Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Having trouble using my laptop!

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Having trouble using my laptop!

Unread postby LOL =) » August 11th, 2009, 8:14 pm

GMER 1.0.15.15020 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-11 20:00:45
Windows 6.0.6002 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT 872A3728 ZwAlertResumeThread
SSDT 872A3A68 ZwAlertThread
SSDT 872A1EA8 ZwAllocateVirtualMemory
SSDT 86301A30 ZwConnectPort
SSDT 872A3478 ZwCreateMutant
SSDT 86739958 ZwCreateThread
SSDT 872A1D08 ZwFreeVirtualMemory
SSDT 872A3568 ZwImpersonateAnonymousToken
SSDT 872A3648 ZwImpersonateThread
SSDT 872A1C28 ZwMapViewOfSection
SSDT 872A3398 ZwOpenEvent
SSDT 86739898 ZwOpenProcessToken
SSDT 872A18F0 ZwOpenThreadToken
SSDT 87184A80 ZwResumeThread
SSDT 872A1810 ZwSetContextThread
SSDT 872A1A58 ZwSetInformationProcess
SSDT 872A1720 ZwSetInformationThread
SSDT 872A32B8 ZwSuspendProcess
SSDT 872A11C0 ZwSuspendThread
SSDT 86739A38 ZwTerminateProcess
SSDT 872A1440 ZwTerminateThread
SSDT 872A1B48 ZwUnmapViewOfSection
SSDT 872A1DD8 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 81EFB860 8 Bytes [28, 37, 2A, 87, 68, 3A, 2A, ...] {SUB [EDI], DH; SUB AL, [EDI-0x78d5c598]}
.text ntkrnlpa.exe!KeSetEvent + 131 81EFB874 4 Bytes [A8, 1E, 2A, 87]
.text ntkrnlpa.exe!KeSetEvent + 1C1 81EFB904 4 Bytes [30, 1A, 30, 86]
.text ntkrnlpa.exe!KeSetEvent + 1F5 81EFB938 4 Bytes [78, 34, 2A, 87]
.text ntkrnlpa.exe!KeSetEvent + 221 81EFB964 4 Bytes [58, 99, 73, 86] {POP EAX; CDQ ; JAE 0xffffffffffffff8a}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtCreateFile + 6 778443DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtCreateFile + B 778443DF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + 6 77844B2A 1 Byte [28]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + 6 77844B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + B 77844B2F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenFile + 6 77844BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenFile + B 77844BBF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcess + 6 77844C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcess + B 77844C3F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessToken + B 77844C4F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessTokenEx + 6 77844C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessTokenEx + B 77844C5F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThread + 6 77844CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThread + B 77844CAF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadToken + 6 77844CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadToken + B 77844CBF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadTokenEx + B 77844CCF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryAttributesFile + 6 77844D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryAttributesFile + B 77844D5F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryFullAttributesFile + B 77844E0F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationFile + 6 778452EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationFile + B 778452EF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationThread + 6 7784533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationThread + B 7784533F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + 6 778455DA 1 Byte [68]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + 6 778455DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + B 778455DF 1 Byte [E2]

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf@001edc2327c6 0xF6 0x30 0xF4 0xF7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf@001ee163569e 0x06 0xF8 0x04 0x08 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf@001edc2327c6 0xF6 0x30 0xF4 0xF7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf@001ee163569e 0x06 0xF8 0x04 0x08 ...

---- EOF - GMER 1.0.15 ----

GMER 1.0.15.15020 - http://www.gmer.net
Autostart scan 2009-08-11 20:03:40
Windows 6.0.6002 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\ >>>
Winlogon@Userinit = C:\Windows\system32\userinit.exe,
Windows@AppInit_DLLs = APSHook.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Apple Mobile Device@ = "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Bonjour Service@ = "C:\Program Files\Bonjour\mDNSResponder.exe"
ccEvtMgr@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
ccSetMgr@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
CLCapSvc@ = "C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe" wC:\Program Files\HP\QuickPlay\Kernel\TV\CapSetup HLP
CLSched@ = "C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe" a y \ K e r n e l \ T V \ C L C a p S v c . e x e
CLTNetCnService@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon
gupdate1ca0b192adaaab0@ = "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
gusvc@ = "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
HP Health Check Service@ = "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe"
hpqwmiex@ = C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
LightScribeService@ = "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
LiveUpdate Notice Ex@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
LiveUpdate Notice Service@ = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"
slsvc@ = %SystemRoot%\system32\SLsvc.exe
SymAppCore@ = "c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"
Viewpoint Manager Service@ = "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@Windows Defender%ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/ = %ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/
@SMSERIALC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe = C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
@SynTPEnhC:\Program Files\Synaptics\SynTP\SynTPEnh.exe = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
@RtHDVCplRtHDVCpl.exe = RtHDVCpl.exe
@ccApp"c:\Program Files\Common Files\Symantec Shared\ccApp.exe" = "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
@QPService"C:\Program Files\HP\QuickPlay\QPService.exe" = "C:\Program Files\HP\QuickPlay\QPService.exe"
@QlbCtrl%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start /*file not found*/
@HP Health Check SchedulerC:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe = C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
@hpWirelessAssistant%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe /*file not found*/
@WAWifiMessage%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe /*file not found*/
@CognizanceTSrundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule = rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
@Symantec PIF AlertEng"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
@ALUAlertC:\Program Files\Symantec\LiveUpdate\ALuNotify.exe = C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
@GrooveMonitor"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
@NvSvcRUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
@NvCplDaemonRUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
@NvMediaCenterRUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
@HP Software UpdateC:\Program Files\Hp\HP Software Update\HPWuSchd2.exe = C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
@ /*file not found*/ = /*file not found*/
@QuickTime Task"C:\Program Files\QuickTime\QTTask.exe" -atboottime = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
@iTunesHelper"C:\Program Files\iTunes\iTunesHelper.exe" = "C:\Program Files\iTunes\iTunesHelper.exe"
@snp2uvcC:\Windows\vsnp2uvc.exe = C:\Windows\vsnp2uvc.exe
@SunJavaUpdateSched"C:\Program Files\Java\jre6\bin\jusched.exe" = "C:\Program Files\Java\jre6\bin\jusched.exe"
@CarboniteSetupLite"C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800 = "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
RunOnce@Launcher = %WINDIR%\SMINST\launcher.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@SidebarC:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/ = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/
@HPAdvisorC:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun /*file not found*/ = C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun /*file not found*/
@Google Update"C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe" /c = "C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe" /c
@swgC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
@Aim6 /*file not found*/ = /*file not found*/
@ehTray.exeC:\Windows\ehome\ehTray.exe = C:\Windows\ehome\ehTray.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} /*Computers and Devices*/%systemroot%\system32\NetworkExplorer.dll = %systemroot%\system32\NetworkExplorer.dll
@{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486} /*IGD Property Sheet Handler*/%SystemRoot%\System32\icsigd.dll = %SystemRoot%\System32\icsigd.dll
@{92dbad9f-5025-49b0-9078-2d78f935e341} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{b9815375-5d7f-4ce2-9245-c9d4da436930} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{f8b8412b-dea3-4130-b36c-5e8be73106ac} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{5FA29220-36A1-40f9-89C6-F4B384B7642E} /*Shell Message Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/(null) =
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{00020d75-0000-0000-c000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL = C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL
@{CC6EEFFB-43F6-46c5-9619-51D571967F7D} /*Web Publishing Wizard*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{add36aa8-751a-4579-a266-d66f5202ccbb} /*Print Ordering via the Web*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{6b33163c-76a5-4b6c-bf21-45de9cd503a1} /*Shell Publishing Wizard Object*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{176d6597-26d3-11d1-b350-080036a75b03} /*ICM Scanner Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{5DB2625A-54DF-11D0-B6C4-0800091AA605} /*ICM Monitor Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{675F097E-4C4D-11D0-B6C1-0800091AA605} /*ICM Printer Management*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{DBCE2480-C732-101B-BE72-BA78E9AD5B27} /*ICC Profile*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{b2c761c6-29bc-4f19-9251-e6195265baf1} /*Color Control Panel Applet*/(null) =
@{74246bfc-4c96-11d0-abef-0020af6b0b7a} /*Device Manager*/%SystemRoot%\System32\devmgr.dll = %SystemRoot%\System32\devmgr.dll
@{7A979262-40CE-46ff-AEEE-7884AC3B6136} /*Add New Hardware*/(null) =
@{3e7efb4c-faf1-453d-89eb-56026875ef90} /*Get Programs Online*/(null) =
@{1b24a030-9b20-49bc-97ac-1be4426f9e59} /*ActiveDirectory Folder*/(null) =
@{34449847-FD14-4fc8-A75A-7432F5181EFB} /*ActiveDirectory Folder*/(null) =
@{C8494E42-ACDD-4739-B0FB-217361E4894F} /*Sam Account Folder*/(null) =
@{E29F9716-5C08-4FCD-955A-119FDB5A522D} /*Sam Account Folder*/(null) =
@{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} /*Control Panel command object for Start menu*/(null) =
@{E44E5D18-0652-4508-A4E2-8A090067BCB0} /*Default Programs command object for Start menu*/(null) =
@{6dfd7c5c-2451-11d3-a299-00c04f8ef6af} /*Folder Options*/(null) =
@{97e467b4-98c6-4f19-9588-161b7773d6f6} /*Office Document Property Handler*/%SystemRoot%\system32\propsys.dll = %SystemRoot%\system32\propsys.dll
@{2C2577C2-63A7-40e3-9B7F-586602617ECB} /*Explorer Query Band*/(null) =
@{DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} /*File Open Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{C0B4E2F3-BA21-4773-8DBA-335EC946EB8B} /*File Save Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{92337A8C-E11D-11D0-BE48-00C04FC30DF6} /*OlePrn.PrinterURL*/%SystemRoot%\system32\oleprn.dll = %SystemRoot%\system32\oleprn.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft XPS Properties*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft XPS Thumbnail*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} /*View Available Networks*/(null) =
@{13D3C4B8-B179-4ebb-BF62-F704173E7448} /*Windows Contact Preview Handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} /*Contacts folder*/(null) =
@{4F58F63F-244B-4c07-B29F-210BE59BE9B4} /*.group shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{8082C5E6-4C27-48ec-A809-B8E1122E8F97} /*.contact shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{16C2C29D-0E5F-45f3-A445-03E03F587B7D} /*group_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{CF67796C-F57F-45F8-92FB-AD698826C602} /*contact_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} /*Compatibility Property Page*/%windir%\system32\acppage.dll = %windir%\system32\acppage.dll
@{4026492f-2f69-46b8-b9bf-5654fc07e423} /*Windows Firewall*/(null) =
@{fcfeecae-ee1b-4849-ae50-685dcf7717ec} /*Problem Reports and Solutions*/(null) =
@{a304259d-52b8-4526-8b1a-a1d6cecc8243} /*iSCSI Initiator*/(null) =
@{11dbb47c-a525-400b-9e80-a54615a090c0} /*Execute Folder*/ExplorerFrame.dll = ExplorerFrame.dll
@{90b9bce2-b6db-4fd3-8451-35917ea1081b} /*Search Execute Command*/ExplorerFrame.dll = ExplorerFrame.dll
@{911051fa-c21c-4246-b470-070cd8df6dc4} /*.cab or .zip files*/(null) =
@{da67b8ad-e81b-4c70-9b91b417b5e33527} /*Windows Search Shell Service*/(null) =
@{a38b883c-1682-497e-97b0-0a3a9e801682} /*IPropertyStore Handler for Images*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{C7657C4A-9F68-40fa-A4DF-96BC08EB3551} /*Photo Thumbnail Provider*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{3F30C968-480A-4C6C-862D-EFC0897BB84B} /*Photo Thumbnail Extractor*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{BC65FB43-1958-4349-971A-210290480130} /*Network Explorer Property Sheet Handler*/%SystemRoot%\System32\NcdProp.dll = %SystemRoot%\System32\NcdProp.dll
@{d3e34b21-9d75-101a-8c3d-00aa001a1652} /*Bitmap Image*/(null) =
@{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} /*Video Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{E598560B-28D5-46aa-A14A-8A3BEA34B576} /*Windows Photo Gallery Viewer Video Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} /*Microsoft.ScannersAndCameras*/(null) =
@{0a4286ea-e355-44fb-8086-af3df7645bd9} /*Windows Media Player*/C:\PROGRA~1\WI4EB4~1\wmpband.dll = C:\PROGRA~1\WI4EB4~1\wmpband.dll
@{BB6B2374-3D79-41DB-87F4-896C91846510} /*EMDFileProperties*/emdmgmt.dll = emdmgmt.dll
@{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} /*Audio Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{89D83576-6BD1-4c86-9454-BEB04E94C819} /*MAPI Search Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{7A0F6AB7-ED84-46B6-B47E-02AA159A152B} /*Sync Center Simple Conflict Presenter*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9D687A4C-1404-41ef-A089-883B6FBECDE6} /*Windows Photo Gallery Viewer Autoplay Handler*/(null) =
@{37efd44d-ef8d-41b1-940d-96973a50e9e0} /*Windows Sidebar Properties*/(null) =
@{00f20eb5-8fd6-4d9d-b75e-36801766c8f1} /*PhotoAcqDropTarget*/%ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/
@{BC48B32F-5910-47F5-8570-5074A8A5636A} /*Sync Results Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{ED228FDF-9EA8-4870-83B1-96B02CFE0D52} /*Games Folder*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{E413D040-6788-4C22-957E-175D1C513A34} /*Sync Center Conflict Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{67718415-c450-4f3c-bf8a-b487642dc39b} /*Windows Features*/(null) =
@{91ADC906-6722-4B05-A12B-471ADDCCE132} /*Touch Band*/%SystemRoot%\System32\TouchX.dll = %SystemRoot%\System32\TouchX.dll
@{2781761E-28E0-4109-99FE-B9D127C57AFE} /*Windows Defender IOfficeAntiVirus implementation*/%ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/ = %ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/
@{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} /*Windows Photo Gallery Viewer Image Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{4B534112-3AF6-4697-A77C-D62CE9B9E7CF} /*Sync Center Event Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C} /*Sync Setup Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A} /*GameUX.RichGameMediaThumbnail*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{d8559eb9-20c0-410e-beda-7ed416aecc2a} /*Windows Defender*/(null) =
@{576C9E85-1300-4EF5-BF6B-D00509F4EDCD} /*Sync Center Handler Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{5ea4f148-308c-46d7-98a9-49041b1dd468} /*Mobility Center Control Panel*/(null) =
@{289978AC-A101-4341-A817-21EBA7FD046D} /*Sync Center Conflict Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{877ca5ac-cb41-4842-9c69-9136e42d47e2} /*File Backup Index*/%systemroot%\system32\sdshext.dll = %systemroot%\system32\sdshext.dll
@{71D99464-3B6B-475C-B241-E15883207529} /*Sync Results Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{B32D3949-ED98-4DBB-B347-17A144969BBA} /*Sync Center Item Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{2E9E59C0-B437-4981-A647-9C34B9B90891} /*Sync Setup Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF} /*Sync Center Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1} /*Welcome Center*/oobefldr.dll = oobefldr.dll
@{15D633E2-AD00-465b-9EC7-F56B7CDF8E27} /*Tablet PC Input Panel*/%CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/ = %CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/
@{F04CC277-03A2-4277-96A9-77967471BDFF} /*Sync Center Conflict Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{53BEDF0B-4E5B-4183-8DC9-B844344FA104} /*Microsoft Windows MAPI Preview Handler*/%SystemRoot%\system32\mssvp.dll = %SystemRoot%\system32\mssvp.dll
@{6b9228da-9c15-419e-856c-19e768a13bdc} /*Windows gadget DropTarget*/%ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/ = %ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/
@{8E25992B-373E-486E-80E5-BD23AE417E66} /*Sync Center Device Notification Sink*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{031EE060-67BC-460d-8847-E4A7C5E45A27} /*Windows Media Player Rich Preview Handler*/(null) =
@{1FA9085F-25A2-489B-85D4-86326EEDCD87} /*Manage Wireless Networks*/%SystemRoot%\system32\wlanpref.dll = %SystemRoot%\system32\wlanpref.dll
@{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60} /*RichGameMediaPropertyStore Class*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{BD7A2E7B-21CB-41b2-A086-B309680C6B7E} /*Client Side Cache Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{c5a40261-cd64-4ccf-84cb-c394da41d590} /*Video Thumbnail Extractor*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\Windows\system32\nvcpl.dll = C:\Windows\system32\nvcpl.dll
@{2F603045-309F-11CF-9774-0020AFD0CFF6} /*Synaptics Control Panel*/C:\Program Files\Synaptics\SynTP\SynTPCpl.dll = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
@{7F67036B-66F1-411A-AD85-759FB9C5B0DB} /*ShellViewRTF*/C:\Windows\System32\ShellvRTF.dll = C:\Windows\System32\ShellvRTF.dll
@{7842554E-6BED-11D2-8CDB-B05550C10000} /*Monitor*/C:\Windows\system32\btncopy.dll = C:\Windows\system32\btncopy.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E} /*Groove GFS Browser Helper*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} /*Groove GFS Explorer Bar*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{A449600E-1DC6-4232-B948-9BD794D62056} /*Groove GFS Stub Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} /*Groove GFS Stub Execution Hook*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{6C467336-8281-4E60-8204-430CED96822D} /*Groove GFS Context Menu Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{387E725D-DC16-4D76-B310-2C93ED4752A0} /*Groove XML Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{16F3DD56-1AF5-4347-846D-7C10C4192619} /*Groove Explorer Icon Overlay 3 (GFS Folder)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} /*Groove Explorer Icon Overlay 2 (GFS Stub)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} /*Groove Explorer Icon Overlay 4 (GFS Unread Mark)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{99FD978C-D287-4F50-827F-B2C658EDA8E7} /*Groove Explorer Icon Overlay 1 (GFS Unread Stub)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{920E6DB1-9907-4370-B3A0-BAFC03D81399} /*Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL
@{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} /*Microsoft Office OneNote Namespace Extension for Windows Desktop Search*/C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL = C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office12\msohevi.dll = C:\Program Files\Microsoft Office\Office12\msohevi.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\Windows\System32\ieframe.dll = C:\Windows\System32\ieframe.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\Windows\system32\nvcpl.dll = C:\Windows\system32\nvcpl.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{28803F59-3A75-4058-995F-4EE5503B023C} /*Wireless Devices*/%systemroot%\system32\FunctionDiscoveryFolder.dll = %systemroot%\system32\FunctionDiscoveryFolder.dll
@{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} /*Enhanced Storage Data Source*/%SystemRoot%\system32\EhStorShell.dll = %SystemRoot%\system32\EhStorShell.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
@{1E8A6170-7264-4D0F-BEAE-D42A53123C75}c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll = c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E}C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll = C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
@{b0cda128-b425-4eef-a174-61a11ac5dbf8}C:\Program Files\AIM Toolbar\aimtb.dll = C:\Program Files\AIM Toolbar\aimtb.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll
@{DF21F1DB-80C6-11D3-9483-B03D0EC10000}c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll = c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
@{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll = C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Start Pagehttp://ie.redirect.hp.com/svs/rdr?T ... &pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Start Pagehttp://ie.redirect.hp.com/svs/rdr?T ... &pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\Windows\System32\msvidctl.dll
grooveLocalGWS@CLSID = C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
its@CLSID = %SystemRoot%\System32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = %SystemRoot%\System32\itss.dll
tv@CLSID = C:\Windows\System32\msvidctl.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll
000000000002@LibraryPath = %SystemRoot%\system32\napinsp.dll
000000000003@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000004@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000005@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup >>>
Adobe Reader Speed Launch.lnk = Adobe Reader Speed Launch.lnk
Adobe Reader Synchronizer.lnk = Adobe Reader Synchronizer.lnk
Bluetooth.lnk = Bluetooth.lnk
NETGEAR WG111v3 Smart Wizard.lnk = NETGEAR WG111v3 Smart Wizard.lnk

---- EOF - GMER 1.0.15 ----
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind
Advertisement
Register to Remove

Re: Having trouble using my laptop!

Unread postby LOL =) » August 11th, 2009, 8:18 pm

GMER 1.0.15.15020 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-11 20:00:45
Windows 6.0.6002 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT 872A3728 ZwAlertResumeThread
SSDT 872A3A68 ZwAlertThread
SSDT 872A1EA8 ZwAllocateVirtualMemory
SSDT 86301A30 ZwConnectPort
SSDT 872A3478 ZwCreateMutant
SSDT 86739958 ZwCreateThread
SSDT 872A1D08 ZwFreeVirtualMemory
SSDT 872A3568 ZwImpersonateAnonymousToken
SSDT 872A3648 ZwImpersonateThread
SSDT 872A1C28 ZwMapViewOfSection
SSDT 872A3398 ZwOpenEvent
SSDT 86739898 ZwOpenProcessToken
SSDT 872A18F0 ZwOpenThreadToken
SSDT 87184A80 ZwResumeThread
SSDT 872A1810 ZwSetContextThread
SSDT 872A1A58 ZwSetInformationProcess
SSDT 872A1720 ZwSetInformationThread
SSDT 872A32B8 ZwSuspendProcess
SSDT 872A11C0 ZwSuspendThread
SSDT 86739A38 ZwTerminateProcess
SSDT 872A1440 ZwTerminateThread
SSDT 872A1B48 ZwUnmapViewOfSection
SSDT 872A1DD8 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 81EFB860 8 Bytes [28, 37, 2A, 87, 68, 3A, 2A, ...] {SUB [EDI], DH; SUB AL, [EDI-0x78d5c598]}
.text ntkrnlpa.exe!KeSetEvent + 131 81EFB874 4 Bytes [A8, 1E, 2A, 87]
.text ntkrnlpa.exe!KeSetEvent + 1C1 81EFB904 4 Bytes [30, 1A, 30, 86]
.text ntkrnlpa.exe!KeSetEvent + 1F5 81EFB938 4 Bytes [78, 34, 2A, 87]
.text ntkrnlpa.exe!KeSetEvent + 221 81EFB964 4 Bytes [58, 99, 73, 86] {POP EAX; CDQ ; JAE 0xffffffffffffff8a}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtCreateFile + 6 778443DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtCreateFile + B 778443DF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + 6 77844B2A 1 Byte [28]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + 6 77844B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + B 77844B2F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenFile + 6 77844BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenFile + B 77844BBF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcess + 6 77844C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcess + B 77844C3F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessToken + B 77844C4F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessTokenEx + 6 77844C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessTokenEx + B 77844C5F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThread + 6 77844CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThread + B 77844CAF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadToken + 6 77844CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadToken + B 77844CBF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadTokenEx + B 77844CCF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryAttributesFile + 6 77844D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryAttributesFile + B 77844D5F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryFullAttributesFile + B 77844E0F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationFile + 6 778452EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationFile + B 778452EF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationThread + 6 7784533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationThread + B 7784533F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + 6 778455DA 1 Byte [68]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + 6 778455DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + B 778455DF 1 Byte [E2]

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf@001edc2327c6 0xF6 0x30 0xF4 0xF7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf@001ee163569e 0x06 0xF8 0x04 0x08 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf@001edc2327c6 0xF6 0x30 0xF4 0xF7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf@001ee163569e 0x06 0xF8 0x04 0x08 ...

---- EOF - GMER 1.0.15 ----


GMER 1.0.15.15020 - http://www.gmer.net
Autostart scan 2009-08-11 20:03:40
Windows 6.0.6002 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\ >>>
Winlogon@Userinit = C:\Windows\system32\userinit.exe,
Windows@AppInit_DLLs = APSHook.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Apple Mobile Device@ = "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Bonjour Service@ = "C:\Program Files\Bonjour\mDNSResponder.exe"
ccEvtMgr@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
ccSetMgr@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
CLCapSvc@ = "C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe" wC:\Program Files\HP\QuickPlay\Kernel\TV\CapSetup HLP
CLSched@ = "C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe" a y \ K e r n e l \ T V \ C L C a p S v c . e x e
CLTNetCnService@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon
gupdate1ca0b192adaaab0@ = "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
gusvc@ = "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
HP Health Check Service@ = "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe"
hpqwmiex@ = C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
LightScribeService@ = "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
LiveUpdate Notice Ex@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
LiveUpdate Notice Service@ = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"
slsvc@ = %SystemRoot%\system32\SLsvc.exe
SymAppCore@ = "c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"
Viewpoint Manager Service@ = "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@Windows Defender%ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/ = %ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/
@SMSERIALC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe = C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
@SynTPEnhC:\Program Files\Synaptics\SynTP\SynTPEnh.exe = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
@RtHDVCplRtHDVCpl.exe = RtHDVCpl.exe
@ccApp"c:\Program Files\Common Files\Symantec Shared\ccApp.exe" = "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
@QPService"C:\Program Files\HP\QuickPlay\QPService.exe" = "C:\Program Files\HP\QuickPlay\QPService.exe"
@QlbCtrl%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start /*file not found*/
@HP Health Check SchedulerC:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe = C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
@hpWirelessAssistant%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe /*file not found*/
@WAWifiMessage%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe /*file not found*/
@CognizanceTSrundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule = rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
@Symantec PIF AlertEng"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
@ALUAlertC:\Program Files\Symantec\LiveUpdate\ALuNotify.exe = C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
@GrooveMonitor"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
@NvSvcRUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
@NvCplDaemonRUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
@NvMediaCenterRUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
@HP Software UpdateC:\Program Files\Hp\HP Software Update\HPWuSchd2.exe = C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
@ /*file not found*/ = /*file not found*/
@QuickTime Task"C:\Program Files\QuickTime\QTTask.exe" -atboottime = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
@iTunesHelper"C:\Program Files\iTunes\iTunesHelper.exe" = "C:\Program Files\iTunes\iTunesHelper.exe"
@snp2uvcC:\Windows\vsnp2uvc.exe = C:\Windows\vsnp2uvc.exe
@SunJavaUpdateSched"C:\Program Files\Java\jre6\bin\jusched.exe" = "C:\Program Files\Java\jre6\bin\jusched.exe"
@CarboniteSetupLite"C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800 = "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
RunOnce@Launcher = %WINDIR%\SMINST\launcher.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@SidebarC:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/ = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/
@HPAdvisorC:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun /*file not found*/ = C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun /*file not found*/
@Google Update"C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe" /c = "C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe" /c
@swgC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
@Aim6 /*file not found*/ = /*file not found*/
@ehTray.exeC:\Windows\ehome\ehTray.exe = C:\Windows\ehome\ehTray.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} /*Computers and Devices*/%systemroot%\system32\NetworkExplorer.dll = %systemroot%\system32\NetworkExplorer.dll
@{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486} /*IGD Property Sheet Handler*/%SystemRoot%\System32\icsigd.dll = %SystemRoot%\System32\icsigd.dll
@{92dbad9f-5025-49b0-9078-2d78f935e341} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{b9815375-5d7f-4ce2-9245-c9d4da436930} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{f8b8412b-dea3-4130-b36c-5e8be73106ac} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{5FA29220-36A1-40f9-89C6-F4B384B7642E} /*Shell Message Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/(null) =
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{00020d75-0000-0000-c000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL = C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL
@{CC6EEFFB-43F6-46c5-9619-51D571967F7D} /*Web Publishing Wizard*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{add36aa8-751a-4579-a266-d66f5202ccbb} /*Print Ordering via the Web*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{6b33163c-76a5-4b6c-bf21-45de9cd503a1} /*Shell Publishing Wizard Object*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{176d6597-26d3-11d1-b350-080036a75b03} /*ICM Scanner Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{5DB2625A-54DF-11D0-B6C4-0800091AA605} /*ICM Monitor Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{675F097E-4C4D-11D0-B6C1-0800091AA605} /*ICM Printer Management*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{DBCE2480-C732-101B-BE72-BA78E9AD5B27} /*ICC Profile*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{b2c761c6-29bc-4f19-9251-e6195265baf1} /*Color Control Panel Applet*/(null) =
@{74246bfc-4c96-11d0-abef-0020af6b0b7a} /*Device Manager*/%SystemRoot%\System32\devmgr.dll = %SystemRoot%\System32\devmgr.dll
@{7A979262-40CE-46ff-AEEE-7884AC3B6136} /*Add New Hardware*/(null) =
@{3e7efb4c-faf1-453d-89eb-56026875ef90} /*Get Programs Online*/(null) =
@{1b24a030-9b20-49bc-97ac-1be4426f9e59} /*ActiveDirectory Folder*/(null) =
@{34449847-FD14-4fc8-A75A-7432F5181EFB} /*ActiveDirectory Folder*/(null) =
@{C8494E42-ACDD-4739-B0FB-217361E4894F} /*Sam Account Folder*/(null) =
@{E29F9716-5C08-4FCD-955A-119FDB5A522D} /*Sam Account Folder*/(null) =
@{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} /*Control Panel command object for Start menu*/(null) =
@{E44E5D18-0652-4508-A4E2-8A090067BCB0} /*Default Programs command object for Start menu*/(null) =
@{6dfd7c5c-2451-11d3-a299-00c04f8ef6af} /*Folder Options*/(null) =
@{97e467b4-98c6-4f19-9588-161b7773d6f6} /*Office Document Property Handler*/%SystemRoot%\system32\propsys.dll = %SystemRoot%\system32\propsys.dll
@{2C2577C2-63A7-40e3-9B7F-586602617ECB} /*Explorer Query Band*/(null) =
@{DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} /*File Open Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{C0B4E2F3-BA21-4773-8DBA-335EC946EB8B} /*File Save Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{92337A8C-E11D-11D0-BE48-00C04FC30DF6} /*OlePrn.PrinterURL*/%SystemRoot%\system32\oleprn.dll = %SystemRoot%\system32\oleprn.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft XPS Properties*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft XPS Thumbnail*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} /*View Available Networks*/(null) =
@{13D3C4B8-B179-4ebb-BF62-F704173E7448} /*Windows Contact Preview Handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} /*Contacts folder*/(null) =
@{4F58F63F-244B-4c07-B29F-210BE59BE9B4} /*.group shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{8082C5E6-4C27-48ec-A809-B8E1122E8F97} /*.contact shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{16C2C29D-0E5F-45f3-A445-03E03F587B7D} /*group_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{CF67796C-F57F-45F8-92FB-AD698826C602} /*contact_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} /*Compatibility Property Page*/%windir%\system32\acppage.dll = %windir%\system32\acppage.dll
@{4026492f-2f69-46b8-b9bf-5654fc07e423} /*Windows Firewall*/(null) =
@{fcfeecae-ee1b-4849-ae50-685dcf7717ec} /*Problem Reports and Solutions*/(null) =
@{a304259d-52b8-4526-8b1a-a1d6cecc8243} /*iSCSI Initiator*/(null) =
@{11dbb47c-a525-400b-9e80-a54615a090c0} /*Execute Folder*/ExplorerFrame.dll = ExplorerFrame.dll
@{90b9bce2-b6db-4fd3-8451-35917ea1081b} /*Search Execute Command*/ExplorerFrame.dll = ExplorerFrame.dll
@{911051fa-c21c-4246-b470-070cd8df6dc4} /*.cab or .zip files*/(null) =
@{da67b8ad-e81b-4c70-9b91b417b5e33527} /*Windows Search Shell Service*/(null) =
@{a38b883c-1682-497e-97b0-0a3a9e801682} /*IPropertyStore Handler for Images*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{C7657C4A-9F68-40fa-A4DF-96BC08EB3551} /*Photo Thumbnail Provider*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{3F30C968-480A-4C6C-862D-EFC0897BB84B} /*Photo Thumbnail Extractor*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{BC65FB43-1958-4349-971A-210290480130} /*Network Explorer Property Sheet Handler*/%SystemRoot%\System32\NcdProp.dll = %SystemRoot%\System32\NcdProp.dll
@{d3e34b21-9d75-101a-8c3d-00aa001a1652} /*Bitmap Image*/(null) =
@{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} /*Video Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{E598560B-28D5-46aa-A14A-8A3BEA34B576} /*Windows Photo Gallery Viewer Video Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} /*Microsoft.ScannersAndCameras*/(null) =
@{0a4286ea-e355-44fb-8086-af3df7645bd9} /*Windows Media Player*/C:\PROGRA~1\WI4EB4~1\wmpband.dll = C:\PROGRA~1\WI4EB4~1\wmpband.dll
@{BB6B2374-3D79-41DB-87F4-896C91846510} /*EMDFileProperties*/emdmgmt.dll = emdmgmt.dll
@{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} /*Audio Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{89D83576-6BD1-4c86-9454-BEB04E94C819} /*MAPI Search Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{7A0F6AB7-ED84-46B6-B47E-02AA159A152B} /*Sync Center Simple Conflict Presenter*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9D687A4C-1404-41ef-A089-883B6FBECDE6} /*Windows Photo Gallery Viewer Autoplay Handler*/(null) =
@{37efd44d-ef8d-41b1-940d-96973a50e9e0} /*Windows Sidebar Properties*/(null) =
@{00f20eb5-8fd6-4d9d-b75e-36801766c8f1} /*PhotoAcqDropTarget*/%ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/
@{BC48B32F-5910-47F5-8570-5074A8A5636A} /*Sync Results Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{ED228FDF-9EA8-4870-83B1-96B02CFE0D52} /*Games Folder*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{E413D040-6788-4C22-957E-175D1C513A34} /*Sync Center Conflict Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{67718415-c450-4f3c-bf8a-b487642dc39b} /*Windows Features*/(null) =
@{91ADC906-6722-4B05-A12B-471ADDCCE132} /*Touch Band*/%SystemRoot%\System32\TouchX.dll = %SystemRoot%\System32\TouchX.dll
@{2781761E-28E0-4109-99FE-B9D127C57AFE} /*Windows Defender IOfficeAntiVirus implementation*/%ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/ = %ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/
@{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} /*Windows Photo Gallery Viewer Image Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{4B534112-3AF6-4697-A77C-D62CE9B9E7CF} /*Sync Center Event Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C} /*Sync Setup Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A} /*GameUX.RichGameMediaThumbnail*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{d8559eb9-20c0-410e-beda-7ed416aecc2a} /*Windows Defender*/(null) =
@{576C9E85-1300-4EF5-BF6B-D00509F4EDCD} /*Sync Center Handler Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{5ea4f148-308c-46d7-98a9-49041b1dd468} /*Mobility Center Control Panel*/(null) =
@{289978AC-A101-4341-A817-21EBA7FD046D} /*Sync Center Conflict Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{877ca5ac-cb41-4842-9c69-9136e42d47e2} /*File Backup Index*/%systemroot%\system32\sdshext.dll = %systemroot%\system32\sdshext.dll
@{71D99464-3B6B-475C-B241-E15883207529} /*Sync Results Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{B32D3949-ED98-4DBB-B347-17A144969BBA} /*Sync Center Item Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{2E9E59C0-B437-4981-A647-9C34B9B90891} /*Sync Setup Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF} /*Sync Center Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1} /*Welcome Center*/oobefldr.dll = oobefldr.dll
@{15D633E2-AD00-465b-9EC7-F56B7CDF8E27} /*Tablet PC Input Panel*/%CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/ = %CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/
@{F04CC277-03A2-4277-96A9-77967471BDFF} /*Sync Center Conflict Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{53BEDF0B-4E5B-4183-8DC9-B844344FA104} /*Microsoft Windows MAPI Preview Handler*/%SystemRoot%\system32\mssvp.dll = %SystemRoot%\system32\mssvp.dll
@{6b9228da-9c15-419e-856c-19e768a13bdc} /*Windows gadget DropTarget*/%ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/ = %ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/
@{8E25992B-373E-486E-80E5-BD23AE417E66} /*Sync Center Device Notification Sink*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{031EE060-67BC-460d-8847-E4A7C5E45A27} /*Windows Media Player Rich Preview Handler*/(null) =
@{1FA9085F-25A2-489B-85D4-86326EEDCD87} /*Manage Wireless Networks*/%SystemRoot%\system32\wlanpref.dll = %SystemRoot%\system32\wlanpref.dll
@{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60} /*RichGameMediaPropertyStore Class*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{BD7A2E7B-21CB-41b2-A086-B309680C6B7E} /*Client Side Cache Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{c5a40261-cd64-4ccf-84cb-c394da41d590} /*Video Thumbnail Extractor*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\Windows\system32\nvcpl.dll = C:\Windows\system32\nvcpl.dll
@{2F603045-309F-11CF-9774-0020AFD0CFF6} /*Synaptics Control Panel*/C:\Program Files\Synaptics\SynTP\SynTPCpl.dll = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
@{7F67036B-66F1-411A-AD85-759FB9C5B0DB} /*ShellViewRTF*/C:\Windows\System32\ShellvRTF.dll = C:\Windows\System32\ShellvRTF.dll
@{7842554E-6BED-11D2-8CDB-B05550C10000} /*Monitor*/C:\Windows\system32\btncopy.dll = C:\Windows\system32\btncopy.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E} /*Groove GFS Browser Helper*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} /*Groove GFS Explorer Bar*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{A449600E-1DC6-4232-B948-9BD794D62056} /*Groove GFS Stub Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} /*Groove GFS Stub Execution Hook*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{6C467336-8281-4E60-8204-430CED96822D} /*Groove GFS Context Menu Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{387E725D-DC16-4D76-B310-2C93ED4752A0} /*Groove XML Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{16F3DD56-1AF5-4347-846D-7C10C4192619} /*Groove Explorer Icon Overlay 3 (GFS Folder)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} /*Groove Explorer Icon Overlay 2 (GFS Stub)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} /*Groove Explorer Icon Overlay 4 (GFS Unread Mark)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{99FD978C-D287-4F50-827F-B2C658EDA8E7} /*Groove Explorer Icon Overlay 1 (GFS Unread Stub)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{920E6DB1-9907-4370-B3A0-BAFC03D81399} /*Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL
@{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} /*Microsoft Office OneNote Namespace Extension for Windows Desktop Search*/C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL = C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office12\msohevi.dll = C:\Program Files\Microsoft Office\Office12\msohevi.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\Windows\System32\ieframe.dll = C:\Windows\System32\ieframe.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\Windows\system32\nvcpl.dll = C:\Windows\system32\nvcpl.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{28803F59-3A75-4058-995F-4EE5503B023C} /*Wireless Devices*/%systemroot%\system32\FunctionDiscoveryFolder.dll = %systemroot%\system32\FunctionDiscoveryFolder.dll
@{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} /*Enhanced Storage Data Source*/%SystemRoot%\system32\EhStorShell.dll = %SystemRoot%\system32\EhStorShell.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
@{1E8A6170-7264-4D0F-BEAE-D42A53123C75}c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll = c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E}C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll = C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
@{b0cda128-b425-4eef-a174-61a11ac5dbf8}C:\Program Files\AIM Toolbar\aimtb.dll = C:\Program Files\AIM Toolbar\aimtb.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll
@{DF21F1DB-80C6-11D3-9483-B03D0EC10000}c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll = c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
@{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll = C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Start Pagehttp://ie.redirect.hp.com/svs/rdr?T ... &pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Start Pagehttp://ie.redirect.hp.com/svs/rdr?T ... &pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\Windows\System32\msvidctl.dll
grooveLocalGWS@CLSID = C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
its@CLSID = %SystemRoot%\System32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = %SystemRoot%\System32\itss.dll
tv@CLSID = C:\Windows\System32\msvidctl.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll
000000000002@LibraryPath = %SystemRoot%\system32\napinsp.dll
000000000003@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000004@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000005@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup >>>
Adobe Reader Speed Launch.lnk = Adobe Reader Speed Launch.lnk
Adobe Reader Synchronizer.lnk = Adobe Reader Synchronizer.lnk
Bluetooth.lnk = Bluetooth.lnk
NETGEAR WG111v3 Smart Wizard.lnk = NETGEAR WG111v3 Smart Wizard.lnk

---- EOF - GMER 1.0.15 ----
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby Cypher » August 12th, 2009, 2:51 pm

Hi LOL =)


Download and Run Blacklight

  • Please download F-Secure Blacklight (fsbl.exe) from here
  • Save into C:\ with a name of fsbl.exe
  • Go to Start > all programs > accessories > Run
  • Copy and paste the contents of the below codebox into the run box
    Code: Select all
    C:\fsbl.exe /expert
  • Click OK
  • This will launch BlackLight
  • Select I accept the agreement
  • Click Next
  • Click Scan
  • Wait for the scan to finish
  • Click on Next>
  • Click Exit
  • It will be named fsbl-xxxxxxxxxxxxxx.log where xxxxxxxxxxxxxx is the date and time of the scan
  • Use notepad to open that log
  • Post the contents of that log as a reply to this topic

In your next reply.

1.Blacklight log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Having trouble using my laptop!

Unread postby LOL =) » August 13th, 2009, 9:53 pm

GMER 1.0.15.15020 [gmer.exe] - http://www.gmer.net
Rootkit scan 2009-08-11 20:00:45
Windows 6.0.6002 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT 872A3728 ZwAlertResumeThread
SSDT 872A3A68 ZwAlertThread
SSDT 872A1EA8 ZwAllocateVirtualMemory
SSDT 86301A30 ZwConnectPort
SSDT 872A3478 ZwCreateMutant
SSDT 86739958 ZwCreateThread
SSDT 872A1D08 ZwFreeVirtualMemory
SSDT 872A3568 ZwImpersonateAnonymousToken
SSDT 872A3648 ZwImpersonateThread
SSDT 872A1C28 ZwMapViewOfSection
SSDT 872A3398 ZwOpenEvent
SSDT 86739898 ZwOpenProcessToken
SSDT 872A18F0 ZwOpenThreadToken
SSDT 87184A80 ZwResumeThread
SSDT 872A1810 ZwSetContextThread
SSDT 872A1A58 ZwSetInformationProcess
SSDT 872A1720 ZwSetInformationThread
SSDT 872A32B8 ZwSuspendProcess
SSDT 872A11C0 ZwSuspendThread
SSDT 86739A38 ZwTerminateProcess
SSDT 872A1440 ZwTerminateThread
SSDT 872A1B48 ZwUnmapViewOfSection
SSDT 872A1DD8 ZwWriteVirtualMemory

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 11D 81EFB860 8 Bytes [28, 37, 2A, 87, 68, 3A, 2A, ...] {SUB [EDI], DH; SUB AL, [EDI-0x78d5c598]}
.text ntkrnlpa.exe!KeSetEvent + 131 81EFB874 4 Bytes [A8, 1E, 2A, 87]
.text ntkrnlpa.exe!KeSetEvent + 1C1 81EFB904 4 Bytes [30, 1A, 30, 86]
.text ntkrnlpa.exe!KeSetEvent + 1F5 81EFB938 4 Bytes [78, 34, 2A, 87]
.text ntkrnlpa.exe!KeSetEvent + 221 81EFB964 4 Bytes [58, 99, 73, 86] {POP EAX; CDQ ; JAE 0xffffffffffffff8a}
.text ...

---- User code sections - GMER 1.0.15 ----

.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtCreateFile + 6 778443DA 4 Bytes [28, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtCreateFile + B 778443DF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + 6 77844B2A 1 Byte [28]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + 6 77844B2A 4 Bytes [28, 03, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtMapViewOfSection + B 77844B2F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenFile + 6 77844BBA 4 Bytes [68, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenFile + B 77844BBF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcess + 6 77844C3A 4 Bytes [A8, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcess + B 77844C3F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessToken + B 77844C4F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessTokenEx + 6 77844C5A 4 Bytes [A8, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenProcessTokenEx + B 77844C5F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThread + 6 77844CAA 4 Bytes [68, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThread + B 77844CAF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadToken + 6 77844CBA 4 Bytes [68, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadToken + B 77844CBF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtOpenThreadTokenEx + B 77844CCF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryAttributesFile + 6 77844D5A 4 Bytes [A8, 00, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryAttributesFile + B 77844D5F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtQueryFullAttributesFile + B 77844E0F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationFile + 6 778452EA 4 Bytes [28, 01, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationFile + B 778452EF 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationThread + 6 7784533A 4 Bytes [28, 02, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtSetInformationThread + B 7784533F 1 Byte [E2]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + 6 778455DA 1 Byte [68]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + 6 778455DA 4 Bytes [68, 03, 06, 00]
.text C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe[812] ntdll.dll!NtUnmapViewOfSection + B 778455DF 1 Byte [E2]

---- Registry - GMER 1.0.15 ----

Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf@001edc2327c6 0xF6 0x30 0xF4 0xF7 ...
Reg HKLM\SYSTEM\CurrentControlSet\Services\BTHPORT\Parameters\Keys\001e377a89bf@001ee163569e 0x06 0xF8 0x04 0x08 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf@001edc2327c6 0xF6 0x30 0xF4 0xF7 ...
Reg HKLM\SYSTEM\ControlSet003\Services\BTHPORT\Parameters\Keys\001e377a89bf@001ee163569e 0x06 0xF8 0x04 0x08 ...

---- EOF - GMER 1.0.15 ----


GMER 1.0.15.15020 - http://www.gmer.net
Autostart scan 2009-08-11 20:03:40
Windows 6.0.6002 Service Pack 2


HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems@Windows = %SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,12288,512 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16

HKLM\Software\Microsoft\Windows NT\CurrentVersion\ >>>
Winlogon@Userinit = C:\Windows\system32\userinit.exe,
Windows@AppInit_DLLs = APSHook.dll

HKLM\SYSTEM\CurrentControlSet\Services\ >>>
Apple Mobile Device@ = "C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe"
Bonjour Service@ = "C:\Program Files\Bonjour\mDNSResponder.exe"
ccEvtMgr@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
ccSetMgr@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
CLCapSvc@ = "C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe" wC:\Program Files\HP\QuickPlay\Kernel\TV\CapSetup HLP
CLSched@ = "C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe" a y \ K e r n e l \ T V \ C L C a p S v c . e x e
CLTNetCnService@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h cltCommon
gupdate1ca0b192adaaab0@ = "C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
gusvc@ = "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe"
HP Health Check Service@ = "C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe"
hpqwmiex@ = C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
LightScribeService@ = "C:\Program Files\Common Files\LightScribe\LSSrvc.exe"
LiveUpdate Notice Ex@ = "c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon
LiveUpdate Notice Service@ = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PifEng.dll"
slsvc@ = %SystemRoot%\system32\SLsvc.exe
SymAppCore@ = "c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe"
Viewpoint Manager Service@ = "C:\Program Files\Viewpoint\Common\ViewpointService.exe"
WSearch@ = %systemroot%\system32\SearchIndexer.exe /Embedding

HKLM\Software\Microsoft\Windows\CurrentVersion\Run >>>
@Windows Defender%ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/ = %ProgramFiles%\Windows Defender\MSASCui.exe -hide /*file not found*/
@SMSERIALC:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe = C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
@SynTPEnhC:\Program Files\Synaptics\SynTP\SynTPEnh.exe = C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
@RtHDVCplRtHDVCpl.exe = RtHDVCpl.exe
@ccApp"c:\Program Files\Common Files\Symantec Shared\ccApp.exe" = "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
@QPService"C:\Program Files\HP\QuickPlay\QPService.exe" = "C:\Program Files\HP\QuickPlay\QPService.exe"
@QlbCtrl%ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start /*file not found*/
@HP Health Check SchedulerC:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe = C:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
@hpWirelessAssistant%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe /*file not found*/
@WAWifiMessage%ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe /*file not found*/ = %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe /*file not found*/
@CognizanceTSrundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule = rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
@Symantec PIF AlertEng"C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll" = "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
@ALUAlertC:\Program Files\Symantec\LiveUpdate\ALuNotify.exe = C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
@GrooveMonitor"C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" = "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
@NvSvcRUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart = RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
@NvCplDaemonRUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup = RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
@NvMediaCenterRUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit = RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
@HP Software UpdateC:\Program Files\Hp\HP Software Update\HPWuSchd2.exe = C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
@ /*file not found*/ = /*file not found*/
@QuickTime Task"C:\Program Files\QuickTime\QTTask.exe" -atboottime = "C:\Program Files\QuickTime\QTTask.exe" -atboottime
@iTunesHelper"C:\Program Files\iTunes\iTunesHelper.exe" = "C:\Program Files\iTunes\iTunesHelper.exe"
@snp2uvcC:\Windows\vsnp2uvc.exe = C:\Windows\vsnp2uvc.exe
@SunJavaUpdateSched"C:\Program Files\Java\jre6\bin\jusched.exe" = "C:\Program Files\Java\jre6\bin\jusched.exe"
@CarboniteSetupLite"C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800 = "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
RunOnce@Launcher = %WINDIR%\SMINST\launcher.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run >>>
@SidebarC:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/ = C:\Program Files\Windows Sidebar\sidebar.exe /autoRun /*file not found*/
@HPAdvisorC:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun /*file not found*/ = C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun /*file not found*/
@Google Update"C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe" /c = "C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe" /c
@swgC:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe = C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
@Aim6 /*file not found*/ = /*file not found*/
@ehTray.exeC:\Windows\ehome\ehTray.exe = C:\Windows\ehome\ehTray.exe

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved >>>
@{F02C1A0D-BE21-4350-88B0-7367FC96EF3C} /*Computers and Devices*/%systemroot%\system32\NetworkExplorer.dll = %systemroot%\system32\NetworkExplorer.dll
@{4A1E5ACD-A108-4100-9E26-D2FAFA1BA486} /*IGD Property Sheet Handler*/%SystemRoot%\System32\icsigd.dll = %SystemRoot%\System32\icsigd.dll
@{92dbad9f-5025-49b0-9078-2d78f935e341} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{b9815375-5d7f-4ce2-9245-c9d4da436930} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{f8b8412b-dea3-4130-b36c-5e8be73106ac} /*Microsoft Windows Mail Html Preview Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{5FA29220-36A1-40f9-89C6-F4B384B7642E} /*Shell Message Handler*/%SystemRoot%\system32\inetcomm.dll = %SystemRoot%\system32\inetcomm.dll
@{E7E4BC40-E76A-11CE-A9BB-00AA004AE837} /*Shell DocObject Viewer*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FBF23B40-E3F0-101B-8488-00AA003E56F8} /*InternetShortcut*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3C374A40-BAE4-11CF-BF7D-00AA006946EE} /*Microsoft Url History Service*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FF393560-C2A7-11CF-BFF4-444553540000} /*History*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E00-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{7BD29E01-76C1-11CF-9DD0-00A0C9034933} /*Temporary Internet Files*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{CFBFAE00-17A6-11D0-99CB-00C04FD64497} /*Microsoft Url Search Hook*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3DC7A020-0ACD-11CF-A9BB-00AA004AE837} /*The Internet*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{73CFD649-CD48-4fd8-A272-2070EA56526B} /*IE BandProxy*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{07C45BB1-4A8C-4642-A1F5-237E7215FF66} /*IE Microsoft BrowserBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{43886CD5-6529-41c4-A707-7B3C92C05E68} /*IE Navigation Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{30D02401-6A81-11d0-8274-00C04FD5AE38} /*IE Search Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F83DAC1C-9BB9-4f2b-B619-09819DA81B0E} /*IE Registry Tree Options Utility*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{3028902F-6374-48b2-8DC6-9725E775B926} /*IE AutoComplete*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{98FF6D4B-6387-4b0a-8FBD-C5C4BB17B4F8} /*IE MRU AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FDE7673D-2E19-4145-8376-BBD58C4BC7BA} /*IE Custom MRU AutoCompleted List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6038EF75-ABFC-4e59-AB6F-12D397F6568D} /*IE Microsoft History AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9D958C62-3954-4b44-8FAB-C4670C1DB4C2} /*IE Microsoft Shell Folder AutoComplete List*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{B31C5FAE-961F-415b-BAF0-E697A5178B94} /*IE Microsoft Multiple AutoComplete List Container*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{E6EE9AAC-F76B-4947-8260-A9F136138E11} /*IE Shell Band Site Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{BFAD62EE-9D54-4b2a-BF3B-76F90697BD2A} /*IE Shell Rebar BandSite*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{FAC3CBF6-8697-43d0-BAB9-DCD1FCE19D75} /*IE User Assist*/(null) =
@{4B78D326-D922-44f9-AF2A-07805C2A3560} /*IE Menu Band*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6CF48EF8-44CD-45d2-8832-A16EA016311B} /*IE IShellFolderBand*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{F2CF5485-4E02-4f68-819C-B92DE9277049} /*&Links*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{1C1EDB47-CE22-4bbb-B608-77B48F83C823} /*IE Fade Task*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{6B4ECC4F-16D1-4474-94AB-5A763F2A54AE} /*IE Tracking Shell Menu*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{44C76ECD-F7FA-411c-9929-1B77BA77F524} /*IE Menu Site*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{205D7A97-F16D-4691-86EF-F3075DCCA57D} /*IE Menu Desk Bar*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{871C5380-42A0-1069-A2EA-08002B30309D} /*Internet Name Space*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{9A096BB5-9DC3-4D1C-8526-C3CBF991EA4E} /*IE RSS Feeder Folder*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{8856f961-340a-11d0-a96b-00c04fd705a2} /*Microsoft Web Browser*/C:\Windows\system32\ieframe.dll = C:\Windows\system32\ieframe.dll
@{00020d75-0000-0000-c000-000000000046} /*Microsoft Office Outlook Desktop Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL = C:\PROGRA~1\MICROS~3\Office12\MLSHEXT.DLL
@{CC6EEFFB-43F6-46c5-9619-51D571967F7D} /*Web Publishing Wizard*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{add36aa8-751a-4579-a266-d66f5202ccbb} /*Print Ordering via the Web*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{6b33163c-76a5-4b6c-bf21-45de9cd503a1} /*Shell Publishing Wizard Object*/%SystemRoot%\System32\shwebsvc.dll = %SystemRoot%\System32\shwebsvc.dll
@{176d6597-26d3-11d1-b350-080036a75b03} /*ICM Scanner Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{5DB2625A-54DF-11D0-B6C4-0800091AA605} /*ICM Monitor Management*/%SystemRoot%\System32\colorui.dll = %SystemRoot%\System32\colorui.dll
@{675F097E-4C4D-11D0-B6C1-0800091AA605} /*ICM Printer Management*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{DBCE2480-C732-101B-BE72-BA78E9AD5B27} /*ICC Profile*/%SystemRoot%\system32\colorui.dll = %SystemRoot%\system32\colorui.dll
@{b2c761c6-29bc-4f19-9251-e6195265baf1} /*Color Control Panel Applet*/(null) =
@{74246bfc-4c96-11d0-abef-0020af6b0b7a} /*Device Manager*/%SystemRoot%\System32\devmgr.dll = %SystemRoot%\System32\devmgr.dll
@{7A979262-40CE-46ff-AEEE-7884AC3B6136} /*Add New Hardware*/(null) =
@{3e7efb4c-faf1-453d-89eb-56026875ef90} /*Get Programs Online*/(null) =
@{1b24a030-9b20-49bc-97ac-1be4426f9e59} /*ActiveDirectory Folder*/(null) =
@{34449847-FD14-4fc8-A75A-7432F5181EFB} /*ActiveDirectory Folder*/(null) =
@{C8494E42-ACDD-4739-B0FB-217361E4894F} /*Sam Account Folder*/(null) =
@{E29F9716-5C08-4FCD-955A-119FDB5A522D} /*Sam Account Folder*/(null) =
@{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0} /*Control Panel command object for Start menu*/(null) =
@{E44E5D18-0652-4508-A4E2-8A090067BCB0} /*Default Programs command object for Start menu*/(null) =
@{6dfd7c5c-2451-11d3-a299-00c04f8ef6af} /*Folder Options*/(null) =
@{97e467b4-98c6-4f19-9588-161b7773d6f6} /*Office Document Property Handler*/%SystemRoot%\system32\propsys.dll = %SystemRoot%\system32\propsys.dll
@{2C2577C2-63A7-40e3-9B7F-586602617ECB} /*Explorer Query Band*/(null) =
@{DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7} /*File Open Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{C0B4E2F3-BA21-4773-8DBA-335EC946EB8B} /*File Save Dialog*/%SystemRoot%\System32\comdlg32.dll = %SystemRoot%\System32\comdlg32.dll
@{E37E2028-CE1A-4f42-AF05-6CEABC4E5D75} /*Shell Icon Handler for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{e82a2d71-5b2f-43a0-97b8-81be15854de8} /*ShellLink for Application References*/C:\Windows\system32\dfshim.dll = C:\Windows\system32\dfshim.dll
@{92337A8C-E11D-11D0-BE48-00C04FC30DF6} /*OlePrn.PrinterURL*/%SystemRoot%\system32\oleprn.dll = %SystemRoot%\system32\oleprn.dll
@{45670FA8-ED97-4F44-BC93-305082590BFB} /*Microsoft XPS Properties*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{44121072-A222-48f2-A58A-6D9AD51EBBE9} /*Microsoft XPS Thumbnail*/%SystemRoot%\system32\XPSSHHDR.DLL = %SystemRoot%\system32\XPSSHHDR.DLL
@{38a98528-6cbf-4ca9-8dc0-b1e1d10f7b1b} /*View Available Networks*/(null) =
@{13D3C4B8-B179-4ebb-BF62-F704173E7448} /*Windows Contact Preview Handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{0F8604A5-4ECE-4DE1-BA7D-CF10F8AA4F48} /*Contacts folder*/(null) =
@{4F58F63F-244B-4c07-B29F-210BE59BE9B4} /*.group shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{8082C5E6-4C27-48ec-A809-B8E1122E8F97} /*.contact shell extension handler*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{16C2C29D-0E5F-45f3-A445-03E03F587B7D} /*group_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{CF67796C-F57F-45F8-92FB-AD698826C602} /*contact_wab_auto_file*/%CommonProgramFiles%\System\wab32.dll = %CommonProgramFiles%\System\wab32.dll
@{513D916F-2A8E-4F51-AEAB-0CBC76FB1AF8} /*Compatibility Property Page*/%windir%\system32\acppage.dll = %windir%\system32\acppage.dll
@{4026492f-2f69-46b8-b9bf-5654fc07e423} /*Windows Firewall*/(null) =
@{fcfeecae-ee1b-4849-ae50-685dcf7717ec} /*Problem Reports and Solutions*/(null) =
@{a304259d-52b8-4526-8b1a-a1d6cecc8243} /*iSCSI Initiator*/(null) =
@{11dbb47c-a525-400b-9e80-a54615a090c0} /*Execute Folder*/ExplorerFrame.dll = ExplorerFrame.dll
@{90b9bce2-b6db-4fd3-8451-35917ea1081b} /*Search Execute Command*/ExplorerFrame.dll = ExplorerFrame.dll
@{911051fa-c21c-4246-b470-070cd8df6dc4} /*.cab or .zip files*/(null) =
@{da67b8ad-e81b-4c70-9b91b417b5e33527} /*Windows Search Shell Service*/(null) =
@{a38b883c-1682-497e-97b0-0a3a9e801682} /*IPropertyStore Handler for Images*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{C7657C4A-9F68-40fa-A4DF-96BC08EB3551} /*Photo Thumbnail Provider*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{3F30C968-480A-4C6C-862D-EFC0897BB84B} /*Photo Thumbnail Extractor*/C:\Windows\system32\PhotoMetadataHandler.dll = C:\Windows\system32\PhotoMetadataHandler.dll
@{BC65FB43-1958-4349-971A-210290480130} /*Network Explorer Property Sheet Handler*/%SystemRoot%\System32\NcdProp.dll = %SystemRoot%\System32\NcdProp.dll
@{d3e34b21-9d75-101a-8c3d-00aa001a1652} /*Bitmap Image*/(null) =
@{40C3D757-D6E4-4b49-BB41-0E5BBEA28817} /*Video Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{E598560B-28D5-46aa-A14A-8A3BEA34B576} /*Windows Photo Gallery Viewer Video Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{00f2886f-cd64-4fc9-8ec5-30ef6cdbe8c3} /*Microsoft.ScannersAndCameras*/(null) =
@{0a4286ea-e355-44fb-8086-af3df7645bd9} /*Windows Media Player*/C:\PROGRA~1\WI4EB4~1\wmpband.dll = C:\PROGRA~1\WI4EB4~1\wmpband.dll
@{BB6B2374-3D79-41DB-87F4-896C91846510} /*EMDFileProperties*/emdmgmt.dll = emdmgmt.dll
@{875CB1A1-0F29-45de-A1AE-CFB4950D0B78} /*Audio Media Properties Handler*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{89D83576-6BD1-4c86-9454-BEB04E94C819} /*MAPI Search Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{7A0F6AB7-ED84-46B6-B47E-02AA159A152B} /*Sync Center Simple Conflict Presenter*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9D687A4C-1404-41ef-A089-883B6FBECDE6} /*Windows Photo Gallery Viewer Autoplay Handler*/(null) =
@{37efd44d-ef8d-41b1-940d-96973a50e9e0} /*Windows Sidebar Properties*/(null) =
@{00f20eb5-8fd6-4d9d-b75e-36801766c8f1} /*PhotoAcqDropTarget*/%ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoAcq.dll /*file not found*/
@{BC48B32F-5910-47F5-8570-5074A8A5636A} /*Sync Results Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{ED228FDF-9EA8-4870-83B1-96B02CFE0D52} /*Games Folder*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{E413D040-6788-4C22-957E-175D1C513A34} /*Sync Center Conflict Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{67718415-c450-4f3c-bf8a-b487642dc39b} /*Windows Features*/(null) =
@{91ADC906-6722-4B05-A12B-471ADDCCE132} /*Touch Band*/%SystemRoot%\System32\TouchX.dll = %SystemRoot%\System32\TouchX.dll
@{2781761E-28E0-4109-99FE-B9D127C57AFE} /*Windows Defender IOfficeAntiVirus implementation*/%ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/ = %ProgramFiles%\Windows Defender\MpOav.dll /*file not found*/
@{FFE2A43C-56B9-4bf5-9A79-CC6D4285608A} /*Windows Photo Gallery Viewer Image Verbs*/%ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/ = %ProgramFiles%\Windows Photo Gallery\PhotoViewer.dll /*file not found*/
@{4B534112-3AF6-4697-A77C-D62CE9B9E7CF} /*Sync Center Event Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{F1390A9A-A3F4-4E5D-9C5F-98F3BD8D935C} /*Sync Setup Delegate Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{4E5BFBF8-F59A-4e87-9805-1F9B42CC254A} /*GameUX.RichGameMediaThumbnail*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{d8559eb9-20c0-410e-beda-7ed416aecc2a} /*Windows Defender*/(null) =
@{576C9E85-1300-4EF5-BF6B-D00509F4EDCD} /*Sync Center Handler Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{5ea4f148-308c-46d7-98a9-49041b1dd468} /*Mobility Center Control Panel*/(null) =
@{289978AC-A101-4341-A817-21EBA7FD046D} /*Sync Center Conflict Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{877ca5ac-cb41-4842-9c69-9136e42d47e2} /*File Backup Index*/%systemroot%\system32\sdshext.dll = %systemroot%\system32\sdshext.dll
@{71D99464-3B6B-475C-B241-E15883207529} /*Sync Results Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{B32D3949-ED98-4DBB-B347-17A144969BBA} /*Sync Center Item Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{D6791A63-E7E2-4fee-BF52-5DED8E86E9B8} /*Portable Devices Menu*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{2E9E59C0-B437-4981-A647-9C34B9B90891} /*Sync Setup Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{9C73F5E5-7AE7-4E32-A8E8-8D23B85255BF} /*Sync Center Folder*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{CB1B7F8C-C50A-4176-B604-9E24DEE8D4D1} /*Welcome Center*/oobefldr.dll = oobefldr.dll
@{15D633E2-AD00-465b-9EC7-F56B7CDF8E27} /*Tablet PC Input Panel*/%CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/ = %CommonProgramFiles%\microsoft shared\ink\TipBand.dll /*file not found*/
@{F04CC277-03A2-4277-96A9-77967471BDFF} /*Sync Center Conflict Properties Extension*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{53BEDF0B-4E5B-4183-8DC9-B844344FA104} /*Microsoft Windows MAPI Preview Handler*/%SystemRoot%\system32\mssvp.dll = %SystemRoot%\system32\mssvp.dll
@{6b9228da-9c15-419e-856c-19e768a13bdc} /*Windows gadget DropTarget*/%ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/ = %ProgramFiles%\Windows Sidebar\sbdrop.dll /*file not found*/
@{8E25992B-373E-486E-80E5-BD23AE417E66} /*Sync Center Device Notification Sink*/%SystemRoot%\System32\SyncCenter.dll = %SystemRoot%\System32\SyncCenter.dll
@{35786D3C-B075-49b9-88DD-029876E11C01} /*Portable Devices*/%SystemRoot%\system32\wpdshext.dll = %SystemRoot%\system32\wpdshext.dll
@{031EE060-67BC-460d-8847-E4A7C5E45A27} /*Windows Media Player Rich Preview Handler*/(null) =
@{1FA9085F-25A2-489B-85D4-86326EEDCD87} /*Manage Wireless Networks*/%SystemRoot%\system32\wlanpref.dll = %SystemRoot%\system32\wlanpref.dll
@{ECDD6472-2B9B-4b4b-AE36-F316DF3C8D60} /*RichGameMediaPropertyStore Class*/C:\Windows\System32\gameux.dll = C:\Windows\System32\gameux.dll
@{BD7A2E7B-21CB-41b2-A086-B309680C6B7E} /*Client Side Cache Namespace Extension*/%systemroot%\system32\mssvp.dll = %systemroot%\system32\mssvp.dll
@{c5a40261-cd64-4ccf-84cb-c394da41d590} /*Video Thumbnail Extractor*/%SystemRoot%\System32\mediametadatahandler.dll = %SystemRoot%\System32\mediametadatahandler.dll
@{A70C977A-BF00-412C-90B7-034C51DA2439} /*NvCpl DesktopContext Class*/C:\Windows\system32\nvcpl.dll = C:\Windows\system32\nvcpl.dll
@{2F603045-309F-11CF-9774-0020AFD0CFF6} /*Synaptics Control Panel*/C:\Program Files\Synaptics\SynTP\SynTPCpl.dll = C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
@{7F67036B-66F1-411A-AD85-759FB9C5B0DB} /*ShellViewRTF*/C:\Windows\System32\ShellvRTF.dll = C:\Windows\System32\ShellvRTF.dll
@{7842554E-6BED-11D2-8CDB-B05550C10000} /*Monitor*/C:\Windows\system32\btncopy.dll = C:\Windows\system32\btncopy.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E} /*Groove GFS Browser Helper*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{2A541AE1-5BF6-4665-A8A3-CFA9672E4291} /*Groove GFS Explorer Bar*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{A449600E-1DC6-4232-B948-9BD794D62056} /*Groove GFS Stub Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{B5A7F190-DDA6-4420-B3BA-52453494E6CD} /*Groove GFS Stub Execution Hook*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{6C467336-8281-4E60-8204-430CED96822D} /*Groove GFS Context Menu Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{387E725D-DC16-4D76-B310-2C93ED4752A0} /*Groove XML Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{16F3DD56-1AF5-4347-846D-7C10C4192619} /*Groove Explorer Icon Overlay 3 (GFS Folder)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} /*Groove Explorer Icon Overlay 2 (GFS Stub)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{2916C86E-86A6-43FE-8112-43ABE6BF8DCC} /*Groove Explorer Icon Overlay 4 (GFS Unread Mark)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{99FD978C-D287-4F50-827F-B2C658EDA8E7} /*Groove Explorer Icon Overlay 1 (GFS Unread Stub)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{920E6DB1-9907-4370-B3A0-BAFC03D81399} /*Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)*/C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{0006F045-0000-0000-C000-000000000046} /*Microsoft Office Outlook Custom Icon Handler*/C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL = C:\PROGRA~1\MICROS~3\Office12\OLKFSTUB.DLL
@{5858A72C-C2B4-4dd7-B2BF-B76DB1BD9F6C} /*Microsoft Office OneNote Namespace Extension for Windows Desktop Search*/C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL = C:\PROGRA~1\MICROS~3\Office12\ONFILTER.DLL
@{42042206-2D85-11D3-8CFF-005004838597} /*Microsoft Office HTML Icon Handler*/C:\Program Files\Microsoft Office\Office12\msohevi.dll = C:\Program Files\Microsoft Office\Office12\msohevi.dll
@{993BE281-6695-4BA5-8A2A-7AACBFAAB69E} /*Microsoft Office Metadata Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{C41662BB-1FA0-4CE0-8DC5-9B7F8279FF97} /*Microsoft Office Thumbnail Handler*/C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\msoshext.dll
@{11016101-E366-4D22-BC06-4ADA335C892B} /*IE History and Feeds Shell Data Source for Windows Search*/C:\Windows\System32\ieframe.dll = C:\Windows\System32\ieframe.dll
@{FFB699E0-306A-11d3-8BD1-00104B6F7516} /*Play on my TV helper*/C:\Windows\system32\nvcpl.dll = C:\Windows\system32\nvcpl.dll
@{B9E1D2CB-CCFF-4AA6-9579-D7A4754030EF} /*iTunes*/C:\Program Files\iTunes\iTunesMiniPlayer.dll = C:\Program Files\iTunes\iTunesMiniPlayer.dll
@{28803F59-3A75-4058-995F-4EE5503B023C} /*Wireless Devices*/%systemroot%\system32\FunctionDiscoveryFolder.dll = %systemroot%\system32\FunctionDiscoveryFolder.dll
@{9113A02D-00A3-46B9-BC5F-9C04DADDD5D7} /*Enhanced Storage Data Source*/%SystemRoot%\system32\EhStorShell.dll = %SystemRoot%\system32\EhStorShell.dll

HKLM\Software\Classes\*\shellex\ContextMenuHandlers\ >>>
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ >>>
MBAMShlExt@{57CE581A-0CB6-4266-9CA0-19364C90A0B3} = C:\Program Files\Malwarebytes' Anti-Malware\mbamext.dll
Symantec.Norton.Antivirus.IEContextMenu@{FAD61B3D-699D-49B2-BE16-7F82CB4C59CA} = c:\PROGRA~1\NORTON~1\NORTON~1\NavShExt.dll
XXX Groove GFS Context Menu Handler XXX@{6C467336-8281-4E60-8204-430CED96822D} = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects >>>
@{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll = C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
@{1E8A6170-7264-4D0F-BEAE-D42A53123C75}c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll = c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
@{72853161-30C5-4D22-B7F9-0BBC1D38A37E}C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL = C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
@{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll = C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
@{b0cda128-b425-4eef-a174-61a11ac5dbf8}C:\Program Files\AIM Toolbar\aimtb.dll = C:\Program Files\AIM Toolbar\aimtb.dll
@{DBC80044-A445-435b-BC74-9C25C1C588A9}C:\Program Files\Java\jre6\bin\jp2ssv.dll = C:\Program Files\Java\jre6\bin\jp2ssv.dll
@{DF21F1DB-80C6-11D3-9483-B03D0EC10000}c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll = c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
@{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll = C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll

HKLM\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Start Pagehttp://ie.redirect.hp.com/svs/rdr?T ... &pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Local PageC:\Windows\System32\blank.htm = C:\Windows\System32\blank.htm

HKCU\Software\Microsoft\Internet Explorer\Main >>>
@Default_Page_URLhttp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=73&bd=Pavilion&pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Start Pagehttp://ie.redirect.hp.com/svs/rdr?T ... &pf=laptop = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
@Local PageC:\Windows\system32\blank.htm = C:\Windows\system32\blank.htm

HKLM\Software\Classes\PROTOCOLS\Filter\text/xml@CLSID = C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL

HKLM\Software\Classes\PROTOCOLS\Handler\ >>>
dvd@CLSID = C:\Windows\System32\msvidctl.dll
grooveLocalGWS@CLSID = C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
its@CLSID = %SystemRoot%\System32\itss.dll
mhtml@CLSID = %SystemRoot%\system32\inetcomm.dll
ms-help@CLSID = C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
ms-its@CLSID = %SystemRoot%\System32\itss.dll
tv@CLSID = C:\Windows\System32\msvidctl.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ >>>
000000000001@LibraryPath = %SystemRoot%\system32\NLAapi.dll
000000000002@LibraryPath = %SystemRoot%\system32\napinsp.dll
000000000003@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000004@LibraryPath = %SystemRoot%\system32\pnrpnsp.dll
000000000005@LibraryPath = C:\Program Files\Bonjour\mdnsNSP.dll

HKLM\SYSTEM\CurrentControlSet\Services\WinSock2\Parameters\NameSpace_Catalog5\Catalog_Entries\000000000006@LibraryPath = %SystemRoot%\system32\wshbth.dll

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup >>>
Adobe Reader Speed Launch.lnk = Adobe Reader Speed Launch.lnk
Adobe Reader Synchronizer.lnk = Adobe Reader Synchronizer.lnk
Bluetooth.lnk = Bluetooth.lnk
NETGEAR WG111v3 Smart Wizard.lnk = NETGEAR WG111v3 Smart Wizard.lnk

---- EOF - GMER 1.0.15 ----
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby LOL =) » August 13th, 2009, 10:05 pm

Disregard my previous post. I was just being stupid. Anyway, i tried opening the blacklight program the way you explained to me and by clicking the shown download at the bottom of the web browser window. Both times prompted me to a blacklight window that said f-secure blacklight requires administrative privileges. The thing is, this is the only account on the computer which leaves no choice but for it to be the administrator.
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby Cypher » August 15th, 2009, 6:07 am

Hi LOL =)


Go to Start > Computer > Vista C.
Right click on fsbl.exe and delete it.

Next


Please download F-Secure Blacklight © F-Secure Corporation.
Save it to your desktop.
  1. Open Notepad... then copy and paste the following into Notepad:
    C:\Users\Shota\Desktop\fsbl.exe /expert
  2. Save the NotePad file:
    • Click on File from the top menu bar.
    • Select Save As... "Filename" entry = fsblroot.bat. The "Save As Type" entry = All Files.
    • Click Save.
  3. Right click on fsblroot.bat... select Run As Administrator to run it.
    Command Prompt will open, followed by the Blacklight application screen.
  4. Read the license agreement... Select "I accept the agreement"... then click Next.
  5. Click on Scan.
  6. Once the scan is done, close F-Secure Blacklight. Don't do anything with the results found!
  7. A log file will be created on your C:\ drive...called "fsbl-yyyymmddhhmmss.log", where the yyyymmddhhmmss = date and time.
    Please post the contents of the fsbl-yyyymmddhhmmss.log, file in your next reply.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Having trouble using my laptop!

Unread postby LOL =) » August 15th, 2009, 6:59 am

08/15/09 06:40:11 [Info]: BlackLight Engine 2.2.1092 initialized
08/15/09 06:40:11 [Info]: OS: 6.0 build 6002 (Service Pack 2)
08/15/09 06:40:11 [Note]: 7019 4
08/15/09 06:40:11 [Note]: 7005 0
08/15/09 06:40:26 [Note]: 7006 0
08/15/09 06:40:26 [Note]: 7027 0
08/15/09 06:40:26 [Note]: 7035 0
08/15/09 06:40:26 [Note]: 7026 0
08/15/09 06:40:26 [Note]: 7026 0
08/15/09 06:40:29 [Note]: FSRAW library version 1.7.1024
08/15/09 06:43:37 [Note]: 4015 6586
08/15/09 06:43:37 [Note]: 4027 6586 65536
08/15/09 06:43:37 [Note]: 4020 35 196608
08/15/09 06:43:37 [Note]: 4018 35 196608
08/15/09 06:55:58 [Note]: 7007 0
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby Cypher » August 15th, 2009, 10:53 am

Hi LOL =)

Things are looking good so far :)

Fix HijackThis entries
Important!
Please temporarily disable any anti-spyware programs you are using,
...so they will not interfere with the entries we will be fixing in HijackThis.
    Run HijackThis
      If you are on the Main Menu page... Click "Do a system scan only"
      If you are on the "scan & fix stuff" page... Press the Scan...button.
    When the scan finishes...Place a check mark next to the following entries (if they are still present):
      *Only check those items listed below *

      O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll <<<< Optional fix the decision is yours
      O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)


      After checking these items... CLOSE ALL open windows except HijackThis
      Click the Fix Checked ...button...to remove the entries you checked.
      Choose YES...when prompted to fix the selected items.
      Once it has fixed them, close HijackThis and reboot your computer normally.

      Next.

      Re-run - RSIT (Random's System Information Tool)
      You should still have this program on your desktop.
      1. Right click on RSIT.exe and select "Run As Administrator" to run it. If Windows UAC prompts you, please allow it.
      2. Please read the disclaimer... click on Continue.
        RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. (it will be maximized)
      3. Please post ONLY the "log.txt", file contents in your next reply.
        (This log can be lengthy, so a separate post may be needed.)

      Next.

      1. Please go to Bitdefender website to perform an online scan.
      2. Click on I Agree.
      3. You will be prompted to install an ActiveX. Please allow it and install it.
      4. Under Select what you want to check for viruses, click on the Click here link.
        • Check (tick) the Desktop box.
        • Click on + sign next to My Computer. Uncheck (untick) your CD or DVD drive box(es).
        • Uncheck the Network box.
        • Click OK.
      5. Under Settings, click on the Click here link.
        • Under Action options, select Report only option.
        • Click on the + sign next to Second Action.
        • Select Report only option.
        • Click OK.
      6. Click on Click here to scan link.
      7. It will start loading the antivirus scan engine and virus definitions and start the scan. This will take a while. Please be patient.
      8. Click on Click here to export the scan report.
      9. Click on Desktop on your left.
      10. In the File Name box, copy and paste in Report.txt
      11. In the Save As Type box, select Text (Tab Delimited) (*.txt) file.
      12. Click Save.

In your next reply.

1. RSIT log.txt
2. Bitdefender log.
3. Could you please let me know how your computer is running now?.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Having trouble using my laptop!

Unread postby Cypher » August 18th, 2009, 10:22 am

Hi LOL =).

It has been three days since my last post.

  • Do you still need help?
  • Do you need more time?
  • Are you having problems following my instructions?
  • According to Malware Removal's latest policy, topics can be closed after 3 days without a response. If you do not reply within the next 24 hours, this topic will be closed.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Having trouble using my laptop!

Unread postby LOL =) » August 19th, 2009, 12:00 am

Logfile of random's system information tool 1.06 (written by random/random)
Run by Shota at 2009-08-18 23:54:48
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 92 GB (64%) free of 144 GB
Total RAM: 1982 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:55:00 PM, on 8/18/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\Windows\system32\Dwm.exe
c:\Program Files\Bioscrypt\VeriSoft\Bin\AsGHost.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Hp\QuickPlay\QPService.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\vsnp2uvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Users\Shota\AppData\Local\Google\Update\1.2.183.7\GoogleCrashHandler.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\WIDCOMM\Bluetooth Software\BtStackServer.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Program Files\Hewlett-Packard\HP Advisor\SSDK04.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\taskeng.exe
C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shota\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Shota\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\Shota.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... &pf=laptop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AIM Toolbar Search Class - {03402f96-3dc7-4285-bc50-9e81fefafe43} - C:\Program Files\AIM Toolbar\aimtb.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll
O2 - BHO: AIM Toolbar Loader - {b0cda128-b425-4eef-a174-61a11ac5dbf8} - C:\Program Files\AIM Toolbar\aimtb.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: VeriSoft Access Manager - {DF21F1DB-80C6-11D3-9483-B03D0EC10000} - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: AIM Toolbar - {61539ecd-cc67-4437-a03c-9aaccbd14326} - C:\Program Files\AIM Toolbar\aimtb.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SMSERIAL] C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [ccApp] "c:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [QPService] "C:\Program Files\HP\QuickPlay\QPService.exe"
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [CognizanceTS] rundll32.exe c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll,RegisterModule
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ALUAlert] C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [CarboniteSetupLite] "C:\Program Files\Carbonite\CarbonitePreinstaller.exe" /preinstalled /showonfirst /reshowat=1800
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [Google Update] "C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Bluetooth.lnk = ?
O4 - Global Startup: NETGEAR WG111v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG111v3\WG111v3.exe
O8 - Extra context menu item: &AIM Toolbar Search - C:\ProgramData\AIM Toolbar\ieToolbar\resources\en-US\local\search.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
O9 - Extra 'Tools' menuitem: &Gears Settings - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll
O9 - Extra button: AIM Toolbar - {0b83c99c-1efa-4259-858f-bcb33e007a5b} - C:\Program Files\AIM Toolbar\aimtb.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: @btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O13 - Gopher Prefix:
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O20 - AppInit_DLLs: APSHook.dll
O23 - Service: AddFiltr - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe
O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner - C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: COM Host (comHost) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Google Update Service (gupdate1ca0b192adaaab0) (gupdate1ca0b192adaaab0) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - c:\Program Files\Norton Internet Security\isPwdSvc.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe

--
End of file - 13654 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4164504388-3128284463-414013840-1000Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4164504388-3128284463-414013840-1000UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4164504388-3128284463-414013840-1001Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4164504388-3128284463-414013840-1001UA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4164504388-3128284463-414013840-1002Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4164504388-3128284463-414013840-1002UA.job
C:\Windows\tasks\HPCeeScheduleForShota.job
C:\Windows\tasks\Norton Internet Security - Run Full System Scan - Shota.job
C:\Windows\tasks\User_Feed_Synchronization-{98DB84DC-424A-4C54-B669-470EAF462BFE}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-23 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1E8A6170-7264-4D0F-BEAE-D42A53123C75}]
c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\NppBho.dll [2007-01-12 96936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.15642\swg.dll [2009-07-22 669168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b0cda128-b425-4eef-a174-61a11ac5dbf8}]
AIM Toolbar Loader - C:\Program Files\AIM Toolbar\aimtb.dll [2009-05-06 1279272]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DF21F1DB-80C6-11D3-9483-B03D0EC10000}]
VeriSoft Access Manager - c:\Program Files\Bioscrypt\VeriSoft\Bin\ItIEAddIn.dll [2006-11-06 71192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53}]
Google Gears Helper - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.30.0\gears.dll [2009-07-17 2097152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{90222687-F593-4738-B738-FBEE9C7B26DF} - Show Norton Toolbar - c:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll [2007-01-12 607888]
{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
{61539ecd-cc67-4437-a03c-9aaccbd14326} - AIM Toolbar - C:\Program Files\AIM Toolbar\aimtb.dll [2009-05-06 1279272]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SMSERIAL"=C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe [2006-10-09 729088]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-03-01 4390912]
"ccApp"=c:\Program Files\Common Files\Symantec Shared\ccApp.exe [2007-01-10 115816]
"QPService"=C:\Program Files\HP\QuickPlay\QPService.exe [2007-03-28 176128]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2006-11-06 159744]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"CognizanceTS"=c:\PROGRA~1\BIOSCR~1\VeriSoft\Bin\ASTSVCC.dll [2003-12-22 17920]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"ALUAlert"=C:\Program Files\Symantec\LiveUpdate\ALuNotify.exe [2007-09-12 492912]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-02-26 90191]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-02-26 7770112]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-02-26 81920]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2008-12-08 54576]
""= []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-07-13 292128]
"snp2uvc"=C:\Windows\vsnp2uvc.exe [2008-08-01 675840]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-07-25 149280]
"CarboniteSetupLite"=C:\Program Files\Carbonite\CarbonitePreinstaller.exe [2009-07-31 283792]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2006-11-07 44128]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2007-03-20 1773568]
"Google Update"=C:\Users\Shota\AppData\Local\Google\Update\GoogleUpdate.exe [2009-07-21 133104]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2009-07-22 39408]
"Aim6"= []
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Adobe Reader Speed Launch.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
Adobe Reader Synchronizer.lnk - C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
Bluetooth.lnk - C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
NETGEAR WG111v3 Smart Wizard.lnk - C:\Program Files\NETGEAR\WG111v3\WG111v3.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="APSHook.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~3\Office12\GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=scecli
ASWLNPkg

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{f1834dd4-7532-11de-b70d-001e377a89bf}]
shell\AutoRun\command - G:\setupSNK.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-08-17 14:57:26 ----D---- C:\Program Files\Windows Mobile Device Handbook
2009-08-11 22:11:18 ----A---- C:\Windows\system32\mstscax.dll
2009-08-11 22:11:15 ----A---- C:\Windows\system32\wkssvc.dll
2009-08-11 22:11:13 ----A---- C:\Windows\system32\atl.dll
2009-08-11 22:11:10 ----A---- C:\Windows\system32\avifil32.dll
2009-08-11 22:11:07 ----A---- C:\Windows\system32\kerberos.dll
2009-08-11 22:11:06 ----A---- C:\Windows\system32\wdigest.dll
2009-08-11 22:11:06 ----A---- C:\Windows\system32\msv1_0.dll
2009-08-11 22:11:05 ----A---- C:\Windows\system32\schannel.dll
2009-08-11 22:11:04 ----A---- C:\Windows\system32\secur32.dll
2009-08-11 22:11:04 ----A---- C:\Windows\system32\lsass.exe
2009-08-11 22:11:04 ----A---- C:\Windows\system32\lsasrv.dll
2009-08-11 22:10:57 ----A---- C:\Windows\system32\wmp.dll
2009-08-11 22:10:54 ----A---- C:\Windows\system32\wmpdxm.dll
2009-08-11 22:10:53 ----A---- C:\Windows\system32\wmploc.DLL
2009-08-11 22:10:53 ----A---- C:\Windows\system32\spwmp.dll
2009-08-11 22:10:53 ----A---- C:\Windows\system32\dxmasf.dll
2009-08-09 08:28:21 ----D---- C:\Users\Shota\AppData\Roaming\Malwarebytes
2009-08-09 08:28:16 ----D---- C:\ProgramData\Malwarebytes
2009-08-09 08:28:15 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-09 00:28:55 ----D---- C:\Program Files\Carbonite
2009-08-09 00:28:13 ----A---- C:\Windows\system32\javaws.exe
2009-08-09 00:28:13 ----A---- C:\Windows\system32\javaw.exe
2009-08-09 00:28:13 ----A---- C:\Windows\system32\java.exe
2009-08-08 10:27:25 ----D---- C:\Windows\system32\eu-ES
2009-08-08 10:27:25 ----D---- C:\Windows\system32\ca-ES
2009-08-08 10:27:24 ----D---- C:\Windows\system32\vi-VN
2009-08-08 09:58:39 ----D---- C:\Windows\system32\EventProviders
2009-08-08 09:57:13 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-08-08 09:57:09 ----A---- C:\Windows\system32\SLsvc.exe
2009-08-08 09:57:09 ----A---- C:\Windows\system32\SLCExt.dll
2009-08-08 09:57:07 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-08-08 09:57:07 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-08-08 09:57:06 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-08-08 09:57:04 ----A---- C:\Windows\system32\mssrch.dll
2009-08-08 09:57:01 ----A---- C:\Windows\system32\tquery.dll
2009-08-08 09:56:59 ----A---- C:\Windows\system32\scavenge.dll
2009-08-08 09:56:59 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-08-08 09:56:59 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-08-08 09:56:58 ----A---- C:\Windows\system32\RMActivate.exe
2009-08-08 09:56:57 ----A---- C:\Windows\system32\msi.dll
2009-08-08 09:56:56 ----A---- C:\Windows\system32\WscEapPr.dll
2009-08-08 09:56:56 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-08-08 09:56:56 ----A---- C:\Windows\system32\secproc_isv.dll
2009-08-08 09:56:56 ----A---- C:\Windows\system32\imapi2fs.dll
2009-08-08 09:56:55 ----A---- C:\Windows\system32\sysmain.dll
2009-08-08 09:56:54 ----A---- C:\Windows\system32\mf.dll
2009-08-08 09:56:54 ----A---- C:\Windows\system32\icardagt.exe
2009-08-08 09:56:53 ----A---- C:\Windows\system32\EhStorShell.dll
2009-08-08 09:56:53 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-08-08 09:56:52 ----A---- C:\Windows\system32\spreview.exe
2009-08-08 09:56:52 ----A---- C:\Windows\system32\spinstall.exe
2009-08-08 09:56:52 ----A---- C:\Windows\system32\drmv2clt.dll
2009-08-08 09:56:50 ----A---- C:\Windows\system32\spwizui.dll
2009-08-08 09:56:50 ----A---- C:\Windows\system32\shell32.dll
2009-08-08 09:56:50 ----A---- C:\Windows\system32\secproc.dll
2009-08-08 09:56:50 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-08-08 09:56:49 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-08-08 09:56:49 ----A---- C:\Windows\system32\p2psvc.dll
2009-08-08 09:56:48 ----A---- C:\Windows\system32\mssvp.dll
2009-08-08 09:56:48 ----A---- C:\Windows\system32\mssphtb.dll
2009-08-08 09:56:48 ----A---- C:\Windows\system32\mssph.dll
2009-08-08 09:56:48 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-08-08 09:56:48 ----A---- C:\Windows\system32\mscoree.dll
2009-08-08 09:56:47 ----A---- C:\Windows\system32\imapi2.dll
2009-08-08 09:56:46 ----A---- C:\Windows\system32\sdohlp.dll
2009-08-08 09:56:46 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-08-08 09:56:45 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-08-08 09:56:45 ----A---- C:\Windows\system32\esent.dll
2009-08-08 09:56:44 ----A---- C:\Windows\system32\wevtsvc.dll
2009-08-08 09:56:44 ----A---- C:\Windows\system32\sperror.dll
2009-08-08 09:56:44 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-08-08 09:56:44 ----A---- C:\Windows\system32\korwbrkr.dll
2009-08-08 09:56:44 ----A---- C:\Windows\system32\DevicePairing.dll
2009-08-08 09:56:43 ----A---- C:\Windows\system32\SLC.dll
2009-08-08 09:56:43 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-08-08 09:56:43 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-08-08 09:56:43 ----A---- C:\Windows\system32\msshsq.dll
2009-08-08 09:56:43 ----A---- C:\Windows\system32\IasMigReader.exe
2009-08-08 09:56:42 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-08-08 09:56:41 ----A---- C:\Windows\system32\msjet40.dll
2009-08-08 09:56:41 ----A---- C:\Windows\system32\MPSSVC.dll
2009-08-08 09:56:40 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-08-08 09:56:40 ----A---- C:\Windows\system32\msxml6.dll
2009-08-08 09:56:39 ----A---- C:\Windows\system32\Query.dll
2009-08-08 09:56:38 ----A---- C:\Windows\system32\qmgr.dll
2009-08-08 09:56:38 ----A---- C:\Windows\system32\P2PGraph.dll
2009-08-08 09:56:38 ----A---- C:\Windows\system32\msexch40.dll
2009-08-08 09:56:38 ----A---- C:\Windows\system32\diagperf.dll
2009-08-08 09:56:37 ----A---- C:\Windows\system32\winload.exe
2009-08-08 09:56:37 ----A---- C:\Windows\system32\srchadmin.dll
2009-08-08 09:56:37 ----A---- C:\Windows\system32\ole32.dll
2009-08-08 09:56:37 ----A---- C:\Windows\system32\ntdll.dll
2009-08-08 09:56:37 ----A---- C:\Windows\system32\msxml3.dll
2009-08-08 09:56:36 ----A---- C:\Windows\system32\uDWM.dll
2009-08-08 09:56:36 ----A---- C:\Windows\system32\mmc.exe
2009-08-08 09:56:36 ----A---- C:\Windows\system32\mblctr.exe
2009-08-08 09:56:36 ----A---- C:\Windows\system32\EncDec.dll
2009-08-08 09:56:35 ----A---- C:\Windows\system32\riched20.dll
2009-08-08 09:56:35 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-08-08 09:56:35 ----A---- C:\Windows\system32\fdBth.dll
2009-08-08 09:56:35 ----A---- C:\Windows\system32\dfsr.exe
2009-08-08 09:56:34 ----A---- C:\Windows\system32\RacEngn.dll
2009-08-08 09:56:33 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-08-08 09:56:33 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-08-08 09:56:33 ----A---- C:\Windows\system32\milcore.dll
2009-08-08 09:56:33 ----A---- C:\Windows\system32\kernel32.dll
2009-08-08 09:56:33 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-08-08 09:56:33 ----A---- C:\Windows\system32\CertEnroll.dll
2009-08-08 09:56:32 ----A---- C:\Windows\system32\spoolss.dll
2009-08-08 09:56:32 ----A---- C:\Windows\system32\schedsvc.dll
2009-08-08 09:56:32 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-08-08 09:56:31 ----A---- C:\Windows\system32\msvcp60.dll
2009-08-08 09:56:31 ----A---- C:\Windows\system32\msjtes40.dll
2009-08-08 09:56:31 ----A---- C:\Windows\system32\infocardapi.dll
2009-08-08 09:56:31 ----A---- C:\Windows\system32\gpedit.dll
2009-08-08 09:56:31 ----A---- C:\Windows\system32\fsquirt.exe
2009-08-08 09:56:31 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-08-08 09:56:30 ----A---- C:\Windows\system32\WinSAT.exe
2009-08-08 09:56:29 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-08-08 09:56:29 ----A---- C:\Windows\system32\mstext40.dll
2009-08-08 09:56:29 ----A---- C:\Windows\system32\Magnify.exe
2009-08-08 09:56:29 ----A---- C:\Windows\system32\es.dll
2009-08-08 09:56:29 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-08-08 09:56:29 ----A---- C:\Windows\system32\advapi32.dll
2009-08-08 09:56:27 ----A---- C:\Windows\system32\WMPhoto.dll
2009-08-08 09:56:27 ----A---- C:\Windows\system32\WebClnt.dll
2009-08-08 09:56:27 ----A---- C:\Windows\system32\slwmi.dll
2009-08-08 09:56:27 ----A---- C:\Windows\system32\msxbde40.dll
2009-08-08 09:56:27 ----A---- C:\Windows\system32\msexcl40.dll
2009-08-08 09:56:27 ----A---- C:\Windows\system32\comsvcs.dll
2009-08-08 09:56:26 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-08-08 09:56:26 ----A---- C:\Windows\system32\vssapi.dll
2009-08-08 09:56:26 ----A---- C:\Windows\system32\authui.dll
2009-08-08 09:56:25 ----A---- C:\Windows\system32\PresentationHost.exe
2009-08-08 09:56:25 ----A---- C:\Windows\system32\NetProjW.dll
2009-08-08 09:56:25 ----A---- C:\Windows\system32\msrepl40.dll
2009-08-08 09:56:24 ----A---- C:\Windows\system32\propsys.dll
2009-08-08 09:56:24 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-08-08 09:56:24 ----A---- C:\Windows\system32\newdev.dll
2009-08-08 09:56:24 ----A---- C:\Windows\system32\iasrecst.dll
2009-08-08 09:56:24 ----A---- C:\Windows\system32\gpsvc.dll
2009-08-08 09:56:24 ----A---- C:\Windows\system32\eudcedit.exe
2009-08-08 09:56:23 ----A---- C:\Windows\system32\setupapi.dll
2009-08-08 09:56:23 ----A---- C:\Windows\system32\rpcss.dll
2009-08-08 09:56:23 ----A---- C:\Windows\system32\mspbde40.dll
2009-08-08 09:56:23 ----A---- C:\Windows\system32\crypt32.dll
2009-08-08 09:56:23 ----A---- C:\Windows\explorer.exe
2009-08-08 09:56:22 ----A---- C:\Windows\system32\shlwapi.dll
2009-08-08 09:56:22 ----A---- C:\Windows\system32\msltus40.dll
2009-08-08 09:56:22 ----A---- C:\Windows\system32\mfc42.dll
2009-08-08 09:56:22 ----A---- C:\Windows\system32\davclnt.dll
2009-08-08 09:56:22 ----A---- C:\Windows\system32\d3d9.dll
2009-08-08 09:56:21 ----A---- C:\Windows\system32\wevtapi.dll
2009-08-08 09:56:21 ----A---- C:\Windows\system32\photowiz.dll
2009-08-08 09:56:21 ----A---- C:\Windows\system32\msrd3x40.dll
2009-08-08 09:56:21 ----A---- C:\Windows\system32\msdtctm.dll
2009-08-08 09:56:21 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-08-08 09:56:21 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-08-08 09:56:21 ----A---- C:\Windows\system32\browseui.dll
2009-08-08 09:56:20 ----A---- C:\Windows\system32\nlhtml.dll
2009-08-08 09:56:19 ----A---- C:\Windows\system32\user32.dll
2009-08-08 09:56:19 ----A---- C:\Windows\system32\samsrv.dll
2009-08-08 09:56:19 ----A---- C:\Windows\system32\quartz.dll
2009-08-08 09:56:19 ----A---- C:\Windows\system32\ci.dll
2009-08-08 09:56:18 ----A---- C:\Windows\system32\win32spl.dll
2009-08-08 09:56:18 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-08-08 09:56:18 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-08-08 09:56:18 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-08-08 09:56:18 ----A---- C:\Windows\system32\oleaut32.dll
2009-08-08 09:56:18 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-08-08 09:56:17 ----A---- C:\Windows\system32\winhttp.dll
2009-08-08 09:56:17 ----A---- C:\Windows\system32\netshell.dll
2009-08-08 09:56:17 ----A---- C:\Windows\system32\compcln.exe
2009-08-08 09:56:17 ----A---- C:\Windows\system32\apds.dll
2009-08-08 09:56:16 ----A---- C:\Windows\system32\xmlfilter.dll
2009-08-08 09:56:16 ----A---- C:\Windows\system32\mswstr10.dll
2009-08-08 09:56:16 ----A---- C:\Windows\system32\emdmgmt.dll
2009-08-08 09:56:16 ----A---- C:\Windows\system32\audiosrv.dll
2009-08-08 09:56:15 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-08-08 09:56:15 ----A---- C:\Windows\system32\msvcrt.dll
2009-08-08 09:56:15 ----A---- C:\Windows\system32\msctf.dll
2009-08-08 09:56:15 ----A---- C:\Windows\system32\gdi32.dll
2009-08-08 09:56:14 ----A---- C:\Windows\system32\VSSVC.exe
2009-08-08 09:56:14 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-08-08 09:56:14 ----A---- C:\Windows\system32\SLUI.exe
2009-08-08 09:56:14 ----A---- C:\Windows\system32\msrd2x40.dll
2009-08-08 09:56:14 ----A---- C:\Windows\system32\mfc42u.dll
2009-08-08 09:56:14 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-08-08 09:56:14 ----A---- C:\Windows\system32\eapphost.dll
2009-08-08 09:56:13 ----A---- C:\Windows\system32\winresume.exe
2009-08-08 09:56:13 ----A---- C:\Windows\system32\propdefs.dll
2009-08-08 09:56:13 ----A---- C:\Windows\system32\odbc32.dll
2009-08-08 09:56:12 ----A---- C:\Windows\system32\shdocvw.dll
2009-08-08 09:56:12 ----A---- C:\Windows\system32\dbgeng.dll
2009-08-08 09:56:11 ----A---- C:\Windows\system32\wevtutil.exe
2009-08-08 09:56:11 ----A---- C:\Windows\system32\mssitlb.dll
2009-08-08 09:56:10 ----A---- C:\Windows\system32\WsmSvc.dll
2009-08-08 09:56:10 ----A---- C:\Windows\system32\usp10.dll
2009-08-08 09:56:10 ----A---- C:\Windows\system32\swprv.dll
2009-08-08 09:56:10 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-08-08 09:56:09 ----A---- C:\Windows\system32\vds.exe
2009-08-08 09:56:09 ----A---- C:\Windows\system32\msctfp.dll
2009-08-08 09:56:09 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-08-08 09:56:09 ----A---- C:\Windows\system32\drvinst.exe
2009-08-08 09:56:09 ----A---- C:\Windows\system32\devmgr.dll
2009-08-08 09:56:08 ----A---- C:\Windows\system32\Wldap32.dll
2009-08-08 09:56:08 ----A---- C:\Windows\system32\wcnwiz.dll
2009-08-08 09:56:08 ----A---- C:\Windows\system32\netlogon.dll
2009-08-08 09:56:08 ----A---- C:\Windows\system32\msscb.dll
2009-08-08 09:56:08 ----A---- C:\Windows\system32\evr.dll
2009-08-08 09:56:08 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-08-08 09:56:08 ----A---- C:\Windows\system32\BFE.DLL
2009-08-08 09:56:08 ----A---- C:\Windows\system32\adsldpc.dll
2009-08-08 09:56:07 ----A---- C:\Windows\system32\WSDApi.dll
2009-08-08 09:56:07 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-08-08 09:56:07 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-08-08 09:56:07 ----A---- C:\Windows\system32\wercon.exe
2009-08-08 09:56:07 ----A---- C:\Windows\system32\services.exe
2009-08-08 09:56:07 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-08-08 09:56:07 ----A---- C:\Windows\system32\comdlg32.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\wcncsvc.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\msjter40.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\msdtcprx.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\msdrm.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\mimefilt.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\certcli.dll
2009-08-08 09:56:06 ----A---- C:\Windows\system32\adtschema.dll
2009-08-08 09:56:05 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-08-08 09:56:05 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-08-08 09:56:05 ----A---- C:\Windows\system32\taskeng.exe
2009-08-08 09:56:05 ----A---- C:\Windows\system32\rtffilt.dll
2009-08-08 09:56:05 ----A---- C:\Windows\system32\reg.exe
2009-08-08 09:56:05 ----A---- C:\Windows\system32\mswdat10.dll
2009-08-08 09:56:05 ----A---- C:\Windows\system32\dnsapi.dll
2009-08-08 09:56:05 ----A---- C:\Windows\system32\certutil.exe
2009-08-08 09:56:04 ----A---- C:\Windows\system32\w32time.dll
2009-08-08 09:56:04 ----A---- C:\Windows\system32\rsaenh.dll
2009-08-08 09:56:04 ----A---- C:\Windows\system32\msshooks.dll
2009-08-08 09:56:04 ----A---- C:\Windows\system32\msscntrs.dll
2009-08-08 09:56:04 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-08-08 09:56:04 ----A---- C:\Windows\system32\bthserv.dll
2009-08-08 09:56:04 ----A---- C:\Windows\system32\bcrypt.dll
2009-08-08 09:56:03 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-08-08 09:56:03 ----A---- C:\Windows\system32\msstrc.dll
2009-08-08 09:56:03 ----A---- C:\Windows\system32\msihnd.dll
2009-08-08 09:56:03 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-08-08 09:56:03 ----A---- C:\Windows\system32\inetcomm.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\netapi32.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\mtxclu.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\mscories.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\inetpp.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\hidserv.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\fundisc.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\dfshim.dll
2009-08-08 09:56:02 ----A---- C:\Windows\system32\cryptsvc.dll
2009-08-08 09:56:01 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-08-08 09:56:01 ----A---- C:\Windows\system32\termsrv.dll
2009-08-08 09:56:01 ----A---- C:\Windows\system32\profsvc.dll
2009-08-08 09:56:01 ----A---- C:\Windows\system32\gameux.dll
2009-08-08 09:56:00 ----A---- C:\Windows\system32\wdc.dll
2009-08-08 09:56:00 ----A---- C:\Windows\system32\shsvcs.dll
2009-08-08 09:56:00 ----A---- C:\Windows\system32\msiexec.exe
2009-08-08 09:56:00 ----A---- C:\Windows\system32\imapi.dll
2009-08-08 09:56:00 ----A---- C:\Windows\system32\chsbrkr.dll
2009-08-08 09:55:59 ----A---- C:\Windows\system32\spoolsv.exe
2009-08-08 09:55:59 ----A---- C:\Windows\system32\rasmans.dll
2009-08-08 09:55:59 ----A---- C:\Windows\system32\pnidui.dll
2009-08-08 09:55:59 ----A---- C:\Windows\system32\icardres.dll
2009-08-08 09:55:59 ----A---- C:\Windows\system32\iassdo.dll
2009-08-08 09:55:59 ----A---- C:\Windows\system32\autofmt.exe
2009-08-08 09:55:58 ----A---- C:\Windows\system32\wersvc.dll
2009-08-08 09:55:58 ----A---- C:\Windows\system32\slmgr.vbs
2009-08-08 09:55:58 ----A---- C:\Windows\system32\scrrun.dll
2009-08-08 09:55:58 ----A---- C:\Windows\system32\PSHED.DLL
2009-08-08 09:55:58 ----A---- C:\Windows\system32\pdh.dll
2009-08-08 09:55:58 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-08-08 09:55:58 ----A---- C:\Windows\system32\azroles.dll
2009-08-08 09:55:57 ----A---- C:\Windows\system32\wmpmde.dll
2009-08-08 09:55:57 ----A---- C:\Windows\system32\pidgenx.dll
2009-08-08 09:55:57 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-08-08 09:55:56 ----A---- C:\Windows\system32\winlogon.exe
2009-08-08 09:55:56 ----A---- C:\Windows\system32\SyncCenter.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\untfs.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\spp.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\SLUINotify.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\sethc.exe
2009-08-08 09:55:55 ----A---- C:\Windows\system32\scrobj.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\ncrypt.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\kd1394.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\iassam.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\comuid.dll
2009-08-08 09:55:55 ----A---- C:\Windows\system32\certmgr.dll
2009-08-08 09:55:54 ----A---- C:\Windows\system32\wisptis.exe
2009-08-08 09:55:54 ----A---- C:\Windows\system32\taskcomp.dll
2009-08-08 09:55:54 ----A---- C:\Windows\system32\rtutils.dll
2009-08-08 09:55:54 ----A---- C:\Windows\system32\dwm.exe
2009-08-08 09:55:54 ----A---- C:\Windows\system32\autochk.exe
2009-08-08 09:55:53 ----A---- C:\Windows\system32\winsrv.dll
2009-08-08 09:55:53 ----A---- C:\Windows\system32\printui.dll
2009-08-08 09:55:53 ----A---- C:\Windows\system32\iasnap.dll
2009-08-08 09:55:53 ----A---- C:\Windows\system32\autoconv.exe
2009-08-08 09:55:52 ----A---- C:\Windows\system32\userenv.dll
2009-08-08 09:55:52 ----A---- C:\Windows\system32\onex.dll
2009-08-08 09:55:52 ----A---- C:\Windows\system32\kdcom.dll
2009-08-08 09:55:52 ----A---- C:\Windows\system32\cscript.exe
2009-08-08 09:55:52 ----A---- C:\Windows\system32\basecsp.dll
2009-08-08 09:55:52 ----A---- C:\Windows\system32\audiodg.exe
2009-08-08 09:55:51 ----A---- C:\Windows\system32\wow32.dll
2009-08-08 09:55:51 ----A---- C:\Windows\system32\winmm.dll
2009-08-08 09:55:51 ----A---- C:\Windows\system32\spcmsg.dll
2009-08-08 09:55:51 ----A---- C:\Windows\system32\RelMon.dll
2009-08-08 09:55:51 ----A---- C:\Windows\system32\osk.exe
2009-08-08 09:55:51 ----A---- C:\Windows\system32\mswsock.dll
2009-08-08 09:55:51 ----A---- C:\Windows\system32\kdusb.dll
2009-08-08 09:55:50 ----A---- C:\Windows\system32\WinSCard.dll
2009-08-08 09:55:50 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-08-08 09:55:50 ----A---- C:\Windows\system32\rdpencom.dll
2009-08-08 09:55:50 ----A---- C:\Windows\system32\offfilt.dll
2009-08-08 09:55:50 ----A---- C:\Windows\system32\msftedit.dll
2009-08-08 09:55:50 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-08-08 09:55:49 ----A---- C:\Windows\system32\wsepno.dll
2009-08-08 09:55:49 ----A---- C:\Windows\system32\WerFault.exe
2009-08-08 09:55:49 ----A---- C:\Windows\system32\Utilman.exe
2009-08-08 09:55:49 ----A---- C:\Windows\system32\stobject.dll
2009-08-08 09:55:49 ----A---- C:\Windows\system32\SndVol.exe
2009-08-08 09:55:49 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-08-08 09:55:49 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-08-08 09:55:49 ----A---- C:\Windows\system32\mfplat.dll
2009-08-08 09:55:49 ----A---- C:\Windows\system32\diskraid.exe
2009-08-08 09:55:49 ----A---- C:\Windows\system32\apphelp.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\wscript.exe
2009-08-08 09:55:48 ----A---- C:\Windows\system32\wiaservc.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\ulib.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\sysclass.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\prnntfy.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\odbccp32.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\msnetobj.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\mscms.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\mcmde.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\iasdatastore.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\dsound.dll
2009-08-08 09:55:48 ----A---- C:\Windows\system32\adsmsext.dll
2009-08-08 09:55:47 ----A---- C:\Windows\system32\wscntfy.dll
2009-08-08 09:55:47 ----A---- C:\Windows\system32\wlansvc.dll
2009-08-08 09:55:47 ----A---- C:\Windows\system32\rastapi.dll
2009-08-08 09:55:47 ----A---- C:\Windows\system32\pnpsetup.dll
2009-08-08 09:55:47 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-08-08 09:55:47 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-08-08 09:55:47 ----A---- C:\Windows\system32\fdProxy.dll
2009-08-08 09:55:47 ----A---- C:\Windows\system32\cryptui.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\wscsvc.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-08-08 09:55:46 ----A---- C:\Windows\system32\wlangpui.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\vdsdyn.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\rastls.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\rasapi32.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\netiohlp.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\logman.exe
2009-08-08 09:55:46 ----A---- C:\Windows\system32\iashlpr.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\gpapi.dll
2009-08-08 09:55:46 ----A---- C:\Windows\system32\diskpart.exe
2009-08-08 09:55:46 ----A---- C:\Windows\system32\brcpl.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\zipfldr.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\wusa.exe
2009-08-08 09:55:45 ----A---- C:\Windows\system32\wshext.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\wpccpl.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\regsvc.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\ntprint.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\mscorier.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\iasrad.dll
2009-08-08 09:55:45 ----A---- C:\Windows\system32\findstr.exe
2009-08-08 09:55:44 ----A---- C:\Windows\system32\wsnmp32.dll
2009-08-08 09:55:44 ----A---- C:\Windows\system32\wer.dll
2009-08-08 09:55:44 ----A---- C:\Windows\system32\themecpl.dll
2009-08-08 09:55:44 ----A---- C:\Windows\system32\rasdlg.dll
2009-08-08 09:55:44 ----A---- C:\Windows\system32\netcenter.dll
2009-08-08 09:55:44 ----A---- C:\Windows\system32\iassvcs.dll
2009-08-08 09:55:43 ----A---- C:\Windows\system32\uxsms.dll
2009-08-08 09:55:43 ----A---- C:\Windows\system32\tsbyuv.dll
2009-08-08 09:55:43 ----A---- C:\Windows\system32\srvsvc.dll
2009-08-08 09:55:43 ----A---- C:\Windows\system32\ntmarta.dll
2009-08-08 09:55:43 ----A---- C:\Windows\system32\mssprxy.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\slcc.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\scansetting.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\powrprof.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\powercpl.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\networkmap.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\msutb.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\mstsc.exe
2009-08-08 09:55:42 ----A---- C:\Windows\system32\mstlsapi.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\iasads.dll
2009-08-08 09:55:42 ----A---- C:\Windows\system32\iasacct.dll
2009-08-08 09:55:41 ----A---- C:\Windows\system32\wlanhlp.dll
2009-08-08 09:55:41 ----A---- C:\Windows\system32\sud.dll
2009-08-08 09:55:41 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-08-08 09:55:41 ----A---- C:\Windows\system32\newdev.exe
2009-08-08 09:55:41 ----A---- C:\Windows\system32\dot3svc.dll
2009-08-08 09:55:41 ----A---- C:\Windows\system32\connect.dll
2009-08-08 09:55:41 ----A---- C:\Windows\system32\authz.dll
2009-08-08 09:55:40 ----A---- C:\Windows\system32\usercpl.dll
2009-08-08 09:55:40 ----A---- C:\Windows\system32\themeui.dll
2009-08-08 09:55:40 ----A---- C:\Windows\system32\systemcpl.dll
2009-08-08 09:55:40 ----A---- C:\Windows\system32\samlib.dll
2009-08-08 09:55:40 ----A---- C:\Windows\system32\pcaui.dll
2009-08-08 09:55:40 ----A---- C:\Windows\system32\mmci.dll
2009-08-08 09:55:40 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-08-08 09:55:39 ----A---- C:\Windows\system32\wpcao.dll
2009-08-08 09:55:39 ----A---- C:\Windows\system32\wlanpref.dll
2009-08-08 09:55:39 ----A---- C:\Windows\system32\vdsutil.dll
2009-08-08 09:55:39 ----A---- C:\Windows\system32\rpchttp.dll
2009-08-08 09:55:39 ----A---- C:\Windows\system32\regapi.dll
2009-08-08 09:55:39 ----A---- C:\Windows\system32\qdvd.dll
2009-08-08 09:55:39 ----A---- C:\Windows\system32\msinfo32.exe
2009-08-08 09:55:39 ----A---- C:\Windows\system32\autoplay.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\wscisvif.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\tapisrv.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\scksp.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\scesrv.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\rekeywiz.exe
2009-08-08 09:55:38 ----A---- C:\Windows\system32\psisdecd.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\oleprn.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\mpr.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\imm32.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\iaspolcy.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\feclient.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\Faultrep.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\dot3msm.dll
2009-08-08 09:55:38 ----A---- C:\Windows\system32\DeviceEject.exe
2009-08-08 09:55:38 ----A---- C:\Windows\system32\AudioSes.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\sdclt.exe
2009-08-08 09:55:37 ----A---- C:\Windows\system32\scecli.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\rasplap.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\rasgcw.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\qedit.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\pnpui.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\perfdisk.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\ncryptui.dll
2009-08-08 09:55:37 ----A---- C:\Windows\system32\hdwwiz.exe
2009-08-08 09:55:37 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-08-08 09:55:37 ----A---- C:\Windows\system32\dpapimig.exe
2009-08-08 09:55:37 ----A---- C:\Windows\system32\certreq.exe
2009-08-08 09:55:36 ----A---- C:\Windows\system32\whealogr.dll
2009-08-08 09:55:36 ----A---- C:\Windows\system32\TSTheme.exe
2009-08-08 09:55:36 ----A---- C:\Windows\system32\tcpmon.dll
2009-08-08 09:55:36 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-08-08 09:55:36 ----A---- C:\Windows\system32\srcore.dll
2009-08-08 09:55:36 ----A---- C:\Windows\system32\spwinsat.dll
2009-08-08 09:55:36 ----A---- C:\Windows\system32\SCardSvr.dll
2009-08-08 09:55:36 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-08-08 09:55:36 ----A---- C:\Windows\system32\fdWSD.dll
2009-08-08 09:55:36 ----A---- C:\Windows\system32\conime.exe
2009-08-08 09:55:36 ----A---- C:\Windows\system32\cmmon32.exe
2009-08-08 09:55:36 ----A---- C:\Windows\system32\cmdial32.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-08-08 09:55:35 ----A---- C:\Windows\system32\wlanui.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\wlanmsm.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\wiaaut.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\SnippingTool.exe
2009-08-08 09:55:35 ----A---- C:\Windows\system32\shwebsvc.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\rasppp.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\raschap.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\PnPutil.exe
2009-08-08 09:55:35 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\fontext.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\dsprop.dll
2009-08-08 09:55:35 ----A---- C:\Windows\system32\dimsroam.dll
2009-08-08 09:55:34 ----A---- C:\Windows\system32\shsetup.dll
2009-08-08 09:55:34 ----A---- C:\Windows\system32\rasmontr.dll
2009-08-08 09:55:34 ----A---- C:\Windows\system32\oobefldr.dll
2009-08-08 09:55:34 ----A---- C:\Windows\system32\mscandui.dll
2009-08-08 09:55:34 ----A---- C:\Windows\system32\modemui.dll
2009-08-08 09:55:34 ----A---- C:\Windows\system32\chtbrkr.dll
2009-08-08 09:55:33 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-08-08 09:55:33 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-08-08 09:55:33 ----A---- C:\Windows\system32\smss.exe
2009-08-08 09:55:33 ----A---- C:\Windows\system32\rdpwsx.dll
2009-08-08 09:55:33 ----A---- C:\Windows\system32\dataclen.dll
2009-08-08 09:55:33 ----A---- C:\Windows\system32\blackbox.dll
2009-08-08 09:55:32 ----A---- C:\Windows\system32\WSDMon.dll
2009-08-08 09:55:32 ----A---- C:\Windows\system32\wmpeffects.dll
2009-08-08 09:55:32 ----A---- C:\Windows\system32\netplwiz.dll
2009-08-08 09:55:32 ----A---- C:\Windows\system32\credui.dll
2009-08-08 09:55:32 ----A---- C:\Windows\system32\certprop.dll
2009-08-08 09:55:31 ----A---- C:\Windows\system32\wpcsvc.dll
2009-08-08 09:55:31 ----A---- C:\Windows\system32\networkexplorer.dll
2009-08-08 09:55:31 ----A---- C:\Windows\system32\msscp.dll
2009-08-08 09:55:31 ----A---- C:\Windows\system32\logagent.exe
2009-08-08 09:55:31 ----A---- C:\Windows\system32\InkEd.dll
2009-08-08 09:55:31 ----A---- C:\Windows\system32\ifmon.dll
2009-08-08 09:55:31 ----A---- C:\Windows\system32\cipher.exe
2009-08-08 09:55:30 ----A---- C:\Windows\system32\wscapi.dll
2009-08-08 09:55:30 ----A---- C:\Windows\system32\thawbrkr.dll
2009-08-08 09:55:30 ----A---- C:\Windows\system32\softkbd.dll
2009-08-08 09:55:30 ----A---- C:\Windows\system32\sendmail.dll
2009-08-08 09:55:30 ----A---- C:\Windows\system32\msimtf.dll
2009-08-08 09:55:30 ----A---- C:\Windows\system32\gpresult.exe
2009-08-08 09:55:29 ----A---- C:\Windows\system32\version.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\puiapi.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\olepro32.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\msctfui.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\mprapi.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\input.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\dmsynth.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\cdd.dll
2009-08-08 09:55:29 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\wshbth.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\SLLUA.exe
2009-08-08 09:55:28 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\msjint40.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\msisip.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\l2nacp.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\ftp.exe
2009-08-08 09:55:28 ----A---- C:\Windows\system32\fdSSDP.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\fc.exe
2009-08-08 09:55:28 ----A---- C:\Windows\system32\eapp3hst.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\dmusic.dll
2009-08-08 09:55:28 ----A---- C:\Windows\system32\cscapi.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\wsdchngr.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\tscupgrd.exe
2009-08-08 09:55:27 ----A---- C:\Windows\system32\Storprop.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\slcinst.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\rrinstaller.exe
2009-08-08 09:55:27 ----A---- C:\Windows\system32\rasdial.exe
2009-08-08 09:55:27 ----A---- C:\Windows\system32\rasdiag.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\nslookup.exe
2009-08-08 09:55:27 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\mfps.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\ipconfig.exe
2009-08-08 09:55:27 ----A---- C:\Windows\system32\fdWCN.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\eappcfg.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\dot3cfg.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\cscdll.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\bthudtask.exe
2009-08-08 09:55:27 ----A---- C:\Windows\system32\bthci.dll
2009-08-08 09:55:27 ----A---- C:\Windows\system32\aaclient.dll
2009-08-08 09:55:26 ----A---- C:\Windows\system32\tsgqec.dll
2009-08-08 09:55:26 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-08-08 09:55:26 ----A---- C:\Windows\system32\ocsetup.exe
2009-08-08 09:55:26 ----A---- C:\Windows\system32\mmcico.dll
2009-08-08 09:55:26 ----A---- C:\Windows\system32\mfpmp.exe
2009-08-08 09:55:26 ----A---- C:\Windows\system32\hbaapi.dll
2009-08-08 09:55:26 ----A---- C:\Windows\system32\gpupdate.exe
2009-08-08 09:55:26 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-08-08 09:55:26 ----A---- C:\Windows\system32\fdeploy.dll
2009-08-08 09:55:26 ----A---- C:\Windows\system32\eappgnui.dll
2009-08-08 09:55:25 ----A---- C:\Windows\system32\vdmdbg.dll
2009-08-08 09:55:25 ----A---- C:\Windows\system32\slwga.dll
2009-08-08 09:55:25 ----A---- C:\Windows\system32\odbcconf.dll
2009-08-08 09:55:25 ----A---- C:\Windows\system32\NcdProp.dll
2009-08-08 09:55:25 ----A---- C:\Windows\system32\iscsilog.dll
2009-08-08 09:55:25 ----A---- C:\Windows\system32\inetppui.dll
2009-08-08 09:55:25 ----A---- C:\Windows\system32\csrstub.exe
2009-08-08 09:55:25 ----A---- C:\Windows\system32\cbsra.exe
2009-08-08 09:55:25 ----A---- C:\Windows\system32\bitsigd.dll
2009-08-08 09:55:24 ----A---- C:\Windows\system32\winrnr.dll
2009-08-08 09:55:24 ----A---- C:\Windows\system32\midimap.dll
2009-08-08 09:55:22 ----A---- C:\Windows\system32\msimsg.dll
2009-08-08 09:55:22 ----A---- C:\Windows\system32\mferror.dll
2009-08-08 09:55:22 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-08-08 09:55:11 ----A---- C:\Windows\system32\SmiEngine.dll
2009-08-08 09:55:07 ----A---- C:\Windows\system32\wdscore.dll
2009-08-08 09:55:07 ----A---- C:\Windows\system32\PkgMgr.exe
2009-08-08 09:54:56 ----A---- C:\Windows\system32\drvstore.dll
2009-08-05 18:10:32 ----D---- C:\rsit
2009-07-28 20:20:15 ----DC---- C:\Windows\system32\DRVSTORE
2009-07-28 20:20:15 ----A---- C:\Windows\system32\GEARAspi.dll
2009-07-28 20:19:48 ----D---- C:\ProgramData\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
2009-07-28 20:19:48 ----D---- C:\Program Files\iTunes
2009-07-28 20:18:24 ----D---- C:\Program Files\Bonjour
2009-07-28 20:14:15 ----D---- C:\Program Files\Apple Software Update
2009-07-28 20:11:40 ----D---- C:\Program Files\Common Files\Apple
2009-07-28 20:11:39 ----D---- C:\ProgramData\Apple
2009-07-28 19:17:13 ----A---- C:\Windows\system32\mshtml.dll
2009-07-28 19:17:13 ----A---- C:\Windows\system32\ieframe.dll
2009-07-28 19:17:11 ----A---- C:\Windows\system32\wininet.dll
2009-07-28 19:17:11 ----A---- C:\Windows\system32\urlmon.dll
2009-07-28 19:17:11 ----A---- C:\Windows\system32\occache.dll
2009-07-28 19:17:11 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-28 19:17:11 ----A---- C:\Windows\system32\iertutil.dll
2009-07-28 19:17:11 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-28 19:17:10 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-28 19:17:10 ----A---- C:\Windows\system32\ieui.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\iesetup.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\iernonce.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\iepeers.dll
2009-07-28 19:17:10 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-28 19:09:42 ----D---- C:\Program Files\Trend Micro
2009-07-27 22:24:17 ----A---- C:\Windows\system32\SRSWOW.dll
2009-07-27 22:24:17 ----A---- C:\Windows\system32\SRSTSXT.dll
2009-07-27 22:24:17 ----A---- C:\Windows\system32\RtkPgExt.dll
2009-07-27 22:24:17 ----A---- C:\Windows\RtlUpd.exe
2009-07-27 22:24:17 ----A---- C:\Windows\RtHDVCpl.exe
2009-07-27 22:23:59 ----A---- C:\Windows\HideWin.exe
2009-07-27 22:02:55 ----D---- C:\Users\Shota\AppData\Roaming\HpUpdate
2009-07-27 22:01:51 ----D---- C:\Windows\Hewlett-Packard
2009-07-26 20:37:19 ----D---- C:\PerfLogs
2009-07-26 10:47:10 ----A---- C:\Windows\system32\mshtmled.dll
2009-07-26 10:47:09 ----A---- C:\Windows\system32\mshtmler.dll
2009-07-26 10:47:09 ----A---- C:\Windows\system32\icardie.dll
2009-07-26 10:47:09 ----A---- C:\Windows\system32\admparse.dll
2009-07-26 10:47:08 ----A---- C:\Windows\system32\msls31.dll
2009-07-26 10:47:08 ----A---- C:\Windows\system32\ieakeng.dll
2009-07-26 10:47:08 ----A---- C:\Windows\system32\corpol.dll
2009-07-26 10:47:07 ----A---- C:\Windows\system32\imgutil.dll
2009-07-26 10:47:07 ----A---- C:\Windows\system32\dxtrans.dll
2009-07-26 10:47:07 ----A---- C:\Windows\system32\dxtmsft.dll
2009-07-26 10:47:06 ----A---- C:\Windows\system32\webcheck.dll
2009-07-26 10:47:06 ----A---- C:\Windows\system32\msrating.dll
2009-07-26 10:47:06 ----A---- C:\Windows\system32\licmgr10.dll
2009-07-26 10:47:06 ----A---- C:\Windows\system32\inseng.dll
2009-07-26 10:47:06 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-26 10:47:05 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-07-26 10:47:05 ----A---- C:\Windows\system32\wextract.exe
2009-07-26 10:47:05 ----A---- C:\Windows\system32\pngfilt.dll
2009-07-26 10:47:05 ----A---- C:\Windows\system32\mstime.dll
2009-07-26 10:47:05 ----A---- C:\Windows\system32\ieakui.dll
2009-07-26 10:47:05 ----A---- C:\Windows\system32\advpack.dll
2009-07-26 10:47:04 ----A---- C:\Windows\system32\vbscript.dll
2009-07-26 10:47:04 ----A---- C:\Windows\system32\jscript.dll
2009-07-26 10:47:04 ----A---- C:\Windows\system32\ieapfltr.dll
2009-07-26 10:47:03 ----A---- C:\Windows\system32\url.dll
2009-07-26 10:47:01 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-07-26 10:47:01 ----A---- C:\Windows\system32\SetDepNx.exe
2009-07-26 10:47:01 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-07-26 10:47:01 ----A---- C:\Windows\system32\PDMSetup.exe
2009-07-26 10:47:01 ----A---- C:\Windows\system32\mshta.exe
2009-07-26 10:47:01 ----A---- C:\Windows\system32\iexpress.exe
2009-07-25 16:44:42 ----A---- C:\Windows\Active Setup Log.txt
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby LOL =) » August 19th, 2009, 12:00 am

2009-07-25 10:45:12 ----D---- C:\Program Files\Mozilla Firefox
2009-07-24 14:43:08 ----D---- C:\ProgramData\Applications
2009-07-23 23:10:02 ----A---- C:\Windows\system32\imagesp1.dll
2009-07-23 23:09:51 ----A---- C:\Windows\system32\sstpsvc.dll
2009-07-23 23:09:49 ----A---- C:\Windows\system32\winrscmd.dll
2009-07-23 23:09:31 ----A---- C:\Windows\system32\xpssvcs.dll
2009-07-23 23:09:20 ----A---- C:\Windows\system32\spwizimg.dll
2009-07-23 23:09:19 ----A---- C:\Windows\system32\lpremove.exe
2009-07-23 23:09:19 ----A---- C:\Windows\bfsvc.exe
2009-07-23 23:09:15 ----A---- C:\Windows\system32\recdisc.exe
2009-07-23 23:09:14 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2009-07-23 23:09:10 ----A---- C:\Windows\system32\msvbvm60.dll
2009-07-23 23:09:05 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2009-07-23 23:09:04 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-23 23:09:01 ----A---- C:\Windows\system32\SSShim.dll
2009-07-23 23:09:00 ----A---- C:\Windows\system32\nlmgp.dll
2009-07-23 23:09:00 ----A---- C:\Windows\system32\DfsShlEx.dll
2009-07-23 23:08:58 ----A---- C:\Windows\system32\clusapi.dll
2009-07-23 23:08:55 ----A---- C:\Windows\system32\winrsmgr.dll
2009-07-23 23:08:54 ----A---- C:\Windows\system32\vdsbas.dll
2009-07-23 23:08:53 ----A---- C:\Windows\system32\comctl32.dll
2009-07-23 23:08:51 ----A---- C:\Windows\system32\XPSSHHDR.dll
2009-07-23 23:08:51 ----A---- C:\Windows\system32\msdtckrm.dll
2009-07-23 23:08:50 ----A---- C:\Windows\system32\sbe.dll
2009-07-23 23:08:49 ----A---- C:\Windows\system32\wecutil.exe
2009-07-23 23:08:49 ----A---- C:\Windows\system32\sdengin2.dll
2009-07-23 23:08:48 ----A---- C:\Windows\system32\gacinstall.dll
2009-07-23 23:08:48 ----A---- C:\Windows\system32\cmipnpinstall.dll
2009-07-23 23:08:48 ----A---- C:\Windows\system32\cmicryptinstall.dll
2009-07-23 23:08:46 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2009-07-23 23:08:44 ----A---- C:\Windows\system32\sqlceqp30.dll
2009-07-23 23:08:44 ----A---- C:\Windows\system32\lsm.exe
2009-07-23 23:08:44 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-07-23 23:08:43 ----A---- C:\Windows\system32\wecsvc.dll
2009-07-23 23:08:41 ----A---- C:\Windows\system32\thumbcache.dll
2009-07-23 23:08:39 ----A---- C:\Windows\system32\d3d10_1.dll
2009-07-23 23:08:38 ----A---- C:\Windows\system32\authfwcfg.dll
2009-07-23 23:08:37 ----A---- C:\Windows\system32\dmvdsitf.dll
2009-07-23 23:08:37 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-07-23 23:08:35 ----A---- C:\Windows\system32\wevtfwd.dll
2009-07-23 23:08:35 ----A---- C:\Windows\system32\uexfat.dll
2009-07-23 23:08:33 ----A---- C:\Windows\system32\sqlcese30.dll
2009-07-23 23:08:33 ----A---- C:\Windows\system32\DfrgNtfs.exe
2009-07-23 23:08:32 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-07-23 23:08:23 ----A---- C:\Windows\system32\mssha.dll
2009-07-23 23:08:22 ----A---- C:\Windows\system32\WsmAuto.dll
2009-07-23 23:08:22 ----A---- C:\Windows\system32\nlasvc.dll
2009-07-23 23:08:22 ----A---- C:\Windows\system32\dfrgui.exe
2009-07-23 23:08:20 ----A---- C:\Windows\system32\wmdrmdev.dll
2009-07-23 23:08:19 ----A---- C:\Windows\system32\WsmWmiPl.dll
2009-07-23 23:08:19 ----A---- C:\Windows\system32\ddraw.dll
2009-07-23 23:08:18 ----A---- C:\Windows\system32\objsel.dll
2009-07-23 23:08:17 ----A---- C:\Windows\system32\QAGENT.DLL
2009-07-23 23:08:17 ----A---- C:\Windows\system32\dbghelp.dll
2009-07-23 23:08:15 ----A---- C:\Windows\system32\wmdrmnet.dll
2009-07-23 23:08:15 ----A---- C:\Windows\system32\icm32.dll
2009-07-23 23:08:14 ----A---- C:\Windows\system32\iprtrmgr.dll
2009-07-23 23:08:10 ----A---- C:\Windows\system32\bcdedit.exe
2009-07-23 23:08:09 ----A---- C:\Windows\system32\taskschd.dll
2009-07-23 23:08:08 ----A---- C:\Windows\system32\netprofm.dll
2009-07-23 23:08:08 ----A---- C:\Windows\system32\AudioEng.dll
2009-07-23 23:08:07 ----A---- C:\Windows\system32\winsta.dll
2009-07-23 23:08:07 ----A---- C:\Windows\system32\netcfgx.dll
2009-07-23 23:08:07 ----A---- C:\Windows\system32\hcrstco.dll
2009-07-23 23:08:06 ----A---- C:\Windows\system32\cdosys.dll
2009-07-23 23:08:05 ----A---- C:\Windows\system32\lpksetup.exe
2009-07-23 23:08:04 ----A---- C:\Windows\system32\wlansec.dll
2009-07-23 23:08:04 ----A---- C:\Windows\system32\msdtcuiu.dll
2009-07-23 23:08:03 ----A---- C:\Windows\system32\mprddm.dll
2009-07-23 23:08:02 ----A---- C:\Windows\system32\eapsvc.dll
2009-07-23 23:08:02 ----A---- C:\Windows\system32\AUDIOKSE.dll
2009-07-23 23:08:01 ----A---- C:\Windows\system32\bcdsrv.dll
2009-07-23 23:07:59 ----A---- C:\Windows\system32\msidcrl30.dll
2009-07-23 23:07:58 ----A---- C:\Windows\system32\WMVDECOD.DLL
2009-07-23 23:07:57 ----A---- C:\Windows\system32\pla.dll
2009-07-23 23:07:56 ----A---- C:\Windows\system32\dxgi.dll
2009-07-23 23:07:56 ----A---- C:\Windows\system32\dot3gpui.dll
2009-07-23 23:07:54 ----A---- C:\Windows\system32\cryptnet.dll
2009-07-23 23:07:54 ----A---- C:\Windows\system32\comsnap.dll
2009-07-23 23:07:52 ----A---- C:\Windows\system32\synceng.dll
2009-07-23 23:07:52 ----A---- C:\Windows\system32\cmifw.dll
2009-07-23 23:07:51 ----A---- C:\Windows\system32\msconfig.exe
2009-07-23 23:07:49 ----A---- C:\Windows\system32\tdh.dll
2009-07-23 23:07:48 ----A---- C:\Windows\system32\uxtheme.dll
2009-07-23 23:07:48 ----A---- C:\Windows\system32\SessEnv.dll
2009-07-23 23:07:48 ----A---- C:\Windows\system32\dot3api.dll
2009-07-23 23:07:48 ----A---- C:\Windows\system32\dmdskmgr.dll
2009-07-23 23:07:47 ----A---- C:\Windows\system32\cmd.exe
2009-07-23 23:07:47 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2009-07-23 23:07:46 ----A---- C:\Windows\system32\WUDFx.dll
2009-07-23 23:07:46 ----A---- C:\Windows\system32\wlancfg.dll
2009-07-23 23:07:46 ----A---- C:\Windows\system32\loadperf.dll
2009-07-23 23:07:45 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2009-07-23 23:07:45 ----A---- C:\Windows\system32\comres.dll
2009-07-23 23:07:44 ----A---- C:\Windows\system32\rstrui.exe
2009-07-23 23:07:44 ----A---- C:\Windows\system32\rdpdd.dll
2009-07-23 23:07:44 ----A---- C:\Windows\system32\localsec.dll
2009-07-23 23:07:43 ----A---- C:\Windows\system32\wlanapi.dll
2009-07-23 23:07:43 ----A---- C:\Windows\system32\WinSATAPI.dll
2009-07-23 23:07:43 ----A---- C:\Windows\system32\hnetcfg.dll
2009-07-23 23:07:42 ----A---- C:\Windows\system32\wsqmcons.exe
2009-07-23 23:07:42 ----A---- C:\Windows\system32\WMADMOD.DLL
2009-07-23 23:07:42 ----A---- C:\Windows\system32\NAPMONTR.DLL
2009-07-23 23:07:41 ----A---- C:\Windows\system32\RDPENCDD.dll
2009-07-23 23:07:41 ----A---- C:\Windows\system32\profprov.dll
2009-07-23 23:07:41 ----A---- C:\Windows\system32\filemgmt.dll
2009-07-23 23:07:40 ----A---- C:\Windows\system32\wsecedit.dll
2009-07-23 23:07:40 ----A---- C:\Windows\system32\tracerpt.exe
2009-07-23 23:07:40 ----A---- C:\Windows\system32\MuiUnattend.exe
2009-07-23 23:07:39 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-07-23 23:07:39 ----A---- C:\Windows\system32\dwmredir.dll
2009-07-23 23:07:38 ----A---- C:\Windows\system32\wininit.exe
2009-07-23 23:07:38 ----A---- C:\Windows\system32\QSHVHOST.DLL
2009-07-23 23:07:37 ----A---- C:\Windows\system32\azroleui.dll
2009-07-23 23:07:36 ----A---- C:\Windows\system32\mcbuilder.exe
2009-07-23 23:07:36 ----A---- C:\Windows\system32\iashost.exe
2009-07-23 23:07:36 ----A---- C:\Windows\HelpPane.exe
2009-07-23 23:07:35 ----A---- C:\Windows\system32\srrstr.dll
2009-07-23 23:07:35 ----A---- C:\Windows\system32\spwizeng.dll
2009-07-23 23:07:34 ----A---- C:\Windows\system32\wecapi.dll
2009-07-23 23:07:34 ----A---- C:\Windows\system32\unbcl.dll
2009-07-23 23:07:34 ----A---- C:\Windows\system32\msra.exe
2009-07-23 23:07:34 ----A---- C:\Windows\system32\lltdsvc.dll
2009-07-23 23:07:33 ----A---- C:\Windows\system32\shrink.dll
2009-07-23 23:07:32 ----A---- C:\Windows\system32\WMPEncEn.dll
2009-07-23 23:07:32 ----A---- C:\Windows\system32\oleacc.dll
2009-07-23 23:07:31 ----A---- C:\Windows\system32\msdri.dll
2009-07-23 23:07:30 ----A---- C:\Windows\system32\framedynos.dll
2009-07-23 23:07:29 ----A---- C:\Windows\system32\ntvdm.exe
2009-07-23 23:07:28 ----A---- C:\Windows\system32\vsstrace.dll
2009-07-23 23:07:28 ----A---- C:\Windows\system32\ntlanman.dll
2009-07-23 23:07:27 ----A---- C:\Windows\system32\wpdshext.dll
2009-07-23 23:07:26 ----A---- C:\Windows\system32\netman.dll
2009-07-23 23:07:26 ----A---- C:\Windows\system32\framedyn.dll
2009-07-23 23:07:26 ----A---- C:\Windows\system32\dssenh.dll
2009-07-23 23:07:25 ----A---- C:\Windows\system32\WlanMM.dll
2009-07-23 23:07:25 ----A---- C:\Windows\system32\adsnt.dll
2009-07-23 23:07:24 ----A---- C:\Windows\system32\WLanConn.dll
2009-07-23 23:07:24 ----A---- C:\Windows\system32\sxs.dll
2009-07-23 23:07:24 ----A---- C:\Windows\system32\KMSVC.DLL
2009-07-23 23:07:23 ----A---- C:\Windows\system32\WsmProv.dll
2009-07-23 23:07:23 ----A---- C:\Windows\system32\ncsi.dll
2009-07-23 23:07:23 ----A---- C:\Windows\system32\IPBusEnum.dll
2009-07-23 23:07:22 ----A---- C:\Windows\system32\WUDFHost.exe
2009-07-23 23:07:22 ----A---- C:\Windows\system32\VAN.dll
2009-07-23 23:07:22 ----A---- C:\Windows\system32\umb.dll
2009-07-23 23:07:21 ----A---- C:\Windows\system32\catsrvut.dll
2009-07-23 23:07:20 ----A---- C:\Windows\system32\puiobj.dll
2009-07-23 23:07:20 ----A---- C:\Windows\system32\netid.dll
2009-07-23 23:07:19 ----A---- C:\Windows\system32\MdSched.exe
2009-07-23 23:07:19 ----A---- C:\Windows\system32\dps.dll
2009-07-23 23:07:17 ----A---- C:\Windows\system32\ws2_32.dll
2009-07-23 23:07:17 ----A---- C:\Windows\system32\winrs.exe
2009-07-23 23:07:17 ----A---- C:\Windows\system32\spbcd.dll
2009-07-23 23:07:17 ----A---- C:\Windows\system32\setbcdlocale.dll
2009-07-23 23:07:17 ----A---- C:\Windows\system32\odbcjt32.dll
2009-07-23 23:07:17 ----A---- C:\Windows\system32\ntdsapi.dll
2009-07-23 23:07:17 ----A---- C:\Windows\system32\NAPSTAT.EXE
2009-07-23 23:07:14 ----A---- C:\Windows\system32\schtasks.exe
2009-07-23 23:07:13 ----A---- C:\Windows\system32\netdiagfx.dll
2009-07-23 23:07:13 ----A---- C:\Windows\system32\dmdlgs.dll
2009-07-23 23:07:13 ----A---- C:\Windows\system32\dhcpsapi.dll
2009-07-23 23:07:13 ----A---- C:\Windows\system32\catsrv.dll
2009-07-23 23:07:13 ----A---- C:\Windows\system32\activeds.dll
2009-07-23 23:07:12 ----A---- C:\Windows\system32\TSpkg.dll
2009-07-23 23:07:12 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2009-07-23 23:07:12 ----A---- C:\Windows\system32\dfrgfat.exe
2009-07-23 23:07:11 ----A---- C:\Windows\system32\wvc.dll
2009-07-23 23:07:11 ----A---- C:\Windows\system32\winrm.vbs
2009-07-23 23:07:11 ----A---- C:\Windows\system32\qwave.dll
2009-07-23 23:07:10 ----A---- C:\Windows\system32\netcorehc.dll
2009-07-23 23:07:10 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2009-07-23 23:07:09 ----A---- C:\Windows\system32\NAPHLPR.DLL
2009-07-23 23:07:09 ----A---- C:\Windows\system32\msacm32.dll
2009-07-23 23:07:08 ----A---- C:\Windows\system32\adsldp.dll
2009-07-23 23:07:07 ----A---- C:\Windows\system32\ntshrui.dll
2009-07-23 23:07:07 ----A---- C:\Windows\system32\msdt.dll
2009-07-23 23:07:07 ----A---- C:\Windows\system32\els.dll
2009-07-23 23:07:06 ----A---- C:\Windows\system32\QUTIL.DLL
2009-07-23 23:07:06 ----A---- C:\Windows\system32\clbcatq.dll
2009-07-23 23:07:05 ----A---- C:\Windows\system32\sdrsvc.dll
2009-07-23 23:07:05 ----A---- C:\Windows\system32\net1.exe
2009-07-23 23:07:05 ----A---- C:\Windows\system32\ipnathlp.dll
2009-07-23 23:07:03 ----A---- C:\Windows\system32\upnphost.dll
2009-07-23 23:07:03 ----A---- C:\Windows\system32\nci.dll
2009-07-23 23:07:03 ----A---- C:\Windows\system32\mprmsg.dll
2009-07-23 23:07:03 ----A---- C:\Windows\system32\Defrag.exe
2009-07-23 23:07:02 ----A---- C:\Windows\system32\rasman.dll
2009-07-23 23:07:02 ----A---- C:\Windows\system32\P2P.dll
2009-07-23 23:07:02 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2009-07-23 23:07:01 ----A---- C:\Windows\system32\rascfg.dll
2009-07-23 23:07:01 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2009-07-23 23:07:01 ----A---- C:\Windows\system32\fde.dll
2009-07-23 23:07:01 ----A---- C:\Windows\system32\CompatUI.dll
2009-07-23 23:07:00 ----A---- C:\Windows\system32\loghours.dll
2009-07-23 23:07:00 ----A---- C:\Windows\system32\L2SecHC.dll
2009-07-23 23:06:59 ----A---- C:\Windows\system32\Wpc.dll
2009-07-23 23:06:59 ----A---- C:\Windows\system32\MigAutoPlay.exe
2009-07-23 23:06:59 ----A---- C:\Windows\system32\dxdiag.exe
2009-07-23 23:06:59 ----A---- C:\Windows\system32\DFDWiz.exe
2009-07-23 23:06:58 ----A---- C:\Windows\system32\setupcl.exe
2009-07-23 23:06:58 ----A---- C:\Windows\system32\mprdim.dll
2009-07-23 23:06:57 ----A---- C:\Windows\system32\rtm.dll
2009-07-23 23:06:56 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2009-07-23 23:06:54 ----A---- C:\Windows\system32\ifsutil.dll
2009-07-23 23:06:54 ----A---- C:\Windows\system32\actxprxy.dll
2009-07-23 23:06:53 ----A---- C:\Windows\system32\wdi.dll
2009-07-23 23:06:53 ----A---- C:\Windows\system32\mswmdm.dll
2009-07-23 23:06:52 ----A---- C:\Windows\system32\usbmon.dll
2009-07-23 23:06:52 ----A---- C:\Windows\system32\imagehlp.dll
2009-07-23 23:06:52 ----A---- C:\Windows\system32\BOOTVID.DLL
2009-07-23 23:06:51 ----A---- C:\Windows\system32\wlandlg.dll
2009-07-23 23:06:51 ----A---- C:\Windows\system32\vssadmin.exe
2009-07-23 23:06:51 ----A---- C:\Windows\system32\uudf.dll
2009-07-23 23:06:51 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-07-23 23:06:51 ----A---- C:\Windows\system32\mycomput.dll
2009-07-23 23:06:49 ----A---- C:\Windows\system32\mspaint.exe
2009-07-23 23:06:48 ----A---- C:\Windows\system32\termmgr.dll
2009-07-23 23:06:48 ----A---- C:\Windows\system32\ssdpsrv.dll
2009-07-23 23:06:48 ----A---- C:\Windows\system32\mstask.dll
2009-07-23 23:06:47 ----A---- C:\Windows\system32\mtxoci.dll
2009-07-23 23:06:47 ----A---- C:\Windows\system32\duser.dll
2009-07-23 23:06:46 ----A---- C:\Windows\system32\Robocopy.exe
2009-07-23 23:06:46 ----A---- C:\Windows\system32\cic.dll
2009-07-23 23:06:46 ----A---- C:\Windows\system32\AzSqlExt.dll
2009-07-23 23:06:43 ----A---- C:\Windows\system32\WUDFPlatform.dll
2009-07-23 23:06:43 ----A---- C:\Windows\system32\verifier.exe
2009-07-23 23:06:43 ----A---- C:\Windows\system32\sdshext.dll
2009-07-23 23:06:43 ----A---- C:\Windows\system32\msdtclog.dll
2009-07-23 23:06:43 ----A---- C:\Windows\system32\msdt.exe
2009-07-23 23:06:42 ----A---- C:\Windows\system32\d3d8.dll
2009-07-23 23:06:41 ----A---- C:\Windows\system32\wintrust.dll
2009-07-23 23:06:41 ----A---- C:\Windows\system32\vdsldr.exe
2009-07-23 23:06:41 ----A---- C:\Windows\system32\oledlg.dll
2009-07-23 23:06:41 ----A---- C:\Windows\system32\clfsw32.dll
2009-07-23 23:06:40 ----A---- C:\Windows\system32\mmcbase.dll
2009-07-23 23:06:39 ----A---- C:\Windows\system32\rasqec.dll
2009-07-23 23:06:39 ----A---- C:\Windows\system32\ncobjapi.dll
2009-07-23 23:06:39 ----A---- C:\Windows\system32\msaatext.dll
2009-07-23 23:06:39 ----A---- C:\Windows\system32\mlang.dll
2009-07-23 23:06:39 ----A---- C:\Windows\system32\icfupgd.dll
2009-07-23 23:06:38 ----A---- C:\Windows\system32\wpd_ci.dll
2009-07-23 23:06:37 ----A---- C:\Windows\system32\wtsapi32.dll
2009-07-23 23:06:37 ----A---- C:\Windows\system32\unlodctr.exe
2009-07-23 23:06:37 ----A---- C:\Windows\system32\syssetup.dll
2009-07-23 23:06:37 ----A---- C:\Windows\system32\lodctr.exe
2009-07-23 23:06:33 ----A---- C:\Windows\system32\dxdiagn.dll
2009-07-23 23:06:32 ----A---- C:\Windows\system32\Mcx2Svc.dll
2009-07-23 23:06:32 ----A---- C:\Windows\system32\cabinet.dll
2009-07-23 23:06:31 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2009-07-23 23:06:31 ----A---- C:\Windows\system32\unattend.dll
2009-07-23 23:06:31 ----A---- C:\Windows\system32\trkwks.dll
2009-07-23 23:06:31 ----A---- C:\Windows\system32\lnkstub.exe
2009-07-23 23:06:30 ----A---- C:\Windows\system32\wermgr.exe
2009-07-23 23:06:30 ----A---- C:\Windows\system32\ogldrv.dll
2009-07-23 23:06:30 ----A---- C:\Windows\system32\cabview.dll
2009-07-23 23:06:29 ----A---- C:\Windows\system32\dfdts.dll
2009-07-23 23:06:27 ----A---- C:\Windows\system32\sdspres.dll
2009-07-23 23:06:27 ----A---- C:\Windows\system32\p2pcollab.dll
2009-07-23 23:06:27 ----A---- C:\Windows\system32\basesrv.dll
2009-07-23 23:06:26 ----A---- C:\Windows\system32\dispdiag.exe
2009-07-23 23:06:26 ----A---- C:\Windows\system32\DHCPQEC.DLL
2009-07-23 23:06:24 ----A---- C:\Windows\system32\mmcss.dll
2009-07-23 23:06:24 ----A---- C:\Windows\system32\dsquery.dll
2009-07-23 23:06:23 ----A---- C:\Windows\system32\verifier.dll
2009-07-23 23:06:23 ----A---- C:\Windows\system32\RstrtMgr.dll
2009-07-23 23:06:22 ----A---- C:\Windows\system32\efsadu.dll
2009-07-23 23:06:21 ----A---- C:\Windows\system32\wercplsupport.dll
2009-07-23 23:06:20 ----A---- C:\Windows\system32\WPDSp.dll
2009-07-23 23:06:20 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-07-23 23:06:20 ----A---- C:\Windows\system32\msoeacct.dll
2009-07-23 23:06:20 ----A---- C:\Windows\system32\d3d10core.dll
2009-07-23 23:06:19 ----A---- C:\Windows\system32\wiascanprofiles.dll
2009-07-23 23:06:19 ----A---- C:\Windows\system32\setupugc.exe
2009-07-23 23:06:19 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2009-07-23 23:06:19 ----A---- C:\Windows\system32\pnrpnsp.dll
2009-07-23 23:06:19 ----A---- C:\Windows\system32\iscsiexe.dll
2009-07-23 23:06:19 ----A---- C:\Windows\system32\icacls.exe
2009-07-23 23:06:19 ----A---- C:\Windows\system32\consent.exe
2009-07-23 23:06:18 ----A---- C:\Windows\system32\p2pnetsh.dll
2009-07-23 23:06:18 ----A---- C:\Windows\system32\msdmo.dll
2009-07-23 23:06:17 ----A---- C:\Windows\system32\xactsrv.dll
2009-07-23 23:06:17 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2009-07-23 23:06:17 ----A---- C:\Windows\system32\msrdc.dll
2009-07-23 23:06:16 ----A---- C:\Windows\system32\systeminfo.exe
2009-07-23 23:06:16 ----A---- C:\Windows\system32\pcadm.dll
2009-07-23 23:06:16 ----A---- C:\Windows\system32\eappprxy.dll
2009-07-23 23:06:15 ----A---- C:\Windows\system32\xwizards.dll
2009-07-23 23:06:15 ----A---- C:\Windows\system32\netcfg.exe
2009-07-23 23:06:15 ----A---- C:\Windows\system32\cmdl32.exe
2009-07-23 23:06:14 ----A---- C:\Windows\system32\resutils.dll
2009-07-23 23:06:14 ----A---- C:\Windows\system32\DWWIN.EXE
2009-07-23 23:06:14 ----A---- C:\Windows\system32\alg.exe
2009-07-23 23:06:13 ----A---- C:\Windows\system32\netprof.dll
2009-07-23 23:06:13 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2009-07-23 23:06:13 ----A---- C:\Windows\system32\dssec.dll
2009-07-23 23:06:13 ----A---- C:\Windows\system32\dot3ui.dll
2009-07-23 23:06:13 ----A---- C:\Windows\system32\dfrgifc.exe
2009-07-23 23:06:13 ----A---- C:\Windows\system32\dbnetlib.dll
2009-07-23 23:06:12 ----A---- C:\Windows\regedit.exe
2009-07-23 23:06:11 ----A---- C:\Windows\system32\txflog.dll
2009-07-23 23:06:11 ----A---- C:\Windows\system32\nshhttp.dll
2009-07-23 23:06:11 ----A---- C:\Windows\system32\btpanui.dll
2009-07-23 23:06:11 ----A---- C:\Windows\system32\apircl.dll
2009-07-23 23:06:10 ----A---- C:\Windows\system32\tbssvc.dll
2009-07-23 23:06:10 ----A---- C:\Windows\system32\taskkill.exe
2009-07-23 23:06:10 ----A---- C:\Windows\system32\msieftp.dll
2009-07-23 23:06:10 ----A---- C:\Windows\system32\dxva2.dll
2009-07-23 23:06:10 ----A---- C:\Windows\system32\dwmapi.dll
2009-07-23 23:06:10 ----A---- C:\Windows\system32\bcdprov.dll
2009-07-23 23:06:10 ----A---- C:\Windows\system32\ActionQueue.dll
2009-07-23 23:06:09 ----A---- C:\Windows\system32\RASMM.dll
2009-07-23 23:06:09 ----A---- C:\Windows\system32\provthrd.dll
2009-07-23 23:06:09 ----A---- C:\Windows\system32\d3d10.dll
2009-07-23 23:06:08 ----A---- C:\Windows\system32\syncui.dll
2009-07-23 23:06:08 ----A---- C:\Windows\system32\svchost.exe
2009-07-23 23:06:08 ----A---- C:\Windows\system32\EAPQEC.DLL
2009-07-23 23:06:08 ----A---- C:\Windows\system32\dmocx.dll
2009-07-23 23:06:06 ----A---- C:\Windows\system32\WMASF.DLL
2009-07-23 23:06:06 ----A---- C:\Windows\system32\raserver.exe
2009-07-23 23:06:06 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-07-23 23:06:06 ----A---- C:\Windows\system32\aclui.dll
2009-07-23 23:06:05 ----A---- C:\Windows\system32\xcopy.exe
2009-07-23 23:06:05 ----A---- C:\Windows\system32\UIHub.dll
2009-07-23 23:06:05 ----A---- C:\Windows\system32\taskmgr.exe
2009-07-23 23:06:05 ----A---- C:\Windows\system32\ias.dll
2009-07-23 23:06:05 ----A---- C:\Windows\system32\brcplsdw.dll
2009-07-23 23:06:05 ----A---- C:\Windows\system32\audiodev.dll
2009-07-23 23:06:04 ----A---- C:\Windows\system32\upnp.dll
2009-07-23 23:06:04 ----A---- C:\Windows\system32\QCLIPROV.DLL
2009-07-23 23:06:04 ----A---- C:\Windows\system32\icsfiltr.dll
2009-07-23 23:06:04 ----A---- C:\Windows\system32\cmstp.exe
2009-07-23 23:06:04 ----A---- C:\Windows\system32\appinfo.dll
2009-07-23 23:06:03 ----A---- C:\Windows\system32\wlanext.exe
2009-07-23 23:06:03 ----A---- C:\Windows\system32\NapiNSP.dll
2009-07-23 23:06:03 ----A---- C:\Windows\system32\msoert2.dll
2009-07-23 23:06:03 ----A---- C:\Windows\system32\mountvol.exe
2009-07-23 23:06:03 ----A---- C:\Windows\system32\mmcshext.dll
2009-07-23 23:06:03 ----A---- C:\Windows\system32\browser.dll
2009-07-23 23:06:02 ----A---- C:\Windows\system32\perfts.dll
2009-07-23 23:06:02 ----A---- C:\Windows\system32\inetmib1.dll
2009-07-23 23:06:02 ----A---- C:\Windows\system32\dskquoui.dll
2009-07-23 23:06:02 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2009-07-23 23:06:01 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2009-07-23 23:06:01 ----A---- C:\Windows\system32\SoundRecorder.exe
2009-07-23 23:06:01 ----A---- C:\Windows\system32\PING.EXE
2009-07-23 23:06:01 ----A---- C:\Windows\system32\httpapi.dll
2009-07-23 23:06:01 ----A---- C:\Windows\system32\cewmdm.dll
2009-07-23 23:06:01 ----A---- C:\Windows\system32\bitsadmin.exe
2009-07-23 23:06:00 ----A---- C:\Windows\system32\SysFxUI.dll
2009-07-23 23:06:00 ----A---- C:\Windows\system32\qcap.dll
2009-07-23 23:06:00 ----A---- C:\Windows\system32\qasf.dll
2009-07-23 23:06:00 ----A---- C:\Windows\system32\dsuiext.dll
2009-07-23 23:05:59 ----A---- C:\Windows\system32\WUDFSvc.dll
2009-07-23 23:05:59 ----A---- C:\Windows\system32\wmpsrcwp.dll
2009-07-23 23:05:59 ----A---- C:\Windows\system32\SecEdit.exe
2009-07-23 23:05:59 ----A---- C:\Windows\system32\mtstocom.exe
2009-07-23 23:05:59 ----A---- C:\Windows\system32\auditpol.exe
2009-07-23 23:05:58 ----A---- C:\Windows\system32\WMVSENCD.DLL
2009-07-23 23:05:58 ----A---- C:\Windows\system32\Sens.dll
2009-07-23 23:05:58 ----A---- C:\Windows\system32\makecab.exe
2009-07-23 23:05:58 ----A---- C:\Windows\system32\lsmproxy.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\xwtpw32.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\sppnp.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\shimgvw.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\seclogon.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\sbeio.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\ndfapi.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\msdadiag.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\dot3gpclnt.dll
2009-07-23 23:05:57 ----A---- C:\Windows\system32\batt.dll
2009-07-23 23:05:56 ----A---- C:\Windows\system32\wzcdlg.dll
2009-07-23 23:05:56 ----A---- C:\Windows\system32\wscmisetup.dll
2009-07-23 23:05:56 ----A---- C:\Windows\system32\wiashext.dll
2009-07-23 23:05:56 ----A---- C:\Windows\system32\wiadefui.dll
2009-07-23 23:05:56 ----A---- C:\Windows\system32\shacct.dll
2009-07-23 23:05:56 ----A---- C:\Windows\system32\msorcl32.dll
2009-07-23 23:05:56 ----A---- C:\Windows\system32\apss.dll
2009-07-23 23:05:55 ----A---- C:\Windows\system32\wpdwcn.dll
2009-07-23 23:05:55 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2009-07-23 23:05:55 ----A---- C:\Windows\system32\userinit.exe
2009-07-23 23:05:55 ----A---- C:\Windows\system32\perfmon.exe
2009-07-23 23:05:55 ----A---- C:\Windows\system32\p2phost.exe
2009-07-23 23:05:55 ----A---- C:\Windows\system32\napipsec.dll
2009-07-23 23:05:54 ----A---- C:\Windows\system32\winrshost.exe
2009-07-23 23:05:54 ----A---- C:\Windows\system32\tasklist.exe
2009-07-23 23:05:54 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2009-07-23 23:05:54 ----A---- C:\Windows\system32\sxstrace.exe
2009-07-23 23:05:54 ----A---- C:\Windows\system32\prntvpt.dll
2009-07-23 23:05:54 ----A---- C:\Windows\system32\ktmutil.exe
2009-07-23 23:05:54 ----A---- C:\Windows\system32\keymgr.dll
2009-07-23 23:05:54 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2009-07-23 23:05:54 ----A---- C:\Windows\system32\csrsrv.dll
2009-07-23 23:05:53 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-07-23 23:05:53 ----A---- C:\Windows\system32\notepad.exe
2009-07-23 23:05:53 ----A---- C:\Windows\system32\MP4SDECD.DLL
2009-07-23 23:05:53 ----A---- C:\Windows\system32\fmifs.dll
2009-07-23 23:05:53 ----A---- C:\Windows\system32\d3dim700.dll
2009-07-23 23:05:53 ----A---- C:\Windows\system32\colorui.dll
2009-07-23 23:05:53 ----A---- C:\Windows\notepad.exe
2009-07-23 23:05:52 ----A---- C:\Windows\system32\netiougc.exe
2009-07-23 23:05:51 ----A---- C:\Windows\system32\wscproxystub.dll
2009-07-23 23:05:51 ----A---- C:\Windows\system32\winethc.dll
2009-07-23 23:05:51 ----A---- C:\Windows\system32\takeown.exe
2009-07-23 23:05:51 ----A---- C:\Windows\system32\pcasvc.dll
2009-07-23 23:05:51 ----A---- C:\Windows\system32\nshipsec.dll
2009-07-23 23:05:51 ----A---- C:\Windows\system32\driverquery.exe
2009-07-23 23:05:51 ----A---- C:\Windows\system32\cryptdll.dll
2009-07-23 23:05:50 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-07-23 23:05:50 ----A---- C:\Windows\system32\wmiprop.dll
2009-07-23 23:05:50 ----A---- C:\Windows\system32\txfw32.dll
2009-07-23 23:05:50 ----A---- C:\Windows\system32\pots.dll
2009-07-23 23:05:50 ----A---- C:\Windows\system32\findnetprinters.dll
2009-07-23 23:05:49 ----A---- C:\Windows\system32\shrpubw.exe
2009-07-23 23:05:49 ----A---- C:\Windows\system32\fsutil.exe
2009-07-23 23:05:49 ----A---- C:\Windows\system32\dnshc.dll
2009-07-23 23:05:49 ----A---- C:\Windows\system32\capisp.dll
2009-07-23 23:05:48 ----A---- C:\Windows\system32\sfc_os.dll
2009-07-23 23:05:48 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2009-07-23 23:05:48 ----A---- C:\Windows\system32\perfnet.dll
2009-07-23 23:05:48 ----A---- C:\Windows\system32\olecli32.dll
2009-07-23 23:05:48 ----A---- C:\Windows\system32\nsisvc.dll
2009-07-23 23:05:48 ----A---- C:\Windows\system32\luainstall.dll
2009-07-23 23:05:47 ----A---- C:\Windows\system32\WLanHC.dll
2009-07-23 23:05:47 ----A---- C:\Windows\system32\TMM.dll
2009-07-23 23:05:47 ----A---- C:\Windows\system32\shgina.dll
2009-07-23 23:05:47 ----A---- C:\Windows\system32\rshx32.dll
2009-07-23 23:05:47 ----A---- C:\Windows\system32\RpcPing.exe
2009-07-23 23:05:47 ----A---- C:\Windows\system32\ktmw32.dll
2009-07-23 23:05:47 ----A---- C:\Windows\system32\fdPHost.dll
2009-07-23 23:05:46 ----A---- C:\Windows\system32\WMADMOE.DLL
2009-07-23 23:05:46 ----A---- C:\Windows\system32\wiaacmgr.exe
2009-07-23 23:05:46 ----A---- C:\Windows\system32\runonce.exe
2009-07-23 23:05:46 ----A---- C:\Windows\system32\dimsjob.dll
2009-07-23 23:05:46 ----A---- C:\Windows\system32\d3dim.dll
2009-07-23 23:05:46 ----A---- C:\Windows\system32\compstui.dll
2009-07-23 23:05:45 ----A---- C:\Windows\system32\unregmp2.exe
2009-07-23 23:05:45 ----A---- C:\Windows\system32\UI0Detect.exe
2009-07-23 23:05:45 ----A---- C:\Windows\system32\mdminst.dll
2009-07-23 23:05:45 ----A---- C:\Windows\system32\getmac.exe
2009-07-23 23:05:45 ----A---- C:\Windows\system32\cmlua.dll
2009-07-23 23:05:44 ----A---- C:\Windows\system32\w32tm.exe
2009-07-23 23:05:44 ----A---- C:\Windows\system32\net.exe
2009-07-23 23:05:44 ----A---- C:\Windows\system32\msvfw32.dll
2009-07-23 23:05:44 ----A---- C:\Windows\system32\MPG4DECD.DLL
2009-07-23 23:05:44 ----A---- C:\Windows\system32\MP43DECD.DLL
2009-07-23 23:05:44 ----A---- C:\Windows\system32\dsauth.dll
2009-07-23 23:05:43 ----A---- C:\Windows\system32\wmpshell.dll
2009-07-23 23:05:43 ----A---- C:\Windows\system32\srdelayed.exe
2009-07-23 23:05:42 ----A---- C:\Windows\system32\sdchange.exe
2009-07-23 23:05:42 ----A---- C:\Windows\system32\pnpts.dll
2009-07-23 23:05:42 ----A---- C:\Windows\system32\migisol.dll
2009-07-23 23:05:42 ----A---- C:\Windows\system32\cmutil.dll
2009-07-23 23:05:42 ----A---- C:\Windows\system32\ACW.exe
2009-07-23 23:05:41 ----A---- C:\Windows\system32\sfc.exe
2009-07-23 23:05:41 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2009-07-23 23:05:41 ----A---- C:\Windows\system32\dispci.dll
2009-07-23 23:05:41 ----A---- C:\Windows\system32\diantz.exe
2009-07-23 23:05:41 ----A---- C:\Windows\system32\comrepl.dll
2009-07-23 23:05:40 ----A---- C:\Windows\system32\dinput8.dll
2009-07-23 23:05:39 ----A---- C:\Windows\system32\remotepg.dll
2009-07-23 23:05:39 ----A---- C:\Windows\system32\nlaapi.dll
2009-07-23 23:05:39 ----A---- C:\Windows\system32\EncDump.dll
2009-07-23 23:05:39 ----A---- C:\Windows\system32\cfgbkend.dll
2009-07-23 23:05:38 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-07-23 23:05:38 ----A---- C:\Windows\system32\wmidx.dll
2009-07-23 23:05:38 ----A---- C:\Windows\system32\vdmredir.dll
2009-07-23 23:05:38 ----A---- C:\Windows\system32\utildll.dll
2009-07-23 23:05:38 ----A---- C:\Windows\system32\TpmInit.exe
2009-07-23 23:05:38 ----A---- C:\Windows\system32\pdhui.dll
2009-07-23 23:05:38 ----A---- C:\Windows\system32\hlink.dll
2009-07-23 23:05:38 ----A---- C:\Windows\system32\fwcfg.dll
2009-07-23 23:05:38 ----A---- C:\Windows\system32\expand.exe
2009-07-23 23:05:38 ----A---- C:\Windows\system32\colbact.dll
2009-07-23 23:05:37 ----A---- C:\Windows\system32\wmvdspa.dll
2009-07-23 23:05:37 ----A---- C:\Windows\system32\sti_ci.dll
2009-07-23 23:05:37 ----A---- C:\Windows\system32\McxDriv.dll
2009-07-23 23:05:37 ----A---- C:\Windows\system32\bridgeunattend.exe
2009-07-23 23:05:37 ----A---- C:\Windows\system32\bootcfg.exe
2009-07-23 23:05:37 ----A---- C:\Windows\system32\amstream.dll
2009-07-23 23:05:36 ----A---- C:\Windows\system32\waitfor.exe
2009-07-23 23:05:36 ----A---- C:\Windows\system32\vds_ps.dll
2009-07-23 23:05:36 ----A---- C:\Windows\system32\tabcal.exe
2009-07-23 23:05:36 ----A---- C:\Windows\system32\rdrleakdiag.exe
2009-07-23 23:05:36 ----A---- C:\Windows\system32\qdv.dll
2009-07-23 23:05:36 ----A---- C:\Windows\system32\iscsium.dll
2009-07-23 23:05:36 ----A---- C:\Windows\system32\esentutl.exe
2009-07-23 23:05:36 ----A---- C:\Windows\system32\dpnet.dll
2009-07-23 23:05:36 ----A---- C:\Windows\system32\cmcfg32.dll
2009-07-23 23:05:35 ----A---- C:\Windows\system32\WsmCl.dll
2009-07-23 23:05:35 ----A---- C:\Windows\system32\wfapigp.dll
2009-07-23 23:05:35 ----A---- C:\Windows\system32\shutdown.exe
2009-07-23 23:05:35 ----A---- C:\Windows\system32\osblprov.dll
2009-07-23 23:05:35 ----A---- C:\Windows\system32\cacls.exe
2009-07-23 23:05:29 ----A---- C:\Windows\system32\wmpcm.dll
2009-07-23 23:05:29 ----A---- C:\Windows\system32\olesvr32.dll
2009-07-23 23:05:29 ----A---- C:\Windows\system32\msdtc.exe
2009-07-23 23:05:29 ----A---- C:\Windows\system32\DpiScaling.exe
2009-07-23 23:05:29 ----A---- C:\Windows\system32\COLORCNV.DLL
2009-07-23 23:05:28 ----A---- C:\Windows\system32\wpnpinst.exe
2009-07-23 23:05:28 ----A---- C:\Windows\system32\werdiagcontroller.dll
2009-07-23 23:05:28 ----A---- C:\Windows\system32\rasauto.dll
2009-07-23 23:05:28 ----A---- C:\Windows\system32\olethk32.dll
2009-07-23 23:05:28 ----A---- C:\Windows\system32\mfvdsp.dll
2009-07-23 23:05:28 ----A---- C:\Windows\system32\iscsiwmi.dll
2009-07-23 23:05:27 ----A---- C:\Windows\system32\wavemsp.dll
2009-07-23 23:05:27 ----A---- C:\Windows\system32\ufat.dll
2009-07-23 23:05:27 ----A---- C:\Windows\system32\sxproxy.dll
2009-07-23 23:05:27 ----A---- C:\Windows\system32\at.exe
2009-07-23 23:05:26 ----A---- C:\Windows\system32\xmlprovi.dll
2009-07-23 23:05:26 ----A---- C:\Windows\system32\ucsvc.exe
2009-07-23 23:05:26 ----A---- C:\Windows\system32\rgb9rast.dll
2009-07-23 23:05:26 ----A---- C:\Windows\system32\RegCtrl.dll
2009-07-23 23:05:26 ----A---- C:\Windows\system32\odbctrac.dll
2009-07-23 23:05:26 ----A---- C:\Windows\system32\itss.dll
2009-07-23 23:05:26 ----A---- C:\Windows\system32\convert.exe
2009-07-23 23:05:25 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2009-07-23 23:05:25 ----A---- C:\Windows\system32\prevhost.exe
2009-07-23 23:05:25 ----A---- C:\Windows\system32\mobsync.exe
2009-07-23 23:05:24 ----A---- C:\Windows\system32\tbs.dll
2009-07-23 23:05:24 ----A---- C:\Windows\system32\netbtugc.exe
2009-07-23 23:05:24 ----A---- C:\Windows\system32\iscsied.dll
2009-07-23 23:05:24 ----A---- C:\Windows\system32\dskquota.dll
2009-07-23 23:05:24 ----A---- C:\Windows\system32\AuthFWGP.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\unattendedjoin.exe
2009-07-23 23:05:23 ----A---- C:\Windows\system32\srclient.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\setupcln.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\mydocs.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\l2gpstore.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\GuidedHelp.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\fphc.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\dmime.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\cmpbk32.dll
2009-07-23 23:05:23 ----A---- C:\Windows\system32\AtBroker.exe
2009-07-23 23:05:22 ----A---- C:\Windows\system32\winnsi.dll
2009-07-23 23:05:22 ----A---- C:\Windows\system32\regini.exe
2009-07-23 23:05:22 ----A---- C:\Windows\system32\napdsnap.dll
2009-07-23 23:05:22 ----A---- C:\Windows\system32\dsdmo.dll
2009-07-23 23:05:22 ----A---- C:\Windows\system32\amxread.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\usbui.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\odbccu32.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\odbccr32.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\msident.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\msdart.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\dot3dlg.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\devenum.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\cmstplua.dll
2009-07-23 23:05:21 ----A---- C:\Windows\system32\apilogen.dll
2009-07-23 23:05:20 ----A---- C:\Windows\system32\wpclsp.dll
2009-07-23 23:05:20 ----A---- C:\Windows\system32\WINSRPC.DLL
2009-07-23 23:05:20 ----A---- C:\Windows\system32\vss_ps.dll
2009-07-23 23:05:20 ----A---- C:\Windows\system32\VIDRESZR.DLL
2009-07-23 23:05:20 ----A---- C:\Windows\system32\upnpcont.exe
2009-07-23 23:05:20 ----A---- C:\Windows\system32\RacAgent.exe
2009-07-23 23:05:20 ----A---- C:\Windows\system32\nsi.dll
2009-07-23 23:05:20 ----A---- C:\Windows\system32\nbtstat.exe
2009-07-23 23:05:20 ----A---- C:\Windows\system32\mtxlegih.dll
2009-07-23 23:05:20 ----A---- C:\Windows\system32\mtxdm.dll
2009-07-23 23:05:20 ----A---- C:\Windows\system32\avrt.dll
2009-07-23 23:05:19 ----A---- C:\Windows\system32\srwmi.dll
2009-07-23 23:05:19 ----A---- C:\Windows\system32\mfcsubs.dll
2009-07-23 23:05:19 ----A---- C:\Windows\system32\graftabl.com
2009-07-23 23:05:18 ----A---- C:\Windows\system32\wsock32.dll
2009-07-23 23:05:18 ----A---- C:\Windows\system32\WavDest.dll
2009-07-23 23:05:18 ----A---- C:\Windows\system32\vfwwdm32.dll
2009-07-23 23:05:18 ----A---- C:\Windows\system32\syskey.exe
2009-07-23 23:05:18 ----A---- C:\Windows\system32\rasphone.exe
2009-07-23 23:05:18 ----A---- C:\Windows\system32\odbcbcp.dll
2009-07-23 23:05:18 ----A---- C:\Windows\system32\netevent.dll
2009-07-23 23:05:17 ----A---- C:\Windows\system32\wiarpc.dll
2009-07-23 23:05:17 ----A---- C:\Windows\system32\ROUTE.EXE
2009-07-23 23:05:17 ----A---- C:\Windows\system32\procinst.dll
2009-07-23 23:05:17 ----A---- C:\Windows\system32\ndfetw.dll
2009-07-23 23:05:17 ----A---- C:\Windows\system32\MP3DMOD.DLL
2009-07-23 23:05:17 ----A---- C:\Windows\system32\extrac32.exe
2009-07-23 23:05:17 ----A---- C:\Windows\system32\eventcls.dll
2009-07-23 23:05:16 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2009-07-23 23:05:16 ----A---- C:\Windows\system32\wiadss.dll
2009-07-23 23:05:16 ----A---- C:\Windows\system32\TabbtnEx.dll
2009-07-23 23:05:16 ----A---- C:\Windows\system32\d3dxof.dll
2009-07-23 23:05:16 ----A---- C:\Windows\system32\csrss.exe
2009-07-23 23:05:15 ----A---- C:\Windows\system32\WlanMmHC.dll
2009-07-23 23:05:15 ----A---- C:\Windows\system32\Tabbtn.dll
2009-07-23 23:05:15 ----A---- C:\Windows\system32\psbase.dll
2009-07-23 23:05:15 ----A---- C:\Windows\system32\dmscript.dll
2009-07-23 23:05:15 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2009-07-23 23:05:14 ----A---- C:\Windows\system32\dmloader.dll
2009-07-23 23:05:14 ----A---- C:\Windows\fveupdate.exe
2009-07-23 23:05:13 ----A---- C:\Windows\system32\wshcon.dll
2009-07-23 23:05:13 ----A---- C:\Windows\system32\Netplwiz.exe
2009-07-23 23:05:13 ----A---- C:\Windows\system32\credssp.dll
2009-07-23 23:05:12 ----A---- C:\Windows\system32\PlaySndSrv.dll
2009-07-23 23:05:12 ----A---- C:\Windows\system32\icsunattend.exe
2009-07-23 23:05:11 ----A---- C:\Windows\system32\WsmRes.dll
2009-07-23 23:05:11 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2009-07-23 23:05:11 ----A---- C:\Windows\system32\wship6.dll
2009-07-23 23:05:11 ----A---- C:\Windows\system32\sxsstore.dll
2009-07-23 23:05:11 ----A---- C:\Windows\system32\msvidc32.dll
2009-07-23 23:05:11 ----A---- C:\Windows\system32\localui.dll
2009-07-23 23:05:11 ----A---- C:\Windows\system32\lltdapi.dll
2009-07-23 23:05:11 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2009-07-23 23:05:11 ----A---- C:\Windows\system32\ComputerDefaults.exe
2009-07-23 23:05:10 ----A---- C:\Windows\system32\tcpmon.ini
2009-07-23 23:05:10 ----A---- C:\Windows\system32\setupSNK.exe
2009-07-23 23:05:10 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2009-07-23 23:05:10 ----A---- C:\Windows\system32\icaapi.dll
2009-07-23 23:05:09 ----A---- C:\Windows\system32\sbunattend.exe
2009-07-23 23:05:09 ----A---- C:\Windows\system32\OptionalFeatures.exe
2009-07-23 23:05:09 ----A---- C:\Windows\system32\dmutil.dll
2009-07-23 23:05:08 ----A---- C:\Windows\system32\usbperf.dll
2009-07-23 23:05:08 ----A---- C:\Windows\system32\spopk.dll
2009-07-23 23:05:08 ----A---- C:\Windows\system32\serialui.dll
2009-07-23 23:05:07 ----A---- C:\Windows\system32\cofiredm.dll
2009-07-23 23:05:05 ----A---- C:\Windows\system32\rasctrs.dll
2009-07-23 23:05:05 ----A---- C:\Windows\system32\msobjs.dll
2009-07-23 23:05:05 ----A---- C:\Windows\system32\hnetmon.dll
2009-07-23 23:05:04 ----A---- C:\Windows\system32\nlsbres.dll
2009-07-23 23:05:04 ----A---- C:\Windows\system32\LogonUI.exe
2009-07-23 23:05:04 ----A---- C:\Windows\system32\iprtprio.dll
2009-07-23 23:05:04 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2009-07-23 23:05:04 ----A---- C:\Windows\system32\esentprf.dll
2009-07-23 23:05:01 ----A---- C:\Windows\system32\osbaseln.dll
2009-07-23 23:05:01 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-07-23 23:05:00 ----A---- C:\Windows\system32\msmmsp.dll
2009-07-23 23:04:58 ----A---- C:\Windows\system32\winusb.dll
2009-07-23 23:04:58 ----A---- C:\Windows\system32\rdpcfgex.dll
2009-07-23 23:04:58 ----A---- C:\Windows\system32\dispex.dll
2009-07-23 23:04:52 ----A---- C:\Windows\system32\Nlsdl.dll
2009-07-23 23:04:51 ----A---- C:\Windows\system32\riched32.dll
2009-07-23 23:04:51 ----A---- C:\Windows\system32\msidle.dll
2009-07-23 23:04:51 ----A---- C:\Windows\system32\idndl.dll
2009-07-23 23:04:45 ----A---- C:\Windows\system32\KBDKOR.DLL
2009-07-23 23:04:45 ----A---- C:\Windows\system32\KBDJPN.DLL
2009-07-23 23:04:42 ----A---- C:\Windows\system32\vga64k.dll
2009-07-23 23:04:42 ----A---- C:\Windows\system32\vga256.dll
2009-07-23 23:04:42 ----A---- C:\Windows\system32\tsddd.dll
2009-07-23 23:04:42 ----A---- C:\Windows\system32\framebuf.dll
2009-07-23 23:04:41 ----A---- C:\Windows\system32\vga.dll
2009-07-23 23:04:41 ----A---- C:\Windows\system32\dmdskres2.dll
2009-07-23 23:04:41 ----A---- C:\Windows\system32\bootstr.dll
2009-07-23 23:04:40 ----A---- C:\Windows\system32\spwizres.dll
2009-07-23 23:04:38 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2009-07-23 23:04:33 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2009-07-23 23:04:33 ----A---- C:\Windows\system32\fsmgmt.msc
2009-07-23 23:04:29 ----A---- C:\Windows\system32\perfmon.msc
2009-07-23 23:03:44 ----A---- C:\Windows\system32\xmllite.dll
2009-07-23 23:03:43 ----A---- C:\Windows\system32\wbemcomn.dll
2009-07-23 23:03:38 ----A---- C:\Windows\system32\sqmapi.dll
2009-07-23 23:03:38 ----A---- C:\Windows\system32\SmiInstaller.dll
2009-07-23 23:03:15 ----A---- C:\Windows\system32\mspatcha.dll
2009-07-23 23:03:15 ----A---- C:\Windows\system32\msdelta.dll
2009-07-23 23:03:15 ----A---- C:\Windows\system32\dpx.dll
2009-07-23 11:39:01 ----D---- C:\Users\Shota\AppData\Roaming\QQ Games Plugin
2009-07-23 11:38:50 ----D---- C:\Users\Shota\AppData\Roaming\acccore
2009-07-23 11:37:22 ----D---- C:\ProgramData\Tencent
2009-07-23 11:37:22 ----D---- C:\Program Files\Tencent
2009-07-23 11:36:58 ----D---- C:\Program Files\AIMTunes
2009-07-23 11:36:41 ----D---- C:\ProgramData\AOL Downloads
2009-07-23 11:36:40 ----A---- C:\Windows\atid.ini
2009-07-23 11:36:18 ----D---- C:\Program Files\Common Files\Software Update Utility
2009-07-23 11:36:11 ----D---- C:\ProgramData\AIM Toolbar
2009-07-23 11:36:11 ----D---- C:\Program Files\AIM Toolbar
2009-07-23 11:35:43 ----D---- C:\ProgramData\Viewpoint
2009-07-23 11:35:38 ----D---- C:\Program Files\Viewpoint
2009-07-23 11:35:36 ----D---- C:\ProgramData\acccore
2009-07-23 11:34:44 ----D---- C:\ProgramData\AOL OCP
2009-07-23 11:34:44 ----D---- C:\ProgramData\AOL
2009-07-23 11:33:57 ----D---- C:\Program Files\Common Files\AOL
2009-07-23 11:33:39 ----D---- C:\Program Files\AIM6
2009-07-22 23:46:31 ----D---- C:\Program Files\Common Files\INCA Shared
2009-07-22 18:07:16 ----D---- C:\ProgramData\Google Updater
2009-07-22 18:06:57 ----D---- C:\Program Files\Google
2009-07-22 01:11:38 ----D---- C:\AeriaGames
2009-07-22 01:10:10 ----D---- C:\Users\Shota\AppData\Roaming\InstallShield
2009-07-22 00:40:00 ----D---- C:\.jagex_cache_32
2009-07-21 23:36:19 ----D---- C:\Users\Shota\AppData\Roaming\Apple Computer
2009-07-21 23:35:03 ----D---- C:\Program Files\QuickTime
2009-07-21 23:33:13 ----D---- C:\ProgramData\Apple Computer
2009-07-21 23:31:43 ----D---- C:\Program Files\iPod
2009-07-21 21:04:32 ----A---- C:\Windows\system32\deploytk.dll
2009-07-21 20:11:39 ----A---- C:\Windows\system32\t2embed.dll
2009-07-21 20:11:39 ----A---- C:\Windows\system32\atmfd.dll
2009-07-21 20:11:38 ----A---- C:\Windows\system32\lpk.dll
2009-07-21 20:11:38 ----A---- C:\Windows\system32\fontsub.dll
2009-07-21 20:11:38 ----A---- C:\Windows\system32\dciman32.dll
2009-07-21 20:11:38 ----A---- C:\Windows\system32\atmlib.dll
2009-07-21 16:58:35 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-21 16:32:08 ----D---- C:\Windows\Minidump
2009-07-21 05:20:49 ----D---- C:\Users\Shota\AppData\Roaming\Mozilla
2009-07-21 05:20:31 ----D---- C:\Users\Shota\AppData\Roaming\LimeWire
2009-07-21 01:04:35 ----D---- C:\ProgramData\NVIDIA
2009-07-19 20:36:17 ----D---- C:\OEMSettings
2009-07-19 18:43:41 ----A---- C:\Windows\system32\winipsec.dll
2009-07-19 18:43:41 ----A---- C:\Windows\system32\polstore.dll
2009-07-19 18:19:03 ----A---- C:\Windows\system32\msxml3r.dll
2009-07-19 18:08:54 ----A---- C:\Windows\system32\localspl.dll
2009-07-19 16:50:42 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2009-07-19 16:50:40 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2009-07-19 16:50:37 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2009-07-19 16:50:35 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2009-07-19 16:50:33 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2009-07-19 16:50:30 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2009-07-19 16:50:27 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2009-07-19 16:50:22 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2009-07-19 16:50:12 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2009-07-19 16:50:02 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2009-07-19 16:49:52 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2009-07-19 16:49:45 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2009-07-19 16:49:40 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2009-07-19 16:49:35 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2009-07-19 16:49:29 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2009-07-19 16:49:22 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2009-07-19 16:49:06 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2009-07-19 16:48:54 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2009-07-19 16:48:50 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2009-07-19 16:48:23 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2009-07-19 16:48:19 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2009-07-19 16:48:14 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2009-07-19 16:48:10 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2009-07-19 16:48:05 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2009-07-19 16:48:02 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2009-07-19 16:47:58 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2009-07-19 16:47:48 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2009-07-19 16:47:39 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2009-07-19 16:47:28 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2009-07-19 16:47:16 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2009-07-19 16:47:10 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2009-07-19 16:47:05 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2009-07-19 16:46:58 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2009-07-19 16:46:51 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2009-07-19 16:46:44 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2009-07-19 16:46:35 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2009-07-19 16:46:27 ----A---- C:\Windows\system32\NlsModels0011.dll
2009-07-19 16:46:23 ----A---- C:\Windows\system32\NlsData0045.dll
2009-07-19 16:46:22 ----A---- C:\Windows\system32\NlsData0046.dll
2009-07-19 16:46:21 ----A---- C:\Windows\system32\NlsData0047.dll
2009-07-19 16:46:20 ----A---- C:\Windows\system32\NlsData0049.dll
2009-07-19 16:46:20 ----A---- C:\Windows\system32\NlsData0039.dll
2009-07-19 16:46:19 ----A---- C:\Windows\system32\NlsData0021.dll
2009-07-19 16:46:19 ----A---- C:\Windows\system32\NlsData0020.dll
2009-07-19 16:46:18 ----A---- C:\Windows\system32\NlsData0026.dll
2009-07-19 16:46:18 ----A---- C:\Windows\system32\NlsData0024.dll
2009-07-19 16:46:18 ----A---- C:\Windows\system32\NlsData0022.dll
2009-07-19 16:46:17 ----A---- C:\Windows\system32\NlsData0027.dll
2009-07-19 16:46:17 ----A---- C:\Windows\system32\NlsData0010.dll
2009-07-19 16:46:16 ----A---- C:\Windows\system32\NlsData0013.dll
2009-07-19 16:46:16 ----A---- C:\Windows\system32\NlsData0011.dll
2009-07-19 16:46:15 ----A---- C:\Windows\system32\NlsData0018.dll
2009-07-19 16:46:15 ----A---- C:\Windows\system32\NlsData0000.dll
2009-07-19 16:46:14 ----A---- C:\Windows\system32\NlsData0019.dll
2009-07-19 16:46:14 ----A---- C:\Windows\system32\NlsData0002.dll
2009-07-19 16:46:14 ----A---- C:\Windows\system32\NlsData0001.dll
2009-07-19 16:46:13 ----A---- C:\Windows\system32\NlsData0009.dll
2009-07-19 16:46:13 ----A---- C:\Windows\system32\NlsData0007.dll
2009-07-19 16:46:13 ----A---- C:\Windows\system32\NlsData0003.dll
2009-07-19 16:46:12 ----A---- C:\Windows\system32\NlsData004a.dll
2009-07-19 16:46:11 ----A---- C:\Windows\system32\NlsData004e.dll
2009-07-19 16:46:11 ----A---- C:\Windows\system32\NlsData004c.dll
2009-07-19 16:46:11 ----A---- C:\Windows\system32\NlsData004b.dll
2009-07-19 16:46:10 ----A---- C:\Windows\system32\NlsData003e.dll
2009-07-19 16:46:10 ----A---- C:\Windows\system32\NlsData002a.dll
2009-07-19 16:46:09 ----A---- C:\Windows\system32\NlsData001b.dll
2009-07-19 16:46:09 ----A---- C:\Windows\system32\NlsData001a.dll
2009-07-19 16:46:08 ----A---- C:\Windows\system32\NlsData001d.dll
2009-07-19 16:46:07 ----A---- C:\Windows\system32\NlsData000d.dll
2009-07-19 16:46:07 ----A---- C:\Windows\system32\NlsData000c.dll
2009-07-19 16:46:07 ----A---- C:\Windows\system32\NlsData000a.dll
2009-07-19 16:46:06 ----A---- C:\Windows\system32\NlsData000f.dll
2009-07-19 16:46:05 ----A---- C:\Windows\system32\NlsData0416.dll
2009-07-19 16:46:05 ----A---- C:\Windows\system32\NlsData0414.dll
2009-07-19 16:46:04 ----A---- C:\Windows\system32\NlsData081a.dll
2009-07-19 16:46:04 ----A---- C:\Windows\system32\NlsData0816.dll
2009-07-19 16:45:54 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2009-07-19 16:45:53 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-07-19 16:45:27 ----D---- C:\Program Files\AVG
2009-07-19 16:42:52 ----A---- C:\Windows\system32\kbd106n.dll
2009-07-19 16:34:57 ----A---- C:\Windows\system32\printcom.dll
2009-07-19 16:34:37 ----A---- C:\Windows\system32\wshrm.dll
2009-07-19 16:31:16 ----A---- C:\Windows\system32\INETRES.dll
2009-07-19 16:30:10 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-19 16:28:39 ----D---- C:\Program Files\MSXML 4.0
2009-07-19 16:26:32 ----A---- C:\Windows\system32\msxml6r.dll

======List of files/folders modified in the last 1 months======

2009-08-18 23:55:00 ----D---- C:\Windows\Prefetch
2009-08-18 23:54:50 ----D---- C:\Windows\Temp
2009-08-18 23:52:48 ----D---- C:\Windows\System32
2009-08-18 23:52:48 ----D---- C:\Windows\inf
2009-08-18 23:52:48 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-18 23:48:39 ----D---- C:\Windows\Tasks
2009-08-18 23:46:32 ----D---- C:\Windows\SMINST
2009-08-18 13:36:30 ----SHD---- C:\System Volume Information
2009-08-17 18:43:57 ----D---- C:\WINDOWS
2009-08-17 15:08:14 ----D---- C:\ProgramData\Symantec
2009-08-17 15:02:13 ----SHD---- C:\Windows\Installer
2009-08-17 15:02:10 ----D---- C:\Windows\system32\catroot
2009-08-17 15:00:25 ----D---- C:\Windows\system32\catroot2
2009-08-17 14:57:59 ----D---- C:\Windows\WindowsMobile
2009-08-17 14:57:26 ----RD---- C:\Program Files
2009-08-13 21:51:36 ----D---- C:\Windows\system32\Tasks
2009-08-13 21:49:42 ----D---- C:\ProgramData\Hewlett-Packard
2009-08-13 21:46:19 ----RSD---- C:\Windows\assembly
2009-08-13 21:46:19 ----HD---- C:\Program Files\InstallShield Installation Information
2009-08-13 21:46:13 ----D---- C:\Program Files\Hewlett-Packard
2009-08-13 21:44:07 ----D---- C:\SwSetup
2009-08-13 00:09:06 ----D---- C:\Windows\winsxs
2009-08-12 08:03:06 ----D---- C:\Windows\system32\drivers
2009-08-12 08:03:06 ----D---- C:\Program Files\Windows Media Player
2009-08-11 22:18:30 ----D---- C:\Program Files\Windows Mail
2009-08-09 08:28:16 ----HD---- C:\ProgramData
2009-08-09 00:38:59 ----D---- C:\Windows\rescache
2009-08-09 00:28:05 ----D---- C:\Program Files\Java
2009-08-09 00:24:09 ----D---- C:\Windows\Microsoft.NET
2009-08-09 00:19:10 ----SHD---- C:\boot
2009-08-08 10:28:28 ----D---- C:\Program Files\Windows Calendar
2009-08-08 10:28:27 ----D---- C:\Program Files\Movie Maker
2009-08-08 10:28:26 ----D---- C:\Program Files\Windows Sidebar
2009-08-08 10:28:26 ----D---- C:\Program Files\Windows Journal
2009-08-08 10:28:26 ----D---- C:\Program Files\Windows Collaboration
2009-08-08 10:28:26 ----D---- C:\Program Files\Internet Explorer
2009-08-08 10:28:24 ----D---- C:\Program Files\Windows Photo Gallery
2009-08-08 10:28:24 ----D---- C:\Program Files\Common Files\System
2009-08-08 10:28:21 ----D---- C:\Windows\servicing
2009-08-08 10:28:21 ----D---- C:\Windows\ehome
2009-08-08 10:28:21 ----D---- C:\Program Files\Windows Defender
2009-08-08 10:28:10 ----D---- C:\Windows\IME
2009-08-08 10:28:09 ----D---- C:\Windows\system32\XPSViewer
2009-08-08 10:28:09 ----D---- C:\Windows\system32\sk-SK
2009-08-08 10:28:09 ----D---- C:\Windows\system32\lv-LV
2009-08-08 10:28:09 ----D---- C:\Windows\system32\ko-KR
2009-08-08 10:28:09 ----D---- C:\Windows\system32\hr-HR
2009-08-08 10:28:09 ----D---- C:\Windows\system32\et-EE
2009-08-08 10:28:09 ----D---- C:\Windows\system32\da-DK
2009-08-08 10:28:05 ----D---- C:\Windows\system32\en-US
2009-08-08 10:28:03 ----D---- C:\Windows\system32\oobe
2009-08-08 10:28:03 ----D---- C:\Windows\system32\migration
2009-08-08 10:28:03 ----D---- C:\Windows\system32\it-IT
2009-08-08 10:28:03 ----D---- C:\Windows\system32\el-GR
2009-08-08 10:28:03 ----D---- C:\Windows\system32\de-DE
2009-08-08 10:28:02 ----D---- C:\Windows\system32\AdvancedInstallers
2009-08-08 10:28:01 ----D---- C:\Windows\system32\sv-SE
2009-08-08 10:28:01 ----D---- C:\Windows\system32\SLUI
2009-08-08 10:28:01 ----D---- C:\Windows\system32\setup
2009-08-08 10:28:01 ----D---- C:\Windows\system32\ru-RU
2009-08-08 10:28:01 ----D---- C:\Windows\system32\pt-PT
2009-08-08 10:28:01 ----D---- C:\Windows\system32\hu-HU
2009-08-08 10:28:01 ----D---- C:\Windows\system32\he-IL
2009-08-08 10:28:01 ----D---- C:\Windows\system32\fr-FR
2009-08-08 10:28:01 ----D---- C:\Windows\system32\fi-FI
2009-08-08 10:28:01 ----D---- C:\Windows\system32\cs-CZ
2009-08-08 10:28:00 ----D---- C:\Windows\system32\zh-TW
2009-08-08 10:28:00 ----D---- C:\Windows\system32\zh-CN
2009-08-08 10:28:00 ----D---- C:\Windows\system32\uk-UA
2009-08-08 10:28:00 ----D---- C:\Windows\system32\sr-Latn-CS
2009-08-08 10:28:00 ----D---- C:\Windows\system32\sl-SI
2009-08-08 10:28:00 ----D---- C:\Windows\system32\pl-PL
2009-08-08 10:28:00 ----D---- C:\Windows\system32\manifeststore
2009-08-08 10:28:00 ----D---- C:\Windows\system32\ja-JP
2009-08-08 10:28:00 ----D---- C:\Windows\system32\es-ES
2009-08-08 10:28:00 ----D---- C:\Windows\system32\en
2009-08-08 10:28:00 ----D---- C:\Windows\system32\bg-BG
2009-08-08 10:27:59 ----D---- C:\Windows\system32\th-TH
2009-08-08 10:27:59 ----D---- C:\Windows\system32\ro-RO
2009-08-08 10:27:57 ----D---- C:\Windows\system32\wbem
2009-08-08 10:27:57 ----D---- C:\Windows\system32\tr-TR
2009-08-08 10:27:56 ----D---- C:\Windows\system32\nl-NL
2009-08-08 10:27:56 ----D---- C:\Windows\system32\nb-NO
2009-08-08 10:27:56 ----D---- C:\Windows\system32\migwiz
2009-08-08 10:27:56 ----D---- C:\Windows\system32\lt-LT
2009-08-08 10:27:56 ----D---- C:\Windows\system32\ar-SA
2009-08-08 10:27:55 ----D---- C:\Windows\system32\pt-BR
2009-08-08 10:27:31 ----RSD---- C:\Windows\Fonts
2009-08-08 10:27:31 ----D---- C:\Windows\AppPatch
2009-08-08 10:27:24 ----D---- C:\Windows\system32\Boot
2009-08-08 10:22:22 ----D---- C:\Windows\system32\RTCOM
2009-08-05 23:43:05 ----D---- C:\Windows\twain_32
2009-08-03 15:21:16 ----D---- C:\Program Files\Norton Internet Security
2009-08-03 15:03:51 ----D---- C:\Program Files\Symantec
2009-08-03 15:02:49 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-08-03 15:02:08 ----D---- C:\Program Files\Common Files
2009-08-03 14:36:25 ----SD---- C:\Users\Shota\AppData\Roaming\Microsoft
2009-08-01 08:39:49 ----D---- C:\Windows\LiveKernelReports
2009-07-30 22:43:55 ----D---- C:\Windows\system32\WDI
2009-07-29 20:49:14 ----A---- C:\Windows\system32\mrt.exe
2009-07-28 21:42:40 ----D---- C:\Windows\Logs
2009-07-28 16:46:21 ----D---- C:\Windows\ModemLogs
2009-07-27 22:24:27 ----A---- C:\Windows\DIFxAPI.dll
2009-07-27 22:24:16 ----D---- C:\Program Files\Realtek
2009-07-27 22:22:15 ----D---- C:\Program Files\Hp
2009-07-27 21:50:45 ----D---- C:\Windows\PolicyDefinitions
2009-07-26 21:00:49 ----ASH---- C:\Program Files\desktop.ini
2009-07-26 20:47:34 ----D---- C:\Windows\MSAgent
2009-07-26 20:47:29 ----D---- C:\Windows\DigitalLocker
2009-07-26 20:47:28 ----D---- C:\Windows\L2Schemas
2009-07-26 20:47:26 ----D---- C:\Windows\system32\com
2009-07-26 20:46:59 ----D---- C:\Windows\system32\sysprep
2009-07-26 20:46:38 ----D---- C:\Windows\system32\ias
2009-07-26 20:37:41 ----D---- C:\Windows\Boot
2009-07-26 11:51:47 ----A---- C:\Windows\system32\ifxcardm.dll
2009-07-26 11:51:42 ----A---- C:\Windows\system32\axaltocm.dll
2009-07-25 10:36:23 ----RD---- C:\Users
2009-07-25 10:30:22 ----SHD---- C:\$RECYCLE.BIN
2009-07-23 11:34:46 ----SD---- C:\Windows\Downloaded Program Files
2009-07-21 23:32:29 ----D---- C:\Windows\Downloaded Installations
2009-07-21 23:21:07 ----D---- C:\Program Files\Common Files\InstallShield
2009-07-21 17:36:12 ----D---- C:\Users\Shota\AppData\Roaming\Hewlett-Packard
2009-07-21 16:44:07 ----D---- C:\Windows\Debug
2009-07-21 00:38:45 ----SD---- C:\ProgramData\Microsoft
2009-07-19 20:47:38 ----D---- C:\Windows\system32\NDF
2009-07-19 20:33:06 ----D---- C:\Users\Shota\AppData\Roaming\Adobe
2009-07-19 18:51:49 ----D---- C:\Windows\system32\ras
2009-07-19 18:51:48 ----D---- C:\Windows\system32\icsxml
2009-07-19 16:25:46 ----D---- C:\Windows\SoftwareDistribution

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-06-28 8192]
R1 eeCtrl;Symantec Eraser Control driver; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [2009-06-16 371248]
R1 IDSvix86;Symantec Intrusion Prevention Driver; \??\C:\PROGRA~2\Symantec\DEFINI~1\SymcData\idsdefs\20090730.002\IDSvix86.sys [2009-07-03 272432]
R1 RtlProt;Realtke RtlProt WLAN Utility Protocol Driver; C:\Windows\system32\DRIVERS\rtlprot.sys [2007-04-23 25896]
R1 SPBBCDrv;SPBBCDrv; \??\C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCDrv.sys [2007-04-14 418104]
R1 SRTSPX;SRTSPX; C:\Windows\System32\Drivers\SRTSPX.SYS [2007-11-30 43696]
R1 SYMTDI;SYMTDI; C:\Windows\System32\Drivers\SYMTDI.SYS [2008-10-03 187952]
R2 RMCAST;RMCAST (Pgm) Protocol Driver; C:\Windows\system32\DRIVERS\RMCAST.sys [2009-04-11 113664]
R3 ATSWPDRV;AuthenTec TruePrint USB Driver (SwipeSensor); C:\Windows\system32\DRIVERS\ATSwpDrv.sys [2006-10-31 138632]
R3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 btwaudio;Bluetooth Audio Device Service; C:\Windows\system32\drivers\btwaudio.sys [2007-01-02 78128]
R3 btwavdt;Bluetooth AVDT Service; C:\Windows\system32\drivers\btwavdt.sys [2007-01-02 80688]
R3 btwrchid;btwrchid; C:\Windows\system32\DRIVERS\btwrchid.sys [2007-01-02 16560]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv; \??\C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2009-06-16 101936]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-03-19 23400]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-01 1744928]
R3 NAVENG;NAVENG; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090803.005\NAVENG.SYS [2009-07-15 87888]
R3 NAVEX15;NAVEX15; \??\C:\PROGRA~2\Symantec\DEFINI~1\VIRUSD~1\20090803.005\NAVEX15.SYS [2009-07-15 875728]
R3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm60x32.sys [2006-11-02 429056]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-02-26 4465184]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2007-02-15 12032]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8187B;NETGEAR WG111v3 54Mbps Wireless USB 2.0 Adapter Vista Driver; C:\Windows\system32\DRIVERS\wg111v3.sys [2007-12-28 289280]
R3 smserial;smserial; C:\Windows\system32\DRIVERS\smserial.sys [2006-10-09 981504]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-09 3482240]
R3 SRTSP;SRTSP; C:\Windows\System32\Drivers\SRTSP.SYS [2007-11-30 279088]
R3 SYMDNS;SYMDNS; C:\Windows\System32\Drivers\SYMDNS.SYS [2008-10-03 12848]
R3 SymEvent;SymEvent; \??\C:\Windows\system32\Drivers\SYMEVENT.SYS [2009-08-03 124464]
R3 SYMFW;SYMFW; C:\Windows\System32\Drivers\SYMFW.SYS [2008-10-03 146096]
R3 SYMIDS;SYMIDS; C:\Windows\System32\Drivers\SYMIDS.SYS [2008-10-03 39984]
R3 SYMNDISV;SYMNDISV; C:\Windows\System32\Drivers\SYMNDISV.SYS [2008-10-03 37936]
R3 SYMREDRV;SYMREDRV; C:\Windows\System32\Drivers\SYMREDRV.SYS [2008-10-03 27696]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-12 181432]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-01-03 534016]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-11-02 163328]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2006-10-18 1380864]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 SRTSPL;SRTSPL; C:\Windows\System32\Drivers\SRTSPL.SYS [2007-11-30 317616]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-07-09 39424]
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
S3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-07-09 144712]
R2 ASBroker;Logon Session Broker; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 ASChannel;Local Communication Channel; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 ccEvtMgr;Symantec Event Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 ccSetMgr;Symantec Settings Manager; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 CLCapSvc;CyberLink Background Capture Service (CBCS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLCapSvc.exe [2007-03-28 270431]
R2 CLSched;CyberLink Task Scheduler (CTS); C:\Program Files\HP\QuickPlay\Kernel\TV\CLSched.exe [2007-03-28 118877]
R2 CLTNetCnService;Symantec Lic NetConnect service; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Common Files\LightScribe\LSSrvc.exe [2006-12-14 61440]
R2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; c:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe [2007-01-10 108648]
R2 SymAppCore;Symantec AppCore Service; c:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe [2007-01-05 47712]
R2 Viewpoint Manager Service;Viewpoint Manager Service; C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 24652]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-07-13 542496]
S2 gupdate1ca0b192adaaab0;Google Update Service (gupdate1ca0b192adaaab0); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-22 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-07-22 190448]
S2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
S3 AddFiltr;AddFiltr; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\AddFiltr.exe [2006-06-26 126976]
S3 comHost;COM Host; c:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe [2007-01-13 49248]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-04 69632]
S3 ISPwdSvc;Symantec IS Password Validation; c:\Program Files\Norton Internet Security\isPwdSvc.exe [2007-01-14 80504]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-02-12 880640]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-02-17 74656]
S3 Symantec Core LC;Symantec Core LC; C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe [2009-08-03 1251720]
S3 usprserv;User Privilege Service; C:\Windows\System32\svchost.exe [2008-01-19 21504]

-----------------EOF-----------------
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby LOL =) » August 19th, 2009, 12:07 am

i'm sorry, but the computer did not go according to your steps after step 3 of bitdefender.
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby Cypher » August 19th, 2009, 6:05 pm

Hi LOL =)
Thank you for those logs.


Upload a File to Jotti


Please go to jotti.org

Copy/paste these files and path One at a time into the white box at the top:
C:\Windows\system32\fc.exe
C:\Windows\system32\fde.dll

Press Submit - this will submit the file for testing.
Please wait for all the scanners to finish then copy and paste the results in your next response.

If you have trouble using jotti try Virustotal

i'm sorry, but the computer did not go according to your steps after step 3 of bitdefender.
Do you mean you couldn't run the bitdefender scan?

If so try this.

ESET online scannner


Note: You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • Please go Here then click on: Image
    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Image
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Image
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

In your next reply.

1. jotti or virustotal scan results.
2. EsetOnlineScanner log.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 14959
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Having trouble using my laptop!

Unread postby LOL =) » August 20th, 2009, 6:26 pm

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-19 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-19 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing



2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-21 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-19 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing

2009-08-20 Found nothing
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind

Re: Having trouble using my laptop!

Unread postby LOL =) » August 20th, 2009, 10:47 pm

ESETSmartInstaller@High as CAB hook log:
OnlineScanner.ocx - registred OK
LOL =)
Regular Member
 
Posts: 34
Joined: July 30th, 2008, 4:23 am
Location: on your mind
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 20 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware