\windows\system32\wudriver.dll
2009-07-21 16:05 162,064 a------- c:\windows\system32\wuwebv.dll
2009-07-21 16:05 31,232 a------- c:\windows\system32\wuapp.exe
2009-07-21 15:54 <DIR> --d----- c:\program files\SAGEM
2009-07-21 15:53 2,238 a------- c:\windows\TiscaliHelp04.ico
2009-07-21 15:53 <DIR> --d----- c:\program files\Tiscali Broadband
2009-07-21 15:42 <DIR> --d----- c:\windows\system32\drivers\Drivers
2009-07-21 15:42 143,360 a------- c:\windows\autoclk.exe
2009-07-21 15:42 184 a------- C:\setuplog.exe
2009-07-21 15:27 27,240 a------- c:\users\jack\appdata\roaming\nvModes.dat
2009-07-20 20:36 <DIR> --d----- c:\users\Jack
2009-07-20 20:30 <DIR> --dsh--- c:\programdata\Documents
2009-07-20 17:12 <DIR> --d----- C:\pictures

==================== Find3M ====================

2009-08-04 18:04 143,360 a------- c:\windows\inf\infstrng.dat
2009-08-04 18:04 51,200 a------- c:\windows\inf\infpub.dat
2009-08-04 18:04 86,016 a------- c:\windows\inf\infstor.dat
2009-07-27 23:15 174 a--sh--- c:\program files\desktop.ini
2009-07-27 23:06 665,600 a------- c:\windows\inf\drvindex.dat
2009-07-27 15:11 101,888 a------- c:\windows\system32\ifxcardm.dll
2009-07-27 15:11 82,432 a------- c:\windows\system32\axaltocm.dll
2009-07-22 11:46 2,560 a------- c:\windows\apppatch\AcRes.dll
2009-07-22 11:46 2,154,496 a------- c:\windows\apppatch\AcGenral.dll
2009-07-22 11:46 541,696 a------- c:\windows\apppatch\AcLayers.dll
2009-07-22 11:46 460,288 a------- c:\windows\apppatch\AcSpecfc.dll
2009-07-22 11:46 173,056 a------- c:\windows\apppatch\AcXtrnal.dll
2009-07-22 11:46 52,736 a------- c:\windows\apppatch\iebrshim.dll
2009-07-22 11:29 551,424 a------- c:\windows\system32\rpcss.dll
2009-07-22 11:27 40,960 a------- c:\windows\apppatch\apihex86.dll
2009-07-21 22:52 915,456 a------- c:\windows\system32\wininet.dll
2009-07-21 22:47 109,056 a------- c:\windows\system32\iesysprep.dll
2009-07-21 22:47 71,680 a------- c:\windows\system32\iesetup.dll
2009-07-21 21:13 133,632 a------- c:\windows\system32\ieUnatt.exe
2009-07-21 16:14 128,016 a------- c:\windows\system32\drivers\kl1.sys
2009-07-21 15:54 23 a------- c:\windows\system32\drivers\adidsl.cfg
2009-05-25 05:21 219,664 a------- c:\windows\system32\klogon.dll
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfi.dat
2006-11-02 13:42 287,440 a------- c:\windows\inf\perflib\0409\perfh.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfd.dat
2006-11-02 13:42 30,674 a------- c:\windows\inf\perflib\0409\perfc.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfi.dat
2006-11-02 10:20 287,440 a------- c:\windows\inf\perflib\0000\perfh.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfd.dat
2006-11-02 10:20 30,674 a------- c:\windows\inf\perflib\0000\perfc.dat
2007-11-08 15:03 76 a--shr-- c:\windows\CT4CET.bin
2007-11-08 22:43 8,192 a--sh--- c:\windows\users\default\NTUSER.DAT

============= FINISH: 0:02:38.01 ===============



Attach



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-07-30.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume3
Install Date: 08/11/2007 13:49:50
System Uptime: 08/09/2009 17:27:10 (-713 hours ago)

Motherboard: Dell Inc. | | 0UK437
Processor: Intel(R) Core(TM)2 Duo CPU T7250 @ 2.00GHz | Microprocessor | 800/200mhz

==== Disk Partitions =========================

C: is FIXED (NTFS) - 99 GiB total, 51.325 GiB free.
D: is FIXED (NTFS) - 10 GiB total, 6.092 GiB free.
E: is CDROM ()
F: is FIXED (FAT32) - 233 GiB total, 118.592 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP73: 04/08/2009 17:18:10 - Windows Update
RP74: 05/08/2009 12:07:29 - Scheduled Checkpoint
RP75: 05/08/2009 15:30:53 - Windows Update
RP76: 05/08/2009 20:35:55 - u ook

==== Installed Programs ======================

Ad-Aware
Adobe Flash Player 10 Plugin
Adobe Flash Player ActiveX
Adobe Reader 7.0.8
Advanced Audio FX Engine
Advanced Video FX Engine
Apple Mobile Device Support
Apple Software Update
BBE D82 Sonic Maximizer VST RTAS v2.0
BitTorrent
Bonjour
Broadcom Management Programs
CCleaner (remove only)
ConcreteFX Kubik VSTi
Conexant HDA D330 MDC V.92 Modem
Dell System Customization Wizard
Dell Touchpad
Dell Webcam Center
Dell Webcam Manager
DellSupport
Digital Line Detect
Fast Track Pro
GFORCE_SOFTWARE_MINIMONSTA_RTAS_VSTi_v1.04-PLZ
Google Chrome
HarBal v1.5
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iTunes
iZotope Ozone 3
iZotope Trash
Java(TM) SE Runtime Environment 6
Junglist VST Instrument
Kaspersky Anti-Virus 2010
Laptop Integrated Webcam Driver (1.04.01.1011)
Live 7.0.3
Live! Cam Avatar Creator
Live! Cam Avatar v1.0
Malwarebytes' Anti-Malware
MediaDirect
Microsoft .NET Framework 3.5 SP1
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Works
Modem Diagnostic Tool
Mouse Suite for Laptop Computers
MSXML 4.0 SP2 (KB954430)
Native Instruments Absynth 4
Native Instruments FM8
Native.Instruments Battery v3.0.1.005 VSTi DXi RTAS
NetWaiting
NomadFactory Blue Tubes Dynamics Pack VST RTAS v3.2
NomadFactory Blue Tubes Effects Pack VST RTAS v3.2
NomadFactory Blue Tubes Equalizers Pack VST RTAS v3.2
NomadFactory BlueVerb DRV-2080 VST RTAS v1.4
NomadFactory Essential Studio Suite VST RTAS v1.5
NomadFactory Limiting Amplifier LM-662 VST RTAS v1.3
NomadFactory Liquid Bundle VST RTAS v2.4
NomadFactory Program Equalizer EQP-4 VST RTAS v1.3
NomadFactory Rock Amp Legends VST RTAS v1.5
NomadFactory Studio Channel SC-226 VST RTAS v1.3
NVIDIA Drivers
Ohmforce Ohmboyz VST PRO v1.31
OhmForce Ohmygod VST2
Orange Preload
OutlookAddinSetup
PowerISO
PSP VintageWarmer 1.1
QuickSet
QuickTime
reFX JunoX2 VST v1.3
reFX Vanguard VSTi v1.6.1
rgc:audio z3ta+ VSTi v1.4
Rob Papen Albino 3
Roger Nichols Digital DETAILER VST RTAS v1.2
Roxio Creator Audio
Roxio Creator BDAV Plugin
Roxio Creator Copy
Roxio Creator Data
Roxio Creator DE
Roxio Creator Tools
Roxio Express Labeler
Roxio MyDVD DE
Roxio Update Manager
SAGEM F@st 800-840
SigmaTel Audio
Skype™ 4.1
Sonic Activation Module
Spybot - Search & Destroy
TC Native Bundle DX VST v2.02
Tiscali Internet
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
USB Keyboard Device 1.0.1.0
User's Guides
Virsyn Tera VSTi RTAS v3.2.1
WinRAR archiver

==== End Of File ===========================

I don't see much yet, but let's double check. If necessary, I'll move this topic.


Please download ComboFix from Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**

1. Please, never rename Combofix unless instructed.
2. Close any open browsers.
3. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.
   
   • Very Important! Temporarily disable your anti-virus, script blocking and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
   • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
   
   
   • Close any open browsers.
   • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
   • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
   • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
4. Double click on combofix.exe & follow the prompts.
5. When finished, it will produce a report for you.
6. Please post the "C:\ComboFix.txt" along with a new HijackThis log for further review.

**Note: Do not mouseclick combofix's window while it's running. That may cause it to stall**

Make sure, you re-enable your security programs, when you're done with Combofix.

DO NOT make any other changes to your computer (like installing programs, using other cleaning tools, etc.), until it's officially declared clean!!!


Download HijackThis:
TrendSecure | Download TrendMicro HijackThis
by clicking on Download HijackThis Installer
Install, and run it.
Post HijackTHis log.
Do NOT attempt to fix anything!

NOTE. If you're using Vista, right click on HijackThis, and click Run as Administrator

__________________
My Home Page

Well I keep trying to run Combofix, but it keeps saying Kapersky is still open even though I have closed it from the system tray.

Any idea why that is?

It's fine then. Run it.

__________________
My Home Page

Here we go.....



ComboFix 09-08-09.04 - Jack 11/08/2009 10:39.2.2 - NTFSx86
Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.44.1033.18.2045.1162 [GMT 1:00]
Running from: c:\users\Jack\Desktop\ComboFix.exe
AV: Kaspersky Anti-Virus *On-access scanning enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Kaspersky Anti-Virus *enabled* (Updated) {2C4D4BC6-0793-4956-A9F9-E252435469C0}
SP: Lavasoft Ad-Watch Live! *disabled* (Updated) {67844DAE-4F77-4D69-9457-98E8CFFDAA22}
SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((( Files Created from 2009-07-11 to 2009-08-11 )))))))))))))))))))))))))))))))
.

2009-08-11 09:53 . 2009-08-11 09:53 -------- d-----w- c:\users\Jack\AppData\Local\temp
2009-08-11 09:53 . 2009-08-11 09:53 -------- d-----w- c:\users\User\AppData\Local\temp
2009-08-11 09:53 . 2009-08-11 09:53 -------- d-----w- c:\users\Public\AppData\Local\temp
2009-08-11 09:53 . 2009-08-11 09:53 -------- d-----w- c:\users\Default\AppData\Local\temp
2009-08-07 00:06 . 2009-08-07 00:06 -------- d-----w- c:\users\Jack\AppData\Roaming\CyberLink
2009-08-06 13:20 . 2009-08-06 13:20 -------- d-----w- C:\registry backup
2009-08-06 13:17 . 2009-08-06 13:17 -------- d-----w- c:\program files\CCleaner
2009-08-05 18:44 . 2009-08-05 19:30 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-08-05 18:44 . 2009-08-05 19:18 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-08-05 18:35 . 2009-07-03 14:49 15688 ----a-w- c:\windows\system32\lsdelete.exe
2009-08-05 15:36 . 2009-07-03 14:49 64160 ----a-w- c:\windows\system32\drivers\Lbd.sys
2009-08-05 15:30 . 2009-08-05 15:30 -------- dc-h--w- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}
2009-08-05 15:30 . 2009-07-08 17:28 2920112 -c--a-w- c:\programdata\{EF63305C-BAD7-4144-9208-D65528260864}\Ad-AwareAE.exe
2009-08-05 15:30 . 2009-08-05 15:36 -------- d-----w- c:\programdata\Lavasoft
2009-08-05 15:30 . 2009-08-05 15:30 -------- d-----w- c:\program files\Lavasoft
2009-08-04 18:41 . 2009-08-04 18:41 -------- d-----w- c:\users\Jack\AppData\Roaming\Uniblue
2009-08-04 18:41 . 2009-06-29 04:36 2568260 -c----w- c:\programdata\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}\Uniblue RegistryBooster.exe
2009-08-04 18:40 . 2009-08-04 23:06 -------- dc-h--w- c:\programdata\{81D4BDA8-1F33-4633-B176-8A7E942ABDE1}
2009-08-04 18:10 . 2009-08-04 18:10 -------- d-----w- c:\users\Jack\AppData\Roaming\Malwarebytes
2009-08-04 18:10 . 2009-08-03 12:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-08-04 18:10 . 2009-08-04 18:10 -------- d-----w- c:\programdata\Malwarebytes
2009-08-04 18:09 . 2009-08-04 18:10 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-08-04 18:09 . 2009-08-03 12:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-08-04 17:15 . 2009-08-04 20:38 -------- d-----w- c:\programdata\NVIDIA
2009-08-04 16:43 . 2008-06-20 01:14 97800 ----a-w- c:\windows\system32\infocardapi.dll
2009-08-04 16:43 . 2008-06-20 01:14 105016 ----a-w- c:\windows\system32\PresentationCFFRasterizerNativ e_v0300.dll
2009-08-04 16:43 . 2008-06-20 01:14 11264 ----a-w- c:\windows\system32\icardres.dll
2009-08-04 16:43 . 2008-06-20 01:14 622080 ----a-w- c:\windows\system32\icardagt.exe
2009-08-04 16:43 . 2008-06-20 01:14 43544 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2009-08-04 16:43 . 2008-06-20 01:14 781344 ----a-w- c:\windows\system32\PresentationNative_v0300.dll
2009-08-04 16:43 . 2008-06-20 01:14 326160 ----a-w- c:\windows\system32\PresentationHost.exe
2009-08-04 16:21 . 2008-07-27 18:03 96760 ----a-w- c:\windows\system32\dfshim.dll
2009-08-04 16:21 . 2008-07-27 18:03 282112 ----a-w- c:\windows\system32\mscoree.dll
2009-08-04 16:21 . 2008-07-27 18:03 41984 ----a-w- c:\windows\system32\netfxperf.dll
2009-08-04 16:20 . 2008-07-27 18:03 158720 ----a-w- c:\windows\system32\mscorier.dll
2009-08-04 16:20 . 2008-07-27 18:03 83968 ----a-w- c:\windows\system32\mscories.dll
2009-08-02 18:48 . 2009-08-02 18:48 -------- d-----w- c:\users\User\AppData\Roaming\CyberLink
2009-07-31 16:32 . 2009-07-31 16:32 -------- d-----w- c:\users\User\AppData\Local\Adobe
2009-07-28 10:13 . 2008-05-27 05:17 34816 ----a-w- c:\windows\system32\msscb.dll
2009-07-28 09:32 . 2008-04-26 08:26 891448 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-07-27 22:06 . 2009-07-27 22:06 -------- d-----w- C:\PerfLogs
2009-07-27 10:34 . 2006-10-26 18:56 32592 ----a-w- c:\windows\system32\msonpmon.dll
2009-07-27 10:31 . 2009-07-27 10:31 -------- d-----w- c:\windows\PCHEALTH
2009-07-27 10:31 . 2009-07-27 10:31 -------- d-----w- c:\program files\Microsoft.NET
2009-07-27 10:29 . 2009-07-27 10:29 -------- d-----w- c:\program files\Microsoft Visual Studio 8
2009-07-27 10:28 . 2009-07-27 10:28 -------- d-----w- c:\users\Jack\AppData\Local\Microsoft Help
2009-07-27 10:27 . 2009-07-27 10:35 -------- d-----w- c:\programdata\Microsoft Help
2009-07-27 10:26 . 2009-07-27 10:26 -------- d--h--r- C:\MSOCache
2009-07-27 09:35 . 2009-07-27 09:35 -------- d-----w- c:\program files\PowerISO
2009-07-26 23:01 . 2009-07-27 10:06 -------- d-----w- c:\users\Jack\AppData\Roaming\BitTorrent
2009-07-26 23:01 . 2009-07-26 23:01 -------- d-----w- c:\program files\BitTorrent
2009-07-26 21:55 . 2009-08-04 23:07 -------- d-----w- c:\users\Jack\AppData\Roaming\DivX
2009-07-26 21:54 . 2009-08-06 12:02 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-07-26 20:58 . 2009-07-26 23:00 -------- d-----w- c:\program files\BitLord
2009-07-26 20:23 . 2009-07-26 20:23 -------- d-----w- c:\users\Jack\AppData\Roaming\AdobeUM
2009-07-24 18:32 . 2009-07-24 18:32 -------- d-----w- c:\users\Jack\AppData\Roaming\Template
2009-07-24 17:03 . 2009-07-24 17:03 -------- d-----w- c:\program files\HarBal 1.5
2009-07-24 16:57 . 2009-07-24 16:57 -------- d-----w- c:\program files\Roger Nichols Digital, Inc
2009-07-24 16:47 . 2009-07-24 16:47 -------- d-----w- c:\program files\TC Native Bundle DX 2.02
2009-07-24 16:44 . 2009-07-24 16:44 -------- d-----w- c:\program files\PSP VintageWarmer
2009-07-24 16:43 . 2009-07-24 16:43 -------- d-----w- c:\program files\Common Files\iZotope
2009-07-24 16:43 . 2009-07-24 16:59 -------- d-----w- c:\program files\iZotope
2009-07-24 16:12 . 2003-03-18 17:04 765952 ----a-w- c:\windows\system32\msvcp71d.dll
2009-07-24 16:12 . 2003-03-18 17:03 544768 ----a-w- c:\windows\system32\msvcr71d.dll
2009-07-24 16:12 . 2009-07-24 16:36 -------- d-----w- c:\program files\Nomad Factory
2009-07-24 15:58 . 1999-12-17 09:13 86016 ----a-w- c:\windows\unvise32.exe
2009-07-24 15:58 . 2009-07-24 15:58 -------- d-----w- C:\Ohm Force
2009-07-24 13:55 . 2009-07-24 13:55 -------- d-----w- c:\program files\VirSyn Software Synthesizer
2009-07-24 13:54 . 2003-06-20 12:28 1777664 ----a-w- c:\windows\system32\gdiplus.dll
2009-07-24 13:41 . 2009-07-24 13:50 -------- d-----w- c:\users\Jack\AppData\Local\Native Instruments
2009-07-24 13:34 . 2009-07-24 13:45 -------- d-----w- c:\program files\Common Files\Native Instruments
2009-07-24 13:34 . 2009-07-24 13:44 -------- d-----w- c:\program files\Native Instruments
2009-07-24 13:28 . 2009-07-24 13:28 -------- d-----w- c:\program files\Steinberg
2009-07-24 13:19 . 2009-07-24 13:19 -------- d-----w- c:\program files\GFORCE_SOFTWARE
2009-07-24 13:05 . 2008-03-14 12:22 368640 ----a-w- c:\windows\system32\ReWire.dll
2009-07-24 13:05 . 2008-03-14 12:22 233472 ----a-w- c:\windows\system32\REX Shared Library.dll
2009-07-24 10:15 . 2008-01-19 07:37 351232 ----a-w- c:\windows\system32\WSDApi.dll
2009-07-24 10:14 . 2008-01-19 07:36 161792 ----a-w- c:\windows\system32\wbem\WMIsvc.dll
2009-07-24 10:13 . 2008-01-19 07:36 26624 ----a-w- c:\windows\system32\pcadm.dll
2009-07-24 10:12 . 2008-01-19 07:34 8192 ----a-w- c:\windows\system32\iscsied.dll
2009-07-24 10:11 . 2008-01-19 07:33 599552 ----a-w- c:\windows\system32\vsp1cln.exe
2009-07-24 10:11 . 2008-01-19 07:36 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll
2009-07-24 10:11 . 2008-01-19 07:36 742912 ----a-w- c:\windows\system32\wbem\wbemcore.dll
2009-07-24 10:11 . 2008-01-19 07:36 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll
2009-07-24 10:11 . 2008-01-19 07:36 357888 ----a-w- c:\windows\system32\wbemcomn.dll
2009-07-24 10:11 . 2008-01-19 07:36 264704 ----a-w- c:\windows\system32\wbem\repdrvfs.dll
2009-07-24 10:11 . 2008-01-19 07:34 191488 ----a-w- c:\windows\system32\wbem\mofd.dll
2009-07-24 10:11 . 2008-01-19 07:34 102400 ----a-w- c:\windows\system32\wbem\mofinstall.dll
2009-07-24 10:11 . 2008-01-19 07:34 263168 ----a-w- c:\windows\system32\wbem\esscli.dll
2009-07-24 10:11 . 2008-01-19 07:36 129536 ----a-w- c:\windows\system32\sqmapi.dll
2009-07-24 10:11 . 2008-01-19 07:36 704512 ----a-w- c:\windows\system32\SmiEngine.dll
2009-07-24 10:11 . 2008-01-19 07:36 139264 ----a-w- c:\windows\system32\SmiInstaller.dll
2009-07-24 10:10 . 2008-01-19 07:36 218624 ----a-w- c:\windows\system32\wdscore.dll
2009-07-24 10:10 . 2008-01-19 07:33 130560 ----a-w- c:\windows\system32\PkgMgr.exe
2009-07-24 10:10 . 2008-01-19 07:34 246784 ----a-w- c:\windows\system32\drvstore.dll
2009-07-24 10:10 . 2008-01-19 07:35 35328 ----a-w- c:\windows\system32\mspatcha.dll
2009-07-24 10:10 . 2008-01-19 07:34 305152 ----a-w- c:\windows\system32\msdelta.dll
2009-07-24 10:10 . 2008-01-19 07:34 258560 ----a-w- c:\windows\system32\dpx.dll
2009-07-23 15:14 . 2009-07-23 15:14 -------- d-----w- C:\Temporary Conversions
2009-07-23 15:14 . 2009-07-23 15:14 -------- d-----w- C:\presets
2009-07-23 15:14 . 2009-07-23 15:14 -------- d-----w- C:\default
2009-07-23 15:13 . 2006-10-04 13:13 393216 ----a-w- c:\windows\system32\NI_IRC_1_2.dll
2009-07-23 15:13 . 2006-10-04 13:13 61440 ----a-w- c:\windows\system32\NI_DFD_1_5.dll
2009-07-23 15:13 . 2006-10-04 13:13 1870336 ----a-w- c:\windows\system32\bconvert.dll
2009-07-23 14:49 . 2009-07-28 10:45 724992 ----a-w- c:\windows\iun6002.exe
2009-07-23 14:48 . 2009-07-28 10:45 -------- d-----w- c:\program files\M-Audio USB Keyboard Device
2009-07-23 14:48 . 2009-07-23 14:48 82944 ----a-w- c:\windows\system32\usbkt1x1.dll
2009-07-23 14:48 . 2009-07-23 14:48 22304 ----a-w- c:\windows\system32\drivers\usbkt1x1.sys
2009-07-23 14:48 . 2009-07-23 14:48 13504 ----a-w- c:\windows\system32\drivers\uks11ldr.sys
2009-07-23 14:31 . 2009-07-26 20:23 -------- d-----w- c:\users\Jack\AppData\Local\Adobe
2009-07-23 14:25 . 2009-07-24 13:12 -------- d-----w- c:\program files\Ableton
2009-07-23 13:58 . 2009-07-23 13:58 -------- d-----w- c:\programdata\Ableton
2009-07-23 13:58 . 2009-07-24 13:05 -------- d-----w- c:\users\Jack\AppData\Roaming\Ableton
2009-07-23 13:22 . 2009-08-11 09:32 -------- d-----w- c:\users\Jack\AppData\Roaming\skypePM
2009-07-23 13:17 . 2009-08-11 09:47 -------- d-----w- c:\users\Jack\AppData\Roaming\Skype
2009-07-23 13:17 . 2009-07-23 13:17 -------- d-----w- c:\program files\Common Files\Skype
2009-07-23 13:17 . 2009-07-23 13:17 -------- d-----r- c:\program files\Skype
2009-07-23 13:17 . 2009-07-23 13:17 -------- d-----w- c:\programdata\Skype
2009-07-23 12:58 . 2009-07-23 12:58 -------- d-----w- C:\My tunes
2009-07-23 12:55 . 2009-07-28 17:46 -------- d-----w- C:\Music projects
2009-07-23 12:52 . 2009-07-26 21:50 -------- d-----w- c:\users\Jack\AppData\Local\Apple Computer
2009-07-23 12:52 . 2009-08-05 16:37 -------- d-----w- c:\users\Jack\AppData\Roaming\Apple Computer
2009-07-23 12:46 . 2009-07-23 12:46 -------- d-----w- c:\programdata\Apple
2009-07-23 12:45 . 2009-07-23 12:45 -------- d-----w- C:\Jacks Comps
2009-07-23 12:33 . 2009-07-23 12:37 -------- d-----w- C:\DJ tunes

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2009-08-04 11:39 . 2007-11-08 14:11 -------- d-----w- c:\programdata\Gtek
2009-08-02 18:48 . 2007-11-08 14:09 -------- d-----w- c:\programdata\CyberLink
2009-07-27 22:08 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-07-27 22:08 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2009-07-27 22:08 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2009-07-27 22:08 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-07-27 22:08 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-07-27 22:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2009-07-27 22:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-07-27 22:06 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-07-27 14:11 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2009-07-27 14:11 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2009-07-27 13:46 . 2009-07-21 14:27 27240 ----a-w- c:\users\Jack\AppData\Roaming\nvModes.dat
2009-07-27 11:19 . 2009-07-22 10:29 117696 ----a-w- c:\users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2009-07-27 10:33 . 2007-11-08 14:11 -------- d-----w- c:\program files\Microsoft Works
2009-07-27 10:32 . 2006-11-02 12:37 -------- d-----w- c:\program files\MSBuild
2009-07-26 13:44 . 2009-07-22 10:35 27240 ----a-w- c:\users\User\AppData\Roaming\nvModes.dat
2009-07-24 18:32 . 2009-07-24 18:32 0 ----a-w- c:\users\Jack\AppData\Roaming\wklnhst.dat
2009-07-24 16:34 . 2007-11-08 13:56 -------- d--h--w- c:\program files\InstallShield Installation Information
2009-07-23 13:22 . 2009-07-23 13:22 56 ---ha-w- c:\programdata\ezsidmv.dat
2009-07-23 12:51 . 2009-07-23 12:51 -------- d-----w- c:\programdata\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-23 12:51 . 2009-07-23 12:51 -------- d-----w- c:\program files\iTunes
2009-07-23 12:51 . 2009-07-23 12:51 -------- d-----w- c:\program files\iPod
2009-07-23 12:51 . 2009-07-23 12:46 -------- d-----w- c:\program files\Common Files\Apple
2009-07-23 12:51 . 2009-07-23 12:49 -------- d-----w- c:\programdata\Apple Computer
2009-07-23 12:50 . 2009-07-23 12:50 -------- d-----w- c:\program files\Bonjour
2009-07-23 12:50 . 2009-07-23 12:49 -------- d-----w- c:\program files\QuickTime
2009-07-23 12:48 . 2009-07-23 12:48 -------- d-----w- c:\program files\Apple Software Update
2009-07-22 10:29 . 2009-07-22 10:29 551424 ----a-w- c:\windows\system32\rpcss.dll
2009-07-21 21:52 . 2009-07-29 08:48 915456 ----a-w- c:\windows\system32\wininet.dll
2009-07-21 21:47 . 2009-07-29 08:48 109056 ----a-w- c:\windows\system32\iesysprep.dll
2009-07-21 21:47 . 2009-07-29 08:48 71680 ----a-w- c:\windows\system32\iesetup.dll
2009-07-21 20:13 . 2009-07-29 08:48 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2009-07-21 15:28 . 2007-11-08 14:09 -------- d-----w- c:\programdata\Dell
2009-07-21 15:15 . 2007-11-08 14:07 -------- d-----w- c:\programdata\McAfee
2009-07-21 15:14 . 2009-05-24 14:30 128016 ----a-w- c:\windows\system32\drivers\kl1.sys
2009-07-21 14:54 . 2009-07-21 14:54 23 ----a-w- c:\windows\system32\drivers\adidsl.cfg
2009-07-20 19:30 . 2009-07-20 19:30 -------- d-sh--we c:\programdata\Templates
2009-07-20 19:30 . 2009-07-20 19:30 -------- d-sh--we c:\programdata\Start Menu
2009-07-20 19:30 . 2009-07-20 19:30 -------- d-sh--we c:\programdata\Favorites
2009-07-20 19:30 . 2009-07-20 19:30 -------- d-sh--we c:\programdata\Documents
2009-07-20 19:30 . 2009-07-20 19:30 -------- d-sh--we c:\programdata\Desktop
2009-06-04 15:59 . 2009-06-04 15:59 59976 ----a-w- c:\programdata\Kaspersky Lab Setup Files\Kaspersky Anti-Virus 2010 9.0.0.459\English\setup.exe
2009-05-25 04:21 . 2009-05-25 04:21 219664 ----a-w- c:\windows\system32\klogon.dll
2009-05-25 04:18 . 2009-05-25 04:18 27507 ----a-w- c:\windows\system32\drivers\klopp.dat
2009-05-16 19:59 . 2009-05-16 19:59 19472 ----a-w- c:\windows\system32\drivers\klmouflt.sys
2009-05-15 17:50 . 2009-05-15 17:50 21008 ----a-w- c:\windows\system32\drivers\klim6.sys
2007-11-08 14:03 . 2007-11-08 14:03 76 --sha-r- c:\windows\CT4CET.bin
2007-11-08 21:43 . 2007-11-08 21:36 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((( SnapShot@2009-08-10_16.47.38 )))))))))))))))))))))))))))))))))))))))))
.
+ 2007-11-08 14:18 . 2009-08-10 23:08 36686 c:\windows\System32\WDI\ShutdownPerformanceDiagnos tics_SystemData.bin
+ 2006-11-02 13:05 . 2009-08-11 09:32 65008 c:\windows\System32\WDI\BootPerformanceDiagnostics _SystemData.bin
+ 2009-07-22 11:08 . 2009-08-10 19:44 4288 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1270223739-246048384-1330680-1001_UserData.bin
- 2009-07-20 19:38 . 2009-08-10 16:30 6612 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1270223739-246048384-1330680-1000_UserData.bin
+ 2009-07-20 19:38 . 2009-08-11 09:32 6612 c:\windows\System32\WDI\{86432a0b-3c7d-4ddf-a89c-172faa90485d}\S-1-5-21-1270223739-246048384-1330680-1000_UserData.bin
+ 2009-08-10 23:06 . 2009-08-11 09:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2009-08-10 16:28 . 2009-08-10 16:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive1.dat
- 2009-08-10 16:28 . 2009-08-10 16:28 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2009-08-10 23:06 . 2009-08-11 09:29 2048 c:\windows\ServiceProfiles\LocalService\AppData\Lo cal\lastalive0.dat
+ 2006-11-02 10:33 . 2009-08-11 09:38 600378 c:\windows\System32\perfh009.dat
- 2006-11-02 10:33 . 2009-08-10 16:35 600378 c:\windows\System32\perfh009.dat
+ 2006-11-02 10:33 . 2009-08-11 09:38 105852 c:\windows\System32\perfc009.dat
- 2006-11-02 10:33 . 2009-08-10 16:35 105852 c:\windows\System32\perfc009.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\Curre ntVersion\Run]
"DellSupport"="c:\program files\DellSupport\DSAgnt.exe" [2007-03-15 460784]
"Skype"="c:\program files\Skype\Phone\Skype.exe" [2009-07-16 25604904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"Apoint"="c:\program files\DellTPad\Apoint.exe" [2007-04-18 159744]
"OEM02Mon.exe"="c:\windows\OEM02Mon.exe" [2007-08-29 36864]
"DELL Webcam Manager"="c:\program files\Dell\Dell Webcam Manager\DellWMgr.exe" [2007-07-27 118784]
"AVP"="c:\program files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe" [2009-05-25 303376]
"M-Audio Taskbar Icon"="c:\windows\System32\M-AudioTaskBarIcon.exe" [2008-05-15 356864]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-10-04 8497696]
"NvMediaCenter"="c:\windows\system32\NvMcTray. dll" [2007-10-04 81920]
"NVHotkey"="c:\windows\system32\nvHotkey.dll" [2007-10-04 86016]
"PMX Daemon"="ICO.EXE" - c:\windows\System32\ico.exe [2006-11-08 49152]
"SigmatelSysTrayApp"="sttray.exe" - c:\windows\sttray.exe [2007-03-06 303104]

c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
DSLMON.lnk - c:\program files\SAGEM\SAGEM F@st 800-840\dslmon.exe [2009-7-21 962661]
QuickSet.lnk - c:\windows\Installer\{7F0C4457-8E64-491B-8D7B-991504365D1E}\NewShortcut2_53A01CC614B04512A2E710D 39BF83DC4.exe [2007-11-8 45056]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\curr entversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\progra~1\KASPER~1\KASPER~1\mzvkb d.dll c:\progra~1\KASPER~1\KASPER~1\mzvkbd3.dll

[HKEY_LOCAL_MACHINE\system\currentcontrolset\contro l\session manager]
BootExecute REG_MULTI_SZ lsdelete

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\Lavasoft Ad-Aware Service]
@="Service"

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@="Service"

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnk.CommonStartup
backupExtension=.CommonStartup

[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Wind ows^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnk.CommonStartup
backupExtension=.CommonStartup

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\KasperskyAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\McAfeeAntiSpyware]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpo licy\FirewallRules]
"{6B4B9555-FE26-4E74-846A-FBD608422E55}"= UDP:c:\program files\Common Files\McAfee\MNA\McNASvc.exe:McAfee Network Agent
"{D5CED3A8-42FA-46F6-AC64-836745C6A4D8}"= c:\program files\Dell\MediaDirect\PowerCinema.exe:CyberLink PowerCinema
"{116BE280-3797-446A-872B-94325513577E}"= c:\program files\Dell\MediaDirect\PCMService.exe:CyberLink PowerCinema Resident Program
"{0C6D2F67-8F74-4770-B487-48B34BA8BF0E}"= c:\program files\Dell\MediaDirect\Kernel\DMP\CLBrowserEngine. exe:Cyberlink Media Server Browser Engine
"{99A7BF1A-AF39-4718-9764-8A7CC7071C6D}"= c:\program files\Dell\MediaDirect\Kernel\DMS\CLMSService.exe: CyberLink Media Server
"{465EB43C-7117-4BF1-9804-F829120A8CBA}"= UDP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{3B86B3C7-22FE-4266-95E4-434F7D4177F8}"= TCP:c:\program files\Bonjour\mDNSResponder.exe:Bonjour
"{1C7CE643-E25F-42BF-80BF-84607C6CBD7D}"= UDP:c:\program files\iTunes\iTunes.exe:iTunes
"{617A6B5A-F54A-4F51-8B44-95863E5C4A74}"= TCP:c:\program files\iTunes\iTunes.exe:iTunes
"{6E2D7E83-6871-4C49-BD8B-EC7A66954511}"= c:\program files\Skype\Phone\Skype.exe:Skype
"TCP Query User{FDC865EF-03B6-49AE-9897-9BACAFD7F58A}c:\\program files\\bitlord\\bitlord.exe"= UDP:c:\program files\bitlord\bitlord.exe:BitLord
"UDP Query User{BBE6CD11-B129-4277-960B-40B81C8D27FC}c:\\program files\\bitlord\\bitlord.exe"= TCP:c:\program files\bitlord\bitlord.exe:BitLord
"{739F3B4B-F22D-4967-81FC-AF6F5F4BEEFB}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{A4901222-4EAC-4C54-A521-3E3A843D9F0D}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent
"{D3681411-F12D-433D-8650-8F430E12F460}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook
"{CFC37CF3-A25D-4A55-8819-104EB1F7382F}"= UDP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{BC3EFC41-B69C-4896-BC52-546BA13C9923}"= TCP:c:\program files\Microsoft Office\Office12\GROOVE.EXE:Microsoft Office Groove
"{1A9CBD04-0ADD-4A9B-ADC4-B2CC86C2E9AB}"= UDP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote
"{B0FEFB94-241D-49F3-BA16-CCCEABBE19D5}"= TCP:c:\program files\Microsoft Office\Office12\ONENOTE.EXE:Microsoft Office OneNote

R0 klbg;Kaspersky Lab Boot Guard Driver;c:\windows\System32\drivers\klbg.sys [15/12/2008 20:41 33808]
R0 Lbd;Lbd;c:\windows\System32\drivers\Lbd.sys [05/08/2009 16:36 64160]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;c:\windows\System32\drivers\klim6.sys [15/05/2009 18:50 21008]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files\Spybot - Search & Destroy\SDWinSec.exe [05/08/2009 19:44 1153368]
R3 klmouflt;Kaspersky Lab KLMOUFLT;c:\windows\System32\drivers\klmouflt.sys [16/05/2009 20:59 19472]
R3 MAUSBFTP;Service for M-Audio Fast Track Pro (WDM);c:\windows\System32\drivers\mausb.sys [23/07/2009 11:20 143624]
R3 OEM02Dev;Creative Camera OEM002 Driver;c:\windows\System32\drivers\OEM02Dev.sys [10/10/2007 17:03 235648]
R3 OEM02Vfx;Creative Camera OEM002 Video VFX Driver;c:\windows\System32\drivers\OEM02Vfx.sys [08/11/2007 22:43 7424]
R3 USBKT1X1;M-Audio USB Keystation;c:\windows\System32\drivers\usbkt1x1.sy s [23/07/2009 15:48 22304]
S3 Lavasoft Ad-Aware Service;Lavasoft Ad-Aware Service;c:\program files\Lavasoft\Ad-Aware\AAWService.exe [03/07/2009 15:49 1029456]
S3 UKS11LDR;M-Audio USB Keystation Loader;c:\windows\System32\drivers\uks11ldr.sys [23/07/2009 15:48 13504]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\System32\rundll32.exe" "c:\windows\System32\iedkcs32.dll",BrandIEActiveSe tup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-05 c:\windows\Tasks\Ad-Aware Update (Weekly).job
- c:\program files\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe [2009-07-03 14:49]

2009-08-10 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270223739-246048384-1330680-1000Core.job
- c:\users\Jack\AppData\Local\Google\Update\GoogleUp date.exe [2009-07-21 15:31]

2009-08-11 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1270223739-246048384-1330680-1000UA.job
- c:\users\Jack\AppData\Local\Google\Update\GoogleUp date.exe [2009-07-21 15:31]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www1.euro.dell.com/content/default.aspx?c=eu&l=en&s=gen
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office12\EXCEL.EXE/3000
.

************************************************** ************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, GMER - Rootkit Detector and Remover
Rootkit scan 2009-08-11 10:53
Windows 6.0.6001 Service Pack 1 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

************************************************** ************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Cl ass\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-08-11 11:01
ComboFix-quarantined-files.txt 2009-08-11 10:00
ComboFix2.txt 2009-08-10 16:54

Pre-Run: 54,537,420,800 bytes free
Post-Run: 60,270,944,256 bytes free

321 --- E O F --- 2009-08-11 09:37




Hijackthis



Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:08:55, on 11/08/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\ico.exe
C:\Windows\System32\M-AudioTaskBarIcon.exe
C:\Windows\sttray.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Dell EMEA
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\ievkbd.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll
O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM\..\Run: [OEM02Mon.exe] C:\Windows\OEM02Mon.exe
O4 - HKLM\..\Run: [PMX Daemon] ICO.EXE
O4 - HKLM\..\Run: [DELL Webcam Manager] "C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe" /s
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe"
O4 - HKLM\..\Run: [M-Audio Taskbar Icon] C:\Windows\System32\M-AudioTaskBarIcon.exe
O4 - HKLM\..\Run: [SigmatelSysTrayApp] sttray.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
O4 - Global Startup: QuickSet.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - c:\Program Files\Java\jre1.6.0\bin\npjpi160.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: &Virtual keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\klwtbbho.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd3.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 2010\avp.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: SigmaTel Audio Service (STacSV) - SigmaTel, Inc. - C:\Windows\system32\STacSV.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe

--
End of file - 6692 bytes



I got a error message when Hijackthis was running. It said:-

An unexpected error has occurred at procedure:
modRegistry_IniGetString(sFile=system.ini, sSection=boot,
sValue=Shell)
Error #5 - Invalid procedure call or argument



But then it ran anyway

Nah, all clean here. Must be something else. Please, repost your issue at Windows section.
I'll mark this thread as "Inactive".

__________________
My Home Page

alrite bro no worries, thanks for looking