Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

help with hijackthis log

MalwareRemoval.com provides free support for people with infected computers. Using plain language that anyone can understand, our community of volunteer experts will walk you through each step.

help with hijackthis log

Unread postby gabol » July 21st, 2009, 11:16 am

Here is my hijackthis log file.
Thank you in advance for your help.
Gabriela :bigsmurf:


Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 12:15:17 PM, on 7/20/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Windows\system32\schtasks.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\Windows\system32\jusched.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.ask.com/?o=101718&l=dis
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resour ... cctrl2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1ca02719bd25b1) (gupdate1ca02719bd25b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 7521 bytes
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am
Advertisement
Register to Remove

Re: help with hijackthis log

Unread postby Bio-Hazard » July 24th, 2009, 8:50 am

Hello and Welcome to forums!

My name is Bio-Hazard and I will be helping you to remove any infection(s) that you may have.

Please observe these rules while we work:

  • I will be working on your Malware issues this may or may not solve other issues you have with your machine.
  • The fixes are specific to your problem and should only be used for this issue on this machine.
  • I f you don't know or understand something please don't hesitate to ask.
  • Please DO NOT run any other tools or scans whilst I am helping you.
  • It is important that you reply to this thread. Do not start a new topic.
  • Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
  • Absence of symptoms does not mean that everything is clear.

No Reply Within 3 Days Will Result In Your Topic Being Closed!!
User avatar
Bio-Hazard
MRU Master Emeritus
 
Posts: 4078
Joined: May 10th, 2007, 8:28 am
Location: Cornwall, UK

Re: help with hijackthis log

Unread postby Bio-Hazard » July 24th, 2009, 8:58 am

Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

  • Make sure you are connected to the Internet.
  • Double-click on mbam-setup.exe to install the application.
  • When the installation begins, follow the prompts and do not make any changes to default settings.
  • When installation has finished, make sure you leave both of these checked:
    • Update Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Then click Finish.
  • MBAM will automatically start and you will be asked to update the program before performing a scan. If an update is found, the program will automatically update itself. Press the OK button to close that box and continue. If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
  • On the Scanner tab:
    • Make sure the Perform Full Scan option is selected.
    • Then click on the Scan button.
  • If asked to select the drives to scan, leave all the drives selected and click on the Start Scan button.
  • The scan will begin and Scan in progress will show at the top. It may take some time to complete so please be patient.
  • When the scan is finished, a message box will say The scan completed successfully. Click 'Show Results' to display all objects found.
  • Click OK to close the message box and continue with the removal process.
  • Back at the main Scanner screen, click on the Show Results button to see a list of any malware that was found.
  • Make sure that everything is checked, and click Remove Selected.
  • When removal is completed, a log report will open in Notepad and you may be prompted to restart your computer. (see Note below)
  • The log is automatically saved and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the contents of that report in your next reply and exit MBAM.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.


random's system information tool (RSIT)

  • Download random's system information tool (RSIT) by random/random from HERE and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open:
    • log.txt (<<will be maximized)
    • info.txt (<<will be minimized)
  • Post both of these logs in your next reply (Sometimes you have to make several post to get the logs posted.)


Logs/Information to Post in Next Reply

Please post the following logs/Information in your reply:
  • Malwarebytes Antimalware log
  • RSIT Logs,log.txt (<<will be maximized) and info.txt (<<will be minimized)
  • A description of how your computer is behaving
User avatar
Bio-Hazard
MRU Master Emeritus
 
Posts: 4078
Joined: May 10th, 2007, 8:28 am
Location: Cornwall, UK

Re: help with hijackthis log

Unread postby gabol » July 25th, 2009, 1:46 pm

Hello,

Thank you for your help. Here's the first post, RSIT to follow immediately. By the way, my reason for posting Hijackthis is because I'm having a problem with IE 8 or Firefox opening infinite windows (it only happened twice) and then my computer crashing, and finally I had to do a system restore.

Thanks again.
:bigsmurf:

Malwarebytes' Anti-Malware 1.39
Database version: 2499
Windows 6.0.6002 Service Pack 2

7/25/2009 2:39:55 PM
mbam-log-2009-07-25 (14-39-55).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 257122
Time elapsed: 1 hour(s), 30 minute(s), 43 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby gabol » July 25th, 2009, 2:05 pm

the file is too big, i'm going to send it in two posts...

Logfile of random's system information tool 1.06 (written by random/random)
Run by Hector at 2009-07-25 14:50:39
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 90 GB (63%) free of 143 GB
Total RAM: 2046 MB (53% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:50:50 PM, on 7/25/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\schtasks.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
C:\Windows\system32\jusched.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hector\Downloads\RSIT.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\Hector.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resour ... cctrl2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1ca02719bd25b1) (gupdate1ca02719bd25b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 7750 bytes

======Scheduled tasks folder======

C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\User_Feed_Synchronization-{BB7C019E-FC6E-4429-862A-287E9204BF47}.job

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG8\avgssie.dll [2009-07-24 1111320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
SSVHelper Class - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll [2007-04-07 501400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - Yahoo! Toolbar - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll [2007-03-20 803864]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-18 1008184]
"hpsysdrv"=c:\hp\support\hpsysdrv.exe [2007-04-18 65536]
"OsdMaestro"=C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe [2007-02-15 118784]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe [2008-06-02 178712]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-15 4874240]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2007-05-24 71176]
"SunJavaUpdateReg"=C:\Windows\system32\jureg.exe [2007-04-07 54936]
""= []
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-05-26 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-10-15 39792]
"AVG8_TRAY"=C:\PROGRA~1\AVG\AVG8\avgtray.exe [2009-07-06 1948440]
"NvSvc"=C:\Windows\system32\nvsvc.dll [2007-08-09 86016]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2007-08-09 8466432]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2007-08-09 81920]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"=C:\Windows\SMINST\launcher.exe [2007-04-03 44168]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-04-10 1233920]
"WindowsWelcomeCenter"=oobefldr.dll,ShowWelcomeCenter []
"HPAdvisor"=C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe [2007-06-01 1783400]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-18 125952]
"SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2009-06-23 1830128]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Snapfish Media Detector.lnk - C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon]
C:\Program Files\SUPERAntiSpyware\SASWINLO.dll [2008-12-22 356352]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\EarthLink TotalAccess\TaskPanl.exe"="C:\Program Files\EarthLink TotalAccess\TaskPanl.exe:*:Enabled:Earthlink"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{d69f2dfc-6a65-11de-86f5-001e8c2b773b}]
shell\AutoRun\command - J:\PortableVault.exe


======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 months======

2009-07-25 14:50:39 ----D---- C:\rsit
2009-07-23 15:37:10 ----D---- C:\ie-spyad_zo
2009-07-23 14:47:21 ----A---- C:\Windows\RTKAUDIOSERVICE.EXE
2009-07-18 13:12:52 ----D---- C:\Windows\system32\IOSUBSYS
2009-07-17 20:22:42 ----D---- C:\Program Files\Bonjour
2009-07-16 15:31:42 ----A---- C:\Windows\PCDLIB32.DLL
2009-07-16 12:00:43 ----D---- C:\Program Files\7-Zip
2009-07-15 14:14:12 ----A---- C:\Windows\system32\MSSTDFMT.DLL
2009-07-15 14:14:11 ----D---- C:\Program Files\SpywareBlaster
2009-07-15 14:06:11 ----D---- C:\Program Files\Trend Micro
2009-07-15 14:01:58 ----D---- C:\Program Files\a-squared Free
2009-07-15 13:54:42 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-07-15 13:54:12 ----D---- C:\Program Files\SUPERAntiSpyware
2009-07-15 13:54:11 ----D---- C:\Users\Hector\AppData\Roaming\SUPERAntiSpyware.com
2009-07-15 13:53:34 ----D---- C:\Program Files\Common Files\Wise Installation Wizard
2009-07-15 13:50:02 ----D---- C:\ProgramData\Grisoft
2009-07-14 13:25:44 ----D---- C:\Program Files\Windows Live Safety Center
2009-07-14 11:09:25 ----A---- C:\Windows\system32\t2embed.dll
2009-07-14 11:09:25 ----A---- C:\Windows\system32\lpk.dll
2009-07-14 11:09:25 ----A---- C:\Windows\system32\fontsub.dll
2009-07-14 11:09:25 ----A---- C:\Windows\system32\dciman32.dll
2009-07-14 11:09:25 ----A---- C:\Windows\system32\atmfd.dll
2009-07-13 21:56:35 ----D---- C:\Users\Hector\AppData\Roaming\Malwarebytes
2009-07-13 21:56:29 ----D---- C:\ProgramData\Malwarebytes
2009-07-13 21:56:29 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-07-12 16:48:57 ----D---- C:\Program Files\Common Files\Canon
2009-07-12 15:23:39 ----HD---- C:\ProgramData\CanonBJ
2009-07-12 14:51:54 ----A---- C:\Windows\RtlUpd.exe
2009-07-12 14:51:53 ----A---- C:\Windows\RtHDVCpl.exe
2009-07-12 14:51:47 ----D---- C:\Users\Hector\AppData\Roaming\WinBatch
2009-07-12 00:03:27 ----D---- C:\Windows\system32\eu-ES
2009-07-12 00:03:27 ----D---- C:\Windows\system32\ca-ES
2009-07-12 00:03:24 ----D---- C:\Windows\system32\vi-VN
2009-07-11 23:53:21 ----D---- C:\Windows\system32\EventProviders
2009-07-11 23:52:22 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-07-11 23:52:03 ----A---- C:\Windows\system32\SLsvc.exe
2009-07-11 23:52:03 ----A---- C:\Windows\system32\SLCExt.dll
2009-07-11 23:51:59 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-07-11 23:51:58 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-07-11 23:51:52 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-07-11 23:51:43 ----A---- C:\Windows\system32\mssrch.dll
2009-07-11 23:51:37 ----A---- C:\Windows\system32\tquery.dll
2009-07-11 23:51:30 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-07-11 23:51:30 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-07-11 23:51:30 ----A---- C:\Windows\system32\lsasrv.dll
2009-07-11 23:51:29 ----A---- C:\Windows\system32\scavenge.dll
2009-07-11 23:51:29 ----A---- C:\Windows\system32\RMActivate.exe
2009-07-11 23:51:26 ----A---- C:\Windows\system32\msi.dll
2009-07-11 23:51:24 ----A---- C:\Windows\system32\imapi2fs.dll
2009-07-11 23:51:23 ----A---- C:\Windows\system32\secproc_isv.dll
2009-07-11 23:51:22 ----A---- C:\Windows\system32\WscEapPr.dll
2009-07-11 23:51:22 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-07-11 23:51:22 ----A---- C:\Windows\system32\sysmain.dll
2009-07-11 23:51:20 ----A---- C:\Windows\system32\mf.dll
2009-07-11 23:51:20 ----A---- C:\Windows\system32\icardagt.exe
2009-07-11 23:51:19 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-07-11 23:51:18 ----A---- C:\Windows\system32\EhStorShell.dll
2009-07-11 23:51:17 ----A---- C:\Windows\system32\spreview.exe
2009-07-11 23:51:17 ----A---- C:\Windows\system32\spinstall.exe
2009-07-11 23:51:17 ----A---- C:\Windows\system32\drmv2clt.dll
2009-07-11 23:51:15 ----A---- C:\Windows\system32\spwizui.dll
2009-07-11 23:51:15 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-07-11 23:51:14 ----A---- C:\Windows\system32\secproc.dll
2009-07-11 23:51:12 ----A---- C:\Windows\system32\shell32.dll
2009-07-11 23:51:11 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-07-11 23:51:11 ----A---- C:\Windows\system32\p2psvc.dll
2009-07-11 23:51:11 ----A---- C:\Windows\system32\mssvp.dll
2009-07-11 23:51:11 ----A---- C:\Windows\system32\mscoree.dll
2009-07-11 23:51:10 ----A---- C:\Windows\system32\mssphtb.dll
2009-07-11 23:51:10 ----A---- C:\Windows\system32\mssph.dll
2009-07-11 23:51:10 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-07-11 23:51:10 ----A---- C:\Windows\system32\imapi2.dll
2009-07-11 23:51:09 ----A---- C:\Windows\system32\sdohlp.dll
2009-07-11 23:51:09 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-07-11 23:51:07 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-07-11 23:51:07 ----A---- C:\Windows\system32\esent.dll
2009-07-11 23:51:06 ----A---- C:\Windows\system32\DevicePairing.dll
2009-07-11 23:51:03 ----A---- C:\Windows\system32\sperror.dll
2009-07-11 23:51:03 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-07-11 23:51:02 ----A---- C:\Windows\system32\wevtsvc.dll
2009-07-11 23:51:02 ----A---- C:\Windows\system32\korwbrkr.dll
2009-07-11 23:51:01 ----A---- C:\Windows\system32\SLC.dll
2009-07-11 23:51:01 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-07-11 23:51:01 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-07-11 23:51:01 ----A---- C:\Windows\system32\IasMigReader.exe
2009-07-11 23:50:59 ----A---- C:\Windows\system32\msshsq.dll
2009-07-11 23:50:58 ----A---- C:\Windows\system32\wmp.dll
2009-07-11 23:50:56 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-07-11 23:50:56 ----A---- C:\Windows\system32\msjet40.dll
2009-07-11 23:50:55 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-07-11 23:50:55 ----A---- C:\Windows\system32\MPSSVC.dll
2009-07-11 23:50:54 ----A---- C:\Windows\system32\msxml6.dll
2009-07-11 23:50:52 ----A---- C:\Windows\system32\Query.dll
2009-07-11 23:50:52 ----A---- C:\Windows\system32\qmgr.dll
2009-07-11 23:50:50 ----A---- C:\Windows\system32\msexch40.dll
2009-07-11 23:50:50 ----A---- C:\Windows\system32\diagperf.dll
2009-07-11 23:50:49 ----A---- C:\Windows\system32\P2PGraph.dll
2009-07-11 23:50:48 ----A---- C:\Windows\system32\winload.exe
2009-07-11 23:50:48 ----A---- C:\Windows\system32\srchadmin.dll
2009-07-11 23:50:48 ----A---- C:\Windows\system32\ole32.dll
2009-07-11 23:50:48 ----A---- C:\Windows\system32\ntdll.dll
2009-07-11 23:50:48 ----A---- C:\Windows\system32\msxml3.dll
2009-07-11 23:50:47 ----A---- C:\Windows\system32\uDWM.dll
2009-07-11 23:50:47 ----A---- C:\Windows\system32\mmc.exe
2009-07-11 23:50:47 ----A---- C:\Windows\system32\mblctr.exe
2009-07-11 23:50:47 ----A---- C:\Windows\system32\EncDec.dll
2009-07-11 23:50:47 ----A---- C:\Windows\system32\dfsr.exe
2009-07-11 23:50:46 ----A---- C:\Windows\system32\riched20.dll
2009-07-11 23:50:46 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-07-11 23:50:46 ----A---- C:\Windows\system32\fdBth.dll
2009-07-11 23:50:45 ----A---- C:\Windows\system32\RacEngn.dll
2009-07-11 23:50:44 ----A---- C:\Windows\system32\kernel32.dll
2009-07-11 23:50:43 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-07-11 23:50:43 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-07-11 23:50:43 ----A---- C:\Windows\system32\milcore.dll
2009-07-11 23:50:43 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-07-11 23:50:42 ----A---- C:\Windows\system32\spoolss.dll
2009-07-11 23:50:42 ----A---- C:\Windows\system32\schedsvc.dll
2009-07-11 23:50:42 ----A---- C:\Windows\system32\CertEnroll.dll
2009-07-11 23:50:41 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-07-11 23:50:40 ----A---- C:\Windows\system32\msjtes40.dll
2009-07-11 23:50:40 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-07-11 23:50:39 ----A---- C:\Windows\system32\msvcp60.dll
2009-07-11 23:50:39 ----A---- C:\Windows\system32\infocardapi.dll
2009-07-11 23:50:39 ----A---- C:\Windows\system32\gpedit.dll
2009-07-11 23:50:37 ----A---- C:\Windows\system32\WinSAT.exe
2009-07-11 23:50:36 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-07-11 23:50:36 ----A---- C:\Windows\system32\Magnify.exe
2009-07-11 23:50:36 ----A---- C:\Windows\system32\es.dll
2009-07-11 23:50:36 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-07-11 23:50:35 ----A---- C:\Windows\system32\mstext40.dll
2009-07-11 23:50:35 ----A---- C:\Windows\system32\advapi32.dll
2009-07-11 23:50:33 ----A---- C:\Windows\system32\WMPhoto.dll
2009-07-11 23:50:33 ----A---- C:\Windows\system32\WebClnt.dll
2009-07-11 23:50:33 ----A---- C:\Windows\system32\msexcl40.dll
2009-07-11 23:50:32 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-07-11 23:50:32 ----A---- C:\Windows\system32\vssapi.dll
2009-07-11 23:50:32 ----A---- C:\Windows\system32\slwmi.dll
2009-07-11 23:50:32 ----A---- C:\Windows\system32\msxbde40.dll
2009-07-11 23:50:32 ----A---- C:\Windows\system32\comsvcs.dll
2009-07-11 23:50:32 ----A---- C:\Windows\system32\authui.dll
2009-07-11 23:50:31 ----A---- C:\Windows\system32\PresentationHost.exe
2009-07-11 23:50:31 ----A---- C:\Windows\system32\NetProjW.dll
2009-07-11 23:50:31 ----A---- C:\Windows\system32\mstscax.dll
2009-07-11 23:50:31 ----A---- C:\Windows\system32\msrepl40.dll
2009-07-11 23:50:30 ----A---- C:\Windows\system32\propsys.dll
2009-07-11 23:50:30 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-07-11 23:50:30 ----A---- C:\Windows\system32\newdev.dll
2009-07-11 23:50:30 ----A---- C:\Windows\system32\iasrecst.dll
2009-07-11 23:50:30 ----A---- C:\Windows\system32\gpsvc.dll
2009-07-11 23:50:30 ----A---- C:\Windows\system32\eudcedit.exe
2009-07-11 23:50:30 ----A---- C:\Windows\system32\crypt32.dll
2009-07-11 23:50:30 ----A---- C:\Windows\explorer.exe
2009-07-11 23:50:29 ----A---- C:\Windows\system32\setupapi.dll
2009-07-11 23:50:29 ----A---- C:\Windows\system32\rpcss.dll
2009-07-11 23:50:29 ----A---- C:\Windows\system32\mspbde40.dll
2009-07-11 23:50:29 ----A---- C:\Windows\system32\d3d9.dll
2009-07-11 23:50:28 ----A---- C:\Windows\system32\shlwapi.dll
2009-07-11 23:50:28 ----A---- C:\Windows\system32\msltus40.dll
2009-07-11 23:50:28 ----A---- C:\Windows\system32\mfc42.dll
2009-07-11 23:50:28 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-07-11 23:50:28 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-07-11 23:50:28 ----A---- C:\Windows\system32\davclnt.dll
2009-07-11 23:50:27 ----A---- C:\Windows\system32\msrd3x40.dll
2009-07-11 23:50:26 ----A---- C:\Windows\system32\msdtctm.dll
2009-07-11 23:50:25 ----A---- C:\Windows\system32\wevtapi.dll
2009-07-11 23:50:25 ----A---- C:\Windows\system32\photowiz.dll
2009-07-11 23:50:25 ----A---- C:\Windows\system32\browseui.dll
2009-07-11 23:50:24 ----A---- C:\Windows\system32\nlhtml.dll
2009-07-11 23:50:21 ----A---- C:\Windows\system32\user32.dll
2009-07-11 23:50:20 ----A---- C:\Windows\system32\samsrv.dll
2009-07-11 23:50:20 ----A---- C:\Windows\system32\quartz.dll
2009-07-11 23:50:20 ----A---- C:\Windows\system32\ci.dll
2009-07-11 23:50:19 ----A---- C:\Windows\system32\win32spl.dll
2009-07-11 23:50:19 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-07-11 23:50:18 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-07-11 23:50:17 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-07-11 23:50:17 ----A---- C:\Windows\system32\oleaut32.dll
2009-07-11 23:50:17 ----A---- C:\Windows\system32\kerberos.dll
2009-07-11 23:50:16 ----A---- C:\Windows\system32\netshell.dll
2009-07-11 23:50:16 ----A---- C:\Windows\system32\msv1_0.dll
2009-07-11 23:50:16 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-07-11 23:50:16 ----A---- C:\Windows\system32\compcln.exe
2009-07-11 23:50:16 ----A---- C:\Windows\system32\apds.dll
2009-07-11 23:50:15 ----A---- C:\Windows\system32\xmlfilter.dll
2009-07-11 23:50:15 ----A---- C:\Windows\system32\winhttp.dll
2009-07-11 23:50:15 ----A---- C:\Windows\system32\mswstr10.dll
2009-07-11 23:50:15 ----A---- C:\Windows\system32\msctf.dll
2009-07-11 23:50:15 ----A---- C:\Windows\system32\emdmgmt.dll
2009-07-11 23:50:15 ----A---- C:\Windows\system32\audiosrv.dll
2009-07-11 23:50:14 ----A---- C:\Windows\system32\VSSVC.exe
2009-07-11 23:50:14 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-07-11 23:50:14 ----A---- C:\Windows\system32\msvcrt.dll
2009-07-11 23:50:14 ----A---- C:\Windows\system32\gdi32.dll
2009-07-11 23:50:13 ----A---- C:\Windows\system32\mfc42u.dll
2009-07-11 23:50:13 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-07-11 23:50:12 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-07-11 23:50:12 ----A---- C:\Windows\system32\SLUI.exe
2009-07-11 23:50:12 ----A---- C:\Windows\system32\msrd2x40.dll
2009-07-11 23:50:12 ----A---- C:\Windows\system32\eapphost.dll
2009-07-11 23:50:11 ----A---- C:\Windows\system32\winresume.exe
2009-07-11 23:50:11 ----A---- C:\Windows\system32\propdefs.dll
2009-07-11 23:50:11 ----A---- C:\Windows\system32\odbc32.dll
2009-07-11 23:50:10 ----A---- C:\Windows\system32\shdocvw.dll
2009-07-11 23:50:10 ----A---- C:\Windows\system32\dbgeng.dll
2009-07-11 23:50:09 ----A---- C:\Windows\system32\wevtutil.exe
2009-07-11 23:50:09 ----A---- C:\Windows\system32\mssitlb.dll
2009-07-11 23:50:08 ----A---- C:\Windows\system32\WsmSvc.dll
2009-07-11 23:50:08 ----A---- C:\Windows\system32\swprv.dll
2009-07-11 23:50:08 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-07-11 23:50:07 ----A---- C:\Windows\system32\usp10.dll
2009-07-11 23:50:06 ----A---- C:\Windows\system32\vds.exe
2009-07-11 23:50:06 ----A---- C:\Windows\system32\drvinst.exe
2009-07-11 23:50:06 ----A---- C:\Windows\system32\devmgr.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\schannel.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\netlogon.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\msscb.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\msctfp.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\evr.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-07-11 23:50:05 ----A---- C:\Windows\system32\BFE.DLL
2009-07-11 23:50:05 ----A---- C:\Windows\system32\adsldpc.dll
2009-07-11 23:50:04 ----A---- C:\Windows\system32\WSDApi.dll
2009-07-11 23:50:04 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-07-11 23:50:04 ----A---- C:\Windows\system32\Wldap32.dll
2009-07-11 23:50:04 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-07-11 23:50:04 ----A---- C:\Windows\system32\wcnwiz.dll
2009-07-11 23:50:04 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-07-11 23:50:03 ----A---- C:\Windows\system32\wercon.exe
2009-07-11 23:50:03 ----A---- C:\Windows\system32\wcncsvc.dll
2009-07-11 23:50:03 ----A---- C:\Windows\system32\services.exe
2009-07-11 23:50:03 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-07-11 23:50:03 ----A---- C:\Windows\system32\mimefilt.dll
2009-07-11 23:50:03 ----A---- C:\Windows\system32\comdlg32.dll
2009-07-11 23:50:03 ----A---- C:\Windows\system32\adtschema.dll
2009-07-11 23:50:02 ----A---- C:\Windows\system32\taskeng.exe
2009-07-11 23:50:02 ----A---- C:\Windows\system32\reg.exe
2009-07-11 23:50:02 ----A---- C:\Windows\system32\mswdat10.dll
2009-07-11 23:50:02 ----A---- C:\Windows\system32\msjter40.dll
2009-07-11 23:50:02 ----A---- C:\Windows\system32\msdtcprx.dll
2009-07-11 23:50:02 ----A---- C:\Windows\system32\msdrm.dll
2009-07-11 23:50:02 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-07-11 23:50:02 ----A---- C:\Windows\system32\certcli.dll
2009-07-11 23:50:01 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-07-11 23:50:01 ----A---- C:\Windows\system32\w32time.dll
2009-07-11 23:50:01 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-07-11 23:50:01 ----A---- C:\Windows\system32\rtffilt.dll
2009-07-11 23:50:01 ----A---- C:\Windows\system32\dnsapi.dll
2009-07-11 23:50:01 ----A---- C:\Windows\system32\certutil.exe
2009-07-11 23:50:00 ----A---- C:\Windows\system32\msshooks.dll
2009-07-11 23:50:00 ----A---- C:\Windows\system32\msscntrs.dll
2009-07-11 23:50:00 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-07-11 23:50:00 ----A---- C:\Windows\system32\bthserv.dll
2009-07-11 23:50:00 ----A---- C:\Windows\system32\bcrypt.dll
2009-07-11 23:49:59 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-07-11 23:49:59 ----A---- C:\Windows\system32\rsaenh.dll
2009-07-11 23:49:59 ----A---- C:\Windows\system32\msstrc.dll
2009-07-11 23:49:59 ----A---- C:\Windows\system32\msihnd.dll
2009-07-11 23:49:59 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-07-11 23:49:58 ----A---- C:\Windows\system32\netapi32.dll
2009-07-11 23:49:58 ----A---- C:\Windows\system32\mtxclu.dll
2009-07-11 23:49:58 ----A---- C:\Windows\system32\inetpp.dll
2009-07-11 23:49:58 ----A---- C:\Windows\system32\inetcomm.dll
2009-07-11 23:49:58 ----A---- C:\Windows\system32\dfshim.dll
2009-07-11 23:49:57 ----A---- C:\Windows\system32\mscories.dll
2009-07-11 23:49:57 ----A---- C:\Windows\system32\hidserv.dll
2009-07-11 23:49:57 ----A---- C:\Windows\system32\fundisc.dll
2009-07-11 23:49:57 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-07-11 23:49:57 ----A---- C:\Windows\system32\cryptsvc.dll
2009-07-11 23:49:56 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-07-11 23:49:56 ----A---- C:\Windows\system32\termsrv.dll
2009-07-11 23:49:56 ----A---- C:\Windows\system32\profsvc.dll
2009-07-11 23:49:55 ----A---- C:\Windows\system32\wdc.dll
2009-07-11 23:49:55 ----A---- C:\Windows\system32\shsvcs.dll
2009-07-11 23:49:55 ----A---- C:\Windows\system32\msiexec.exe
2009-07-11 23:49:55 ----A---- C:\Windows\system32\imapi.dll
2009-07-11 23:49:55 ----A---- C:\Windows\system32\gameux.dll
2009-07-11 23:49:54 ----A---- C:\Windows\system32\rasmans.dll
2009-07-11 23:49:54 ----A---- C:\Windows\system32\iassdo.dll
2009-07-11 23:49:54 ----A---- C:\Windows\system32\chsbrkr.dll
2009-07-11 23:49:53 ----A---- C:\Windows\system32\spoolsv.exe
2009-07-11 23:49:53 ----A---- C:\Windows\system32\pnidui.dll
2009-07-11 23:49:53 ----A---- C:\Windows\system32\icardres.dll
2009-07-11 23:49:53 ----A---- C:\Windows\system32\autofmt.exe
2009-07-11 23:49:52 ----A---- C:\Windows\system32\wersvc.dll
2009-07-11 23:49:52 ----A---- C:\Windows\system32\slmgr.vbs
2009-07-11 23:49:52 ----A---- C:\Windows\system32\scrrun.dll
2009-07-11 23:49:52 ----A---- C:\Windows\system32\PSHED.DLL
2009-07-11 23:49:51 ----A---- C:\Windows\system32\pidgenx.dll
2009-07-11 23:49:51 ----A---- C:\Windows\system32\pdh.dll
2009-07-11 23:49:51 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-07-11 23:49:51 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-07-11 23:49:51 ----A---- C:\Windows\system32\azroles.dll
2009-07-11 23:49:50 ----A---- C:\Windows\system32\wmpmde.dll
2009-07-11 23:49:49 ----A---- C:\Windows\system32\winlogon.exe
2009-07-11 23:49:49 ----A---- C:\Windows\system32\SyncCenter.dll
2009-07-11 23:49:49 ----A---- C:\Windows\system32\SLUINotify.dll
2009-07-11 23:49:49 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-07-11 23:49:49 ----A---- C:\Windows\system32\comuid.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\untfs.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\spp.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\sethc.exe
2009-07-11 23:49:48 ----A---- C:\Windows\system32\scrobj.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\ncrypt.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\kd1394.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\iassam.dll
2009-07-11 23:49:48 ----A---- C:\Windows\system32\certmgr.dll
2009-07-11 23:49:47 ----A---- C:\Windows\system32\wisptis.exe
2009-07-11 23:49:47 ----A---- C:\Windows\system32\taskcomp.dll
2009-07-11 23:49:47 ----A---- C:\Windows\system32\rtutils.dll
2009-07-11 23:49:47 ----A---- C:\Windows\system32\dwm.exe
2009-07-11 23:49:47 ----A---- C:\Windows\system32\autochk.exe
2009-07-11 23:49:46 ----A---- C:\Windows\system32\winsrv.dll
2009-07-11 23:49:46 ----A---- C:\Windows\system32\printui.dll
2009-07-11 23:49:46 ----A---- C:\Windows\system32\iasnap.dll
2009-07-11 23:49:46 ----A---- C:\Windows\system32\autoconv.exe
2009-07-11 23:49:45 ----A---- C:\Windows\system32\wow32.dll
2009-07-11 23:49:45 ----A---- C:\Windows\system32\userenv.dll
2009-07-11 23:49:45 ----A---- C:\Windows\system32\osk.exe
2009-07-11 23:49:45 ----A---- C:\Windows\system32\onex.dll
2009-07-11 23:49:45 ----A---- C:\Windows\system32\mswsock.dll
2009-07-11 23:49:45 ----A---- C:\Windows\system32\kdcom.dll
2009-07-11 23:49:45 ----A---- C:\Windows\system32\cscript.exe
2009-07-11 23:49:45 ----A---- C:\Windows\system32\basecsp.dll
2009-07-11 23:49:45 ----A---- C:\Windows\system32\audiodg.exe
2009-07-11 23:49:44 ----A---- C:\Windows\system32\spcmsg.dll
2009-07-11 23:49:44 ----A---- C:\Windows\system32\RelMon.dll
2009-07-11 23:49:44 ----A---- C:\Windows\system32\kdusb.dll
2009-07-11 23:49:43 ----A---- C:\Windows\system32\WinSCard.dll
2009-07-11 23:49:43 ----A---- C:\Windows\system32\winmm.dll
2009-07-11 23:49:43 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-07-11 23:49:43 ----A---- C:\Windows\system32\rdpencom.dll
2009-07-11 23:49:43 ----A---- C:\Windows\system32\offfilt.dll
2009-07-11 23:49:43 ----A---- C:\Windows\system32\msftedit.dll
2009-07-11 23:49:43 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-07-11 23:49:42 ----A---- C:\Windows\system32\WerFault.exe
2009-07-11 23:49:42 ----A---- C:\Windows\system32\Utilman.exe
2009-07-11 23:49:42 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-07-11 23:49:42 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\wsepno.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\stobject.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\SndVol.exe
2009-07-11 23:49:41 ----A---- C:\Windows\system32\msnetobj.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\mscms.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\mfplat.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\mcmde.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\diskraid.exe
2009-07-11 23:49:41 ----A---- C:\Windows\system32\apphelp.dll
2009-07-11 23:49:41 ----A---- C:\Windows\system32\adsmsext.dll
2009-07-11 23:49:40 ----A---- C:\Windows\system32\wscript.exe
2009-07-11 23:49:40 ----A---- C:\Windows\system32\wiaservc.dll
2009-07-11 23:49:40 ----A---- C:\Windows\system32\ulib.dll
2009-07-11 23:49:40 ----A---- C:\Windows\system32\sysclass.dll
2009-07-11 23:49:40 ----A---- C:\Windows\system32\secur32.dll
2009-07-11 23:49:40 ----A---- C:\Windows\system32\prnntfy.dll
2009-07-11 23:49:40 ----A---- C:\Windows\system32\odbccp32.dll
2009-07-11 23:49:40 ----A---- C:\Windows\system32\iasdatastore.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\wscntfy.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\wlansvc.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\rastapi.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\pnpsetup.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-07-11 23:49:39 ----A---- C:\Windows\system32\fdProxy.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\dsound.dll
2009-07-11 23:49:39 ----A---- C:\Windows\system32\cryptui.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\wscsvc.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-07-11 23:49:38 ----A---- C:\Windows\system32\wlangpui.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\vdsdyn.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\rastls.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\netiohlp.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\logman.exe
2009-07-11 23:49:38 ----A---- C:\Windows\system32\iashlpr.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\gpapi.dll
2009-07-11 23:49:38 ----A---- C:\Windows\system32\diskpart.exe
2009-07-11 23:49:38 ----A---- C:\Windows\system32\brcpl.dll
2009-07-11 23:49:37 ----A---- C:\Windows\system32\zipfldr.dll
2009-07-11 23:49:37 ----A---- C:\Windows\system32\wusa.exe
2009-07-11 23:49:37 ----A---- C:\Windows\system32\regsvc.dll
2009-07-11 23:49:37 ----A---- C:\Windows\system32\rasapi32.dll
2009-07-11 23:49:37 ----A---- C:\Windows\system32\ntprint.dll
2009-07-11 23:49:37 ----A---- C:\Windows\system32\mscorier.dll
2009-07-11 23:49:37 ----A---- C:\Windows\system32\iasrad.dll
2009-07-11 23:49:37 ----A---- C:\Windows\system32\findstr.exe
2009-07-11 23:49:36 ----A---- C:\Windows\system32\wshext.dll
2009-07-11 23:49:36 ----A---- C:\Windows\system32\wpccpl.dll
2009-07-11 23:49:36 ----A---- C:\Windows\system32\rasdlg.dll
2009-07-11 23:49:36 ----A---- C:\Windows\system32\netcenter.dll
2009-07-11 23:49:35 ----A---- C:\Windows\system32\wsnmp32.dll
2009-07-11 23:49:35 ----A---- C:\Windows\system32\wer.dll
2009-07-11 23:49:35 ----A---- C:\Windows\system32\themecpl.dll
2009-07-11 23:49:35 ----A---- C:\Windows\system32\iassvcs.dll
2009-07-11 23:49:34 ----A---- C:\Windows\system32\uxsms.dll
2009-07-11 23:49:34 ----A---- C:\Windows\system32\tsbyuv.dll
2009-07-11 23:49:34 ----A---- C:\Windows\system32\srvsvc.dll
2009-07-11 23:49:34 ----A---- C:\Windows\system32\mssprxy.dll
2009-07-11 23:49:33 ----A---- C:\Windows\system32\slcc.dll
2009-07-11 23:49:33 ----A---- C:\Windows\system32\scansetting.dll
2009-07-11 23:49:33 ----A---- C:\Windows\system32\powrprof.dll
2009-07-11 23:49:33 ----A---- C:\Windows\system32\ntmarta.dll
2009-07-11 23:49:33 ----A---- C:\Windows\system32\msutb.dll
2009-07-11 23:49:33 ----A---- C:\Windows\system32\mstsc.exe
2009-07-11 23:49:33 ----A---- C:\Windows\system32\mstlsapi.dll
2009-07-11 23:49:33 ----A---- C:\Windows\system32\iasads.dll
2009-07-11 23:49:32 ----A---- C:\Windows\system32\powercpl.dll
2009-07-11 23:49:32 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-07-11 23:49:32 ----A---- C:\Windows\system32\newdev.exe
2009-07-11 23:49:32 ----A---- C:\Windows\system32\networkmap.dll
2009-07-11 23:49:32 ----A---- C:\Windows\system32\iasacct.dll
2009-07-11 23:49:32 ----A---- C:\Windows\system32\authz.dll
2009-07-11 23:49:31 ----A---- C:\Windows\system32\wlanhlp.dll
2009-07-11 23:49:31 ----A---- C:\Windows\system32\themeui.dll
2009-07-11 23:49:31 ----A---- C:\Windows\system32\systemcpl.dll
2009-07-11 23:49:31 ----A---- C:\Windows\system32\sud.dll
2009-07-11 23:49:31 ----A---- C:\Windows\system32\pcaui.dll
2009-07-11 23:49:31 ----A---- C:\Windows\system32\dot3svc.dll
2009-07-11 23:49:31 ----A---- C:\Windows\system32\connect.dll
2009-07-11 23:49:30 ----A---- C:\Windows\system32\usercpl.dll
2009-07-11 23:49:30 ----A---- C:\Windows\system32\samlib.dll
2009-07-11 23:49:30 ----A---- C:\Windows\system32\qdvd.dll
2009-07-11 23:49:30 ----A---- C:\Windows\system32\mmci.dll
2009-07-11 23:49:30 ----A---- C:\Windows\system32\autoplay.dll
2009-07-11 23:49:30 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-07-11 23:49:29 ----A---- C:\Windows\system32\wpcao.dll
2009-07-11 23:49:29 ----A---- C:\Windows\system32\wlanpref.dll
2009-07-11 23:49:29 ----A---- C:\Windows\system32\vdsutil.dll
2009-07-11 23:49:29 ----A---- C:\Windows\system32\rpchttp.dll
2009-07-11 23:49:29 ----A---- C:\Windows\system32\regapi.dll
2009-07-11 23:49:29 ----A---- C:\Windows\system32\msinfo32.exe
2009-07-11 23:49:28 ----A---- C:\Windows\system32\tapisrv.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\scksp.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\scesrv.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\psisdecd.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\oleprn.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\mpr.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\imm32.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\feclient.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\dot3msm.dll
2009-07-11 23:49:28 ----A---- C:\Windows\system32\AudioSes.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\wscisvif.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\sdclt.exe
2009-07-11 23:49:27 ----A---- C:\Windows\system32\rekeywiz.exe
2009-07-11 23:49:27 ----A---- C:\Windows\system32\qedit.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\pnpui.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\perfdisk.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\ncryptui.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\iaspolcy.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\Faultrep.dll
2009-07-11 23:49:27 ----A---- C:\Windows\system32\dpapimig.exe
2009-07-11 23:49:27 ----A---- C:\Windows\system32\DeviceEject.exe
2009-07-11 23:49:26 ----A---- C:\Windows\system32\TSTheme.exe
2009-07-11 23:49:26 ----A---- C:\Windows\system32\spwinsat.dll
2009-07-11 23:49:26 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-07-11 23:49:26 ----A---- C:\Windows\system32\scecli.dll
2009-07-11 23:49:26 ----A---- C:\Windows\system32\rasplap.dll
2009-07-11 23:49:26 ----A---- C:\Windows\system32\rasgcw.dll
2009-07-11 23:49:26 ----A---- C:\Windows\system32\hdwwiz.exe
2009-07-11 23:49:26 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-07-11 23:49:26 ----A---- C:\Windows\system32\certreq.exe
2009-07-11 23:49:25 ----A---- C:\Windows\system32\whealogr.dll
2009-07-11 23:49:25 ----A---- C:\Windows\system32\tcpmon.dll
2009-07-11 23:49:25 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-07-11 23:49:25 ----A---- C:\Windows\system32\srcore.dll
2009-07-11 23:49:25 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-07-11 23:49:25 ----A---- C:\Windows\system32\fdWSD.dll
2009-07-11 23:49:25 ----A---- C:\Windows\system32\cmmon32.exe
2009-07-11 23:49:24 ----A---- C:\Windows\system32\wiaaut.dll
2009-07-11 23:49:24 ----A---- C:\Windows\system32\SnippingTool.exe
2009-07-11 23:49:24 ----A---- C:\Windows\system32\SCardSvr.dll
2009-07-11 23:49:24 ----A---- C:\Windows\system32\raschap.dll
2009-07-11 23:49:24 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-07-11 23:49:24 ----A---- C:\Windows\system32\fontext.dll
2009-07-11 23:49:24 ----A---- C:\Windows\system32\conime.exe
2009-07-11 23:49:24 ----A---- C:\Windows\system32\cmdial32.dll
2009-07-11 23:49:23 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-07-11 23:49:23 ----A---- C:\Windows\system32\wlanui.dll
2009-07-11 23:49:23 ----A---- C:\Windows\system32\wlanmsm.dll
2009-07-11 23:49:23 ----A---- C:\Windows\system32\shwebsvc.dll
2009-07-11 23:49:23 ----A---- C:\Windows\system32\rasppp.dll
2009-07-11 23:49:23 ----A---- C:\Windows\system32\PnPutil.exe
2009-07-11 23:49:23 ----A---- C:\Windows\system32\dsprop.dll
2009-07-11 23:49:23 ----A---- C:\Windows\system32\dimsroam.dll
2009-07-11 23:49:22 ----A---- C:\Windows\system32\shsetup.dll
2009-07-11 23:49:22 ----A---- C:\Windows\system32\rasmontr.dll
2009-07-11 23:49:22 ----A---- C:\Windows\system32\oobefldr.dll
2009-07-11 23:49:22 ----A---- C:\Windows\system32\mscandui.dll
2009-07-11 23:49:22 ----A---- C:\Windows\system32\modemui.dll
2009-07-11 23:49:21 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-07-11 23:49:21 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-07-11 23:49:21 ----A---- C:\Windows\system32\rdpwsx.dll
2009-07-11 23:49:21 ----A---- C:\Windows\system32\dataclen.dll
2009-07-11 23:49:21 ----A---- C:\Windows\system32\chtbrkr.dll
2009-07-11 23:49:21 ----A---- C:\Windows\system32\blackbox.dll
2009-07-11 23:49:20 ----A---- C:\Windows\system32\WSDMon.dll
2009-07-11 23:49:20 ----A---- C:\Windows\system32\wmpeffects.dll
2009-07-11 23:49:20 ----A---- C:\Windows\system32\smss.exe
2009-07-11 23:49:20 ----A---- C:\Windows\system32\netplwiz.dll
2009-07-11 23:49:20 ----A---- C:\Windows\system32\credui.dll
2009-07-11 23:49:20 ----A---- C:\Windows\system32\certprop.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\wscapi.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\wpcsvc.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\thawbrkr.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\networkexplorer.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\msscp.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\msimtf.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\logagent.exe
2009-07-11 23:49:19 ----A---- C:\Windows\system32\InkEd.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\ifmon.dll
2009-07-11 23:49:19 ----A---- C:\Windows\system32\gpresult.exe
2009-07-11 23:49:19 ----A---- C:\Windows\system32\cipher.exe
2009-07-11 23:49:17 ----A---- C:\Windows\system32\softkbd.dll
2009-07-11 23:49:17 ----A---- C:\Windows\system32\sendmail.dll
2009-07-11 23:49:17 ----A---- C:\Windows\system32\msctfui.dll
2009-07-11 23:49:17 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-07-11 23:49:16 ----A---- C:\Windows\system32\puiapi.dll
2009-07-11 23:49:16 ----A---- C:\Windows\system32\olepro32.dll
2009-07-11 23:49:16 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-07-11 23:49:16 ----A---- C:\Windows\system32\dmsynth.dll
2009-07-11 23:49:16 ----A---- C:\Windows\system32\cdd.dll
2009-07-11 23:49:16 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-07-11 23:49:15 ----A---- C:\Windows\system32\wshbth.dll
2009-07-11 23:49:15 ----A---- C:\Windows\system32\version.dll
2009-07-11 23:49:15 ----A---- C:\Windows\system32\SLLUA.exe
2009-07-11 23:49:15 ----A---- C:\Windows\system32\msisip.dll
2009-07-11 23:49:15 ----A---- C:\Windows\system32\mprapi.dll
2009-07-11 23:49:15 ----A---- C:\Windows\system32\input.dll
2009-07-11 23:49:15 ----A---- C:\Windows\system32\fc.exe
2009-07-11 23:49:15 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-07-11 23:49:14 ----A---- C:\Windows\system32\fdSSDP.dll
2009-07-11 23:49:14 ----A---- C:\Windows\system32\dmusic.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\msjint40.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\l2nacp.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\ftp.exe
2009-07-11 23:49:13 ----A---- C:\Windows\system32\eapp3hst.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\cscdll.dll
2009-07-11 23:49:13 ----A---- C:\Windows\system32\cscapi.dll
2009-07-11 23:49:12 ----A---- C:\Windows\system32\wsdchngr.dll
2009-07-11 23:49:12 ----A---- C:\Windows\system32\Storprop.dll
2009-07-11 23:49:12 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-07-11 23:49:12 ----A---- C:\Windows\system32\rrinstaller.exe
2009-07-11 23:49:12 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-07-11 23:49:12 ----A---- C:\Windows\system32\bthci.dll
2009-07-11 23:49:11 ----A---- C:\Windows\system32\rasdial.exe
2009-07-11 23:49:11 ----A---- C:\Windows\system32\rasdiag.dll
2009-07-11 23:49:11 ----A---- C:\Windows\system32\fdWCN.dll
2009-07-11 23:49:11 ----A---- C:\Windows\system32\dot3cfg.dll
2009-07-11 23:49:11 ----A---- C:\Windows\system32\bthudtask.exe
2009-07-11 23:49:10 ----A---- C:\Windows\system32\tscupgrd.exe
2009-07-11 23:49:10 ----A---- C:\Windows\system32\slcinst.dll
2009-07-11 23:49:10 ----A---- C:\Windows\system32\nslookup.exe
2009-07-11 23:49:10 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-07-11 23:49:10 ----A---- C:\Windows\system32\mfps.dll
2009-07-11 23:49:10 ----A---- C:\Windows\system32\ipconfig.exe
2009-07-11 23:49:10 ----A---- C:\Windows\system32\eappcfg.dll
2009-07-11 23:49:10 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-07-11 23:49:10 ----A---- C:\Windows\system32\aaclient.dll
2009-07-11 23:49:09 ----A---- C:\Windows\system32\ocsetup.exe
2009-07-11 23:49:09 ----A---- C:\Windows\system32\hbaapi.dll
2009-07-11 23:49:09 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-07-11 23:49:09 ----A---- C:\Windows\system32\fdeploy.dll
2009-07-11 23:49:09 ----A---- C:\Windows\system32\eappgnui.dll
2009-07-11 23:49:08 ----A---- C:\Windows\system32\tsgqec.dll
2009-07-11 23:49:08 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-07-11 23:49:08 ----A---- C:\Windows\system32\mmcico.dll
2009-07-11 23:49:08 ----A---- C:\Windows\system32\mfpmp.exe
2009-07-11 23:49:08 ----A---- C:\Windows\system32\gpupdate.exe
2009-07-11 23:49:07 ----A---- C:\Windows\system32\csrstub.exe
2009-07-11 23:49:07 ----A---- C:\Windows\system32\cbsra.exe
2009-07-11 23:49:07 ----A---- C:\Windows\system32\bitsigd.dll
2009-07-11 23:49:07 ----A---- C:\Windows\system32\atmlib.dll
2009-07-11 23:49:06 ----A---- C:\Windows\system32\NcdProp.dll
2009-07-11 23:49:06 ----A---- C:\Windows\system32\iscsilog.dll
2009-07-11 23:49:05 ----A---- C:\Windows\system32\winrnr.dll
2009-07-11 23:49:05 ----A---- C:\Windows\system32\vdmdbg.dll
2009-07-11 23:49:05 ----A---- C:\Windows\system32\slwga.dll
2009-07-11 23:49:05 ----A---- C:\Windows\system32\odbcconf.dll
2009-07-11 23:49:05 ----A---- C:\Windows\system32\midimap.dll
2009-07-11 23:49:05 ----A---- C:\Windows\system32\inetppui.dll
2009-07-11 23:49:03 ----A---- C:\Windows\system32\spwmp.dll
2009-07-11 23:49:02 ----A---- C:\Windows\system32\wmploc.DLL
2009-07-11 23:49:02 ----A---- C:\Windows\system32\dxmasf.dll
2009-07-11 23:48:57 ----A---- C:\Windows\system32\msimsg.dll
2009-07-11 23:48:57 ----A---- C:\Windows\system32\mferror.dll
2009-07-11 23:48:57 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-07-11 23:48:36 ----A---- C:\Windows\system32\SmiEngine.dll
2009-07-11 23:48:32 ----A---- C:\Windows\system32\wdscore.dll
2009-07-11 23:48:32 ----A---- C:\Windows\system32\PkgMgr.exe
2009-07-11 23:48:20 ----A---- C:\Windows\system32\drvstore.dll
2009-07-11 18:18:36 ----ASH---- C:\Users\Hector\AppData\Roaming\desktop.ini
2009-07-11 15:16:09 ----D---- C:\Users\Hector\AppData\Roaming\DivX
2009-07-11 14:46:01 ----D---- C:\Program Files\Google
2009-07-11 14:45:58 ----D---- C:\Program Files\DivX
2009-07-09 22:19:46 ----D---- C:\Users\Hector\AppData\Roaming\WildTangent
2009-07-09 21:35:32 ----HD---- C:\ProgramData\ArcSoft
2009-07-09 21:34:44 ----D---- C:\Program Files\Common Files\ArcSoft
2009-07-09 21:34:23 ----D---- C:\Users\Hector\AppData\Roaming\ArcSoft
2009-07-09 19:37:32 ----D---- C:\PerfLogs
2009-07-09 19:07:07 ----A---- C:\Windows\system32\recdisc.exe
2009-07-09 19:07:04 ----A---- C:\Windows\system32\sdspres.dll
2009-07-09 19:06:47 ----A---- C:\Windows\system32\sxproxy.dll
2009-07-09 19:06:21 ----A---- C:\Windows\system32\mstask.dll
2009-07-09 19:06:21 ----A---- C:\Windows\system32\mssha.dll
2009-07-09 19:06:21 ----A---- C:\Windows\system32\msrdc.dll
2009-07-09 19:06:21 ----A---- C:\Windows\system32\msra.exe
2009-07-09 19:06:20 ----A---- C:\Windows\system32\NAPMONTR.DLL
2009-07-09 19:06:20 ----A---- C:\Windows\system32\napipsec.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\NapiNSP.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\NAPHLPR.DLL
2009-07-09 19:06:20 ----A---- C:\Windows\system32\napdsnap.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\NAPCRYPT.DLL
2009-07-09 19:06:20 ----A---- C:\Windows\system32\mydocs.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\mycomput.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\MuiUnattend.exe
2009-07-09 19:06:20 ----A---- C:\Windows\system32\mtxoci.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\mtxlegih.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\mtxdm.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\mtstocom.exe
2009-07-09 19:06:20 ----A---- C:\Windows\system32\mswmdm.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\msvidc32.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\msvfw32.dll
2009-07-09 19:06:20 ----A---- C:\Windows\system32\msvbvm60.dll
2009-07-09 19:06:19 ----A---- C:\Windows\system32\msdtcVSp1res.dll
2009-07-09 19:06:19 ----A---- C:\Windows\system32\msdtcuiu.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\MSMPEG2ENC.DLL
2009-07-09 19:06:18 ----A---- C:\Windows\system32\MSMPEG2ADEC.DLL
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msmmsp.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdtclog.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdtckrm.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdtc.exe
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdt.exe
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdt.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdri.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdmo.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdelta.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdart.dll
2009-07-09 19:06:18 ----A---- C:\Windows\system32\msdadiag.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\mspatcha.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\mspaint.exe
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msorcl32.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msoert2.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msoeacct.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msobjs.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msieftp.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msidle.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msident.dll
2009-07-09 19:06:17 ----A---- C:\Windows\system32\msidcrl30.dll
2009-07-09 19:06:15 ----A---- C:\Windows\system32\notepad.exe
2009-07-09 19:06:15 ----A---- C:\Windows\system32\Nlsdl.dll
2009-07-09 19:06:15 ----A---- C:\Windows\notepad.exe
2009-07-09 19:06:14 ----A---- C:\Windows\system32\nlmgp.dll
2009-07-09 19:06:13 ----A---- C:\Windows\system32\nlsbres.dll
2009-07-09 19:06:09 ----A---- C:\Windows\system32\odbctrac.dll
2009-07-09 19:06:09 ----A---- C:\Windows\system32\odbcjt32.dll
2009-07-09 19:06:09 ----A---- C:\Windows\system32\odbccu32.dll
2009-07-09 19:06:09 ----A---- C:\Windows\system32\odbccr32.dll
2009-07-09 19:06:09 ----A---- C:\Windows\system32\odbcbcp.dll
2009-07-09 19:06:09 ----A---- C:\Windows\system32\objsel.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\ntvdm.exe
2009-07-09 19:06:08 ----A---- C:\Windows\system32\ntshrui.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\ntlanman.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\ntdsapi.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\nsisvc.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\nsi.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\nshipsec.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\nshhttp.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\netdiagfx.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\netcorehc.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\netcfgx.dll
2009-07-09 19:06:08 ----A---- C:\Windows\system32\netcfg.exe
2009-07-09 19:06:08 ----A---- C:\Windows\system32\netbtugc.exe
2009-07-09 19:06:07 ----A---- C:\Windows\system32\nlasvc.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\nlaapi.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\Netplwiz.exe
2009-07-09 19:06:07 ----A---- C:\Windows\system32\netman.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\netiougc.exe
2009-07-09 19:06:07 ----A---- C:\Windows\system32\netid.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\netevent.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\net1.exe
2009-07-09 19:06:07 ----A---- C:\Windows\system32\net.exe
2009-07-09 19:06:07 ----A---- C:\Windows\system32\ndfetw.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\ndfapi.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\ncsi.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\ncobjapi.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\nci.dll
2009-07-09 19:06:07 ----A---- C:\Windows\system32\nbtstat.exe
2009-07-09 19:06:07 ----A---- C:\Windows\system32\NAPSTAT.EXE
2009-07-09 19:06:06 ----A---- C:\Windows\system32\netprofm.dll
2009-07-09 19:06:06 ----A---- C:\Windows\system32\netprof.dll
2009-07-09 19:06:06 ----A---- C:\Windows\system32\makecab.exe
2009-07-09 19:06:06 ----A---- C:\Windows\system32\luainstall.dll
2009-07-09 19:06:06 ----A---- C:\Windows\system32\lsmproxy.dll
2009-07-09 19:06:06 ----A---- C:\Windows\system32\lsm.exe
2009-07-09 19:06:06 ----A---- C:\Windows\system32\lpremove.exe
2009-07-09 19:06:06 ----A---- C:\Windows\system32\lpksetup.exe
2009-07-09 19:06:06 ----A---- C:\Windows\system32\LogonUI.exe
2009-07-09 19:06:06 ----A---- C:\Windows\system32\loghours.dll
2009-07-09 19:06:06 ----A---- C:\Windows\system32\lodctr.exe
2009-07-09 19:06:06 ----A---- C:\Windows\system32\localui.dll
2009-07-09 19:06:06 ----A---- C:\Windows\system32\localsec.dll
2009-07-09 19:06:05 ----A---- C:\Windows\system32\MFWMAAEC.DLL
2009-07-09 19:06:05 ----A---- C:\Windows\system32\mfvdsp.dll
2009-07-09 19:06:05 ----A---- C:\Windows\system32\mfcsubs.dll
2009-07-09 19:06:05 ----A---- C:\Windows\system32\MdSched.exe
2009-07-09 19:06:05 ----A---- C:\Windows\system32\mdminst.dll
2009-07-09 19:06:05 ----A---- C:\Windows\system32\McxDriv.dll
2009-07-09 19:06:05 ----A---- C:\Windows\system32\Mcx2Svc.dll
2009-07-09 19:06:05 ----A---- C:\Windows\system32\mcbuilder.exe
2009-07-09 19:06:04 ----A---- C:\Windows\system32\loadperf.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\lnkstub.exe
2009-07-09 19:06:04 ----A---- C:\Windows\system32\lltdsvc.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\lltdapi.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\LangCleanupSysprepAction.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\L2SecHC.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\l2gpstore.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\ktmw32.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\ktmutil.exe
2009-07-09 19:06:04 ----A---- C:\Windows\system32\KMSVC.DLL
2009-07-09 19:06:04 ----A---- C:\Windows\system32\keymgr.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\itss.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\iscsiwmi.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\iscsium.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\iscsiexe.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\iscsied.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\iprtrmgr.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\iprtprio.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\ipnathlp.dll
2009-07-09 19:06:04 ----A---- C:\Windows\system32\IPBusEnum.dll
2009-07-09 19:06:03 ----A---- C:\Windows\system32\msconfig.exe
2009-07-09 19:06:03 ----A---- C:\Windows\system32\mprmsg.dll
2009-07-09 19:06:03 ----A---- C:\Windows\system32\mprdim.dll
2009-07-09 19:06:03 ----A---- C:\Windows\system32\mprddm.dll
2009-07-09 19:06:03 ----A---- C:\Windows\system32\MPG4DECD.DLL
2009-07-09 19:06:03 ----A---- C:\Windows\system32\MP4SDECD.DLL
2009-07-09 19:06:03 ----A---- C:\Windows\system32\MP43DECD.DLL
2009-07-09 19:06:03 ----A---- C:\Windows\system32\MP3DMOD.DLL
2009-07-09 19:06:03 ----A---- C:\Windows\system32\mountvol.exe
2009-07-09 19:06:03 ----A---- C:\Windows\system32\KBDKOR.DLL
2009-07-09 19:06:03 ----A---- C:\Windows\system32\KBDJPN.DLL
2009-07-09 19:06:02 ----A---- C:\Windows\system32\msacm32.dll
2009-07-09 19:06:02 ----A---- C:\Windows\system32\MSAC3ENC.DLL
2009-07-09 19:06:02 ----A---- C:\Windows\system32\msaatext.dll
2009-07-09 19:06:01 ----A---- C:\Windows\system32\mobsync.exe
2009-07-09 19:06:01 ----A---- C:\Windows\system32\mmcss.dll
2009-07-09 19:06:01 ----A---- C:\Windows\system32\mmcshext.dll
2009-07-09 19:06:01 ----A---- C:\Windows\system32\mmcbase.dll
2009-07-09 19:06:01 ----A---- C:\Windows\system32\mlang.dll
2009-07-09 19:06:00 ----A---- C:\Windows\system32\seclogon.dll
2009-07-09 19:06:00 ----A---- C:\Windows\system32\SecEdit.exe
2009-07-09 19:06:00 ----A---- C:\Windows\system32\sdshext.dll
2009-07-09 19:06:00 ----A---- C:\Windows\system32\sdrsvc.dll
2009-07-09 19:06:00 ----A---- C:\Windows\system32\migisol.dll
2009-07-09 19:06:00 ----A---- C:\Windows\system32\MigAutoPlay.exe
2009-07-09 19:05:59 ----A---- C:\Windows\system32\shutdown.exe
2009-07-09 19:05:59 ----A---- C:\Windows\system32\shrpubw.exe
2009-07-09 19:05:59 ----A---- C:\Windows\system32\shrink.dll
2009-07-09 19:05:59 ----A---- C:\Windows\system32\shimgvw.dll
2009-07-09 19:05:59 ----A---- C:\Windows\system32\shgina.dll
2009-07-09 19:05:59 ----A---- C:\Windows\system32\shacct.dll
2009-07-09 19:05:58 ----A---- C:\Windows\system32\SmiInstaller.dll
2009-07-09 19:05:58 ----A---- C:\Windows\system32\SessEnv.dll
2009-07-09 19:05:57 ----A---- C:\Windows\system32\sfc_os.dll
2009-07-09 19:05:57 ----A---- C:\Windows\system32\sfc.exe
2009-07-09 19:05:57 ----A---- C:\Windows\system32\setupugc.exe
2009-07-09 19:05:57 ----A---- C:\Windows\system32\setupSNK.exe
2009-07-09 19:05:57 ----A---- C:\Windows\system32\setupcln.dll
2009-07-09 19:05:57 ----A---- C:\Windows\system32\setupcl.exe
2009-07-09 19:05:57 ----A---- C:\Windows\system32\setbcdlocale.dll
2009-07-09 19:05:57 ----A---- C:\Windows\system32\serialui.dll
2009-07-09 19:05:57 ----A---- C:\Windows\system32\Sens.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\QAGENT.DLL
2009-07-09 19:05:56 ----A---- C:\Windows\system32\puiobj.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\psbase.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\provthrd.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\prevhost.exe
2009-07-09 19:05:56 ----A---- C:\Windows\system32\pots.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\PortableDeviceWiaCompat.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\pnrpnsp.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\PNPXAssocPrx.dll
2009-07-09 19:05:56 ----A---- C:\Windows\system32\pnpts.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\profprov.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\procinst.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\prntvpt.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\pcasvc.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\pcadm.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\p2pnetsh.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\p2phost.exe
2009-07-09 19:05:55 ----A---- C:\Windows\system32\p2pcollab.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\P2P.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\osblprov.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\osbaseln.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\OptionalFeatures.exe
2009-07-09 19:05:55 ----A---- C:\Windows\system32\olethk32.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\olesvr32.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\oledlg.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\olecli32.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\oleacc.dll
2009-07-09 19:05:55 ----A---- C:\Windows\system32\ogldrv.dll
2009-07-09 19:05:49 ----A---- C:\Windows\system32\runonce.exe
2009-07-09 19:05:49 ----A---- C:\Windows\system32\rstrui.exe
2009-07-09 19:05:49 ----A---- C:\Windows\system32\RstrtMgr.dll
2009-07-09 19:05:49 ----A---- C:\Windows\system32\rshx32.dll
2009-07-09 19:05:49 ----A---- C:\Windows\system32\PlaySndSrv.dll
2009-07-09 19:05:49 ----A---- C:\Windows\system32\pla.dll
2009-07-09 19:05:49 ----A---- C:\Windows\system32\PING.EXE
2009-07-09 19:05:49 ----A---- C:\Windows\system32\perfts.dll
2009-07-09 19:05:49 ----A---- C:\Windows\system32\perfnet.dll
2009-07-09 19:05:49 ----A---- C:\Windows\system32\perfmon.msc
2009-07-09 19:05:49 ----A---- C:\Windows\system32\perfmon.exe
2009-07-09 19:05:49 ----A---- C:\Windows\system32\pdhui.dll
2009-07-09 19:05:48 ----A---- C:\Windows\system32\sdengin2.dll
2009-07-09 19:05:48 ----A---- C:\Windows\system32\sdchange.exe
2009-07-09 19:05:48 ----A---- C:\Windows\system32\schtasks.exe
2009-07-09 19:05:48 ----A---- C:\Windows\system32\sbunattend.exe
2009-07-09 19:05:48 ----A---- C:\Windows\system32\rtm.dll
2009-07-09 19:05:48 ----A---- C:\Windows\system32\RpcPing.exe
2009-07-09 19:05:48 ----A---- C:\Windows\system32\ROUTE.EXE
2009-07-09 19:05:48 ----A---- C:\Windows\system32\Robocopy.exe
2009-07-09 19:05:48 ----A---- C:\Windows\system32\riched32.dll
2009-07-09 19:05:48 ----A---- C:\Windows\system32\rgb9rast.dll
2009-07-09 19:05:48 ----A---- C:\Windows\system32\resutils.dll
2009-07-09 19:05:48 ----A---- C:\Windows\system32\RESAMPLEDMO.DLL
2009-07-09 19:05:47 ----A---- C:\Windows\system32\sbeio.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\sbe.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\remotepg.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\regini.exe
2009-07-09 19:05:47 ----A---- C:\Windows\system32\RegCtrl.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\rdrleakdiag.exe
2009-07-09 19:05:47 ----A---- C:\Windows\system32\RDPENCDD.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\rasctrs.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\rascfg.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\rasauto.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\RacAgent.exe
2009-07-09 19:05:47 ----A---- C:\Windows\system32\qwave.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\QUTIL.DLL
2009-07-09 19:05:47 ----A---- C:\Windows\system32\QSVRMGMT.DLL
2009-07-09 19:05:47 ----A---- C:\Windows\system32\QSHVHOST.DLL
2009-07-09 19:05:47 ----A---- C:\Windows\system32\qdv.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\QCLIPROV.DLL
2009-07-09 19:05:47 ----A---- C:\Windows\system32\qcap.dll
2009-07-09 19:05:47 ----A---- C:\Windows\system32\qasf.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\rdpdd.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\rdpcfgex.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\rasqec.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\rasphone.exe
2009-07-09 19:05:46 ----A---- C:\Windows\system32\RASMM.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\rasman.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\raserver.exe
2009-07-09 19:05:46 ----A---- C:\Windows\system32\devenum.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\Defrag.exe
2009-07-09 19:05:46 ----A---- C:\Windows\system32\dbnetlib.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3dxof.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3dim700.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3dim.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3d8.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3d10core.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3d10_1.dll
2009-07-09 19:05:46 ----A---- C:\Windows\system32\d3d10.dll
2009-07-09 19:05:46 ----A---- C:\Windows\regedit.exe
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby gabol » July 25th, 2009, 2:07 pm

2009-07-09 19:05:45 ----A---- C:\Windows\system32\dispex.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\dispdiag.exe
2009-07-09 19:05:45 ----A---- C:\Windows\system32\dispci.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\dinput8.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\dimsjob.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\diantz.exe
2009-07-09 19:05:45 ----A---- C:\Windows\system32\DfrgNtfs.exe
2009-07-09 19:05:45 ----A---- C:\Windows\system32\ddraw.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\dbghelp.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\csrss.exe
2009-07-09 19:05:45 ----A---- C:\Windows\system32\csrsrv.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\cryptnet.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\cryptdll.dll
2009-07-09 19:05:45 ----A---- C:\Windows\system32\credssp.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\dhcpsapi.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\DHCPQEC.DLL
2009-07-09 19:05:44 ----A---- C:\Windows\system32\DfsShlEx.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\dfrgui.exe
2009-07-09 19:05:44 ----A---- C:\Windows\system32\dfrgifc.exe
2009-07-09 19:05:44 ----A---- C:\Windows\system32\dfrgfat.exe
2009-07-09 19:05:44 ----A---- C:\Windows\system32\DFDWiz.exe
2009-07-09 19:05:44 ----A---- C:\Windows\system32\dfdts.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\comres.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\comrepl.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cmlua.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cmipnpinstall.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cmifw.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cmicryptinstall.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cmdl32.exe
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cmd.exe
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cmcfg32.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\clusapi.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\clfsw32.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\clbcatq.dll
2009-07-09 19:05:44 ----A---- C:\Windows\system32\cic.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\convert.exe
2009-07-09 19:05:43 ----A---- C:\Windows\system32\consent.exe
2009-07-09 19:05:43 ----A---- C:\Windows\system32\comsnap.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\ComputerDefaults.exe
2009-07-09 19:05:43 ----A---- C:\Windows\system32\compstui.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\CompMgmtLauncher.exe
2009-07-09 19:05:43 ----A---- C:\Windows\system32\CompatUI.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\colorui.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\COLORCNV.DLL
2009-07-09 19:05:43 ----A---- C:\Windows\system32\colbact.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\cofiredm.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\cmutil.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\cmstplua.dll
2009-07-09 19:05:43 ----A---- C:\Windows\system32\cmstp.exe
2009-07-09 19:05:43 ----A---- C:\Windows\system32\cmpbk32.dll
2009-07-09 19:05:42 ----A---- C:\Windows\system32\esentutl.exe
2009-07-09 19:05:42 ----A---- C:\Windows\system32\esentprf.dll
2009-07-09 19:05:42 ----A---- C:\Windows\system32\EncDump.dll
2009-07-09 19:05:42 ----A---- C:\Windows\system32\els.dll
2009-07-09 19:05:42 ----A---- C:\Windows\system32\efsadu.dll
2009-07-09 19:05:42 ----A---- C:\Windows\system32\eapsvc.dll
2009-07-09 19:05:42 ----A---- C:\Windows\system32\EAPQEC.DLL
2009-07-09 19:05:42 ----A---- C:\Windows\system32\eappprxy.dll
2009-07-09 19:05:42 ----A---- C:\Windows\system32\comctl32.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\fmifs.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\FirewallControlPanel.exe
2009-07-09 19:05:41 ----A---- C:\Windows\system32\FirewallAPI.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\findnetprinters.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\filemgmt.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\fdPHost.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\fde.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\extrac32.exe
2009-07-09 19:05:41 ----A---- C:\Windows\system32\expand.exe
2009-07-09 19:05:41 ----A---- C:\Windows\system32\eventcls.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\driverquery.exe
2009-07-09 19:05:41 ----A---- C:\Windows\system32\dpx.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\dot3ui.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\dot3gpui.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\dot3gpclnt.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\dot3dlg.dll
2009-07-09 19:05:41 ----A---- C:\Windows\system32\dot3api.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dxva2.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dxgi.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dxdiagn.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dxdiag.exe
2009-07-09 19:05:40 ----A---- C:\Windows\system32\DWWIN.EXE
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dwmredir.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dwmapi.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dskquoui.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dskquota.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dsdmo.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dsauth.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dps.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dpnet.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\DpiScaling.exe
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dnshc.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dnscacheugc.exe
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmvdsitf.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmutil.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmscript.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmocx.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmloader.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmime.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmdskres2.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmdskmgr.dll
2009-07-09 19:05:40 ----A---- C:\Windows\system32\dmdlgs.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\duser.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\dsuiext.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\dssenh.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\dssec.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\dsquery.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\AudioEng.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\audiodev.dll
2009-07-09 19:05:39 ----A---- C:\Windows\system32\at.exe
2009-07-09 19:05:38 ----A---- C:\Windows\system32\bitsadmin.exe
2009-07-09 19:05:38 ----A---- C:\Windows\system32\bcdsrv.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\bcdprov.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\bcdedit.exe
2009-07-09 19:05:38 ----A---- C:\Windows\system32\batt.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\basesrv.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\AuxiliaryDisplayApi.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\AuthFWSnapin.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\AuthFWGP.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\authfwcfg.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\auditpol.exe
2009-07-09 19:05:38 ----A---- C:\Windows\system32\AUDIOKSE.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\atl.dll
2009-07-09 19:05:38 ----A---- C:\Windows\system32\AtBroker.exe
2009-07-09 19:05:38 ----A---- C:\Windows\bfsvc.exe
2009-07-09 19:05:37 ----A---- C:\Windows\system32\AzSqlExt.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\azroleui.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\avrt.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\avifil32.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\ACW.exe
2009-07-09 19:05:37 ----A---- C:\Windows\system32\actxprxy.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\activeds.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\ActiveContentWizard.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\ActionQueue.dll
2009-07-09 19:05:37 ----A---- C:\Windows\system32\aclui.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\catsrvut.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\catsrv.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\capisp.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\cacls.exe
2009-07-09 19:05:36 ----A---- C:\Windows\system32\cabview.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\cabinet.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\btpanui.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\BOOTVID.DLL
2009-07-09 19:05:36 ----A---- C:\Windows\system32\bootstr.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\apss.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\appinfo.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\apircl.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\apilogen.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\amxread.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\amstream.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\alg.exe
2009-07-09 19:05:36 ----A---- C:\Windows\system32\adsnt.dll
2009-07-09 19:05:36 ----A---- C:\Windows\system32\adsldp.dll
2009-07-09 19:05:35 ----A---- C:\Windows\system32\cfgmgr32.dll
2009-07-09 19:05:35 ----A---- C:\Windows\system32\cfgbkend.dll
2009-07-09 19:05:35 ----A---- C:\Windows\system32\cewmdm.dll
2009-07-09 19:05:35 ----A---- C:\Windows\system32\CertEnrollCtrl.exe
2009-07-09 19:05:35 ----A---- C:\Windows\system32\cdosys.dll
2009-07-09 19:05:35 ----A---- C:\Windows\system32\browser.dll
2009-07-09 19:05:35 ----A---- C:\Windows\system32\bridgeunattend.exe
2009-07-09 19:05:35 ----A---- C:\Windows\system32\brcplsdw.dll
2009-07-09 19:05:34 ----A---- C:\Windows\system32\bootcfg.exe
2009-07-09 19:05:31 ----A---- C:\Windows\system32\InfDefaultInstall.exe
2009-07-09 19:05:31 ----A---- C:\Windows\system32\inetmib1.dll
2009-07-09 19:05:31 ----A---- C:\Windows\system32\imagesp1.dll
2009-07-09 19:05:31 ----A---- C:\Windows\system32\imagehlp.dll
2009-07-09 19:05:30 ----A---- C:\Windows\system32\icaapi.dll
2009-07-09 19:05:30 ----A---- C:\Windows\system32\iashost.exe
2009-07-09 19:05:30 ----A---- C:\Windows\system32\ias.dll
2009-07-09 19:05:29 ----A---- C:\Windows\system32\ifsutil.dll
2009-07-09 19:05:29 ----A---- C:\Windows\system32\idndl.dll
2009-07-09 19:05:29 ----A---- C:\Windows\system32\icsunattend.exe
2009-07-09 19:05:29 ----A---- C:\Windows\system32\icsfiltr.dll
2009-07-09 19:05:29 ----A---- C:\Windows\system32\icm32.dll
2009-07-09 19:05:29 ----A---- C:\Windows\system32\icfupgd.dll
2009-07-09 19:05:29 ----A---- C:\Windows\system32\icacls.exe
2009-07-09 19:05:29 ----A---- C:\Windows\system32\httpapi.dll
2009-07-09 19:05:27 ----A---- C:\Windows\system32\HotStartUserAgent.dll
2009-07-09 19:05:27 ----A---- C:\Windows\system32\hnetmon.dll
2009-07-09 19:05:27 ----A---- C:\Windows\system32\hnetcfg.dll
2009-07-09 19:05:27 ----A---- C:\Windows\system32\hlink.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\HelpPaneProxy.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\GuidedHelp.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\graftabl.com
2009-07-09 19:05:26 ----A---- C:\Windows\system32\getmac.exe
2009-07-09 19:05:26 ----A---- C:\Windows\system32\gatherWirelessInfo.vbs
2009-07-09 19:05:26 ----A---- C:\Windows\system32\gatherWiredInfo.vbs
2009-07-09 19:05:26 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\gacinstall.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\fwcfg.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\fsutil.exe
2009-07-09 19:05:26 ----A---- C:\Windows\system32\fsmgmt.msc
2009-07-09 19:05:26 ----A---- C:\Windows\system32\framedynos.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\framedyn.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\framebuf.dll
2009-07-09 19:05:26 ----A---- C:\Windows\system32\fphc.dll
2009-07-09 19:05:26 ----A---- C:\Windows\HelpPane.exe
2009-07-09 19:05:26 ----A---- C:\Windows\fveupdate.exe
2009-07-09 19:05:21 ----A---- C:\Windows\system32\WindowsAnytimeUpgrade.exe
2009-07-09 19:05:20 ----A---- C:\Windows\system32\wiadss.dll
2009-07-09 19:05:20 ----A---- C:\Windows\system32\wiadefui.dll
2009-07-09 19:05:20 ----A---- C:\Windows\system32\wiaacmgr.exe
2009-07-09 19:05:20 ----A---- C:\Windows\system32\wfapigp.dll
2009-07-09 19:05:20 ----A---- C:\Windows\system32\wevtfwd.dll
2009-07-09 19:05:19 ----A---- C:\Windows\system32\wintrust.dll
2009-07-09 19:05:19 ----A---- C:\Windows\system32\winsta.dll
2009-07-09 19:05:19 ----A---- C:\Windows\system32\WINSRPC.DLL
2009-07-09 19:05:19 ----A---- C:\Windows\system32\wiashext.dll
2009-07-09 19:05:19 ----A---- C:\Windows\system32\wiascanprofiles.dll
2009-07-09 19:05:19 ----A---- C:\Windows\system32\wiarpc.dll
2009-07-09 19:05:18 ----A---- C:\Windows\system32\WLanConn.dll
2009-07-09 19:05:18 ----A---- C:\Windows\system32\wlancfg.dll
2009-07-09 19:05:18 ----A---- C:\Windows\system32\wlanapi.dll
2009-07-09 19:05:18 ----A---- C:\Windows\system32\winusb.dll
2009-07-09 19:05:18 ----A---- C:\Windows\system32\WinSATAPI.dll
2009-07-09 19:05:18 ----A---- C:\Windows\system32\winrsmgr.dll
2009-07-09 19:05:17 ----A---- C:\Windows\system32\wkssvc.dll
2009-07-09 19:05:17 ----A---- C:\Windows\system32\winrshost.exe
2009-07-09 19:05:17 ----A---- C:\Windows\system32\winrscmd.dll
2009-07-09 19:05:17 ----A---- C:\Windows\system32\winrs.exe
2009-07-09 19:05:17 ----A---- C:\Windows\system32\winrm.vbs
2009-07-09 19:05:17 ----A---- C:\Windows\system32\winnsi.dll
2009-07-09 19:05:17 ----A---- C:\Windows\system32\wininit.exe
2009-07-09 19:05:17 ----A---- C:\Windows\system32\winethc.dll
2009-07-09 19:05:16 ----A---- C:\Windows\system32\wbemcomn.dll
2009-07-09 19:05:16 ----A---- C:\Windows\system32\wavemsp.dll
2009-07-09 19:05:16 ----A---- C:\Windows\system32\WavDest.dll
2009-07-09 19:05:16 ----A---- C:\Windows\system32\waitfor.exe
2009-07-09 19:05:16 ----A---- C:\Windows\system32\w32tm.exe
2009-07-09 19:05:16 ----A---- C:\Windows\system32\vsstrace.dll
2009-07-09 19:05:16 ----A---- C:\Windows\system32\vssadmin.exe
2009-07-09 19:05:16 ----A---- C:\Windows\system32\vss_ps.dll
2009-07-09 19:05:15 ----A---- C:\Windows\system32\wermgr.exe
2009-07-09 19:05:15 ----A---- C:\Windows\system32\werdiagcontroller.dll
2009-07-09 19:05:15 ----A---- C:\Windows\system32\wercplsupport.dll
2009-07-09 19:05:15 ----A---- C:\Windows\system32\wecutil.exe
2009-07-09 19:05:15 ----A---- C:\Windows\system32\wecsvc.dll
2009-07-09 19:05:15 ----A---- C:\Windows\system32\wecapi.dll
2009-07-09 19:05:14 ----A---- C:\Windows\system32\wscproxystub.dll
2009-07-09 19:05:14 ----A---- C:\Windows\system32\wdigest.dll
2009-07-09 19:05:14 ----A---- C:\Windows\system32\wdi.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wship6.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wshcon.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wsecedit.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wscmisetup.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\ws2_32.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wpnpinst.exe
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wpdwcn.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\WPDSp.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\WpdMtpUS.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\WpdMtp.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\WpdConns.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wpd_ci.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\wpclsp.dll
2009-07-09 19:05:13 ----A---- C:\Windows\system32\Wpc.dll
2009-07-09 19:05:12 ----A---- C:\Windows\system32\xcopy.exe
2009-07-09 19:05:12 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-07-09 19:05:12 ----A---- C:\Windows\system32\wpdshext.dll
2009-07-09 19:05:11 ----A---- C:\Windows\system32\XPSSHHDR.dll
2009-07-09 19:05:11 ----A---- C:\Windows\system32\xolehlp.dll
2009-07-09 19:05:11 ----A---- C:\Windows\system32\xmlprovi.dll
2009-07-09 19:05:11 ----A---- C:\Windows\system32\xmllite.dll
2009-07-09 19:05:11 ----A---- C:\Windows\system32\xactsrv.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\xwizards.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\xpssvcs.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\wzcdlg.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\wvc.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WUDFx.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WUDFSvc.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WUDFPlatform.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WUDFHost.exe
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WUDFCoinstaller.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\wtsapi32.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\wsqmcons.exe
2009-07-09 19:05:10 ----A---- C:\Windows\system32\wsock32.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WsmWmiPl.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WsmRes.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WsmProv.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WsmCl.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WsmAuto.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WSManMigrationPlugin.dll
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WSManHTTPConfig.exe
2009-07-09 19:05:10 ----A---- C:\Windows\system32\WSHTCPIP.DLL
2009-07-09 19:05:09 ----A---- C:\Windows\system32\wmidx.dll
2009-07-09 19:05:09 ----A---- C:\Windows\system32\wlansec.dll
2009-07-09 19:05:09 ----A---- C:\Windows\system32\WlanMmHC.dll
2009-07-09 19:05:09 ----A---- C:\Windows\system32\wlanext.exe
2009-07-09 19:05:09 ----A---- C:\Windows\system32\wlandlg.dll
2009-07-09 19:05:08 ----A---- C:\Windows\system32\WMSPDMOE.DLL
2009-07-09 19:05:08 ----A---- C:\Windows\system32\WMSPDMOD.DLL
2009-07-09 19:05:08 ----A---- C:\Windows\system32\wmpsrcwp.dll
2009-07-09 19:05:08 ----A---- C:\Windows\system32\wmpshell.dll
2009-07-09 19:05:08 ----A---- C:\Windows\system32\wmdrmnet.dll
2009-07-09 19:05:08 ----A---- C:\Windows\system32\wmdrmdev.dll
2009-07-09 19:05:08 ----A---- C:\Windows\system32\WMASF.DLL
2009-07-09 19:05:08 ----A---- C:\Windows\system32\WMADMOE.DLL
2009-07-09 19:05:08 ----A---- C:\Windows\system32\WMADMOD.DLL
2009-07-09 19:05:08 ----A---- C:\Windows\system32\WlanMM.dll
2009-07-09 19:05:08 ----A---- C:\Windows\system32\WLanHC.dll
2009-07-09 19:05:06 ----A---- C:\Windows\system32\WMVSENCD.DLL
2009-07-09 19:05:06 ----A---- C:\Windows\system32\wmvdspa.dll
2009-07-09 19:05:06 ----A---- C:\Windows\system32\WMVDECOD.DLL
2009-07-09 19:05:06 ----A---- C:\Windows\system32\WMPEncEn.dll
2009-07-09 19:05:06 ----A---- C:\Windows\system32\wmpdxm.dll
2009-07-09 19:05:06 ----A---- C:\Windows\system32\wmiprop.dll
2009-07-09 19:05:04 ----A---- C:\Windows\system32\wmpcm.dll
2009-07-09 19:05:02 ----A---- C:\Windows\system32\Tabbtn.dll
2009-07-09 19:05:02 ----A---- C:\Windows\system32\systeminfo.exe
2009-07-09 19:04:59 ----A---- C:\Windows\system32\tbssvc.dll
2009-07-09 19:04:59 ----A---- C:\Windows\system32\tbs.dll
2009-07-09 19:04:59 ----A---- C:\Windows\system32\taskschd.dll
2009-07-09 19:04:59 ----A---- C:\Windows\system32\taskmgr.exe
2009-07-09 19:04:59 ----A---- C:\Windows\system32\tasklist.exe
2009-07-09 19:04:59 ----A---- C:\Windows\system32\taskkill.exe
2009-07-09 19:04:58 ----A---- C:\Windows\system32\tdh.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\tcpmon.ini
2009-07-09 19:04:58 ----A---- C:\Windows\system32\TapiMigPlugin.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\takeown.exe
2009-07-09 19:04:58 ----A---- C:\Windows\system32\tabcal.exe
2009-07-09 19:04:58 ----A---- C:\Windows\system32\TabbtnEx.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\sstpsvc.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\SSShim.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\ssdpsrv.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\srwmi.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\srrstr.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\srdelayed.exe
2009-07-09 19:04:58 ----A---- C:\Windows\system32\srclient.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\sqmapi.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\sqlcese30.dll
2009-07-09 19:04:58 ----A---- C:\Windows\system32\sqlceqp30.dll
2009-07-09 19:04:55 ----A---- C:\Windows\system32\spwizeng.dll
2009-07-09 19:04:55 ----A---- C:\Windows\system32\spbcd.dll
2009-07-09 19:04:55 ----A---- C:\Windows\system32\SoundRecorder.exe
2009-07-09 19:04:54 ----A---- C:\Windows\system32\spwizres.dll
2009-07-09 19:04:54 ----A---- C:\Windows\system32\spwizimg.dll
2009-07-09 19:04:54 ----A---- C:\Windows\system32\sppnp.dll
2009-07-09 19:04:54 ----A---- C:\Windows\system32\spopk.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\userinit.exe
2009-07-09 19:04:53 ----A---- C:\Windows\system32\usbui.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\usbperf.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\usbmon.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\upnphost.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\upnpcont.exe
2009-07-09 19:04:53 ----A---- C:\Windows\system32\upnp.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\syssetup.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\syskey.exe
2009-07-09 19:04:53 ----A---- C:\Windows\system32\SysFxUI.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\syncui.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\synceng.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\sxstrace.exe
2009-07-09 19:04:53 ----A---- C:\Windows\system32\sxsstore.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\sxs.dll
2009-07-09 19:04:53 ----A---- C:\Windows\system32\svchost.exe
2009-07-09 19:04:53 ----A---- C:\Windows\system32\sti_ci.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\xwtpw32.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\VIDRESZR.DLL
2009-07-09 19:04:52 ----A---- C:\Windows\system32\vga64k.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\vga256.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\vga.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\vfwwdm32.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\verifier.exe
2009-07-09 19:04:52 ----A---- C:\Windows\system32\verifier.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\vds_ps.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\VAN.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\uxtheme.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\uudf.dll
2009-07-09 19:04:52 ----A---- C:\Windows\system32\utildll.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\vdsldr.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\vdsbas.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\vdmredir.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\unregmp2.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\unlodctr.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\unbcl.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\unattendedjoin.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\unattend.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\umb.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\UIHub.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\UI0Detect.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\ufat.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\uexfat.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\ucsvc.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\txfw32.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\txflog.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\TSpkg.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\tsddd.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\trkwks.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\tracerpt.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\TpmInit.exe
2009-07-09 19:04:51 ----A---- C:\Windows\system32\TMM.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\TimeDateMUICallback.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\thumbcache.dll
2009-07-09 19:04:51 ----A---- C:\Windows\system32\termmgr.dll
2009-07-09 12:52:40 ----A---- C:\Windows\system32\iesetup.dll
2009-07-09 12:52:39 ----A---- C:\Windows\system32\wininet.dll
2009-07-09 12:52:39 ----A---- C:\Windows\system32\ieui.dll
2009-07-09 12:52:39 ----A---- C:\Windows\system32\iertutil.dll
2009-07-09 12:52:39 ----A---- C:\Windows\system32\iernonce.dll
2009-07-09 12:52:39 ----A---- C:\Windows\system32\ie4uinit.exe
2009-07-09 12:52:38 ----A---- C:\Windows\system32\urlmon.dll
2009-07-09 12:52:38 ----A---- C:\Windows\system32\jsproxy.dll
2009-07-09 12:52:38 ----A---- C:\Windows\system32\iedkcs32.dll
2009-07-09 12:52:36 ----A---- C:\Windows\system32\mshtml.dll
2009-07-09 12:52:36 ----A---- C:\Windows\system32\ieframe.dll
2009-07-09 12:51:14 ----A---- C:\Windows\system32\mshtmled.dll
2009-07-09 12:51:14 ----A---- C:\Windows\system32\icardie.dll
2009-07-09 12:51:13 ----A---- C:\Windows\system32\msls31.dll
2009-07-09 12:51:13 ----A---- C:\Windows\system32\mshtmler.dll
2009-07-09 12:51:13 ----A---- C:\Windows\system32\ieakeng.dll
2009-07-09 12:51:13 ----A---- C:\Windows\system32\corpol.dll
2009-07-09 12:51:13 ----A---- C:\Windows\system32\admparse.dll
2009-07-09 12:51:12 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-07-09 12:51:12 ----A---- C:\Windows\system32\licmgr10.dll
2009-07-09 12:51:12 ----A---- C:\Windows\system32\inseng.dll
2009-07-09 12:51:12 ----A---- C:\Windows\system32\imgutil.dll
2009-07-09 12:51:12 ----A---- C:\Windows\system32\iepeers.dll
2009-07-09 12:51:12 ----A---- C:\Windows\system32\dxtrans.dll
2009-07-09 12:51:12 ----A---- C:\Windows\system32\dxtmsft.dll
2009-07-09 12:51:11 ----A---- C:\Windows\system32\WinFXDocObj.exe
2009-07-09 12:51:11 ----A---- C:\Windows\system32\wextract.exe
2009-07-09 12:51:11 ----A---- C:\Windows\system32\webcheck.dll
2009-07-09 12:51:11 ----A---- C:\Windows\system32\occache.dll
2009-07-09 12:51:11 ----A---- C:\Windows\system32\mstime.dll
2009-07-09 12:51:11 ----A---- C:\Windows\system32\msrating.dll
2009-07-09 12:51:11 ----A---- C:\Windows\system32\msfeedssync.exe
2009-07-09 12:51:11 ----A---- C:\Windows\system32\ieakui.dll
2009-07-09 12:51:11 ----A---- C:\Windows\system32\ieaksie.dll
2009-07-09 12:51:10 ----A---- C:\Windows\system32\pngfilt.dll
2009-07-09 12:51:10 ----A---- C:\Windows\system32\msfeeds.dll
2009-07-09 12:51:10 ----A---- C:\Windows\system32\ieapfltr.dll
2009-07-09 12:51:10 ----A---- C:\Windows\system32\advpack.dll
2009-07-09 12:51:09 ----A---- C:\Windows\system32\vbscript.dll
2009-07-09 12:51:09 ----A---- C:\Windows\system32\url.dll
2009-07-09 12:51:09 ----A---- C:\Windows\system32\jscript.dll
2009-07-09 12:51:08 ----A---- C:\Windows\system32\mshta.exe
2009-07-09 12:51:08 ----A---- C:\Windows\system32\iexpress.exe
2009-07-09 12:51:07 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2009-07-09 12:51:07 ----A---- C:\Windows\system32\SetDepNx.exe
2009-07-09 12:51:07 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2009-07-09 12:51:07 ----A---- C:\Windows\system32\PDMSetup.exe
2009-07-09 12:51:07 ----A---- C:\Windows\system32\ieUnatt.exe
2009-07-09 12:51:07 ----A---- C:\Windows\system32\iesysprep.dll
2009-07-07 14:17:42 ----D---- C:\Program Files\Ratajik Software
2009-07-07 09:28:50 ----D---- C:\Users\Hector\AppData\Roaming\Mozilla
2009-07-07 09:28:34 ----D---- C:\Program Files\Mozilla Firefox
2009-07-06 12:34:34 ----HD---- C:\$AVG8.VAULT$
2009-07-06 12:06:08 ----A---- C:\Windows\system32\avgrsstx.dll
2009-07-06 12:05:52 ----D---- C:\Program Files\AVG
2009-07-06 12:05:51 ----D---- C:\ProgramData\avg8
2009-07-06 11:54:22 ----D---- C:\Users\Hector\AppData\Roaming\muvee Technologies
2009-07-06 11:53:32 ----AD---- C:\ProgramData\TEMP
2009-07-06 11:25:12 ----D---- C:\ProgramData\Apple Computer
2009-07-06 11:25:12 ----D---- C:\Program Files\QuickTime
2009-07-06 11:24:50 ----D---- C:\ProgramData\Apple
2009-07-06 11:24:50 ----D---- C:\Program Files\Apple Software Update
2009-07-06 10:40:24 ----A---- C:\Windows\system32\difxapi.dll
2009-07-06 10:40:04 ----D---- C:\Intel
2009-07-06 10:40:03 ----D---- C:\Users\Hector\AppData\Roaming\InstallShield
2009-07-06 10:13:31 ----D---- C:\Windows\Minidump
2009-07-04 15:09:51 ----D---- C:\ProgramData\FLEXnet
2009-07-04 15:09:17 ----D---- C:\Users\Hector\AppData\Roaming\Adobe
2009-07-04 15:09:10 ----D---- C:\Program Files\Common Files\Macrovision Shared
2009-07-04 15:04:44 ----A---- C:\Windows\ODBCINST.INI
2009-07-04 14:02:56 ----A---- C:\Windows\system32\winipsec.dll
2009-07-04 14:02:55 ----A---- C:\Windows\system32\polstore.dll
2009-07-04 14:00:52 ----A---- C:\Windows\system32\msxml3r.dll
2009-07-04 00:32:03 ----A---- C:\Windows\system32\localspl.dll
2009-07-04 00:26:53 ----A---- C:\Windows\system32\hcrstco.dll
2009-07-04 00:26:53 ----A---- C:\Windows\system32\hccoin.dll
2009-07-04 00:23:55 ----A---- C:\Windows\system32\NlsLexicons0047.dll
2009-07-04 00:23:55 ----A---- C:\Windows\system32\NlsLexicons0046.dll
2009-07-04 00:23:55 ----A---- C:\Windows\system32\NlsLexicons0045.dll
2009-07-04 00:23:54 ----A---- C:\Windows\system32\NlsLexicons0049.dll
2009-07-04 00:23:54 ----A---- C:\Windows\system32\NlsLexicons0039.dll
2009-07-04 00:23:54 ----A---- C:\Windows\system32\NlsLexicons0022.dll
2009-07-04 00:23:54 ----A---- C:\Windows\system32\NlsLexicons0021.dll
2009-07-04 00:23:54 ----A---- C:\Windows\system32\NlsLexicons0020.dll
2009-07-04 00:23:53 ----A---- C:\Windows\system32\NlsLexicons0027.dll
2009-07-04 00:23:53 ----A---- C:\Windows\system32\NlsLexicons0026.dll
2009-07-04 00:23:53 ----A---- C:\Windows\system32\NlsLexicons0024.dll
2009-07-04 00:23:52 ----A---- C:\Windows\system32\NlsLexicons0013.dll
2009-07-04 00:23:52 ----A---- C:\Windows\system32\NlsLexicons0011.dll
2009-07-04 00:23:52 ----A---- C:\Windows\system32\NlsLexicons0010.dll
2009-07-04 00:23:51 ----A---- C:\Windows\system32\NlsLexicons0019.dll
2009-07-04 00:23:51 ----A---- C:\Windows\system32\NlsLexicons0018.dll
2009-07-04 00:23:50 ----A---- C:\Windows\system32\NlsLexicons0003.dll
2009-07-04 00:23:50 ----A---- C:\Windows\system32\NlsLexicons0002.dll
2009-07-04 00:23:50 ----A---- C:\Windows\system32\NlsLexicons0001.dll
2009-07-04 00:23:49 ----A---- C:\Windows\system32\NlsLexicons004b.dll
2009-07-04 00:23:49 ----A---- C:\Windows\system32\NlsLexicons004a.dll
2009-07-04 00:23:48 ----A---- C:\Windows\system32\NlsLexicons004e.dll
2009-07-04 00:23:48 ----A---- C:\Windows\system32\NlsLexicons004c.dll
2009-07-04 00:23:48 ----A---- C:\Windows\system32\NlsLexicons003e.dll
2009-07-04 00:23:48 ----A---- C:\Windows\system32\NlsLexicons002a.dll
2009-07-04 00:23:47 ----A---- C:\Windows\system32\NlsLexicons001d.dll
2009-07-04 00:23:47 ----A---- C:\Windows\system32\NlsLexicons001b.dll
2009-07-04 00:23:47 ----A---- C:\Windows\system32\NlsLexicons001a.dll
2009-07-04 00:23:46 ----A---- C:\Windows\system32\NlsLexicons000d.dll
2009-07-04 00:23:46 ----A---- C:\Windows\system32\NlsLexicons000c.dll
2009-07-04 00:23:46 ----A---- C:\Windows\system32\NlsLexicons000a.dll
2009-07-04 00:23:45 ----A---- C:\Windows\system32\NlsLexicons0816.dll
2009-07-04 00:23:45 ----A---- C:\Windows\system32\NlsLexicons0416.dll
2009-07-04 00:23:45 ----A---- C:\Windows\system32\NlsLexicons0414.dll
2009-07-04 00:23:45 ----A---- C:\Windows\system32\NlsLexicons000f.dll
2009-07-04 00:23:44 ----A---- C:\Windows\system32\NlsModels0011.dll
2009-07-04 00:23:44 ----A---- C:\Windows\system32\NlsLexicons081a.dll
2009-07-04 00:23:44 ----A---- C:\Windows\system32\NlsData0045.dll
2009-07-04 00:23:43 ----A---- C:\Windows\system32\NlsData0049.dll
2009-07-04 00:23:43 ----A---- C:\Windows\system32\NlsData0047.dll
2009-07-04 00:23:43 ----A---- C:\Windows\system32\NlsData0046.dll
2009-07-04 00:23:43 ----A---- C:\Windows\system32\NlsData0039.dll
2009-07-04 00:23:43 ----A---- C:\Windows\system32\NlsData0020.dll
2009-07-04 00:23:42 ----A---- C:\Windows\system32\NlsData0027.dll
2009-07-04 00:23:42 ----A---- C:\Windows\system32\NlsData0026.dll
2009-07-04 00:23:42 ----A---- C:\Windows\system32\NlsData0024.dll
2009-07-04 00:23:42 ----A---- C:\Windows\system32\NlsData0022.dll
2009-07-04 00:23:42 ----A---- C:\Windows\system32\NlsData0021.dll
2009-07-04 00:23:41 ----A---- C:\Windows\system32\NlsData0018.dll
2009-07-04 00:23:41 ----A---- C:\Windows\system32\NlsData0013.dll
2009-07-04 00:23:41 ----A---- C:\Windows\system32\NlsData0011.dll
2009-07-04 00:23:41 ----A---- C:\Windows\system32\NlsData0010.dll
2009-07-04 00:23:41 ----A---- C:\Windows\system32\NlsData0000.dll
2009-07-04 00:23:40 ----A---- C:\Windows\system32\NlsData0019.dll
2009-07-04 00:23:40 ----A---- C:\Windows\system32\NlsData0003.dll
2009-07-04 00:23:40 ----A---- C:\Windows\system32\NlsData0002.dll
2009-07-04 00:23:40 ----A---- C:\Windows\system32\NlsData0001.dll
2009-07-04 00:23:39 ----A---- C:\Windows\system32\NlsData004c.dll
2009-07-04 00:23:39 ----A---- C:\Windows\system32\NlsData004b.dll
2009-07-04 00:23:39 ----A---- C:\Windows\system32\NlsData004a.dll
2009-07-04 00:23:39 ----A---- C:\Windows\system32\NlsData0009.dll
2009-07-04 00:23:39 ----A---- C:\Windows\system32\NlsData0007.dll
2009-07-04 00:23:38 ----A---- C:\Windows\system32\NlsData004e.dll
2009-07-04 00:23:38 ----A---- C:\Windows\system32\NlsData003e.dll
2009-07-04 00:23:38 ----A---- C:\Windows\system32\NlsData002a.dll
2009-07-04 00:23:38 ----A---- C:\Windows\system32\NlsData001a.dll
2009-07-04 00:23:37 ----A---- C:\Windows\system32\NlsData001d.dll
2009-07-04 00:23:37 ----A---- C:\Windows\system32\NlsData001b.dll
2009-07-04 00:23:37 ----A---- C:\Windows\system32\NlsData000c.dll
2009-07-04 00:23:37 ----A---- C:\Windows\system32\NlsData000a.dll
2009-07-04 00:23:36 ----A---- C:\Windows\system32\NlsData0416.dll
2009-07-04 00:23:36 ----A---- C:\Windows\system32\NlsData0414.dll
2009-07-04 00:23:36 ----A---- C:\Windows\system32\NlsData000f.dll
2009-07-04 00:23:36 ----A---- C:\Windows\system32\NlsData000d.dll
2009-07-04 00:23:35 ----A---- C:\Windows\system32\NlsLexicons0c1a.dll
2009-07-04 00:23:35 ----A---- C:\Windows\system32\NlsData0c1a.dll
2009-07-04 00:23:35 ----A---- C:\Windows\system32\NlsData081a.dll
2009-07-04 00:23:35 ----A---- C:\Windows\system32\NlsData0816.dll
2009-07-04 00:20:47 ----A---- C:\Windows\system32\kbd106n.dll
2009-07-04 00:20:40 ----D---- C:\Program Files\Common Files\Real
2009-07-04 00:15:27 ----A---- C:\Windows\system32\lsass.exe
2009-07-04 00:13:33 ----A---- C:\Windows\system32\printcom.dll
2009-07-04 00:12:44 ----A---- C:\Windows\system32\wshrm.dll
2009-07-03 23:57:13 ----A---- C:\Windows\system32\netfxperf.dll
2009-07-03 23:53:19 ----D---- C:\Users\Hector\AppData\Roaming\Real
2009-07-03 23:49:10 ----A---- C:\Windows\system32\INETRES.dll
2009-07-03 23:48:34 ----A---- C:\Windows\system32\rpcrt4.dll
2009-07-03 23:47:18 ----D---- C:\Program Files\MSXML 4.0
2009-07-03 23:44:51 ----A---- C:\Windows\system32\msxml6r.dll
2009-07-03 22:33:55 ----SHD---- C:\Config.Msi
2009-07-03 22:04:32 ----D---- C:\Users\Hector\AppData\Roaming\Yahoo!
2009-07-03 22:04:32 ----D---- C:\ProgramData\Yahoo! Companion
2009-07-03 22:04:19 ----D---- C:\Program Files\CCleaner
2009-07-03 22:00:06 ----A---- C:\Windows\system32\wucltux.dll
2009-07-03 22:00:05 ----A---- C:\Windows\system32\wups2.dll
2009-07-03 22:00:05 ----A---- C:\Windows\system32\wuaueng.dll
2009-07-03 22:00:05 ----A---- C:\Windows\system32\wuauclt.exe
2009-07-03 21:59:55 ----A---- C:\Windows\system32\wudriver.dll
2009-07-03 21:59:54 ----A---- C:\Windows\system32\wups.dll
2009-07-03 21:59:54 ----A---- C:\Windows\system32\wuapi.dll
2009-07-03 21:59:45 ----A---- C:\Windows\system32\wuwebv.dll
2009-07-03 21:59:45 ----A---- C:\Windows\system32\wuapp.exe
2009-07-03 21:54:22 ----D---- C:\Users\Hector\AppData\Roaming\Snapfish
2009-07-03 21:54:06 ----D---- C:\Users\Hector\AppData\Roaming\Identities
2009-07-03 21:53:39 ----D---- C:\Users\Hector\AppData\Roaming\Macromedia
2009-07-03 21:53:14 ----D---- C:\Users\Hector\AppData\Roaming\Hewlett-Packard
2009-07-03 21:51:09 ----SD---- C:\Users\Hector\AppData\Roaming\Microsoft
2009-07-03 21:51:09 ----D---- C:\Users\Hector\AppData\Roaming\Media Center Programs
2009-07-03 21:47:59 ----SHD---- C:\ProgramData\Templates
2009-07-03 21:47:59 ----SHD---- C:\ProgramData\Start Menu
2009-07-03 21:47:59 ----SHD---- C:\ProgramData\Favorites
2009-07-03 21:47:59 ----SHD---- C:\ProgramData\Documents
2009-07-03 21:47:59 ----SHD---- C:\ProgramData\Desktop
2009-07-03 21:47:59 ----SHD---- C:\ProgramData\Application Data
2009-07-03 21:47:59 ----SHD---- C:\Documents and Settings
2009-07-03 21:47:22 ----SHD---- C:\System Volume Information

======List of files/folders modified in the last 1 months======

2009-07-25 14:50:50 ----D---- C:\Windows\Prefetch
2009-07-25 14:50:31 ----D---- C:\Windows\Temp
2009-07-25 12:36:01 ----D---- C:\Windows\System32
2009-07-25 12:36:01 ----D---- C:\Windows\inf
2009-07-25 12:36:01 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-25 12:31:45 ----D---- C:\Windows\SMINST
2009-07-24 22:12:56 ----D---- C:\WINDOWS
2009-07-24 13:43:14 ----D---- C:\Windows\system32\Tasks
2009-07-23 20:37:21 ----D---- C:\Windows\system32\WDI
2009-07-23 14:48:14 ----D---- C:\Windows\system32\drivers
2009-07-23 14:48:14 ----D---- C:\Windows\system32\catroot
2009-07-23 14:47:44 ----SHD---- C:\Windows\Installer
2009-07-23 14:47:11 ----D---- C:\Windows\system32\RTCOM
2009-07-22 14:01:01 ----D---- C:\Windows\winsxs
2009-07-22 14:01:01 ----D---- C:\Program Files\Internet Explorer
2009-07-21 13:22:30 ----D---- C:\Windows\rescache
2009-07-21 12:54:46 ----D---- C:\Windows\system32\catroot2
2009-07-20 11:43:39 ----D---- C:\Program Files\Adobe
2009-07-18 13:13:26 ----D---- C:\Program Files\Common Files\PX Storage Engine
2009-07-17 20:23:21 ----D---- C:\ProgramData\Adobe
2009-07-17 20:22:42 ----RD---- C:\Program Files
2009-07-17 20:22:40 ----D---- C:\Program Files\Common Files\Adobe
2009-07-17 19:58:53 ----D---- C:\Program Files\Common Files
2009-07-17 19:56:01 ----D---- C:\Program Files\Common Files\InstallShield
2009-07-17 19:55:51 ----HD---- C:\Program Files\InstallShield Installation Information
2009-07-17 19:15:29 ----RSD---- C:\Windows\Fonts
2009-07-15 13:54:42 ----HD---- C:\ProgramData
2009-07-15 00:46:30 ----D---- C:\Windows\Debug
2009-07-14 13:25:45 ----SD---- C:\Windows\Downloaded Program Files
2009-07-14 13:01:45 ----D---- C:\Program Files\Windows Mail
2009-07-13 16:06:50 ----D---- C:\Windows\system32\NDF
2009-07-12 16:35:41 ----D---- C:\Program Files\HP
2009-07-12 14:51:55 ----A---- C:\Windows\DIFxAPI.dll
2009-07-12 00:21:15 ----D---- C:\Windows\Microsoft.NET
2009-07-12 00:21:08 ----RSD---- C:\Windows\assembly
2009-07-12 00:10:45 ----SHD---- C:\Boot
2009-07-12 00:06:04 ----D---- C:\Program Files\Windows Calendar
2009-07-12 00:06:03 ----D---- C:\Program Files\Movie Maker
2009-07-12 00:06:02 ----D---- C:\Program Files\Windows Sidebar
2009-07-12 00:06:01 ----D---- C:\Program Files\Windows Media Player
2009-07-12 00:06:01 ----D---- C:\Program Files\Windows Journal
2009-07-12 00:06:01 ----D---- C:\Program Files\Windows Collaboration
2009-07-12 00:05:58 ----D---- C:\Program Files\Windows Photo Gallery
2009-07-12 00:05:58 ----D---- C:\Program Files\Common Files\System
2009-07-12 00:05:53 ----D---- C:\Windows\servicing
2009-07-12 00:05:53 ----D---- C:\Windows\ehome
2009-07-12 00:05:53 ----D---- C:\Program Files\Windows Defender
2009-07-12 00:05:25 ----D---- C:\Windows\system32\XPSViewer
2009-07-12 00:05:25 ----D---- C:\Windows\system32\sk-SK
2009-07-12 00:05:25 ----D---- C:\Windows\system32\lv-LV
2009-07-12 00:05:25 ----D---- C:\Windows\system32\ko-KR
2009-07-12 00:05:25 ----D---- C:\Windows\system32\hr-HR
2009-07-12 00:05:25 ----D---- C:\Windows\system32\et-EE
2009-07-12 00:05:25 ----D---- C:\Windows\system32\en-US
2009-07-12 00:05:25 ----D---- C:\Windows\system32\da-DK
2009-07-12 00:05:25 ----D---- C:\Windows\IME
2009-07-12 00:05:24 ----D---- C:\Windows\system32\oobe
2009-07-12 00:05:24 ----D---- C:\Windows\system32\migration
2009-07-12 00:05:24 ----D---- C:\Windows\system32\it-IT
2009-07-12 00:05:24 ----D---- C:\Windows\system32\el-GR
2009-07-12 00:05:24 ----D---- C:\Windows\system32\de-DE
2009-07-12 00:05:19 ----D---- C:\Windows\system32\AdvancedInstallers
2009-07-12 00:05:18 ----D---- C:\Windows\system32\sv-SE
2009-07-12 00:05:18 ----D---- C:\Windows\system32\setup
2009-07-12 00:05:18 ----D---- C:\Windows\system32\ru-RU
2009-07-12 00:05:18 ----D---- C:\Windows\system32\he-IL
2009-07-12 00:05:18 ----D---- C:\Windows\system32\fr-FR
2009-07-12 00:05:17 ----D---- C:\Windows\system32\zh-TW
2009-07-12 00:05:17 ----D---- C:\Windows\system32\zh-CN
2009-07-12 00:05:17 ----D---- C:\Windows\system32\uk-UA
2009-07-12 00:05:17 ----D---- C:\Windows\system32\sr-Latn-CS
2009-07-12 00:05:17 ----D---- C:\Windows\system32\SLUI
2009-07-12 00:05:17 ----D---- C:\Windows\system32\sl-SI
2009-07-12 00:05:17 ----D---- C:\Windows\system32\ro-RO
2009-07-12 00:05:17 ----D---- C:\Windows\system32\pt-PT
2009-07-12 00:05:17 ----D---- C:\Windows\system32\pl-PL
2009-07-12 00:05:17 ----D---- C:\Windows\system32\manifeststore
2009-07-12 00:05:17 ----D---- C:\Windows\system32\ja-JP
2009-07-12 00:05:17 ----D---- C:\Windows\system32\hu-HU
2009-07-12 00:05:17 ----D---- C:\Windows\system32\fi-FI
2009-07-12 00:05:17 ----D---- C:\Windows\system32\es-ES
2009-07-12 00:05:17 ----D---- C:\Windows\system32\en
2009-07-12 00:05:17 ----D---- C:\Windows\system32\cs-CZ
2009-07-12 00:05:17 ----D---- C:\Windows\system32\bg-BG
2009-07-12 00:05:16 ----D---- C:\Windows\system32\th-TH
2009-07-12 00:05:15 ----D---- C:\Windows\system32\tr-TR
2009-07-12 00:05:14 ----D---- C:\Windows\system32\wbem
2009-07-12 00:05:12 ----D---- C:\Windows\system32\nl-NL
2009-07-12 00:05:12 ----D---- C:\Windows\system32\nb-NO
2009-07-12 00:05:12 ----D---- C:\Windows\system32\lt-LT
2009-07-12 00:05:12 ----D---- C:\Windows\system32\ar-SA
2009-07-12 00:05:10 ----D---- C:\Windows\system32\migwiz
2009-07-12 00:05:09 ----D---- C:\Windows\system32\pt-BR
2009-07-12 00:03:31 ----D---- C:\Windows\AppPatch
2009-07-12 00:03:24 ----D---- C:\Windows\system32\Boot
2009-07-11 14:58:10 ----D---- C:\Windows\Tasks
2009-07-10 23:32:36 ----D---- C:\Windows\PolicyDefinitions
2009-07-10 20:56:18 ----D---- C:\ProgramData\Sonic
2009-07-09 22:19:45 ----D---- C:\ProgramData\WildTangent
2009-07-09 20:38:49 ----D---- C:\Windows\Logs
2009-07-09 19:51:22 ----ASH---- C:\Program Files\desktop.ini
2009-07-09 19:44:23 ----D---- C:\Windows\MSAgent
2009-07-09 19:44:21 ----D---- C:\Windows\L2Schemas
2009-07-09 19:44:21 ----D---- C:\Windows\DigitalLocker
2009-07-09 19:44:20 ----D---- C:\Windows\system32\com
2009-07-09 19:44:16 ----D---- C:\Windows\system32\sysprep
2009-07-09 19:44:07 ----D---- C:\Windows\system32\ias
2009-07-09 19:37:38 ----D---- C:\Windows\Boot
2009-07-09 19:26:43 ----A---- C:\Windows\system32\ifxcardm.dll
2009-07-09 19:26:40 ----A---- C:\Windows\system32\axaltocm.dll
2009-07-07 08:10:56 ----A---- C:\Windows\system32\mrt.exe
2009-07-04 09:52:31 ----HD---- C:\hp
2009-07-04 09:48:36 ----D---- C:\Program Files\Rhapsody
2009-07-03 23:45:04 ----D---- C:\Windows\SoftwareDistribution
2009-07-03 22:39:50 ----D---- C:\Program Files\Common Files\Symantec Shared
2009-07-03 22:37:54 ----D---- C:\ProgramData\Symantec
2009-07-03 21:56:07 ----SD---- C:\ProgramData\Microsoft
2009-07-03 21:55:04 ----D---- C:\ProgramData\Hewlett-Packard
2009-07-03 21:54:17 ----SHD---- C:\$Recycle.Bin
2009-07-03 21:53:59 ----D---- C:\Windows\system
2009-07-03 21:51:59 ----D---- C:\Windows\system32\restore
2009-07-03 21:51:09 ----RD---- C:\Users

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2009-07-06 335752]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86; C:\Windows\System32\Drivers\avgmfx86.sys [2009-07-06 27784]
R1 AvgTdiX;AVG Free8 Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2009-07-06 108552]
R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [2009-06-23 9968]
R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.sys [2009-06-23 72944]
R3 E100B;Intel(R) PRO Adapter Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2008-01-18 159744]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2009-02-11 2324512]
R3 netr73;USB Wireless 802.11 b/g Adaptor Driver for Vista; C:\Windows\system32\DRIVERS\netr73.sys [2008-02-26 493568]
R3 NuidFltr;NUID filter driver; C:\Windows\system32\DRIVERS\NuidFltr.sys [2009-05-09 14736]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2007-08-09 7572288]
R3 SASENUM;SASENUM; \??\C:\Program Files\SUPERAntiSpyware\SASENUM.SYS [2009-06-23 7408]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-18 83328]
S2 MCSTRM;MCSTRM; C:\Windows\system32\drivers\MCSTRM.sys []
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-18 5632]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-18 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-18 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-18 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-18 6016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-18 39936]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2006-11-02 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 a2free;a-squared Free Service; C:\Program Files\a-squared Free\a2service.exe [2009-07-13 719392]
R2 avg8emc;AVG Free8 E-mail Scanner; C:\PROGRA~1\AVG\AVG8\avgemc.exe [2009-07-06 907032]
R2 avg8wd;AVG Free8 WatchDog; C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe [2009-07-06 298776]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2007-05-24 61440]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe [2008-06-02 354840]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; c:\Program Files\Common Files\LightScribe\LSSrvc.exe [2007-07-25 79136]
S2 gupdate1ca02719bd25b1;Google Update Service (gupdate1ca02719bd25b1); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-07-11 133104]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe []
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-07-04 654848]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-11-20 136120]
S3 IDriverT;InstallDriver Table Manager; c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 RoxMediaDB9;RoxMediaDB9; c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [2007-05-11 887544]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2007-05-03 74656]

-----------------EOF-----------------
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby gabol » July 25th, 2009, 2:08 pm

Here's the last of it. thanks again. :bigsmurf:

info.txt logfile of random's system information tool 1.06 2009-07-25 14:50:55

======Uninstall list======

-->"C:\Program Files\HP Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Blasterball 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Boggle Supreme\Uninstall.exe"
-->"C:\Program Files\HP Games\Bookworm Adventures\Uninstall.exe"
-->"C:\Program Files\HP Games\Cake Mania\Uninstall.exe"
-->"C:\Program Files\HP Games\Chessmaster Challenge\Uninstall.exe"
-->"C:\Program Files\HP Games\Chuzzle Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\Crystal Maze\Uninstall.exe"
-->"C:\Program Files\HP Games\Diner Dash - Flo on the Go\Uninstall.exe"
-->"C:\Program Files\HP Games\Family Feud\Uninstall.exe"
-->"C:\Program Files\HP Games\FATE\Uninstall.exe"
-->"C:\Program Files\HP Games\Final Drive Nitro\Uninstall.exe"
-->"C:\Program Files\HP Games\Insaniquarium Deluxe\Uninstall.exe"
-->"C:\Program Files\HP Games\JEOPARDY\Uninstall.exe"
-->"C:\Program Files\HP Games\Jewel Quest 2 - Tournament Edition\Uninstall.exe"
-->"C:\Program Files\HP Games\Luxor 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\HP Games\My HP Game Console\Uninstall.exe"
-->"C:\Program Files\HP Games\Peggle\Uninstall.exe"
-->"C:\Program Files\HP Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\HP Games\Poker Superstars 2\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer Pineapple Cup\Uninstall.exe"
-->"C:\Program Files\HP Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\HP Games\SpongeBob SquarePants 3D Obstacle Odyssey\Uninstall.exe"
-->"C:\Program Files\HP Games\Super Granny 3\Uninstall.exe"
-->"C:\Program Files\HP Games\Swarm\Uninstall.exe"
-->"C:\Program Files\HP Games\Tank-o-Box\Uninstall.exe"
-->"C:\Program Files\HP Games\The Treasures of Montezuma\Uninstall.exe"
-->"C:\Program Files\HP Games\Tradewinds\Uninstall.exe"
-->"C:\Program Files\HP Games\Wheel of Fortune\Uninstall.exe"
7-Zip 4.65-->"C:\Program Files\7-Zip\Uninstall.exe"
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Anchor Service CS3-->MsiExec.exe /I{90176341-0A8B-4CCC-A78D-F862228A6B95}
Adobe Asset Services CS3-->MsiExec.exe /I{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}
Adobe Bridge CS3-->MsiExec.exe /I{9C9824D9-9000-4373-A6A5-D0E5D4831394}
Adobe Bridge Start Meeting-->MsiExec.exe /I{08B32819-6EEF-4057-AEDA-5AB681A36A23}
Adobe Camera Raw 4.0-->MsiExec.exe /I{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}
Adobe CMaps-->MsiExec.exe /I{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}
Adobe Color - Photoshop Specific-->MsiExec.exe /I{A2D81E70-2A98-4A08-A628-94388B063C5E}
Adobe Color Common Settings-->MsiExec.exe /I{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}
Adobe Color EU Recommended Settings-->MsiExec.exe /I{73B5D990-04EA-4751-B10F-5534770B91F2}
Adobe Color JA Extra Settings-->MsiExec.exe /I{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}
Adobe Color NA Extra Settings-->MsiExec.exe /I{FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}
Adobe Default Language CS3-->MsiExec.exe /I{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}
Adobe Device Central CS3-->MsiExec.exe /I{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}
Adobe ExtendScript Toolkit 2-->MsiExec.exe /I{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Fonts All-->MsiExec.exe /I{6ABE0BEE-D572-4FE8-B434-9E72A289431B}
Adobe Help Viewer CS3-->MsiExec.exe /I{04AF207D-9A77-465A-8B76-991F6AB66245}
Adobe Linguistics CS3-->MsiExec.exe /I{54793AA1-5001-42F4-ABB6-C364617C6078}
Adobe PDF Library Files-->MsiExec.exe /I{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}
Adobe Photoshop CS3-->C:\Program Files\Common Files\Adobe\Installers\53a35a181eeb50486a0e091bd67ae62\Setup.exe
Adobe Photoshop CS3-->MsiExec.exe /I{FB124956-B0E3-4D78-AB94-6E53430004B7}
Adobe Reader 8.1.5-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81300000003}
Adobe Setup-->MsiExec.exe /I{ACD238D4-5E74-42E1-8B11-A477BCE70D2F}
Adobe Stock Photos CS3-->MsiExec.exe /I{29E5EA97-5F74-4A57-B8B2-D4F169117183}
Adobe Type Support-->MsiExec.exe /I{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}
Adobe Update Manager CS3-->MsiExec.exe /I{E69AE897-9E0B-485C-8552-7841F48D42D8}
Adobe Version Cue CS3 Client-->MsiExec.exe /I{D0DFF92A-492E-4C40-B862-A74A173C25C5}
Adobe WinSoft Linguistics Plugin-->MsiExec.exe /I{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}
Adobe XMP Panels CS3-->MsiExec.exe /I{802771A9-A856-4A41-ACF7-1450E523C923}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
a-squared Free 4.5-->"C:\Program Files\a-squared Free\unins000.exe"
AVG Free 8.5-->C:\Program Files\AVG\AVG8\setup.exe /UNINSTALL
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
Google Chrome-->"C:\Program Files\Google\Chrome\Application\2.0.172.37\Installer\setup.exe" --uninstall --system-level
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Hardware Diagnostic Tools-->C:\Program Files\PC-Doctor 5 for Windows\uninst.exe
HijackThis 2.0.2-->"C:\Program Files\Trend Micro\HijackThis\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library 32 bit components-->MsiExec.exe /I{6D3DB611-D5E8-4E4B-8952-0D3F549F9CC6}
HP Active Support Library-->C:\Program Files\InstallShield Installation Information\{0A47BAFF-D4FF-4BD3-96CA-02A22EA62722}\setup.exe -runfromtemp -l0x0409
HP Customer Experience Enhancements-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{AB5E289E-76BF-4251-9F3F-9B763F681AE0}\setup.exe" -l0x9 -removeonly
HP Customer Feedback-->MsiExec.exe /I{9DBA770F-BF73-4D39-B1DF-6035D95268FC}
HP Easy Setup - Frontend-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{40F7AED3-0C7D-4582-99F6-484A515C73F2}\setup.exe" -l0x9 -removeonly
HP On-Screen Cap/Num/Scroll Lock Indicator-->C:\Windows\system32\OsdRemove.exe
HP Photosmart Essential 2.01-->C:\Program Files\HP\Digital Imaging\PhotoSmartEssential\hpzscr01.exe -datfile hpqbud13.dat
HP Total Care Advisor-->MsiExec.exe /X{0DDA7620-4F8B-43B3-8828-CA5EE292FA3B}
HP Update-->MsiExec.exe /X{FE57DE70-95DE-4B64-9266-84DA811053DB}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
Intel(R) Matrix Storage Manager-->C:\Windows\System32\Imsmudlg.exe
Java(TM) SE Runtime Environment 6 Update 1-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160010}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Home and Student 60 day trial-->c:\hp\bin\MSOffice\uninst2.cmd
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{A49F249F-0C91-497F-86DF-B2585E8E76B7}
Microsoft Works-->MsiExec.exe /I{6D52C408-B09A-4520-9B18-475B81D393F1}
Mozilla Firefox (3.5.1)-->C:\Program Files\Mozilla Firefox\uninstall\helper.exe
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
muvee autoProducer 6.0-->C:\Program Files\InstallShield Installation Information\{14AF024E-2E3B-49D0-A175-D1C1A06B155A}\setup.exe -runfromtemp -l0x0009 -removeonly
My HP Games-->"C:\Program Files\HP Games\Uninstall.exe"
NVIDIA Drivers-->C:\Windows\system32\NVUNINST.EXE UninstallGUI
PDF Settings-->MsiExec.exe /I{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}
Picasa 3-->"C:\Program Files\Google\Picasa3\Uninstall.exe"
Python 2.5-->MsiExec.exe /I{0A2C5854-557E-48C8-835A-3B9F074BDCAA}
QuickTime-->MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Realtek High Definition Audio Driver-->C:\Program Files\Realtek\Audio\HDA\RtlUpd.exe -r -m -nrg2709
Rhapsody Player Engine-->MsiExec.exe /I{2DFF31F9-7893-4922-AF66-C9A1EB4EBB31}
Rhapsody-->C:\PROGRA~1\Rhapsody\Unwise32.exe /A C:\PROGRA~1\Rhapsody\install.log
Roxio Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Roxio Creator Audio-->MsiExec.exe /X{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /X{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /X{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /X{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator EasyArchive-->MsiExec.exe /X{11F93B4B-48F0-4A4E-AE77-DFA96A99664B}
Roxio Creator Tools-->MsiExec.exe /X{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio MyDVD Basic v9-->MsiExec.exe /X{938B1CD7-7C60-491E-AA90-1F1888168240}
Snapfish Picture Mover-->MsiExec.exe /X{029B5901-1F27-4347-9923-E8ACC8F54E15}
Spelling Dictionaries Support For Adobe Reader 8-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-800000000003}
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
SUPERAntiSpyware Free Edition-->MsiExec.exe /X{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
WeatherBug Gadget-->MsiExec.exe /I{209CDA54-D390-46A2-A97C-7BF61734418D}
Windows Live OneCare safety scanner-->"C:\Program Files\Windows Live Safety Center\UnInstall.exe"
Windows Live OneCare safety scanner-->MsiExec.exe /X{FE0646A7-19D0-41B4-A2BB-2C35D644270D}
Yahoo! Search Protection-->C:\PROGRA~1\Yahoo!\SEARCH~1\UNINST~1.EXE
Yahoo! Toolbar-->C:\PROGRA~1\Yahoo!\Common\unyt.exe

======Security center information======

AV: AVG Anti-Virus Free
AS: AVG Anti-Virus Free (disabled)
AS: AVG Anti-Spyware (disabled) (outdated)
AS: Windows Defender
AS: SUPERAntiSpyware

======System event log======

Computer Name: Hector-PC
Event Code: 4385
Message: Windows Servicing failed to complete the process of changing update 960803-26_neutral_PACKAGE from package KB960803(Security Update) into Staging(Staging) state
Record Number: 2227
Source Name: Microsoft-Windows-Servicing
Time Written: 20090704053205.000000-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Hector-PC
Event Code: 4385
Message: Windows Servicing failed to complete the process of changing update 960803-25_neutral_PACKAGE from package KB960803(Security Update) into Staging(Staging) state
Record Number: 2226
Source Name: Microsoft-Windows-Servicing
Time Written: 20090704053205.000000-000
Event Type: Error
User: NT AUTHORITY\SYSTEM

Computer Name: Hector-PC
Event Code: 4374
Message: Windows Servicing identified that package KB960803(Security Update) is not applicable for this system
Record Number: 2200
Source Name: Microsoft-Windows-Servicing
Time Written: 20090704053203.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Hector-PC
Event Code: 4374
Message: Windows Servicing identified that package KB960803(Security Update) is not applicable for this system
Record Number: 2199
Source Name: Microsoft-Windows-Servicing
Time Written: 20090704053203.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Hector-PC
Event Code: 4374
Message: Windows Servicing identified that package KB960803(Security Update) is not applicable for this system
Record Number: 2198
Source Name: Microsoft-Windows-Servicing
Time Written: 20090704053203.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Hector-PC
Event Code: 1000
Message: Faulting application GLB4EFC.tmp, version 4.0.4.723, time stamp 0x3bd86c3f, faulting module rset3210.dll_unloaded, version 0.0.0.0, time stamp 0x4a25ec55, exception code 0xc0000005, fault offset 0x62ea1340, process id 0x1228, application start time 0x01c9fc75dcabc925.
Record Number: 517
Source Name: Application Error
Time Written: 20090704070655.000000-000
Event Type: Error
User:

Computer Name: Hector-PC
Event Code: 101
Message:
Record Number: 496
Source Name: Automatic LiveUpdate Scheduler
Time Written: 20090704053930.000000-000
Event Type: Error
User: Hector-PC\Hector

Computer Name: Hector-PC
Event Code: 1000
Message: Faulting application iexplore.exe, version 7.0.6000.16512, time stamp 0x46807103, faulting module urlmon.dll, version 7.0.6000.16512, time stamp 0x46807f53, exception code 0xc0000409, fault offset 0x00093eec, process id 0x1264, application start time 0x01c9fc63c6024305.
Record Number: 438
Source Name: Application Error
Time Written: 20090704045738.000000-000
Event Type: Error
User:

Computer Name: Hector-PC
Event Code: 5007
Message: The target file for the Windows Feedback Platform (a DLL file containing the list of problems on this computer that require additional data collection for diagnosis) could not be parsed. The error code was 8014FFF9.
Record Number: 400
Source Name: WerSvc
Time Written: 20090704044755.000000-000
Event Type: Error
User:

Computer Name: Hector-PC
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 393
Source Name: Microsoft-Windows-Search
Time Written: 20090704044723.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: Hector-PC
Event Code: 4647
Message: User initiated logoff:

Subject:
Security ID: S-1-5-21-1213608189-3069444259-692705836-500
Account Name: Administrator
Account Domain: LH-S3ZMASMCGO9U
Logon ID: 0x36a34

This event is generated when a logoff is initiated but the token reference count is not zero and the logon session cannot be destroyed. No further user-initiated activity can occur. This event can be interpreted as a logoff event.
Record Number: 230
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20071227051327.413600-000
Event Type: Audit Success
User:

Computer Name: Hector-PC
Event Code: 4634
Message: An account was logged off.

Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x20f8a

Logon Type: 3

This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 229
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20071227051325.916000-000
Event Type: Audit Success
User:

Computer Name: LH-S3ZMASMCGO9U
Event Code: 4616
Message: The system time was changed.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Process Information:
Process ID: 0x47c
Name: C:\Windows\System32\svchost.exe

Previous Time: 9:13:25 PM 12/26/2007
New Time: 9:13:25 PM 12/26/2007

This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 228
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20071227051325.635200-000
Event Type: Audit Success
User:

Computer Name: LH-S3ZMASMCGO9U
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 227
Source Name: Microsoft-Windows-Eventlog
Time Written: 20071227051325.806800-000
Event Type: Audit Success
User:

Computer Name: LH-S3ZMASMCGO9U
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1213608189-3069444259-692705836-500
Account Name: Administrator
Domain Name: LH-S3ZMASMCGO9U
Logon ID: 0x36a34
Record Number: 226
Source Name: Microsoft-Windows-Eventlog
Time Written: 20071227051308.777371-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;C:\hp\bin\Python;c:\Program Files\Common Files\Roxio Shared\DLLShared\;c:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"PLATFORM"=HPD
"PCBRAND"=Pavilion
"OnlineServices"=Online Services
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_01\lib\ext\QTJava.zip

-----------------EOF-----------------
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby Bio-Hazard » July 26th, 2009, 4:33 am

Thank you for your help. Here's the first post, RSIT to follow immediately. By the way, my reason for posting Hijackthis is because I'm having a problem with IE 8 or Firefox opening infinite windows (it only happened twice) and then my computer crashing, and finally I had to do a system restore.


You are welcome. Now that you have done the system restore, have all the problems dissappeared?

Update Java Runtime:

You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason it's extremely important that you keep the program up to date and also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 14.
  • Go to HERE
  • Scroll down to where it says Java Runtime Environment (JRE) 6 Update 14
  • Click the Download button to the right
  • From the dropdown menu choose your platform. Which is Windows
  • Dont change the language box.
  • Click on the radio button to Accept License Agreement and after that click continue
  • Click on Windows Offline Installation Multi-language and save the downloaded file to your computer
  • Go to Start => Control Panel => Add or Remove Programs
  • Uninstall all old versions of Java (Java 2 Runtime Environment JRE or JSE)
  • Reboot your computer
  • Delete the folder C:\Program Files\Java if present
  • Install the new version by running the newly-downloaded file and follow the on-screen instructions.
  • Reboot your computer


ATF-Cleaner

Please download ATF Cleaner by Atribune.

  • Save it to your desktop
  • Double-click ATF-Cleaner.exe to run the program.
  • Under Main choose: Select All
  • Click the Empty Selected button.

    If you use Firefox browser
  • Click Firefox at the top and choose: Select All
  • Click the Empty Selected button.

    NOTE: If you would like to keep your saved passwords please click No at the prompt.
  • Click Exit on the Main menu to close the program.


Kaspersky Online Scan

You can use either Internet Explorer or Mozilla FireFox for this scan.

Note: If you are using Windows Vista, open your browser by right-clicking on its icon and select 'Run as administrator' to perform this scan.

  • Please go to Kaspersky website and perform an online antivirus scan.
  • Read through the requirements and privacy statement and click on Accept button.
  • It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run.
  • When the downloads have finished, click on Settings.
  • Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button:
    • Spyware, Adware, Dialers, and other potentially dangerous programs
    • Archives
  • Click on My Computer under Scan.
  • Once the scan is complete, it will display the results. Click on View Scan Report.
  • You will see a list of infected items there. Click on Save Report As....
  • Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button.
  • Please post this log in your next reply along with a fresh HijackThis log.




Update Adobe Reader

Your version of Adobe Reader is out-of-date. There are known security issues with older versions of Adobe Reader. It is strongly suggested that you update to the current version. Please uninstall older version of Adobe Reader before installing the latest version.

If you are using a FULL featured, purchased version of Adobe Acrobat Reader.
These instructions will remove the current version of Adobe Reader and replace it with the limited feature FREE version. If you want to replace the paid for version with the free version, then continue, otherwise DO NOT perform these steps!

  • Click Start
  • Control Panel
  • Double clicking on Add/Remove Programs
  • Locate older version of Adobe Reader and click on Change/Remove to uninstall it
  • Click HERE to download the latest version of Adobe Reader.
  • Select your Windows version and click on Download. If you are using Internet Explorer, you will receive prompts. Allow the installation to be ran and it will be installed automatically for you. If you are using other browsers, it will prompt you to save a file. Save this file to your desktop and run it to install the latest version of Adobe Reader.
  • Close your Internet browser and open it again.

If you don't like Adobe Reader, you can download Foxit PDF Reader from HERE. It's a much smaller file to download and uses a lot less resources than Adobe Reader.
Note: When installing FoxitReader, be carefull not to install anything to do with AskBar.


Optional Fix

WeatherBug is a system tray icon that offers weather information and includes built-in ads. WeatherBug is controlled by AWS Convergence Technologies (weatherbugmedia.com). There is some controversy over whether WeatherBug should be targeted by anti-parasite software. AWS strongly deny their software is 'spyware', and by the definition used here, it is not, as it does not leak information back to its controlling servers. However, WeatherBug has in the past been silently installed by the FavoriteMan parasite and Freeze.com screensavers, and more recently has been bundled by software such as AIM and Blubster. This makes it 'unsolicited', and since it is installed to raise money for its creators through the built-in ads it is certainly 'commercial'. So it does meet the definition for 'parasite': unsolicited commercial software. It is nonetheless listed as a borderline case because it is not overtly harmful and many people do install it deliberately. WeatherBug bundles the MySearch parasite in its standalone distribution and has in the past, installed Gator and SVAPlayer.

I recommend that you uninstall WeatherBugand choose one of these alternatives:
Weather Pulse
Weather Watcher
or
Get mozilla Firefox and then get FORECASTFOX!!!
or check the weather at these websites:
Weather Street: US Weather
Intellicast

  • Click Start
  • Go to Control Panel
  • Go to [b]programs and features[/b]
  • Find and Right click on each instance of (if present):

    Weatherbug Gadget
  • Click Uninstall & then follow the prompts to remove it

NOTE: Take care when answering any questions posed by an uninstaller. Some questions may be worded to deceive you into keeping the program.



Logs/Information to Post in Next Reply

Please post the following logs/Information in your reply:
  • Answer to My question
  • Kaspersky Log
  • A fresh HijackThis Log ( after all the above has been done)
  • A description of how your computer is behaving
User avatar
Bio-Hazard
MRU Master Emeritus
 
Posts: 4078
Joined: May 10th, 2007, 8:28 am
Location: Cornwall, UK

Re: help with hijackthis log

Unread postby gabol » July 27th, 2009, 11:11 am

Hello Bio-Hazard,

I encountered my first problem: I don't see Weatherbug in the programs and features window. I didn't install weathebug, maybe it downloaded itself with another program?

All I have left to do from your list is run Kaspersky and then I will post findings.

Thank you. :bigsmurf:
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby gabol » July 27th, 2009, 4:44 pm

KASPERSKY ONLINE SCANNER 7.0 REPORT
Monday, July 27, 2009
Operating System: Microsoft Windows Vista Home Premium Edition, 32-bit Service Pack 2 (build 6002)
Kaspersky Online Scanner version: 7.0.26.13
Program database last update: Monday, July 27, 2009 18:18:23
Records in database: 2555194
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: no

Scan area - My Computer:
C:\
D:\
E:\
F:\
G:\
H:\
I:\

Scan statistics:
Files scanned: 170559
Threat name: 0
Infected objects: 0
Suspicious objects: 0
Duration of the scan: 03:13:57

No malware has been detected. The scan area is clean.

The selected area was scanned.
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby Bio-Hazard » July 27th, 2009, 5:03 pm

Hello!

Can you post a Hijackthis log for me to see and do you have any problems?
User avatar
Bio-Hazard
MRU Master Emeritus
 
Posts: 4078
Joined: May 10th, 2007, 8:28 am
Location: Cornwall, UK

Re: help with hijackthis log

Unread postby gabol » July 27th, 2009, 11:19 pm

Here are my answers:

1) since my last "system restore" which was 1 month ago, i have not had any craches with the "infinite windows" issue.
4) and so far I have not had any issues.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:50:50 PM, on 7/25/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\hp\support\hpsysdrv.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\WINDOWS\RtHDVCpl.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\schtasks.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
C:\Windows\system32\jusched.exe
C:\Windows\ehome\ehmsas.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Hector\Downloads\RSIT.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files\Trend Micro\HijackThis\Hector.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE= ... pf=desktop
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [hpsysdrv] c:\hp\support\hpsysdrv.exe
O4 - HKLM\..\Run: [OsdMaestro] "C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe"
O4 - HKLM\..\Run: [IAAnotif] "C:\Program Files\Intel\Intel Matrix Storage Manager\Iaanotif.exe"
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [SunJavaUpdateReg] "C:\Windows\system32\jureg.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [NvSvc] RUNDLL32.EXE C:\Windows\system32\nvsvc.dll,nvsvcStart
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\RunOnce: [Launcher] %WINDIR%\SMINST\launcher.exe
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\..\Run: [HPAdvisor] C:\Program Files\Hewlett-Packard\HP Advisor\HPAdvisor.exe autoRun
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Global Startup: Snapfish Media Detector.lnk = C:\Program Files\Snapfish Picture Mover\SnapfishMediaDetector.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O13 - Gopher Prefix:
O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} (Windows Live OneCare safety scanner control) - http://cdn.scan.onecare.live.com/resour ... cctrl2.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - Unknown owner - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe (file missing)
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1ca02719bd25b1) (gupdate1ca02719bd25b1) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - c:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe

--
End of file - 7750 bytes
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby Bio-Hazard » July 28th, 2009, 5:04 pm

Hello!

Did you manage to update Java and Adobe?

Disable Windows Defender

From your log i can see this that you are running a Windows Defender. This might interfere with fixes we are about to do so we need to disable it. To disable your Windows Defender Real-time Protection.

  • Open Windows Defender
  • Click Tools
  • Click General Settings
  • Scroll down to Real Time Protection Options
  • Uncheck Turn on Real Time Protection (recommended)
  • Close Windows Defender

Note: Once your log is clean you can re-enable Windows Defender Real Time Protection.

Remove HijackThis entries

  • Run HijackThis
  • Click on the Scan button
  • Put a check beside all of the items listed below (if present):

    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

  • Close all open windows and browsers/email etc...
  • Click on the Fix Checked button
  • When completed close the application.


Logs/Information to Post in Next Reply

Please post the following logs/Information in your reply:
  • Answer to My question
  • A fresh HijackThis Log ( after all the above has been done)
  • A description of how your computer is behaving
User avatar
Bio-Hazard
MRU Master Emeritus
 
Posts: 4078
Joined: May 10th, 2007, 8:28 am
Location: Cornwall, UK

Re: help with hijackthis log

Unread postby gabol » July 30th, 2009, 10:13 am

I can't figure out how to disable Windows Defender. I'm running Windows Vista and I don't see a general settings tab or real time protection options. :bigsmurf:
gabol
Regular Member
 
Posts: 48
Joined: July 21st, 2009, 11:08 am

Re: help with hijackthis log

Unread postby Bio-Hazard » July 30th, 2009, 10:24 am

Hello!

There is more specific instructions for Vista.

VISTA-Disable windows defender
  • Go to Start > All Programs > Windows Defender.
  • Click on Tools at the top.
  • Under Settings, click on Options.
  • Under Automatic scanning, uncheck (untick) Automatically scan my computer (recommended) box.
  • Under Real-time protection options, uncheck (untick) Use real-time protection (recommended) box.
  • Click on the Save button at the bottom right hand corner.
Don't forget to re-enable it, when your computer is clean.
User avatar
Bio-Hazard
MRU Master Emeritus
 
Posts: 4078
Joined: May 10th, 2007, 8:28 am
Location: Cornwall, UK
Advertisement
Register to Remove

Next

  • Similar Topics
    Replies
    Views
    Last post

Return to Infected? Virus, malware, adware, ransomware, oh my!



Who is online

Users browsing this forum: No registered users and 32 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware