Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Vistanumbers internet links redirect

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

Re: Vistanumbers internet links redirect

Unread postby rexel » June 27th, 2010, 3:07 pm

ComboFix 10-06-27.02 - Rexel 06/27/2010 13:43:37.1.2 - x86
Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1252.1.1033.18.2045.1377 [GMT -5:00]
Running from: c:\users\Rexel\Desktop\ComboFix.exe
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\sysmon
c:\windows\TEMP\logishrd\LVPrcInj03.dll
c:\windows\xpsp1hfm.log

.
((((((((((((((((((((((((( Files Created from 2010-05-27 to 2010-06-27 )))))))))))))))))))))))))))))))
.

2010-06-27 18:55 . 2010-06-27 18:56 -------- d-----w- c:\users\Rexel\AppData\Local\VirtualStore
2010-06-27 18:51 . 2010-06-27 18:51 -------- d-----w- c:\users\Roselle\AppData\Local\temp
2010-06-27 18:51 . 2010-06-27 18:51 -------- d-----w- c:\users\laureanofamily\AppData\Local\temp
2010-06-27 18:51 . 2010-06-27 18:56 -------- d-----w- c:\users\Rexel\AppData\Local\temp
2010-06-27 18:51 . 2010-06-27 18:51 -------- d-----w- c:\users\Guest\AppData\Local\temp
2010-06-27 18:51 . 2010-06-27 18:51 -------- d-----w- c:\users\Default\AppData\Local\temp
2010-06-27 18:33 . 2010-06-27 18:33 -------- d-----w- c:\program files\ERUNT
2010-06-27 17:29 . 2010-06-27 17:30 -------- d-----w- C:\rsit
2010-06-27 17:27 . 2010-06-27 17:27 -------- d-----w- c:\programdata\Avira
2010-06-27 17:27 . 2010-06-27 17:27 -------- d-----w- c:\program files\Avira
2010-06-27 17:27 . 2010-03-01 15:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys
2010-06-27 17:27 . 2010-02-16 19:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2010-06-27 17:27 . 2009-05-11 17:49 51992 ----a-w- c:\windows\system32\drivers\avgntdd.sys
2010-06-27 17:27 . 2009-05-11 17:49 17016 ----a-w- c:\windows\system32\drivers\avgntmgr.sys
2010-06-27 17:03 . 2010-06-27 17:03 -------- d-----w- c:\users\Rexel\AppData\Roaming\Malwarebytes
2010-06-27 17:02 . 2010-04-29 20:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2010-06-27 17:02 . 2010-06-27 17:02 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2010-06-27 17:02 . 2010-06-27 17:02 -------- d-----w- c:\programdata\Malwarebytes
2010-06-27 17:02 . 2010-04-29 20:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys
2010-06-27 03:15 . 2010-06-27 17:30 -------- d-----w- c:\program files\Trend Micro
2010-06-25 22:06 . 2010-06-25 22:06 -------- d-----w- c:\users\Roselle\AppData\Roaming\Exent Technologies
2010-06-25 21:08 . 2010-06-25 21:08 -------- d-----w- c:\users\laureanofamily\AppData\Local\Yahoo
2010-06-25 21:08 . 2010-06-25 21:08 -------- d-----w- c:\users\laureanofamily\AppData\Roaming\Yahoo!
2010-06-25 17:55 . 2010-06-25 17:55 204704 ---ha-w- c:\windows\system32\mlfcache.dat
2010-06-25 12:45 . 2010-06-25 12:45 -------- d-----w- c:\users\Rexel\AppData\Local\Yahoo
2010-06-25 12:45 . 2010-06-25 12:45 -------- d-----w- c:\users\Rexel\AppData\Roaming\Yahoo!
2010-06-25 02:47 . 2010-06-25 03:00 -------- d-----w- c:\users\Roselle\AppData\Local\Yahoo
2010-06-25 02:46 . 2010-06-25 02:46 -------- d-----w- c:\users\Roselle\AppData\Local\Yahoo!
2010-06-25 02:45 . 2010-06-25 11:08 -------- d-----w- c:\programdata\Yahoo! Companion
2010-06-25 02:45 . 2010-06-25 02:47 -------- d-----w- c:\users\Roselle\AppData\Roaming\Yahoo!
2010-06-25 02:45 . 2010-06-25 02:45 -------- d-----w- c:\programdata\Yahoo!
2010-06-25 02:43 . 2010-06-25 02:45 -------- d-----w- c:\program files\Yahoo!
2010-06-24 14:03 . 2009-11-08 15:55 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2010-06-24 14:03 . 2009-11-08 15:55 49472 ----a-w- c:\windows\system32\netfxperf.dll
2010-06-24 14:03 . 2009-11-08 15:55 297808 ----a-w- c:\windows\system32\mscoree.dll
2010-06-24 14:03 . 2009-11-08 15:55 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2010-06-24 14:03 . 2009-11-08 15:55 1130824 ----a-w- c:\windows\system32\dfshim.dll
2010-06-24 05:00 . 2010-06-24 05:00 -------- d-----w- c:\program files\iPod
2010-06-24 05:00 . 2010-06-24 05:00 -------- d-----w- c:\program files\iTunes
2010-06-24 04:55 . 2010-06-24 04:55 -------- d-----w- c:\program files\Bonjour
2010-06-23 22:50 . 2010-04-16 16:43 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2010-06-23 22:50 . 2010-04-16 14:39 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2010-06-23 21:40 . 2010-06-23 21:40 -------- d-----w- c:\users\Roselle\Office Genuine Advantage
2010-06-23 03:20 . 2010-06-23 03:20 -------- d-----w- c:\programdata\Motive
2010-06-22 22:32 . 2010-06-22 22:32 -------- d-----w- c:\users\Rexel\AppData\Local\Apple
2010-06-20 18:52 . 2010-06-20 18:52 -------- d-----w- c:\program files\Windows Portable Devices
2010-06-20 18:35 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2010-06-20 18:34 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll
2010-06-20 18:34 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll
2010-06-20 18:34 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2010-06-20 04:44 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll
2010-06-19 22:58 . 2010-06-19 22:59 -------- d-----w- c:\windows\system32\ca-ES
2010-06-19 22:58 . 2010-06-19 22:59 -------- d-----w- c:\windows\system32\eu-ES
2010-06-19 22:58 . 2010-06-19 22:59 -------- d-----w- c:\windows\system32\vi-VN
2010-06-19 22:04 . 2010-06-19 22:04 -------- d-----w- c:\windows\system32\EventProviders
2010-06-19 02:39 . 2010-06-27 01:49 -------- d-----w- c:\users\Roselle\Tracing
2010-06-19 01:26 . 2010-06-27 16:26 -------- d-----w- c:\users\laureanofamily\Tracing
2010-06-17 06:07 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin
2010-06-16 18:02 . 2009-04-11 05:03 12240896 ----a-w- c:\windows\system32\NlsLexicons0007.dll
2010-06-16 18:02 . 2009-04-11 06:28 1081344 ----a-w- c:\windows\system32\SLCExt.dll
2010-06-16 18:02 . 2009-04-11 06:27 3408896 ----a-w- c:\windows\system32\SLsvc.exe
2010-06-16 18:02 . 2009-04-11 06:28 2134528 ----a-w- c:\windows\system32\FunctionDiscoveryFolder.dll
2010-06-16 18:02 . 2009-04-11 06:27 65536 ----a-w- c:\windows\system32\DevicePairingWizard.exe
2010-06-16 18:02 . 2009-04-11 05:03 2644480 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2010-06-16 18:00 . 2009-04-11 06:28 29184 ----a-w- c:\windows\system32\wsepno.dll
2010-06-16 17:46 . 2010-01-29 15:40 738816 ----a-w- c:\windows\system32\inetcomm.dll
2010-06-16 17:46 . 2010-04-05 17:01 67072 ----a-w- c:\windows\system32\asycfilt.dll
2010-06-16 17:46 . 2010-04-23 14:13 2048 ----a-w- c:\windows\system32\tzres.dll
2010-06-16 17:46 . 2010-05-26 14:47 289792 ----a-w- c:\windows\system32\atmfd.dll
2010-06-16 17:46 . 2010-05-26 17:06 34304 ----a-w- c:\windows\system32\atmlib.dll
2010-06-16 04:32 . 2010-06-16 04:32 -------- d-----w- c:\users\Rexel\AppData\Roaming\Ventrilo
2010-06-15 02:22 . 2010-06-15 02:37 -------- d-----w- c:\users\Roselle\AppData\Roaming\Righteous Kill
2010-06-14 02:37 . 2010-06-14 02:37 -------- d-----w- c:\users\Guest\AppData\Local\AskToolbar
2010-06-14 02:37 . 2010-06-14 02:37 -------- d-----w- c:\users\Guest\AppData\Local\Google
2010-06-13 19:21 . 2010-06-25 17:55 -------- d-----w- c:\users\Rexel\AppData\Local\Apple Computer
2010-06-13 04:00 . 2010-06-13 04:00 -------- d-----w- c:\windows\system32\F01744F2FC1
2010-06-13 04:00 . 2010-06-13 04:00 -------- d-----w- c:\windows\system32\F016D353D7B
2010-06-13 04:00 . 2010-06-13 04:00 -------- d-----w- c:\windows\system32\F0157A43D16
2010-06-13 03:54 . 2010-06-25 17:55 -------- d-----w- c:\users\Rexel\AppData\Roaming\Apple Computer
2010-06-13 03:54 . 2010-06-13 03:54 125888 ----a-w- c:\users\Rexel\AppData\Local\GDIPFONTCACHEV1.DAT
2010-06-13 01:13 . 2010-06-13 01:13 -------- d-----w- c:\users\Rexel\AppData\Local\Blizzard Entertainment
2010-06-13 01:05 . 2010-06-26 04:09 -------- d-----w- c:\users\Rexel\AppData\Local\Google
2010-06-13 01:03 . 2010-06-13 01:03 -------- d-----w- c:\windows\system32\F013AAE60B7
2010-06-13 00:49 . 2010-06-13 00:49 -------- d-----w- c:\windows\system32\F01330A791A
2010-06-13 00:48 . 2010-06-13 00:48 -------- d-----w- c:\windows\system32\F011FD80175
2010-06-13 00:48 . 2010-06-13 00:48 -------- d-----w- c:\windows\system32\F010428152A
2010-06-13 00:48 . 2010-06-13 00:48 -------- d-----w- c:\users\Public\Games.edfad0a4.temp
2010-06-12 11:26 . 2010-06-12 11:26 -------- d-----w- c:\users\Public\Games.temp
2010-06-10 16:51 . 2010-06-10 16:51 -------- d-----w- c:\users\laureanofamily\AppData\Local\AskToolbar
2010-06-10 00:58 . 2010-06-24 17:59 64 ----a-w- c:\windows\GPlrLanc.dat
2010-06-10 00:58 . 2010-06-24 17:59 -------- d-----w- c:\programdata\Free Ride Games
2010-06-08 00:34 . 2010-06-08 00:34 -------- d-----w- c:\users\laureanofamily\AppData\Local\Google
2010-06-07 12:19 . 2010-06-07 12:20 -------- d-----w- c:\users\Roselle\AppData\Roaming\Farm Mania 2
2010-06-07 12:13 . 2010-06-09 03:15 -------- d-----w- c:\users\Roselle\AppData\Local\Google
2010-06-07 12:05 . 2010-06-26 04:09 -------- d-----w- c:\program files\Google
2010-06-07 12:05 . 2010-06-07 12:05 -------- d-----w- c:\windows\system32\Adobe
2010-06-04 17:25 . 2010-06-04 17:25 -------- d-----w- c:\program files\ATT
2010-06-02 00:39 . 2010-06-02 00:39 -------- d-----w- c:\users\Roselle\AppData\Roaming\Go-Go Gourmet Chef of the Year
2010-06-01 21:00 . 2010-06-07 23:48 -------- d-----w- c:\users\Roselle\AppData\Roaming\Oberon Media
2010-06-01 02:52 . 2010-06-01 02:52 -------- d-----w- c:\programdata\GameHouse
2010-05-31 20:51 . 2010-05-31 20:51 -------- d-----w- c:\programdata\Meridian93
2010-05-31 20:51 . 2010-05-31 20:51 -------- d-----w- c:\users\Roselle\AppData\Roaming\Meridian93
2010-05-31 20:51 . 2010-05-31 20:51 -------- d-----w- c:\users\Roselle\AppData\Roaming\game

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2010-06-27 18:56 . 2010-03-26 03:36 88975 ----a-w- c:\programdata\nvModes.dat
2010-06-27 18:56 . 2010-03-27 01:12 -------- d-----w- c:\program files\Dl_cats
2010-06-26 13:01 . 2010-03-26 20:18 -------- d-----w- c:\program files\Common Files\Blizzard Entertainment
2010-06-26 04:07 . 2010-04-24 03:33 -------- d-----w- c:\program files\Yahoo! Games
2010-06-26 04:07 . 2010-05-28 04:16 -------- d-----w- c:\program files\Ask.com
2010-06-26 04:06 . 2010-03-28 04:16 -------- d-----w- c:\program files\MSN Games
2010-06-26 04:05 . 2010-04-25 00:53 -------- d-----w- c:\programdata\Oberon Media
2010-06-26 03:56 . 2010-03-26 03:41 -------- d-----w- c:\program files\Common Files\InstallShield
2010-06-25 21:11 . 2010-03-26 01:40 -------- d-----w- c:\programdata\LogiShrd
2010-06-25 11:08 . 2010-04-16 22:36 -------- d-----w- c:\program files\Microsoft.NET
2010-06-24 05:00 . 2010-03-26 19:55 -------- d-----w- c:\program files\Common Files\Apple
2010-06-24 04:51 . 2010-03-26 19:56 -------- d-----w- c:\program files\Safari
2010-06-23 21:44 . 2010-04-08 22:25 86 ----a-w- c:\users\Roselle\AppData\Roaming\wklnhst.dat
2010-06-22 19:07 . 2010-05-28 04:20 -------- d-----w- c:\users\Roselle\AppData\Roaming\LimeWire
2010-06-20 18:52 . 2010-06-20 18:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf
2010-06-20 18:52 . 2010-06-20 18:52 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf
2010-06-19 22:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2010-06-19 22:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery
2010-06-19 22:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal
2010-06-19 22:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2010-06-19 22:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration
2010-06-19 22:59 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2010-06-19 22:59 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2010-06-19 22:58 . 2010-06-19 22:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf
2010-06-19 22:58 . 2010-06-19 22:58 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf
2010-06-17 05:54 . 2010-03-26 02:32 330 ----a-w- c:\users\laureanofamily\AppData\Roaming\wklnhst.dat
2010-06-16 11:06 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll
2010-06-16 11:06 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll
2010-06-14 02:38 . 2010-05-12 22:18 -------- d-----w- c:\users\Guest\AppData\Roaming\Apple Computer
2010-06-10 01:01 . 2010-05-02 04:25 -------- d-----w- c:\users\Roselle\AppData\Roaming\PlayFirst
2010-06-10 01:01 . 2010-05-02 04:25 -------- d-----w- c:\programdata\PlayFirst
2010-06-07 12:18 . 2010-03-28 04:16 -------- d-----w- c:\program files\Oberon Media
2010-06-06 00:41 . 2010-03-26 21:00 -------- d-----w- c:\users\laureanofamily\AppData\Roaming\Apple Computer
2010-05-28 04:23 . 2010-05-28 04:15 -------- d-----w- c:\users\Roselle\AppData\Roaming\Apple Computer
2010-05-28 04:19 . 2010-05-28 04:19 -------- d-----w- c:\program files\Common Files\Java
2010-05-28 04:19 . 2010-05-28 04:19 411368 ----a-w- c:\windows\system32\deployJava1.dll
2010-05-28 04:19 . 2010-05-28 04:19 -------- d-----w- c:\program files\Java
2010-05-28 04:15 . 2010-05-28 04:14 -------- d-----w- c:\programdata\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
2010-05-28 04:14 . 2010-03-26 19:56 -------- d-----w- c:\programdata\Apple Computer
2010-05-28 04:13 . 2010-05-28 04:12 -------- d-----w- c:\program files\QuickTime
2010-05-28 04:12 . 2010-05-28 04:12 -------- d-----w- c:\program files\Apple Software Update
2010-05-26 20:51 . 2010-05-26 20:10 -------- d-----w- c:\programdata\FarmFrenzy3_Russia
2010-05-26 04:20 . 2010-05-26 04:20 -------- d-----w- c:\users\Roselle\AppData\Roaming\Flood Light Games
2010-05-26 04:20 . 2010-05-26 04:20 -------- d-----w- c:\programdata\Flood Light Games
2010-05-26 04:06 . 2010-05-26 04:05 -------- d-----w- c:\programdata\Deadtime Stories
2010-05-26 03:20 . 2010-05-21 23:31 -------- d-----w- c:\users\Roselle\AppData\Roaming\Artogon
2010-05-24 03:41 . 2010-05-24 03:41 -------- d-----w- c:\users\Roselle\AppData\Roaming\Oberon
2010-05-23 05:47 . 2010-05-23 05:47 -------- d-----w- c:\programdata\SpecialBit
2010-05-23 02:10 . 2010-05-23 02:10 -------- d-----w- c:\users\Roselle\AppData\Roaming\Boolat Games
2010-05-23 01:28 . 2010-05-23 01:28 -------- d-----w- c:\users\Roselle\AppData\Roaming\LaJangada
2010-05-23 00:29 . 2010-05-23 00:29 -------- d-----w- c:\users\Roselle\AppData\Roaming\Big Fish Games
2010-05-22 04:31 . 2010-05-22 04:31 -------- d-----w- c:\users\Roselle\AppData\Roaming\Namco
2010-05-21 19:14 . 2010-03-26 02:03 221568 ------w- c:\windows\system32\MpSigStub.exe
2010-05-18 21:35 . 2010-05-18 21:35 91424 ----a-w- c:\windows\system32\dnssd.dll
2010-05-18 21:35 . 2010-05-18 21:35 107808 ----a-w- c:\windows\system32\dns-sd.exe
2010-05-16 04:41 . 2010-05-16 04:41 -------- d-----w- c:\users\Roselle\AppData\Roaming\GameInvest
2010-05-10 20:48 . 2010-04-05 22:26 125888 ----a-w- c:\users\Guest\AppData\Local\GDIPFONTCACHEV1.DAT
2010-05-04 05:59 . 2010-06-16 17:45 916480 ----a-w- c:\windows\system32\wininet.dll
2010-05-04 05:55 . 2010-06-16 17:45 71680 ----a-w- c:\windows\system32\iesetup.dll
2010-05-04 05:55 . 2010-06-16 17:45 109056 ----a-w- c:\windows\system32\iesysprep.dll
2010-05-04 04:31 . 2010-06-16 17:45 133632 ----a-w- c:\windows\system32\ieUnatt.exe
2010-05-01 14:13 . 2010-06-16 17:45 2037248 ----a-w- c:\windows\system32\win32k.sys
2010-04-29 12:01 . 2010-04-29 12:01 10978776 ----a-w- c:\programdata\SPL8841.tmp
2010-04-29 06:20 . 2010-04-29 06:20 10978776 ----a-w- c:\programdata\SPL426.tmp
2010-04-28 19:54 . 2010-04-28 19:53 -------- d-----w- c:\programdata\Go Go Gourmet
2010-04-19 11:25 . 2010-03-26 01:15 125888 ----a-w- c:\users\laureanofamily\AppData\Local\GDIPFONTCACHEV1.DAT
2010-04-19 03:51 . 2010-04-08 22:12 125888 ----a-w- c:\users\Roselle\AppData\Local\GDIPFONTCACHEV1.DAT
2010-03-31 06:00 . 2010-03-31 06:00 86016 ----a-w- c:\windows\system32\frapsvid.dll
2007-02-21 19:49 . 2007-02-21 19:49 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856]
"Logitech Vid"="c:\program files\Logitech\Logitech Vid\vid.exe" [2009-07-16 5458704]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2010-06-26 39408]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-19 1008184]
"dlcxmon.exe"="c:\program files\Dell Photo AIO Printer 926\dlcxmon.exe" [2007-01-12 292336]
"MemoryCardManager"="c:\program files\Dell Photo AIO Printer 926\memcard.exe" [2006-11-03 304008]
"DLCXCATS"="c:\windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll" [2006-10-16 106496]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768]
"MSN Toolbar"="c:\program files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe" [2009-11-18 240480]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2009-07-17 288080]
"QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-18 421888]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-06-15 141624]
"LogitechQuickCamRibbon"="c:\program files\Logitech\Logitech WebCam Software\LWS.exe" [2009-10-14 2793304]
"avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792]

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\wlanapi.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc]
"VistaSp2"=hex(b):e2,6f,78,e1,03,10,cb,01

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 136176]
R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
S2 dlcx_device;dlcx_device;c:\windows\system32\dlcxcoms.exe [2006-11-04 537480]
S3 VST_DPV;VST_DPV;c:\windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
S3 VSTHWBS2;VSTHWBS2;c:\windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]


[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LPDService REG_MULTI_SZ
LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache
.
Contents of the 'Scheduled Tasks' folder

2010-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 04:09]

2010-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2010-06-26 04:09]

2010-06-26 c:\windows\Tasks\User_Feed_Synchronization-{86B33D2A-102E-4517-904C-BF5E2454C7EF}.job
- c:\windows\system32\msfeedssync.exe [2010-06-16 04:30]

2010-06-27 c:\windows\Tasks\User_Feed_Synchronization-{9E7639ED-B112-4179-B7CC-E00746ACDA36}.job
- c:\windows\system32\msfeedssync.exe [2010-06-16 04:30]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com/
mStart Page = hxxp://www.yahoo.com
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
LSP: c:\windows\system32\wpclsp.dll
DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} - hxxp://lads.myspace.com/upload/MySpaceUploader2.cab
.
- - - - ORPHANS REMOVED - - - -

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)



**************************************************************************
scanning hidden processes ...

scanning hidden autostart entries ...

HKLM\Software\Microsoft\Windows\CurrentVersion\Run
DLCXCATS = rundll32 c:\windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16???????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????

scanning hidden files ...

scan completed successfully
hidden files:

**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'Explorer.exe'(5972)
c:\program files\Roxio\Drag-to-Disc\Shellex.dll
c:\windows\system32\DLAAPI_W.DLL
c:\program files\Roxio\Drag-to-Disc\ShellRes.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\nvvsvc.exe
c:\windows\system32\nvvsvc.exe
c:\program files\Avira\AntiVir Desktop\avguard.exe
c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files\Bonjour\mDNSResponder.exe
c:\program files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe
c:\windows\system32\WUDFHost.exe
c:\program files\Avira\AntiVir Desktop\avshadow.exe
c:\program files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
c:\program files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
c:\program files\Windows Media Player\wmpnetwk.exe
c:\windows\servicing\TrustedInstaller.exe
.
**************************************************************************
.
Completion time: 2010-06-27 14:06:01 - machine was rebooted
ComboFix-quarantined-files.txt 2010-06-27 19:05

Pre-Run: 107,039,059,968 bytes free
Post-Run: 109,407,997,952 bytes free

- - End Of File - - 167FA9C94326CF6CEFF01DD5F7BBF764
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm
Advertisement
Register to Remove

Re: Vistanumbers internet links redirect

Unread postby Cypher » June 27th, 2010, 3:21 pm

Hi rexel .
Are you're searches still redirected?

SystemLook

Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1
Download Mirror #2

  • Double-click SystemLook.exe to run it.
  • Copy the content of the following codebox into the main textfield:
    Code: Select all
    :filefind
    *TDSSKiller*
    
    :dir
    C:\Windows\system32\F01744F2FC1
    C:\Windows\system32\F016D353D7B
    C:\Windows\system32\F0157A43D16
    C:\Windows\system32\F013AAE60B7
    C:\Windows\system32\F01330A791A
    C:\Windows\system32\F011FD80175
    C:\Windows\system32\F010428152A
    

  • Click the Look button to start the scan.
  • When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Vistanumbers internet links redirect

Unread postby rexel » June 27th, 2010, 3:31 pm

No, not yet. hehe, i hope it stays that way!
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby rexel » June 27th, 2010, 3:33 pm

SystemLook v1.0 by jpshortstuff (11.01.10)
Log created at 14:32 on 27/06/2010 by Rexel (Administrator - Elevation successful)

========== filefind ==========

Searching for "*TDSSKiller*"
C:\TDSSKiller.2.3.2.0_27.06.2010_13.29.25_log.txt --a--- 53882 bytes [18:29 27/06/2010] [18:29 27/06/2010] C804E4E0C227EF1729B1263A7D31607F
C:\TDSSKiller.2.3.2.0_27.06.2010_13.30.51_log.txt --a--- 53882 bytes [18:30 27/06/2010] [18:31 27/06/2010] 41F1D703C32FA1DAB75B2C150D583BBC
C:\Users\Rexel\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.3.2.0_27.06.2010_13.30.51_log.lnk --a--- 629 bytes [18:32 27/06/2010] [18:32 27/06/2010] 308D9D2A30D53E29B47C7756D5A2CEE6
C:\Users\Rexel\Downloads\tdsskiller.exe --a--- 998736 bytes [18:30 27/06/2010] [18:30 27/06/2010] A68A78B4276CBD5F0B1254316C3F4F89
C:\Windows.old\Documents and Settings\Rexel\AppData\Roaming\Microsoft\Windows\Recent\TDSSKiller.2.3.2.0_27.06.2010_13.30.51_log.lnk --a--- 629 bytes [18:32 27/06/2010] [18:32 27/06/2010] 308D9D2A30D53E29B47C7756D5A2CEE6
C:\Windows.old\Documents and Settings\Rexel\Downloads\tdsskiller.exe --a--- 998736 bytes [18:30 27/06/2010] [18:30 27/06/2010] A68A78B4276CBD5F0B1254316C3F4F89

========== dir ==========

C:\Windows\system32\F01744F2FC1 - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Windows\system32\F016D353D7B - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Windows\system32\F0157A43D16 - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Windows\system32\F013AAE60B7 - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Windows\system32\F01330A791A - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Windows\system32\F011FD80175 - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

C:\Windows\system32\F010428152A - Parameters: "(none)"

---Files---
None found.

---Folders---
None found.

-=End Of File=-
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby rexel » June 27th, 2010, 8:09 pm

Hi Cypher, i'm noticing some problems with my computer.
I'll just list em, and add more that i find.

-It no longer displays stuff on my taskbar, nor will it let me control whats contained in it.
Image

-It will not let me click on items with Image icon.
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby Cypher » June 28th, 2010, 4:58 am

Hi rexel.
i'm noticing some problems with my computer, It no longer displays stuff on my taskbar.

What happens when you click on customize or Default settings?
It seems you ran TDSSKiller more than once.
There are two TDSS logs on you're C drive, C:\TDSSKiller.2.3.2.0_27.06.2010_13.29.25_log.txt << Post this log in you're next reply

You're logs show that Windows Defender is still enabled.
Please Disable it as i instructed you to Here


Next.

  • Please navigate to Start >> All Programs >> ERUNT, then double-click ERUNT from the menu.
  • Click on OK within the pop-up menu.
  • In the next menu under C:\WINDOWS\ERDNT\DD-MM-YYYY under Backup options make sure both the following are selected:
    • System registry.
    • Current user registry.
  • Next click on "OK"... at the prompt... reply "Yes".
    After a short duration the Registry backup is complete! pop-up message will appear.
  • Now click on "OK". A registry backup has now been created.

Next.

Download and run OTM

Download OTM.exe by Old Timer and save it to your Desktop.
  • Right-click OTM.exe And select " Run as administrator " to run it.
  • Right-click then copy the following code, Do not include the word Code.
    Code: Select all
    :Reg
    [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings]
    "ProxyOverride"=-
    [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [-HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}]
    [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
    ""=-
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
    "AppInit_DLLS"=""
    [-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0aa5931-388a-11df-aacf-806e6f6e6963}]
    
    :Files
    c:\users\Guest\AppData\Local\AskToolbar
    c:\users\laureanofamily\AppData\Local\AskToolbar
    c:\program files\Ask.com
    c:\users\Roselle\AppData\Roaming\LimeWire
    c:\programdata\SPL8841.tmp
    c:\programdata\SPL426.tmp
    C:\Windows\system32\F01744F2FC1
    C:\Windows\system32\F016D353D7B
    C:\Windows\system32\F0157A43D16
    C:\Windows\system32\F013AAE60B7
    C:\Windows\system32\F01330A791A
    C:\Windows\system32\F011FD80175
    C:\Windows\system32\F010428152A
    
    :Commands
    [emptytemp]
    [start explorer]
    [Reboot]
    

    • Return to OTM, right-click then paste the code into the blank box below Image
    • Next click on the large Image button.
    • OTM may ask to reboot the machine. Please do so if asked.
    • Copy everything in the Results window (under the green bar), and paste it in your next reply.

NOTE: If you are unable to copy/paste from this window (as will be the case if the machine was rebooted), open Notepad (Start->All Programs->Accessories->Notepad), click File->Open, in the File Name box enter *.log and press the Enter key, navigate to the C:\_OTM\MovedFiles folder, and open the newest .log file present, and copy/paste the contents of that document back here in your next post.

Next.

Re-run - RSIT (Random's System Information Tool)

You should still have this program on your desktop.
  • Right click on RSIT.exe and select "Run As Administrator" to run it. If Windows UAC prompts you, please allow it.
  • Please read the disclaimer... click on Continue.
  • RSIT will start running. When done... ONLY the "C:\RSIT\log.txt"...will be reproduced. ( it will be maximized )
  • Please post ONLY the "log.txt", file contents in your next reply.
    (This log can be lengthy, so a separate post may be needed.)

Logs/Information to Post in your Next Reply

  • TDSSKiller log.
  • OTM log.
  • RSIT log.txt
  • Please give me an update on your computers performance.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Vistanumbers internet links redirect

Unread postby rexel » June 28th, 2010, 8:28 am

Your right, i dont know why i ran 2 TDS Killers, here it is, but i am unable to do any of the other things because it will not let me backup my files through erunt and i am unable to disable windows defender.
Here are some screenies.

Image
Image
Image

13:29:25:632 5660 TDSS rootkit removing tool 2.3.2.0 May 31 2010 10:39:48
13:29:25:632 5660 ================================================================================
13:29:25:632 5660 SystemInfo:

13:29:25:632 5660 OS Version: 6.0.6002 ServicePack: 2.0
13:29:25:632 5660 Product type: Workstation
13:29:25:633 5660 ComputerName: LAUREANOFAMI-PC
13:29:25:633 5660 UserName: Rexel
13:29:25:633 5660 Windows directory: C:\Windows
13:29:25:633 5660 Processor architecture: Intel x86
13:29:25:633 5660 Number of processors: 2
13:29:25:633 5660 Page size: 0x1000
13:29:25:634 5660 Boot type: Normal boot
13:29:25:634 5660 ================================================================================
13:29:36:141 5660 Initialize success
13:29:36:141 5660
13:29:36:141 5660 Scanning Services ...
13:29:36:645 5660 Raw services enum returned 436 services
13:29:36:702 5660
13:29:36:702 5660 Scanning Drivers ...
13:29:38:878 5660 ACPI (82b296ae1892fe3dbee00c9cf92f8ac7) C:\Windows\system32\drivers\acpi.sys
13:29:39:129 5660 adp94xx (2edc5bbac6c651ece337bde8ed97c9fb) C:\Windows\system32\drivers\adp94xx.sys
13:29:39:284 5660 adpahci (b84088ca3cdca97da44a984c6ce1ccad) C:\Windows\system32\drivers\adpahci.sys
13:29:39:339 5660 adpu160m (7880c67bccc27c86fd05aa2afb5ea469) C:\Windows\system32\drivers\adpu160m.sys
13:29:39:458 5660 adpu320 (9ae713f8e30efc2abccd84904333df4d) C:\Windows\system32\drivers\adpu320.sys
13:29:39:607 5660 AFD (a201207363aa900abf1a388468688570) C:\Windows\system32\drivers\afd.sys
13:29:39:649 5660 agp440 (ef23439cdd587f64c2c1b8825cead7d8) C:\Windows\system32\drivers\agp440.sys
13:29:39:715 5660 aic78xx (ae1fdf7bf7bb6c6a70f67699d880592a) C:\Windows\system32\drivers\djsvs.sys
13:29:39:775 5660 aliide (3a99cb23a2d326fd532618705d6e3048) C:\Windows\system32\drivers\aliide.sys
13:29:39:818 5660 amdagp (2b13e304c9dfdfa5eb582f6a149fa2c7) C:\Windows\system32\drivers\amdagp.sys
13:29:39:844 5660 amdide (4333c133dbd71c7d7fe4fb1b83f9ee3e) C:\Windows\system32\drivers\amdide.sys
13:29:39:872 5660 AmdK7 (dc487885bcef9f28eece6fac0e5ddfc5) C:\Windows\system32\drivers\amdk7.sys
13:29:39:903 5660 AmdK8 (0ca0071da4315b00fc1328ca86b425da) C:\Windows\system32\drivers\amdk8.sys
13:29:39:938 5660 arc (5f673180268bb1fdb69c99b6619fe379) C:\Windows\system32\drivers\arc.sys
13:29:39:985 5660 arcsas (957f7540b5e7f602e44648c7de5a1c05) C:\Windows\system32\drivers\arcsas.sys
13:29:40:046 5660 AsyncMac (53b202abee6455406254444303e87be1) C:\Windows\system32\DRIVERS\asyncmac.sys
13:29:40:110 5660 atapi (a779ca2c76da4fcb595e692c05e8e4eb) C:\Windows\system32\drivers\atapi.sys
13:29:40:160 5660 avgntflt (a88d29d928ad2b830e87b53e3f9bc182) C:\Windows\system32\DRIVERS\avgntflt.sys
13:29:40:193 5660 avipbb (1289e9a5d9118a25a13c0009519088e3) C:\Windows\system32\DRIVERS\avipbb.sys
13:29:40:262 5660 Beep (67e506b75bd5326a3ec7b70bd014dfb6) C:\Windows\system32\drivers\Beep.sys
13:29:40:379 5660 bowser (74b442b2be1260b7588c136177ceac66) C:\Windows\system32\DRIVERS\bowser.sys
13:29:40:505 5660 BrFiltLo (9f9acc7f7ccde8a15c282d3f88b43309) C:\Windows\system32\drivers\brfiltlo.sys
13:29:40:552 5660 BrFiltUp (56801ad62213a41f6497f96dee83755a) C:\Windows\system32\drivers\brfiltup.sys
13:29:40:600 5660 Brserid (b304e75cff293029eddf094246747113) C:\Windows\system32\drivers\brserid.sys
13:29:40:657 5660 BrSerWdm (203f0b1e73adadbbb7b7b1fabd901f6b) C:\Windows\system32\drivers\brserwdm.sys
13:29:40:685 5660 BrUsbMdm (bd456606156ba17e60a04e18016ae54b) C:\Windows\system32\drivers\brusbmdm.sys
13:29:40:723 5660 BrUsbSer (af72ed54503f717a43268b3cc5faec2e) C:\Windows\system32\drivers\brusbser.sys
13:29:41:146 5660 BTHMODEM (ad07c1ec6665b8b35741ab91200c6b68) C:\Windows\system32\drivers\bthmodem.sys
13:29:41:216 5660 cdfs (7add03e75beb9e6dd102c3081d29840a) C:\Windows\system32\DRIVERS\cdfs.sys
13:29:41:266 5660 cdrom (6b4bffb9becd728097024276430db314) C:\Windows\system32\DRIVERS\cdrom.sys
13:29:41:300 5660 circlass (da8e0afc7baa226c538ef53ac2f90897) C:\Windows\system32\drivers\circlass.sys
13:29:41:360 5660 CLFS (d7659d3b5b92c31e84e53c1431f35132) C:\Windows\system32\CLFS.sys
13:29:41:439 5660 cmdide (dfb94a6fc3a26972b0461ab5f1d8272b) C:\Windows\system32\drivers\cmdide.sys
13:29:41:488 5660 Compbatt (82b8c91d327cfecf76cb58716f7d4997) C:\Windows\system32\drivers\compbatt.sys
13:29:41:513 5660 crcdisk (2a213ae086bbec5e937553c7d9a2b22c) C:\Windows\system32\drivers\crcdisk.sys
13:29:41:546 5660 Crusoe (22a7f883508176489f559ee745b5bf5d) C:\Windows\system32\drivers\crusoe.sys
13:29:41:580 5660 DfsC (218d8ae46c88e82014f5d73d0236d9b2) C:\Windows\system32\Drivers\dfsc.sys
13:29:41:612 5660 disk (5d4aefc3386920236a548271f8f1af6a) C:\Windows\system32\drivers\disk.sys
13:29:41:666 5660 DLABMFSM (a53723176d0002feb486eff8e17812f2) C:\Windows\system32\DLA\DLABMFSM.SYS
13:29:41:756 5660 DLABOIOM (d4587063acea776699251e177d719586) C:\Windows\system32\DLA\DLABOIOM.SYS
13:29:41:826 5660 DLACDBHM (5230cdb7e715f3a3b4a882e254cdd35d) C:\Windows\system32\Drivers\DLACDBHM.SYS
13:29:41:852 5660 DLADResM (c950c2e7b9ed1a4fc4a2ac7ec044f1d6) C:\Windows\system32\DLA\DLADResM.SYS
13:29:41:907 5660 DLAIFS_M (24400137e387a24410c52a591f3cfb4d) C:\Windows\system32\DLA\DLAIFS_M.SYS
13:29:41:966 5660 DLAOPIOM (29a303feceb28641ecebdae89eb71c63) C:\Windows\system32\DLA\DLAOPIOM.SYS
13:29:42:029 5660 DLAPoolM (c93e33a22a1ae0c5508f3fb1f6d0a50c) C:\Windows\system32\DLA\DLAPoolM.SYS
13:29:42:061 5660 DLARTL_M (77fe51f0f8d86804cb81f6ef6bfb86dd) C:\Windows\system32\Drivers\DLARTL_M.SYS
13:29:42:090 5660 DLAUDFAM (b953498c35a31e5ac98f49adbcf3e627) C:\Windows\system32\DLA\DLAUDFAM.SYS
13:29:42:144 5660 DLAUDF_M (4897704c093c1f59ce58fc65e1e1ef1e) C:\Windows\system32\DLA\DLAUDF_M.SYS
13:29:42:226 5660 drmkaud (97fef831ab90bee128c9af390e243f80) C:\Windows\system32\drivers\drmkaud.sys
13:29:42:269 5660 DRVMCDB (c00440385cf9f3d142917c63f989e244) C:\Windows\system32\Drivers\DRVMCDB.SYS
13:29:42:325 5660 DRVNDDM (ffc371525aa55d1bae18715ebcb8797c) C:\Windows\system32\Drivers\DRVNDDM.SYS
13:29:42:373 5660 DXGKrnl (5c7e2097b91d689ded7a6ff90f0f3a25) C:\Windows\System32\drivers\dxgkrnl.sys
13:29:42:440 5660 e1express (908ed85b7806e8af3af5e9b74f7809d4) C:\Windows\system32\DRIVERS\e1e6032.sys
13:29:42:496 5660 E1G60 (f88fb26547fd2ce6d0a5af2985892c48) C:\Windows\system32\DRIVERS\E1G60I32.sys
13:29:42:566 5660 Ecache (7f64ea048dcfac7acf8b4d7b4e6fe371) C:\Windows\system32\drivers\ecache.sys
13:29:42:616 5660 elxstor (e8f3f21a71720c84bcf423b80028359f) C:\Windows\system32\drivers\elxstor.sys
13:29:42:705 5660 exfat (22b408651f9123527bcee54b4f6c5cae) C:\Windows\system32\drivers\exfat.sys
13:29:42:848 5660 fastfat (1e9b9a70d332103c52995e957dc09ef8) C:\Windows\system32\drivers\fastfat.sys
13:29:42:885 5660 fdc (63bdada84951b9c03e641800e176898a) C:\Windows\system32\DRIVERS\fdc.sys
13:29:42:983 5660 FileInfo (a8c0139a884861e3aae9cfe73b208a9f) C:\Windows\system32\drivers\fileinfo.sys
13:29:43:065 5660 Filetrace (0ae429a696aecbc5970e3cf2c62635ae) C:\Windows\system32\drivers\filetrace.sys
13:29:43:104 5660 flpydisk (6603957eff5ec62d25075ea8ac27de68) C:\Windows\system32\DRIVERS\flpydisk.sys
13:29:43:158 5660 FltMgr (01334f9ea68e6877c4ef05d3ea8abb05) C:\Windows\system32\drivers\fltmgr.sys
13:29:43:236 5660 Fs_Rec (65ea8b77b5851854f0c55c43fa51a198) C:\Windows\system32\drivers\Fs_Rec.sys
13:29:43:306 5660 gagp30kx (4e1cd0a45c50a8882616cae5bf82f3c5) C:\Windows\system32\drivers\gagp30kx.sys
13:29:43:427 5660 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
13:29:43:517 5660 HdAudAddService (3f90e001369a07243763bd5a523d8722) C:\Windows\system32\drivers\HdAudio.sys
13:29:43:729 5660 HDAudBus (062452b7ffd68c8c042a6261fe8dff4a) C:\Windows\system32\DRIVERS\HDAudBus.sys
13:29:43:782 5660 HidBth (1338520e78d90154ed6be8f84de5fceb) C:\Windows\system32\drivers\hidbth.sys
13:29:43:823 5660 HidIr (ff3160c3a2445128c5a6d9b076da519e) C:\Windows\system32\drivers\hidir.sys
13:29:43:853 5660 HidUsb (cca4b519b17e23a00b826c55716809cc) C:\Windows\system32\DRIVERS\hidusb.sys
13:29:43:879 5660 HpCISSs (df353b401001246853763c4b7aaa6f50) C:\Windows\system32\drivers\hpcisss.sys
13:29:43:921 5660 HTTP (f870aa3e254628ebeafe754108d664de) C:\Windows\system32\drivers\HTTP.sys
13:29:43:952 5660 i2omp (324c2152ff2c61abae92d09f3cca4d63) C:\Windows\system32\drivers\i2omp.sys
13:29:43:995 5660 i8042prt (22d56c8184586b7a1f6fa60be5f5a2bd) C:\Windows\system32\DRIVERS\i8042prt.sys
13:29:44:058 5660 iaStorV (54155ea1b0df185878e0fc9ec3ac3a14) C:\Windows\system32\drivers\iastorv.sys
13:29:44:262 5660 iirsp (2d077bf86e843f901d8db709c95b49a5) C:\Windows\system32\drivers\iirsp.sys
13:29:44:385 5660 intelide (1c60617d54bc9f035671a44b75d9f7cc) C:\Windows\system32\drivers\intelide.sys
13:29:44:456 5660 intelppm (224191001e78c89dfa78924c3ea595ff) C:\Windows\system32\DRIVERS\intelppm.sys
13:29:44:523 5660 IpFilterDriver (62c265c38769b864cb25b4bcf62df6c3) C:\Windows\system32\DRIVERS\ipfltdrv.sys
13:29:44:591 5660 IPMIDRV (40f34f8aba2a015d780e4b09138b6c17) C:\Windows\system32\drivers\ipmidrv.sys
13:29:44:626 5660 IPNAT (8793643a67b42cec66490b2a0cf92d68) C:\Windows\system32\DRIVERS\ipnat.sys
13:29:44:666 5660 IRENUM (109c0dfb82c3632fbd11949b73aeeac9) C:\Windows\system32\drivers\irenum.sys
13:29:44:723 5660 isapnp (350fca7e73cf65bcef43fae1e4e91293) C:\Windows\system32\drivers\isapnp.sys
13:29:44:793 5660 iScsiPrt (232fa340531d940aac623b121a595034) C:\Windows\system32\DRIVERS\msiscsi.sys
13:29:45:005 5660 iteatapi (bced60d16156e428f8df8cf27b0df150) C:\Windows\system32\drivers\iteatapi.sys
13:29:45:073 5660 iteraid (06fa654504a498c30adca8bec4e87e7e) C:\Windows\system32\drivers\iteraid.sys
13:29:45:111 5660 kbdclass (37605e0a8cf00cbba538e753e4344c6e) C:\Windows\system32\DRIVERS\kbdclass.sys
13:29:45:143 5660 kbdhid (ede59ec70e25c24581add1fbec7325f7) C:\Windows\system32\DRIVERS\kbdhid.sys
13:29:45:183 5660 klmd23 (67e1faa88fb397b3d56909d7e04f4dd3) C:\Windows\system32\drivers\klmd.sys
13:29:45:423 5660 KSecDD (86165728af9bf72d6442a894fdfb4f8b) C:\Windows\system32\Drivers\ksecdd.sys
13:29:45:742 5660 lltdio (d1c5883087a0c3f1344d9d55a44901f6) C:\Windows\system32\DRIVERS\lltdio.sys
13:29:45:795 5660 LSI_FC (a2262fb9f28935e862b4db46438c80d2) C:\Windows\system32\drivers\lsi_fc.sys
13:29:45:861 5660 LSI_SAS (30d73327d390f72a62f32c103daf1d6d) C:\Windows\system32\drivers\lsi_sas.sys
13:29:45:911 5660 LSI_SCSI (e1e36fefd45849a95f1ab81de0159fe3) C:\Windows\system32\drivers\lsi_scsi.sys
13:29:45:956 5660 luafv (8f5c7426567798e62a3b3614965d62cc) C:\Windows\system32\drivers\luafv.sys
13:29:46:081 5660 LVPr2Mon (1a7db7a00a4b0d8da24cd691a4547291) C:\Windows\system32\DRIVERS\LVPr2Mon.sys
13:29:46:164 5660 megasas (d153b14fc6598eae8422a2037553adce) C:\Windows\system32\drivers\megasas.sys
13:29:46:283 5660 Modem (e13b5ea0f51ba5b1512ec671393d09ba) C:\Windows\system32\drivers\modem.sys
13:29:46:362 5660 monitor (0a9bb33b56e294f686abb7c1e4e2d8a8) C:\Windows\system32\DRIVERS\monitor.sys
13:29:46:422 5660 mouclass (5bf6a1326a335c5298477754a506d263) C:\Windows\system32\DRIVERS\mouclass.sys
13:29:46:436 5660 mouhid (93b8d4869e12cfbe663915502900876f) C:\Windows\system32\DRIVERS\mouhid.sys
13:29:46:480 5660 MountMgr (bdafc88aa6b92f7842416ea6a48e1600) C:\Windows\system32\drivers\mountmgr.sys
13:29:46:523 5660 mpio (583a41f26278d9e0ea548163d6139397) C:\Windows\system32\drivers\mpio.sys
13:29:46:598 5660 mpsdrv (22241feba9b2defa669c8cb0a8dd7d2e) C:\Windows\system32\drivers\mpsdrv.sys
13:29:46:695 5660 Mraid35x (4fbbb70d30fd20ec51f80061703b001e) C:\Windows\system32\drivers\mraid35x.sys
13:29:47:140 5660 MRxDAV (82cea0395524aacfeb58ba1448e8325c) C:\Windows\system32\drivers\mrxdav.sys
13:29:47:367 5660 mrxsmb (454341e652bdf5e01b0f2140232b073e) C:\Windows\system32\DRIVERS\mrxsmb.sys
13:29:47:737 5660 mrxsmb10 (2a4901aff069944fa945ed5bbf4dcde3) C:\Windows\system32\DRIVERS\mrxsmb10.sys
13:29:47:851 5660 mrxsmb20 (28b3f1ab44bdd4432c041581412f17d9) C:\Windows\system32\DRIVERS\mrxsmb20.sys
13:29:47:968 5660 msahci (f0ec3a4e0693a34b148723b4da31668c) C:\Windows\system32\drivers\msahci.sys
13:29:48:039 5660 msdsm (3fc82a2ae4cc149165a94699183d3028) C:\Windows\system32\drivers\msdsm.sys
13:29:48:084 5660 Msfs (a9927f4a46b816c92f461acb90cf8515) C:\Windows\system32\drivers\Msfs.sys
13:29:48:107 5660 msisadrv (0f400e306f385c56317357d6dea56f62) C:\Windows\system32\drivers\msisadrv.sys
13:29:48:152 5660 MSKSSRV (d8c63d34d9c9e56c059e24ec7185cc07) C:\Windows\system32\drivers\MSKSSRV.sys
13:29:48:220 5660 MSPCLOCK (1d373c90d62ddb641d50e55b9e78d65e) C:\Windows\system32\drivers\MSPCLOCK.sys
13:29:48:253 5660 MSPQM (b572da05bf4e098d4bba3a4734fb505b) C:\Windows\system32\drivers\MSPQM.sys
13:29:48:369 5660 MsRPC (b49456d70555de905c311bcda6ec6adb) C:\Windows\system32\drivers\MsRPC.sys
13:29:48:511 5660 mssmbios (e384487cb84be41d09711c30ca79646c) C:\Windows\system32\DRIVERS\mssmbios.sys
13:29:48:591 5660 MSTEE (7199c1eec1e4993caf96b8c0a26bd58a) C:\Windows\system32\drivers\MSTEE.sys
13:29:48:651 5660 Mup (6a57b5733d4cb702c8ea4542e836b96c) C:\Windows\system32\Drivers\mup.sys
13:29:48:713 5660 NativeWifiP (85c44fdff9cf7e72a40dcb7ec06a4416) C:\Windows\system32\DRIVERS\nwifi.sys
13:29:48:797 5660 NDIS (1357274d1883f68300aeadd15d7bbb42) C:\Windows\system32\drivers\ndis.sys
13:29:48:857 5660 NdisTapi (0e186e90404980569fb449ba7519ae61) C:\Windows\system32\DRIVERS\ndistapi.sys
13:29:48:897 5660 Ndisuio (d6973aa34c4d5d76c0430b181c3cd389) C:\Windows\system32\DRIVERS\ndisuio.sys
13:29:48:959 5660 NdisWan (818f648618ae34f729fdb47ec68345c3) C:\Windows\system32\DRIVERS\ndiswan.sys
13:29:49:026 5660 NDProxy (71dab552b41936358f3b541ae5997fb3) C:\Windows\system32\drivers\NDProxy.sys
13:29:49:053 5660 NetBIOS (bcd093a5a6777cf626434568dc7dba78) C:\Windows\system32\DRIVERS\netbios.sys
13:29:49:443 5660 netbt (ecd64230a59cbd93c85f1cd1cab9f3f6) C:\Windows\system32\DRIVERS\netbt.sys
13:29:49:492 5660 nfrd960 (2e7fb731d4790a1bc6270accefacb36e) C:\Windows\system32\drivers\nfrd960.sys
13:29:49:561 5660 Npfs (d36f239d7cce1931598e8fb90a0dbc26) C:\Windows\system32\drivers\Npfs.sys
13:29:49:632 5660 nsiproxy (609773e344a97410ce4ebf74a8914fcf) C:\Windows\system32\drivers\nsiproxy.sys
13:29:49:731 5660 Ntfs (6a4a98cee84cf9e99564510dda4baa47) C:\Windows\system32\drivers\Ntfs.sys
13:29:50:151 5660 ntrigdigi (e875c093aec0c978a90f30c9e0dfbb72) C:\Windows\system32\drivers\ntrigdigi.sys
13:29:50:223 5660 Null (c5dbbcda07d780bda9b685df333bb41e) C:\Windows\system32\drivers\Null.sys
13:29:52:085 5660 nvlddmkm (712d98d35e68d0006b121f4a3b8ee814) C:\Windows\system32\DRIVERS\nvlddmkm.sys
13:29:52:716 5660 nvraid (6f785db62a6d8f3fafd3e5695277e849) C:\Windows\system32\drivers\nvraid.sys
13:29:52:755 5660 nvstor (4a5fcab82d9bf6af8a023a66802fe9e9) C:\Windows\system32\drivers\nvstor.sys
13:29:52:835 5660 nv_agp (07c186427eb8fcc3d8d7927187f260f7) C:\Windows\system32\drivers\nv_agp.sys
13:29:52:905 5660 ohci1394 (be32da025a0be1878f0ee8d6d9386cd5) C:\Windows\system32\drivers\ohci1394.sys
13:29:52:980 5660 Parport (0fa9b5055484649d63c303fe404e5f4d) C:\Windows\system32\drivers\parport.sys
13:29:53:055 5660 partmgr (57389fa59a36d96b3eb09d0cb91e9cdc) C:\Windows\system32\drivers\partmgr.sys
13:29:53:119 5660 Parvdm (4f9a6a8a31413180d0fcb279ad5d8112) C:\Windows\system32\drivers\parvdm.sys
13:29:53:171 5660 pci (941dc1d19e7e8620f40bbc206981efdb) C:\Windows\system32\drivers\pci.sys
13:29:53:216 5660 pciide (20b869152448f80ac49cf10264e91f5e) C:\Windows\system32\drivers\pciide.sys
13:29:53:254 5660 pcmcia (e6f3fb1b86aa519e7698ad05e58b04e5) C:\Windows\system32\drivers\pcmcia.sys
13:29:53:295 5660 PEAUTH (6349f6ed9c623b44b52ea3c63c831a92) C:\Windows\system32\drivers\peauth.sys
13:29:53:696 5660 PID_PEPI (dd184d9adfe2a8a21741dbdfe9e22f5c) C:\Windows\system32\DRIVERS\LV302V32.SYS
13:29:53:997 5660 PptpMiniport (ecfffaec0c1ecd8dbc77f39070ea1db1) C:\Windows\system32\DRIVERS\raspptp.sys
13:29:54:081 5660 Processor (0e3cef5d28b40cf273281d620c50700a) C:\Windows\system32\drivers\processr.sys
13:29:54:152 5660 PSched (99514faa8df93d34b5589187db3aa0ba) C:\Windows\system32\DRIVERS\pacer.sys
13:29:54:197 5660 PxHelp20 (feffcfdc528764a04c8ed63d5fa6e711) C:\Windows\system32\Drivers\PxHelp20.sys
13:29:54:486 5660 ql2300 (ccdac889326317792480c0a67156a1ec) C:\Windows\system32\drivers\ql2300.sys
13:29:54:561 5660 ql40xx (81a7e5c076e59995d54bc1ed3a16e60b) C:\Windows\system32\drivers\ql40xx.sys
13:29:54:613 5660 QWAVEdrv (9f5e0e1926014d17486901c88eca2db7) C:\Windows\system32\drivers\qwavedrv.sys
13:29:54:648 5660 RasAcd (147d7f9c556d259924351feb0de606c3) C:\Windows\system32\DRIVERS\rasacd.sys
13:29:54:701 5660 Rasl2tp (a214adbaf4cb47dd2728859ef31f26b0) C:\Windows\system32\DRIVERS\rasl2tp.sys
13:29:54:741 5660 RasPppoe (509a98dd18af4375e1fc40bc175f1def) C:\Windows\system32\DRIVERS\raspppoe.sys
13:29:54:777 5660 RasSstp (2005f4a1e05fa09389ac85840f0a9e4d) C:\Windows\system32\DRIVERS\rassstp.sys
13:29:54:823 5660 rdbss (b14c9d5b9add2f84f70570bbbfaa7935) C:\Windows\system32\DRIVERS\rdbss.sys
13:29:54:881 5660 RDPCDD (89e59be9a564262a3fb6c4f4f1cd9899) C:\Windows\system32\DRIVERS\RDPCDD.sys
13:29:54:930 5660 rdpdr (e8bd98d46f2ed77132ba927fccb47d8b) C:\Windows\system32\drivers\rdpdr.sys
13:29:54:973 5660 RDPENCDD (9d91fe5286f748862ecffa05f8a0710c) C:\Windows\system32\drivers\rdpencdd.sys
13:29:55:024 5660 RDPWD (30bfbdfb7f95559ede971f9ddb9a00ba) C:\Windows\system32\drivers\RDPWD.sys
13:29:55:098 5660 rspndr (9c508f4074a39e8b4b31d27198146fad) C:\Windows\system32\DRIVERS\rspndr.sys
13:29:55:140 5660 sbp2port (3ce8f073a557e172b330109436984e30) C:\Windows\system32\drivers\sbp2port.sys
13:29:55:186 5660 secdrv (90a3935d05b494a5a39d37e71f09a677) C:\Windows\system32\drivers\secdrv.sys
13:29:55:233 5660 Serenum (68e44e331d46f0fb38f0863a84cd1a31) C:\Windows\system32\drivers\serenum.sys
13:29:55:253 5660 Serial (c70d69a918b178d3c3b06339b40c2e1b) C:\Windows\system32\drivers\serial.sys
13:29:55:310 5660 sermouse (8af3d28a879bf75db53a0ee7a4289624) C:\Windows\system32\drivers\sermouse.sys
13:29:55:361 5660 sffdisk (103b79418da647736ee95645f305f68a) C:\Windows\system32\drivers\sffdisk.sys
13:29:55:425 5660 sffp_mmc (8fd08a310645fe872eeec6e08c6bf3ee) C:\Windows\system32\drivers\sffp_mmc.sys
13:29:55:467 5660 sffp_sd (9cfa05fcfcb7124e69cfc812b72f9614) C:\Windows\system32\drivers\sffp_sd.sys
13:29:55:496 5660 sfloppy (46ed8e91793b2e6f848015445a0ac188) C:\Windows\system32\drivers\sfloppy.sys
13:29:55:516 5660 sisagp (d2a595d6eebeeaf4334f8e50efbc9931) C:\Windows\system32\drivers\sisagp.sys
13:29:55:560 5660 SiSRaid2 (cedd6f4e7d84e9f98b34b3fe988373aa) C:\Windows\system32\drivers\sisraid2.sys
13:29:55:604 5660 SiSRaid4 (df843c528c4f69d12ce41ce462e973a7) C:\Windows\system32\drivers\sisraid4.sys
13:29:55:683 5660 Smb (7b75299a4d201d6a6533603d6914ab04) C:\Windows\system32\DRIVERS\smb.sys
13:29:55:737 5660 spldr (7aebdeef071fe28b0eef2cdd69102bff) C:\Windows\system32\drivers\spldr.sys
13:29:55:800 5660 srv (0debafcc0e3591fca34f077cab62f7f7) C:\Windows\system32\DRIVERS\srv.sys
13:29:55:828 5660 srv2 (6b6f3658e0a58c6c50c5f7fbdf3df633) C:\Windows\system32\DRIVERS\srv2.sys
13:29:55:870 5660 srvnet (0c5ab1892ae0fa504218db094bf6d041) C:\Windows\system32\DRIVERS\srvnet.sys
13:29:55:991 5660 ssmdrv (a36ee93698802cd899f98bfd553d8185) C:\Windows\system32\DRIVERS\ssmdrv.sys
13:29:56:061 5660 swenum (7ba58ecf0c0a9a69d44b3dca62becf56) C:\Windows\system32\DRIVERS\swenum.sys
13:29:56:110 5660 Symc8xx (192aa3ac01df071b541094f251deed10) C:\Windows\system32\drivers\symc8xx.sys
13:29:56:142 5660 Sym_hi (8c8eb8c76736ebaf3b13b633b2e64125) C:\Windows\system32\drivers\sym_hi.sys
13:29:56:175 5660 Sym_u3 (8072af52b5fd103bbba387a1e49f62cb) C:\Windows\system32\drivers\sym_u3.sys
13:29:56:253 5660 Tcpip (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\drivers\tcpip.sys
13:29:56:327 5660 Tcpip6 (48cbe6d53632d0067c2d6b20f90d84ca) C:\Windows\system32\DRIVERS\tcpip.sys
13:29:56:381 5660 tcpipreg (608c345a255d82a6289c2d468eb41fd7) C:\Windows\system32\drivers\tcpipreg.sys
13:29:56:431 5660 TDPIPE (5dcf5e267be67a1ae926f2df77fbcc56) C:\Windows\system32\drivers\tdpipe.sys
13:29:56:476 5660 TDTCP (389c63e32b3cefed425b61ed92d3f021) C:\Windows\system32\drivers\tdtcp.sys
13:29:56:518 5660 tdx (76b06eb8a01fc8624d699e7045303e54) C:\Windows\system32\DRIVERS\tdx.sys
13:29:56:564 5660 TermDD (3cad38910468eab9a6479e2f01db43c7) C:\Windows\system32\DRIVERS\termdd.sys
13:29:56:613 5660 tssecsrv (dcf0f056a2e4f52287264f5ab29cf206) C:\Windows\system32\DRIVERS\tssecsrv.sys
13:29:56:671 5660 tunmp (caecc0120ac49e3d2f758b9169872d38) C:\Windows\system32\DRIVERS\tunmp.sys
13:29:56:693 5660 tunnel (300db877ac094feab0be7688c3454a9c) C:\Windows\system32\DRIVERS\tunnel.sys
13:29:56:736 5660 uagp35 (c3ade15414120033a36c0f293d4a4121) C:\Windows\system32\drivers\uagp35.sys
13:29:56:798 5660 udfs (d9728af68c4c7693cb100b8441cbdec6) C:\Windows\system32\DRIVERS\udfs.sys
13:29:56:864 5660 uliagpkx (75e6890ebfce0841d3291b02e7a8bdb0) C:\Windows\system32\drivers\uliagpkx.sys
13:29:56:917 5660 uliahci (3cd4ea35a6221b85dcc25daa46313f8d) C:\Windows\system32\drivers\uliahci.sys
13:29:56:967 5660 UlSata (8514d0e5cd0534467c5fc61be94a569f) C:\Windows\system32\drivers\ulsata.sys
13:29:57:042 5660 ulsata2 (38c3c6e62b157a6bc46594fada45c62b) C:\Windows\system32\drivers\ulsata2.sys
13:29:57:084 5660 umbus (32cff9f809ae9aed85464492bf3e32d2) C:\Windows\system32\DRIVERS\umbus.sys
13:29:57:117 5660 usbaudio (32db9517628ff0d070682aab61e688f0) C:\Windows\system32\drivers\usbaudio.sys
13:29:57:158 5660 usbccgp (caf811ae4c147ffcd5b51750c7f09142) C:\Windows\system32\DRIVERS\usbccgp.sys
13:29:57:209 5660 usbcir (e9476e6c486e76bc4898074768fb7131) C:\Windows\system32\drivers\usbcir.sys
13:29:57:269 5660 usbehci (79e96c23a97ce7b8f14d310da2db0c9b) C:\Windows\system32\DRIVERS\usbehci.sys
13:29:57:317 5660 usbhub (4673bbcb006af60e7abddbe7a130ba42) C:\Windows\system32\DRIVERS\usbhub.sys
13:29:57:370 5660 usbohci (38dbc7dd6cc5a72011f187425384388b) C:\Windows\system32\drivers\usbohci.sys
13:29:57:432 5660 usbprint (e75c4b5269091d15a2e7dc0b6d35f2f5) C:\Windows\system32\DRIVERS\usbprint.sys
13:29:57:476 5660 usbscan (a508c9bd8724980512136b039bba65e9) C:\Windows\system32\DRIVERS\usbscan.sys
13:29:57:511 5660 USBSTOR (be3da31c191bc222d9ad503c5224f2ad) C:\Windows\system32\DRIVERS\USBSTOR.SYS
13:29:57:557 5660 usbuhci (814d653efc4d48be3b04a307eceff56f) C:\Windows\system32\DRIVERS\usbuhci.sys
13:29:57:614 5660 vga (7d92be0028ecdedec74617009084b5ef) C:\Windows\system32\DRIVERS\vgapnp.sys
13:29:57:670 5660 VgaSave (2e93ac0a1d8c79d019db6c51f036636c) C:\Windows\System32\drivers\vga.sys
13:29:57:702 5660 viaagp (045d9961e591cf0674a920b6ba3ba5cb) C:\Windows\system32\drivers\viaagp.sys
13:29:57:759 5660 ViaC7 (56a4de5f02f2e88182b0981119b4dd98) C:\Windows\system32\drivers\viac7.sys
13:29:57:817 5660 viaide (58c8d5ac5c3eef40e7e704a5ced7987d) C:\Windows\system32\drivers\viaide.sys
13:29:57:889 5660 volmgr (69503668ac66c77c6cd7af86fbdf8c43) C:\Windows\system32\drivers\volmgr.sys
13:29:57:954 5660 volmgrx (23e41b834759917bfd6b9a0d625d0c28) C:\Windows\system32\drivers\volmgrx.sys
13:29:58:022 5660 volsnap (147281c01fcb1df9252de2a10d5e7093) C:\Windows\system32\drivers\volsnap.sys
13:29:58:062 5660 vsmraid (d984439746d42b30fc65a4c3546c6829) C:\Windows\system32\drivers\vsmraid.sys
13:29:58:144 5660 VSTHWBS2 (c466021d31ff6c0a6069d12299d80c0b) C:\Windows\system32\DRIVERS\VSTBS23.SYS
13:29:58:189 5660 VST_DPV (ec36f1d542ed4252390d446bf6d4dfd0) C:\Windows\system32\DRIVERS\VSTDPV3.SYS
13:29:58:251 5660 WacomPen (48dfee8f1af7c8235d4e626f0c4fe031) C:\Windows\system32\drivers\wacompen.sys
13:29:58:293 5660 Wanarp (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:29:58:305 5660 Wanarpv6 (55201897378cca7af8b5efd874374a26) C:\Windows\system32\DRIVERS\wanarp.sys
13:29:58:338 5660 Wd (afc5ad65b991c1e205cf25cfdbf7a6f4) C:\Windows\system32\drivers\wd.sys
13:29:58:407 5660 Wdf01000 (b6f0a7ad6d4bd325fbcd8bac96cd8d96) C:\Windows\system32\drivers\Wdf01000.sys
13:29:58:512 5660 winachsf (5c7bdcf5864db00323fe2d90fa26a8a2) C:\Windows\system32\DRIVERS\VSTCNXT3.SYS
13:29:58:583 5660 WmiAcpi (701a9f884a294327e9141d73746ee279) C:\Windows\system32\drivers\wmiacpi.sys
13:29:58:642 5660 WpdUsb (de9d36f91a4df3d911626643debf11ea) C:\Windows\system32\DRIVERS\wpdusb.sys
13:29:58:685 5660 ws2ifsl (e3a3cb253c0ec2494d4a61f5e43a389c) C:\Windows\system32\drivers\ws2ifsl.sys
13:29:58:738 5660 WUDFRd (ac13cb789d93412106b0fb6c7eb2bcb6) C:\Windows\system32\DRIVERS\WUDFRd.sys
13:29:58:741 5660
13:29:58:741 5660 Completed
13:29:58:741 5660
13:29:58:741 5660 Results:
13:29:58:741 5660 Registry objects infected / cured / cured on reboot: 0 / 0 / 0
13:29:58:742 5660 File objects infected / cured / cured on reboot: 0 / 0 / 0
13:29:58:742 5660
13:29:58:744 5660 KLMD(ARK) unloaded successfully
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby Cypher » June 28th, 2010, 11:52 am

Hi rexel.
but i am unable to do any of the other things because it will not let me backup my files through erunt and i am unable to disable windows defender.

Did you run them as admin as in right click on them?
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Vistanumbers internet links redirect

Unread postby rexel » June 28th, 2010, 12:09 pm

yes i did, showing the same errors.
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby rexel » June 28th, 2010, 12:10 pm

Oh i did ERUNT with the right click as administrator, and it worked, but its still the same with windows defender.
Files are now backed up
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby Cypher » June 28th, 2010, 12:24 pm

rexel wrote:Oh i did ERUNT with the right click as administrator, and it worked.

Ok go ahead and run OTM as instructed then post the requested logs.
User avatar
Cypher
Admin/Teacher
Admin/Teacher
 
Posts: 15148
Joined: October 29th, 2008, 12:49 pm
Location: Land Of The Leprechauns

Re: Vistanumbers internet links redirect

Unread postby rexel » June 28th, 2010, 12:30 pm

ok
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby rexel » June 28th, 2010, 12:37 pm

Hmm the thing is frozen, is that normal?
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby rexel » June 28th, 2010, 12:43 pm

All processes killed
========== REGISTRY ==========
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyOverride deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_CLASSES_ROOT\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5C255C8A-E604-49b4-9D64-90988571CECB}\ not found.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ not found.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\\"AppInit_DLLS"|"" /E : value set successfully!
Registry key HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{b0aa5931-388a-11df-aacf-806e6f6e6963}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0aa5931-388a-11df-aacf-806e6f6e6963}\ not found.
========== FILES ==========
c:\users\Guest\AppData\Local\AskToolbar\Downloaded Program Files\temp folder moved successfully.
c:\users\Guest\AppData\Local\AskToolbar\Downloaded Program Files folder moved successfully.
c:\users\Guest\AppData\Local\AskToolbar folder moved successfully.
c:\users\laureanofamily\AppData\Local\AskToolbar\Downloaded Program Files\temp folder moved successfully.
c:\users\laureanofamily\AppData\Local\AskToolbar\Downloaded Program Files folder moved successfully.
c:\users\laureanofamily\AppData\Local\AskToolbar folder moved successfully.
c:\program files\Ask.com folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\xml\data folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\xml folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\promotion folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\mozilla-profile\updates\0 folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\mozilla-profile\updates folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\mozilla-profile\extensions folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\mozilla-profile\Cache folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\mozilla-profile folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\certificate folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\res\html folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\res\fonts folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\res\entityTables folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\res\dtd folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\res folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\plugins folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\modules folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\greprefs folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\dictionaries folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US\chrome folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\US folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile\chrome folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\defaults\profile folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\defaults\pref folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\defaults\autoconfig folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\defaults folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\components folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner\chrome folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser\xulrunner folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\browser folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire\.AppSpecialShare folder moved successfully.
c:\users\Roselle\AppData\Roaming\LimeWire folder moved successfully.
c:\programdata\SPL8841.tmp moved successfully.
c:\programdata\SPL426.tmp moved successfully.
C:\Windows\system32\F01744F2FC1 folder moved successfully.
C:\Windows\system32\F016D353D7B folder moved successfully.
C:\Windows\system32\F0157A43D16 folder moved successfully.
C:\Windows\system32\F013AAE60B7 folder moved successfully.
C:\Windows\system32\F01330A791A folder moved successfully.
C:\Windows\system32\F011FD80175 folder moved successfully.
C:\Windows\system32\F010428152A folder moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 67 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Guest
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 18836372 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 39923 bytes
->Flash cache emptied: 434 bytes

User: laureanofamily
->Temp folder emptied: 3426947 bytes
->Temporary Internet Files folder emptied: 114682002 bytes
->Java cache emptied: 23415 bytes
->Apple Safari cache emptied: 97615057 bytes
->Flash cache emptied: 55910 bytes

User: Public
->Temp folder emptied: 0 bytes

User: Rexel
->Temp folder emptied: 577795 bytes
->Temporary Internet Files folder emptied: 76082031 bytes
->Java cache emptied: 0 bytes
->Apple Safari cache emptied: 141967992 bytes
->Flash cache emptied: 17983 bytes

User: Roselle
->Temp folder emptied: 19854500 bytes
->Temporary Internet Files folder emptied: 126908932 bytes
->Java cache emptied: 550552 bytes
->Flash cache emptied: 81857 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 220146 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 40135 bytes
RecycleBin emptied: 102487811 bytes

Total Files Cleaned = 671.00 mb


OTM by OldTimer - Version 3.1.12.2 log created on 06282010_113058

Files moved on Reboot...
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\VDPD99IZ\ads[1].htm moved successfully.
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FY9B07FL\adifyExelatePixelFreqIF[1].htm moved successfully.
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FY9B07FL\sed[1].htm not found!
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\FY9B07FL\viewtopic[1].htm not found!
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A6OOPYZY\;ord=1844283139[1].htm moved successfully.
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A6OOPYZY\ads[1].htm moved successfully.
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A6OOPYZY\frame[1].htm not found!
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\A6OOPYZY\recently_featured[1] moved successfully.
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\1844293551[1].htm not found!
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\if-its-love-lyrics-train[1].html moved successfully.
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\like[1].htm not found!
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\like[2].htm not found!
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\recently_featured[1] moved successfully.
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\recently_featured[2] moved successfully.
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\sh19[1].html moved successfully.
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5\1JFQQYKF\watch[1].htm not found!
C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.
File C:\Users\Rexel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\fla597.tmp not found!
File C:\Windows\temp\logishrd\LVPrcInj02.dll not found!
C:\Windows\temp\JET1708.tmp moved successfully.

Registry entries deleted on Reboot...
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm

Re: Vistanumbers internet links redirect

Unread postby rexel » June 28th, 2010, 12:45 pm

Logfile of random's system information tool 1.07 (written by random/random)
Run by Rexel at 2010-06-28 11:43:33
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 105 GB (46%) free of 228 GB
Total RAM: 2045 MB (54% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:44:00 AM, on 6/28/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18928)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe
C:\Program Files\Dell Photo AIO Printer 926\memcard.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Logitech\Logitech Vid\Vid.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Free Ride Games\GPlayer.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Google\Google Toolbar\GoogleToolbarUser_32.exe
C:\Users\Rexel\Downloads\RSIT.exe
C:\Program Files\trend micro\Rexel.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - (no file)
R3 - URLSearchHook: Free Ride Games Toolbar - {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\Free_Ride_Games\tbFree.dll
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll
O2 - BHO: MSN Toolbar BHO - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\npwinext.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Free Ride Games Toolbar - {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\Free_Ride_Games\tbFree.dll
O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll
O3 - Toolbar: MSN Toolbar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\npwinext.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Free Ride Games Toolbar - {f92a9fe4-2850-4198-b9d5-279880e49b16} - C:\Program Files\Free_Ride_Games\tbFree.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [dlcxmon.exe] "C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe"
O4 - HKLM\..\Run: [MemoryCardManager] "C:\Program Files\Dell Photo AIO Printer 926\memcard.exe"
O4 - HKLM\..\Run: [DLCXCATS] rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [MSN Toolbar] "C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe"
O4 - HKLM\..\Run: [Microsoft Default Manager] "C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup
O4 - HKUS\S-1-5-18\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Exetender] "C:\Program Files\Free Ride Games\GPlayer.exe" /runonstartup (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_89D8574934B26AC4.dll/cmsidewiki.html
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~4\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B205A35E-1FC4-4CE3-818B-899DBBB3388C} - C:\Program Files\Common Files\Microsoft Shared\Encarta Search Bar\ENCSBAR.DLL
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: {6A060448-60F9-11D5-A6CD-0002B31F7455} (ExentInf Class) -
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/200 ... ader55.cab
O16 - DPF: {9C23D886-43CB-43DE-B2DB-112A68D7E10A} (MySpace Uploader Control) - http://lads.myspace.com/upload/MySpaceUploader2.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: dlcx_device - - C:\Windows\system32\dlcxcoms.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

--
End of file - 9611 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{86B33D2A-102E-4517-904C-BF5E2454C7EF}.job
C:\Windows\tasks\User_Feed_Synchronization-{9E7639ED-B112-4179-B7CC-E00746ACDA36}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2010-03-23 1205560]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-04-03 75200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2010-05-14 191792]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18 403840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-25 278192]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll [2010-06-25 814648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d2ce3e00-f94a-4740-988e-03dc2f38c34f}]
MSN Toolbar BHO - C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\npwinext.dll [2009-11-18 506720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-27 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{f92a9fe4-2850-4198-b9d5-279880e49b16}]
Free Ride Games Toolbar - C:\Program Files\Free_Ride_Games\tbFree.dll [2009-07-15 2224152]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class - C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll [2010-03-23 158520]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{8dcb7100-df86-4384-8842-8fa844297b3f} - MSN Toolbar - C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\npwinext.dll [2009-11-18 506720]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll [2010-03-23 1205560]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2010-06-25 278192]
{f92a9fe4-2850-4198-b9d5-279880e49b16} - Free Ride Games Toolbar - C:\Program Files\Free_Ride_Games\tbFree.dll [2009-07-15 2224152]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"dlcxmon.exe"=C:\Program Files\Dell Photo AIO Printer 926\dlcxmon.exe [2007-01-12 292336]
"MemoryCardManager"=C:\Program Files\Dell Photo AIO Printer 926\memcard.exe [2006-11-03 304008]
"DLCXCATS"=rundll32 C:\Windows\system32\spool\DRIVERS\W32X86\3\DLCXtime.dll,_RunDLLEntry@16 []
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2010-04-04 36272]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2010-03-24 952768]
"MSN Toolbar"=C:\Program Files\MSN Toolbar\Platform\4.0.0360.0\mswinext.exe [2009-11-18 240480]
"Microsoft Default Manager"=C:\Program Files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [2009-07-17 288080]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2010-03-17 421888]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2010-02-18 248040]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2010-06-15 141624]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2010-03-02 282792]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"msnmsgr"=C:\Program Files\Windows Live\Messenger\msnmsgr.exe [2009-07-26 3883856]
"Logitech Vid"=C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-19 125952]
"swg"=C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2010-06-25 39408]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-11 1233920]
"Exetender"=C:\Program Files\Free Ride Games\GPlayer.exe [2010-05-16 1773568]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"LogonHoursAction"=2
"DontDisplayLogonHoursWarnings"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
"NoDrives"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 months======

2010-06-28 11:30:58 ----D---- C:\_OTM
2010-06-27 20:14:57 ----D---- C:\Program Files\Conduit
2010-06-27 20:14:54 ----D---- C:\Program Files\Free_Ride_Games
2010-06-27 20:14:52 ----D---- C:\Remote Programs
2010-06-27 20:14:43 ----N---- C:\Windows\ExentInfo.exe
2010-06-27 20:14:39 ----HD---- C:\Program Files\InstallShield Installation Information
2010-06-27 20:14:39 ----D---- C:\Program Files\Free Ride Games
2010-06-27 14:06:01 ----A---- C:\ComboFix.txt
2010-06-27 13:57:52 ----SHD---- C:\$RECYCLE.BIN
2010-06-27 13:35:32 ----A---- C:\Windows\zip.exe
2010-06-27 13:35:32 ----A---- C:\Windows\SWSC.exe
2010-06-27 13:35:32 ----A---- C:\Windows\SWREG.exe
2010-06-27 13:35:32 ----A---- C:\Windows\sed.exe
2010-06-27 13:35:32 ----A---- C:\Windows\PEV.exe
2010-06-27 13:35:32 ----A---- C:\Windows\NIRCMD.exe
2010-06-27 13:35:32 ----A---- C:\Windows\MBR.exe
2010-06-27 13:35:32 ----A---- C:\Windows\grep.exe
2010-06-27 13:35:15 ----D---- C:\Qoobox
2010-06-27 13:35:01 ----A---- C:\Windows\SWXCACLS.exe
2010-06-27 13:33:53 ----D---- C:\Windows\ERDNT
2010-06-27 13:33:33 ----D---- C:\Program Files\ERUNT
2010-06-27 13:30:51 ----A---- C:\TDSSKiller.2.3.2.0_27.06.2010_13.30.51_log.txt
2010-06-27 13:29:25 ----A---- C:\TDSSKiller.2.3.2.0_27.06.2010_13.29.25_log.txt
2010-06-27 12:37:18 ----D---- C:\Windows\Minidump
2010-06-27 12:29:54 ----D---- C:\rsit
2010-06-27 12:27:50 ----D---- C:\ProgramData\Avira
2010-06-27 12:27:50 ----D---- C:\Program Files\Avira
2010-06-27 12:03:08 ----D---- C:\Users\Rexel\AppData\Roaming\Malwarebytes
2010-06-27 12:02:52 ----D---- C:\ProgramData\Malwarebytes
2010-06-27 12:02:52 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2010-06-26 22:15:59 ----D---- C:\Program Files\Trend Micro
2010-06-25 07:45:08 ----D---- C:\Users\Rexel\AppData\Roaming\Yahoo!
2010-06-24 21:45:54 ----D---- C:\ProgramData\Yahoo! Companion
2010-06-24 21:45:36 ----D---- C:\ProgramData\Yahoo!
2010-06-24 21:43:40 ----D---- C:\Program Files\Yahoo!
2010-06-24 09:03:55 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-06-24 09:03:55 ----A---- C:\Windows\system32\PresentationHost.exe
2010-06-24 09:03:55 ----A---- C:\Windows\system32\netfxperf.dll
2010-06-24 09:03:55 ----A---- C:\Windows\system32\mscoree.dll
2010-06-24 09:03:54 ----A---- C:\Windows\system32\dfshim.dll
2010-06-24 00:00:16 ----D---- C:\Program Files\iPod
2010-06-24 00:00:15 ----D---- C:\Program Files\iTunes
2010-06-23 23:55:44 ----D---- C:\Program Files\Bonjour
2010-06-23 17:50:00 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2010-06-23 17:50:00 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-06-22 22:20:46 ----D---- C:\ProgramData\Motive
2010-06-20 13:52:46 ----D---- C:\Program Files\Windows Portable Devices
2010-06-20 13:36:58 ----A---- C:\Windows\system32\UIRibbonRes.dll
2010-06-20 13:36:58 ----A---- C:\Windows\system32\UIRibbon.dll
2010-06-20 13:36:58 ----A---- C:\Windows\system32\UIAnimation.dll
2010-06-20 13:36:32 ----A---- C:\Windows\system32\WMPhoto.dll
2010-06-20 13:36:32 ----A---- C:\Windows\system32\cdd.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\xpsservices.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\XpsRasterService.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\XpsPrint.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-06-20 13:36:31 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\OpcServices.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\FntCache.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\dxgi.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\dxdiagn.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\dxdiag.exe
2010-06-20 13:36:31 ----A---- C:\Windows\system32\DWrite.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d3d11.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d3d10warp.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d3d10level9.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d3d10core.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d3d10_1core.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d3d10_1.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d3d10.dll
2010-06-20 13:36:31 ----A---- C:\Windows\system32\d2d1.dll
2010-06-20 13:35:57 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2010-06-20 13:35:57 ----A---- C:\Windows\system32\wpdbusenum.dll
2010-06-20 13:35:57 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2010-06-20 13:35:51 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2010-06-20 13:35:41 ----A---- C:\Windows\system32\WpdMtpUS.dll
2010-06-20 13:35:41 ----A---- C:\Windows\system32\WpdConns.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\WPDSp.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\wpdshext.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\WpdMtp.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\wpd_ci.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-06-20 13:35:40 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-06-20 13:34:44 ----A---- C:\Windows\system32\UIAutomationCore.dll
2010-06-20 13:34:44 ----A---- C:\Windows\system32\oleaccrc.dll
2010-06-20 13:34:44 ----A---- C:\Windows\system32\oleacc.dll
2010-06-19 23:44:57 ----A---- C:\Windows\system32\gameux.dll
2010-06-19 17:58:57 ----D---- C:\Windows\system32\eu-ES
2010-06-19 17:58:57 ----D---- C:\Windows\system32\ca-ES
2010-06-19 17:58:56 ----D---- C:\Windows\system32\vi-VN
2010-06-19 17:04:29 ----D---- C:\Windows\system32\EventProviders
2010-06-16 13:02:08 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-06-16 13:02:04 ----A---- C:\Windows\system32\SLsvc.exe
2010-06-16 13:02:04 ----A---- C:\Windows\system32\SLCExt.dll
2010-06-16 13:02:03 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-06-16 13:02:03 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-06-16 13:02:01 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-06-16 13:01:59 ----A---- C:\Windows\system32\mssrch.dll
2010-06-16 13:01:58 ----A---- C:\Windows\system32\tquery.dll
2010-06-16 13:01:57 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-06-16 13:01:56 ----A---- C:\Windows\system32\scavenge.dll
2010-06-16 13:01:55 ----A---- C:\Windows\system32\msi.dll
2010-06-16 13:01:55 ----A---- C:\Windows\system32\imapi2fs.dll
2010-06-16 13:01:54 ----A---- C:\Windows\system32\WscEapPr.dll
2010-06-16 13:01:54 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-06-16 13:01:54 ----A---- C:\Windows\system32\sysmain.dll
2010-06-16 13:01:53 ----A---- C:\Windows\system32\icardagt.exe
2010-06-16 13:01:53 ----A---- C:\Windows\system32\EhStorShell.dll
2010-06-16 13:01:53 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2010-06-16 13:01:52 ----A---- C:\Windows\system32\spreview.exe
2010-06-16 13:01:52 ----A---- C:\Windows\system32\spinstall.exe
2010-06-16 13:01:51 ----A---- C:\Windows\system32\spwizui.dll
2010-06-16 13:01:51 ----A---- C:\Windows\system32\drmv2clt.dll
2010-06-16 13:01:50 ----A---- C:\Windows\system32\shell32.dll
2010-06-16 13:01:50 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-06-16 13:01:49 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-06-16 13:01:49 ----A---- C:\Windows\system32\p2psvc.dll
2010-06-16 13:01:49 ----A---- C:\Windows\system32\mssvp.dll
2010-06-16 13:01:48 ----A---- C:\Windows\system32\mssphtb.dll
2010-06-16 13:01:48 ----A---- C:\Windows\system32\mssph.dll
2010-06-16 13:01:48 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2010-06-16 13:01:48 ----A---- C:\Windows\system32\imapi2.dll
2010-06-16 13:01:47 ----A---- C:\Windows\system32\sdohlp.dll
2010-06-16 13:01:47 ----A---- C:\Windows\system32\esent.dll
2010-06-16 13:01:46 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-06-16 13:01:46 ----A---- C:\Windows\system32\DevicePairing.dll
2010-06-16 13:01:45 ----A---- C:\Windows\system32\wevtsvc.dll
2010-06-16 13:01:45 ----A---- C:\Windows\system32\sperror.dll
2010-06-16 13:01:45 ----A---- C:\Windows\system32\SLC.dll
2010-06-16 13:01:45 ----A---- C:\Windows\system32\korwbrkr.dll
2010-06-16 13:01:45 ----A---- C:\Windows\system32\IasMigReader.exe
2010-06-16 13:01:44 ----A---- C:\Windows\system32\msshsq.dll
2010-06-16 13:01:43 ----A---- C:\Windows\system32\msjet40.dll
2010-06-16 13:01:43 ----A---- C:\Windows\system32\MPSSVC.dll
2010-06-16 13:01:42 ----A---- C:\Windows\system32\Query.dll
2010-06-16 13:01:42 ----A---- C:\Windows\system32\qmgr.dll
2010-06-16 13:01:42 ----A---- C:\Windows\system32\P2PGraph.dll
2010-06-16 13:01:42 ----A---- C:\Windows\system32\ole32.dll
2010-06-16 13:01:42 ----A---- C:\Windows\system32\msexch40.dll
2010-06-16 13:01:42 ----A---- C:\Windows\system32\diagperf.dll
2010-06-16 13:01:41 ----A---- C:\Windows\system32\winload.exe
2010-06-16 13:01:41 ----A---- C:\Windows\system32\srchadmin.dll
2010-06-16 13:01:41 ----A---- C:\Windows\system32\ntdll.dll
2010-06-16 13:01:41 ----A---- C:\Windows\system32\mblctr.exe
2010-06-16 13:01:41 ----A---- C:\Windows\system32\EncDec.dll
2010-06-16 13:01:40 ----A---- C:\Windows\system32\uDWM.dll
2010-06-16 13:01:40 ----A---- C:\Windows\system32\riched20.dll
2010-06-16 13:01:40 ----A---- C:\Windows\system32\RacEngn.dll
2010-06-16 13:01:40 ----A---- C:\Windows\system32\mmc.exe
2010-06-16 13:01:40 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-06-16 13:01:40 ----A---- C:\Windows\system32\fdBth.dll
2010-06-16 13:01:40 ----A---- C:\Windows\system32\dfsr.exe
2010-06-16 13:01:39 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-06-16 13:01:39 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-06-16 13:01:39 ----A---- C:\Windows\system32\milcore.dll
2010-06-16 13:01:39 ----A---- C:\Windows\system32\kernel32.dll
2010-06-16 13:01:39 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-06-16 13:01:39 ----A---- C:\Windows\system32\CertEnroll.dll
2010-06-16 13:01:38 ----A---- C:\Windows\system32\spoolss.dll
2010-06-16 13:01:38 ----A---- C:\Windows\system32\schedsvc.dll
2010-06-16 13:01:38 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-06-16 13:01:38 ----A---- C:\Windows\system32\msjtes40.dll
2010-06-16 13:01:38 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2010-06-16 13:01:37 ----A---- C:\Windows\system32\msvcp60.dll
2010-06-16 13:01:37 ----A---- C:\Windows\system32\infocardapi.dll
2010-06-16 13:01:37 ----A---- C:\Windows\system32\gpedit.dll
2010-06-16 13:01:36 ----A---- C:\Windows\system32\WinSAT.exe
2010-06-16 13:01:36 ----A---- C:\Windows\system32\PresentationSettings.exe
2010-06-16 13:01:36 ----A---- C:\Windows\system32\Magnify.exe
2010-06-16 13:01:36 ----A---- C:\Windows\system32\es.dll
2010-06-16 13:01:35 ----A---- C:\Windows\system32\mstext40.dll
2010-06-16 13:01:35 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2010-06-16 13:01:35 ----A---- C:\Windows\system32\advapi32.dll
2010-06-16 13:01:34 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-06-16 13:01:34 ----A---- C:\Windows\system32\WebClnt.dll
2010-06-16 13:01:34 ----A---- C:\Windows\system32\vssapi.dll
2010-06-16 13:01:34 ----A---- C:\Windows\system32\slwmi.dll
2010-06-16 13:01:34 ----A---- C:\Windows\system32\msxbde40.dll
2010-06-16 13:01:34 ----A---- C:\Windows\system32\msexcl40.dll
2010-06-16 13:01:34 ----A---- C:\Windows\system32\comsvcs.dll
2010-06-16 13:01:33 ----A---- C:\Windows\system32\propsys.dll
2010-06-16 13:01:33 ----A---- C:\Windows\system32\newdev.dll
2010-06-16 13:01:33 ----A---- C:\Windows\system32\NetProjW.dll
2010-06-16 13:01:33 ----A---- C:\Windows\system32\msrepl40.dll
2010-06-16 13:01:33 ----A---- C:\Windows\system32\authui.dll
2010-06-16 13:01:32 ----A---- C:\Windows\system32\rpcss.dll
2010-06-16 13:01:32 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-06-16 13:01:32 ----A---- C:\Windows\system32\iasrecst.dll
2010-06-16 13:01:32 ----A---- C:\Windows\system32\gpsvc.dll
2010-06-16 13:01:32 ----A---- C:\Windows\system32\eudcedit.exe
2010-06-16 13:01:32 ----A---- C:\Windows\system32\crypt32.dll
2010-06-16 13:01:32 ----A---- C:\Windows\explorer.exe
2010-06-16 13:01:30 ----A---- C:\Windows\system32\setupapi.dll
2010-06-16 13:01:29 ----A---- C:\Windows\system32\mspbde40.dll
2010-06-16 13:01:29 ----A---- C:\Windows\system32\d3d9.dll
2010-06-16 13:01:28 ----A---- C:\Windows\system32\shlwapi.dll
2010-06-16 13:01:28 ----A---- C:\Windows\system32\msrd3x40.dll
2010-06-16 13:01:28 ----A---- C:\Windows\system32\msltus40.dll
2010-06-16 13:01:28 ----A---- C:\Windows\system32\mfc42.dll
2010-06-16 13:01:28 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-06-16 13:01:28 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-06-16 13:01:28 ----A---- C:\Windows\system32\davclnt.dll
2010-06-16 13:01:27 ----A---- C:\Windows\system32\wevtapi.dll
2010-06-16 13:01:27 ----A---- C:\Windows\system32\photowiz.dll
2010-06-16 13:01:27 ----A---- C:\Windows\system32\nlhtml.dll
2010-06-16 13:01:27 ----A---- C:\Windows\system32\msdtctm.dll
2010-06-16 13:01:27 ----A---- C:\Windows\system32\browseui.dll
2010-06-16 13:01:26 ----A---- C:\Windows\system32\user32.dll
2010-06-16 13:01:25 ----A---- C:\Windows\system32\win32spl.dll
2010-06-16 13:01:25 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-06-16 13:01:25 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-06-16 13:01:25 ----A---- C:\Windows\system32\samsrv.dll
2010-06-16 13:01:25 ----A---- C:\Windows\system32\oleaut32.dll
2010-06-16 13:01:25 ----A---- C:\Windows\system32\ci.dll
2010-06-16 13:01:24 ----A---- C:\Windows\system32\xmlfilter.dll
2010-06-16 13:01:24 ----A---- C:\Windows\system32\netshell.dll
2010-06-16 13:01:24 ----A---- C:\Windows\system32\mswstr10.dll
2010-06-16 13:01:24 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-06-16 13:01:24 ----A---- C:\Windows\system32\emdmgmt.dll
2010-06-16 13:01:24 ----A---- C:\Windows\system32\compcln.exe
2010-06-16 13:01:24 ----A---- C:\Windows\system32\audiosrv.dll
2010-06-16 13:01:24 ----A---- C:\Windows\system32\apds.dll
2010-06-16 13:01:23 ----A---- C:\Windows\system32\VSSVC.exe
2010-06-16 13:01:23 ----A---- C:\Windows\system32\SLUI.exe
2010-06-16 13:01:23 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-06-16 13:01:23 ----A---- C:\Windows\system32\msvcrt.dll
2010-06-16 13:01:23 ----A---- C:\Windows\system32\msctf.dll
2010-06-16 13:01:23 ----A---- C:\Windows\system32\mfc42u.dll
2010-06-16 13:01:23 ----A---- C:\Windows\system32\gdi32.dll
2010-06-16 13:01:22 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-06-16 13:01:22 ----A---- C:\Windows\system32\odbc32.dll
2010-06-16 13:01:22 ----A---- C:\Windows\system32\msrd2x40.dll
2010-06-16 13:01:22 ----A---- C:\Windows\system32\eapphost.dll
2010-06-16 13:01:21 ----A---- C:\Windows\system32\winresume.exe
2010-06-16 13:01:21 ----A---- C:\Windows\system32\shdocvw.dll
2010-06-16 13:01:21 ----A---- C:\Windows\system32\propdefs.dll
2010-06-16 13:01:20 ----A---- C:\Windows\system32\wevtutil.exe
2010-06-16 13:01:20 ----A---- C:\Windows\system32\mssitlb.dll
2010-06-16 13:01:20 ----A---- C:\Windows\system32\dbgeng.dll
2010-06-16 13:01:19 ----A---- C:\Windows\system32\WsmSvc.dll
2010-06-16 13:01:19 ----A---- C:\Windows\system32\swprv.dll
2010-06-16 13:01:19 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-06-16 13:01:18 ----A---- C:\Windows\system32\vds.exe
2010-06-16 13:01:18 ----A---- C:\Windows\system32\usp10.dll
2010-06-16 13:01:17 ----A---- C:\Windows\system32\netlogon.dll
2010-06-16 13:01:17 ----A---- C:\Windows\system32\msctfp.dll
2010-06-16 13:01:17 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-06-16 13:01:17 ----A---- C:\Windows\system32\drvinst.exe
2010-06-16 13:01:17 ----A---- C:\Windows\system32\devmgr.dll
2010-06-16 13:01:16 ----A---- C:\Windows\system32\Wldap32.dll
2010-06-16 13:01:16 ----A---- C:\Windows\system32\wcnwiz.dll
2010-06-16 13:01:16 ----A---- C:\Windows\system32\msscb.dll
2010-06-16 13:01:16 ----A---- C:\Windows\system32\evr.dll
2010-06-16 13:01:16 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-06-16 13:01:16 ----A---- C:\Windows\system32\BFE.DLL
2010-06-16 13:01:16 ----A---- C:\Windows\system32\adsldpc.dll
2010-06-16 13:01:15 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-06-16 13:01:15 ----A---- C:\Windows\system32\services.exe
2010-06-16 13:01:14 ----A---- C:\Windows\system32\wercon.exe
2010-06-16 13:01:14 ----A---- C:\Windows\system32\wcncsvc.dll
2010-06-16 13:01:14 ----A---- C:\Windows\system32\mimefilt.dll
2010-06-16 13:01:14 ----A---- C:\Windows\system32\comdlg32.dll
2010-06-16 13:01:14 ----A---- C:\Windows\system32\adtschema.dll
2010-06-16 13:01:13 ----A---- C:\Windows\system32\taskeng.exe
2010-06-16 13:01:13 ----A---- C:\Windows\system32\rtffilt.dll
2010-06-16 13:01:13 ----A---- C:\Windows\system32\reg.exe
2010-06-16 13:01:13 ----A---- C:\Windows\system32\mswdat10.dll
2010-06-16 13:01:13 ----A---- C:\Windows\system32\msjter40.dll
2010-06-16 13:01:13 ----A---- C:\Windows\system32\msdtcprx.dll
2010-06-16 13:01:13 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-06-16 13:01:13 ----A---- C:\Windows\system32\dnsapi.dll
2010-06-16 13:01:13 ----A---- C:\Windows\system32\certcli.dll
2010-06-16 13:01:12 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-06-16 13:01:12 ----A---- C:\Windows\system32\w32time.dll
2010-06-16 13:01:12 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-06-16 13:01:12 ----A---- C:\Windows\system32\msshooks.dll
2010-06-16 13:01:12 ----A---- C:\Windows\system32\msscntrs.dll
2010-06-16 13:01:12 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-06-16 13:01:12 ----A---- C:\Windows\system32\certutil.exe
2010-06-16 13:01:12 ----A---- C:\Windows\system32\bthserv.dll
2010-06-16 13:01:12 ----A---- C:\Windows\system32\bcrypt.dll
2010-06-16 13:01:11 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-06-16 13:01:11 ----A---- C:\Windows\system32\rsaenh.dll
2010-06-16 13:01:11 ----A---- C:\Windows\system32\netapi32.dll
2010-06-16 13:01:11 ----A---- C:\Windows\system32\mtxclu.dll
2010-06-16 13:01:11 ----A---- C:\Windows\system32\msstrc.dll
2010-06-16 13:01:11 ----A---- C:\Windows\system32\msihnd.dll
2010-06-16 13:01:11 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-06-16 13:01:11 ----A---- C:\Windows\system32\inetpp.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\termsrv.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\shsvcs.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\profsvc.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\msiexec.exe
2010-06-16 13:01:10 ----A---- C:\Windows\system32\mscories.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\imapi.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\hidserv.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\fundisc.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-06-16 13:01:10 ----A---- C:\Windows\system32\cryptsvc.dll
2010-06-16 13:01:09 ----A---- C:\Windows\system32\wdc.dll
2010-06-16 13:01:09 ----A---- C:\Windows\system32\spoolsv.exe
2010-06-16 13:01:09 ----A---- C:\Windows\system32\rasmans.dll
2010-06-16 13:01:09 ----A---- C:\Windows\system32\pnidui.dll
2010-06-16 13:01:09 ----A---- C:\Windows\system32\icardres.dll
2010-06-16 13:01:09 ----A---- C:\Windows\system32\iassdo.dll
2010-06-16 13:01:09 ----A---- C:\Windows\system32\chsbrkr.dll
2010-06-16 13:01:08 ----A---- C:\Windows\system32\wersvc.dll
2010-06-16 13:01:08 ----A---- C:\Windows\system32\slmgr.vbs
2010-06-16 13:01:08 ----A---- C:\Windows\system32\scrrun.dll
2010-06-16 13:01:08 ----A---- C:\Windows\system32\PSHED.DLL
2010-06-16 13:01:08 ----A---- C:\Windows\system32\autofmt.exe
2010-06-16 13:01:07 ----A---- C:\Windows\system32\wmpmde.dll
2010-06-16 13:01:07 ----A---- C:\Windows\system32\pidgenx.dll
2010-06-16 13:01:07 ----A---- C:\Windows\system32\pdh.dll
2010-06-16 13:01:07 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-06-16 13:01:07 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-06-16 13:01:07 ----A---- C:\Windows\system32\azroles.dll
2010-06-16 13:01:06 ----A---- C:\Windows\system32\winlogon.exe
2010-06-16 13:01:06 ----A---- C:\Windows\system32\SyncCenter.dll
2010-06-16 13:01:06 ----A---- C:\Windows\system32\SLUINotify.dll
2010-06-16 13:01:06 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-06-16 13:01:06 ----A---- C:\Windows\system32\comuid.dll
2010-06-16 13:01:06 ----A---- C:\Windows\system32\certmgr.dll
2010-06-16 13:01:05 ----A---- C:\Windows\system32\untfs.dll
2010-06-16 13:01:05 ----A---- C:\Windows\system32\spp.dll
2010-06-16 13:01:05 ----A---- C:\Windows\system32\sethc.exe
2010-06-16 13:01:05 ----A---- C:\Windows\system32\scrobj.dll
2010-06-16 13:01:05 ----A---- C:\Windows\system32\ncrypt.dll
2010-06-16 13:01:05 ----A---- C:\Windows\system32\kd1394.dll
2010-06-16 13:01:05 ----A---- C:\Windows\system32\iassam.dll
2010-06-16 13:01:04 ----A---- C:\Windows\system32\wisptis.exe
2010-06-16 13:01:04 ----A---- C:\Windows\system32\taskcomp.dll
2010-06-16 13:01:04 ----A---- C:\Windows\system32\rtutils.dll
2010-06-16 13:01:04 ----A---- C:\Windows\system32\dwm.exe
2010-06-16 13:01:03 ----A---- C:\Windows\system32\autochk.exe
2010-06-16 13:01:02 ----A---- C:\Windows\system32\winsrv.dll
2010-06-16 13:01:02 ----A---- C:\Windows\system32\printui.dll
2010-06-16 13:01:02 ----A---- C:\Windows\system32\onex.dll
2010-06-16 13:01:02 ----A---- C:\Windows\system32\kdcom.dll
2010-06-16 13:01:02 ----A---- C:\Windows\system32\iasnap.dll
2010-06-16 13:01:02 ----A---- C:\Windows\system32\cscript.exe
2010-06-16 13:01:02 ----A---- C:\Windows\system32\basecsp.dll
2010-06-16 13:01:02 ----A---- C:\Windows\system32\autoconv.exe
2010-06-16 13:01:01 ----A---- C:\Windows\system32\wow32.dll
2010-06-16 13:01:01 ----A---- C:\Windows\system32\userenv.dll
2010-06-16 13:01:01 ----A---- C:\Windows\system32\osk.exe
2010-06-16 13:01:01 ----A---- C:\Windows\system32\mswsock.dll
2010-06-16 13:01:01 ----A---- C:\Windows\system32\audiodg.exe
2010-06-16 13:01:00 ----A---- C:\Windows\system32\WinSCard.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\winmm.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-06-16 13:01:00 ----A---- C:\Windows\system32\spcmsg.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\RelMon.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\rdpencom.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\offfilt.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\msftedit.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\kdusb.dll
2010-06-16 13:01:00 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-06-16 13:00:59 ----A---- C:\Windows\system32\wsepno.dll
2010-06-16 13:00:59 ----A---- C:\Windows\system32\WerFault.exe
2010-06-16 13:00:59 ----A---- C:\Windows\system32\Utilman.exe
2010-06-16 13:00:59 ----A---- C:\Windows\system32\stobject.dll
2010-06-16 13:00:59 ----A---- C:\Windows\system32\mfplat.dll
2010-06-16 13:00:59 ----A---- C:\Windows\system32\diskraid.exe
2010-06-16 13:00:59 ----A---- C:\Windows\system32\apphelp.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\wscript.exe
2010-06-16 13:00:58 ----A---- C:\Windows\system32\wiaservc.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\ulib.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\sysclass.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\SndVol.exe
2010-06-16 13:00:58 ----A---- C:\Windows\system32\prnntfy.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\odbccp32.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\msnetobj.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\mscms.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\mcmde.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\iasdatastore.dll
2010-06-16 13:00:58 ----A---- C:\Windows\system32\adsmsext.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\wscntfy.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\rastapi.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\pnpsetup.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-06-16 13:00:57 ----A---- C:\Windows\system32\fdProxy.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\dsound.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\cryptui.dll
2010-06-16 13:00:57 ----A---- C:\Windows\system32\brcpl.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\wscsvc.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-06-16 13:00:56 ----A---- C:\Windows\system32\wlangpui.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\vdsdyn.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\regsvc.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\rasapi32.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\ntprint.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\mscorier.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\logman.exe
2010-06-16 13:00:56 ----A---- C:\Windows\system32\iashlpr.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\gpapi.dll
2010-06-16 13:00:56 ----A---- C:\Windows\system32\diskpart.exe
2010-06-16 13:00:55 ----A---- C:\Windows\system32\zipfldr.dll
2010-06-16 13:00:55 ----A---- C:\Windows\system32\wusa.exe
2010-06-16 13:00:55 ----A---- C:\Windows\system32\wshext.dll
2010-06-16 13:00:55 ----A---- C:\Windows\system32\wpccpl.dll
2010-06-16 13:00:55 ----A---- C:\Windows\system32\rasdlg.dll
2010-06-16 13:00:55 ----A---- C:\Windows\system32\netcenter.dll
2010-06-16 13:00:55 ----A---- C:\Windows\system32\iasrad.dll
2010-06-16 13:00:55 ----A---- C:\Windows\system32\findstr.exe
2010-06-16 13:00:54 ----A---- C:\Windows\system32\wsnmp32.dll
2010-06-16 13:00:54 ----A---- C:\Windows\system32\wer.dll
2010-06-16 13:00:54 ----A---- C:\Windows\system32\themecpl.dll
2010-06-16 13:00:54 ----A---- C:\Windows\system32\iassvcs.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\uxsms.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\srvsvc.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\slcc.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\scansetting.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\powrprof.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\ntmarta.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\msutb.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\mstsc.exe
2010-06-16 13:00:53 ----A---- C:\Windows\system32\mstlsapi.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\mssprxy.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\iasads.dll
2010-06-16 13:00:53 ----A---- C:\Windows\system32\iasacct.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\systemcpl.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\sud.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\powercpl.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\pcaui.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\newdev.exe
2010-06-16 13:00:52 ----A---- C:\Windows\system32\networkmap.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\dot3svc.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\connect.dll
2010-06-16 13:00:52 ----A---- C:\Windows\system32\authz.dll
2010-06-16 13:00:51 ----A---- C:\Windows\system32\usercpl.dll
2010-06-16 13:00:51 ----A---- C:\Windows\system32\themeui.dll
2010-06-16 13:00:51 ----A---- C:\Windows\system32\samlib.dll
2010-06-16 13:00:51 ----A---- C:\Windows\system32\qdvd.dll
2010-06-16 13:00:51 ----A---- C:\Windows\system32\mmci.dll
2010-06-16 13:00:51 ----A---- C:\Windows\system32\autoplay.dll
2010-06-16 13:00:51 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-06-16 13:00:50 ----A---- C:\Windows\system32\wpcao.dll
2010-06-16 13:00:50 ----A---- C:\Windows\system32\wlanpref.dll
2010-06-16 13:00:50 ----A---- C:\Windows\system32\rpchttp.dll
2010-06-16 13:00:50 ----A---- C:\Windows\system32\regapi.dll
2010-06-16 13:00:50 ----A---- C:\Windows\system32\msinfo32.exe
2010-06-16 13:00:49 ----A---- C:\Windows\system32\vdsutil.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\tapisrv.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\scksp.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\scesrv.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\psisdecd.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\oleprn.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\mpr.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\imm32.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\feclient.dll
2010-06-16 13:00:48 ----A---- C:\Windows\system32\AudioSes.dll
2010-06-16 13:00:47 ----A---- C:\Windows\system32\wscisvif.dll
2010-06-16 13:00:47 ----A---- C:\Windows\system32\sdclt.exe
2010-06-16 13:00:47 ----A---- C:\Windows\system32\rekeywiz.exe
2010-06-16 13:00:47 ----A---- C:\Windows\system32\iaspolcy.dll
2010-06-16 13:00:47 ----A---- C:\Windows\system32\Faultrep.dll
2010-06-16 13:00:47 ----A---- C:\Windows\system32\dot3msm.dll
2010-06-16 13:00:47 ----A---- C:\Windows\system32\DeviceEject.exe
2010-06-16 13:00:46 ----A---- C:\Windows\system32\dpapimig.exe
2010-06-16 13:00:45 ----A---- C:\Windows\system32\scecli.dll
2010-06-16 13:00:45 ----A---- C:\Windows\system32\rasgcw.dll
2010-06-16 13:00:45 ----A---- C:\Windows\system32\qedit.dll
2010-06-16 13:00:45 ----A---- C:\Windows\system32\pnpui.dll
2010-06-16 13:00:45 ----A---- C:\Windows\system32\perfdisk.dll
2010-06-16 13:00:45 ----A---- C:\Windows\system32\ncryptui.dll
2010-06-16 13:00:45 ----A---- C:\Windows\system32\hdwwiz.exe
2010-06-16 13:00:45 ----A---- C:\Windows\system32\certreq.exe
2010-06-16 13:00:44 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-06-16 13:00:43 ----A---- C:\Windows\system32\TSTheme.exe
2010-06-16 13:00:43 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-06-16 13:00:43 ----A---- C:\Windows\system32\spwinsat.dll
2010-06-16 13:00:43 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-06-16 13:00:43 ----A---- C:\Windows\system32\rasplap.dll
2010-06-16 13:00:43 ----A---- C:\Windows\system32\cmmon32.exe
2010-06-16 13:00:42 ----A---- C:\Windows\system32\whealogr.dll
2010-06-16 13:00:42 ----A---- C:\Windows\system32\tcpmon.dll
2010-06-16 13:00:42 ----A---- C:\Windows\system32\srcore.dll
2010-06-16 13:00:42 ----A---- C:\Windows\system32\SCardSvr.dll
2010-06-16 13:00:42 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-06-16 13:00:42 ----A---- C:\Windows\system32\fdWSD.dll
2010-06-16 13:00:42 ----A---- C:\Windows\system32\conime.exe
2010-06-16 13:00:42 ----A---- C:\Windows\system32\cmdial32.dll
2010-06-16 13:00:41 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-06-16 13:00:41 ----A---- C:\Windows\system32\wlanui.dll
2010-06-16 13:00:41 ----A---- C:\Windows\system32\wiaaut.dll
2010-06-16 13:00:41 ----A---- C:\Windows\system32\SnippingTool.exe
2010-06-16 13:00:41 ----A---- C:\Windows\system32\raschap.dll
2010-06-16 13:00:41 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-06-16 13:00:41 ----A---- C:\Windows\system32\fontext.dll
2010-06-16 13:00:40 ----A---- C:\Windows\system32\shwebsvc.dll
2010-06-16 13:00:40 ----A---- C:\Windows\system32\rasppp.dll
2010-06-16 13:00:40 ----A---- C:\Windows\system32\PnPutil.exe
2010-06-16 13:00:40 ----A---- C:\Windows\system32\oobefldr.dll
2010-06-16 13:00:40 ----A---- C:\Windows\system32\dsprop.dll
2010-06-16 13:00:40 ----A---- C:\Windows\system32\dimsroam.dll
2010-06-16 13:00:39 ----A---- C:\Windows\system32\shsetup.dll
2010-06-16 13:00:39 ----A---- C:\Windows\system32\rasmontr.dll
2010-06-16 13:00:39 ----A---- C:\Windows\system32\mscandui.dll
2010-06-16 13:00:39 ----A---- C:\Windows\system32\modemui.dll
2010-06-16 13:00:39 ----A---- C:\Windows\system32\chtbrkr.dll
2010-06-16 13:00:38 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-06-16 13:00:38 ----A---- C:\Windows\system32\dataclen.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\WSDMon.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\wmpeffects.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\smss.exe
2010-06-16 13:00:37 ----A---- C:\Windows\system32\rdpwsx.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\netplwiz.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\credui.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\certprop.dll
2010-06-16 13:00:37 ----A---- C:\Windows\system32\blackbox.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\wscapi.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\wpcsvc.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\thawbrkr.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\softkbd.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\sendmail.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\networkexplorer.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\msscp.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\msimtf.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\logagent.exe
2010-06-16 13:00:36 ----A---- C:\Windows\system32\InkEd.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\ifmon.dll
2010-06-16 13:00:36 ----A---- C:\Windows\system32\gpresult.exe
2010-06-16 13:00:36 ----A---- C:\Windows\system32\cipher.exe
2010-06-16 13:00:35 ----A---- C:\Windows\system32\wshbth.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\version.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\SLLUA.exe
2010-06-16 13:00:35 ----A---- C:\Windows\system32\puiapi.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\olepro32.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\msisip.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\msctfui.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\mprapi.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\input.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-06-16 13:00:35 ----A---- C:\Windows\system32\dmsynth.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\wsdchngr.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\msjint40.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\l2nacp.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\ftp.exe
2010-06-16 13:00:34 ----A---- C:\Windows\system32\fdSSDP.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\fc.exe
2010-06-16 13:00:34 ----A---- C:\Windows\system32\eapp3hst.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\dmusic.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\cscdll.dll
2010-06-16 13:00:34 ----A---- C:\Windows\system32\cscapi.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\tscupgrd.exe
2010-06-16 13:00:33 ----A---- C:\Windows\system32\Storprop.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\slcinst.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\rasdial.exe
2010-06-16 13:00:33 ----A---- C:\Windows\system32\rasdiag.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\ocsetup.exe
2010-06-16 13:00:33 ----A---- C:\Windows\system32\nslookup.exe
2010-06-16 13:00:33 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\ipconfig.exe
2010-06-16 13:00:33 ----A---- C:\Windows\system32\hbaapi.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\fdWCN.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\fdeploy.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\eappgnui.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\eappcfg.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\dot3cfg.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-06-16 13:00:33 ----A---- C:\Windows\system32\bthudtask.exe
2010-06-16 13:00:33 ----A---- C:\Windows\system32\bthci.dll
2010-06-16 13:00:32 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-06-16 13:00:32 ----A---- C:\Windows\system32\NcdProp.dll
2010-06-16 13:00:32 ----A---- C:\Windows\system32\mmcico.dll
2010-06-16 13:00:32 ----A---- C:\Windows\system32\iscsilog.dll
2010-06-16 13:00:32 ----A---- C:\Windows\system32\gpupdate.exe
2010-06-16 13:00:32 ----A---- C:\Windows\system32\csrstub.exe
2010-06-16 13:00:32 ----A---- C:\Windows\system32\cbsra.exe
2010-06-16 13:00:32 ----A---- C:\Windows\system32\bitsigd.dll
2010-06-16 13:00:31 ----A---- C:\Windows\system32\winrnr.dll
2010-06-16 13:00:31 ----A---- C:\Windows\system32\vdmdbg.dll
2010-06-16 13:00:31 ----A---- C:\Windows\system32\slwga.dll
2010-06-16 13:00:31 ----A---- C:\Windows\system32\odbcconf.dll
2010-06-16 13:00:31 ----A---- C:\Windows\system32\inetppui.dll
2010-06-16 13:00:30 ----A---- C:\Windows\system32\midimap.dll
2010-06-16 13:00:28 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-06-16 13:00:27 ----A---- C:\Windows\system32\msimsg.dll
2010-06-16 13:00:14 ----A---- C:\Windows\system32\SmiEngine.dll
2010-06-16 13:00:09 ----A---- C:\Windows\system32\wdscore.dll
2010-06-16 13:00:09 ----A---- C:\Windows\system32\PkgMgr.exe
2010-06-16 13:00:00 ----A---- C:\Windows\system32\drvstore.dll
2010-06-16 12:46:42 ----A---- C:\Windows\system32\inetcomm.dll
2010-06-16 12:46:35 ----A---- C:\Windows\system32\asycfilt.dll
2010-06-16 12:46:29 ----A---- C:\Windows\system32\tzres.dll
2010-06-16 12:46:03 ----A---- C:\Windows\system32\atmfd.dll
2010-06-16 12:46:02 ----A---- C:\Windows\system32\atmlib.dll
2010-06-16 12:45:47 ----A---- C:\Windows\system32\mshtml.dll
2010-06-16 12:45:47 ----A---- C:\Windows\system32\ieframe.dll
2010-06-16 12:45:46 ----A---- C:\Windows\system32\iertutil.dll
2010-06-16 12:45:45 ----A---- C:\Windows\system32\wininet.dll
2010-06-16 12:45:45 ----A---- C:\Windows\system32\urlmon.dll
2010-06-16 12:45:45 ----A---- C:\Windows\system32\occache.dll
2010-06-16 12:45:45 ----A---- C:\Windows\system32\mstime.dll
2010-06-16 12:45:45 ----A---- C:\Windows\system32\msfeeds.dll
2010-06-16 12:45:45 ----A---- C:\Windows\system32\ieui.dll
2010-06-16 12:45:45 ----A---- C:\Windows\system32\iedkcs32.dll
2010-06-16 12:45:44 ----A---- C:\Windows\system32\msfeedssync.exe
2010-06-16 12:45:44 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-06-16 12:45:44 ----A---- C:\Windows\system32\jsproxy.dll
2010-06-16 12:45:44 ----A---- C:\Windows\system32\ieUnatt.exe
2010-06-16 12:45:44 ----A---- C:\Windows\system32\iesysprep.dll
2010-06-16 12:45:44 ----A---- C:\Windows\system32\iesetup.dll
2010-06-16 12:45:44 ----A---- C:\Windows\system32\iernonce.dll
2010-06-16 12:45:44 ----A---- C:\Windows\system32\iepeers.dll
2010-06-16 12:45:44 ----A---- C:\Windows\system32\ie4uinit.exe
2010-06-15 23:32:44 ----D---- C:\Users\Rexel\AppData\Roaming\Ventrilo
2010-06-14 07:03:22 ----D---- C:\Users\Rexel\AppData\Roaming\WinRAR
2010-06-13 13:26:29 ----D---- C:\Users\Rexel\AppData\Roaming\Mozilla
2010-06-12 22:54:33 ----D---- C:\Users\Rexel\AppData\Roaming\Apple Computer
2010-06-12 20:05:49 ----D---- C:\Users\Rexel\AppData\Roaming\Macromedia
2010-06-12 20:05:47 ----D---- C:\Users\Rexel\AppData\Roaming\Adobe
2010-06-12 20:05:04 ----D---- C:\Users\Rexel\AppData\Roaming\Google
2010-06-12 06:16:10 ----D---- C:\Program Files\WinRAR
2010-06-09 19:58:01 ----D---- C:\ProgramData\Free Ride Games
2010-06-07 07:05:53 ----D---- C:\ProgramData\Google
2010-06-07 07:05:53 ----D---- C:\Program Files\Google
2010-06-07 07:05:30 ----D---- C:\Windows\system32\Adobe
2010-06-04 12:25:19 ----D---- C:\Program Files\ATT
2010-05-31 21:52:34 ----D---- C:\ProgramData\GameHouse
2010-05-31 15:51:41 ----D---- C:\ProgramData\Meridian93

======List of files/folders modified in the last 1 months======

2010-06-28 11:43:46 ----D---- C:\Windows\Prefetch
2010-06-28 11:43:31 ----D---- C:\Windows\Temp
2010-06-28 11:41:35 ----D---- C:\Program Files\Dl_cats
2010-06-28 11:31:19 ----D---- C:\Windows\System32
2010-06-28 11:31:19 ----D---- C:\ProgramData
2010-06-28 11:31:08 ----RD---- C:\Program Files
2010-06-27 20:57:05 ----D---- C:\ProgramData\PlayFirst
2010-06-27 20:14:57 ----D---- C:\Windows
2010-06-27 20:14:35 ----SHD---- C:\System Volume Information
2010-06-27 20:14:08 ----D---- C:\Program Files\Common Files\InstallShield
2010-06-27 14:06:03 ----D---- C:\Windows\system32\drivers
2010-06-27 13:55:43 ----A---- C:\Windows\system.ini
2010-06-27 13:49:15 ----D---- C:\Windows\AppPatch
2010-06-27 13:49:15 ----D---- C:\Program Files\Common Files
2010-06-27 12:25:19 ----SHD---- C:\Windows\Installer
2010-06-27 12:25:19 ----D---- C:\Windows\winsxs
2010-06-27 12:22:56 ----D---- C:\Windows\Registration
2010-06-26 22:15:59 ----SD---- C:\Users\Rexel\AppData\Roaming\Microsoft
2010-06-26 08:01:56 ----D---- C:\Program Files\Common Files\Blizzard Entertainment
2010-06-25 23:09:10 ----D---- C:\Windows\Tasks
2010-06-25 23:09:10 ----D---- C:\Windows\system32\Tasks
2010-06-25 23:07:26 ----D---- C:\Program Files\Yahoo! Games
2010-06-25 23:07:15 ----D---- C:\Fraps
2010-06-25 23:06:26 ----D---- C:\Program Files\MSN Games
2010-06-25 23:05:01 ----D---- C:\ProgramData\Oberon Media
2010-06-25 19:04:07 ----D---- C:\Windows\system32\catroot2
2010-06-25 16:11:05 ----D---- C:\ProgramData\LogiShrd
2010-06-25 06:16:35 ----D---- C:\Windows\Microsoft.NET
2010-06-25 06:16:34 ----RSD---- C:\Windows\assembly
2010-06-25 06:12:20 ----D---- C:\Windows\inf
2010-06-25 06:12:20 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-06-25 06:08:49 ----D---- C:\Windows\system32\en-US
2010-06-25 06:08:46 ----D---- C:\Program Files\Microsoft.NET
2010-06-24 21:45:09 ----D---- C:\Program Files\Common Files\microsoft shared
2010-06-24 09:04:20 ----D---- C:\Windows\system32\catroot
2010-06-24 00:00:16 ----D---- C:\Program Files\Common Files\Apple
2010-06-23 23:51:47 ----D---- C:\Program Files\Safari
2010-06-23 16:40:46 ----A---- C:\Windows\ODBC.INI
2010-06-21 09:29:23 ----D---- C:\Windows\Logs
2010-06-20 14:11:35 ----D---- C:\Windows\rescache
2010-06-20 13:52:45 ----D---- C:\Windows\system32\wbem
2010-06-20 13:52:41 ----D---- C:\Windows\system32\zh-TW
2010-06-20 13:52:41 ----D---- C:\Windows\system32\zh-HK
2010-06-20 13:52:41 ----D---- C:\Windows\system32\zh-CN
2010-06-20 13:52:41 ----D---- C:\Windows\system32\uk-UA
2010-06-20 13:52:41 ----D---- C:\Windows\system32\tr-TR
2010-06-20 13:52:41 ----D---- C:\Windows\system32\th-TH
2010-06-20 13:52:41 ----D---- C:\Windows\system32\sv-SE
2010-06-20 13:52:41 ----D---- C:\Windows\system32\sr-Latn-CS
2010-06-20 13:52:41 ----D---- C:\Windows\system32\sl-SI
2010-06-20 13:52:41 ----D---- C:\Windows\system32\sk-SK
2010-06-20 13:52:41 ----D---- C:\Windows\system32\ru-RU
2010-06-20 13:52:41 ----D---- C:\Windows\system32\ro-RO
2010-06-20 13:52:41 ----D---- C:\Windows\system32\pt-PT
2010-06-20 13:52:41 ----D---- C:\Windows\system32\pt-BR
2010-06-20 13:52:41 ----D---- C:\Windows\system32\pl-PL
2010-06-20 13:52:41 ----D---- C:\Windows\system32\nl-NL
2010-06-20 13:52:41 ----D---- C:\Windows\system32\nb-NO
2010-06-20 13:52:41 ----D---- C:\Windows\system32\lv-LV
2010-06-20 13:52:41 ----D---- C:\Windows\system32\lt-LT
2010-06-20 13:52:41 ----D---- C:\Windows\system32\ko-KR
2010-06-20 13:52:41 ----D---- C:\Windows\system32\ja-JP
2010-06-20 13:52:41 ----D---- C:\Windows\system32\it-IT
2010-06-20 13:52:41 ----D---- C:\Windows\system32\hu-HU
2010-06-20 13:52:41 ----D---- C:\Windows\system32\hr-HR
2010-06-20 13:52:41 ----D---- C:\Windows\system32\he-IL
2010-06-20 13:52:41 ----D---- C:\Windows\system32\fr-FR
2010-06-20 13:52:41 ----D---- C:\Windows\system32\fi-FI
2010-06-20 13:52:41 ----D---- C:\Windows\system32\et-EE
2010-06-20 13:52:41 ----D---- C:\Windows\system32\es-ES
2010-06-20 13:52:41 ----D---- C:\Windows\system32\el-GR
2010-06-20 13:52:41 ----D---- C:\Windows\system32\de-DE
2010-06-20 13:52:41 ----D---- C:\Windows\system32\da-DK
2010-06-20 13:52:41 ----D---- C:\Windows\system32\cs-CZ
2010-06-20 13:52:41 ----D---- C:\Windows\system32\bg-BG
2010-06-20 13:52:41 ----D---- C:\Windows\system32\ar-SA
2010-06-19 18:04:24 ----D---- C:\Boot
2010-06-19 17:59:21 ----D---- C:\Windows\servicing
2010-06-19 17:59:21 ----D---- C:\Windows\ehome
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Sidebar
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Photo Gallery
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Media Player
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Mail
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Journal
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Defender
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Collaboration
2010-06-19 17:59:21 ----D---- C:\Program Files\Windows Calendar
2010-06-19 17:59:21 ----D---- C:\Program Files\Movie Maker
2010-06-19 17:59:21 ----D---- C:\Program Files\Internet Explorer
2010-06-19 17:59:21 ----D---- C:\Program Files\Common Files\System
2010-06-19 17:59:18 ----D---- C:\Windows\system32\XPSViewer
2010-06-19 17:59:18 ----D---- C:\Windows\IME
2010-06-19 17:59:11 ----D---- C:\Windows\system32\oobe
2010-06-19 17:59:11 ----D---- C:\Windows\system32\migration
2010-06-19 17:59:11 ----D---- C:\Windows\system32\AdvancedInstallers
2010-06-19 17:59:10 ----D---- C:\Windows\system32\SLUI
2010-06-19 17:59:10 ----D---- C:\Windows\system32\setup
2010-06-19 17:59:10 ----D---- C:\Windows\system32\migwiz
2010-06-19 17:59:10 ----D---- C:\Windows\system32\manifeststore
2010-06-19 17:59:10 ----D---- C:\Windows\system32\en
2010-06-19 17:59:02 ----RSD---- C:\Windows\Fonts
2010-06-19 17:58:56 ----D---- C:\Windows\system32\Boot
2010-06-17 15:40:22 ----D---- C:\Windows\system32\WDI
2010-06-17 01:11:03 ----D---- C:\Windows\PolicyDefinitions
2010-06-16 07:52:39 ----D---- C:\Windows\system32\spool
2010-06-16 07:51:33 ----ASH---- C:\Program Files\desktop.ini
2010-06-16 07:44:37 ----D---- C:\Windows\MSAgent
2010-06-16 07:44:37 ----D---- C:\Windows\L2Schemas
2010-06-16 07:44:37 ----D---- C:\Windows\DigitalLocker
2010-06-16 07:44:36 ----D---- C:\Windows\system32\com
2010-06-16 07:44:33 ----D---- C:\Windows\system32\sysprep
2010-06-16 07:44:32 ----D---- C:\Windows\system32\ias
2010-06-16 07:43:55 ----D---- C:\Windows\Boot
2010-06-16 06:06:39 ----A---- C:\Windows\system32\ifxcardm.dll
2010-06-16 06:06:35 ----A---- C:\Windows\system32\axaltocm.dll
2010-06-10 20:58:23 ----A---- C:\Windows\win.ini
2010-06-09 19:58:00 ----SD---- C:\Windows\Downloaded Program Files
2010-06-07 19:15:10 ----AD---- C:\ProgramData\TEMP
2010-06-07 07:18:09 ----D---- C:\Program Files\Oberon Media
2010-06-04 09:35:26 ----SD---- C:\ProgramData\Microsoft

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2010-03-01 124784]
R1 DLACDBHM;DLACDBHM; C:\Windows\System32\Drivers\DLACDBHM.SYS [2007-02-08 12856]
R1 DLARTL_M;DLARTL_M; C:\Windows\System32\Drivers\DLARTL_M.SYS [2007-02-08 28120]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2010-02-16 60936]
R2 DLABMFSM;DLABMFSM; C:\Windows\System32\DLA\DLABMFSM.SYS [2006-10-26 35096]
R2 DLABOIOM;DLABOIOM; C:\Windows\System32\DLA\DLABOIOM.SYS [2006-10-26 32472]
R2 DLADResM;DLADResM; C:\Windows\System32\DLA\DLADResM.SYS [2006-10-26 9400]
R2 DLAIFS_M;DLAIFS_M; C:\Windows\System32\DLA\DLAIFS_M.SYS [2006-10-26 104536]
R2 DLAOPIOM;DLAOPIOM; C:\Windows\System32\DLA\DLAOPIOM.SYS [2006-10-26 26296]
R2 DLAPoolM;DLAPoolM; C:\Windows\System32\DLA\DLAPoolM.SYS [2006-10-26 14520]
R2 DLAUDF_M;DLAUDF_M; C:\Windows\System32\DLA\DLAUDF_M.SYS [2006-10-26 97848]
R2 DLAUDFAM;DLAUDFAM; C:\Windows\System32\DLA\DLAUDFAM.SYS [2006-10-26 94648]
R2 DRVNDDM;DRVNDDM; C:\Windows\System32\Drivers\DRVNDDM.SYS [2007-02-09 51768]
R2 X4HSEx;X4HSEx; \??\C:\Program Files\Free Ride Games\X4HSEx.Sys [2010-03-10 56352]
R3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:\Windows\system32\DRIVERS\e1e6032.sys [2008-01-18 220672]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\system32\DRIVERS\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2009-04-10 236544]
R3 LVPr2Mon;Logitech LVPr2Mon Driver; C:\Windows\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2010-01-12 11586280]
R3 PID_PEPI;Logitech QuickCam IM(PID_PEPI); C:\Windows\system32\DRIVERS\LV302V32.SYS [2009-05-01 2687512]
R3 usbaudio;USB Audio Driver (WDM); C:\Windows\system32\drivers\usbaudio.sys [2009-04-10 73216]
R3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
R3 VST_DPV;VST_DPV; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2006-11-02 987648]
R3 VSTHWBS2;VSTHWBS2; C:\Windows\system32\DRIVERS\VSTBS23.SYS [2006-11-02 251904]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2006-11-02 654336]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 MREMP50;MREMP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS []
S3 MREMPR5;MREMPR5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MREMPR5.SYS []
S3 MRENDIS5;MRENDIS5 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRENDIS5.SYS []
S3 MRESP50;MRESP50 NDIS Protocol Driver; \??\C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2009-09-30 40448]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-02-24 135336]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-04-01 267432]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2010-06-10 144176]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 dlcx_device;dlcx_device; C:\Windows\system32\dlcxcoms.exe [2006-11-03 537480]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE [2003-06-19 322120]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2010-01-12 129640]
R2 RoxWatch9;Roxio Hard Drive Watcher 9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [2006-11-05 159744]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2010-05-14 249136]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-08-18 1529728]
R2 YahooAUService;Yahoo! Updater; C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [2008-11-09 602392]
R3 RoxMediaDB9;RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2006-11-05 880640]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-06-25 136176]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-06-25 182768]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Roxio\Roxio MyDVD DE\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2010-06-15 540472]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-09-14 73728]
S3 WPFFontCache_v0400;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe,-100; C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]

-----------------EOF-----------------
rexel
Regular Member
 
Posts: 38
Joined: June 22nd, 2010, 11:55 pm
Advertisement
Register to Remove

PreviousNext

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 268 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware