Logfile of random's system information tool 1.06 (written by random/random)
Run by User at 2009-09-29 11:31:04
Microsoft® Windows Vista™ Home Basic Service Pack 1
System drive C: has 2 GB (15%) free of 15 GB
Total RAM: 893 MB (18% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:31:33 AM, on 9/29/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Windows Live\Family Safety\fsui.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Java\jre6\bin\jusched.exe
E:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
E:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\System32\mobsync.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
E:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
E:\Program Files\STOPzilla!\STOPzilla.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\cmd.exe
C:\Users\User\Desktop\RSIT.exe
C:\Program Files\trend micro\User.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - E:\Program Files\STOPzilla!\SZSG.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - E:\Program Files\STOPzilla!\SZIEBHO.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - E:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - E:\Program Files\STOPzilla!\SZSG.dll
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [AutoStartNPSAgent] E:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://E:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:\Windows\bdoscandel.exe
O9 - Extra button: HP Smart Select - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - E:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - (no file)
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
http://download.bitdefender.com/resourc ... oscan8.cabO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} -
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Windows\system32\Skype4COM.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Unknown owner - D:\Avira\AntiVir Desktop\sched.exe (file missing)
O23 - Service: Avira AntiVir Guard (AntiVirService) - Unknown owner - D:\Avira\AntiVir Desktop\avguard.exe (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - E:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: FsUsbExService - Teruten - C:\Windows\system32\FsUsbExService.Exe
O23 - Service: Google Update Service (gupdate1c9a391f4bedba5) (gupdate1c9a391f4bedba5) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: NBService - Unknown owner - D:\Program Files\Nero 7\Nero BackItUp\NBService.exe (file missing)
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Start BT in service - Unknown owner - E:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe
O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe
--
End of file - 8476 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1827766B-9F49-4854-8034-F6EE26FCB1EC}]
ZILLAbar Browser Helper Object - E:\Program Files\STOPzilla!\SZSG.dll [2009-08-18 259520]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-02-06 61808]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5C255C8A-E604-49b4-9D64-90988571CECB}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6D53EC84-6AAE-4787-AEEE-F4628F01010C}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll [2009-05-19 137600]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-02-17 408440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll [2009-03-24 668656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-03-09 35840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E3215F20-3212-11D6-9F8B-00D0B743919D}]
STOPzilla Browser Helper Object - E:\Program Files\STOPzilla!\SZIEBHO.dll [2009-08-18 222656]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - E:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2007-11-06 542016]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} - &Windows Live Toolbar - C:\Program Files\Windows Live\Toolbar\wltcore.dll [2009-02-06 1068904]
{98828DED-A591-462F-83BA-D2F62A68B8B8} - STOPzilla - E:\Program Files\STOPzilla!\SZSG.dll [2009-08-18 259520]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-21 1008184]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2007-09-19 4702208]
"fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-02-06 454000]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2008-06-12 34672]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-02-18 13683232]
"NvMediaCenter"=C:\Windows\system32\NvMcTray.dll [2009-02-18 92704]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-03-09 148888]
"HP Software Update"=E:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2009-07-10 195072]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2008-05-27 413696]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-06-27 152872]
"AutoStartNPSAgent"=E:\Program Files\Samsung\Samsung New PC Studio\NPSAgent.exe [2009-08-08 98304]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-21 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\rootrepeal.sys]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Telstra\unpw\unpwclient.exe"="C:\Program Files\Telstra\unpw\unpwclient.exe:*:Enabled:BigPond Username/Password Tool"
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
======List of files/folders created in the last 3 months======
2009-09-29 10:46:46 ----DC---- C:\Windows\temp
2009-09-29 10:46:44 ----AC---- C:\ComboFix.txt
2009-09-29 10:46:44 ----AC---- \ComboFix.txt
2009-09-29 10:45:38 ----SHDC---- C:\$RECYCLE.BIN
2009-09-29 10:45:38 ----SHDC---- \$RECYCLE.BIN
2009-09-27 03:10:44 ----AC---- C:\Windows\system32\tzres.dll
2009-09-26 16:47:37 ----AC---- C:\Windows\system32\jscript.dll
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\TCPSVCS.EXE
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\ROUTE.EXE
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\NETSTAT.EXE
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\netiohlp.dll
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\MRINFO.EXE
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\HOSTNAME.EXE
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\finger.exe
2009-09-26 16:47:27 ----AC---- C:\Windows\system32\ARP.EXE
2009-09-26 16:47:26 ----AC---- C:\Windows\system32\netevent.dll
2009-09-26 16:46:13 ----AC---- C:\Windows\system32\wlanmsm.dll
2009-09-26 16:46:12 ----AC---- C:\Windows\system32\wlansvc.dll
2009-09-26 16:46:12 ----AC---- C:\Windows\system32\wlansec.dll
2009-09-26 16:46:12 ----AC---- C:\Windows\system32\L2SecHC.dll
2009-09-26 16:46:06 ----AC---- C:\Windows\system32\t2embed.dll
2009-09-26 16:46:06 ----AC---- C:\Windows\system32\fontsub.dll
2009-09-26 16:46:06 ----AC---- C:\Windows\system32\atmfd.dll
2009-09-26 16:46:05 ----AC---- C:\Windows\system32\dciman32.dll
2009-09-26 16:45:45 ----AC---- C:\Windows\system32\WMVCORE.DLL
2009-09-26 16:45:44 ----AC---- C:\Windows\system32\mf.dll
2009-09-26 16:45:36 ----AC---- C:\Windows\system32\atl.dll
2009-09-26 16:45:31 ----AC---- C:\Windows\system32\wkssvc.dll
2009-09-26 16:45:15 ----AC---- C:\Windows\system32\mshtml.dll
2009-09-26 16:45:14 ----AC---- C:\Windows\system32\ieframe.dll
2009-09-26 16:45:12 ----AC---- C:\Windows\system32\wininet.dll
2009-09-26 16:45:12 ----AC---- C:\Windows\system32\urlmon.dll
2009-09-26 16:45:12 ----AC---- C:\Windows\system32\msfeeds.dll
2009-09-26 16:45:12 ----AC---- C:\Windows\system32\iertutil.dll
2009-09-26 16:45:11 ----AC---- C:\Windows\system32\occache.dll
2009-09-26 16:45:11 ----AC---- C:\Windows\system32\iedkcs32.dll
2009-09-26 16:45:10 ----AC---- C:\Windows\system32\ieUnatt.exe
2009-09-26 16:45:10 ----AC---- C:\Windows\system32\ieui.dll
2009-09-26 16:45:10 ----AC---- C:\Windows\system32\iepeers.dll
2009-09-26 16:45:09 ----AC---- C:\Windows\system32\msfeedssync.exe
2009-09-26 16:45:09 ----AC---- C:\Windows\system32\msfeedsbs.dll
2009-09-26 16:45:09 ----AC---- C:\Windows\system32\jsproxy.dll
2009-09-26 16:45:09 ----AC---- C:\Windows\system32\iesysprep.dll
2009-09-26 16:45:09 ----AC---- C:\Windows\system32\iesetup.dll
2009-09-26 16:45:09 ----AC---- C:\Windows\system32\iernonce.dll
2009-09-26 16:45:09 ----AC---- C:\Windows\system32\ie4uinit.exe
2009-09-26 16:45:05 ----AC---- C:\Windows\system32\mstscax.dll
2009-09-26 16:44:58 ----AC---- C:\Windows\system32\avifil32.dll
2009-09-26 16:44:45 ----AC---- C:\Windows\system32\wmp.dll
2009-09-26 16:44:44 ----AC---- C:\Windows\system32\wmpdxm.dll
2009-09-26 16:44:43 ----AC---- C:\Windows\system32\spwmp.dll
2009-09-26 16:44:42 ----AC---- C:\Windows\system32\dxmasf.dll
2009-09-26 16:44:41 ----AC---- C:\Windows\system32\wmploc.DLL
2009-09-26 16:41:51 ----AC---- C:\Windows\system32\Apphlpdm.dll
2009-09-26 16:41:49 ----AC---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-09-26 14:14:18 ----DC---- C:\rsit
2009-09-26 14:14:18 ----DC---- \rsit
2009-09-26 13:41:42 ----AC---- C:\Windows\zip.exe
2009-09-26 13:41:42 ----AC---- C:\Windows\SWXCACLS.exe
2009-09-26 13:41:42 ----AC---- C:\Windows\SWSC.exe
2009-09-26 13:41:42 ----AC---- C:\Windows\SWREG.exe
2009-09-26 13:41:42 ----AC---- C:\Windows\sed.exe
2009-09-26 13:41:42 ----AC---- C:\Windows\PEV.exe
2009-09-26 13:41:42 ----AC---- C:\Windows\NIRCMD.exe
2009-09-26 13:41:42 ----AC---- C:\Windows\grep.exe
2009-09-26 13:41:39 ----DC---- C:\Windows\ERDNT
2009-09-26 13:41:03 ----DC---- C:\Qoobox
2009-09-26 13:41:03 ----DC---- \Qoobox
2009-09-24 07:54:46 ----AC---- C:\RootRepeal report 09-24-09 (07-54-46).txt
2009-09-24 07:54:46 ----AC---- \RootRepeal report 09-24-09 (07-54-46).txt
2009-09-20 16:54:16 ----DC---- C:\Program Files\Trend Micro
2009-09-19 15:07:37 ----AC---- C:\MGtools.exe
2009-09-19 15:07:37 ----AC---- \MGtools.exe
2009-09-16 10:12:42 ----AC---- C:\Windows\ntbtlog.txt
2009-09-16 09:04:13 ----DC---- C:\Program Files\Common Files\iS3
2009-09-13 20:07:34 ----DC---- C:\Program Files\BinaryBiz
2009-09-06 22:26:18 ----DC---- C:\Windows\BDOSCAN8
2009-09-05 21:32:40 ----AC---- C:\Windows\PhotoSnapViewer.INI
2009-08-26 04:23:34 ----DC---- C:\Windows\Sun
2009-08-25 13:03:00 ----DC---- C:\Users\User\AppData\Roaming\KodakCredentialStore
2009-08-25 12:59:43 ----DC---- C:\Users\User\AppData\Roaming\Skinux
2009-08-25 12:58:15 ----DC---- C:\Program Files\QuickTime
2009-08-25 12:58:10 ----ASHC---- C:\Users\User\AppData\Roaming\desktop.ini
2009-08-25 12:57:27 ----DC---- C:\Users\User\AppData\Roaming\ArcSoft
2009-08-25 12:55:54 ----DC---- C:\Program Files\Common Files\ArcSoft
2009-08-25 12:55:54 ----DC---- C:\Program Files\ArcSoft
2009-08-25 12:55:00 ----DC---- C:\Program Files\Kodak
2009-08-25 12:52:50 ----DC---- C:\Program Files\Common Files\Kodak
2009-08-25 12:51:30 ----DC---- C:\Program Files\Common Files\MSSoap
2009-08-25 09:31:05 ----AC---- C:\Windows\NeroDigital.ini
2009-08-24 22:39:29 ----DC---- C:\Program Files\AVG
2009-08-24 22:21:48 ----DC---- C:\Users\User\AppData\Roaming\AVG8
2009-08-08 21:22:08 ----DC---- C:\Program Files\MarkAnyContentSAFER
2009-08-08 21:06:31 ----DC---- C:\Windows\system32\Samsung_USB_Drivers
2009-08-08 21:05:07 ----AC---- C:\Windows\system32\FsUsbExDevice.Dll
2009-08-08 21:05:07 ----A---- C:\Windows\system32\FsUsbExService.Exe
2009-08-08 21:03:52 ----DC---- C:\Users\User\AppData\Roaming\Samsung
2009-07-20 14:57:28 ----RAC---- C:\Windows\system32\SZIO5.dll
2009-07-20 14:56:28 ----RAC---- C:\Windows\system32\SZBase5.dll
2009-07-20 14:56:04 ----RAC---- C:\Windows\system32\SZComp5.dll
2009-07-17 09:46:17 ----AC---- C:\Windows\ODBC.INI
2009-07-09 15:52:32 ----RAC---- C:\Windows\system32\IS3HTUI5.dll
2009-07-09 15:52:22 ----RAC---- C:\Windows\system32\IS3DBA5.dll
2009-07-09 15:51:40 ----RAC---- C:\Windows\system32\IS3UI5.dll
2009-07-09 15:51:24 ----RAC---- C:\Windows\system32\IS3Hks5.dll
2009-07-09 15:51:06 ----RAC---- C:\Windows\system32\IS3XDat5.dll
2009-07-09 15:50:48 ----RAC---- C:\Windows\system32\IS3Win325.dll
2009-07-09 15:50:28 ----RAC---- C:\Windows\system32\IS3Inet5.dll
2009-07-09 15:50:16 ----RAC---- C:\Windows\system32\IS3Svc5.dll
2009-07-09 15:47:06 ----RAC---- C:\Windows\system32\IS3Base5.dll
======List of files/folders modified in the last 3 months======
2009-09-29 11:31:16 ----DC---- C:\Windows\Prefetch
2009-09-29 11:24:32 ----DC---- C:\Windows\System32
2009-09-29 11:24:32 ----DC---- C:\Windows\inf
2009-09-29 11:24:32 ----AC---- C:\Windows\system32\PerfStringBackup.INI
2009-09-29 11:24:00 ----DC---- C:\Windows\Tasks
2009-09-29 10:46:47 ----DC---- C:\Windows\system32\en-US
2009-09-29 10:46:46 ----DC---- C:\Windows
2009-09-29 10:46:46 ----DC---- \Windows
2009-09-29 10:44:50 ----AC---- C:\Windows\system.ini
2009-09-29 10:42:44 ----DC---- C:\Windows\system32\drivers
2009-09-29 10:42:42 ----DC---- C:\Windows\AppPatch
2009-09-29 10:42:42 ----DC---- C:\Program Files\Common Files
2009-09-29 10:35:12 ----SHD---- C:\System Volume Information
2009-09-29 10:35:12 ----SHD---- \System Volume Information
2009-09-27 03:35:52 ----D---- C:\Windows\rescache
2009-09-27 03:32:12 ----D---- C:\Windows\winsxs
2009-09-27 03:22:05 ----DC---- C:\Windows\system32\catroot
2009-09-27 03:18:45 ----DC---- C:\Program Files\Microsoft Silverlight
2009-09-27 03:17:14 ----DC---- C:\Windows\system32\migration
2009-09-27 03:17:14 ----DC---- C:\Program Files\Windows Mail
2009-09-27 03:17:13 ----DC---- C:\Program Files\Windows Media Player
2009-09-27 03:17:13 ----DC---- C:\Program Files\Internet Explorer
2009-09-27 03:10:41 ----SHDC---- C:\Windows\Installer
2009-09-27 03:09:35 ----DC---- C:\Windows\Microsoft.NET
2009-09-27 03:07:07 ----DC---- C:\Windows\Debug
2009-09-27 03:06:12 ----DC---- C:\Config.Msi
2009-09-27 03:06:12 ----DC---- \Config.Msi
2009-09-26 16:43:20 ----DC---- C:\Windows\system32\catroot2
2009-09-26 14:30:38 ----DC---- C:\ProgramData
2009-09-26 14:30:38 ----DC---- \ProgramData
2009-09-26 14:04:35 ----DC---- C:\Windows\system32\config
2009-09-26 14:01:37 ----SDC---- C:\Windows\Downloaded Program Files
2009-09-25 04:12:07 ----DC---- C:\Windows\Logs
2009-09-23 07:12:13 ----RDC---- C:\Program Files
2009-09-23 07:12:13 ----RDC---- \Program Files
2009-09-23 07:12:13 ----DC---- C:\Program Files\Common Files\microsoft shared
2009-09-20 16:52:03 ----DC---- C:\Windows\system32\Tasks
2009-09-16 09:00:17 ----DC---- C:\Windows\system32\DRVSTORE
2009-09-16 08:33:33 ----DC---- C:\Program Files\Common Files\Symantec Shared
2009-09-08 19:55:24 ----DC---- C:\Windows\Minidump
2009-08-28 14:38:22 ----AC---- C:\Windows\system32\mrt.exe
2009-08-25 12:59:02 ----HDC---- C:\Program Files\InstallShield Installation Information
2009-08-25 12:55:00 ----DC---- C:\Windows\Help
2009-08-25 12:54:17 ----RSDC---- C:\Windows\assembly
2009-08-24 22:39:06 ----SDC---- C:\Users\User\AppData\Roaming\Microsoft
2009-07-17 09:47:23 ----RSDC---- C:\Windows\Fonts
2009-07-17 09:41:08 ----DC---- C:\Windows\system
2009-07-07 08:35:20 ----DC---- C:\Users\User\AppData\Roaming\uTorrent
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-05-11 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-07-28 55656]
R2 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-02-06 55280]
R3 BlueletAudio;Bluetooth Audio Service; C:\Windows\system32\DRIVERS\blueletaudio.sys [2007-06-24 34312]
R3 BlueletSCOAudio;Bluetooth SCO Audio Service; C:\Windows\system32\DRIVERS\BlueletSCOAudio.sys [2007-06-24 27656]
R3 BT;Bluetooth PAN Network Adapter; C:\Windows\system32\DRIVERS\btnetdrv.sys [2007-03-05 18320]
R3 DM9102; CNet PRO200 PCI Fast Ethernet NT Driver ; C:\Windows\system32\DRIVERS\DM9PCI5.SYS [2002-10-29 33280]
R3 FsUsbExDisk;FsUsbExDisk; \??\C:\Windows\system32\FsUsbExDisk.SYS [2008-11-14 36608]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-09-19 1959832]
R3 NVENETFD;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmfdx32.sys [2008-08-01 1052704]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-02-18 7765504]
R3 ROOTMODEM;Microsoft Legacy Modem Driver; C:\Windows\System32\Drivers\RootMdm.sys [2008-01-21 8192]
R3 VComm;Virtual Serial port driver; C:\Windows\system32\DRIVERS\VComm.sys [2007-03-05 34448]
R3 VcommMgr;Bluetooth VComm Manager Service; C:\Windows\System32\Drivers\VcommMgr.sys [2007-03-05 44304]
R3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-21 83328]
S1 Avgfwfd;AVG network filter service; C:\Windows\system32\DRIVERS\avgfwd6x.sys [2009-08-24 23832]
S1 avgio;avgio; \??\D:\Avira\AntiVir Desktop\avgio.sys []
S3 2WIREPCP;2Wire USB; C:\Windows\system32\DRIVERS\2WirePCP.sys [2007-03-23 60768]
S3 Btcsrusb;Bluetooth USB For Bluetooth Service; C:\Windows\System32\Drivers\btcusb.sys [2007-06-24 38920]
S3 BthEnum;Bluetooth Request Block Driver; C:\Windows\system32\DRIVERS\BthEnum.sys [2008-01-21 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-21 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2008-04-29 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2008-04-29 29184]
S3 catchme;catchme; \??\C:\Users\User\AppData\Local\Temp\catchme.sys []
S3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2008-01-21 131584]
S3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2008-01-21 16384]
S3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2008-01-21 36864]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-21 5632]
S3 gdrv;gdrv; \??\C:\Windows\gdrv.sys [2008-07-22 15600]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-21 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-21 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-21 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-21 6016]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2008-01-21 49664]
S3 RTL8023xp;Realtek 10/100 NIC Family NDIS x86 Driver; C:\Windows\system32\DRIVERS\Rtnicxp.sys [2008-03-31 51200]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-21 35328]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-21 39936]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-21 6656]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-21 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-21 11264]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2009-02-06 109056]
R2 BlueSoleil Hid Service;BlueSoleil Hid Service; E:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe [2007-12-27 166520]
R2 fsssvc;Windows Live Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-02-06 533360]
R2 FsUsbExService;FsUsbExService; C:\Windows\system32\FsUsbExService.Exe [2008-11-14 233472]
R2 hpqddsvc;HP CUE DeviceDiscovery Service; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-02-18 207392]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-21 21504]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 Start BT in service;Start BT in service; E:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [2007-12-27 51816]
R2 szserver;STOPzilla Service; C:\Program Files\Common Files\iS3\Anti-Spyware\SZServer.exe [2009-07-20 57344]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-21 21504]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S2 AntiVirSchedulerService;Avira AntiVir Scheduler; D:\Avira\AntiVir Desktop\sched.exe []
S2 AntiVirService;Avira AntiVir Guard; D:\Avira\AntiVir Desktop\avguard.exe []
S2 gupdate1c9a391f4bedba5;Google Update Service (gupdate1c9a391f4bedba5); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-03-13 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-03-24 183280]
S3 NBService;NBService; D:\Program Files\Nero 7\Nero BackItUp\NBService.exe []
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 Symantec Core LC;Symantec Core LC; C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe [2009-06-27 1245064]
S3 WLSetupSvc;Windows Live Setup Service; C:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-21 21504]
-----------------EOF-----------------