Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Dead slow PC & internet cuts out

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Dead slow PC & internet cuts out

Unread postby jamestaylor » June 28th, 2009, 1:21 pm

Hey,

My PC is dead slow. Takes me ages to do anything anymore. My internet also keeps cutting out on it - but my mums laptop's internet is fine. They both have a wireless internet to my wireless router.

Simple programmes as skype are becoming less responsive and it takes a while for me to send and receive messages. Any help I am very greatful for. Thanks.

Hijack This report:

[quote=HijackThis Log]Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 02:16:25 PM, on 20/06/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\Explorer.EXE
C:\Users\James\Desktop\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: *
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - Startup: BBC iPlayer Desktop.lnk = C:\Program Files\BBC iPlayer Desktop\BBC iPlayer Desktop.exe
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: OSD Service (OsdService) - TODO: <????> - C:\Windows\Installer\MSI3BEB.tmp

--
End of file - 7460 bytes[/quote]
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm
Advertisement
Register to Remove

Re: Dead slow PC & internet cuts out

Unread postby Shaba » July 1st, 2009, 12:08 am

Hi jamestaylor

  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<< will be maximized) and info.txt (<< will be minimized)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 4:41 am

Thank you for the help :)

info.txt logfile of random's system information tool 1.06 2009-07-01 09:27:37

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe AIR-->C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Auto Gordian Knot 2.55-->C:\Program Files\AutoGK\uninst.exe
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVG Identity Protection-->MsiExec.exe /X{7583D2F8-8E7D-40C5-9862-4D218006FB84}
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
BBC iPlayer Desktop-->MsiExec.exe /X{5FE917F6-88DB-82FC-AC44-EDF00C57EF21}
Belkin Wireless Driver-->C:\Program Files\InstallShield Installation Information\{D593C72C-435B-4171-8106-9CA8AA34D716}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0009 -removeonly
Belkin Wireless USB Utility-->C:\Program Files\InstallShield Installation Information\{A6359CCF-215D-43D9-8366-479D231F2A72}\setup.exe -runfromtemp -l0x0409
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
GIMP 2.6.6-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.90.1262\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.90" /clone_wait /hide_progress
Logitech QuickCam-->MsiExec.exe /I{937B232D-9776-471E-92BD-D424E514EF14}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 9-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PokerStars.net-->"C:\Program Files\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PSPVC :: PSP Video Converter v3.72-->"C:\Program Files\pspvc\Uninstall.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SopCast 2.0.4-->C:\Program Files\SopCast\uninst.exe
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Family Safety-->MsiExec.exe /X{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}
Windows Live Mail-->MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Movie Maker Beta-->MsiExec.exe /X{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Photo Gallery-->MsiExec.exe /X{3C52E7DA-C431-4239-B66B-1BF703D5B194}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync-->MsiExec.exe /X{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}
Windows Live Toolbar-->MsiExec.exe /X{995F1E2E-F542-4310-8E1D-9926F5A279B3}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xvid 1.2.1 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
XviD MPEG4 Video Codec (remove only)-->"C:\Program Files\XviD\xvid-uninstall.exe"

======Hosts File======

 
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: WIN-VHGBRI79DG3
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 2975
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090422140309.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 2974
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090422140308.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 15016
Message: Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Record Number: 2973
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090422140305.344663-000
Event Type: Error
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 263
Message: The service 'ShellHWDetection' may not have unregistered for device event notifications before it was stopped.
Record Number: 2971
Source Name: PlugPlayManager
Time Written: 20090422140305.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.

Record Number: 2962
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20081223111554.980200-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: James-PC
Event Code: 33
Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 765
Source Name: SideBySide
Time Written: 20090422131158.000000-000
Event Type: Error
User:

Computer Name: James-PC
Event Code: 33
Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 764
Source Name: SideBySide
Time Written: 20090422131158.000000-000
Event Type: Error
User:

Computer Name: James-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 742
Source Name: Microsoft-Windows-WMI
Time Written: 20090422140852.000000-000
Event Type: Error
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 729
Source Name: Microsoft-Windows-Search
Time Written: 20090422140525.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 1036
Message: InitializePrintProvider failed for provider inetpp.dll. This can occur because of system instability or a lack of system resources.
Record Number: 724
Source Name: Microsoft-Windows-SpoolerSpoolss
Time Written: 20090422140508.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: WIN-VHGBRI79DG3
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: WIN-VHGBRI79DG3$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x284
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 1005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.046990-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1004
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.000190-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-VHGBRI79DG3$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x284
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 1003
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.000190-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: WIN-VHGBRI79DG3$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x284
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 1002
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.000190-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-3121166545-3975070627-2469533456-500
Account Name: Administrator
Domain Name: WIN-VHGBRI79DG3
Logon ID: 0x22f71
Record Number: 1001
Source Name: Microsoft-Windows-Eventlog
Time Written: 20081223111448.961390-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\QUICKTIME\QTSYSTEM\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=1
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 4:45 am

Logfile of random's system information tool 1.06 (written by random/random)
Run by James at 2009-07-01 09:27:04
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 33 GB (23%) free of 142 GB
Total RAM: 2494 MB (67% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:27:30 AM, on 01/07/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\Users\James\Desktop\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\James.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts:  
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: OSD Service (OsdService) - TODO: <????> - C:\Windows\Installer\MSI3BEB.tmp

--
End of file - 7586 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2706847523-1309264820-3873025358-1000.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-05-04 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-25 1107224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-24 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-09-09 6281760]
"Skytel"=C:\Windows\Skytel.exe [2008-09-09 1833504]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-24 148888]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-06-11 1948440]
"AVGIDS"=C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe [2009-02-26 1579528]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 3 months======

2009-07-01 09:27:05 ----D---- C:\Program Files\trend micro
2009-07-01 09:27:04 ----D---- C:\rsit
2009-07-01 09:19:07 ----D---- C:\Program Files\MSXML 4.0
2009-06-30 13:21:28 ----D---- C:\Users\James\AppData\Roaming\Nero
2009-06-30 11:20:44 ----D---- C:\Program Files\Nero
2009-06-30 11:19:28 ----D---- C:\ProgramData\Nero
2009-06-30 11:19:26 ----D---- C:\Program Files\Common Files\Nero
2009-06-29 23:11:02 ----D---- C:\Program Files\Windows Live Safety Center
2009-06-29 20:13:42 ----D---- C:\Users\James\AppData\Roaming\Malwarebytes
2009-06-29 20:13:21 ----D---- C:\ProgramData\Malwarebytes
2009-06-29 20:13:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-28 15:13:03 ----D---- C:\Program Files\Avi2Dvd
2009-06-24 19:02:49 ----D---- C:\Users\James\AppData\Roaming\MailWasherFree
2009-06-11 00:47:48 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-06-11 00:46:13 ----A---- C:\Windows\system32\mshtml.dll
2009-06-11 00:46:12 ----A---- C:\Windows\system32\ieframe.dll
2009-06-11 00:46:11 ----A---- C:\Windows\system32\iertutil.dll
2009-06-11 00:46:10 ----A---- C:\Windows\system32\wininet.dll
2009-06-11 00:46:10 ----A---- C:\Windows\system32\urlmon.dll
2009-06-11 00:46:10 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\ieui.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\iesetup.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\iernonce.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\ie4uinit.exe
2009-06-11 00:45:39 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-11 00:45:34 ----A---- C:\Windows\system32\localspl.dll
2009-06-11 00:45:05 ----A---- C:\Windows\system32\sbe.dll
2009-06-11 00:45:05 ----A---- C:\Windows\system32\MSDTVVDEC.DLL
2009-06-11 00:45:05 ----A---- C:\Windows\system32\CPFilters.dll
2009-06-07 18:22:11 ----D---- C:\Windows\system32\eu-ES
2009-06-07 18:22:11 ----D---- C:\Windows\system32\ca-ES
2009-06-07 18:22:08 ----D---- C:\Windows\system32\vi-VN
2009-06-07 18:02:59 ----D---- C:\Windows\system32\EventProviders
2009-06-07 18:01:02 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-06-07 18:00:56 ----A---- C:\Windows\system32\SLsvc.exe
2009-06-07 18:00:56 ----A---- C:\Windows\system32\SLCExt.dll
2009-06-07 18:00:52 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-07 18:00:52 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-06-07 18:00:50 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-06-07 18:00:46 ----A---- C:\Windows\system32\mssrch.dll
2009-06-07 18:00:42 ----A---- C:\Windows\system32\tquery.dll
2009-06-07 18:00:40 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-07 18:00:40 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-07 18:00:39 ----A---- C:\Windows\system32\scavenge.dll
2009-06-07 18:00:39 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-06-07 18:00:38 ----A---- C:\Windows\system32\RMActivate.exe
2009-06-07 18:00:36 ----A---- C:\Windows\system32\msi.dll
2009-06-07 18:00:35 ----A---- C:\Windows\system32\imapi2fs.dll
2009-06-07 18:00:34 ----A---- C:\Windows\system32\secproc_isv.dll
2009-06-07 18:00:33 ----A---- C:\Windows\system32\WscEapPr.dll
2009-06-07 18:00:33 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-06-07 18:00:33 ----A---- C:\Windows\system32\sysmain.dll
2009-06-07 18:00:30 ----A---- C:\Windows\system32\mf.dll
2009-06-07 18:00:30 ----A---- C:\Windows\system32\icardagt.exe
2009-06-07 18:00:29 ----A---- C:\Windows\system32\EhStorShell.dll
2009-06-07 18:00:29 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-06-07 18:00:27 ----A---- C:\Windows\system32\spreview.exe
2009-06-07 18:00:27 ----A---- C:\Windows\system32\spinstall.exe
2009-06-07 18:00:27 ----A---- C:\Windows\system32\drmv2clt.dll
2009-06-07 18:00:25 ----A---- C:\Windows\system32\spwizui.dll
2009-06-07 18:00:25 ----A---- C:\Windows\system32\secproc.dll
2009-06-07 18:00:25 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-06-07 18:00:23 ----A---- C:\Windows\system32\shell32.dll
2009-06-07 18:00:20 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-07 18:00:20 ----A---- C:\Windows\system32\p2psvc.dll
2009-06-07 18:00:19 ----A---- C:\Windows\system32\mssvp.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\mssph.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-06-07 18:00:18 ----A---- C:\Windows\system32\mscoree.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\imapi2.dll
2009-06-07 18:00:17 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-07 18:00:17 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-07 18:00:15 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-06-07 18:00:15 ----A---- C:\Windows\system32\esent.dll
2009-06-07 18:00:15 ----A---- C:\Windows\system32\DevicePairing.dll
2009-06-07 18:00:13 ----A---- C:\Windows\system32\sperror.dll
2009-06-07 18:00:13 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-06-07 18:00:12 ----A---- C:\Windows\system32\wevtsvc.dll
2009-06-07 18:00:12 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-07 18:00:11 ----A---- C:\Windows\system32\SLC.dll
2009-06-07 18:00:11 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-07 18:00:11 ----A---- C:\Windows\system32\IasMigReader.exe
2009-06-07 18:00:10 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-06-07 18:00:09 ----A---- C:\Windows\system32\wmp.dll
2009-06-07 18:00:09 ----A---- C:\Windows\system32\msshsq.dll
2009-06-07 18:00:08 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-07 18:00:07 ----A---- C:\Windows\system32\msjet40.dll
2009-06-07 18:00:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-07 18:00:06 ----A---- C:\Windows\system32\MPSSVC.dll
2009-06-07 18:00:05 ----A---- C:\Windows\system32\msxml6.dll
2009-06-07 18:00:04 ----A---- C:\Windows\system32\Query.dll
2009-06-07 18:00:03 ----A---- C:\Windows\system32\qmgr.dll
2009-06-07 18:00:03 ----A---- C:\Windows\system32\msexch40.dll
2009-06-07 18:00:02 ----A---- C:\Windows\system32\P2PGraph.dll
2009-06-07 18:00:02 ----A---- C:\Windows\system32\diagperf.dll
2009-06-07 18:00:01 ----A---- C:\Windows\system32\ole32.dll
2009-06-07 18:00:01 ----A---- C:\Windows\system32\ntdll.dll
2009-06-07 18:00:00 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-07 18:00:00 ----A---- C:\Windows\system32\msxml3.dll
2009-06-07 17:59:59 ----A---- C:\Windows\system32\winload.exe
2009-06-07 17:59:59 ----A---- C:\Windows\system32\uDWM.dll
2009-06-07 17:59:59 ----A---- C:\Windows\system32\mmc.exe
2009-06-07 17:59:59 ----A---- C:\Windows\system32\mblctr.exe
2009-06-07 17:59:59 ----A---- C:\Windows\system32\EncDec.dll
2009-06-07 17:59:58 ----A---- C:\Windows\system32\dfsr.exe
2009-06-07 17:59:57 ----A---- C:\Windows\system32\riched20.dll
2009-06-07 17:59:57 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-06-07 17:59:56 ----A---- C:\Windows\system32\RacEngn.dll
2009-06-07 17:59:56 ----A---- C:\Windows\system32\fdBth.dll
2009-06-07 17:59:55 ----A---- C:\Windows\system32\kernel32.dll
2009-06-07 17:59:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-07 17:59:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-07 17:59:54 ----A---- C:\Windows\system32\milcore.dll
2009-06-07 17:59:54 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-06-07 17:59:53 ----A---- C:\Windows\system32\spoolss.dll
2009-06-07 17:59:53 ----A---- C:\Windows\system32\schedsvc.dll
2009-06-07 17:59:53 ----A---- C:\Windows\system32\CertEnroll.dll
2009-06-07 17:59:52 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-06-07 17:59:51 ----A---- C:\Windows\system32\msjtes40.dll
2009-06-07 17:59:51 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\msvcp60.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\gpedit.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\fsquirt.exe
2009-06-07 17:59:48 ----A---- C:\Windows\system32\WinSAT.exe
2009-06-07 17:59:48 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-06-07 17:59:48 ----A---- C:\Windows\system32\es.dll
2009-06-07 17:59:47 ----A---- C:\Windows\system32\Magnify.exe
2009-06-07 17:59:47 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-06-07 17:59:46 ----A---- C:\Windows\system32\mstext40.dll
2009-06-07 17:59:46 ----A---- C:\Windows\system32\advapi32.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\WMPhoto.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\WebClnt.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\slwmi.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\msexcl40.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\comsvcs.dll
2009-06-07 17:59:43 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-06-07 17:59:43 ----A---- C:\Windows\system32\vssapi.dll
2009-06-07 17:59:43 ----A---- C:\Windows\system32\msxbde40.dll
2009-06-07 17:59:42 ----A---- C:\Windows\system32\mstscax.dll
2009-06-07 17:59:42 ----A---- C:\Windows\system32\authui.dll
2009-06-07 17:59:41 ----A---- C:\Windows\system32\NetProjW.dll
2009-06-07 17:59:40 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-07 17:59:40 ----A---- C:\Windows\system32\msrepl40.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\propsys.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\newdev.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-07 17:59:38 ----A---- C:\Windows\system32\gpsvc.dll
2009-06-07 17:59:38 ----A---- C:\Windows\system32\eudcedit.exe
2009-06-07 17:59:38 ----A---- C:\Windows\system32\crypt32.dll
2009-06-07 17:59:38 ----A---- C:\Windows\explorer.exe
2009-06-07 17:59:37 ----A---- C:\Windows\system32\setupapi.dll
2009-06-07 17:59:37 ----A---- C:\Windows\system32\rpcss.dll
2009-06-07 17:59:37 ----A---- C:\Windows\system32\mspbde40.dll
2009-06-07 17:59:37 ----A---- C:\Windows\system32\d3d9.dll
2009-06-07 17:59:36 ----A---- C:\Windows\system32\davclnt.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\shlwapi.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\msltus40.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\mfc42.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-06-07 17:59:34 ----A---- C:\Windows\system32\msrd3x40.dll
2009-06-07 17:59:34 ----A---- C:\Windows\system32\msdtctm.dll
2009-06-07 17:59:34 ----A---- C:\Windows\system32\browseui.dll
2009-06-07 17:59:33 ----A---- C:\Windows\system32\wevtapi.dll
2009-06-07 17:59:33 ----A---- C:\Windows\system32\photowiz.dll
2009-06-07 17:59:33 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-07 17:59:31 ----A---- C:\Windows\system32\user32.dll
2009-06-07 17:59:31 ----A---- C:\Windows\system32\samsrv.dll
2009-06-07 17:59:31 ----A---- C:\Windows\system32\ci.dll
2009-06-07 17:59:30 ----A---- C:\Windows\system32\win32spl.dll
2009-06-07 17:59:30 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-06-07 17:59:30 ----A---- C:\Windows\system32\quartz.dll
2009-06-07 17:59:29 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-06-07 17:59:29 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-07 17:59:29 ----A---- C:\Windows\system32\oleaut32.dll
2009-06-07 17:59:29 ----A---- C:\Windows\system32\kerberos.dll
2009-06-07 17:59:28 ----A---- C:\Windows\system32\msv1_0.dll
2009-06-07 17:59:28 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-06-07 17:59:27 ----A---- C:\Windows\system32\netshell.dll
2009-06-07 17:59:27 ----A---- C:\Windows\system32\compcln.exe
2009-06-07 17:59:26 ----A---- C:\Windows\system32\winhttp.dll
2009-06-07 17:59:26 ----A---- C:\Windows\system32\mswstr10.dll
2009-06-07 17:59:26 ----A---- C:\Windows\system32\apds.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\msctf.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\audiosrv.dll
2009-06-07 17:59:24 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-06-07 17:59:24 ----A---- C:\Windows\system32\msvcrt.dll
2009-06-07 17:59:24 ----A---- C:\Windows\system32\gdi32.dll
2009-06-07 17:59:23 ----A---- C:\Windows\system32\VSSVC.exe
2009-06-07 17:59:23 ----A---- C:\Windows\system32\SLUI.exe
2009-06-07 17:59:23 ----A---- C:\Windows\system32\mfc42u.dll
2009-06-07 17:59:23 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-06-07 17:59:22 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-06-07 17:59:22 ----A---- C:\Windows\system32\msrd2x40.dll
2009-06-07 17:59:22 ----A---- C:\Windows\system32\eapphost.dll
2009-06-07 17:59:21 ----A---- C:\Windows\system32\propdefs.dll
2009-06-07 17:59:21 ----A---- C:\Windows\system32\odbc32.dll
2009-06-07 17:59:20 ----A---- C:\Windows\system32\winresume.exe
2009-06-07 17:59:20 ----A---- C:\Windows\system32\shdocvw.dll
2009-06-07 17:59:19 ----A---- C:\Windows\system32\dbgeng.dll
2009-06-07 17:59:18 ----A---- C:\Windows\system32\wevtutil.exe
2009-06-07 17:59:18 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-07 17:59:16 ----A---- C:\Windows\system32\WsmSvc.dll
2009-06-07 17:59:16 ----A---- C:\Windows\system32\swprv.dll
2009-06-07 17:59:16 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-06-07 17:59:15 ----A---- C:\Windows\system32\usp10.dll
2009-06-07 17:59:14 ----A---- C:\Windows\system32\vds.exe
2009-06-07 17:59:13 ----A---- C:\Windows\system32\netlogon.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\msscb.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\msctfp.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\drvinst.exe
2009-06-07 17:59:13 ----A---- C:\Windows\system32\devmgr.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\BFE.DLL
2009-06-07 17:59:13 ----A---- C:\Windows\system32\adsldpc.dll
2009-06-07 17:59:12 ----A---- C:\Windows\system32\wcnwiz.dll
2009-06-07 17:59:12 ----A---- C:\Windows\system32\schannel.dll
2009-06-07 17:59:12 ----A---- C:\Windows\system32\evr.dll
2009-06-07 17:59:11 ----A---- C:\Windows\system32\WSDApi.dll
2009-06-07 17:59:11 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-06-07 17:59:11 ----A---- C:\Windows\system32\Wldap32.dll
2009-06-07 17:59:11 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-07 17:59:10 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-07 17:59:09 ----A---- C:\Windows\system32\wercon.exe
2009-06-07 17:59:09 ----A---- C:\Windows\system32\services.exe
2009-06-07 17:59:08 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-07 17:59:08 ----A---- C:\Windows\system32\comdlg32.dll
2009-06-07 17:59:08 ----A---- C:\Windows\system32\adtschema.dll
2009-06-07 17:59:07 ----A---- C:\Windows\system32\wcncsvc.dll
2009-06-07 17:59:07 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-07 17:59:07 ----A---- C:\Windows\system32\certcli.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\msjter40.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\msdrm.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\taskeng.exe
2009-06-07 17:59:05 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\reg.exe
2009-06-07 17:59:05 ----A---- C:\Windows\system32\mswdat10.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\dnsapi.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\certutil.exe
2009-06-07 17:59:04 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-07 17:59:03 ----A---- C:\Windows\system32\w32time.dll
2009-06-07 17:59:03 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-07 17:59:02 ----A---- C:\Windows\system32\bcrypt.dll
2009-06-07 17:59:01 ----A---- C:\Windows\system32\msshooks.dll
2009-06-07 17:59:01 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-07 17:59:01 ----A---- C:\Windows\system32\bthserv.dll
2009-06-07 17:59:00 ----A---- C:\Windows\system32\rsaenh.dll
2009-06-07 17:59:00 ----A---- C:\Windows\system32\msihnd.dll
2009-06-07 17:58:59 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-06-07 17:58:59 ----A---- C:\Windows\system32\msstrc.dll
2009-06-07 17:58:59 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-06-07 17:58:58 ----A---- C:\Windows\system32\netapi32.dll
2009-06-07 17:58:58 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-07 17:58:58 ----A---- C:\Windows\system32\dfshim.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\mtxclu.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\inetpp.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\hidserv.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\fundisc.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\cryptsvc.dll
2009-06-07 17:58:56 ----A---- C:\Windows\system32\mscories.dll
2009-06-07 17:58:56 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-06-07 17:58:55 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-06-07 17:58:54 ----A---- C:\Windows\system32\termsrv.dll
2009-06-07 17:58:54 ----A---- C:\Windows\system32\profsvc.dll
2009-06-07 17:58:53 ----A---- C:\Windows\system32\gameux.dll
2009-06-07 17:58:52 ----A---- C:\Windows\system32\imapi.dll
2009-06-07 17:58:51 ----A---- C:\Windows\system32\wdc.dll
2009-06-07 17:58:51 ----A---- C:\Windows\system32\shsvcs.dll
2009-06-07 17:58:51 ----A---- C:\Windows\system32\msiexec.exe
2009-06-07 17:58:50 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-07 17:58:49 ----A---- C:\Windows\system32\rasmans.dll
2009-06-07 17:58:49 ----A---- C:\Windows\system32\pnidui.dll
2009-06-07 17:58:49 ----A---- C:\Windows\system32\iassdo.dll
2009-06-07 17:58:48 ----A---- C:\Windows\system32\spoolsv.exe
2009-06-07 17:58:48 ----A---- C:\Windows\system32\icardres.dll
2009-06-07 17:58:48 ----A---- C:\Windows\system32\autofmt.exe
2009-06-07 17:58:47 ----A---- C:\Windows\system32\wersvc.dll
2009-06-07 17:58:47 ----A---- C:\Windows\system32\slmgr.vbs
2009-06-07 17:58:47 ----A---- C:\Windows\system32\scrrun.dll
2009-06-07 17:58:47 ----A---- C:\Windows\system32\PSHED.DLL
2009-06-07 17:58:45 ----A---- C:\Windows\system32\pdh.dll
2009-06-07 17:58:45 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-06-07 17:58:45 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-06-07 17:58:45 ----A---- C:\Windows\system32\azroles.dll
2009-06-07 17:58:44 ----A---- C:\Windows\system32\pidgenx.dll
2009-06-07 17:58:42 ----A---- C:\Windows\system32\wmpmde.dll
2009-06-07 17:58:42 ----A---- C:\Windows\system32\winlogon.exe
2009-06-07 17:58:42 ----A---- C:\Windows\system32\SyncCenter.dll
2009-06-07 17:58:40 ----A---- C:\Windows\system32\SLUINotify.dll
2009-06-07 17:58:40 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-06-07 17:58:39 ----A---- C:\Windows\system32\comuid.dll
2009-06-07 17:58:39 ----A---- C:\Windows\system32\certmgr.dll
2009-06-07 17:58:38 ----A---- C:\Windows\system32\sethc.exe
2009-06-07 17:58:38 ----A---- C:\Windows\system32\ncrypt.dll
2009-06-07 17:58:38 ----A---- C:\Windows\system32\kd1394.dll
2009-06-07 17:58:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-07 17:58:37 ----A---- C:\Windows\system32\spp.dll
2009-06-07 17:58:37 ----A---- C:\Windows\system32\iassam.dll
2009-06-07 17:58:36 ----A---- C:\Windows\system32\wisptis.exe
2009-06-07 17:58:36 ----A---- C:\Windows\system32\untfs.dll
2009-06-07 17:58:36 ----A---- C:\Windows\system32\scrobj.dll
2009-06-07 17:58:36 ----A---- C:\Windows\system32\rtutils.dll
2009-06-07 17:58:35 ----A---- C:\Windows\system32\taskcomp.dll
2009-06-07 17:58:35 ----A---- C:\Windows\system32\dwm.exe
2009-06-07 17:58:34 ----A---- C:\Windows\system32\autochk.exe
2009-06-07 17:58:33 ----A---- C:\Windows\system32\printui.dll
2009-06-07 17:58:33 ----A---- C:\Windows\system32\iasnap.dll
2009-06-07 17:58:32 ----A---- C:\Windows\system32\winsrv.dll
2009-06-07 17:58:32 ----A---- C:\Windows\system32\autoconv.exe
2009-06-07 17:58:31 ----A---- C:\Windows\system32\kdcom.dll
2009-06-07 17:58:31 ----A---- C:\Windows\system32\cscript.exe
2009-06-07 17:58:31 ----A---- C:\Windows\system32\basecsp.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\wow32.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\userenv.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\onex.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\audiodg.exe
2009-06-07 17:58:29 ----A---- C:\Windows\system32\osk.exe
2009-06-07 17:58:29 ----A---- C:\Windows\system32\mswsock.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\winmm.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\spcmsg.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\RelMon.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\kdusb.dll
2009-06-07 17:58:26 ----A---- C:\Windows\system32\WinSCard.dll
2009-06-07 17:58:26 ----A---- C:\Windows\system32\rdpencom.dll
2009-06-07 17:58:25 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-06-07 17:58:25 ----A---- C:\Windows\system32\offfilt.dll
2009-06-07 17:58:25 ----A---- C:\Windows\system32\msftedit.dll
2009-06-07 17:58:24 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-06-07 17:58:23 ----A---- C:\Windows\system32\Utilman.exe
2009-06-07 17:58:22 ----A---- C:\Windows\system32\wsepno.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\WerFault.exe
2009-06-07 17:58:22 ----A---- C:\Windows\system32\stobject.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\mfplat.dll
2009-06-07 17:58:21 ----A---- C:\Windows\system32\SndVol.exe
2009-06-07 17:58:21 ----A---- C:\Windows\system32\diskraid.exe
2009-06-07 17:58:21 ----A---- C:\Windows\system32\apphelp.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\prnntfy.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\msnetobj.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\mscms.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\mcmde.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\adsmsext.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\wscript.exe
2009-06-07 17:58:19 ----A---- C:\Windows\system32\wiaservc.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\sysclass.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\secur32.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\odbccp32.dll
2009-06-07 17:58:18 ----A---- C:\Windows\system32\ulib.dll
2009-06-07 17:58:18 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-07 17:58:17 ----A---- C:\Windows\system32\rastapi.dll
2009-06-07 17:58:17 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-06-07 17:58:17 ----A---- C:\Windows\system32\dsound.dll
2009-06-07 17:58:17 ----A---- C:\Windows\system32\cryptui.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\wscntfy.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\wlansvc.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\pnpsetup.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\fdProxy.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\wlangpui.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\rastls.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\gpapi.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\diskpart.exe
2009-06-07 17:58:15 ----A---- C:\Windows\system32\brcpl.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\wscsvc.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-06-07 17:58:14 ----A---- C:\Windows\system32\vdsdyn.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\netiohlp.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\logman.exe
2009-06-07 17:58:14 ----A---- C:\Windows\system32\iashlpr.dll
2009-06-07 17:58:13 ----A---- C:\Windows\system32\regsvc.dll
2009-06-07 17:58:13 ----A---- C:\Windows\system32\rasapi32.dll
2009-06-07 17:58:13 ----A---- C:\Windows\system32\ntprint.dll
2009-06-07 17:58:12 ----A---- C:\Windows\system32\wusa.exe
2009-06-07 17:58:12 ----A---- C:\Windows\system32\mscorier.dll
2009-06-07 17:58:11 ----A---- C:\Windows\system32\zipfldr.dll
2009-06-07 17:58:11 ----A---- C:\Windows\system32\iasrad.dll
2009-06-07 17:58:11 ----A---- C:\Windows\system32\findstr.exe
2009-06-07 17:58:10 ----A---- C:\Windows\system32\wshext.dll
2009-06-07 17:58:10 ----A---- C:\Windows\system32\wpccpl.dll
2009-06-07 17:58:10 ----A---- C:\Windows\system32\netcenter.dll
2009-06-07 17:58:08 ----A---- C:\Windows\system32\rasdlg.dll
2009-06-07 17:58:07 ----A---- C:\Windows\system32\wsnmp32.dll
2009-06-07 17:58:07 ----A---- C:\Windows\system32\wer.dll
2009-06-07 17:58:07 ----A---- C:\Windows\system32\iassvcs.dll
2009-06-07 17:58:06 ----A---- C:\Windows\system32\themecpl.dll
2009-06-07 17:58:03 ----A---- C:\Windows\system32\uxsms.dll
2009-06-07 17:58:03 ----A---- C:\Windows\system32\srvsvc.dll
2009-06-07 17:58:03 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\tsbyuv.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\scansetting.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\ntmarta.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\msutb.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\mstlsapi.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\iasads.dll
2009-06-07 17:58:01 ----A---- C:\Windows\system32\slcc.dll
2009-06-07 17:58:01 ----A---- C:\Windows\system32\powrprof.dll
2009-06-07 17:58:01 ----A---- C:\Windows\system32\mstsc.exe
2009-06-07 17:58:00 ----A---- C:\Windows\system32\powercpl.dll
2009-06-07 17:58:00 ----A---- C:\Windows\system32\networkmap.dll
2009-06-07 17:58:00 ----A---- C:\Windows\system32\iasacct.dll
2009-06-07 17:57:59 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-06-07 17:57:59 ----A---- C:\Windows\system32\authz.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\wlanhlp.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\sud.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\newdev.exe
2009-06-07 17:57:58 ----A---- C:\Windows\system32\dot3svc.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\connect.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\themeui.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\systemcpl.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\pcaui.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-06-07 17:57:55 ----A---- C:\Windows\system32\usercpl.dll
2009-06-07 17:57:55 ----A---- C:\Windows\system32\samlib.dll
2009-06-07 17:57:55 ----A---- C:\Windows\system32\mmci.dll
2009-06-07 17:57:54 ----A---- C:\Windows\system32\qdvd.dll
2009-06-07 17:57:54 ----A---- C:\Windows\system32\autoplay.dll
2009-06-07 17:57:53 ----A---- C:\Windows\system32\wlanpref.dll
2009-06-07 17:57:53 ----A---- C:\Windows\system32\rpchttp.dll
2009-06-07 17:57:53 ----A---- C:\Windows\system32\regapi.dll
2009-06-07 17:57:52 ----A---- C:\Windows\system32\wpcao.dll
2009-06-07 17:57:52 ----A---- C:\Windows\system32\msinfo32.exe
2009-06-07 17:57:51 ----A---- C:\Windows\system32\vdsutil.dll
2009-06-07 17:57:51 ----A---- C:\Windows\system32\tapisrv.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\scksp.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\scesrv.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\mpr.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\feclient.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\oleprn.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\imm32.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\dot3msm.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\AudioSes.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\wscisvif.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\rekeywiz.exe
2009-06-07 17:57:48 ----A---- C:\Windows\system32\iaspolcy.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\DeviceEject.exe
2009-06-07 17:57:47 ----A---- C:\Windows\system32\sdclt.exe
2009-06-07 17:57:47 ----A---- C:\Windows\system32\dpapimig.exe
2009-06-07 17:57:46 ----A---- C:\Windows\system32\qedit.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\pnpui.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\perfdisk.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\ncryptui.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\hdwwiz.exe
2009-06-07 17:57:46 ----A---- C:\Windows\system32\certreq.exe
2009-06-07 17:57:45 ----A---- C:\Windows\system32\scecli.dll
2009-06-07 17:57:45 ----A---- C:\Windows\system32\rasplap.dll
2009-06-07 17:57:45 ----A---- C:\Windows\system32\rasgcw.dll
2009-06-07 17:57:45 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-06-07 17:57:44 ----A---- C:\Windows\system32\TSTheme.exe
2009-06-07 17:57:44 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-06-07 17:57:43 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-06-07 17:57:43 ----A---- C:\Windows\system32\spwinsat.dll
2009-06-07 17:57:43 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-06-07 17:57:43 ----A---- C:\Windows\system32\cmmon32.exe
2009-06-07 17:57:42 ----A---- C:\Windows\system32\whealogr.dll
2009-06-07 17:57:42 ----A---- C:\Windows\system32\tcpmon.dll
2009-06-07 17:57:42 ----A---- C:\Windows\system32\fdWSD.dll
2009-06-07 17:57:41 ----A---- C:\Windows\system32\srcore.dll
2009-06-07 17:57:41 ----A---- C:\Windows\system32\SCardSvr.dll
2009-06-07 17:57:41 ----A---- C:\Windows\system32\conime.exe
2009-06-07 17:57:41 ----A---- C:\Windows\system32\cmdial32.dll
2009-06-07 17:57:40 ----A---- C:\Windows\system32\SnippingTool.exe
2009-06-07 17:57:40 ----A---- C:\Windows\system32\raschap.dll
2009-06-07 17:57:40 ----A---- C:\Windows\system32\fontext.dll
2009-06-07 17:57:39 ----A---- C:\Windows\system32\wiaaut.dll
2009-06-07 17:57:38 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-06-07 17:57:38 ----A---- C:\Windows\system32\wlanui.dll
2009-06-07 17:57:38 ----A---- C:\Windows\system32\rasppp.dll
2009-06-07 17:57:37 ----A---- C:\Windows\system32\wlanmsm.dll
2009-06-07 17:57:37 ----A---- C:\Windows\system32\shwebsvc.dll
2009-06-07 17:57:37 ----A---- C:\Windows\system32\PnPutil.exe
2009-06-07 17:57:37 ----A---- C:\Windows\system32\dsprop.dll
2009-06-07 17:57:36 ----A---- C:\Windows\system32\oobefldr.dll
2009-06-07 17:57:36 ----A---- C:\Windows\system32\dimsroam.dll
2009-06-07 17:57:35 ----A---- C:\Windows\system32\shsetup.dll
2009-06-07 17:57:35 ----A---- C:\Windows\system32\modemui.dll
2009-06-07 17:57:34 ----A---- C:\Windows\system32\rasmontr.dll
2009-06-07 17:57:34 ----A---- C:\Windows\system32\mscandui.dll
2009-06-07 17:57:33 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-07 17:57:32 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-06-07 17:57:32 ----A---- C:\Windows\system32\dataclen.dll
2009-06-07 17:57:31 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-06-07 17:57:31 ----A---- C:\Windows\system32\rdpwsx.dll
2009-06-07 17:57:31 ----A---- C:\Windows\system32\blackbox.dll
2009-06-07 17:57:30 ----A---- C:\Windows\system32\smss.exe
2009-06-07 17:57:30 ----A---- C:\Windows\system32\credui.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\WSDMon.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\netplwiz.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\certprop.dll
2009-06-07 17:57:28 ----A---- C:\Windows\system32\networkexplorer.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\wscapi.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\wpcsvc.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\msscp.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\logagent.exe
2009-06-07 17:57:27 ----A---- C:\Windows\system32\InkEd.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\ifmon.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\gpresult.exe
2009-06-07 17:57:27 ----A---- C:\Windows\system32\cipher.exe
2009-06-07 17:57:26 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-07 17:57:26 ----A---- C:\Windows\system32\msimtf.dll
2009-06-07 17:57:25 ----A---- C:\Windows\system32\sendmail.dll
2009-06-07 17:57:24 ----A---- C:\Windows\system32\softkbd.dll
2009-06-07 17:57:24 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-06-07 17:57:23 ----A---- C:\Windows\system32\msctfui.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\olepro32.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\dmsynth.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\puiapi.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\input.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\cdd.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\wshbth.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\version.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\SLLUA.exe
2009-06-07 17:57:20 ----A---- C:\Windows\system32\msisip.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\mprapi.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\fc.exe
2009-06-07 17:57:18 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\msjint40.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\l2nacp.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\ftp.exe
2009-06-07 17:57:18 ----A---- C:\Windows\system32\fdSSDP.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\eapp3hst.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\dmusic.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\cscapi.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\wsdchngr.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\rrinstaller.exe
2009-06-07 17:57:17 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\cscdll.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\Storprop.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\rasdial.exe
2009-06-07 17:57:16 ----A---- C:\Windows\system32\rasdiag.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\fdWCN.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\bthudtask.exe
2009-06-07 17:57:16 ----A---- C:\Windows\system32\bthci.dll
2009-06-07 17:57:15 ----A---- C:\Windows\system32\eappcfg.dll
2009-06-07 17:57:15 ----A---- C:\Windows\system32\dot3cfg.dll
2009-06-07 17:57:15 ----A---- C:\Windows\system32\aaclient.dll
2009-06-07 17:57:14 ----A---- C:\Windows\system32\tscupgrd.exe
2009-06-07 17:57:14 ----A---- C:\Windows\system32\mfps.dll
2009-06-07 17:57:14 ----A---- C:\Windows\system32\ipconfig.exe
2009-06-07 17:57:14 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-06-07 17:57:13 ----A---- C:\Windows\system32\slcinst.dll
2009-06-07 17:57:13 ----A---- C:\Windows\system32\nslookup.exe
2009-06-07 17:57:13 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\ocsetup.exe
2009-06-07 17:57:12 ----A---- C:\Windows\system32\hbaapi.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\fdeploy.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\eappgnui.dll
2009-06-07 17:57:11 ----A---- C:\Windows\system32\mmcico.dll
2009-06-07 17:57:11 ----A---- C:\Windows\system32\mfpmp.exe
2009-06-07 17:57:10 ----A---- C:\Windows\system32\tsgqec.dll
2009-06-07 17:57:10 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-06-07 17:57:10 ----A---- C:\Windows\system32\gpupdate.exe
2009-06-07 17:57:09 ----A---- C:\Windows\system32\cbsra.exe
2009-06-07 17:57:09 ----A---- C:\Windows\system32\atmlib.dll
2009-06-07 17:57:08 ----A---- C:\Windows\system32\iscsilog.dll
2009-06-07 17:57:08 ----A---- C:\Windows\system32\csrstub.exe
2009-06-07 17:57:08 ----A---- C:\Windows\system32\bitsigd.dll
2009-06-07 17:57:07 ----A---- C:\Windows\system32\NcdProp.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\winrnr.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\vdmdbg.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\slwga.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\odbcconf.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\inetppui.dll
2009-06-07 17:57:05 ----A---- C:\Windows\system32\midimap.dll
2009-06-07 17:57:05 ----A---- C:\Windows\system32\atmfd.dll
2009-06-07 17:57:02 ----A---- C:\Windows\system32\spwmp.dll
2009-06-07 17:57:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-07 17:57:01 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-07 17:56:56 ----A---- C:\Windows\system32\msimsg.dll
2009-06-07 17:56:56 ----A---- C:\Windows\system32\mferror.dll
2009-06-07 17:56:56 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-06-07 17:56:35 ----A---- C:\Windows\system32\SmiEngine.dll
2009-06-07 17:56:32 ----A---- C:\Windows\system32\wdscore.dll
2009-06-07 17:56:32 ----A---- C:\Windows\system32\PkgMgr.exe
2009-06-07 17:56:25 ----A---- C:\Windows\system32\drvstore.dll
2009-06-05 10:36:44 ----D---- C:\Users\James\AppData\Roaming\MegauploadToolbar
2009-06-05 10:36:44 ----D---- C:\Program Files\MegauploadToolbar
2009-06-04 18:45:56 ----D---- C:\ProgramData\Kontiki
2009-06-02 20:00:14 ----D---- C:\Users\James\AppData\Roaming\Move Networks
2009-05-30 08:11:35 ----D---- C:\Program Files\btscanner
2009-05-28 18:39:12 ----D---- C:\Downloads
2009-05-28 18:38:13 ----D---- C:\Users\James\AppData\Roaming\FlashGet
2009-05-28 18:37:47 ----D---- C:\Program Files\FlashGet
2009-05-26 13:26:45 ----D---- C:\Users\James\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-05-26 13:26:27 ----D---- C:\Program Files\BBC iPlayer Desktop
2009-05-26 01:10:34 ----D---- C:\Users\James\AppData\Roaming\vlc
2009-05-26 01:09:17 ----D---- C:\Program Files\VideoLAN
2009-05-23 21:03:24 ----D---- C:\Windows\Sun
2009-05-16 15:14:20 ----D---- C:\Program Files\TVAnts
2009-05-15 15:42:00 ----D---- C:\Users\James\AppData\Roaming\Apple Computer
2009-05-15 15:41:02 ----A---- C:\Windows\system32\GEARAspi.dll
2009-05-15 15:40:27 ----D---- C:\Program Files\iPod
2009-05-15 15:40:22 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-15 15:40:21 ----D---- C:\Program Files\iTunes
2009-05-15 15:38:48 ----D---- C:\Program Files\Bonjour
2009-05-15 15:34:51 ----D---- C:\Program Files\Common Files\Apple
2009-05-13 19:43:25 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\msls31.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\icardie.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\admparse.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\imgutil.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\corpol.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\occache.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\inseng.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\iepeers.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-13 19:43:21 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-13 19:43:21 ----A---- C:\Windows\system32\wextract.exe
2009-05-13 19:43:21 ----A---- C:\Windows\system32\webcheck.dll
2009-05-13 19:43:21 ----A---- C:\Windows\system32\msrating.dll
2009-05-13 19:43:21 ----A---- C:\Windows\system32\ieakui.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\mstime.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-13 19:43:20 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\advpack.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\vbscript.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\url.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\jscript.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-13 19:43:17 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\mshta.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\iexpress.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-10 00:56:13 ----D---- C:\ProgramData\Rosetta Stone
2009-05-09 20:09:52 ----D---- C:\Users\James\AppData\Roaming\Download Manager
2009-05-08 16:13:57 ----D---- C:\Program Files\PokerStars.NET
2009-05-05 23:47:19 ----D---- C:\Program Files\Common Files\DESIGNER
2009-05-05 23:45:56 ----D---- C:\Program Files\Microsoft.NET
2009-05-05 23:38:18 ----RHD---- C:\MSOCache
2009-05-05 20:38:39 ----D---- C:\Program Files\PowerISO
2009-05-04 12:16:44 ----D---- C:\Program Files\Common Files\xing shared
2009-05-04 12:16:21 ----A---- C:\Windows\system32\rmoc3260.dll
2009-05-04 12:16:07 ----A---- C:\Windows\system32\pndx5032.dll
2009-05-04 12:16:07 ----A---- C:\Windows\system32\pndx5016.dll
2009-05-04 12:16:04 ----D---- C:\Program Files\Real
2009-05-04 12:16:03 ----A---- C:\Windows\system32\pncrt.dll
2009-05-04 12:15:53 ----D---- C:\Program Files\Common Files\Real
2009-05-04 12:15:41 ----D---- C:\Users\James\AppData\Roaming\Real
2009-05-04 01:41:57 ----D---- C:\ProgramData\eBay
2009-05-03 19:24:45 ----D---- C:\Program Files\Common Files\Adobe AIR
2009-05-03 12:04:18 ----D---- C:\Program Files\SopCast
2009-05-02 10:23:18 ----D---- C:\Poker
2009-04-29 22:11:04 ----D---- C:\ProgramData\FLEXnet
2009-04-29 20:22:19 ----D---- C:\Program Files\Adobe Media Player
2009-04-29 20:13:21 ----D---- C:\ProgramData\Adobe
2009-04-29 20:12:44 ----D---- C:\Program Files\Adobe
2009-04-29 20:11:40 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-04-29 20:09:51 ----D---- C:\Program Files\Common Files\Adobe
2009-04-29 14:40:22 ----A---- C:\Users\James\AppData\Roaming\AutoGK.ini
2009-04-29 09:19:28 ----D---- C:\Program Files\XviD
2009-04-29 09:18:18 ----D---- C:\Program Files\AutoGK
2009-04-28 23:05:27 ----D---- C:\Users\James\AppData\Roaming\Megaupload
2009-04-28 23:05:06 ----D---- C:\ProgramData\Megaupload
2009-04-28 23:05:05 ----D---- C:\ProgramData\EmailNotifier
2009-04-28 23:04:40 ----D---- C:\Program Files\Megaupload
2009-04-26 11:49:41 ----D---- C:\Program Files\pspvc
2009-04-26 11:49:41 ----A---- C:\Windows\pspvc_path.ini
2009-04-25 20:18:51 ----D---- C:\Users\James\AppData\Roaming\gtk-2.0
2009-04-25 19:49:36 ----D---- C:\Program Files\GIMP-2.0
2009-04-25 12:05:01 ----HD---- C:\$AVG8.VAULT$
2009-04-25 01:11:52 ----D---- C:\Temp
2009-04-25 00:15:27 ----D---- C:\Program Files\Combined Community Codec Pack
2009-04-25 00:12:31 ----D---- C:\Users\James\AppData\Roaming\Media Player Classic
2009-04-25 00:04:15 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-04-25 00:04:15 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-04-25 00:04:14 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-04-25 00:04:13 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-04-25 00:04:13 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-04-25 00:04:12 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-04-25 00:04:11 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-04-25 00:04:10 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-04-25 00:04:10 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-04-25 00:04:10 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-04-25 00:04:09 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-04-25 00:04:09 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-04-25 00:04:08 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-04-25 00:04:08 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-04-25 00:04:07 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-04-25 00:04:07 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-04-25 00:04:07 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-04-25 00:04:06 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-04-25 00:04:06 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-04-25 00:04:06 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-04-25 00:04:05 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-04-25 00:04:05 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-04-25 00:04:04 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-04-25 00:04:04 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-04-25 00:04:03 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-04-25 00:04:03 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-04-25 00:04:03 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-04-25 00:04:02 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-04-25 00:04:01 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-04-25 00:04:01 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-04-25 00:04:00 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-04-25 00:04:00 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-04-25 00:04:00 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-04-25 00:03:59 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-04-25 00:03:58 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-04-25 00:03:58 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-04-25 00:03:58 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-04-25 00:03:57 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-04-25 00:03:56 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-04-25 00:03:56 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-04-25 00:03:55 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-04-25 00:03:54 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-04-25 00:03:54 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-04-25 00:03:53 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-04-25 00:03:53 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-04-25 00:03:53 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-04-25 00:03:52 ----A---- C:\Windows\system32\xinput1_3.dll
2009-04-25 00:03:51 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-04-25 00:03:50 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-04-25 00:03:50 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-04-25 00:03:50 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-04-25 00:03:49 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-04-25 00:03:48 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-04-25 00:03:48 ----A---- C:\Windows\system32\d3dx10.dll
2009-04-25 00:03:47 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-04-25 00:03:47 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-04-25 00:03:47 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-04-25 00:03:46 ----A---- C:\Windows\system32\xinput1_2.dll
2009-04-25 00:03:46 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-04-25 00:03:45 ----A---- C:\Windows\system32\xinput1_1.dll
2009-04-25 00:03:45 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-04-25 00:03:44 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-04-25 00:03:31 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-04-25 00:03:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-04-25 00:03:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-04-25 00:03:27 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-04-25 00:03:26 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-04-25 00:03:25 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-04-25 00:03:24 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-04-25 00:03:24 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-04-25 00:03:23 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-04-24 23:56:48 ----HD---- C:\Windows\msdownld.tmp
2009-04-24 23:56:40 ----D---- C:\Windows\system32\directx
2009-04-24 23:54:30 ----D---- C:\Program Files\AviSynth 2.5
2009-04-24 23:31:41 ----D---- C:\Users\James\AppData\Roaming\Mozilla
2009-04-24 19:59:55 ----D---- C:\ProgramData\Downloaded Installations
2009-04-24 19:59:18 ----A---- C:\Windows\system32\avgrsstx.dll
2009-04-24 19:57:52 ----D---- C:\Program Files\AVG
2009-04-24 19:57:51 ----D---- C:\ProgramData\avg8
2009-04-24 03:33:02 ----D---- C:\ProgramData\Backup
2009-04-24 03:09:14 ----D---- C:\Program Files\Mozilla Firefox
2009-04-24 03:07:26 ----A---- C:\Windows\system32\javaws.exe
2009-04-24 03:07:26 ----A---- C:\Windows\system32\javaw.exe
2009-04-24 03:07:26 ----A---- C:\Windows\system32\java.exe
2009-04-24 03:07:26 ----A---- C:\Windows\system32\deploytk.dll
2009-04-24 03:07:21 ----D---- C:\Program Files\Java
2009-04-24 02:29:01 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-04-24 02:13:38 ----A---- C:\Windows\system32\lvcoinst.ini
2009-04-24 02:13:38 ----A---- C:\Windows\system32\lvci11901262.dll
2009-04-24 02:12:53 ----D---- C:\Program Files\Logitech
2009-04-24 01:35:27 ----D---- C:\ProgramData\WindowsSearch
2009-04-23 14:34:06 ----D---- C:\Users\James\AppData\Roaming\Skype
2009-04-23 14:33:45 ----D---- C:\Program Files\Skype
2009-04-23 14:33:45 ----D---- C:\Program Files\Common Files\Skype
2009-04-23 11:19:43 ----DC---- C:\Windows\system32\DRVSTORE
2009-04-23 11:16:05 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-04-23 01:10:31 ----A---- C:\closelog.txt
2009-04-23 00:14:20 ----D---- C:\Users\James\AppData\Roaming\Leadertech
2009-04-23 00:13:56 ----D---- C:\ProgramData\Logishrd
2009-04-23 00:13:46 ----D---- C:\ProgramData\Logitech
2009-04-22 23:54:09 ----D---- C:\Program Files\Common Files\logishrd
2009-04-22 20:02:58 ----D---- C:\Users\James\AppData\Roaming\Macromedia
2009-04-22 20:02:44 ----D---- C:\Users\James\AppData\Roaming\Adobe
2009-04-22 20:00:53 ----D---- C:\Windows\system32\Macromed
2009-04-22 19:51:37 ----D---- C:\Program Files\QuickTime
2009-04-22 19:51:36 ----D---- C:\ProgramData\Apple Computer
2009-04-22 19:49:32 ----D---- C:\ProgramData\Apple
2009-04-22 19:49:32 ----D---- C:\Program Files\Apple Software Update
2009-04-22 19:28:19 ----D---- C:\Windows\system32\Service
2009-04-22 19:21:21 ----D---- C:\Users\James\AppData\Roaming\WinRAR
2009-04-22 19:20:52 ----D---- C:\Program Files\WinRAR
2009-04-22 18:42:45 ----D---- C:\Users\James\AppData\Roaming\skypePM
2009-04-22 18:33:45 ----D---- C:\Program Files\Microsoft
2009-04-22 18:33:25 ----D---- C:\Program Files\Windows Live SkyDrive
2009-04-22 18:30:49 ----D---- C:\Program Files\Windows Live
2009-04-22 18:28:50 ----D---- C:\Windows\PCHEALTH
2009-04-22 18:26:37 ----D---- C:\Program Files\Common Files\Windows Live
2009-04-22 18:23:19 ----D---- C:\ProgramData\Skype
2009-04-22 18:02:46 ----A---- C:\Windows\system32\psisdecd.dll
2009-04-22 17:34:06 ----D---- C:\Users\James\AppData\Roaming\InstallShield
2009-04-22 17:17:10 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-22 16:56:36 ----A---- C:\Windows\system32\wups2.dll
2009-04-22 16:56:36 ----A---- C:\Windows\system32\wucltux.dll
2009-04-22 16:56:36 ----A---- C:\Windows\system32\wuauclt.exe
2009-04-22 16:56:35 ----A---- C:\Windows\system32\wuaueng.dll
2009-04-22 16:56:11 ----A---- C:\Windows\system32\wups.dll
2009-04-22 16:56:11 ----A---- C:\Windows\system32\wudriver.dll
2009-04-22 16:56:11 ----A---- C:\Windows\system32\wuapi.dll
2009-04-22 16:55:48 ----A---- C:\Windows\system32\wuwebv.dll
2009-04-22 16:55:48 ----A---- C:\Windows\system32\wuapp.exe
2009-04-22 16:40:44 ----D---- C:\Program Files\Belkin
2009-04-22 16:23:36 ----D---- C:\Windows\{D9FAE986-A4C1-4A2D-8B20-60F92F4222AD}
2009-04-22 15:04:30 ----D---- C:\Windows\SoftwareDistribution
2009-04-22 15:00:38 ----SHD---- C:\System Volume Information
2009-04-22 14:12:23 ----D---- C:\Users\James\AppData\Roaming\The TechGuys
2009-04-22 14:11:35 ----D---- C:\Users\James\AppData\Roaming\Identities
2009-04-22 14:11:22 ----SD---- C:\Users\James\AppData\Roaming\Microsoft
2009-04-22 14:11:22 ----D---- C:\Users\James\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 3 months======

2009-07-01 09:27:30 ----D---- C:\Windows\Prefetch
2009-07-01 09:27:23 ----D---- C:\Windows\Temp
2009-07-01 09:27:05 ----D---- C:\Program Files
2009-07-01 09:24:42 ----D---- C:\Windows\System32
2009-07-01 09:20:02 ----SHD---- C:\Windows\Installer
2009-07-01 09:20:01 ----D---- C:\Windows\winsxs
2009-07-01 09:18:53 ----D---- C:\Windows
2009-06-30 11:19:28 ----HD---- C:\ProgramData
2009-06-30 11:19:26 ----D---- C:\Program Files\Common Files
2009-06-29 20:13:25 ----D---- C:\Windows\system32\drivers
2009-06-28 23:00:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-28 23:00:58 ----D---- C:\Windows\inf
2009-06-25 08:44:01 ----D---- C:\Windows\system32\catroot2
2009-06-24 15:28:15 ----RSD---- C:\Windows\Fonts
2009-06-24 03:02:20 ----D---- C:\Program Files\Internet Explorer
2009-06-23 20:06:24 ----D---- C:\Windows\system32\catroot
2009-06-23 20:04:12 ----D---- C:\Windows\WindowsMobile
2009-06-14 23:50:21 ----SHD---- C:\$Recycle.Bin
2009-06-11 01:17:13 ----D---- C:\Windows\Microsoft.NET
2009-06-11 01:15:51 ----RSD---- C:\Windows\assembly
2009-06-11 00:58:55 ----D---- C:\Windows\ehome
2009-06-11 00:58:34 ----D---- C:\Windows\system32\migration
2009-06-11 00:56:13 ----D---- C:\ProgramData\Microsoft Help
2009-06-07 18:45:29 ----D---- C:\Windows\rescache
2009-06-07 18:24:59 ----D---- C:\Program Files\Windows Mail
2009-06-07 18:24:59 ----D---- C:\Program Files\Windows Calendar
2009-06-07 18:24:59 ----D---- C:\Program Files\Movie Maker
2009-06-07 18:24:56 ----D---- C:\Program Files\Windows Sidebar
2009-06-07 18:24:56 ----D---- C:\Program Files\Windows Media Player
2009-06-07 18:24:56 ----D---- C:\Program Files\Windows Collaboration
2009-06-07 18:24:55 ----D---- C:\Program Files\Windows Journal
2009-06-07 18:24:52 ----D---- C:\Program Files\Windows Photo Gallery
2009-06-07 18:24:52 ----D---- C:\Program Files\Common Files\System
2009-06-07 18:24:45 ----D---- C:\Windows\servicing
2009-06-07 18:24:45 ----D---- C:\Program Files\Windows Defender
2009-06-07 18:24:29 ----D---- C:\Windows\IME
2009-06-07 18:24:28 ----D---- C:\Windows\system32\XPSViewer
2009-06-07 18:24:28 ----D---- C:\Windows\system32\sk-SK
2009-06-07 18:24:28 ----D---- C:\Windows\system32\lv-LV
2009-06-07 18:24:28 ----D---- C:\Windows\system32\ko-KR
2009-06-07 18:24:28 ----D---- C:\Windows\system32\hr-HR
2009-06-07 18:24:28 ----D---- C:\Windows\system32\et-EE
2009-06-07 18:24:28 ----D---- C:\Windows\system32\da-DK
2009-06-07 18:24:27 ----D---- C:\Windows\system32\en-US
2009-06-07 18:24:26 ----D---- C:\Windows\system32\oobe
2009-06-07 18:24:26 ----D---- C:\Windows\system32\it-IT
2009-06-07 18:24:26 ----D---- C:\Windows\system32\el-GR
2009-06-07 18:24:26 ----D---- C:\Windows\system32\de-DE
2009-06-07 18:24:20 ----D---- C:\Windows\system32\AdvancedInstallers
2009-06-07 18:24:19 ----D---- C:\Windows\system32\sv-SE
2009-06-07 18:24:19 ----D---- C:\Windows\system32\SLUI
2009-06-07 18:24:19 ----D---- C:\Windows\system32\setup
2009-06-07 18:24:19 ----D---- C:\Windows\system32\ru-RU
2009-06-07 18:24:19 ----D---- C:\Windows\system32\pt-PT
2009-06-07 18:24:19 ----D---- C:\Windows\system32\hu-HU
2009-06-07 18:24:19 ----D---- C:\Windows\system32\he-IL
2009-06-07 18:24:19 ----D---- C:\Windows\system32\fr-FR
2009-06-07 18:24:19 ----D---- C:\Windows\system32\fi-FI
2009-06-07 18:24:19 ----D---- C:\Windows\system32\cs-CZ
2009-06-07 18:24:18 ----D---- C:\Windows\system32\zh-TW
2009-06-07 18:24:18 ----D---- C:\Windows\system32\zh-CN
2009-06-07 18:24:18 ----D---- C:\Windows\system32\uk-UA
2009-06-07 18:24:18 ----D---- C:\Windows\system32\sr-Latn-CS
2009-06-07 18:24:18 ----D---- C:\Windows\system32\sl-SI
2009-06-07 18:24:18 ----D---- C:\Windows\system32\ro-RO
2009-06-07 18:24:18 ----D---- C:\Windows\system32\pl-PL
2009-06-07 18:24:18 ----D---- C:\Windows\system32\manifeststore
2009-06-07 18:24:18 ----D---- C:\Windows\system32\ja-JP
2009-06-07 18:24:18 ----D---- C:\Windows\system32\es-ES
2009-06-07 18:24:18 ----D---- C:\Windows\system32\en
2009-06-07 18:24:18 ----D---- C:\Windows\system32\bg-BG
2009-06-07 18:24:17 ----D---- C:\Windows\system32\th-TH
2009-06-07 18:24:16 ----D---- C:\Windows\system32\tr-TR
2009-06-07 18:24:15 ----D---- C:\Windows\system32\wbem
2009-06-07 18:24:13 ----D---- C:\Windows\system32\nl-NL
2009-06-07 18:24:13 ----D---- C:\Windows\system32\nb-NO
2009-06-07 18:24:13 ----D---- C:\Windows\system32\lt-LT
2009-06-07 18:24:13 ----D---- C:\Windows\system32\ar-SA
2009-06-07 18:24:10 ----D---- C:\Windows\system32\migwiz
2009-06-07 18:24:08 ----D---- C:\Windows\system32\pt-BR
2009-06-07 18:22:21 ----D---- C:\Windows\AppPatch
2009-06-07 18:22:08 ----D---- C:\Windows\system32\Boot
2009-06-07 18:20:06 ----D---- C:\Windows\system32\RTCOM
2009-06-01 17:51:12 ----A---- C:\Windows\system32\mrt.exe
2009-05-17 15:13:41 ----SD---- C:\Windows\Downloaded Program Files
2009-05-13 19:57:21 ----D---- C:\Windows\PolicyDefinitions
2009-05-13 19:50:49 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-13 19:46:56 ----A---- C:\Windows\win.ini
2009-05-08 16:21:19 ----D---- C:\Windows\system32\Tasks
2009-05-06 00:45:01 ----D---- C:\Windows\Tasks
2009-05-05 23:47:55 ----D---- C:\Program Files\MSBuild
2009-05-05 23:47:38 ----D---- C:\Program Files\Microsoft Office
2009-05-05 23:47:11 ----D---- C:\Windows\ShellNew
2009-05-05 23:45:57 ----SD---- C:\ProgramData\Microsoft
2009-05-04 02:12:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-04 01:41:04 ----D---- C:\Program Files\Common Files\InstallShield
2009-04-30 08:50:16 ----D---- C:\Windows\system32\WDI
2009-04-24 23:57:28 ----D---- C:\Windows\Logs
2009-04-23 18:43:49 ----RD---- C:\Users
2009-04-23 15:30:17 ----D---- C:\Windows\system32\LogFiles
2009-04-23 15:26:17 ----HD---- C:\Windows\system32\GroupPolicy
2009-04-22 23:56:12 ----D---- C:\Program Files\Microsoft Silverlight
2009-04-22 23:54:09 ----D---- C:\Windows\twain_32
2009-04-22 18:15:02 ----D---- C:\Windows\Debug
2009-04-22 16:34:34 ----D---- C:\Program Files\Google
2009-04-22 16:25:45 ----D---- C:\Windows\system32\NDF
2009-04-22 15:07:20 ----D---- C:\ProgramData\Google
2009-04-22 15:05:20 ----D---- C:\Windows\Panther
2009-04-22 14:21:37 ----D---- C:\Windows\system32\restore
2009-04-11 07:32:46 ----A---- C:\Windows\system32\halmacpi.dll
2009-04-11 07:32:46 ----A---- C:\Windows\system32\hal.dll
2009-04-11 07:32:43 ----A---- C:\Windows\system32\halacpi.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2009-04-25 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-06-11 327688]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-06-17 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-04-25 108552]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R3 AVGIDSDriver;AVGIDSDriver; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSDriver.sys [2009-02-26 121352]
R3 AVGIDSFilter;AVGIDSFilter; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSFilter.sys [2009-02-26 30216]
R3 AVGIDSShim;AVGIDSShim; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSShim.sys [2009-02-26 29136]
R3 BELKIN;Belkin Wireless G USB Network Adapter; C:\Windows\system32\DRIVERS\BLKWGU.sys [2007-05-31 252416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-09 2167128]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-12-16 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-12-17 768024]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-12-17 41752]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-12-17 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-12-17 2686104]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2008-07-22 51200]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 GpdDevDPort;GpdDevDPort; \??\C:\Windows\system32\directport.sys []
S3 GpdKbFilter;GpdKbFilter; \??\C:\Windows\system32\kbfiltr.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
S3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-21 20992]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 RTL8187Se;Realtek RTL8187SE Wireless LAN PCIE Network Adapter; C:\Windows\system32\DRIVERS\RTL8187Se.sys [2008-07-10 331776]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-05-06 62976]
S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-21 7680]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-06-17 906520]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-25 298776]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-06-11 1368952]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe [2009-02-26 5576712]
R2 AVGIDSWatcher;AVGIDSWatcher; C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe [2009-02-26 563720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-12-16 150040]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
R2 OsdService;OSD Service; C:\Windows\Installer\MSI3BEB.tmp [2009-04-23 94208]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-29 655624]
S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm

Re: Dead slow PC & internet cuts out

Unread postby Shaba » July 1st, 2009, 5:15 am

Looks like not all Adobe products are legit.

Uninstall this:

Adobe AIR

Download HostsXpert and unzip it to your desktop.

Open HostsXpert that you earlier unzipped on your desktop

  • Click "Make Hosts Writable?" upper right corner (if available)
  • Click "Restore Microsoft's Original Hosts File" and then click OK
  • Close HostsXpert
Note; IF you used any custom Hosts (eg. MVPS Hosts), you will have put them back manually

Delete info.txt from c:\rsit folder.

Rerun rsit and post back fresh rsit logs, please.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 7:26 am

Shaba wrote:Looks like not all Adobe products are legit.

Uninstall this:

Adobe AIR

Download HostsXpert and unzip it to your desktop.

Open HostsXpert that you earlier unzipped on your desktop

  • Click "Make Hosts Writable?" upper right corner (if available)
  • Click "Restore Microsoft's Original Hosts File" and then click OK
  • Close HostsXpert
Note; IF you used any custom Hosts (eg. MVPS Hosts), you will have put them back manually

Delete info.txt from c:\rsit folder.

Rerun rsit and post back fresh rsit logs, please.


Ok AIR is now gone (I hope lol).

info.txt logfile of random's system information tool 1.06 2009-07-01 12:14:30

======Uninstall list======

-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Acrobat.com-->MsiExec.exe /X{287ECFA4-719A-2143-A09B-D6A12DE54E40}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Media Player-->msiexec /qb /x {39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Media Player-->MsiExec.exe /I{39F6E2B4-CFE8-C30A-66E8-489651F0F34C}
Adobe Reader 9.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Apple Mobile Device Support-->MsiExec.exe /I{AFA20D47-69C3-4030-8DF8-D37466E70F13}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Auto Gordian Knot 2.55-->C:\Program Files\AutoGK\uninst.exe
AVG 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
AVG Identity Protection-->MsiExec.exe /X{7583D2F8-8E7D-40C5-9862-4D218006FB84}
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
BBC iPlayer Desktop-->MsiExec.exe /X{5FE917F6-88DB-82FC-AC44-EDF00C57EF21}
Belkin Wireless Driver-->C:\Program Files\InstallShield Installation Information\{D593C72C-435B-4171-8106-9CA8AA34D716}\SETUP.EXE -v"ISSCRIPTCMDLINE=\"-d -zREMOVE\"" -l0x0009 -removeonly
Belkin Wireless USB Utility-->C:\Program Files\InstallShield Installation Information\{A6359CCF-215D-43D9-8366-479D231F2A72}\setup.exe -runfromtemp -l0x0409
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
Choice Guard-->MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Combined Community Codec Pack 2008-09-21 16:18-->"C:\Program Files\Combined Community Codec Pack\unins000.exe"
DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
GIMP 2.6.6-->"C:\Program Files\GIMP-2.0\setup\unins000.exe"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
iTunes-->MsiExec.exe /I{5EFCBB42-36AB-4FF9-B90C-E78C7B9EE7B3}
Java(TM) 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Junk Mail filter update-->MsiExec.exe /I{4DE3E3D9-AE81-45DE-9195-3015F7B1DBF3}
Logitech QuickCam Driver Package-->"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\11.90.1262\LgDrvInst.exe" -remove -instdir"C:\Program Files\Common Files\LogiShrd\LogiDriverStore\lvdrivers\" -enumdelay=200 -enabledifx -forcedelete -usbhubsfirst -forceremove -cumulativeremove -arpregkey"lvdrivers_11.90" /clone_wait /hide_progress
Logitech QuickCam-->MsiExec.exe /I{937B232D-9776-471E-92BD-D424E514EF14}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Mega Manager-->C:\Program Files\InstallShield Installation Information\{3B6E3FC6-274C-4B6C-BC85-5C3B15DE18E2}\setup.exe -runfromtemp -l0x0009 -removeonly
Megaupload Toolbar-->C:\Program Files\MegauploadToolbar\uninstall.exe
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-00BA-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0114-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0115-0409-0000-0000000FF1CE} /uninstall {DE5A002D-8122-4278-A7EE-3121E7EA254E}
Microsoft Office 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-0117-0409-0000-0000000FF1CE} /uninstall {2FC4457D-409E-466F-861F-FB0CB796B53E}
Microsoft Office Access MUI (English) 2007-->MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007-->"C:\Program Files\Common Files\Microsoft Shared\OFFICE12\Office Setup Controller\setup.exe" /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007-->MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007-->MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007-->MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007-->MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office Live Add-in 1.3-->MsiExec.exe /I{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}
Microsoft Office OneNote MUI (English) 2007-->MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007-->MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007-->MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007-->MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007-->MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007-->MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007-->MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0409-0000-0000000FF1CE} /uninstall {ABDDE972-355B-4AF1-89A8-DA50B7B5C045}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-040C-0000-0000000FF1CE} /uninstall {F580DDD5-8D37-4998-968E-EBB76BB86787}
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)-->msiexec /package {90120000-001F-0C0A-0000-0000000FF1CE} /uninstall {187308AB-5FA7-4F14-9AB9-D290383A10D9}
Microsoft Office Publisher MUI (English) 2007-->MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007-->MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007-->MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007-->MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack-->MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight-->MsiExec.exe /I{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]-->MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)-->MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)-->MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Mozilla Firefox (3.0.9)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB927978)-->MsiExec.exe /I{37477865-A3F1-4772-AD43-AAFC6BCFF99F}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nero 9-->C:\Program Files\Common Files\Nero\Nero ProductInstaller 4\SetupX.exe REMOVESERIALNUMBER="9M03-01A1-PCX7-K31A-8A94-98PT-KT2E-522A"
neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B}
PokerStars.net-->"C:\Program Files\PokerStars.NET\PokerStarsUninstall.exe" /u:PokerStars.net
PowerISO-->"C:\Program Files\PowerISO\uninstall.exe"
PSPVC :: PSP Video Converter v3.72-->"C:\Program Files\pspvc\Uninstall.exe"
QuickTime-->MsiExec.exe /I{216AB108-2AE1-4130-B3D5-20B2C4C80F8F}
RealPlayer-->C:\Program Files\Common Files\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0
Realtek 8169 8168 8101E 8102E Ethernet Driver-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m -nrg2709
Realtek USB 2.0 Card Reader-->C:\Program Files\InstallShield Installation Information\{DC24971E-1946-445D-8A82-CE685433FA7D}\setup.exe -runfromtemp -l0x0009 -removeonly
Security Update for 2007 Microsoft Office System (KB969559)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {69F52148-9BF6-4CDC-BF76-103DEAF3DD08}
Security Update for 2007 Microsoft Office System (KB969679)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C66E4A6C-6E07-4C63-8CCD-2493B5087C73}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}
Security Update for Microsoft Office Excel 2007 (KB969682)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C03803BD-745A-46F8-8557-817DED578780}
Security Update for Microsoft Office PowerPoint 2007 (KB957789)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {7559E742-FF9F-4FAE-B279-008ED296CB4D}
Security Update for Microsoft Office system 2007 (KB969613)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {5ECEB317-CBE9-4E08-AB10-756CB6F0FB6C}
Security Update for Microsoft Office Word 2007 (KB969604)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {CF3D6499-709C-43D0-8908-BC5652656050}
Skype™ 3.8-->MsiExec.exe /X{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}
SopCast 2.0.4-->C:\Program Files\SopCast\uninst.exe
TVAnts 1.0-->C:\PROGRA~1\TVAnts\UNWISE.EXE C:\PROGRA~1\TVAnts\INSTALL.LOG
Update for 2007 Microsoft Office System (KB967642)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft Office 2007 Help for Common Features (KB963673)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)-->msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)-->msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)-->msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)-->msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 (KB969907)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {74F98B24-AFBD-4800-9BD6-87D349B5C462}
Update for Microsoft Office Outlook 2007 Help (KB963677)-->msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)-->msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)-->msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)-->msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)-->msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb970012)-->msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {DC4A962B-9EC2-469C-BC9C-87312ADAEE81}
VideoLAN VLC media player 0.8.6d-->C:\Program Files\VideoLAN\VLC\uninstall.exe
Windows Live Call-->MsiExec.exe /I{F6BD194C-4190-4D73-B1B1-C48C99921BFE}
Windows Live Communications Platform-->MsiExec.exe /I{3B4E636E-9D65-4D67-BA61-189800823F52}
Windows Live Essentials-->C:\Program Files\Windows Live\Installer\wlarp.exe
Windows Live Essentials-->MsiExec.exe /I{C6CA8874-5F22-4AF0-9BE3-016BF299C536}
Windows Live Family Safety-->MsiExec.exe /X{76CD2979-09C0-493A-84B3-8FD97EF4BCEA}
Windows Live Mail-->MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Messenger-->MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Movie Maker Beta-->MsiExec.exe /X{6F6594CB-DA1B-4FFB-B397-CACE3D5F668B}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Windows Live Photo Gallery-->MsiExec.exe /X{3C52E7DA-C431-4239-B66B-1BF703D5B194}
Windows Live Sign-in Assistant-->MsiExec.exe /I{45338B07-A236-4270-9A77-EBB4115517B5}
Windows Live Sync-->MsiExec.exe /X{A1BF9950-8CDB-468E-83FA-EACFB00EA7D5}
Windows Live Toolbar-->MsiExec.exe /X{995F1E2E-F542-4310-8E1D-9926F5A279B3}
Windows Live Upload Tool-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer-->MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
WinRAR archiver-->C:\Program Files\WinRAR\uninstall.exe
Xvid 1.2.1 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
XviD MPEG4 Video Codec (remove only)-->"C:\Program Files\XviD\xvid-uninstall.exe"

======Hosts File======

127.0.0.1 localhost

======Security center information======

AS: Windows Defender

======System event log======

Computer Name: WIN-VHGBRI79DG3
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 2975
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090422140309.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 134
Message: NtpClient was unable to set a manual peer to use as a time source because of DNS resolution error on 'time.windows.com,0x9'. NtpClient will try again in 15 minutes and double the reattempt interval thereafter. The error was: No such host is known. (0x80072AF9)
Record Number: 2974
Source Name: Microsoft-Windows-Time-Service
Time Written: 20090422140308.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 15016
Message: Unable to initialize the security package Kerberos for server side authentication. The data field contains the error number.
Record Number: 2973
Source Name: Microsoft-Windows-HttpEvent
Time Written: 20090422140305.344663-000
Event Type: Error
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 263
Message: The service 'ShellHWDetection' may not have unregistered for device event notifications before it was stopped.
Record Number: 2971
Source Name: PlugPlayManager
Time Written: 20090422140305.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4001
Message: WLAN AutoConfig service has successfully stopped.

Record Number: 2962
Source Name: Microsoft-Windows-WLAN-AutoConfig
Time Written: 20081223111554.980200-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: James-PC
Event Code: 33
Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\wksdb.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 765
Source Name: SideBySide
Time Written: 20090422131158.000000-000
Event Type: Error
User:

Computer Name: James-PC
Event Code: 33
Message: Activation context generation failed for "C:\Windows\Installer\{67E03279-F703-408F-B4BF-46B5FC8D70CD}\WksCal.exe". Dependent Assembly msadctls,processorArchitecture="x86",type="win32",version="1.0.1801.0" could not be found. Please use sxstrace.exe for detailed diagnosis.
Record Number: 764
Source Name: SideBySide
Time Written: 20090422131158.000000-000
Event Type: Error
User:

Computer Name: James-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 742
Source Name: Microsoft-Windows-WMI
Time Written: 20090422140852.000000-000
Event Type: Error
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 729
Source Name: Microsoft-Windows-Search
Time Written: 20090422140525.000000-000
Event Type: Warning
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 1036
Message: InitializePrintProvider failed for provider inetpp.dll. This can occur because of system instability or a lack of system resources.
Record Number: 724
Source Name: Microsoft-Windows-SpoolerSpoolss
Time Written: 20090422140508.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Security event log=====

Computer Name: WIN-VHGBRI79DG3
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: WIN-VHGBRI79DG3$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x284
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 1005
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.046990-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 1004
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.000190-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: WIN-VHGBRI79DG3$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x284
Process Name: C:\Windows\System32\services.exe

Network Information:
Workstation Name:
Source Network Address: -
Source Port: -

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 1003
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.000190-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: WIN-VHGBRI79DG3$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x284
Process Name: C:\Windows\System32\services.exe

Network Information:
Network Address: -
Port: -

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 1002
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20081223111454.000190-000
Event Type: Audit Success
User:

Computer Name: WIN-VHGBRI79DG3
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-3121166545-3975070627-2469533456-500
Account Name: Administrator
Domain Name: WIN-VHGBRI79DG3
Logon ID: 0x22f71
Record Number: 1001
Source Name: Microsoft-Windows-Eventlog
Time Written: 20081223111448.961390-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;C:\PROGRAM FILES\QUICKTIME\QTSYSTEM\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=15
"PROCESSOR_IDENTIFIER"=x86 Family 15 Model 6 Stepping 4, GenuineIntel
"PROCESSOR_REVISION"=0604
"NUMBER_OF_PROCESSORS"=1
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\QuickTime\QTSystem\QTJava.zip
"QTJAVA"=C:\Program Files\QuickTime\QTSystem\QTJava.zip

-----------------EOF-----------------
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 7:27 am

Logfile of random's system information tool 1.06 (written by random/random)
Run by James at 2009-07-01 12:14:01
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 32 GB (23%) free of 142 GB
Total RAM: 2494 MB (59% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:14:15 PM, on 01/07/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSUI.exe
C:\Windows\WindowsMobile\wmdSync.exe
C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSMonitor.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\James\Desktop\RSIT.exe
C:\Program Files\trend micro\James.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: Megaupload Toolbar - {A057A204-BACC-4D26-C39E-35F1D2A32EC8} - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [AVGIDS] "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Windows Mobile-based device management] %windir%\WindowsMobile\wmdSync.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O8 - Extra context menu item: Download Link Using Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MI1933~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MI1933~1\Office12\ONBttnIE.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MI1933~1\Office12\REFIEBAR.DLL
O9 - Extra button: PokerStars.net - {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files\PokerStars.NET\PokerStarsUpdate.exe
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: AVG8 Firewall (avgfws8) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgfws8.exe
O23 - Service: AVGIDSAgent - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe
O23 - Service: AVGIDSWatcher - AVG - C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: OSD Service (OsdService) - TODO: <????> - C:\Windows\Installer\MSI3BEB.tmp

--
End of file - 7899 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2706847523-1309264820-3873025358-1000.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2008-11-07 1088296]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3049C3E9-B461-4BC5-8870-4C09146192CA}]
RealPlayer Download and Record Plugin for Internet Explorer - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll [2009-05-04 312928]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-04-25 1107224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A057A204-BACC-4D26-C39E-35F1D2A32EC8}]
Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bf00e119-21a3-4fd1-b178-3b8537e75c92}]
IeMonitorBho Class - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll [2008-06-23 110592]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-04-24 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{A057A204-BACC-4D26-C39E-35F1D2A32EC8} - Megaupload Toolbar - C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL [2008-08-04 1947080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-09-09 6281760]
"Skytel"=C:\Windows\Skytel.exe [2008-09-09 1833504]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-04-24 148888]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-06-11 1948440]
"AVGIDS"=C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe [2009-02-26 1579528]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"Windows Mobile-based device management"=C:\Windows\WindowsMobile\wmdSync.exe [2008-01-21 215552]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-02-06 3885408]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
igfxdev.dll []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\BitTorrent\bittorrent.exe"="C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit -
.js - open -
.txt - open -

======List of files/folders created in the last 3 months======

2009-07-01 12:07:59 ----SHD---- C:\Config.Msi
2009-07-01 09:27:05 ----D---- C:\Program Files\trend micro
2009-07-01 09:27:04 ----D---- C:\rsit
2009-07-01 09:19:07 ----D---- C:\Program Files\MSXML 4.0
2009-06-30 13:21:28 ----D---- C:\Users\James\AppData\Roaming\Nero
2009-06-30 11:20:44 ----D---- C:\Program Files\Nero
2009-06-30 11:19:28 ----D---- C:\ProgramData\Nero
2009-06-30 11:19:26 ----D---- C:\Program Files\Common Files\Nero
2009-06-29 23:11:02 ----D---- C:\Program Files\Windows Live Safety Center
2009-06-29 20:13:42 ----D---- C:\Users\James\AppData\Roaming\Malwarebytes
2009-06-29 20:13:21 ----D---- C:\ProgramData\Malwarebytes
2009-06-29 20:13:21 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-06-28 15:13:03 ----D---- C:\Program Files\Avi2Dvd
2009-06-24 19:02:49 ----D---- C:\Users\James\AppData\Roaming\MailWasherFree
2009-06-11 00:47:48 ----D---- C:\Program Files\Microsoft Visual Studio 8
2009-06-11 00:46:13 ----A---- C:\Windows\system32\mshtml.dll
2009-06-11 00:46:12 ----A---- C:\Windows\system32\ieframe.dll
2009-06-11 00:46:11 ----A---- C:\Windows\system32\iertutil.dll
2009-06-11 00:46:10 ----A---- C:\Windows\system32\wininet.dll
2009-06-11 00:46:10 ----A---- C:\Windows\system32\urlmon.dll
2009-06-11 00:46:10 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\ieui.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\iesetup.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\iernonce.dll
2009-06-11 00:46:09 ----A---- C:\Windows\system32\ie4uinit.exe
2009-06-11 00:45:39 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-11 00:45:34 ----A---- C:\Windows\system32\localspl.dll
2009-06-11 00:45:05 ----A---- C:\Windows\system32\sbe.dll
2009-06-11 00:45:05 ----A---- C:\Windows\system32\MSDTVVDEC.DLL
2009-06-11 00:45:05 ----A---- C:\Windows\system32\CPFilters.dll
2009-06-07 18:22:11 ----D---- C:\Windows\system32\eu-ES
2009-06-07 18:22:11 ----D---- C:\Windows\system32\ca-ES
2009-06-07 18:22:08 ----D---- C:\Windows\system32\vi-VN
2009-06-07 18:02:59 ----D---- C:\Windows\system32\EventProviders
2009-06-07 18:01:02 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-06-07 18:00:56 ----A---- C:\Windows\system32\SLsvc.exe
2009-06-07 18:00:56 ----A---- C:\Windows\system32\SLCExt.dll
2009-06-07 18:00:52 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-07 18:00:52 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-06-07 18:00:50 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-06-07 18:00:46 ----A---- C:\Windows\system32\mssrch.dll
2009-06-07 18:00:42 ----A---- C:\Windows\system32\tquery.dll
2009-06-07 18:00:40 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-07 18:00:40 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-07 18:00:39 ----A---- C:\Windows\system32\scavenge.dll
2009-06-07 18:00:39 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-06-07 18:00:38 ----A---- C:\Windows\system32\RMActivate.exe
2009-06-07 18:00:36 ----A---- C:\Windows\system32\msi.dll
2009-06-07 18:00:35 ----A---- C:\Windows\system32\imapi2fs.dll
2009-06-07 18:00:34 ----A---- C:\Windows\system32\secproc_isv.dll
2009-06-07 18:00:33 ----A---- C:\Windows\system32\WscEapPr.dll
2009-06-07 18:00:33 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-06-07 18:00:33 ----A---- C:\Windows\system32\sysmain.dll
2009-06-07 18:00:30 ----A---- C:\Windows\system32\mf.dll
2009-06-07 18:00:30 ----A---- C:\Windows\system32\icardagt.exe
2009-06-07 18:00:29 ----A---- C:\Windows\system32\EhStorShell.dll
2009-06-07 18:00:29 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-06-07 18:00:27 ----A---- C:\Windows\system32\spreview.exe
2009-06-07 18:00:27 ----A---- C:\Windows\system32\spinstall.exe
2009-06-07 18:00:27 ----A---- C:\Windows\system32\drmv2clt.dll
2009-06-07 18:00:25 ----A---- C:\Windows\system32\spwizui.dll
2009-06-07 18:00:25 ----A---- C:\Windows\system32\secproc.dll
2009-06-07 18:00:25 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-06-07 18:00:23 ----A---- C:\Windows\system32\shell32.dll
2009-06-07 18:00:20 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-07 18:00:20 ----A---- C:\Windows\system32\p2psvc.dll
2009-06-07 18:00:19 ----A---- C:\Windows\system32\mssvp.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\mssph.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-06-07 18:00:18 ----A---- C:\Windows\system32\mscoree.dll
2009-06-07 18:00:18 ----A---- C:\Windows\system32\imapi2.dll
2009-06-07 18:00:17 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-07 18:00:17 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-07 18:00:15 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-06-07 18:00:15 ----A---- C:\Windows\system32\esent.dll
2009-06-07 18:00:15 ----A---- C:\Windows\system32\DevicePairing.dll
2009-06-07 18:00:13 ----A---- C:\Windows\system32\sperror.dll
2009-06-07 18:00:13 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-06-07 18:00:12 ----A---- C:\Windows\system32\wevtsvc.dll
2009-06-07 18:00:12 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-07 18:00:11 ----A---- C:\Windows\system32\SLC.dll
2009-06-07 18:00:11 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-07 18:00:11 ----A---- C:\Windows\system32\IasMigReader.exe
2009-06-07 18:00:10 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-06-07 18:00:09 ----A---- C:\Windows\system32\wmp.dll
2009-06-07 18:00:09 ----A---- C:\Windows\system32\msshsq.dll
2009-06-07 18:00:08 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-07 18:00:07 ----A---- C:\Windows\system32\msjet40.dll
2009-06-07 18:00:06 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-07 18:00:06 ----A---- C:\Windows\system32\MPSSVC.dll
2009-06-07 18:00:05 ----A---- C:\Windows\system32\msxml6.dll
2009-06-07 18:00:04 ----A---- C:\Windows\system32\Query.dll
2009-06-07 18:00:03 ----A---- C:\Windows\system32\qmgr.dll
2009-06-07 18:00:03 ----A---- C:\Windows\system32\msexch40.dll
2009-06-07 18:00:02 ----A---- C:\Windows\system32\P2PGraph.dll
2009-06-07 18:00:02 ----A---- C:\Windows\system32\diagperf.dll
2009-06-07 18:00:01 ----A---- C:\Windows\system32\ole32.dll
2009-06-07 18:00:01 ----A---- C:\Windows\system32\ntdll.dll
2009-06-07 18:00:00 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-07 18:00:00 ----A---- C:\Windows\system32\msxml3.dll
2009-06-07 17:59:59 ----A---- C:\Windows\system32\winload.exe
2009-06-07 17:59:59 ----A---- C:\Windows\system32\uDWM.dll
2009-06-07 17:59:59 ----A---- C:\Windows\system32\mmc.exe
2009-06-07 17:59:59 ----A---- C:\Windows\system32\mblctr.exe
2009-06-07 17:59:59 ----A---- C:\Windows\system32\EncDec.dll
2009-06-07 17:59:58 ----A---- C:\Windows\system32\dfsr.exe
2009-06-07 17:59:57 ----A---- C:\Windows\system32\riched20.dll
2009-06-07 17:59:57 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-06-07 17:59:56 ----A---- C:\Windows\system32\RacEngn.dll
2009-06-07 17:59:56 ----A---- C:\Windows\system32\fdBth.dll
2009-06-07 17:59:55 ----A---- C:\Windows\system32\kernel32.dll
2009-06-07 17:59:54 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-07 17:59:54 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-07 17:59:54 ----A---- C:\Windows\system32\milcore.dll
2009-06-07 17:59:54 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-06-07 17:59:53 ----A---- C:\Windows\system32\spoolss.dll
2009-06-07 17:59:53 ----A---- C:\Windows\system32\schedsvc.dll
2009-06-07 17:59:53 ----A---- C:\Windows\system32\CertEnroll.dll
2009-06-07 17:59:52 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-06-07 17:59:51 ----A---- C:\Windows\system32\msjtes40.dll
2009-06-07 17:59:51 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\msvcp60.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\gpedit.dll
2009-06-07 17:59:50 ----A---- C:\Windows\system32\fsquirt.exe
2009-06-07 17:59:48 ----A---- C:\Windows\system32\WinSAT.exe
2009-06-07 17:59:48 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-06-07 17:59:48 ----A---- C:\Windows\system32\es.dll
2009-06-07 17:59:47 ----A---- C:\Windows\system32\Magnify.exe
2009-06-07 17:59:47 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-06-07 17:59:46 ----A---- C:\Windows\system32\mstext40.dll
2009-06-07 17:59:46 ----A---- C:\Windows\system32\advapi32.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\WMPhoto.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\WebClnt.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\slwmi.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\msexcl40.dll
2009-06-07 17:59:44 ----A---- C:\Windows\system32\comsvcs.dll
2009-06-07 17:59:43 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-06-07 17:59:43 ----A---- C:\Windows\system32\vssapi.dll
2009-06-07 17:59:43 ----A---- C:\Windows\system32\msxbde40.dll
2009-06-07 17:59:42 ----A---- C:\Windows\system32\mstscax.dll
2009-06-07 17:59:42 ----A---- C:\Windows\system32\authui.dll
2009-06-07 17:59:41 ----A---- C:\Windows\system32\NetProjW.dll
2009-06-07 17:59:40 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-07 17:59:40 ----A---- C:\Windows\system32\msrepl40.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\propsys.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\newdev.dll
2009-06-07 17:59:39 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-07 17:59:38 ----A---- C:\Windows\system32\gpsvc.dll
2009-06-07 17:59:38 ----A---- C:\Windows\system32\eudcedit.exe
2009-06-07 17:59:38 ----A---- C:\Windows\system32\crypt32.dll
2009-06-07 17:59:38 ----A---- C:\Windows\explorer.exe
2009-06-07 17:59:37 ----A---- C:\Windows\system32\setupapi.dll
2009-06-07 17:59:37 ----A---- C:\Windows\system32\rpcss.dll
2009-06-07 17:59:37 ----A---- C:\Windows\system32\mspbde40.dll
2009-06-07 17:59:37 ----A---- C:\Windows\system32\d3d9.dll
2009-06-07 17:59:36 ----A---- C:\Windows\system32\davclnt.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\shlwapi.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\msltus40.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\mfc42.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-06-07 17:59:35 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-06-07 17:59:34 ----A---- C:\Windows\system32\msrd3x40.dll
2009-06-07 17:59:34 ----A---- C:\Windows\system32\msdtctm.dll
2009-06-07 17:59:34 ----A---- C:\Windows\system32\browseui.dll
2009-06-07 17:59:33 ----A---- C:\Windows\system32\wevtapi.dll
2009-06-07 17:59:33 ----A---- C:\Windows\system32\photowiz.dll
2009-06-07 17:59:33 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-07 17:59:31 ----A---- C:\Windows\system32\user32.dll
2009-06-07 17:59:31 ----A---- C:\Windows\system32\samsrv.dll
2009-06-07 17:59:31 ----A---- C:\Windows\system32\ci.dll
2009-06-07 17:59:30 ----A---- C:\Windows\system32\win32spl.dll
2009-06-07 17:59:30 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-06-07 17:59:30 ----A---- C:\Windows\system32\quartz.dll
2009-06-07 17:59:29 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-06-07 17:59:29 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-07 17:59:29 ----A---- C:\Windows\system32\oleaut32.dll
2009-06-07 17:59:29 ----A---- C:\Windows\system32\kerberos.dll
2009-06-07 17:59:28 ----A---- C:\Windows\system32\msv1_0.dll
2009-06-07 17:59:28 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-06-07 17:59:27 ----A---- C:\Windows\system32\netshell.dll
2009-06-07 17:59:27 ----A---- C:\Windows\system32\compcln.exe
2009-06-07 17:59:26 ----A---- C:\Windows\system32\winhttp.dll
2009-06-07 17:59:26 ----A---- C:\Windows\system32\mswstr10.dll
2009-06-07 17:59:26 ----A---- C:\Windows\system32\apds.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\msctf.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-07 17:59:25 ----A---- C:\Windows\system32\audiosrv.dll
2009-06-07 17:59:24 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-06-07 17:59:24 ----A---- C:\Windows\system32\msvcrt.dll
2009-06-07 17:59:24 ----A---- C:\Windows\system32\gdi32.dll
2009-06-07 17:59:23 ----A---- C:\Windows\system32\VSSVC.exe
2009-06-07 17:59:23 ----A---- C:\Windows\system32\SLUI.exe
2009-06-07 17:59:23 ----A---- C:\Windows\system32\mfc42u.dll
2009-06-07 17:59:23 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-06-07 17:59:22 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-06-07 17:59:22 ----A---- C:\Windows\system32\msrd2x40.dll
2009-06-07 17:59:22 ----A---- C:\Windows\system32\eapphost.dll
2009-06-07 17:59:21 ----A---- C:\Windows\system32\propdefs.dll
2009-06-07 17:59:21 ----A---- C:\Windows\system32\odbc32.dll
2009-06-07 17:59:20 ----A---- C:\Windows\system32\winresume.exe
2009-06-07 17:59:20 ----A---- C:\Windows\system32\shdocvw.dll
2009-06-07 17:59:19 ----A---- C:\Windows\system32\dbgeng.dll
2009-06-07 17:59:18 ----A---- C:\Windows\system32\wevtutil.exe
2009-06-07 17:59:18 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-07 17:59:16 ----A---- C:\Windows\system32\WsmSvc.dll
2009-06-07 17:59:16 ----A---- C:\Windows\system32\swprv.dll
2009-06-07 17:59:16 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-06-07 17:59:15 ----A---- C:\Windows\system32\usp10.dll
2009-06-07 17:59:14 ----A---- C:\Windows\system32\vds.exe
2009-06-07 17:59:13 ----A---- C:\Windows\system32\netlogon.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\msscb.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\msctfp.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\drvinst.exe
2009-06-07 17:59:13 ----A---- C:\Windows\system32\devmgr.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-06-07 17:59:13 ----A---- C:\Windows\system32\BFE.DLL
2009-06-07 17:59:13 ----A---- C:\Windows\system32\adsldpc.dll
2009-06-07 17:59:12 ----A---- C:\Windows\system32\wcnwiz.dll
2009-06-07 17:59:12 ----A---- C:\Windows\system32\schannel.dll
2009-06-07 17:59:12 ----A---- C:\Windows\system32\evr.dll
2009-06-07 17:59:11 ----A---- C:\Windows\system32\WSDApi.dll
2009-06-07 17:59:11 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-06-07 17:59:11 ----A---- C:\Windows\system32\Wldap32.dll
2009-06-07 17:59:11 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-07 17:59:10 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-07 17:59:09 ----A---- C:\Windows\system32\wercon.exe
2009-06-07 17:59:09 ----A---- C:\Windows\system32\services.exe
2009-06-07 17:59:08 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-07 17:59:08 ----A---- C:\Windows\system32\comdlg32.dll
2009-06-07 17:59:08 ----A---- C:\Windows\system32\adtschema.dll
2009-06-07 17:59:07 ----A---- C:\Windows\system32\wcncsvc.dll
2009-06-07 17:59:07 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-07 17:59:07 ----A---- C:\Windows\system32\certcli.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\msjter40.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\msdrm.dll
2009-06-07 17:59:06 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\taskeng.exe
2009-06-07 17:59:05 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\reg.exe
2009-06-07 17:59:05 ----A---- C:\Windows\system32\mswdat10.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\dnsapi.dll
2009-06-07 17:59:05 ----A---- C:\Windows\system32\certutil.exe
2009-06-07 17:59:04 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-07 17:59:03 ----A---- C:\Windows\system32\w32time.dll
2009-06-07 17:59:03 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-07 17:59:02 ----A---- C:\Windows\system32\bcrypt.dll
2009-06-07 17:59:01 ----A---- C:\Windows\system32\msshooks.dll
2009-06-07 17:59:01 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-07 17:59:01 ----A---- C:\Windows\system32\bthserv.dll
2009-06-07 17:59:00 ----A---- C:\Windows\system32\rsaenh.dll
2009-06-07 17:59:00 ----A---- C:\Windows\system32\msihnd.dll
2009-06-07 17:58:59 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-06-07 17:58:59 ----A---- C:\Windows\system32\msstrc.dll
2009-06-07 17:58:59 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-06-07 17:58:58 ----A---- C:\Windows\system32\netapi32.dll
2009-06-07 17:58:58 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-07 17:58:58 ----A---- C:\Windows\system32\dfshim.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\mtxclu.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\inetpp.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\hidserv.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\fundisc.dll
2009-06-07 17:58:57 ----A---- C:\Windows\system32\cryptsvc.dll
2009-06-07 17:58:56 ----A---- C:\Windows\system32\mscories.dll
2009-06-07 17:58:56 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-06-07 17:58:55 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-06-07 17:58:54 ----A---- C:\Windows\system32\termsrv.dll
2009-06-07 17:58:54 ----A---- C:\Windows\system32\profsvc.dll
2009-06-07 17:58:53 ----A---- C:\Windows\system32\gameux.dll
2009-06-07 17:58:52 ----A---- C:\Windows\system32\imapi.dll
2009-06-07 17:58:51 ----A---- C:\Windows\system32\wdc.dll
2009-06-07 17:58:51 ----A---- C:\Windows\system32\shsvcs.dll
2009-06-07 17:58:51 ----A---- C:\Windows\system32\msiexec.exe
2009-06-07 17:58:50 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-07 17:58:49 ----A---- C:\Windows\system32\rasmans.dll
2009-06-07 17:58:49 ----A---- C:\Windows\system32\pnidui.dll
2009-06-07 17:58:49 ----A---- C:\Windows\system32\iassdo.dll
2009-06-07 17:58:48 ----A---- C:\Windows\system32\spoolsv.exe
2009-06-07 17:58:48 ----A---- C:\Windows\system32\icardres.dll
2009-06-07 17:58:48 ----A---- C:\Windows\system32\autofmt.exe
2009-06-07 17:58:47 ----A---- C:\Windows\system32\wersvc.dll
2009-06-07 17:58:47 ----A---- C:\Windows\system32\slmgr.vbs
2009-06-07 17:58:47 ----A---- C:\Windows\system32\scrrun.dll
2009-06-07 17:58:47 ----A---- C:\Windows\system32\PSHED.DLL
2009-06-07 17:58:45 ----A---- C:\Windows\system32\pdh.dll
2009-06-07 17:58:45 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-06-07 17:58:45 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-06-07 17:58:45 ----A---- C:\Windows\system32\azroles.dll
2009-06-07 17:58:44 ----A---- C:\Windows\system32\pidgenx.dll
2009-06-07 17:58:42 ----A---- C:\Windows\system32\wmpmde.dll
2009-06-07 17:58:42 ----A---- C:\Windows\system32\winlogon.exe
2009-06-07 17:58:42 ----A---- C:\Windows\system32\SyncCenter.dll
2009-06-07 17:58:40 ----A---- C:\Windows\system32\SLUINotify.dll
2009-06-07 17:58:40 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-06-07 17:58:39 ----A---- C:\Windows\system32\comuid.dll
2009-06-07 17:58:39 ----A---- C:\Windows\system32\certmgr.dll
2009-06-07 17:58:38 ----A---- C:\Windows\system32\sethc.exe
2009-06-07 17:58:38 ----A---- C:\Windows\system32\ncrypt.dll
2009-06-07 17:58:38 ----A---- C:\Windows\system32\kd1394.dll
2009-06-07 17:58:37 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-07 17:58:37 ----A---- C:\Windows\system32\spp.dll
2009-06-07 17:58:37 ----A---- C:\Windows\system32\iassam.dll
2009-06-07 17:58:36 ----A---- C:\Windows\system32\wisptis.exe
2009-06-07 17:58:36 ----A---- C:\Windows\system32\untfs.dll
2009-06-07 17:58:36 ----A---- C:\Windows\system32\scrobj.dll
2009-06-07 17:58:36 ----A---- C:\Windows\system32\rtutils.dll
2009-06-07 17:58:35 ----A---- C:\Windows\system32\taskcomp.dll
2009-06-07 17:58:35 ----A---- C:\Windows\system32\dwm.exe
2009-06-07 17:58:34 ----A---- C:\Windows\system32\autochk.exe
2009-06-07 17:58:33 ----A---- C:\Windows\system32\printui.dll
2009-06-07 17:58:33 ----A---- C:\Windows\system32\iasnap.dll
2009-06-07 17:58:32 ----A---- C:\Windows\system32\winsrv.dll
2009-06-07 17:58:32 ----A---- C:\Windows\system32\autoconv.exe
2009-06-07 17:58:31 ----A---- C:\Windows\system32\kdcom.dll
2009-06-07 17:58:31 ----A---- C:\Windows\system32\cscript.exe
2009-06-07 17:58:31 ----A---- C:\Windows\system32\basecsp.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\wow32.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\userenv.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\onex.dll
2009-06-07 17:58:30 ----A---- C:\Windows\system32\audiodg.exe
2009-06-07 17:58:29 ----A---- C:\Windows\system32\osk.exe
2009-06-07 17:58:29 ----A---- C:\Windows\system32\mswsock.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\winmm.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\spcmsg.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\RelMon.dll
2009-06-07 17:58:27 ----A---- C:\Windows\system32\kdusb.dll
2009-06-07 17:58:26 ----A---- C:\Windows\system32\WinSCard.dll
2009-06-07 17:58:26 ----A---- C:\Windows\system32\rdpencom.dll
2009-06-07 17:58:25 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-06-07 17:58:25 ----A---- C:\Windows\system32\offfilt.dll
2009-06-07 17:58:25 ----A---- C:\Windows\system32\msftedit.dll
2009-06-07 17:58:24 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-06-07 17:58:23 ----A---- C:\Windows\system32\Utilman.exe
2009-06-07 17:58:22 ----A---- C:\Windows\system32\wsepno.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\WerFault.exe
2009-06-07 17:58:22 ----A---- C:\Windows\system32\stobject.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-06-07 17:58:22 ----A---- C:\Windows\system32\mfplat.dll
2009-06-07 17:58:21 ----A---- C:\Windows\system32\SndVol.exe
2009-06-07 17:58:21 ----A---- C:\Windows\system32\diskraid.exe
2009-06-07 17:58:21 ----A---- C:\Windows\system32\apphelp.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\prnntfy.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\msnetobj.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\mscms.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\mcmde.dll
2009-06-07 17:58:20 ----A---- C:\Windows\system32\adsmsext.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\wscript.exe
2009-06-07 17:58:19 ----A---- C:\Windows\system32\wiaservc.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\sysclass.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\secur32.dll
2009-06-07 17:58:19 ----A---- C:\Windows\system32\odbccp32.dll
2009-06-07 17:58:18 ----A---- C:\Windows\system32\ulib.dll
2009-06-07 17:58:18 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-07 17:58:17 ----A---- C:\Windows\system32\rastapi.dll
2009-06-07 17:58:17 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-06-07 17:58:17 ----A---- C:\Windows\system32\dsound.dll
2009-06-07 17:58:17 ----A---- C:\Windows\system32\cryptui.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\wscntfy.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\wlansvc.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\pnpsetup.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-06-07 17:58:16 ----A---- C:\Windows\system32\fdProxy.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\wlangpui.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\rastls.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\gpapi.dll
2009-06-07 17:58:15 ----A---- C:\Windows\system32\diskpart.exe
2009-06-07 17:58:15 ----A---- C:\Windows\system32\brcpl.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\wscsvc.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-06-07 17:58:14 ----A---- C:\Windows\system32\vdsdyn.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\netiohlp.dll
2009-06-07 17:58:14 ----A---- C:\Windows\system32\logman.exe
2009-06-07 17:58:14 ----A---- C:\Windows\system32\iashlpr.dll
2009-06-07 17:58:13 ----A---- C:\Windows\system32\regsvc.dll
2009-06-07 17:58:13 ----A---- C:\Windows\system32\rasapi32.dll
2009-06-07 17:58:13 ----A---- C:\Windows\system32\ntprint.dll
2009-06-07 17:58:12 ----A---- C:\Windows\system32\wusa.exe
2009-06-07 17:58:12 ----A---- C:\Windows\system32\mscorier.dll
2009-06-07 17:58:11 ----A---- C:\Windows\system32\zipfldr.dll
2009-06-07 17:58:11 ----A---- C:\Windows\system32\iasrad.dll
2009-06-07 17:58:11 ----A---- C:\Windows\system32\findstr.exe
2009-06-07 17:58:10 ----A---- C:\Windows\system32\wshext.dll
2009-06-07 17:58:10 ----A---- C:\Windows\system32\wpccpl.dll
2009-06-07 17:58:10 ----A---- C:\Windows\system32\netcenter.dll
2009-06-07 17:58:08 ----A---- C:\Windows\system32\rasdlg.dll
2009-06-07 17:58:07 ----A---- C:\Windows\system32\wsnmp32.dll
2009-06-07 17:58:07 ----A---- C:\Windows\system32\wer.dll
2009-06-07 17:58:07 ----A---- C:\Windows\system32\iassvcs.dll
2009-06-07 17:58:06 ----A---- C:\Windows\system32\themecpl.dll
2009-06-07 17:58:03 ----A---- C:\Windows\system32\uxsms.dll
2009-06-07 17:58:03 ----A---- C:\Windows\system32\srvsvc.dll
2009-06-07 17:58:03 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\tsbyuv.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\scansetting.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\ntmarta.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\msutb.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\mstlsapi.dll
2009-06-07 17:58:02 ----A---- C:\Windows\system32\iasads.dll
2009-06-07 17:58:01 ----A---- C:\Windows\system32\slcc.dll
2009-06-07 17:58:01 ----A---- C:\Windows\system32\powrprof.dll
2009-06-07 17:58:01 ----A---- C:\Windows\system32\mstsc.exe
2009-06-07 17:58:00 ----A---- C:\Windows\system32\powercpl.dll
2009-06-07 17:58:00 ----A---- C:\Windows\system32\networkmap.dll
2009-06-07 17:58:00 ----A---- C:\Windows\system32\iasacct.dll
2009-06-07 17:57:59 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-06-07 17:57:59 ----A---- C:\Windows\system32\authz.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\wlanhlp.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\sud.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\newdev.exe
2009-06-07 17:57:58 ----A---- C:\Windows\system32\dot3svc.dll
2009-06-07 17:57:58 ----A---- C:\Windows\system32\connect.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\themeui.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\systemcpl.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\pcaui.dll
2009-06-07 17:57:56 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-06-07 17:57:55 ----A---- C:\Windows\system32\usercpl.dll
2009-06-07 17:57:55 ----A---- C:\Windows\system32\samlib.dll
2009-06-07 17:57:55 ----A---- C:\Windows\system32\mmci.dll
2009-06-07 17:57:54 ----A---- C:\Windows\system32\qdvd.dll
2009-06-07 17:57:54 ----A---- C:\Windows\system32\autoplay.dll
2009-06-07 17:57:53 ----A---- C:\Windows\system32\wlanpref.dll
2009-06-07 17:57:53 ----A---- C:\Windows\system32\rpchttp.dll
2009-06-07 17:57:53 ----A---- C:\Windows\system32\regapi.dll
2009-06-07 17:57:52 ----A---- C:\Windows\system32\wpcao.dll
2009-06-07 17:57:52 ----A---- C:\Windows\system32\msinfo32.exe
2009-06-07 17:57:51 ----A---- C:\Windows\system32\vdsutil.dll
2009-06-07 17:57:51 ----A---- C:\Windows\system32\tapisrv.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\scksp.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\scesrv.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\mpr.dll
2009-06-07 17:57:50 ----A---- C:\Windows\system32\feclient.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\oleprn.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\imm32.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\dot3msm.dll
2009-06-07 17:57:49 ----A---- C:\Windows\system32\AudioSes.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\wscisvif.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\rekeywiz.exe
2009-06-07 17:57:48 ----A---- C:\Windows\system32\iaspolcy.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-07 17:57:48 ----A---- C:\Windows\system32\DeviceEject.exe
2009-06-07 17:57:47 ----A---- C:\Windows\system32\sdclt.exe
2009-06-07 17:57:47 ----A---- C:\Windows\system32\dpapimig.exe
2009-06-07 17:57:46 ----A---- C:\Windows\system32\qedit.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\pnpui.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\perfdisk.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\ncryptui.dll
2009-06-07 17:57:46 ----A---- C:\Windows\system32\hdwwiz.exe
2009-06-07 17:57:46 ----A---- C:\Windows\system32\certreq.exe
2009-06-07 17:57:45 ----A---- C:\Windows\system32\scecli.dll
2009-06-07 17:57:45 ----A---- C:\Windows\system32\rasplap.dll
2009-06-07 17:57:45 ----A---- C:\Windows\system32\rasgcw.dll
2009-06-07 17:57:45 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-06-07 17:57:44 ----A---- C:\Windows\system32\TSTheme.exe
2009-06-07 17:57:44 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-06-07 17:57:43 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-06-07 17:57:43 ----A---- C:\Windows\system32\spwinsat.dll
2009-06-07 17:57:43 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-06-07 17:57:43 ----A---- C:\Windows\system32\cmmon32.exe
2009-06-07 17:57:42 ----A---- C:\Windows\system32\whealogr.dll
2009-06-07 17:57:42 ----A---- C:\Windows\system32\tcpmon.dll
2009-06-07 17:57:42 ----A---- C:\Windows\system32\fdWSD.dll
2009-06-07 17:57:41 ----A---- C:\Windows\system32\srcore.dll
2009-06-07 17:57:41 ----A---- C:\Windows\system32\SCardSvr.dll
2009-06-07 17:57:41 ----A---- C:\Windows\system32\conime.exe
2009-06-07 17:57:41 ----A---- C:\Windows\system32\cmdial32.dll
2009-06-07 17:57:40 ----A---- C:\Windows\system32\SnippingTool.exe
2009-06-07 17:57:40 ----A---- C:\Windows\system32\raschap.dll
2009-06-07 17:57:40 ----A---- C:\Windows\system32\fontext.dll
2009-06-07 17:57:39 ----A---- C:\Windows\system32\wiaaut.dll
2009-06-07 17:57:38 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-06-07 17:57:38 ----A---- C:\Windows\system32\wlanui.dll
2009-06-07 17:57:38 ----A---- C:\Windows\system32\rasppp.dll
2009-06-07 17:57:37 ----A---- C:\Windows\system32\wlanmsm.dll
2009-06-07 17:57:37 ----A---- C:\Windows\system32\shwebsvc.dll
2009-06-07 17:57:37 ----A---- C:\Windows\system32\PnPutil.exe
2009-06-07 17:57:37 ----A---- C:\Windows\system32\dsprop.dll
2009-06-07 17:57:36 ----A---- C:\Windows\system32\oobefldr.dll
2009-06-07 17:57:36 ----A---- C:\Windows\system32\dimsroam.dll
2009-06-07 17:57:35 ----A---- C:\Windows\system32\shsetup.dll
2009-06-07 17:57:35 ----A---- C:\Windows\system32\modemui.dll
2009-06-07 17:57:34 ----A---- C:\Windows\system32\rasmontr.dll
2009-06-07 17:57:34 ----A---- C:\Windows\system32\mscandui.dll
2009-06-07 17:57:33 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-07 17:57:32 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-06-07 17:57:32 ----A---- C:\Windows\system32\dataclen.dll
2009-06-07 17:57:31 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-06-07 17:57:31 ----A---- C:\Windows\system32\rdpwsx.dll
2009-06-07 17:57:31 ----A---- C:\Windows\system32\blackbox.dll
2009-06-07 17:57:30 ----A---- C:\Windows\system32\smss.exe
2009-06-07 17:57:30 ----A---- C:\Windows\system32\credui.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\WSDMon.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\netplwiz.dll
2009-06-07 17:57:29 ----A---- C:\Windows\system32\certprop.dll
2009-06-07 17:57:28 ----A---- C:\Windows\system32\networkexplorer.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\wscapi.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\wpcsvc.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\msscp.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\logagent.exe
2009-06-07 17:57:27 ----A---- C:\Windows\system32\InkEd.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\ifmon.dll
2009-06-07 17:57:27 ----A---- C:\Windows\system32\gpresult.exe
2009-06-07 17:57:27 ----A---- C:\Windows\system32\cipher.exe
2009-06-07 17:57:26 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-07 17:57:26 ----A---- C:\Windows\system32\msimtf.dll
2009-06-07 17:57:25 ----A---- C:\Windows\system32\sendmail.dll
2009-06-07 17:57:24 ----A---- C:\Windows\system32\softkbd.dll
2009-06-07 17:57:24 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-06-07 17:57:23 ----A---- C:\Windows\system32\msctfui.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\olepro32.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\dmsynth.dll
2009-06-07 17:57:22 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\puiapi.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\input.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-06-07 17:57:21 ----A---- C:\Windows\system32\cdd.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\wshbth.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\version.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\SLLUA.exe
2009-06-07 17:57:20 ----A---- C:\Windows\system32\msisip.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\mprapi.dll
2009-06-07 17:57:20 ----A---- C:\Windows\system32\fc.exe
2009-06-07 17:57:18 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\msjint40.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\l2nacp.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\ftp.exe
2009-06-07 17:57:18 ----A---- C:\Windows\system32\fdSSDP.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\eapp3hst.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\dmusic.dll
2009-06-07 17:57:18 ----A---- C:\Windows\system32\cscapi.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\wsdchngr.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\rrinstaller.exe
2009-06-07 17:57:17 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-06-07 17:57:17 ----A---- C:\Windows\system32\cscdll.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\Storprop.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\rasdial.exe
2009-06-07 17:57:16 ----A---- C:\Windows\system32\rasdiag.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\fdWCN.dll
2009-06-07 17:57:16 ----A---- C:\Windows\system32\bthudtask.exe
2009-06-07 17:57:16 ----A---- C:\Windows\system32\bthci.dll
2009-06-07 17:57:15 ----A---- C:\Windows\system32\eappcfg.dll
2009-06-07 17:57:15 ----A---- C:\Windows\system32\dot3cfg.dll
2009-06-07 17:57:15 ----A---- C:\Windows\system32\aaclient.dll
2009-06-07 17:57:14 ----A---- C:\Windows\system32\tscupgrd.exe
2009-06-07 17:57:14 ----A---- C:\Windows\system32\mfps.dll
2009-06-07 17:57:14 ----A---- C:\Windows\system32\ipconfig.exe
2009-06-07 17:57:14 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-06-07 17:57:13 ----A---- C:\Windows\system32\slcinst.dll
2009-06-07 17:57:13 ----A---- C:\Windows\system32\nslookup.exe
2009-06-07 17:57:13 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\ocsetup.exe
2009-06-07 17:57:12 ----A---- C:\Windows\system32\hbaapi.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\fdeploy.dll
2009-06-07 17:57:12 ----A---- C:\Windows\system32\eappgnui.dll
2009-06-07 17:57:11 ----A---- C:\Windows\system32\mmcico.dll
2009-06-07 17:57:11 ----A---- C:\Windows\system32\mfpmp.exe
2009-06-07 17:57:10 ----A---- C:\Windows\system32\tsgqec.dll
2009-06-07 17:57:10 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-06-07 17:57:10 ----A---- C:\Windows\system32\gpupdate.exe
2009-06-07 17:57:09 ----A---- C:\Windows\system32\cbsra.exe
2009-06-07 17:57:09 ----A---- C:\Windows\system32\atmlib.dll
2009-06-07 17:57:08 ----A---- C:\Windows\system32\iscsilog.dll
2009-06-07 17:57:08 ----A---- C:\Windows\system32\csrstub.exe
2009-06-07 17:57:08 ----A---- C:\Windows\system32\bitsigd.dll
2009-06-07 17:57:07 ----A---- C:\Windows\system32\NcdProp.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\winrnr.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\vdmdbg.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\slwga.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\odbcconf.dll
2009-06-07 17:57:06 ----A---- C:\Windows\system32\inetppui.dll
2009-06-07 17:57:05 ----A---- C:\Windows\system32\midimap.dll
2009-06-07 17:57:05 ----A---- C:\Windows\system32\atmfd.dll
2009-06-07 17:57:02 ----A---- C:\Windows\system32\spwmp.dll
2009-06-07 17:57:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-07 17:57:01 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-07 17:56:56 ----A---- C:\Windows\system32\msimsg.dll
2009-06-07 17:56:56 ----A---- C:\Windows\system32\mferror.dll
2009-06-07 17:56:56 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-06-07 17:56:35 ----A---- C:\Windows\system32\SmiEngine.dll
2009-06-07 17:56:32 ----A---- C:\Windows\system32\wdscore.dll
2009-06-07 17:56:32 ----A---- C:\Windows\system32\PkgMgr.exe
2009-06-07 17:56:25 ----A---- C:\Windows\system32\drvstore.dll
2009-06-05 10:36:44 ----D---- C:\Users\James\AppData\Roaming\MegauploadToolbar
2009-06-05 10:36:44 ----D---- C:\Program Files\MegauploadToolbar
2009-06-04 18:45:56 ----D---- C:\ProgramData\Kontiki
2009-06-02 20:00:14 ----D---- C:\Users\James\AppData\Roaming\Move Networks
2009-05-30 08:11:35 ----D---- C:\Program Files\btscanner
2009-05-28 18:39:12 ----D---- C:\Downloads
2009-05-28 18:38:13 ----D---- C:\Users\James\AppData\Roaming\FlashGet
2009-05-28 18:37:47 ----D---- C:\Program Files\FlashGet
2009-05-26 13:26:45 ----D---- C:\Users\James\AppData\Roaming\BBCiPlayerDesktop.61DB7A798358575D6A969CCD73DDBBD723A6DA9D.1
2009-05-26 13:26:27 ----D---- C:\Program Files\BBC iPlayer Desktop
2009-05-26 01:10:34 ----D---- C:\Users\James\AppData\Roaming\vlc
2009-05-26 01:09:17 ----D---- C:\Program Files\VideoLAN
2009-05-23 21:03:24 ----D---- C:\Windows\Sun
2009-05-16 15:14:20 ----D---- C:\Program Files\TVAnts
2009-05-15 15:42:00 ----D---- C:\Users\James\AppData\Roaming\Apple Computer
2009-05-15 15:41:02 ----A---- C:\Windows\system32\GEARAspi.dll
2009-05-15 15:40:27 ----D---- C:\Program Files\iPod
2009-05-15 15:40:22 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-05-15 15:40:21 ----D---- C:\Program Files\iTunes
2009-05-15 15:38:48 ----D---- C:\Program Files\Bonjour
2009-05-15 15:34:51 ----D---- C:\Program Files\Common Files\Apple
2009-05-13 19:43:25 ----A---- C:\Windows\system32\mshtmled.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\msls31.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\mshtmler.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\icardie.dll
2009-05-13 19:43:24 ----A---- C:\Windows\system32\admparse.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\imgutil.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\ieakeng.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\dxtmsft.dll
2009-05-13 19:43:23 ----A---- C:\Windows\system32\corpol.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\occache.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\licmgr10.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\inseng.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\iepeers.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\ieaksie.dll
2009-05-13 19:43:22 ----A---- C:\Windows\system32\dxtrans.dll
2009-05-13 19:43:21 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-05-13 19:43:21 ----A---- C:\Windows\system32\wextract.exe
2009-05-13 19:43:21 ----A---- C:\Windows\system32\webcheck.dll
2009-05-13 19:43:21 ----A---- C:\Windows\system32\msrating.dll
2009-05-13 19:43:21 ----A---- C:\Windows\system32\ieakui.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\pngfilt.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\mstime.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\msfeedssync.exe
2009-05-13 19:43:20 ----A---- C:\Windows\system32\msfeeds.dll
2009-05-13 19:43:20 ----A---- C:\Windows\system32\advpack.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\vbscript.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\url.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\jscript.dll
2009-05-13 19:43:19 ----A---- C:\Windows\system32\ieapfltr.dll
2009-05-13 19:43:17 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\SetDepNx.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\PDMSetup.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\mshta.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\iexpress.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\ieUnatt.exe
2009-05-13 19:43:17 ----A---- C:\Windows\system32\iesysprep.dll
2009-05-10 00:56:13 ----D---- C:\ProgramData\Rosetta Stone
2009-05-09 20:09:52 ----D---- C:\Users\James\AppData\Roaming\Download Manager
2009-05-08 16:13:57 ----D---- C:\Program Files\PokerStars.NET
2009-05-05 23:47:19 ----D---- C:\Program Files\Common Files\DESIGNER
2009-05-05 23:45:56 ----D---- C:\Program Files\Microsoft.NET
2009-05-05 23:38:18 ----RHD---- C:\MSOCache
2009-05-05 20:38:39 ----D---- C:\Program Files\PowerISO
2009-05-04 12:16:44 ----D---- C:\Program Files\Common Files\xing shared
2009-05-04 12:16:21 ----A---- C:\Windows\system32\rmoc3260.dll
2009-05-04 12:16:07 ----A---- C:\Windows\system32\pndx5032.dll
2009-05-04 12:16:07 ----A---- C:\Windows\system32\pndx5016.dll
2009-05-04 12:16:04 ----D---- C:\Program Files\Real
2009-05-04 12:16:03 ----A---- C:\Windows\system32\pncrt.dll
2009-05-04 12:15:53 ----D---- C:\Program Files\Common Files\Real
2009-05-04 12:15:41 ----D---- C:\Users\James\AppData\Roaming\Real
2009-05-04 01:41:57 ----D---- C:\ProgramData\eBay
2009-05-03 12:04:18 ----D---- C:\Program Files\SopCast
2009-05-02 10:23:18 ----D---- C:\Poker
2009-04-29 22:11:04 ----D---- C:\ProgramData\FLEXnet
2009-04-29 20:22:19 ----D---- C:\Program Files\Adobe Media Player
2009-04-29 20:13:21 ----D---- C:\ProgramData\Adobe
2009-04-29 20:12:44 ----D---- C:\Program Files\Adobe
2009-04-29 20:11:40 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-04-29 20:09:51 ----D---- C:\Program Files\Common Files\Adobe
2009-04-29 14:40:22 ----A---- C:\Users\James\AppData\Roaming\AutoGK.ini
2009-04-29 09:19:28 ----D---- C:\Program Files\XviD
2009-04-29 09:18:18 ----D---- C:\Program Files\AutoGK
2009-04-28 23:05:27 ----D---- C:\Users\James\AppData\Roaming\Megaupload
2009-04-28 23:05:06 ----D---- C:\ProgramData\Megaupload
2009-04-28 23:05:05 ----D---- C:\ProgramData\EmailNotifier
2009-04-28 23:04:40 ----D---- C:\Program Files\Megaupload
2009-04-26 11:49:41 ----D---- C:\Program Files\pspvc
2009-04-26 11:49:41 ----A---- C:\Windows\pspvc_path.ini
2009-04-25 20:18:51 ----D---- C:\Users\James\AppData\Roaming\gtk-2.0
2009-04-25 19:49:36 ----D---- C:\Program Files\GIMP-2.0
2009-04-25 12:05:01 ----HD---- C:\$AVG8.VAULT$
2009-04-25 01:11:52 ----D---- C:\Temp
2009-04-25 00:15:27 ----D---- C:\Program Files\Combined Community Codec Pack
2009-04-25 00:12:31 ----D---- C:\Users\James\AppData\Roaming\Media Player Classic
2009-04-25 00:04:15 ----A---- C:\Windows\system32\d3dx10_41.dll
2009-04-25 00:04:15 ----A---- C:\Windows\system32\D3DCompiler_41.dll
2009-04-25 00:04:14 ----A---- C:\Windows\system32\D3DX9_41.dll
2009-04-25 00:04:13 ----A---- C:\Windows\system32\XAudio2_4.dll
2009-04-25 00:04:13 ----A---- C:\Windows\system32\XAPOFX1_3.dll
2009-04-25 00:04:12 ----A---- C:\Windows\system32\xactengine3_4.dll
2009-04-25 00:04:11 ----A---- C:\Windows\system32\X3DAudio1_6.dll
2009-04-25 00:04:10 ----A---- C:\Windows\system32\D3DX9_40.dll
2009-04-25 00:04:10 ----A---- C:\Windows\system32\d3dx10_40.dll
2009-04-25 00:04:10 ----A---- C:\Windows\system32\D3DCompiler_40.dll
2009-04-25 00:04:09 ----A---- C:\Windows\system32\XAudio2_3.dll
2009-04-25 00:04:09 ----A---- C:\Windows\system32\XAPOFX1_2.dll
2009-04-25 00:04:08 ----A---- C:\Windows\system32\xactengine3_3.dll
2009-04-25 00:04:08 ----A---- C:\Windows\system32\X3DAudio1_5.dll
2009-04-25 00:04:07 ----A---- C:\Windows\system32\XAudio2_2.dll
2009-04-25 00:04:07 ----A---- C:\Windows\system32\XAPOFX1_1.dll
2009-04-25 00:04:07 ----A---- C:\Windows\system32\xactengine3_2.dll
2009-04-25 00:04:06 ----A---- C:\Windows\system32\D3DX9_39.dll
2009-04-25 00:04:06 ----A---- C:\Windows\system32\d3dx10_39.dll
2009-04-25 00:04:06 ----A---- C:\Windows\system32\D3DCompiler_39.dll
2009-04-25 00:04:05 ----A---- C:\Windows\system32\XAudio2_1.dll
2009-04-25 00:04:05 ----A---- C:\Windows\system32\XAPOFX1_0.dll
2009-04-25 00:04:04 ----A---- C:\Windows\system32\xactengine3_1.dll
2009-04-25 00:04:04 ----A---- C:\Windows\system32\X3DAudio1_4.dll
2009-04-25 00:04:03 ----A---- C:\Windows\system32\D3DX9_38.dll
2009-04-25 00:04:03 ----A---- C:\Windows\system32\d3dx10_38.dll
2009-04-25 00:04:03 ----A---- C:\Windows\system32\D3DCompiler_38.dll
2009-04-25 00:04:02 ----A---- C:\Windows\system32\XAudio2_0.dll
2009-04-25 00:04:01 ----A---- C:\Windows\system32\xactengine3_0.dll
2009-04-25 00:04:01 ----A---- C:\Windows\system32\X3DAudio1_3.dll
2009-04-25 00:04:00 ----A---- C:\Windows\system32\D3DX9_37.dll
2009-04-25 00:04:00 ----A---- C:\Windows\system32\d3dx10_37.dll
2009-04-25 00:04:00 ----A---- C:\Windows\system32\D3DCompiler_37.dll
2009-04-25 00:03:59 ----A---- C:\Windows\system32\xactengine2_10.dll
2009-04-25 00:03:58 ----A---- C:\Windows\system32\d3dx9_36.dll
2009-04-25 00:03:58 ----A---- C:\Windows\system32\d3dx10_36.dll
2009-04-25 00:03:58 ----A---- C:\Windows\system32\D3DCompiler_36.dll
2009-04-25 00:03:57 ----A---- C:\Windows\system32\xactengine2_9.dll
2009-04-25 00:03:56 ----A---- C:\Windows\system32\d3dx10_35.dll
2009-04-25 00:03:56 ----A---- C:\Windows\system32\D3DCompiler_35.dll
2009-04-25 00:03:55 ----A---- C:\Windows\system32\d3dx9_35.dll
2009-04-25 00:03:54 ----A---- C:\Windows\system32\xactengine2_8.dll
2009-04-25 00:03:54 ----A---- C:\Windows\system32\X3DAudio1_2.dll
2009-04-25 00:03:53 ----A---- C:\Windows\system32\d3dx9_34.dll
2009-04-25 00:03:53 ----A---- C:\Windows\system32\d3dx10_34.dll
2009-04-25 00:03:53 ----A---- C:\Windows\system32\D3DCompiler_34.dll
2009-04-25 00:03:52 ----A---- C:\Windows\system32\xinput1_3.dll
2009-04-25 00:03:51 ----A---- C:\Windows\system32\xactengine2_7.dll
2009-04-25 00:03:50 ----A---- C:\Windows\system32\d3dx9_33.dll
2009-04-25 00:03:50 ----A---- C:\Windows\system32\d3dx10_33.dll
2009-04-25 00:03:50 ----A---- C:\Windows\system32\D3DCompiler_33.dll
2009-04-25 00:03:49 ----A---- C:\Windows\system32\xactengine2_6.dll
2009-04-25 00:03:48 ----A---- C:\Windows\system32\xactengine2_5.dll
2009-04-25 00:03:48 ----A---- C:\Windows\system32\d3dx10.dll
2009-04-25 00:03:47 ----A---- C:\Windows\system32\xactengine2_4.dll
2009-04-25 00:03:47 ----A---- C:\Windows\system32\x3daudio1_1.dll
2009-04-25 00:03:47 ----A---- C:\Windows\system32\d3dx9_31.dll
2009-04-25 00:03:46 ----A---- C:\Windows\system32\xinput1_2.dll
2009-04-25 00:03:46 ----A---- C:\Windows\system32\xactengine2_3.dll
2009-04-25 00:03:45 ----A---- C:\Windows\system32\xinput1_1.dll
2009-04-25 00:03:45 ----A---- C:\Windows\system32\xactengine2_2.dll
2009-04-25 00:03:44 ----A---- C:\Windows\system32\xactengine2_1.dll
2009-04-25 00:03:31 ----A---- C:\Windows\system32\d3dx9_30.dll
2009-04-25 00:03:28 ----A---- C:\Windows\system32\xactengine2_0.dll
2009-04-25 00:03:28 ----A---- C:\Windows\system32\x3daudio1_0.dll
2009-04-25 00:03:27 ----A---- C:\Windows\system32\d3dx9_29.dll
2009-04-25 00:03:26 ----A---- C:\Windows\system32\d3dx9_28.dll
2009-04-25 00:03:25 ----A---- C:\Windows\system32\d3dx9_27.dll
2009-04-25 00:03:24 ----A---- C:\Windows\system32\d3dx9_26.dll
2009-04-25 00:03:24 ----A---- C:\Windows\system32\d3dx9_25.dll
2009-04-25 00:03:23 ----A---- C:\Windows\system32\d3dx9_24.dll
2009-04-24 23:56:48 ----HD---- C:\Windows\msdownld.tmp
2009-04-24 23:56:40 ----D---- C:\Windows\system32\directx
2009-04-24 23:54:30 ----D---- C:\Program Files\AviSynth 2.5
2009-04-24 23:31:41 ----D---- C:\Users\James\AppData\Roaming\Mozilla
2009-04-24 19:59:55 ----D---- C:\ProgramData\Downloaded Installations
2009-04-24 19:59:18 ----A---- C:\Windows\system32\avgrsstx.dll
2009-04-24 19:57:52 ----D---- C:\Program Files\AVG
2009-04-24 19:57:51 ----D---- C:\ProgramData\avg8
2009-04-24 03:33:02 ----D---- C:\ProgramData\Backup
2009-04-24 03:09:14 ----D---- C:\Program Files\Mozilla Firefox
2009-04-24 03:07:26 ----A---- C:\Windows\system32\javaws.exe
2009-04-24 03:07:26 ----A---- C:\Windows\system32\javaw.exe
2009-04-24 03:07:26 ----A---- C:\Windows\system32\java.exe
2009-04-24 03:07:26 ----A---- C:\Windows\system32\deploytk.dll
2009-04-24 03:07:21 ----D---- C:\Program Files\Java
2009-04-24 02:29:01 ----D---- C:\Program Files\Microsoft CAPICOM 2.1.0.2
2009-04-24 02:13:38 ----A---- C:\Windows\system32\lvcoinst.ini
2009-04-24 02:13:38 ----A---- C:\Windows\system32\lvci11901262.dll
2009-04-24 02:12:53 ----D---- C:\Program Files\Logitech
2009-04-24 01:35:27 ----D---- C:\ProgramData\WindowsSearch
2009-04-23 14:34:06 ----D---- C:\Users\James\AppData\Roaming\Skype
2009-04-23 14:33:45 ----D---- C:\Program Files\Skype
2009-04-23 14:33:45 ----D---- C:\Program Files\Common Files\Skype
2009-04-23 11:19:43 ----DC---- C:\Windows\system32\DRVSTORE
2009-04-23 11:16:05 ----A---- C:\Windows\system32\d3dx9_32.dll
2009-04-23 01:10:31 ----A---- C:\closelog.txt
2009-04-23 00:14:20 ----D---- C:\Users\James\AppData\Roaming\Leadertech
2009-04-23 00:13:56 ----D---- C:\ProgramData\Logishrd
2009-04-23 00:13:46 ----D---- C:\ProgramData\Logitech
2009-04-22 23:54:09 ----D---- C:\Program Files\Common Files\logishrd
2009-04-22 20:02:58 ----D---- C:\Users\James\AppData\Roaming\Macromedia
2009-04-22 20:02:44 ----D---- C:\Users\James\AppData\Roaming\Adobe
2009-04-22 20:00:53 ----D---- C:\Windows\system32\Macromed
2009-04-22 19:51:37 ----D---- C:\Program Files\QuickTime
2009-04-22 19:51:36 ----D---- C:\ProgramData\Apple Computer
2009-04-22 19:49:32 ----D---- C:\ProgramData\Apple
2009-04-22 19:49:32 ----D---- C:\Program Files\Apple Software Update
2009-04-22 19:28:19 ----D---- C:\Windows\system32\Service
2009-04-22 19:21:21 ----D---- C:\Users\James\AppData\Roaming\WinRAR
2009-04-22 19:20:52 ----D---- C:\Program Files\WinRAR
2009-04-22 18:42:45 ----D---- C:\Users\James\AppData\Roaming\skypePM
2009-04-22 18:33:45 ----D---- C:\Program Files\Microsoft
2009-04-22 18:33:25 ----D---- C:\Program Files\Windows Live SkyDrive
2009-04-22 18:30:49 ----D---- C:\Program Files\Windows Live
2009-04-22 18:28:50 ----D---- C:\Windows\PCHEALTH
2009-04-22 18:26:37 ----D---- C:\Program Files\Common Files\Windows Live
2009-04-22 18:23:19 ----D---- C:\ProgramData\Skype
2009-04-22 18:02:46 ----A---- C:\Windows\system32\psisdecd.dll
2009-04-22 17:34:06 ----D---- C:\Users\James\AppData\Roaming\InstallShield
2009-04-22 17:17:10 ----A---- C:\Windows\system32\netfxperf.dll
2009-04-22 16:56:36 ----A---- C:\Windows\system32\wups2.dll
2009-04-22 16:56:36 ----A---- C:\Windows\system32\wucltux.dll
2009-04-22 16:56:36 ----A---- C:\Windows\system32\wuauclt.exe
2009-04-22 16:56:35 ----A---- C:\Windows\system32\wuaueng.dll
2009-04-22 16:56:11 ----A---- C:\Windows\system32\wups.dll
2009-04-22 16:56:11 ----A---- C:\Windows\system32\wudriver.dll
2009-04-22 16:56:11 ----A---- C:\Windows\system32\wuapi.dll
2009-04-22 16:55:48 ----A---- C:\Windows\system32\wuwebv.dll
2009-04-22 16:55:48 ----A---- C:\Windows\system32\wuapp.exe
2009-04-22 16:40:44 ----D---- C:\Program Files\Belkin
2009-04-22 16:23:36 ----D---- C:\Windows\{D9FAE986-A4C1-4A2D-8B20-60F92F4222AD}
2009-04-22 15:04:30 ----D---- C:\Windows\SoftwareDistribution
2009-04-22 15:00:38 ----SHD---- C:\System Volume Information
2009-04-22 14:12:23 ----D---- C:\Users\James\AppData\Roaming\The TechGuys
2009-04-22 14:11:35 ----D---- C:\Users\James\AppData\Roaming\Identities
2009-04-22 14:11:22 ----SD---- C:\Users\James\AppData\Roaming\Microsoft
2009-04-22 14:11:22 ----D---- C:\Users\James\AppData\Roaming\Media Center Programs

======List of files/folders modified in the last 3 months======

2009-07-01 12:14:09 ----D---- C:\Windows\Temp
2009-07-01 12:11:16 ----D---- C:\Windows\Prefetch
2009-07-01 12:08:07 ----SHD---- C:\Windows\Installer
2009-07-01 12:08:04 ----D---- C:\Program Files\Common Files
2009-07-01 09:27:05 ----D---- C:\Program Files
2009-07-01 09:24:42 ----D---- C:\Windows\System32
2009-07-01 09:20:01 ----D---- C:\Windows\winsxs
2009-07-01 09:18:53 ----D---- C:\Windows
2009-06-30 11:19:28 ----HD---- C:\ProgramData
2009-06-29 20:13:25 ----D---- C:\Windows\system32\drivers
2009-06-28 23:00:59 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-06-28 23:00:58 ----D---- C:\Windows\inf
2009-06-25 08:44:01 ----D---- C:\Windows\system32\catroot2
2009-06-24 15:28:15 ----RSD---- C:\Windows\Fonts
2009-06-24 03:02:20 ----D---- C:\Program Files\Internet Explorer
2009-06-23 20:06:24 ----D---- C:\Windows\system32\catroot
2009-06-23 20:04:12 ----D---- C:\Windows\WindowsMobile
2009-06-14 23:50:21 ----SHD---- C:\$Recycle.Bin
2009-06-11 01:17:13 ----D---- C:\Windows\Microsoft.NET
2009-06-11 01:15:51 ----RSD---- C:\Windows\assembly
2009-06-11 00:58:55 ----D---- C:\Windows\ehome
2009-06-11 00:58:34 ----D---- C:\Windows\system32\migration
2009-06-11 00:56:13 ----D---- C:\ProgramData\Microsoft Help
2009-06-07 18:45:29 ----D---- C:\Windows\rescache
2009-06-07 18:24:59 ----D---- C:\Program Files\Windows Mail
2009-06-07 18:24:59 ----D---- C:\Program Files\Windows Calendar
2009-06-07 18:24:59 ----D---- C:\Program Files\Movie Maker
2009-06-07 18:24:56 ----D---- C:\Program Files\Windows Sidebar
2009-06-07 18:24:56 ----D---- C:\Program Files\Windows Media Player
2009-06-07 18:24:56 ----D---- C:\Program Files\Windows Collaboration
2009-06-07 18:24:55 ----D---- C:\Program Files\Windows Journal
2009-06-07 18:24:52 ----D---- C:\Program Files\Windows Photo Gallery
2009-06-07 18:24:52 ----D---- C:\Program Files\Common Files\System
2009-06-07 18:24:45 ----D---- C:\Windows\servicing
2009-06-07 18:24:45 ----D---- C:\Program Files\Windows Defender
2009-06-07 18:24:29 ----D---- C:\Windows\IME
2009-06-07 18:24:28 ----D---- C:\Windows\system32\XPSViewer
2009-06-07 18:24:28 ----D---- C:\Windows\system32\sk-SK
2009-06-07 18:24:28 ----D---- C:\Windows\system32\lv-LV
2009-06-07 18:24:28 ----D---- C:\Windows\system32\ko-KR
2009-06-07 18:24:28 ----D---- C:\Windows\system32\hr-HR
2009-06-07 18:24:28 ----D---- C:\Windows\system32\et-EE
2009-06-07 18:24:28 ----D---- C:\Windows\system32\da-DK
2009-06-07 18:24:27 ----D---- C:\Windows\system32\en-US
2009-06-07 18:24:26 ----D---- C:\Windows\system32\oobe
2009-06-07 18:24:26 ----D---- C:\Windows\system32\it-IT
2009-06-07 18:24:26 ----D---- C:\Windows\system32\el-GR
2009-06-07 18:24:26 ----D---- C:\Windows\system32\de-DE
2009-06-07 18:24:20 ----D---- C:\Windows\system32\AdvancedInstallers
2009-06-07 18:24:19 ----D---- C:\Windows\system32\sv-SE
2009-06-07 18:24:19 ----D---- C:\Windows\system32\SLUI
2009-06-07 18:24:19 ----D---- C:\Windows\system32\setup
2009-06-07 18:24:19 ----D---- C:\Windows\system32\ru-RU
2009-06-07 18:24:19 ----D---- C:\Windows\system32\pt-PT
2009-06-07 18:24:19 ----D---- C:\Windows\system32\hu-HU
2009-06-07 18:24:19 ----D---- C:\Windows\system32\he-IL
2009-06-07 18:24:19 ----D---- C:\Windows\system32\fr-FR
2009-06-07 18:24:19 ----D---- C:\Windows\system32\fi-FI
2009-06-07 18:24:19 ----D---- C:\Windows\system32\cs-CZ
2009-06-07 18:24:18 ----D---- C:\Windows\system32\zh-TW
2009-06-07 18:24:18 ----D---- C:\Windows\system32\zh-CN
2009-06-07 18:24:18 ----D---- C:\Windows\system32\uk-UA
2009-06-07 18:24:18 ----D---- C:\Windows\system32\sr-Latn-CS
2009-06-07 18:24:18 ----D---- C:\Windows\system32\sl-SI
2009-06-07 18:24:18 ----D---- C:\Windows\system32\ro-RO
2009-06-07 18:24:18 ----D---- C:\Windows\system32\pl-PL
2009-06-07 18:24:18 ----D---- C:\Windows\system32\manifeststore
2009-06-07 18:24:18 ----D---- C:\Windows\system32\ja-JP
2009-06-07 18:24:18 ----D---- C:\Windows\system32\es-ES
2009-06-07 18:24:18 ----D---- C:\Windows\system32\en
2009-06-07 18:24:18 ----D---- C:\Windows\system32\bg-BG
2009-06-07 18:24:17 ----D---- C:\Windows\system32\th-TH
2009-06-07 18:24:16 ----D---- C:\Windows\system32\tr-TR
2009-06-07 18:24:15 ----D---- C:\Windows\system32\wbem
2009-06-07 18:24:13 ----D---- C:\Windows\system32\nl-NL
2009-06-07 18:24:13 ----D---- C:\Windows\system32\nb-NO
2009-06-07 18:24:13 ----D---- C:\Windows\system32\lt-LT
2009-06-07 18:24:13 ----D---- C:\Windows\system32\ar-SA
2009-06-07 18:24:10 ----D---- C:\Windows\system32\migwiz
2009-06-07 18:24:08 ----D---- C:\Windows\system32\pt-BR
2009-06-07 18:22:21 ----D---- C:\Windows\AppPatch
2009-06-07 18:22:08 ----D---- C:\Windows\system32\Boot
2009-06-07 18:20:06 ----D---- C:\Windows\system32\RTCOM
2009-06-01 17:51:12 ----A---- C:\Windows\system32\mrt.exe
2009-05-17 15:13:41 ----SD---- C:\Windows\Downloaded Program Files
2009-05-13 19:57:21 ----D---- C:\Windows\PolicyDefinitions
2009-05-13 19:50:49 ----D---- C:\Program Files\Common Files\microsoft shared
2009-05-13 19:46:56 ----A---- C:\Windows\win.ini
2009-05-08 16:21:19 ----D---- C:\Windows\system32\Tasks
2009-05-06 00:45:01 ----D---- C:\Windows\Tasks
2009-05-05 23:47:55 ----D---- C:\Program Files\MSBuild
2009-05-05 23:47:38 ----D---- C:\Program Files\Microsoft Office
2009-05-05 23:47:11 ----D---- C:\Windows\ShellNew
2009-05-05 23:45:57 ----SD---- C:\ProgramData\Microsoft
2009-05-04 02:12:38 ----HD---- C:\Program Files\InstallShield Installation Information
2009-05-04 01:41:04 ----D---- C:\Program Files\Common Files\InstallShield
2009-04-30 08:50:16 ----D---- C:\Windows\system32\WDI
2009-04-24 23:57:28 ----D---- C:\Windows\Logs
2009-04-23 18:43:49 ----RD---- C:\Users
2009-04-23 15:30:17 ----D---- C:\Windows\system32\LogFiles
2009-04-23 15:26:17 ----HD---- C:\Windows\system32\GroupPolicy
2009-04-22 23:56:12 ----D---- C:\Program Files\Microsoft Silverlight
2009-04-22 23:54:09 ----D---- C:\Windows\twain_32
2009-04-22 18:15:02 ----D---- C:\Windows\Debug
2009-04-22 16:34:34 ----D---- C:\Program Files\Google
2009-04-22 16:25:45 ----D---- C:\Windows\system32\NDF
2009-04-22 15:07:20 ----D---- C:\ProgramData\Google
2009-04-22 15:05:20 ----D---- C:\Windows\Panther
2009-04-22 14:21:37 ----D---- C:\Windows\system32\restore
2009-04-11 07:32:46 ----A---- C:\Windows\system32\halmacpi.dll
2009-04-11 07:32:46 ----A---- C:\Windows\system32\hal.dll
2009-04-11 07:32:43 ----A---- C:\Windows\system32\halacpi.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2009-04-25 23832]
R1 AvgLdx86;AVG AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-06-11 327688]
R1 AvgMfx86;AVG On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-06-17 27784]
R1 AvgTdiX;AVG8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-04-25 108552]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 SCDEmu;SCDEmu; C:\Windows\system32\drivers\SCDEmu.sys [2009-03-15 56268]
R2 irda;IrDA Protocol; C:\Windows\system32\DRIVERS\irda.sys [2008-01-21 95744]
R3 AVGIDSDriver;AVGIDSDriver; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSDriver.sys [2009-02-26 121352]
R3 AVGIDSFilter;AVGIDSFilter; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSFilter.sys [2009-02-26 30216]
R3 AVGIDSShim;AVGIDSShim; \??\C:\Program Files\AVG\AVG8\IdentityProtection\agent\driver\platform_VISTA\AVGIDSShim.sys [2009-02-26 29136]
R3 BELKIN;Belkin Wireless G USB Network Adapter; C:\Windows\system32\DRIVERS\BLKWGU.sys [2007-05-31 252416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-03-19 23400]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-09-09 2167128]
R3 KMWDFILTER;HIDUASDesc; C:\Windows\system32\DRIVERS\KMWDFILTER.sys [2008-10-09 17408]
R3 LVPr2Mon;LVPr2Mon Driver; C:\Windows\system32\Drivers\LVPr2Mon.sys [2008-12-16 25624]
R3 LVRS;Logitech RightSound Filter Driver; C:\Windows\system32\DRIVERS\lvrs.sys [2008-12-17 768024]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\Windows\system32\drivers\LVUSBSta.sys [2008-12-17 41752]
R3 pepifilter;Volume Adapter; C:\Windows\system32\DRIVERS\lv302af.sys [2008-12-17 13848]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2008-12-17 2686104]
R3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2008-07-22 51200]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-11 73216]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
S3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-21 14208]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
S3 GpdDevDPort;GpdDevDPort; \??\C:\Windows\system32\directport.sys []
S3 GpdKbFilter;GpdKbFilter; \??\C:\Windows\system32\kbfiltr.sys []
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys []
S3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys []
S3 irsir;Microsoft Serial Infrared Driver; C:\Windows\system32\DRIVERS\irsir.sys [2008-01-21 20992]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
S3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2008-05-02 122368]
S3 RTL8187Se;Realtek RTL8187SE Wireless LAN PCIE Network Adapter; C:\Windows\system32\DRIVERS\RTL8187Se.sys [2008-07-10 331776]
S3 RTSTOR;Realtek USB 2.0 Card Reader; C:\Windows\system32\drivers\RTSTOR.SYS [2008-05-06 62976]
S3 UMPass;Microsoft UMPass Driver; C:\Windows\system32\DRIVERS\umpass.sys [2008-01-21 7680]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-03-26 36864]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-21 134016]
S3 winusb;WinUSB Service; C:\Windows\system32\DRIVERS\winusb.sys [2009-04-11 31616]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-03-26 132424]
R2 avg8emc;AVG8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-06-17 906520]
R2 avg8wd;AVG8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-04-25 298776]
R2 avgfws8;AVG8 Firewall; C:\PROGRA~1\AVG\AVG8\avgfws8.exe [2009-06-11 1368952]
R2 AVGIDSAgent;AVGIDSAgent; C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe [2009-02-26 5576712]
R2 AVGIDSWatcher;AVGIDSWatcher; C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe [2009-02-26 563720]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2008-12-16 150040]
R2 Nero BackItUp Scheduler 4.0;Nero BackItUp Scheduler 4.0; C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe [2008-09-29 935208]
R2 OsdService;OSD Service; C:\Windows\Installer\MSI3BEB.tmp [2009-04-23 94208]
R2 RapiMgr;@%windir%\WindowsMobile\rapimgr.dll,-104; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 WcesComm;@%windir%\WindowsMobile\wcescomm.dll,-40079; C:\Windows\system32\svchost.exe [2008-01-21 21504]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-04-29 655624]
S3 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-04-02 656168]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]

-----------------EOF-----------------
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm

Re: Dead slow PC & internet cuts out

Unread postby Shaba » July 1st, 2009, 7:57 am

Good :)

Let's check this next:

Please download GMER by GMER. An alternate download site.
  1. Unzip it to a folder on your desktop.
  2. Double click on gmer.exe to execute.
    If asked, allow the gmer.sys driver load.
  3. If you get a warning prompt about rootkit activity ... asking if you want to run Scan, click OK.
  4. If you don't get a warning then...
    • Click the Rootkit/Malware tab at the top of the GMER window.
    • Click the Scan button.
  5. Once the scan has finished... click Copy. ... Do not close the GMER window yet...
  6. Open Notepad and paste what you copied. Ctrl+V
  7. Select "Save As" in Notepad...saving the file to your desktop as "gmerroot.txt"... then close Notepad.

    In the GMER window...
  8. Click on the >>> tab at the top of the GMER window.
    This displays the rest of the "selection" tabs for you.
  9. Click on the Autostart tab.
  10. Click on Scan button.
  11. Once the scan has finished... click Copy.
  12. Open Notepad (again) and paste what you copied. Ctrl+V
  13. Select "Save As" in Notepad...saving the file to your desktop as "gmerauto.txt"
  14. Copy and paste the contents of the files gmerroot.txt and gmerauto.txt in you next reply.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 10:01 am

gmerroot

GMER 1.0.15.14972 - http://www.gmer.net
Rootkit scan 2009-07-01 14:57:41
Windows 6.0.6002 Service Pack 2


---- User code sections - GMER 1.0.15 ----

.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtCreateFile + 6 777D43DA 4 Bytes [28, 00, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtCreateFile + B 777D43DF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 1 Byte [28]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 4 Bytes [28, 03, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtMapViewOfSection + B 777D4B2F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenFile + 6 777D4BBA 4 Bytes [68, 00, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenFile + B 777D4BBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenProcess + 6 777D4C3A 4 Bytes [A8, 01, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenProcess + B 777D4C3F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenProcessToken + B 777D4C4F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenProcessTokenEx + 6 777D4C5A 4 Bytes [A8, 02, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenProcessTokenEx + B 777D4C5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenThread + 6 777D4CAA 4 Bytes [68, 01, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenThread + B 777D4CAF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenThreadToken + 6 777D4CBA 4 Bytes [68, 02, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenThreadToken + B 777D4CBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtOpenThreadTokenEx + B 777D4CCF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtQueryAttributesFile + 6 777D4D5A 4 Bytes [A8, 00, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtQueryAttributesFile + B 777D4D5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtQueryFullAttributesFile + B 777D4E0F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtSetInformationFile + 6 777D52EA 4 Bytes [28, 01, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtSetInformationFile + B 777D52EF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtSetInformationThread + 6 777D533A 4 Bytes [28, 02, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtSetInformationThread + B 777D533F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 1 Byte [68]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 4 Bytes [68, 03, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[3424] ntdll.dll!NtUnmapViewOfSection + B 777D55DF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtCreateFile + 6 777D43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtCreateFile + B 777D43DF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 1 Byte [28]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtMapViewOfSection + B 777D4B2F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenFile + 6 777D4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenFile + B 777D4BBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenProcess + 6 777D4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenProcess + B 777D4C3F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenProcessToken + B 777D4C4F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenProcessTokenEx + 6 777D4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenProcessTokenEx + B 777D4C5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenThread + 6 777D4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenThread + B 777D4CAF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenThreadToken + 6 777D4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenThreadToken + B 777D4CBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtOpenThreadTokenEx + B 777D4CCF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtQueryAttributesFile + 6 777D4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtQueryAttributesFile + B 777D4D5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtQueryFullAttributesFile + B 777D4E0F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtSetInformationFile + 6 777D52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtSetInformationFile + B 777D52EF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtSetInformationThread + 6 777D533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtSetInformationThread + B 777D533F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 1 Byte [68]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[4276] ntdll.dll!NtUnmapViewOfSection + B 777D55DF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtCreateFile + 6 777D43DA 4 Bytes [28, 00, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtCreateFile + B 777D43DF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 1 Byte [28]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 4 Bytes [28, 03, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtMapViewOfSection + B 777D4B2F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenFile + 6 777D4BBA 4 Bytes [68, 00, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenFile + B 777D4BBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenProcess + 6 777D4C3A 4 Bytes [A8, 01, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenProcess + B 777D4C3F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenProcessToken + B 777D4C4F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenProcessTokenEx + 6 777D4C5A 4 Bytes [A8, 02, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenProcessTokenEx + B 777D4C5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenThread + 6 777D4CAA 4 Bytes [68, 01, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenThread + B 777D4CAF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenThreadToken + 6 777D4CBA 4 Bytes [68, 02, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenThreadToken + B 777D4CBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtOpenThreadTokenEx + B 777D4CCF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtQueryAttributesFile + 6 777D4D5A 4 Bytes [A8, 00, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtQueryAttributesFile + B 777D4D5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtQueryFullAttributesFile + B 777D4E0F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtSetInformationFile + 6 777D52EA 4 Bytes [28, 01, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtSetInformationFile + B 777D52EF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtSetInformationThread + 6 777D533A 4 Bytes [28, 02, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtSetInformationThread + B 777D533F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 1 Byte [68]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 4 Bytes [68, 03, 16, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5224] ntdll.dll!NtUnmapViewOfSection + B 777D55DF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtCreateFile + 6 777D43DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtCreateFile + B 777D43DF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 1 Byte [28]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtMapViewOfSection + 6 777D4B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtMapViewOfSection + B 777D4B2F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenFile + 6 777D4BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenFile + B 777D4BBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenProcess + 6 777D4C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenProcess + B 777D4C3F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenProcessToken + B 777D4C4F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenProcessTokenEx + 6 777D4C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenProcessTokenEx + B 777D4C5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenThread + 6 777D4CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenThread + B 777D4CAF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenThreadToken + 6 777D4CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenThreadToken + B 777D4CBF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtOpenThreadTokenEx + B 777D4CCF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtQueryAttributesFile + 6 777D4D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtQueryAttributesFile + B 777D4D5F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtQueryFullAttributesFile + B 777D4E0F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtSetInformationFile + 6 777D52EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtSetInformationFile + B 777D52EF 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtSetInformationThread + 6 777D533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtSetInformationThread + B 777D533F 1 Byte [E2]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 1 Byte [68]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtUnmapViewOfSection + 6 777D55DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\James\AppData\Local\Google\Chrome\Application\chrome.exe[5676] ntdll.dll!NtUnmapViewOfSection + B 777D55DF 1 Byte [E2]

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtCreateFile] [03632F20] C:\Windows\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Windows\Explorer.EXE[264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtClose] [03632CF0] C:\Windows\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Windows\Explorer.EXE[264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDeviceIoControlFile] [03632C90] C:\Windows\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)
IAT C:\Windows\Explorer.EXE[264] @ C:\Windows\system32\kernel32.dll [ntdll.dll!NtDuplicateObject] [03632CC0] C:\Windows\TEMP\logishrd\LVPrcInj01.dll (Camera Helper Library./Logitech Inc.)

---- Devices - GMER 1.0.15 ----

AttachedDevice \FileSystem\Ntfs \Ntfs AVGIDSFilter.sys
AttachedDevice \Driver\tdx \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)
AttachedDevice \Driver\tdx \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158307cb0c
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158307cb0c@001ca4166ee5 0x57 0x62 0x7A 0xB9 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\00158307cb0c@0023f107a8b0 0x20 0x11 0xED 0x08 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158307cb0c
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158307cb0c@001ca4166ee5 0x57 0x62 0x7A 0xB9 ...
Reg HKLM\SYSTEM\ControlSet002\Services\BTHPORT\Parameters\Keys\00158307cb0c@0023f107a8b0 0x20 0x11 0xED 0x08 ...

---- EOF - GMER 1.0.15 ----


gmerauto

GMER 1.0.15.14972 - http://www.gmer.net
Autostart scan 2009-07-01 14:59:32
Windows 6.0.6002 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon@Userinit = C:\Windows\system32\userinit.exe,

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui@DLLName = igfxdev.dll /*file not found*/

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Windows@AppInit_DLLs = avgrsstx.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Apple Mobile Device@ = "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
avg8emc@ = C:\PROGRA~1\AVG\AVG8\avgemc.exe
avg8wd@ = C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
avgfws8@ = C:\PROGRA~1\AVG\AVG8\avgfws8.exe
AVGIDSAgent@ = "C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSAgent.exe" AVGIDSAgent
AVGIDSWatcher@ = C:\Program Files\AVG\AVG8\IdentityProtection\agent\Bin\AVGIDSWatcher.exe
Bonjour Service@ = "C:\Program Files\Bonjour\mDNSResponder.exe"
LVPrcSrv@ = "C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe"
Nero BackItUp Scheduler 4.0@ = C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
OsdService@ = C:\Windows\Installer\MSI3BEB.tmp
SeaPort@ = "C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe"
slsvc@ = %SystemRoot%\system32\SLsvc.exe
WMPNetworkSvc@ = "%ProgramFiles%\Windows Media Player\wmpnetwk.exe"
WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@Windows Defender%ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/ = %ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/
@RtHDVCplRtHDVCpl.exe = RtHDVCpl.exe
@SkytelSkytel.exe = Skytel.exe
@SunJavaUpdateSched"C:\Program Files\Java\jre6\bin\jusched.exe" = "C:\Program Files\Java\jre6\bin\jusched.exe"
@AVG8_TRAYC:\PROGRA~1\AVG\AVG8\avgtray.exe = C:\PROGRA~1\AVG\AVG8\avgtray.exe
@AVGIDS"C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe" = "C:\Program Files\AVG\AVG8\IdentityProtection\agent\bin\AVGIDSUI.exe"
@Adobe Reader Speed Launcher"C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" = "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
@Windows Mobile-based device management%windir%\WindowsMobile\wmdSync.exe = %windir%\WindowsMobile\wmdSync.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@msnmsgr"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background = "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
@WMPNSCFGC:\Program Files\Windows Media Player\WMPNSCFG.exe = C:\Program Files\Windows Media Player\WMPNSCFG.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} /*Computers and Devices*/%systemroot%\system32\NetworkExplorer.dll = %systemroot%\system32\NetworkExplorer.dll
@{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486} /*IGD Property Sheet Handler*/%SystemRoot%\System32\icsigd.dll = %SystemRoot%\System32\icsigd.dll
@{92dbad9f-5025-49b0-9078-2d78f935e341} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{b9815375-5d7f-4ce2-9245-c9d4da436930} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{f8b8412b-dea3-4130-b36c-5e8be73106ac} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{5FA29220-36A1-40f9-89C6-F4B384B7642E} /*Shell Message Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/(null) =
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{00020d75-0000-0000-c000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MI1933~1\Office12\MLSHEXT.DLL = C:\PROGRA~1\MI1933~1\Office12\MLSHEXT.DLL
@{CC6EEFFB-43F6-46c5-9619-51D571967F7D} /*Web Publishing Wizard*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{add36aa8-751a-4579-a266-d66f5202ccbb} /*Print Ordering via the Web*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{6b33163c-76a5-4b6c-bf21-45de9cd503a1} /*Shell Publishing Wizard Object*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{176d6597-26d3-11d1-b350-080036a75b03} /*ICM Scanner Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{5DB2625A-54DF-11D0-B6C4-0800091AA605} /*ICM Monitor Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{675F097E-4C4D-11D0-B6C1-0800091AA605} /*ICM Printer Management*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{DBCE2480-C732-101B-BE72-BA78E9AD5B27} /*ICC Profile*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{b2c761c6-29bc-4f19-9251-e6195265baf1} /*Color Control Panel Applet*/(null) =
@{74246bfc-4c96-11d0-abef-0020af6b0b7a} /*Device Manager*/%SystemRoot%\System32\devmgr.dll = %SystemRoot%\System32\devmgr.dll
@{7A979262-40CE-46ff-AEEE-7884AC3B6136} /*Add New Hardware*/(null) =
@{3e7efb4c-faf1-453d-89eb-56026875ef90} /*Get Programs Online*/(null) =
@{1b24a030-9b20-49bc-97ac-1be4426f9e59} /*ActiveDirectory Folder*/(null) =
@{34449847-FD14-4fc8-A75A-7432F5181EFB} /*ActiveDirectory Folder*/(null) =
@{C8494E42-ACDD-4739-B0FB-217361E4894F} /*Sam Account Folder*/(null) =
@{E29F9716-5C08-4FCD-955A-119FDB5A522D} /*Sam Account Folder*/(null) =
@{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} /*Control Panel command object for Start menu*/(null) =
@{E44E5D18-0652-4508-A4E2-8A090067BCB0} /*Default Programs command object for Start menu*/(null) =
@{6dfd7c5c-2451-11d3-a299-00c04f8ef6af} /*Folder Options*/(null) =
@{97e467b4-98c6-4f19-9588-161b7773d6f6} /*Office Document Property Handler*/%SystemRoot%\system32\propsys.dll = %SystemRoot%\system32\propsys.dll
@{2C2577C2-63A7-40e3-9B7F-586602617ECB} /*Explorer Query Band*/(null) =
@{DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} /*File Open Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{C0B4E2F3-BA21-4773-8DBA-335EC946EB8B} /*File Save Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{92337A8C-E11D-11D0-BE48-00C04FC30DF6} /*OlePrn.PrinterURL*/%SystemRoot%\system32\oleprn.dll = %SystemRoot%\system32\oleprn.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft XPS Properties*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft XPS Thumbnail*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} /*View Available Networks*/(null) =
@{13D3C4B8-B179-4ebb-BF62-F704173E7448} /*Windows Contact Preview Handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} /*Contacts folder*/(null) =
@{4F58F63F-244B-4c07-B29F-210BE59BE9B4} /*.group shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{8082C5E6-4C27-48ec-A809-B8E1122E8F97} /*.contact shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{16C2C29D-0E5F-45f3-A445-03E03F587B7D} /*group_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{CF67796C-F57F-45F8-92FB-AD698826C602} /*contact_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} /*Compatibility Property Page*/%windir%\system32\acppage.dll = %windir%\system32\acppage.dll
@{4026492f-2f69-46b8-b9bf-5654fc07e423} /*Windows Firewall*/(null) =
@{fcfeecae-ee1b-4849-ae50-685dcf7717ec} /*Problem Reports and Solutions*/(null) =
@{a304259d-52b8-4526-8b1a-a1d6cecc8243} /*iSCSI Initiator*/(null) =
@{11dbb47c-a525-400b-9e80-a54615a090c0} /*Execute Folder*/ExplorerFrame.dll = ExplorerFrame.dll
@{90b9bce2-b6db-4fd3-8451-35917ea1081b} /*Search Execute Command*/ExplorerFrame.dll = ExplorerFrame.dll
@{911051fa-c21c-4246-b470-070cd8df6dc4} /*.cab or .zip files*/(null) =
@{da67b8ad-e81b-4c70-9b91b417b5e33527} /*Windows Search Shell Service*/(null) =
@{a38b883c-1682-497e-97b0-0a3a9e801682} /*IPropertyStore Handler for Images*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{C7657C4A-9F68-40fa-A4DF-96BC08EB3551} /*Photo Thumbnail Provider*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{3F30C968-480A-4C6C-862D-EFC0897BB84B} /*Photo Thumbnail Extractor*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{BC65FB43-1958-4349-971A-210290480130} /*Network Explorer Property Sheet Handler*/%SystemRoot%\System32\NcdProp.dll = %SystemRoot%\System32\NcdProp.dll
@{d3e34b21-9d75-101a-8c3d-00aa001a1652} /*Bitmap Image*/(null) =
@{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} /*Video Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{E598560B-28D5-46aa-A14A-8A3BEA34B576} /*Windows Photo Gallery Viewer Video Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} /*Microsoft.ScannersAndCameras*/(null) =
@{0a4286ea-e355-44fb-8086-af3df7645bd9} /*Windows Media Player*/C:\PROGRA~1\WI4EB4~1\wmpband.dll = C:\PROGRA~1\WI4EB4~1\wmpband.dll
@{BB6B2374-3D79-41DB-87F4-896C91846510} /*EMDFileProperties*/emdmgmt.dll = emdmgmt.dll
@{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} /*Audio Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{89D83576-6BD1-4c86-9454-BEB04E94C819} /*MAPI Search Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{7A0F6AB7-ED84-46B6-B47E-02AA159A152B} /*Sync Center Simple Conflict Presenter*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9D687A4C-1404-41ef-A089-883B6FBECDE6} /*Windows Photo Gallery Viewer Autoplay Handler*/(null) =
@{37efd44d-ef8d-41b1-940d-96973a50e9e0} /*Windows Sidebar Properties*/(null) =
@{00f20eb5-8fd6-4d9d-b75e-36801766c8f1} /*PhotoAcqDropTarget*/%ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/
@{BC48B32F-5910-47F5-8570-5074A8A5636A} /*Sync Results Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{ED228FDF-9EA8-4870-83B1-96B02CFE0D52} /*Games Folder*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{E413D040-6788-4C22-957E-175D1C513A34} /*Sync Center Conflict Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{67718415-c450-4f3c-bf8a-b487642dc39b} /*Windows Features*/(null) =
@{91ADC906-6722-4B05-A12B-471ADDCCE132} /*Touch Band*/%SystemRoot%\System32\TouchX.dll = %SystemRoot%\System32\TouchX.dll
@{2781761E-28E0-4109-99FE-B9D127C57AFE} /*Windows Defender IOfficeAntiVirus implementation*/%ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/ = %ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/
@{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} /*Windows Photo Gallery Viewer Image Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{4B534112-3AF6-4697-A77C-D62CE9B9E7CF} /*Sync Center Event Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C} /*Sync Setup Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A} /*GameUX.RichGameMediaThumbnail*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{d8559eb9-20c0-410e-beda-7ed416aecc2a} /*Windows Defender*/(null) =
@{576C9E85-1300-4EF5-BF6B-D00509F4EDCD} /*Sync Center Handler Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{5ea4f148-308c-46d7-98a9-49041b1dd468} /*Mobility Center Control Panel*/(null) =
@{289978AC-A101-4341-A817-21EBA7FD046D} /*Sync Center Conflict Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{877ca5ac-cb41-4842-9c69-9136e42d47e2} /*File Backup Index*/%systemroot%\system32\sdshext.dll = %systemroot%\system32\sdshext.dll
@{71D99464-3B6B-475C-B241-E15883207529} /*Sync Results Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{B32D3949-ED98-4DBB-B347-17A144969BBA} /*Sync Center Item Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{2E9E59C0-B437-4981-A647-9C34B9B90891} /*Sync Setup Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF} /*Sync Center Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1} /*Welcome Center*/oobefldr.dll = oobefldr.dll
@{15D633E2-AD00-465b-9EC7-F56B7CDF8E27} /*Tablet PC Input Panel*/%CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/ = %CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/
@{F04CC277-03A2-4277-96A9-77967471BDFF} /*Sync Center Conflict Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{53BEDF0B-4E5B-4183-8DC9-B844344FA104} /*Microsoft Windows MAPI Preview Handler*/%SystemRoot%\system32\mssvp.dll = %SystemRoot%\system32\mssvp.dll
@{6b9228da-9c15-419e-856c-19e768a13bdc} /*Windows gadget DropTarget*/%ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/ = %ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/
@{8E25992B-373E-486E-80E5-BD23AE417E66} /*Sync Center Device Notification Sink*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{031EE060-67BC-460d-8847-E4A7C5E45A27} /*Windows Media Player Rich Preview Handler*/(null) =
@{1FA9085F-25A2-489B-85D4-86326EEDCD87} /*Manage Wireless Networks*/%SystemRoot%\system32\wlanpref.dll = %SystemRoot%\system32\wlanpref.dll
@{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60} /*RichGameMediaPropertyStore Class*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{BD7A2E7B-21CB-41b2-A086-B309680C6B7E} /*Client Side Cache Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{c5a40261-cd64-4ccf-84cb-c394da41d590} /*Video Thumbnail Extractor*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{98D99750-0B8A-4c59-9151-589053683D73} /*Windows Search Service Media Center Namespace Extension Handler*/C:\Windows\System32\mcsrchPH.dll = C:\Windows\System32\mcsrchPH.dll
@{713790EE-5EE1-45ba-8070-A1337D2762FA} /*WTVFile Thumbnail Handler*/C:\Windows\System32\sbe.dll = C:\Windows\System32\sbe.dll
@{E37A73F8-FB01-43dc-914E-AAEE76095AB9} /*WTVFile Property Handler*/C:\Windows\System32\sbe.dll = C:\Windows\System32\sbe.dll
@{28803F59-3A75-4058-995F-4EE5503B023C} /*Wireless Devices*/%systemroot%\system32\FunctionDiscoveryFolder.dll = %systemroot%\system32\FunctionDiscoveryFolder.dll
@{B41DB860-8EE4-11D2-9906-E49FADC173CA} /*WinRAR shell extension*/C:\Program Files\WinRAR\rarext.dll = C:\Program Files\WinRAR\rarext.dll
@{0563DB41-F538-4B37-A92D-4659049B7766} /*WLMD Message Handler*/C:\Program Files\Windows Live\Mail\mailcomm.dll = C:\Program Files\Windows Live\Mail\mailcomm.dll
@{06A2568A-CED6-4187-BB20-400B8C02BE5A} /**/(null) =
@{00F33137-EE26-412F-8D71-F84E4C2C6625} /**/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{2BE99FD4-A181-4996-BFA9-58C5FFD11F6C} /*Windows Live Photo Gallery Autoplay Drop Target*/(null) =
@{00F30F64-AC33-42F5-8FD1-5DC2D3FDE06C} /*Windows Live Photo Gallery Viewer Drop Target*/(null) =
@{00F374B7-B390-4884-B372-2FC349F2172B} /*Windows Live Photo Gallery Editor Drop Target*/(null) =
@{00F346CB-35A4-465B-8B8F-65A29DBAB1F6} /*Windows Live Photo Gallery Viewer Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F3712A-CA79-45B4-9E4D-D7891E7F8B9D} /*Windows Live Photo Gallery Editor Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{00F30F90-3E96-453B-AFCD-D71989ECC2C7} /*Windows Live Photo Gallery Autoplay Drop Target Shim*/C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll = C:\Program Files\Windows Live\Photo Gallery\PhotoViewerShim.dll
@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} /*AVG8 Shell Extension*/C:\Program Files\AVG\AVG8\avgse.dll = C:\Program Files\AVG\AVG8\avgse.dll
@{9F97547E-460A-42C5-AE0C-81C61FFAEBC3} /*AVG8 Find Extension*/(null) =
@{F0CB00CD-5A07-4D91-97F5-A8C92CDA93E4} /*Shell Extensions for RealOne Player*/C:\Program Files\Real\RealPlayer\rpshell.dll = C:\Program Files\Real\RealPlayer\rpshell.dll
@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} /*PowerISO*/C:\Program Files\PowerISO\PWRISOSH.DLL = C:\Program Files\PowerISO\PWRISOSH.DLL
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E} /*Groove GFS Browser Helper*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} /*Groove GFS Explorer Bar*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{A449600E-1DC6-4232-B948-9BD794D62056} /*Groove GFS Stub Icon Handler*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} /*Groove GFS Stub Execution Hook*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{6C467336-8281-4E60-8204-430CED96822D} /*Groove GFS Context Menu Handler*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{387E725D-DC16-4D76-B310-2C93ED4752A0} /*Groove XML Icon Handler*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{16F3DD56-1AF5-4347-846D-7C10C4192619} /*Groove Explorer Icon Overlay 3 (GFS Folder)*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} /*Groove Explorer Icon Overlay 2 (GFS Stub)*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} /*Groove Explorer Icon Overlay 4 (GFS Unread Mark)*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{99FD978C-D287-4F50-827F-B2C658EDA8E7} /*Groove Explorer Icon Overlay 1 (GFS Unread Stub)*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{920E6DB1-9907-4370-B3A0-BAFC03D81399} /*Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)*/C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MI1933~1\Office12\OLKFSTUB.DLL = C:\PROGRA~1\MI1933~1\Office12\OLKFSTUB.DLL
@{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} /*Microsoft Office OneNote Namespace Extension for Windows Desktop Search*/C:\PROGRA~1\MI1933~1\Office12\ONFILTER.DLL = C:\PROGRA~1\MI1933~1\Office12\ONFILTER.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office12\msohevi.dll = C:\Program Files\Microsoft Office\Office12\msohevi.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\Windows\System32\ieframe.dll = C:\Windows\System32\ieframe.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} /*Enhanced Storage Data Source*/%SystemRoot%\system32\EhStorShell.dll = %SystemRoot%\system32\EhStorShell.dll
@{97F68CE3-7146-45FF-BE24-D9A7DD7CB8A2} /*NeroCoverEd Live Icons*/C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll = C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
@{1CA6BBC9-E9FA-4021-822B-075DF1837B63} /*NeroDigitalIconHandler*/C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll = C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
@{846083A4-BFC6-4447-985C-6578B466A7D7} /*NeroDigitalPropSheetHandler*/C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll = C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
@{C9E60ED7-FEAE-477b-B6A6-7D62103A0C6B} /*NeroDigitalColumnHandler*/C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll = C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
@{4FBFFA8D-F390-471a-AE46-FEB93623AD63} /*NeroDigitalInfoHandler*/C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll = C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll
@{EDCC595A-F0EE-4d81-B554-D5D01C7AFB87} /*NeroDigitalThumbnailHandler*/C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll = C:\Program Files\Common Files\Nero\SMC\NeroDigitalExt.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
AVG8 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\AVG\AVG8\avgse.dll
Cover Designer@{73FCA462-9BD5-4065-A73F-A8E5F6904EF7} = C:\Program Files\Nero\Nero 9\Nero CoverDesigner\CoverEdExtension.dll
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ >>>
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
AVG8 Shell Extension@{9F97547E-4609-42C5-AE0C-81C61FFAEBC3} = C:\Program Files\AVG\AVG8\avgse.dll
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
PowerISO@{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} = C:\Program Files\PowerISO\PWRISOSH.DLL
WinRAR@{B41DB860-8EE4-11D2-9906-E49FADC173CA} = C:\Program Files\WinRAR\rarext.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{18DF081C-E8AD-4283-A596-FA578C2EBDC3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
@{22BF413B-C6D2-4d91-82A9-A0F997BA588C}C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll = C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
@{3049C3E9-B461-4BC5-8870-4C09146192CA}C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll = C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
@{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}C:\Program Files\AVG\AVG8\avgssie.dll = C:\Program Files\AVG\AVG8\avgssie.dll
@{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll = C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E}C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll = C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
@{9030D464-4C02-4ABF-8ECC-5164760863C6}C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
@{A057A204-BACC-4D26-C39E-35F1D2A32EC8}C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL = C:\PROGRA~1\MEGAUP~2\MEGAUP~1.DLL
@{bf00e119-21a3-4fd1-b178-3b8537e75c92}C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll = C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll
@{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}C:\Program Files\Windows Live\Toolbar\wltcore.dll = C:\Program Files\Windows Live\Toolbar\wltcore.dll

HKCU\Control Panel\Desktop@SCRNSAVE.EXE = C:\Windows\system32\logon.scr

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.google.com/ig/redirectdomain?brand=DSGI&bmod=DSGI = http://www.google.com/ig/redirectdomain ... &bmod=DSGI
@Start Pagehttp://www.google.com/ig/redirectdo ... &bmod=DSGI = http://www.google.com/ig/redirectdomain ... &bmod=DSGI
@Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://www.google.com/ig/redirectdomain?brand=DSGI&bmod=DSGI; = http://www.google.com/ig/redirectdomain ... bmod=DSGI;
@Start Pagehttp://www.google.co.uk/ = http://www.google.co.uk/
@Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\Windows\System32\msvidctl.dll
grooveLocalGWS@CLSID = C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
its@CLSID = %SystemRoot%\System32\itss.dll
linkscanner@CLSID = C:\Program Files\AVG\AVG8\avgpp.dll
livecall@CLSID = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = %SystemRoot%\System32\itss.dll
msnim@CLSID = C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL
skype4com@CLSID = C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
tv@CLSID = C:\Windows\System32\msvidctl.dll
wlmailhtml@CLSID = C:\Program Files\Windows Live\Mail\mailcomm.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll
000000000002@LibraryPath = %SystemRoot%\system32\napinsp.dll
000000000003@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000004@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000005@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006@LibraryPath = %SystemRoot%\system32\wshbth.dll

---- EOF - GMER 1.0.15 ----
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm

Re: Dead slow PC & internet cuts out

Unread postby Shaba » July 1st, 2009, 11:09 am

Please see this next and post back if it helped :)
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 11:17 am

Shaba wrote:Please see this next and post back if it helped :)


If you make 'this' bold, it is easier to see it as a link. I only realised it was a link until I pressed quote.

And on subject, I read that the other day. It didn't really have much of an effect. I tend to do that stuff occasionly anyway.

Is my PC now 'all clean'? Still seems to be a little slower then usual.
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm

Re: Dead slow PC & internet cuts out

Unread postby Shaba » July 1st, 2009, 1:48 pm

Thanks for the tip.

Yes I think it is clean.

If you still have slow computer, it might be hardware related.

I can redirect you to some windows forum if you like to?
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 2:48 pm

What do you think I think should upgrade in order to speed up my PC?

Only has 138GB Hard drive (seems rather random?)
2.5GB ram (was 512mb but I brought a 2GB ram stick and added that).
Crap, standard, cheap graphics card.
cheap processor.
Image

P.S. Just got Ccleaner. Heared it helps.


What will be the best thing to upgrade (in terms of making my PC faster) and how much do you think it'll cost?
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm

Re: Dead slow PC & internet cuts out

Unread postby Shaba » July 1st, 2009, 3:21 pm

Hard to say without exact info about hardware.
User avatar
Shaba
Admin/Teacher Emeritus
 
Posts: 26974
Joined: March 24th, 2006, 4:42 am
Location: Finland

Re: Dead slow PC & internet cuts out

Unread postby jamestaylor » July 1st, 2009, 4:04 pm

Is there a programme which gives out exact info?

EDIT:

Found my PC specs.

http://www.bargainspy.co.uk/node/47406

# Intel Celeron D 356 Processor
# 3.33GHz, 533MHz FSB, 512MB Cache
# Genuine Windows Vista (R) Home Basic (upgraded to Premium)
# 512MB DDR RAM (brought 2GB so now I have 2.5GB DDR RAM)
# 160GB Hard Disk
# Multi-Format Dual Layer DVD RW Drive
# Integrated Graphics
jamestaylor
Regular Member
 
Posts: 23
Joined: March 9th, 2009, 9:41 pm
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 44 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware