Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

hjt log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: hjt log

Unread postby lindai » July 19th, 2009, 7:36 pm

I posted the Kaspersky log two days ago. Here it is again:
OOps I csn't find it.
However the line for viruses, trojan horses, and a couple of other things was greyed out.
I would only let me scan for spyware and only found a few low risk cookies.
(the scan took several hours after the update took a couple of hours)
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm
Advertisement
Register to Remove

Re: hjt log

Unread postby lindai » July 19th, 2009, 7:41 pm

Here is The Kaspersky scan after all:
Note: "Viruses, Worms, Trojan Horses, Rootkits"
Was greyed out unable to chek the above.
--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Thursday, July 16, 2009
Operating System: Microsoft Windows XP Home Edition Service Pack 3 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, July 16, 2009 20:51:23
Records in database: 2476197
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
A:\
C:\
D:\
F:\

Scan statistics:
Files scanned: 67659
Threat name: 5
Infected objects: 6
Suspicious objects: 0
Duration of the scan: 02:54:44


File name / Threat name / Threats count
C:\downloads\HotModelSS.exe Infected: not-a-virus:AdWare.Win32.NavExcel.d 1
C:\downloads\HotModelSS.exe Infected: not-a-virus:AdWare.Win32.NavExcel.b 2
C:\downloads\HotModelSS.exe Infected: not-a-virus:AdWare.Win32.NavExcel 1
C:\downloads\HotModelSS.exe Infected: not-a-virus:AdWare.Win32.MediaMotor.a 1
C:\TEMP\My Documents\My Received Files\cnthemeset.exe Infected: not-a-virus:AdWare.Win32.Gator.3013 1

The selected area was scanned.
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm

Re: hjt log

Unread postby Cypher » July 20th, 2009, 6:54 am

Hi lindai.
We need to try another online scan.

Please go >here< to run Panda's ActiveScan
  • Once you are on the Panda site, click the Scan your PC now button
  • A new window will open...click the Scan Now button
  • Allow the ActiveX control to be installed. It will start downloading the files it requires for the scan. Note: This may take a couple of minutes
  • Run the ActiveX control, if requested. The screen will then show the scanning progress - the scan will take a while to finish. Please be patient.
  • When the scan has finished, click on Export To
  • Save the file as Activescan.txt to your Desktop
  • Close the Activescan window then go to your Desktop
  • Double-click on Activescan.txt and it will open in Notepad
  • In Notepad, click Edit > Select all, then Edit > Copy
  • Reply to this thread and click Ctrl+V to paste the log in your reply
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: hjt log

Unread postby lindai » July 21st, 2009, 6:05 pm

I scanned with Panda. The screen that panda used was very small and locked. I could not maximize it or drag the size out with the mouse, so I don't know where to find the panda logs. I am attaching a screen shot.
PS: I notice I had several thousand windows installer files. Do I need Installer files when I am through installing?
You do not have the required permissions to view the files attached to this post.
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm

Re: hjt log

Unread postby lindai » July 21st, 2009, 9:15 pm

I re-ran the panda scan:
;***********************************************************************************************************************************************************************************
ANALYSIS: 2009-07-21 20:11:56
PROTECTIONS: 1
MALWARE: 4
SUSPECTS: 5
;***********************************************************************************************************************************************************************************
PROTECTIONS
Description Version Active Updated
;===================================================================================================================================================================================
Spyware Doctor with AntiVirus 6.1.0.49 Yes Yes
;===================================================================================================================================================================================
MALWARE
Id Description Type Active Severity Disinfectable Disinfected Location
;===================================================================================================================================================================================
00167642 Cookie/Com.com TrackingCookie No 0 Yes No F:\Documents and Settings\Linda\Cookies\linda@com[1].txt
00168111 Cookie/Servlet TrackingCookie No 0 Yes No F:\Documents and Settings\Linda\Cookies\linda@livehelper[1].txt
00207338 Cookie/Target TrackingCookie No 0 Yes No F:\Documents and Settings\Linda\Cookies\linda@target[1].txt
00590315 Rootkit/Agent.LNB HackTools No 0 Yes No F:\System Volume Information\_restore{ACFD0E93-654F-40F1-90D3-A2782EA0F085}\RP833\A0069299.sys
;===================================================================================================================================================================================
SUSPECTS
Sent Location 8
;===================================================================================================================================================================================
No C:\Documents and Settings\ED\My Documents\ClnMimail\ClnMimail.com 8
No C:\Documents and Settings\ED\My Documents\ClnMimail.zip[ClnMimail.com] 8
No C:\downloads\id.exe 8
No C:\MrgdBkup\System Volume Information\_restore{96865B28-8720-48BC-8973-F74E396A5045}\RP2\A0001279.exe 8
No F:\downloads\Security\InstallPREVX102000064.exe 8
;===================================================================================================================================================================================
VULNERABILITIES
Id Severity Description 8
;===================================================================================================================================================================================
;===================================================================================================================================================================================
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm

Re: hjt log

Unread postby Cypher » July 22nd, 2009, 2:44 pm

Hi lindai

Can you tell me if you know what the below are.

C:\TEMP\My Documents\My Received Files\cnthemeset.exe
C:\downloads\id.exe 8
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: hjt log

Unread postby lindai » July 22nd, 2009, 4:03 pm

I'm sure I have no idea, sorry.
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm

Re: hjt log

Unread postby Cypher » July 23rd, 2009, 7:20 am

Hi lindai.
We can deal with those windows installer files later :)

I need you to upload those two files to get them tested.
Please upload the files One at a time.

Upload a File to Jotti
Please visit http://virusscan.jotti.org/

Copy/paste this file and path into the white box at the top:
C:\TEMP\My Documents\My Received Files\cnthemeset.exe

C:\downloads\id.exe

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.

If you have any trouble using jotti, try Virustotal

Upload a File to Virustotal
Please visit Virustotal

Copy/paste this file and path into the white box at the top:
C:\TEMP\My Documents\My Received Files\cnthemeset.exe

C:\downloads\id.exe

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: hjt log

Unread postby lindai » July 23rd, 2009, 10:36 am

here is the link to virustotal:
http://www.virustotal.com/analisis/774d ... 1247582515
I couldn't copy and paste that option wasn't available.
the file wouldn't upload to jotti
I put in the file name and clicked submit but nothing happened.
That was for the file named id.exe.
My browser couldn't find the other one. maybe one of my antivir deleted it.
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm

Re: hjt log

Unread postby lindai » July 23rd, 2009, 10:40 am

I tried the jotti link again here is the link to the results:
http://virusscan.jotti.org/en/scanresul ... 9a915f6e49
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm

Re: hjt log

Unread postby Cypher » July 23rd, 2009, 2:50 pm

Hi lindai

Leta clean a few things up :)

Disable Spyware Doctor

    please disable Spyware Doctor as it may interfere with what we are about to fix.

      1.Open Spyware Doctor
      2.click the "OnGuard" button on the left side.
      3.Uncheck "Activate OnGuard".
    please remember to reactivate it when we are finished

Next

Fix HijackThis entries

Run HijackThis
    If you are on the Main Menu page... Click "Do a system scan only"
    If you are on the "scan & fix stuff" page... Press the Scan...button.
When the scan finishes...Place a check mark next to the following entries (if they are still present):
    *Only check those items listed below *

    O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} -
    O16 - DPF: {DF780F87-FF2B-4DF8-92D0-73DB16A1543A} (PopCapLoader Object) - http://zone.msn.com/bingame/dim2/defaul ... der_v6.cab


    After checking these items... CLOSE ALL open windows except HijackThis
    Click the Fix Checked ...button...to remove the entries you checked.
    Choose YES...when prompted to fix the selected items.
    Once it has fixed them, close HijackThis and reboot your computer normally.

    Next

    Set Your Computer to Show All Files/Folders.

    • Click Start.
    • Click My Computer (Computer in Vista)..
    • For Vista, Press the ALT key while doing the next step.
    • Select the Tools menu and click Folder Options.
    • Select the View Tab.
    • Under the Hidden files and folders heading, select Show hidden files and folders.
    • Uncheck Hide protected operating system files (recommended).
    • Click Yes to confirm.
    • Uncheck the Hide file extensions for known file types.
    • Click OK.
    In addition, go to Start, Search. When you click on 'All files and folders' on the left pane, click on the 'More advanced options' at the bottom. Make sure that 'Search system folders', 'Search hidden files and folders', and 'Search subfolders' are checked.

    Next

    Navagate to C:\downloads\ id.exe

    Right ckick on id.exe and rename Edit.exe then right click again and delete it.

    I suggest you remove these to but the decision is yours

    C:\downloads\HotModelSS.exe <<< Optional
    F:\downloads\Security\InstallPREVX102000064.exe <<< Optional

    Next

    Re-run - RSIT (Random's System Information Tool)
    You should still have this program on your desktop.
    1. Right click on RSIT.exe and select "Run As Administrator" to run it. If Windows UAC prompts you, please allow it.
    2. Please read the disclaimer... click on Continue.
      RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. (it will be maximized)
    3. Please post ONLY the "log.txt", file contents in your next reply.
      (This log can be lengthy, so a separate post may be needed.)

In your next reply

1. RSIT\log.txt
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: hjt log

Unread postby lindai » July 24th, 2009, 5:36 am

please note: my operating system lives on the D drive, not C. Here is rsit log.txt
Logfile of random's system information tool 1.06 (written by random/random)
Run by Owner at 2009-07-24 04:32:44
Microsoft Windows XP Home Edition Service Pack 3
System drive D: has 60 GB (77%) free of 78 GB
Total RAM: 1022 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:33:10 AM, on 7/24/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16850)
Boot mode: Normal

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\system32\spoolsv.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\devldr32.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\WINDOWS\system32\wuauclt.exe
D:\Documents and Settings\Owner\My Documents\RSIT.exe
D:\Program Files\trend micro\Owner.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe

--
End of file - 3544 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"avast!"=D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe [2009-02-05 81000]
"HP Software Update"=D:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"Adobe Reader Speed Launcher"=D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=D:\WINDOWS\system32\ctfmon.exe [2008-04-13 15360]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UploadMgr]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"D:\Program Files\Messenger\msmsgs.exe"="D:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"D:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="D:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe"
"D:\WINDOWS\system32\usmt\migwiz.exe"="D:\WINDOWS\system32\usmt\migwiz.exe:*:Enabled:Files and Settings Transfer Wizard"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"

======List of files/folders created in the last 1 months======

2009-07-24 04:32:44 ----D---- D:\rsit
2009-07-24 04:32:44 ----D---- D:\Program Files\trend micro
2009-07-24 04:15:10 ----D---- D:\WINDOWS\LastGood
2009-07-23 12:48:29 ----D---- D:\Documents and Settings\Owner\Application Data\Macromedia
2009-07-23 11:18:25 ----D---- D:\Documents and Settings\Owner\Application Data\Adobe
2009-07-23 11:17:32 ----D---- D:\Documents and Settings\All Users.WINDOWS\Application Data\Adobe
2009-07-23 11:14:33 ----D---- D:\Program Files\NOS
2009-07-23 11:14:33 ----D---- D:\Documents and Settings\All Users.WINDOWS\Application Data\NOS
2009-07-23 05:46:25 ----D---- D:\Program Files\MSECache
2009-07-23 05:22:53 ----D---- D:\WINDOWS\ie7updates
2009-07-23 05:22:31 ----D---- D:\WINDOWS\WBEM
2009-07-23 05:21:30 ----HDC---- D:\WINDOWS\ie7
2009-07-23 05:21:20 ----HDC---- D:\WINDOWS\$NtServicePackUninstallIDNMitigationAPIs$
2009-07-23 05:21:08 ----HDC---- D:\WINDOWS\$NtServicePackUninstallNLSDownlevelMapping$
2009-07-23 05:02:48 ----D---- D:\Documents and Settings\Owner\Application Data\OfficeUpdate12
2009-07-23 05:01:07 ----A---- D:\WINDOWS\ODBC.INI
2009-07-23 05:01:03 ----A---- D:\WINDOWS\system32\mdimon.dll
2009-07-23 05:00:31 ----D---- D:\Program Files\Common Files\L&H
2009-07-23 05:00:23 ----D---- D:\Program Files\Microsoft ActiveSync
2009-07-23 05:00:17 ----D---- D:\Program Files\Common Files\DESIGNER
2009-07-23 05:00:12 ----D---- D:\Program Files\Microsoft Works
2009-07-23 05:00:07 ----D---- D:\Program Files\Microsoft Visual Studio
2009-07-23 04:59:56 ----D---- D:\WINDOWS\SHELLNEW
2009-07-23 04:59:27 ----D---- D:\Program Files\Microsoft Office
2009-07-23 04:53:21 ----D---- D:\Program Files\Common Files\HP
2009-07-23 04:52:32 ----D---- D:\Program Files\HP
2009-07-23 04:50:06 ----D---- D:\Documents and Settings\All Users.WINDOWS\Application Data\Hewlett-Packard
2009-07-23 04:49:56 ----RA---- D:\WINDOWS\system32\hpzids01.dll
2009-07-23 04:49:54 ----A---- D:\WINDOWS\system32\hpz3l5mu.dll
2009-07-23 04:49:38 ----DC---- D:\WINDOWS\system32\DRVSTORE
2009-07-23 04:49:36 ----RA---- D:\WINDOWS\system32\hppldcoi.dll
2009-07-23 04:49:36 ----RA---- D:\WINDOWS\system32\difxapi.dll
2009-07-23 04:33:42 ----HDC---- D:\WINDOWS\$NtUninstallKB951376-v2$
2009-07-23 04:33:38 ----HDC---- D:\WINDOWS\$NtUninstallKB952954$
2009-07-23 04:33:33 ----HDC---- D:\WINDOWS\$NtUninstallKB959426$
2009-07-23 04:33:28 ----HDC---- D:\WINDOWS\$NtUninstallKB946648$
2009-07-23 04:33:23 ----HDC---- D:\WINDOWS\$NtUninstallKB956803$
2009-07-23 04:33:19 ----HDC---- D:\WINDOWS\$NtUninstallKB955839$
2009-07-23 04:33:13 ----HDC---- D:\WINDOWS\$NtUninstallKB950974$
2009-07-23 04:33:09 ----HDC---- D:\WINDOWS\$NtUninstallKB960225$
2009-07-23 04:33:04 ----HDC---- D:\WINDOWS\$NtUninstallKB973346$
2009-07-23 04:32:53 ----HDC---- D:\WINDOWS\$NtUninstallKB956572$
2009-07-23 04:32:46 ----HDC---- D:\WINDOWS\$NtUninstallKB961501$
2009-07-23 04:32:37 ----HDC---- D:\WINDOWS\$NtUninstallKB969897$
2009-07-23 04:32:33 ----HDC---- D:\WINDOWS\$NtUninstallKB938464-v2$
2009-07-23 04:32:28 ----HDC---- D:\WINDOWS\$NtUninstallKB971633$
2009-07-23 04:32:22 ----HDC---- D:\WINDOWS\$NtUninstallKB952004$
2009-07-23 04:32:17 ----HDC---- D:\WINDOWS\$NtUninstallKB950762$
2009-07-23 04:32:13 ----HDC---- D:\WINDOWS\$NtUninstallKB957097$
2009-07-23 04:32:08 ----HDC---- D:\WINDOWS\$NtUninstallKB958687$
2009-07-23 04:32:04 ----HDC---- D:\WINDOWS\$NtUninstallKB952287$
2009-07-23 04:31:57 ----HDC---- D:\WINDOWS\$NtUninstallKB967715$
2009-07-23 04:31:53 ----HDC---- D:\WINDOWS\$NtUninstallKB951066$
2009-07-23 04:19:18 ----HDC---- D:\WINDOWS\$NtUninstallKB951748$
2009-07-23 04:19:13 ----HDC---- D:\WINDOWS\$NtUninstallKB970238$
2009-07-23 04:19:08 ----HDC---- D:\WINDOWS\$NtUninstallKB960803$
2009-07-23 04:18:40 ----A---- D:\WINDOWS\system32\MRT.exe
2009-07-23 04:18:33 ----HDC---- D:\WINDOWS\$NtUninstallKB968537$
2009-07-23 04:18:28 ----HDC---- D:\WINDOWS\$NtUninstallKB954600$
2009-07-23 04:18:24 ----HDC---- D:\WINDOWS\$NtUninstallKB958644$
2009-07-23 04:18:19 ----HDC---- D:\WINDOWS\$NtUninstallKB961371$
2009-07-23 04:18:13 ----HDC---- D:\WINDOWS\$NtUninstallKB955069$
2009-07-23 04:18:09 ----HDC---- D:\WINDOWS\$NtUninstallKB956802$
2009-07-23 04:17:55 ----HDC---- D:\WINDOWS\$NtUninstallKB923561$
2009-07-23 04:15:14 ----D---- D:\WINDOWS\Prefetch
2009-07-23 04:09:34 ----D---- D:\WINDOWS\system32\scripting
2009-07-23 04:09:34 ----D---- D:\WINDOWS\system32\en-us
2009-07-23 04:09:33 ----D---- D:\WINDOWS\l2schemas
2009-07-23 04:09:32 ----D---- D:\WINDOWS\system32\en
2009-07-23 04:09:32 ----D---- D:\WINDOWS\system32\bits
2009-07-23 04:05:57 ----D---- D:\WINDOWS\network diagnostic
2009-07-23 03:58:55 ----N---- D:\WINDOWS\system32\xpsp3res.dll
2009-07-23 03:58:54 ----N---- D:\WINDOWS\system32\xmllite.dll
2009-07-23 03:58:50 ----N---- D:\WINDOWS\system32\wmphoto.dll
2009-07-23 03:58:47 ----N---- D:\WINDOWS\system32\wlanapi.dll
2009-07-23 03:58:45 ----N---- D:\WINDOWS\system32\windowscodecsext.dll
2009-07-23 03:58:45 ----N---- D:\WINDOWS\system32\windowscodecs.dll
2009-07-23 03:58:42 ----N---- D:\WINDOWS\system32\verclsid.exe
2009-07-23 03:58:39 ----N---- D:\WINDOWS\system32\tzchange.exe
2009-07-23 03:58:38 ----N---- D:\WINDOWS\system32\tspkg.dll
2009-07-23 03:58:38 ----N---- D:\WINDOWS\system32\tsgqec.dll
2009-07-23 03:58:29 ----N---- D:\WINDOWS\system32\setupn.exe
2009-07-23 03:58:26 ----N---- D:\WINDOWS\system32\rhttpaa.dll
2009-07-23 03:58:25 ----N---- D:\WINDOWS\system32\rasqec.dll
2009-07-23 03:58:24 ----N---- D:\WINDOWS\system32\qutil.dll
2009-07-23 03:58:24 ----N---- D:\WINDOWS\system32\qcliprov.dll
2009-07-23 03:58:24 ----N---- D:\WINDOWS\system32\qagentrt.dll
2009-07-23 03:58:24 ----N---- D:\WINDOWS\system32\qagent.dll
2009-07-23 03:58:23 ----N---- D:\WINDOWS\system32\photometadatahandler.dll
2009-07-23 03:58:21 ----N---- D:\WINDOWS\system32\onex.dll
2009-07-23 03:58:14 ----N---- D:\WINDOWS\system32\napstat.exe
2009-07-23 03:58:14 ----N---- D:\WINDOWS\system32\napmontr.dll
2009-07-23 03:58:14 ----N---- D:\WINDOWS\system32\napipsec.dll
2009-07-23 03:58:13 ----N---- D:\WINDOWS\system32\msxml6r.dll
2009-07-23 03:58:13 ----N---- D:\WINDOWS\system32\msxml6.dll
2009-07-23 03:58:11 ----N---- D:\WINDOWS\system32\msshavmsg.dll
2009-07-23 03:58:11 ----N---- D:\WINDOWS\system32\mssha.dll
2009-07-23 03:58:04 ----N---- D:\WINDOWS\system32\mmcperf.exe
2009-07-23 03:58:04 ----N---- D:\WINDOWS\system32\mmcfxcommon.dll
2009-07-23 03:58:04 ----N---- D:\WINDOWS\system32\mmcex.dll
2009-07-23 03:58:04 ----N---- D:\WINDOWS\system32\microsoft.managementconsole.dll
2009-07-23 03:58:00 ----N---- D:\WINDOWS\system32\l2gpstore.dll
2009-07-23 03:58:00 ----N---- D:\WINDOWS\system32\kmsvc.dll
2009-07-23 03:58:00 ----N---- D:\WINDOWS\system32\kbdpash.dll
2009-07-23 03:58:00 ----N---- D:\WINDOWS\system32\kbdnepr.dll
2009-07-23 03:57:59 ----N---- D:\WINDOWS\system32\kbdiultn.dll
2009-07-23 03:57:59 ----N---- D:\WINDOWS\system32\kbdbhc.dll
2009-07-23 03:57:55 ----A---- D:\WINDOWS\004880_.tmp
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eapsvc.dll
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eapqec.dll
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eappprxy.dll
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eapphost.dll
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eappgnui.dll
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eappcfg.dll
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eapp3hst.dll
2009-07-23 03:57:54 ----N---- D:\WINDOWS\system32\eapolqec.dll
2009-07-23 03:57:53 ----N---- D:\WINDOWS\system32\dot3ui.dll
2009-07-23 03:57:53 ----N---- D:\WINDOWS\system32\dot3svc.dll
2009-07-23 03:57:53 ----N---- D:\WINDOWS\system32\dot3msm.dll
2009-07-23 03:57:53 ----N---- D:\WINDOWS\system32\dot3gpclnt.dll
2009-07-23 03:57:53 ----N---- D:\WINDOWS\system32\dot3dlg.dll
2009-07-23 03:57:53 ----N---- D:\WINDOWS\system32\dot3cfg.dll
2009-07-23 03:57:53 ----N---- D:\WINDOWS\system32\dot3api.dll
2009-07-23 03:57:52 ----N---- D:\WINDOWS\system32\dimsroam.dll
2009-07-23 03:57:52 ----N---- D:\WINDOWS\system32\dimsntfy.dll
2009-07-23 03:57:52 ----N---- D:\WINDOWS\system32\dhcpqec.dll
2009-07-23 03:57:51 ----N---- D:\WINDOWS\system32\credssp.dll
2009-07-23 03:57:48 ----N---- D:\WINDOWS\system32\bitsprx4.dll
2009-07-23 03:57:48 ----N---- D:\WINDOWS\system32\azroles.dll
2009-07-23 03:57:44 ----N---- D:\WINDOWS\system32\aaclient.dll
2009-07-23 03:52:35 ----D---- D:\Documents and Settings\All Users.WINDOWS\Application Data\Windows Genuine Advantage
2009-07-23 03:39:16 ----A---- D:\WINDOWS\system32\wpa.bak
2009-07-23 03:37:51 ----N---- D:\WINDOWS\system32\xpsp4res.dll
2009-07-23 03:33:21 ----A---- D:\WINDOWS\system32\MSVCR71.dll
2009-07-23 03:33:21 ----A---- D:\WINDOWS\system32\MSVCP71.dll
2009-07-23 03:33:21 ----A---- D:\WINDOWS\system32\MFC71.dll
2009-07-23 03:33:21 ----A---- D:\WINDOWS\system32\aswBoot.exe
2009-07-23 03:33:18 ----D---- D:\Program Files\Alwil Software
2009-07-23 03:26:15 ----HDC---- D:\WINDOWS\$MSI31Uninstall_KB893803v2$
2009-07-23 03:26:10 ----D---- D:\WINDOWS\system32\PreInstall
2009-07-23 03:26:09 ----HDC---- D:\WINDOWS\$NtUninstallKB898461$
2009-07-23 03:26:09 ----HD---- D:\WINDOWS\$hf_mig$
2009-07-23 03:20:59 ----D---- D:\WINDOWS\system32\SoftwareDistribution
2009-07-23 03:19:42 ----D---- D:\WINDOWS\SoftwareDistribution
2009-07-23 03:19:38 ----SD---- D:\WINDOWS\system32\Microsoft
2009-07-23 03:14:54 ----N---- D:\WINDOWS\system32\proxycfg.exe
2009-07-23 03:14:54 ----N---- D:\WINDOWS\system32\logman.exe
2009-07-23 03:14:50 ----N---- D:\WINDOWS\system32\ati2dvag.dll
2009-07-23 03:14:50 ----N---- D:\WINDOWS\system32\ati2dvaa.dll
2009-07-23 03:14:50 ----N---- D:\WINDOWS\system32\ati2cqag.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\ieencode.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\httpapi.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\hsfcisp2.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\hccoin.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\fwcfg.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\fsquirt.exe
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\fltmc.exe
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\fltlib.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\extmgr.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\encdec.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\encapi.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\dxdiagn.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\dsprpres.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\d3d9.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\cmsetacl.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\btpanui.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\bthserv.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\bthci.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\blastcln.exe
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\bitsprx3.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\bitsprx2.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\auditusr.exe
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\ativvaxx.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\ativtmxx.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\ati3duag.dll
2009-07-23 03:14:49 ----N---- D:\WINDOWS\system32\ati3d1ag.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\powercfg.exe
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\pnrpnsp.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\p2psvc.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\p2pnetsh.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\p2pgraph.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\p2pgasvc.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\p2p.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\mtxparhd.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\mssap.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\mspmsnsv.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\msftedit.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\msdadiag.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\mp4sdmod.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\mp43dmod.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\mdmxsdk.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdukx.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdsmsno.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdsmsfi.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdno1.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdmlt48.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdmlt47.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdmaori.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdinmal.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdinben.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdinbe1.dll
2009-07-23 03:14:48 ----N---- D:\WINDOWS\system32\kbdfi1.dll
2009-07-23 03:14:48 ----A---- D:\WINDOWS\system32\nv4_disp.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\wmspdmod.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\wmsdmoe2.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\wmpdxm.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\wmpasf.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\wmp.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\wmidx.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\wmerror.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\winshfhc.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\winbrand.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\w3ssl.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\twext.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\strmfilt.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\smbinst.exe
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\slserv.exe
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\slrundll.exe
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\slgen.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\slextspk.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\slcoinst.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\sdhcinst.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\sbeio.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\sbe.dll
2009-07-23 03:14:47 ----N---- D:\WINDOWS\system32\s3gnb.dll
2009-07-23 03:14:47 ----A---- D:\WINDOWS\system32\winhttp.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\xpsp1res.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\xmlprovi.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\xmlprov.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\wuaueng1.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\wuauclt1.exe
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\wshbth.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\wscntfy.exe
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\wmvdmoe2.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\system32\wmspdmoe.dll
2009-07-23 03:14:46 ----N---- D:\WINDOWS\slrundll.exe
2009-07-23 03:14:46 ----A---- D:\WINDOWS\system32\xpob2res.dll
2009-07-23 03:14:46 ----A---- D:\WINDOWS\system32\wuweb.dll
2009-07-23 03:14:46 ----A---- D:\WINDOWS\system32\wups.dll
2009-07-23 03:14:46 ----A---- D:\WINDOWS\system32\wucltui.dll
2009-07-23 03:14:46 ----A---- D:\WINDOWS\system32\wuapi.dll
2009-07-23 03:14:46 ----A---- D:\WINDOWS\system32\wscsvc.dll
2009-07-23 03:14:45 ----D---- D:\WINDOWS\peernet
2009-07-23 03:14:44 ----D---- D:\WINDOWS\provisioning
2009-07-23 03:13:35 ----D---- D:\WINDOWS\ServicePackFiles
2009-07-23 03:11:46 ----N---- D:\WINDOWS\system32\xpsp2res.dll
2009-07-23 03:10:46 ----N---- D:\WINDOWS\system32\spmsg.dll
2009-07-23 03:10:44 ----A---- D:\WINDOWS\002129_.tmp
2009-07-23 03:10:43 ----D---- D:\WINDOWS\system32\ReinstallBackups
2009-07-23 03:10:35 ----A---- D:\WINDOWS\system32\spupdsvc.exe
2009-07-23 03:09:21 ----HDC---- D:\WINDOWS\$NtServicePackUninstall$
2009-07-23 03:09:19 ----D---- D:\WINDOWS\EHome
2009-07-23 03:03:41 ----SHD---- D:\WINDOWS\Installer
2009-07-23 03:03:38 ----D---- D:\Documents and Settings\Owner\Application Data\Identities
2009-07-23 03:03:14 ----SD---- D:\Documents and Settings\Owner\Application Data\Microsoft
2009-07-23 03:03:14 ----ASH---- D:\Documents and Settings\Owner\Application Data\desktop.ini
2009-07-23 03:02:55 ----A---- D:\WINDOWS\SchedLgU.Txt
2009-07-23 03:00:08 ----D---- D:\WINDOWS\system32\xircom
2009-07-23 03:00:00 ----A---- D:\WINDOWS\control.ini
2009-07-23 02:59:53 ----A---- D:\WINDOWS\OEWABLog.txt
2009-07-23 02:59:48 ----A---- D:\WINDOWS\system32\mapi32.dll
2009-07-23 02:59:05 ----SD---- D:\WINDOWS\Downloaded Program Files
2009-07-23 02:59:05 ----RD---- D:\WINDOWS\Offline Web Pages
2009-07-23 02:59:05 ----RAH---- D:\WINDOWS\system32\logonui.exe.manifest
2009-07-23 02:58:59 ----RAH---- D:\WINDOWS\system32\cdplayer.exe.manifest
2009-07-23 02:58:42 ----D---- D:\WINDOWS\srchasst
2009-07-23 02:58:36 ----D---- D:\WINDOWS\system32\Macromed
2009-07-23 02:58:36 ----D---- D:\WINDOWS\system32\DirectX
2009-07-23 02:58:29 ----A---- D:\WINDOWS\system32\qmgrprxy.dll
2009-07-23 02:58:29 ----A---- D:\WINDOWS\system32\qmgr.dll
2009-07-23 02:58:15 ----A---- D:\WINDOWS\system32\safrslv.dll
2009-07-23 02:58:15 ----A---- D:\WINDOWS\system32\safrdm.dll
2009-07-23 02:58:15 ----A---- D:\WINDOWS\system32\safrcdlg.dll
2009-07-23 02:58:14 ----A---- D:\WINDOWS\system32\racpldlg.dll
2009-07-23 02:58:14 ----A---- D:\WINDOWS\system32\atrace.dll
2009-07-23 02:58:11 ----A---- D:\WINDOWS\system32\desktop.ini
2009-07-23 02:58:11 ----A---- D:\WINDOWS\desktop.ini
2009-07-23 02:58:05 ----D---- D:\WINDOWS\system32\Restore
2009-07-23 02:58:05 ----A---- D:\WINDOWS\system32\srsvc.dll
2009-07-23 02:58:05 ----A---- D:\WINDOWS\system32\srrstr.dll
2009-07-23 02:58:05 ----A---- D:\WINDOWS\system32\srclient.dll
2009-07-23 02:58:04 ----A---- D:\WINDOWS\system32\nmevtmsg.dll
2009-07-23 02:58:04 ----A---- D:\WINDOWS\system32\mnmdd.dll
2009-07-23 02:58:04 ----A---- D:\WINDOWS\system32\isrdbg32.dll
2009-07-23 02:58:04 ----A---- D:\WINDOWS\system32\ils.dll
2009-07-23 02:58:03 ----A---- D:\WINDOWS\system32\nmmkcert.dll
2009-07-23 02:58:03 ----A---- D:\WINDOWS\system32\msconf.dll
2009-07-23 02:58:03 ----A---- D:\WINDOWS\system32\mnmsrvc.exe
2009-07-23 02:58:01 ----D---- D:\WINDOWS\PCHEALTH
2009-07-23 02:58:01 ----A---- D:\WINDOWS\system32\msoert2.dll
2009-07-23 02:58:01 ----A---- D:\WINDOWS\system32\msoeacct.dll
2009-07-23 02:58:01 ----A---- D:\WINDOWS\system32\acctres.dll
2009-07-23 02:58:00 ----A---- D:\WINDOWS\system32\inetres.dll
2009-07-23 02:58:00 ----A---- D:\WINDOWS\system32\inetcomm.dll
2009-07-23 02:57:58 ----SD---- D:\WINDOWS\Tasks
2009-07-23 02:57:58 ----A---- D:\WINDOWS\system32\schedsvc.dll
2009-07-23 02:57:58 ----A---- D:\WINDOWS\system32\mstinit.exe
2009-07-23 02:57:58 ----A---- D:\WINDOWS\system32\mstask.dll
2009-07-23 02:57:58 ----A---- D:\WINDOWS\system32\icwphbk.dll
2009-07-23 02:57:58 ----A---- D:\WINDOWS\system32\icwdial.dll
2009-07-23 02:57:57 ----A---- D:\WINDOWS\system32\isign32.dll
2009-07-23 02:57:57 ----A---- D:\WINDOWS\system32\inetcfg.dll
2009-07-23 02:57:57 ----A---- D:\WINDOWS\system32\icfgnt5.dll
2009-07-23 02:57:29 ----A---- D:\WINDOWS\vbaddin.ini
2009-07-23 02:57:29 ----A---- D:\WINDOWS\vb.ini
2009-07-23 02:57:23 ----D---- D:\WINDOWS\Registration
2009-07-23 02:56:47 ----A---- D:\WINDOWS\system32\write.exe
2009-07-23 02:56:42 ----A---- D:\WINDOWS\system32\sndvol32.exe
2009-07-23 02:56:42 ----A---- D:\WINDOWS\system32\sndrec32.exe
2009-07-23 02:56:42 ----A---- D:\WINDOWS\system32\mplay32.exe
2009-07-23 02:56:42 ----A---- D:\WINDOWS\system32\accwiz.exe
2009-07-23 02:56:41 ----A---- D:\WINDOWS\system32\winchat.exe
2009-07-23 02:56:41 ----A---- D:\WINDOWS\system32\hypertrm.dll
2009-07-23 02:56:41 ----A---- D:\WINDOWS\system32\hticons.dll
2009-07-23 02:56:41 ----A---- D:\WINDOWS\system32\avwav.dll
2009-07-23 02:56:41 ----A---- D:\WINDOWS\system32\avtapi.dll
2009-07-23 02:56:41 ----A---- D:\WINDOWS\system32\avmeter.dll
2009-07-23 02:56:40 ----A---- D:\WINDOWS\system32\mspaint.exe
2009-07-23 02:56:36 ----A---- D:\WINDOWS\system32\clipbrd.exe
2009-07-23 02:56:35 ----A---- D:\WINDOWS\system32\getuname.dll
2009-07-23 02:56:35 ----A---- D:\WINDOWS\system32\charmap.exe
2009-07-23 02:56:35 ----A---- D:\WINDOWS\system32\calc.exe
2009-07-23 02:56:34 ----A---- D:\WINDOWS\system32\wuauclt.exe
2009-07-23 02:56:34 ----A---- D:\WINDOWS\system32\winmine.exe
2009-07-23 02:56:34 ----A---- D:\WINDOWS\system32\spider.exe
2009-07-23 02:56:34 ----A---- D:\WINDOWS\system32\sol.exe
2009-07-23 02:56:34 ----A---- D:\WINDOWS\system32\mshearts.exe
2009-07-23 02:56:34 ----A---- D:\WINDOWS\system32\freecell.exe
2009-07-23 02:56:33 ----A---- D:\WINDOWS\system32\wuauserv.dll
2009-07-23 02:56:33 ----A---- D:\WINDOWS\system32\wuaueng.dll
2009-07-23 02:56:33 ----A---- D:\WINDOWS\system32\tscfgwmi.dll
2009-07-23 02:56:33 ----A---- D:\WINDOWS\system32\reset.exe
2009-07-23 02:56:33 ----A---- D:\WINDOWS\system32\remotepg.dll
2009-07-23 02:56:33 ----A---- D:\WINDOWS\system32\mstscax.dll
2009-07-23 02:56:33 ----A---- D:\WINDOWS\system32\mstsc.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\usrlogon.cmd
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\tsshutdn.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\tslabels.ini
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\tskill.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\tsdiscon.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\tscupgrd.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\tscon.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\termsrv.dll
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\shadow.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\sessmgr.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\rwinsta.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\rdshost.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\rdsaddin.exe
2009-07-23 02:56:32 ----A---- D:\WINDOWS\system32\rdchost.dll
2009-07-23 02:56:31 ----D---- D:\WINDOWS\system32\MsDtc
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\regini.exe
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\rdpwsx.dll
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\rdpsnd.dll
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\rdpclip.exe
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\rdpcfgex.dll
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\qwinsta.exe
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\qprocess.exe
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\qappsrv.exe
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\msg.exe
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\msdtcuiu.dll
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\logoff.exe
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\icaapi.dll
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\cfgbkend.dll
2009-07-23 02:56:31 ----A---- D:\WINDOWS\system32\cdmodem.dll
2009-07-23 02:56:30 ----A---- D:\WINDOWS\system32\xolehlp.dll
2009-07-23 02:56:30 ----A---- D:\WINDOWS\system32\mtxoci.dll
2009-07-23 02:56:30 ----A---- D:\WINDOWS\system32\msdtctm.dll
2009-07-23 02:56:30 ----A---- D:\WINDOWS\system32\msdtcprx.dll
2009-07-23 02:56:30 ----A---- D:\WINDOWS\system32\msdtcprf.ini
2009-07-23 02:56:30 ----A---- D:\WINDOWS\system32\msdtclog.dll
2009-07-23 02:56:30 ----A---- D:\WINDOWS\system32\msdtc.exe
2009-07-23 02:56:29 ----D---- D:\WINDOWS\system32\Com
2009-07-23 02:56:29 ----A---- D:\WINDOWS\system32\mtxlegih.dll
2009-07-23 02:56:29 ----A---- D:\WINDOWS\system32\mtxex.dll
2009-07-23 02:56:29 ----A---- D:\WINDOWS\system32\mtxdm.dll
2009-07-23 02:56:29 ----A---- D:\WINDOWS\system32\dcomcnfg.exe
2009-07-23 02:56:29 ----A---- D:\WINDOWS\system32\comaddin.dll
2009-07-23 02:56:29 ----A---- D:\WINDOWS\system32\colbact.dll
2009-07-23 02:56:28 ----A---- D:\WINDOWS\system32\stclient.dll
2009-07-23 02:56:28 ----A---- D:\WINDOWS\system32\comrepl.dll
2009-07-23 02:56:28 ----A---- D:\WINDOWS\system32\clbcatex.dll
2009-07-23 02:56:28 ----A---- D:\WINDOWS\system32\catsrvut.dll
2009-07-23 02:56:28 ----A---- D:\WINDOWS\system32\catsrvps.dll
2009-07-23 02:56:28 ----A---- D:\WINDOWS\system32\catsrv.dll
2009-07-23 02:56:27 ----A---- D:\WINDOWS\system32\comuid.dll
2009-07-23 02:56:27 ----A---- D:\WINDOWS\system32\comsvcs.dll
2009-07-23 02:56:27 ----A---- D:\WINDOWS\system32\comsnap.dll
2009-07-23 02:56:27 ----A---- D:\WINDOWS\system32\clbcatq.dll
2009-07-23 02:56:20 ----A---- D:\WINDOWS\system32\wmimgmt.msc
2009-07-23 02:56:20 ----A---- D:\WINDOWS\system32\servdeps.dll
2009-07-23 02:56:20 ----A---- D:\WINDOWS\system32\mmfutil.dll
2009-07-23 02:56:20 ----A---- D:\WINDOWS\system32\licwmi.dll
2009-07-23 02:56:20 ----A---- D:\WINDOWS\system32\cmprops.dll
2009-07-22 21:54:42 ----A---- D:\WINDOWS\system32\h323log.txt
2009-07-22 21:51:30 ----A---- D:\WINDOWS\system32\sfman32.dll
2009-07-22 21:51:30 ----A---- D:\WINDOWS\system32\sblfx.dll
2009-07-22 21:51:29 ----A---- D:\WINDOWS\system32\ksuser.dll
2009-07-22 21:51:29 ----A---- D:\WINDOWS\system32\devldr32.exe
2009-07-22 21:51:29 ----A---- D:\WINDOWS\system32\devcon32.dll
2009-07-22 21:51:29 ----A---- D:\WINDOWS\system32\ctwdm32.dll
2009-07-22 21:51:12 ----A---- D:\WINDOWS\system32\usbui.dll
2009-07-22 21:50:07 ----A---- D:\WINDOWS\imsins.BAK
2009-07-22 21:50:04 ----A---- D:\WINDOWS\system32\PerfStringBackup.INI
2009-07-22 21:50:03 ----A---- D:\WINDOWS\ODBCINST.INI
2009-07-22 21:49:59 ----RA---- D:\WINDOWS\system32\kbdtuq.dll
2009-07-22 21:49:59 ----RA---- D:\WINDOWS\system32\kbdtuf.dll
2009-07-22 21:49:59 ----RA---- D:\WINDOWS\system32\kbdazel.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdycc.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbduzb.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdur.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdtat.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdru1.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdru.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdmon.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdkyr.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdkaz.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdbu.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdblr.dll
2009-07-22 21:49:58 ----RA---- D:\WINDOWS\system32\kbdaze.dll
2009-07-22 21:49:56 ----RA---- D:\WINDOWS\system32\kbdhept.dll
2009-07-22 21:49:56 ----RA---- D:\WINDOWS\system32\kbdhela3.dll
2009-07-22 21:49:56 ----RA---- D:\WINDOWS\system32\kbdhela2.dll
2009-07-22 21:49:56 ----RA---- D:\WINDOWS\system32\kbdhe319.dll
2009-07-22 21:49:56 ----RA---- D:\WINDOWS\system32\kbdhe220.dll
2009-07-22 21:49:56 ----RA---- D:\WINDOWS\system32\kbdhe.dll
2009-07-22 21:49:56 ----RA---- D:\WINDOWS\system32\kbdgkl.dll
2009-07-22 21:49:55 ----RA---- D:\WINDOWS\system32\kbdlv1.dll
2009-07-22 21:49:55 ----RA---- D:\WINDOWS\system32\kbdlv.dll
2009-07-22 21:49:55 ----RA---- D:\WINDOWS\system32\kbdlt1.dll
2009-07-22 21:49:55 ----RA---- D:\WINDOWS\system32\kbdlt.dll
2009-07-22 21:49:55 ----RA---- D:\WINDOWS\system32\kbdest.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdycl.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdsl1.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdsl.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdro.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdpl1.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdpl.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdhu1.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdhu.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdcz2.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdcz1.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdcz.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\kbdcr.dll
2009-07-22 21:49:53 ----RA---- D:\WINDOWS\system32\KBDAL.DLL
2009-07-22 21:49:51 ----A---- D:\WINDOWS\system32\spxcoins.dll
2009-07-22 21:49:51 ----A---- D:\WINDOWS\system32\irclass.dll
2009-07-22 21:49:51 ----A---- D:\WINDOWS\system32\EqnClass.Dll
2009-07-22 21:49:51 ----A---- D:\WINDOWS\system32\dgsetup.dll
2009-07-22 21:49:51 ----A---- D:\WINDOWS\system32\dgrpsetu.dll
2009-07-22 21:49:50 ----A---- D:\WINDOWS\system32\batt.dll
2009-07-22 21:49:49 ----A---- D:\WINDOWS\TASKMAN.EXE
2009-07-22 21:49:48 ----N---- D:\WINDOWS\system32\CONFIG.TMP
2009-07-22 21:49:48 ----A---- D:\WINDOWS\system32\storprop.dll
2009-07-22 21:49:48 ----A---- D:\WINDOWS\notepad.exe
2009-07-22 21:49:40 ----ASH---- D:\Documents and Settings\All Users.WINDOWS\Application Data\desktop.ini
2009-07-22 21:49:38 ----RA---- D:\WINDOWS\SET7.tmp
2009-07-22 21:49:35 ----RA---- D:\WINDOWS\SET3.tmp
2009-07-22 21:49:29 ----D---- D:\WINDOWS\system32\CatRoot2
2009-07-22 21:49:29 ----D---- D:\WINDOWS\system32\CatRoot
2009-07-22 21:49:23 ----SD---- D:\Documents and Settings\All Users.WINDOWS\Application Data\Microsoft
2009-07-22 21:49:12 ----A---- D:\WINDOWS\setuplog.txt
2009-07-22 21:45:23 ----RSHDC---- D:\WINDOWS\system32\dllcache
2009-07-22 21:45:23 ----RSD---- D:\WINDOWS\Fonts
2009-07-22 21:45:23 ----RD---- D:\WINDOWS\Web
2009-07-22 21:45:23 ----HD---- D:\WINDOWS\inf
2009-07-22 21:45:23 ----D---- D:\WINDOWS\WinSxS
2009-07-22 21:45:23 ----D---- D:\WINDOWS\twain_32
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Temp
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\wins
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\wbem
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\usmt
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\spool
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\ShellExt
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\Setup
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\ras
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\oobe
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\npp
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\mui
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\inetsrv
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\IME
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\icsxml
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\ias
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\export
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\drivers
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\dhcp
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\config
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\3com_dmi
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\3076
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\2052
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1054
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1042
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1041
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1037
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1033
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1031
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1028
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32\1025
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system32
2009-07-22 21:45:23 ----D---- D:\WINDOWS\system
2009-07-22 21:45:23 ----D---- D:\WINDOWS\security
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Resources
2009-07-22 21:45:23 ----D---- D:\WINDOWS\repair
2009-07-22 21:45:23 ----D---- D:\WINDOWS\mui
2009-07-22 21:45:23 ----D---- D:\WINDOWS\msapps
2009-07-22 21:45:23 ----D---- D:\WINDOWS\msagent
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Media
2009-07-22 21:45:23 ----D---- D:\WINDOWS\java
2009-07-22 21:45:23 ----D---- D:\WINDOWS\ime
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Help
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Driver Cache
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Debug
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Cursors
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Connection Wizard
2009-07-22 21:45:23 ----D---- D:\WINDOWS\Config
2009-07-22 21:45:23 ----D---- D:\WINDOWS\AppPatch
2009-07-22 21:45:23 ----D---- D:\WINDOWS\addins
2009-07-22 21:45:23 ----D---- D:\WINDOWS
2009-06-29 20:07:30 ----A---- D:\WINDOWS\opuc.dll

======List of files/folders modified in the last 1 months======

2009-07-24 04:32:44 ----RAD---- D:\Program Files
2009-07-24 04:21:38 ----D---- D:\downloads
2009-07-23 11:17:51 ----HD---- D:\Config.Msi
2009-07-23 11:17:35 ----D---- D:\Program Files\Common Files\Adobe
2009-07-23 11:17:26 ----D---- D:\Program Files\Adobe
2009-07-23 05:46:34 ----D---- D:\Program Files\Common Files\Microsoft Shared
2009-07-23 05:24:46 ----D---- D:\Program Files\Internet Explorer
2009-07-23 05:14:18 ----N---- D:\WINDOWS\win.ini
2009-07-23 05:00:31 ----D---- D:\Program Files\Common Files
2009-07-23 04:59:59 ----D---- D:\Program Files\Common Files\System
2009-07-23 04:33:30 ----D---- D:\Program Files\Messenger
2009-07-23 04:09:52 ----D---- D:\Program Files\Windows Media Player
2009-07-23 04:09:32 ----D---- D:\Program Files\Movie Maker
2009-07-23 04:07:38 ----D---- D:\Program Files\NetMeeting
2009-07-23 04:07:35 ----D---- D:\Program Files\Windows NT
2009-07-23 04:07:35 ----D---- D:\Program Files\Outlook Express
2009-07-23 03:29:07 ----SHD---- D:\RECYCLER
2009-07-23 03:21:13 ----HD---- D:\Program Files\WindowsUpdate
2009-07-23 03:03:14 ----D---- D:\Documents and Settings
2009-07-23 03:03:03 ----SHD---- D:\System Volume Information
2009-07-22 21:50:01 ----N---- D:\WINDOWS\system.ini

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 Aavmker4;avast! Asynchronous Virus Monitor; D:\WINDOWS\system32\drivers\Aavmker4.sys [2009-02-05 26944]
R1 AmdK7;AMD K7 Processor Driver; D:\WINDOWS\System32\DRIVERS\amdk7.sys [2008-04-13 37760]
R1 aswSP;avast! Self Protection; D:\WINDOWS\system32\drivers\aswSP.sys [2009-02-05 114768]
R1 aswTdi;avast! Network Shield Support; D:\WINDOWS\system32\drivers\aswTdi.sys [2009-02-05 51376]
R2 aswFsBlk;aswFsBlk; D:\WINDOWS\system32\DRIVERS\aswFsBlk.sys [2009-02-05 20560]
R2 aswMon2;avast! Standard Shield Support; D:\WINDOWS\system32\drivers\aswMon2.sys [2009-02-05 94032]
R3 aswRdr;aswRdr; D:\WINDOWS\system32\drivers\aswRdr.sys [2009-02-05 23152]
R3 ctljystk;Creative SBLive! Gameport; D:\WINDOWS\System32\DRIVERS\ctljystk.sys [2001-08-17 3712]
R3 emu10k;Creative SB Live! (WDM); D:\WINDOWS\system32\drivers\emu10k1m.sys [2001-08-17 283904]
R3 emu10k1;Creative Interface Manager Driver (WDM); D:\WINDOWS\system32\drivers\ctlfacem.sys [2001-08-17 6912]
R3 FETNDIS;VIA PCI 10/100Mb Fast Ethernet Adapter NT Driver; D:\WINDOWS\System32\DRIVERS\fetnd5.sys [2001-08-17 27165]
R3 nv;nv; D:\WINDOWS\System32\DRIVERS\nv4_mini.sys [2004-08-03 1897408]
R3 sfman;Creative SoundFont Manager Driver (WDM); D:\WINDOWS\system32\drivers\sfmanm.sys [2001-08-17 36480]
R3 usbhub;Microsoft USB Standard Hub Driver; D:\WINDOWS\System32\DRIVERS\usbhub.sys [2008-04-13 59520]
R3 usbuhci;Microsoft USB Universal Host Controller Miniport Driver; D:\WINDOWS\System32\DRIVERS\usbuhci.sys [2008-04-13 20608]
S3 HPZid412;IEEE-1284.4 Driver HPZid412; D:\WINDOWS\system32\DRIVERS\HPZid412.sys [2007-10-30 49920]
S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; D:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2007-10-30 16496]
S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; D:\WINDOWS\system32\DRIVERS\HPZius12.sys [2007-10-30 21568]
S3 usbccgp;Microsoft USB Generic Parent Driver; D:\WINDOWS\System32\DRIVERS\usbccgp.sys [2008-04-13 32128]
S3 usbprint;Microsoft USB PRINTER Class; D:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
S3 USBSTOR;USB Mass Storage Driver; D:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368]
S4 IntelIde;IntelIde; D:\WINDOWS\system32\drivers\IntelIde.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 aswUpdSv;avast! iAVS4 Control Service; D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe [2009-02-05 18752]
R2 avast! Antivirus;avast! Antivirus; D:\Program Files\Alwil Software\Avast4\ashServ.exe [2009-02-05 138680]
R2 MDM;Machine Debug Manager; D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 Net Driver HPZ12;Net Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R2 Pml Driver HPZ12;Pml Driver HPZ12; D:\WINDOWS\System32\svchost.exe [2008-04-13 14336]
R3 avast! Mail Scanner;avast! Mail Scanner; D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe [2009-02-05 254040]
R3 avast! Web Scanner;avast! Web Scanner; D:\Program Files\Alwil Software\Avast4\ashWebSv.exe [2009-02-05 352920]
S3 ose;Office Source Engine; D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]

-----------------EOF-----------------
lindai
Regular Member
 
Posts: 18
Joined: July 4th, 2009, 1:56 pm

Re: hjt log

Unread postby Cypher » July 24th, 2009, 11:04 am

Hi lindai.

Your logs look clean.
Do you have any questions?, feel free to ask, and also, please let me know if you have any other problems.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: hjt log

Unread postby NonSuch » July 28th, 2009, 2:31 am

As this issue appears to be resolved and no questions have been asked, this topic is now closed.

You can help support this site from this link :
Donations For Malware Removal
User avatar
NonSuch
Administrator
Administrator
 
Posts: 28747
Joined: February 23rd, 2005, 7:08 am
Location: California
Advertisement
Register to Remove

Previous

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 324 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware