View Full Version : HJT-log. Like you asked for:
My prob is, that my sound is not working. (Since I installed vista sp2) and neither is the video-files (also since installation of Vista SP2) (even youtube!) That is so strange
I think I have a virus or something. My computer was complaining a bit before I har Vista SP2 installed.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:30:26, on 04-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Program Files\Windows Live\Mail\wlmail.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vucaarhus.dk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: NetXfer - {83B80A9C-D91A-4F22-8DCF-EA7204039F79} - C:\Program Files\Xi\NetXfer\NXIEHelper.dll
O2 - BHO: Hjælp til tilmelding til Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - (no file)
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: NetXfer - {C16CBAAC-A75C-4DB5-A0DD-CDF5CAFCDD3A} - C:\Program Files\Xi\NetXfer\NXToolBar.dll
O4 - HKLM\..\Run: [Tweak UI] RUNDLL32.EXE TWEAKUI.CPL,TweakMeUp
O4 - HKLM\..\Run: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\Windows\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YAHOOM~1.EXE" -quiet
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download alle med NetXfer - C:\Program Files\Xi\NetXfer\NXAddList.html
O8 - Extra context menu item: Download med NetXfer - C:\Program Files\Xi\NetXfer\NXAddLink.html
O8 - Extra context menu item: E&ksporter til Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Blog det - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog det i Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Send til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end til OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Rip YouTube File - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra 'Tools' menuitem: Rip YouTube file embedded in this page - {38E51477-DDB4-4aed-9D61-D0C193E10749} - C:\Program Files\SoundTaxi\YouTubeRipper.dll
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra 'Tools' menuitem: PartyCasino - {B4B52284-A248-4c51-9F7C-F0A0C67FCC9D} - C:\Programs\PartyGaming\PartyCasino\RunApp.exe (file missing)
O9 - Extra button: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - http://www.intercasino.com (file missing) (HKCU)
O9 - Extra 'Tools' menuitem: InterCasino $$$ - {909AAEB6-C2CB-4AB5-A7BB-C33B72AB4BFB} - http://www.intercasino.com (file missing) (HKCU)
O13 - Gopher Prefix:
O15 - Trusted Zone: *.emu.dk
O15 - Trusted Zone: *.supportcenter.dk
O15 - Trusted Zone: *.vucaarhus.dk
O16 - DPF: {07E8D22D-C723-485C-BE6F-003241549305} (Ceplan Object) - http://extcom.esoft.dk/extern/3d/eplan.cab
O16 - DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: {9191F686-7F0A-441D-8A98-2FE3AC1BD913} (ActiveScan 2.0 Installer Class) - http://acs.pandasoftware.com/activescan/cabs/as2stubie.cab
O16 - DPF: {983A9C21-8207-4B58-BBB8-0EBC3D7C5505} (Domino Web Access 8 Control) - http://webmail.djh.dk/dwa8W.cab
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {CAC677B6-4963-4305-9066-0BD135CD9233} (IPSUploader4 Control) - http://photoservice.fujicolor.eu/ips-opdata/layout/fuji01/activex/IPSUploader4.cab
O16 - DPF: {D216644A-C6DB-49D9-BBCF-D38FE7991BF2} (Util Class) - https://danid.dk/csp/authenticode/digitalsignatur-csp.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {D821DC4A-0814-435E-9820-661C543A4679} (CRLDownloadWrapper Class) - http://drmlicense.one.microsoft.com/crlupdate/en/crlocx.ocx
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) - http://download.mcafee.com/molbin/iss-loc/mcfscan/2,2,0,5821/mcfscan.cab
O16 - DPF: {F7EDBBEA-1AD2-4EBF-AA07-D453CC29EE65} (Flash Casino Helper Control) - https://plugins.valueactive.eu/flashax/iefax.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = vucaarhus.lan
O17 - HKLM\Software\..\Telephony: DomainName = vucaarhus.lan
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = vucaarhus.lan
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = vucaarhus.lan
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Bonjour-tjeneste (Bonjour Service) - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Bluetooth Feature Support (BthFilterHelper) - CSR, plc - C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Iap - Dell Inc. - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O2Micro Flash Memory (o2flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: SoundMovieServer - SoundMovieServer - C:\Windows\system32\snmvtsvc.exe
O23 - Service: stllssvr - Unknown owner - C:\Program Files\Common Files\SureThing Shared\stllssvr.exe (file missing)
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
--
End of file - 11203 bytes
Hello
Welcome to Safer Networking.
Please read Before You Post (http://forums.spybot.info/showthread.php?t=288)
While best efforts are made to assist in removing infections safely, unexpected stuff can happen. It is advisable that you back up your important data before starting any clean up procedure. Neither Safer Networking Forums nor the Analyst providing the advice may be held responsible for any loss.
Sorry for the delay, we get so busy that sometimes a post falls through the cracks.
If you have not resolved this issue and still need assistance than run this program and post the logs please
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)
Logfile of random's system information tool 1.06 (written by random/random)
Run by SLA at 2009-12-12 17:04:33
Microsoft® Windows Vista™ Business Service Pack 2
System drive C: has 16 GB (20%) free of 76 GB
Total RAM: 2046 MB (50% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:04:36, on 12-12-2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18828)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\sla\Desktop\RSIT.exe
C:\Program Files\Trend Micro\HijackThis\SLA.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.vucaarhus.dk/
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Windows Live Family Safety Browser Helper - {4f3ed5cd-0726-42a9-87f5-d13f3d2976ac} - C:\Program Files\Windows Live\Family Safety\fssbho.dll
O2 - BHO: Hjælp til tilmelding til Windows Live ID - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O4 - HKLM\..\Run: [fssui] "C:\Program Files\Windows Live\Family Safety\fsui.exe" -autorun
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NVHotkey] rundll32.exe C:\Windows\system32\nvHotkey.dll,Start
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O13 - Gopher Prefix:
O15 - Trusted Zone: *.emu.dk
O15 - Trusted Zone: *.supportcenter.dk
O15 - Trusted Zone: *.vucaarhus.dk
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = vucaarhus.lan
O17 - HKLM\Software\..\Telephony: DomainName = vucaarhus.lan
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = vucaarhus.lan
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: Iap - Dell Inc. - C:\Program Files\Dell\OpenManage\Client\Iap.exe
O23 - Service: iPod-tjeneste (iPod Service) - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: O2Micro Flash Memory (o2flash) - O2Micro International - C:\Windows\system32\o2flash.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:\Windows\System32\WLTRYSVC.EXE
--
End of file - 4011 bytes
======Scheduled tasks folder======
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\ParetoLogic Registration.job
C:\Windows\tasks\User_Feed_Synchronization-{F28F3CC4-9466-46D6-8361-2F3C1D5E8C90}.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4f3ed5cd-0726-42a9-87f5-d13f3d2976ac}]
Windows Live Family Safety Browser Helper Class - C:\Program Files\Windows Live\Family Safety\fssbho.dll [2009-08-05 113512]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Hjælp til tilmelding til Windows Live ID - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-03-30 403824]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-12-07 41760]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"fssui"=C:\Program Files\Windows Live\Family Safety\fsui.exe [2009-08-05 647520]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-03-20 1451304]
"SoundMAXPnP"=C:\Program Files\Analog Devices\Core\smax4pnp.exe [2007-08-01 1282048]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-12-07 149280]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-16 13793824]
"NVHotkey"=C:\Windows\system32\nvHotkey.dll [2009-06-16 92704]
"TkBellExe"=C:\Program Files\Common Files\Real\Update_OB\realsched.exe [2008-05-30 185896]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ABBYY Screenshot Reader Bonus"= []
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-12 2217848]
"{AEB6717E-7E19-11d0-97EE-00C04FD91972}"= []
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableLockWorkstation"=1
"DisableChangePassword"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=0
"EnableLUA"=0
"dontdisplaylastusername"=1
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
"disablecad"=1
"HideFastUserSwitching"=1
"DisableStartupSound"=1
"DefaultLogonDomain"=vucaarhus
"DisableStatusMessages"=1
"ShutdownSessionTimeout"=5
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0
"NoDriveTypeAutoRun"=255
"DontSetAutoplayCheckbox"=1
"NoAutorun"=1
"ForceStartMenuLogOff"=1
"NoSMBalloonTip"=1
"TaskbarNoNotification"=1
"DisablePersonalDirChange"=1
"NoDesktopCleanupWizard"=1
"NoWelcomeScreen"=1
"NoAutoUpdate"=0
"NoTaskGrouping"=1
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"NoDriveTypeAutoRun"=
"DontSetAutoplayCheckbox"=
"NoAutorun"=
"NoWelcomeScreen"=
"UseDefaultTile"=
"NoDisconnect"=
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{a815a570-de44-11dd-9b65-002186cb4fc1}]
shell\AutoRun\command - explorer .
shell\mobile\command - E:\MobileLaunch.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2009-12-12 17:02:50 ----D---- C:\rsit
2009-12-10 14:26:45 ----A---- C:\RootRepeal report 12-10-09 (14-26-45).txt
2009-12-10 14:11:13 ----D---- C:\Program Files\ERUNT
2009-12-07 14:20:09 ----D---- C:\Program Files\Windows Portable Devices
2009-12-07 14:15:28 ----A---- C:\Windows\system32\UIRibbonRes.dll
2009-12-07 14:15:28 ----A---- C:\Windows\system32\UIRibbon.dll
2009-12-07 14:15:28 ----A---- C:\Windows\system32\UIAnimation.dll
2009-12-07 14:14:56 ----A---- C:\Windows\system32\WMPhoto.dll
2009-12-07 14:14:56 ----A---- C:\Windows\system32\cdd.dll
2009-12-07 14:14:55 ----A---- C:\Windows\system32\xpsservices.dll
2009-12-07 14:14:55 ----A---- C:\Windows\system32\XpsRasterService.dll
2009-12-07 14:14:55 ----A---- C:\Windows\system32\XpsPrint.dll
2009-12-07 14:14:55 ----A---- C:\Windows\system32\XpsGdiConverter.dll
2009-12-07 14:14:55 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-12-07 14:14:55 ----A---- C:\Windows\system32\OpcServices.dll
2009-12-07 14:14:26 ----A---- C:\Windows\system32\WPDShextAutoplay.exe
2009-12-07 14:14:26 ----A---- C:\Windows\system32\wpdbusenum.dll
2009-12-07 14:14:20 ----A---- C:\Windows\system32\PortableDeviceConnectApi.dll
2009-12-07 14:14:18 ----A---- C:\Windows\system32\WPDShServiceObj.dll
2009-12-07 14:14:18 ----A---- C:\Windows\system32\wpdshext.dll
2009-12-07 14:14:18 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-12-07 14:14:18 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-12-07 14:14:18 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-12-07 14:13:10 ----A---- C:\Windows\system32\UIAutomationCore.dll
2009-12-07 12:59:41 ----D---- C:\Program Files\Common Files\Adobe
2009-12-07 12:55:53 ----A---- C:\Windows\system32\javaws.exe
2009-12-07 12:55:53 ----A---- C:\Windows\system32\javaw.exe
2009-12-07 12:55:53 ----A---- C:\Windows\system32\java.exe
2009-12-07 12:55:53 ----A---- C:\Windows\system32\deploytk.dll
2009-12-05 22:26:02 ----D---- C:\Windows\system32\vi-VN
2009-12-05 22:26:02 ----D---- C:\Windows\system32\eu-ES
2009-12-05 22:26:02 ----D---- C:\Windows\system32\ca-ES
2009-12-05 22:04:48 ----A---- C:\Windows\system32\SLsvc.exe
2009-12-05 22:04:48 ----A---- C:\Windows\system32\SLCExt.dll
2009-12-05 22:04:46 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-12-05 22:04:45 ----A---- C:\Windows\system32\mssrch.dll
2009-12-05 22:04:43 ----A---- C:\Windows\system32\tquery.dll
2009-12-05 22:04:43 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-12-05 22:04:42 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-12-05 22:04:42 ----A---- C:\Windows\system32\RMActivate.exe
2009-12-05 22:04:41 ----A---- C:\Windows\system32\msi.dll
2009-12-05 22:04:40 ----A---- C:\Windows\system32\imapi2fs.dll
2009-12-05 22:04:39 ----A---- C:\Windows\system32\sysmain.dll
2009-12-05 22:04:39 ----A---- C:\Windows\system32\secproc_isv.dll
2009-12-05 22:04:38 ----A---- C:\Windows\system32\icardagt.exe
2009-12-05 22:04:38 ----A---- C:\Windows\system32\EhStorShell.dll
2009-12-05 22:04:37 ----A---- C:\Windows\system32\spreview.exe
2009-12-05 22:04:37 ----A---- C:\Windows\system32\spinstall.exe
2009-12-05 22:04:37 ----A---- C:\Windows\system32\drmv2clt.dll
2009-12-05 22:04:36 ----A---- C:\Windows\system32\spwizui.dll
2009-12-05 22:04:36 ----A---- C:\Windows\system32\shell32.dll
2009-12-05 22:04:36 ----A---- C:\Windows\system32\secproc.dll
2009-12-05 22:04:35 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-12-05 22:04:35 ----A---- C:\Windows\system32\p2psvc.dll
2009-12-05 22:04:35 ----A---- C:\Windows\system32\mssvp.dll
2009-12-05 22:04:35 ----A---- C:\Windows\system32\mscoree.dll
2009-12-05 22:04:35 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-12-05 22:04:35 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-12-05 22:04:34 ----A---- C:\Windows\system32\mssphtb.dll
2009-12-05 22:04:34 ----A---- C:\Windows\system32\mssph.dll
2009-12-05 22:04:34 ----A---- C:\Windows\system32\imapi2.dll
2009-12-05 22:04:33 ----A---- C:\Windows\system32\wevtsvc.dll
2009-12-05 22:04:33 ----A---- C:\Windows\system32\sperror.dll
2009-12-05 22:04:33 ----A---- C:\Windows\system32\sdohlp.dll
2009-12-05 22:04:33 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-12-05 22:04:33 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-12-05 22:04:32 ----A---- C:\Windows\system32\SLC.dll
2009-12-05 22:04:32 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-12-05 22:04:32 ----A---- C:\Windows\system32\msshsq.dll
2009-12-05 22:04:31 ----A---- C:\Windows\system32\msjet40.dll
2009-12-05 22:04:30 ----A---- C:\Windows\system32\Query.dll
2009-12-05 22:04:30 ----A---- C:\Windows\system32\qmgr.dll
2009-12-05 22:04:30 ----A---- C:\Windows\system32\P2PGraph.dll
2009-12-05 22:04:30 ----A---- C:\Windows\system32\msexch40.dll
2009-12-05 22:04:30 ----A---- C:\Windows\system32\diagperf.dll
2009-12-05 22:04:29 ----A---- C:\Windows\system32\srchadmin.dll
2009-12-05 22:04:29 ----A---- C:\Windows\system32\ole32.dll
2009-12-05 22:04:29 ----A---- C:\Windows\system32\ntdll.dll
2009-12-05 22:04:29 ----A---- C:\Windows\system32\mmc.exe
2009-12-05 22:04:29 ----A---- C:\Windows\system32\mblctr.exe
2009-12-05 22:04:29 ----A---- C:\Windows\system32\IasMigReader.exe
2009-12-05 22:04:29 ----A---- C:\Windows\system32\EncDec.dll
2009-12-05 22:04:28 ----A---- C:\Windows\system32\riched20.dll
2009-12-05 22:04:28 ----A---- C:\Windows\system32\kernel32.dll
2009-12-05 22:04:28 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-12-05 22:04:28 ----A---- C:\Windows\system32\fdBth.dll
2009-12-05 22:04:27 ----A---- C:\Windows\system32\spoolss.dll
2009-12-05 22:04:27 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-12-05 22:04:27 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-12-05 22:04:27 ----A---- C:\Windows\system32\schedsvc.dll
2009-12-05 22:04:27 ----A---- C:\Windows\system32\msjtes40.dll
2009-12-05 22:04:27 ----A---- C:\Windows\system32\gpedit.dll
2009-12-05 22:04:27 ----A---- C:\Windows\system32\fsquirt.exe
2009-12-05 22:04:27 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-12-05 22:04:27 ----A---- C:\Windows\system32\CertEnroll.dll
2009-12-05 22:04:27 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-12-05 22:04:26 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-12-05 22:04:26 ----A---- C:\Windows\system32\mstext40.dll
2009-12-05 22:04:26 ----A---- C:\Windows\system32\infocardapi.dll
2009-12-05 22:04:26 ----A---- C:\Windows\system32\es.dll
2009-12-05 22:04:26 ----A---- C:\Windows\system32\cscsvc.dll
2009-12-05 22:04:25 ----A---- C:\Windows\system32\slwmi.dll
2009-12-05 22:04:25 ----A---- C:\Windows\system32\msxbde40.dll
2009-12-05 22:04:25 ----A---- C:\Windows\system32\msexcl40.dll
2009-12-05 22:04:25 ----A---- C:\Windows\system32\comsvcs.dll
2009-12-05 22:04:24 ----A---- C:\Windows\system32\NetProjW.dll
2009-12-05 22:04:23 ----A---- C:\Windows\system32\propsys.dll
2009-12-05 22:04:23 ----A---- C:\Windows\system32\PresentationHost.exe
2009-12-05 22:04:23 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-12-05 22:04:23 ----A---- C:\Windows\system32\newdev.dll
2009-12-05 22:04:23 ----A---- C:\Windows\system32\msrepl40.dll
2009-12-05 22:04:22 ----A---- C:\Windows\system32\setupapi.dll
2009-12-05 22:04:22 ----A---- C:\Windows\system32\rpcss.dll
2009-12-05 22:04:22 ----A---- C:\Windows\system32\mspbde40.dll
2009-12-05 22:04:22 ----A---- C:\Windows\system32\iasrecst.dll
2009-12-05 22:04:22 ----A---- C:\Windows\system32\eudcedit.exe
2009-12-05 22:04:22 ----A---- C:\Windows\system32\crypt32.dll
2009-12-05 22:04:22 ----A---- C:\Windows\explorer.exe
2009-12-05 22:04:21 ----A---- C:\Windows\system32\wevtapi.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\shlwapi.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\photowiz.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\nlhtml.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\msrd3x40.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\msltus40.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\msdtctm.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\mfc42.dll
2009-12-05 22:04:21 ----A---- C:\Windows\system32\browseui.dll
2009-12-05 22:04:20 ----A---- C:\Windows\system32\user32.dll
2009-12-05 22:04:20 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-12-05 22:04:20 ----A---- C:\Windows\system32\oleaut32.dll
2009-12-05 22:04:20 ----A---- C:\Windows\system32\ci.dll
2009-12-05 22:04:19 ----A---- C:\Windows\system32\netshell.dll
2009-12-05 22:04:19 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-12-05 22:04:18 ----A---- C:\Windows\system32\xmlfilter.dll
2009-12-05 22:04:18 ----A---- C:\Windows\system32\mswstr10.dll
2009-12-05 22:04:18 ----A---- C:\Windows\system32\msctf.dll
2009-12-05 22:04:18 ----A---- C:\Windows\system32\gdi32.dll
2009-12-05 22:04:17 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-12-05 22:04:17 ----A---- C:\Windows\system32\SLUI.exe
2009-12-05 22:04:17 ----A---- C:\Windows\system32\msrd2x40.dll
2009-12-05 22:04:17 ----A---- C:\Windows\system32\mfc42u.dll
2009-12-05 22:04:16 ----A---- C:\Windows\system32\wbengine.exe
2009-12-05 22:04:16 ----A---- C:\Windows\system32\propdefs.dll
2009-12-05 22:04:16 ----A---- C:\Windows\system32\odbc32.dll
2009-12-05 22:04:15 ----A---- C:\Windows\system32\wevtutil.exe
2009-12-05 22:04:15 ----A---- C:\Windows\system32\shdocvw.dll
2009-12-05 22:04:15 ----A---- C:\Windows\system32\mssitlb.dll
2009-12-05 22:04:14 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\WFS.exe
2009-12-05 22:04:13 ----A---- C:\Windows\system32\usp10.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\netlogon.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\msscb.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\msctfp.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\devmgr.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-12-05 22:04:13 ----A---- C:\Windows\system32\BFE.DLL
2009-12-05 22:04:12 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-12-05 22:04:12 ----A---- C:\Windows\system32\Wldap32.dll
2009-12-05 22:04:12 ----A---- C:\Windows\system32\wercon.exe
2009-12-05 22:04:12 ----A---- C:\Windows\system32\services.exe
2009-12-05 22:04:12 ----A---- C:\Windows\system32\mimefilt.dll
2009-12-05 22:04:12 ----A---- C:\Windows\system32\evr.dll
2009-12-05 22:04:12 ----A---- C:\Windows\system32\comdlg32.dll
2009-12-05 22:04:12 ----A---- C:\Windows\system32\certcli.dll
2009-12-05 22:04:12 ----A---- C:\Windows\system32\adtschema.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\w32time.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\taskeng.exe
2009-12-05 22:04:11 ----A---- C:\Windows\system32\rtffilt.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\reg.exe
2009-12-05 22:04:11 ----A---- C:\Windows\system32\mswdat10.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\msjter40.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\msdtcprx.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-12-05 22:04:11 ----A---- C:\Windows\system32\certutil.exe
2009-12-05 22:04:11 ----A---- C:\Windows\system32\bcrypt.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-12-05 22:04:10 ----A---- C:\Windows\system32\scrptadm.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\rsaenh.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\netapi32.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\msstrc.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\msshooks.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\msscntrs.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\msihnd.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-12-05 22:04:10 ----A---- C:\Windows\system32\dfshim.dll
2009-12-05 22:04:09 ----A---- C:\Windows\system32\termsrv.dll
2009-12-05 22:04:09 ----A---- C:\Windows\system32\profsvc.dll
2009-12-05 22:04:09 ----A---- C:\Windows\system32\mtxclu.dll
2009-12-05 22:04:09 ----A---- C:\Windows\system32\mscories.dll
2009-12-05 22:04:09 ----A---- C:\Windows\system32\fundisc.dll
2009-12-05 22:04:09 ----A---- C:\Windows\system32\cryptsvc.dll
2009-12-05 22:04:08 ----A---- C:\Windows\system32\wdc.dll
2009-12-05 22:04:08 ----A---- C:\Windows\system32\shsvcs.dll
2009-12-05 22:04:08 ----A---- C:\Windows\system32\msiexec.exe
2009-12-05 22:04:08 ----A---- C:\Windows\system32\imapi.dll
2009-12-05 22:04:07 ----A---- C:\Windows\system32\rasmans.dll
2009-12-05 22:04:07 ----A---- C:\Windows\system32\pnidui.dll
2009-12-05 22:04:07 ----A---- C:\Windows\system32\iassdo.dll
2009-12-05 22:04:06 ----A---- C:\Windows\system32\wersvc.dll
2009-12-05 22:04:06 ----A---- C:\Windows\system32\spoolsv.exe
2009-12-05 22:04:06 ----A---- C:\Windows\system32\spcmsg.dll
2009-12-05 22:04:06 ----A---- C:\Windows\system32\slmgr.vbs
2009-12-05 22:04:06 ----A---- C:\Windows\system32\scrrun.dll
2009-12-05 22:04:06 ----A---- C:\Windows\system32\PSHED.DLL
2009-12-05 22:04:06 ----A---- C:\Windows\system32\pidgenx.dll
2009-12-05 22:04:06 ----A---- C:\Windows\system32\pdh.dll
2009-12-05 22:04:06 ----A---- C:\Windows\system32\icardres.dll
2009-12-05 22:04:06 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-12-05 22:04:05 ----A---- C:\Windows\system32\SyncCenter.dll
2009-12-05 22:04:05 ----A---- C:\Windows\system32\SLUINotify.dll
2009-12-05 22:04:05 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-12-05 22:04:05 ----A---- C:\Windows\system32\comuid.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\wisptis.exe
2009-12-05 22:04:04 ----A---- C:\Windows\system32\untfs.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\taskcomp.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\spp.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\sethc.exe
2009-12-05 22:04:04 ----A---- C:\Windows\system32\scrobj.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\rtutils.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\ncrypt.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\iassam.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\cscui.dll
2009-12-05 22:04:04 ----A---- C:\Windows\system32\certmgr.dll
2009-12-05 22:04:03 ----A---- C:\Windows\system32\wow32.dll
2009-12-05 22:04:03 ----A---- C:\Windows\system32\userenv.dll
2009-12-05 22:04:03 ----A---- C:\Windows\system32\printui.dll
2009-12-05 22:04:03 ----A---- C:\Windows\system32\iasnap.dll
2009-12-05 22:04:03 ----A---- C:\Windows\system32\cscript.exe
2009-12-05 22:04:03 ----A---- C:\Windows\system32\autoconv.exe
2009-12-05 22:04:01 ----A---- C:\Windows\system32\WinSCard.dll
2009-12-05 22:04:01 ----A---- C:\Windows\system32\rdpencom.dll
2009-12-05 22:04:01 ----A---- C:\Windows\system32\msftedit.dll
2009-12-05 22:03:58 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-12-05 22:03:58 ----A---- C:\Windows\system32\offfilt.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\wsepno.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\WerFault.exe
2009-12-05 22:03:57 ----A---- C:\Windows\system32\Utilman.exe
2009-12-05 22:03:57 ----A---- C:\Windows\system32\sysclass.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\stobject.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\prnntfy.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\msnetobj.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\mfplat.dll
2009-12-05 22:03:57 ----A---- C:\Windows\system32\adsmsext.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\wscript.exe
2009-12-05 22:03:56 ----A---- C:\Windows\system32\wscntfy.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\ulib.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\rastapi.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\pnpsetup.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\odbccp32.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-12-05 22:03:56 ----A---- C:\Windows\system32\iasdatastore.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\fdProxy.dll
2009-12-05 22:03:56 ----A---- C:\Windows\system32\cryptui.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\wscsvc.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-12-05 22:03:55 ----A---- C:\Windows\system32\regsvc.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\rastls.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\ntprint.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\mscorier.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\iashlpr.dll
2009-12-05 22:03:55 ----A---- C:\Windows\system32\brcpl.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\zipfldr.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\wusa.exe
2009-12-05 22:03:54 ----A---- C:\Windows\system32\wshext.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\wer.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\rasdlg.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\netcenter.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\iassvcs.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\iasrad.dll
2009-12-05 22:03:54 ----A---- C:\Windows\system32\findstr.exe
2009-12-05 22:03:53 ----A---- C:\Windows\system32\wsnmp32.dll
2009-12-05 22:03:53 ----A---- C:\Windows\system32\themecpl.dll
2009-12-05 22:03:53 ----A---- C:\Windows\system32\mssprxy.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\slcc.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\scansetting.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\powrprof.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\powercpl.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\ntmarta.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\networkmap.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\msutb.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\mstlsapi.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\iasads.dll
2009-12-05 22:03:52 ----A---- C:\Windows\system32\iasacct.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\usercpl.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\umrdp.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\themeui.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\systemcpl.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\sud.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\pcaui.dll
2009-12-05 22:03:51 ----A---- C:\Windows\system32\newdev.exe
2009-12-05 22:03:51 ----A---- C:\Windows\system32\authz.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\tapisrv.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\scesrv.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\rpchttp.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\rekeywiz.exe
2009-12-05 22:03:50 ----A---- C:\Windows\system32\regapi.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\oleprn.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\msinfo32.exe
2009-12-05 22:03:50 ----A---- C:\Windows\system32\mpr.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\imm32.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\feclient.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\cscobj.dll
2009-12-05 22:03:50 ----A---- C:\Windows\system32\brcplsiw.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\wscisvif.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\sdclt.exe
2009-12-05 22:03:49 ----A---- C:\Windows\system32\scecli.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\rasgcw.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\qedit.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\pnpui.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\ncryptui.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\iaspolcy.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\hdwwiz.exe
2009-12-05 22:03:49 ----A---- C:\Windows\system32\Faultrep.dll
2009-12-05 22:03:49 ----A---- C:\Windows\system32\DeviceEject.exe
2009-12-05 22:03:49 ----A---- C:\Windows\system32\certreq.exe
2009-12-05 22:03:48 ----A---- C:\Windows\system32\TSTheme.exe
2009-12-05 22:03:48 ----A---- C:\Windows\system32\tcpmon.dll
2009-12-05 22:03:48 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-12-05 22:03:48 ----A---- C:\Windows\system32\srcore.dll
2009-12-05 22:03:48 ----A---- C:\Windows\system32\spwinsat.dll
2009-12-05 22:03:48 ----A---- C:\Windows\system32\rasplap.dll
2009-12-05 22:03:48 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-12-05 22:03:48 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-12-05 22:03:48 ----A---- C:\Windows\system32\fdWSD.dll
2009-12-05 22:03:48 ----A---- C:\Windows\system32\cmmon32.exe
2009-12-05 22:03:48 ----A---- C:\Windows\system32\cmdial32.dll
2009-12-05 22:03:47 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-12-05 22:03:47 ----A---- C:\Windows\system32\SnippingTool.exe
2009-12-05 22:03:47 ----A---- C:\Windows\system32\shwebsvc.dll
2009-12-05 22:03:47 ----A---- C:\Windows\system32\rasppp.dll
2009-12-05 22:03:47 ----A---- C:\Windows\system32\raschap.dll
2009-12-05 22:03:47 ----A---- C:\Windows\system32\PnPutil.exe
2009-12-05 22:03:47 ----A---- C:\Windows\system32\fontext.dll
2009-12-05 22:03:47 ----A---- C:\Windows\system32\dsprop.dll
2009-12-05 22:03:47 ----A---- C:\Windows\system32\conime.exe
2009-12-05 22:03:46 ----A---- C:\Windows\system32\shsetup.dll
2009-12-05 22:03:46 ----A---- C:\Windows\system32\rasmontr.dll
2009-12-05 22:03:46 ----A---- C:\Windows\system32\oobefldr.dll
2009-12-05 22:03:46 ----A---- C:\Windows\system32\mscandui.dll
2009-12-05 22:03:46 ----A---- C:\Windows\system32\modemui.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\WSDMon.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\tscfgwmi.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\smss.exe
2009-12-05 22:03:45 ----A---- C:\Windows\system32\netplwiz.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\CscMig.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\credui.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\blackbox.dll
2009-12-05 22:03:45 ----A---- C:\Windows\system32\appmgmts.dll
2009-12-05 22:03:44 ----A---- C:\Windows\system32\wmpeffects.dll
2009-12-05 22:03:44 ----A---- C:\Windows\system32\networkexplorer.dll
2009-12-05 22:03:44 ----A---- C:\Windows\system32\logagent.exe
2009-12-05 22:03:44 ----A---- C:\Windows\system32\ifmon.dll
2009-12-05 22:03:44 ----A---- C:\Windows\system32\cipher.exe
2009-12-05 22:03:43 ----A---- C:\Windows\system32\wscapi.dll
2009-12-05 22:03:43 ----A---- C:\Windows\system32\softkbd.dll
2009-12-05 22:03:43 ----A---- C:\Windows\system32\sendmail.dll
2009-12-05 22:03:43 ----A---- C:\Windows\system32\msscp.dll
2009-12-05 22:03:43 ----A---- C:\Windows\system32\msimtf.dll
2009-12-05 22:03:43 ----A---- C:\Windows\system32\InkEd.dll
2009-12-05 22:03:43 ----A---- C:\Windows\system32\gpresult.exe
2009-12-05 22:03:42 ----A---- C:\Windows\system32\wshbth.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\olepro32.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\msctfui.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\mprapi.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\input.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\gpprnext.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-12-05 22:03:42 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-12-05 22:03:41 ----A---- C:\Windows\system32\SLLUA.exe
2009-12-05 22:03:41 ----A---- C:\Windows\system32\rdpendp.dll
2009-12-05 22:03:41 ----A---- C:\Windows\system32\msjint40.dll
2009-12-05 22:03:41 ----A---- C:\Windows\system32\msisip.dll
2009-12-05 22:03:41 ----A---- C:\Windows\system32\l2nacp.dll
2009-12-05 22:03:41 ----A---- C:\Windows\system32\ftp.exe
2009-12-05 22:03:41 ----A---- C:\Windows\system32\fdSSDP.dll
2009-12-05 22:03:41 ----A---- C:\Windows\system32\fc.exe
2009-12-05 22:03:41 ----A---- C:\Windows\system32\cscdll.dll
2009-12-05 22:03:41 ----A---- C:\Windows\system32\cscapi.dll
2009-12-05 22:03:40 ----A---- C:\Windows\system32\wsdchngr.dll
2009-12-05 22:03:40 ----A---- C:\Windows\system32\Storprop.dll
2009-12-05 22:03:40 ----A---- C:\Windows\system32\slcinst.dll
2009-12-05 22:03:40 ----A---- C:\Windows\system32\rasdial.exe
2009-12-05 22:03:40 ----A---- C:\Windows\system32\PrintBrmUi.exe
2009-12-05 22:03:40 ----A---- C:\Windows\system32\ocsetup.exe
2009-12-05 22:03:40 ----A---- C:\Windows\system32\nslookup.exe
2009-12-05 22:03:40 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-12-05 22:03:40 ----A---- C:\Windows\system32\ipconfig.exe
2009-12-05 22:03:40 ----A---- C:\Windows\system32\fdeploy.dll
2009-12-05 22:03:40 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-12-05 22:03:40 ----A---- C:\Windows\system32\bthudtask.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\tscon.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\shadow.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\qprocess.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\logoff.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\gpupdate.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\csrstub.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\chgusr.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\chgport.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\cbsra.exe
2009-12-05 22:03:39 ----A---- C:\Windows\system32\bitsigd.dll
2009-12-05 22:03:38 ----A---- C:\Windows\system32\tskill.exe
2009-12-05 22:03:38 ----A---- C:\Windows\system32\tsdiscon.exe
2009-12-05 22:03:38 ----A---- C:\Windows\system32\rwinsta.exe
2009-12-05 22:03:38 ----A---- C:\Windows\system32\qappsrv.exe
2009-12-05 22:03:38 ----A---- C:\Windows\system32\NcdProp.dll
2009-12-05 22:03:38 ----A---- C:\Windows\system32\iscsilog.dll
2009-12-05 22:03:38 ----A---- C:\Windows\system32\chglogon.exe
2009-12-05 22:03:37 ----A---- C:\Windows\system32\vdmdbg.dll
2009-12-05 22:03:37 ----A---- C:\Windows\system32\slwga.dll
2009-12-05 22:03:37 ----A---- C:\Windows\system32\reset.exe
2009-12-05 22:03:37 ----A---- C:\Windows\system32\query.exe
2009-12-05 22:03:37 ----A---- C:\Windows\system32\odbcconf.dll
2009-12-05 22:03:37 ----A---- C:\Windows\system32\change.exe
2009-12-05 22:03:34 ----A---- C:\Windows\system32\msimsg.dll
2009-12-05 22:03:34 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-12-05 22:03:04 ----A---- C:\Windows\system32\SmiEngine.dll
2009-12-05 22:02:48 ----A---- C:\Windows\system32\wdscore.dll
2009-12-05 22:02:48 ----A---- C:\Windows\system32\PkgMgr.exe
2009-12-04 23:10:04 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-12-04 23:10:04 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-12-04 12:54:38 ----D---- C:\Program Files\ESET
2009-12-03 22:20:43 ----D---- C:\Windows\McAfee.com
2009-12-03 18:05:47 ----D---- C:\Program Files\Panda Security
2009-12-03 17:47:50 ----A---- C:\Windows\system32\nvmccsrs.dll
2009-12-03 17:47:50 ----A---- C:\Windows\system32\nvmccs.dll
2009-12-03 17:47:49 ----A---- C:\Windows\system32\nvcolor.exe
2009-12-03 17:47:49 ----A---- C:\Windows\system32\nvcod130.dll
2009-12-03 17:24:10 ----D---- C:\Intel
2009-12-03 17:06:59 ----D---- C:\Windows\system32\RTCOM
2009-12-03 17:06:26 ----A---- C:\Windows\DIFxAPI.dll
2009-12-03 17:06:25 ----A---- C:\Windows\system32\RtkCoInst.dll
2009-12-03 17:06:23 ----A---- C:\Windows\HideWin.exe
2009-12-03 17:06:18 ----D---- C:\dell
2009-12-03 00:17:27 ----D---- C:\Program Files\Synaptics
2009-12-03 00:16:20 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-12-03 00:16:20 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\FntCache.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\dxgi.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\dxdiagn.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\dxdiag.exe
2009-12-03 00:16:20 ----A---- C:\Windows\system32\DWrite.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d3d11.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d3d10warp.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d3d10level9.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d3d10core.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d3d10_1core.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d3d10_1.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d3d10.dll
2009-12-03 00:16:20 ----A---- C:\Windows\system32\d2d1.dll
2009-12-03 00:15:35 ----A---- C:\Windows\system32\BthMtpContextHandler.dll
2009-12-03 00:15:27 ----A---- C:\Windows\system32\WPDSp.dll
2009-12-03 00:15:27 ----A---- C:\Windows\system32\wpd_ci.dll
2009-12-03 00:15:27 ----A---- C:\Windows\system32\PortableDeviceWMDRM.dll
2009-12-03 00:14:05 ----A---- C:\Windows\system32\oleaccrc.dll
2009-12-03 00:14:05 ----A---- C:\Windows\system32\oleacc.dll
2009-12-02 18:19:05 ----A---- C:\rollback.ini
2009-12-02 17:55:56 ----D---- C:\ProgramData\ParetoLogic
2009-12-02 17:55:56 ----D---- C:\Program Files\Common Files\ParetoLogic
2009-12-02 14:33:43 ----D---- C:\Windows\system32\EventProviders
2009-12-02 14:32:16 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-12-02 14:32:12 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-12-02 14:32:10 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-12-02 14:32:02 ----A---- C:\Windows\system32\scavenge.dll
2009-12-02 14:32:00 ----A---- C:\Windows\system32\WscEapPr.dll
2009-12-02 14:32:00 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-12-02 14:31:59 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-12-02 14:31:57 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-12-02 14:31:54 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-12-02 14:31:54 ----A---- C:\Windows\system32\esent.dll
2009-12-02 14:31:54 ----A---- C:\Windows\system32\DevicePairing.dll
2009-12-02 14:31:53 ----A---- C:\Windows\system32\korwbrkr.dll
2009-12-02 14:31:51 ----A---- C:\Windows\system32\pmcsnap.dll
2009-12-02 14:31:50 ----A---- C:\Windows\system32\MPSSVC.dll
2009-12-02 14:31:48 ----A---- C:\Windows\system32\winload.exe
2009-12-02 14:31:47 ----A---- C:\Windows\system32\uDWM.dll
2009-12-02 14:31:46 ----A---- C:\Windows\system32\RacEngn.dll
2009-12-02 14:31:46 ----A---- C:\Windows\system32\ntmsmgr.dll
2009-12-02 14:31:45 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-12-02 14:31:45 ----A---- C:\Windows\system32\milcore.dll
2009-12-02 14:31:44 ----A---- C:\Windows\system32\WinSAT.exe
2009-12-02 14:31:44 ----A---- C:\Windows\system32\msvcp60.dll
2009-12-02 14:31:43 ----A---- C:\Windows\system32\Magnify.exe
2009-12-02 14:31:43 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-12-02 14:31:42 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-12-02 14:31:42 ----A---- C:\Windows\system32\WebClnt.dll
2009-12-02 14:31:42 ----A---- C:\Windows\system32\vssapi.dll
2009-12-02 14:31:42 ----A---- C:\Windows\system32\advapi32.dll
2009-12-02 14:31:41 ----A---- C:\Windows\system32\authui.dll
2009-12-02 14:31:40 ----A---- C:\Windows\system32\gpsvc.dll
2009-12-02 14:31:39 ----A---- C:\Windows\system32\davclnt.dll
2009-12-02 14:31:39 ----A---- C:\Windows\system32\d3d9.dll
2009-12-02 14:31:37 ----A---- C:\Windows\system32\samsrv.dll
2009-12-02 14:31:36 ----A---- C:\Windows\system32\win32spl.dll
2009-12-02 14:31:36 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-12-02 14:31:36 ----A---- C:\Windows\system32\quartz.dll
2009-12-02 14:31:35 ----A---- C:\Windows\system32\winhttp.dll
2009-12-02 14:31:35 ----A---- C:\Windows\system32\compcln.exe
2009-12-02 14:31:35 ----A---- C:\Windows\system32\apds.dll
2009-12-02 14:31:34 ----A---- C:\Windows\system32\VSSVC.exe
2009-12-02 14:31:34 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-12-02 14:31:34 ----A---- C:\Windows\system32\msvcrt.dll
2009-12-02 14:31:34 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-12-02 14:31:34 ----A---- C:\Windows\system32\emdmgmt.dll
2009-12-02 14:31:34 ----A---- C:\Windows\system32\audiosrv.dll
2009-12-02 14:31:33 ----A---- C:\Windows\system32\eapphost.dll
2009-12-02 14:31:32 ----A---- C:\Windows\system32\winresume.exe
2009-12-02 14:31:31 ----A---- C:\Windows\system32\dbgeng.dll
2009-12-02 14:31:30 ----A---- C:\Windows\system32\WsmSvc.dll
2009-12-02 14:31:30 ----A---- C:\Windows\system32\swprv.dll
2009-12-02 14:31:29 ----A---- C:\Windows\system32\vds.exe
2009-12-02 14:31:28 ----A---- C:\Windows\system32\drvinst.exe
2009-12-02 14:31:28 ----A---- C:\Windows\system32\adsldpc.dll
2009-12-02 14:31:27 ----A---- C:\Windows\system32\wcnwiz.dll
2009-12-02 14:31:25 ----A---- C:\Windows\system32\wcncsvc.dll
2009-12-02 14:31:25 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-12-02 14:31:25 ----A---- C:\Windows\system32\msdrm.dll
2009-12-02 14:31:25 ----A---- C:\Windows\system32\dnsapi.dll
2009-12-02 14:31:24 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-12-02 14:31:24 ----A---- C:\Windows\system32\bthserv.dll
2009-12-02 14:31:23 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-12-02 14:31:23 ----A---- C:\Windows\system32\inetcomm.dll
2009-12-02 14:31:23 ----A---- C:\Windows\system32\hidserv.dll
2009-12-02 14:31:23 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-12-02 14:31:22 ----A---- C:\Windows\system32\chsbrkr.dll
2009-12-02 14:31:21 ----A---- C:\Windows\system32\autofmt.exe
2009-12-02 14:31:20 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-12-02 14:31:20 ----A---- C:\Windows\system32\azroles.dll
2009-12-02 14:31:19 ----A---- C:\Windows\system32\wmpmde.dll
2009-12-02 14:31:19 ----A---- C:\Windows\system32\winlogon.exe
2009-12-02 14:31:18 ----A---- C:\Windows\system32\kd1394.dll
2009-12-02 14:31:17 ----A---- C:\Windows\system32\dwm.exe
2009-12-02 14:31:17 ----A---- C:\Windows\system32\autochk.exe
2009-12-02 14:31:15 ----A---- C:\Windows\system32\winsrv.dll
2009-12-02 14:31:15 ----A---- C:\Windows\system32\onex.dll
2009-12-02 14:31:15 ----A---- C:\Windows\system32\kdcom.dll
2009-12-02 14:31:15 ----A---- C:\Windows\system32\basecsp.dll
2009-12-02 14:31:14 ----A---- C:\Windows\system32\RelMon.dll
2009-12-02 14:31:14 ----A---- C:\Windows\system32\osk.exe
2009-12-02 14:31:14 ----A---- C:\Windows\system32\mswsock.dll
2009-12-02 14:31:14 ----A---- C:\Windows\system32\kdusb.dll
2009-12-02 14:31:14 ----A---- C:\Windows\system32\audiodg.exe
2009-12-02 14:31:13 ----A---- C:\Windows\system32\winmm.dll
2009-12-02 14:31:13 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-12-02 14:31:12 ----A---- C:\Windows\system32\SndVol.exe
2009-12-02 14:31:12 ----A---- C:\Windows\system32\mscms.dll
2009-12-02 14:31:12 ----A---- C:\Windows\system32\diskraid.exe
2009-12-02 14:31:12 ----A---- C:\Windows\system32\apphelp.dll
2009-12-02 14:31:11 ----A---- C:\Windows\system32\wiaservc.dll
2009-12-02 14:31:11 ----A---- C:\Windows\system32\dsound.dll
2009-12-02 14:31:10 ----A---- C:\Windows\system32\wlangpui.dll
2009-12-02 14:31:10 ----A---- C:\Windows\system32\vdsdyn.dll
2009-12-02 14:31:10 ----A---- C:\Windows\system32\rasapi32.dll
2009-12-02 14:31:10 ----A---- C:\Windows\system32\logman.exe
2009-12-02 14:31:10 ----A---- C:\Windows\system32\gpapi.dll
2009-12-02 14:31:10 ----A---- C:\Windows\system32\diskpart.exe
2009-12-02 14:31:07 ----A---- C:\Windows\system32\uxsms.dll
2009-12-02 14:31:07 ----A---- C:\Windows\system32\tsbyuv.dll
2009-12-02 14:31:07 ----A---- C:\Windows\system32\srvsvc.dll
2009-12-02 14:31:07 ----A---- C:\Windows\system32\mstsc.exe
2009-12-02 14:31:06 ----A---- C:\Windows\system32\dot3svc.dll
2009-12-02 14:31:06 ----A---- C:\Windows\system32\connect.dll
2009-12-02 14:31:05 ----A---- C:\Windows\system32\wlanpref.dll
2009-12-02 14:31:05 ----A---- C:\Windows\system32\samlib.dll
2009-12-02 14:31:05 ----A---- C:\Windows\system32\qdvd.dll
2009-12-02 14:31:05 ----A---- C:\Windows\system32\mmci.dll
2009-12-02 14:31:05 ----A---- C:\Windows\system32\autoplay.dll
2009-12-02 14:31:05 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-12-02 14:31:04 ----A---- C:\Windows\system32\vdsutil.dll
2009-12-02 14:31:04 ----A---- C:\Windows\system32\scksp.dll
2009-12-02 14:31:04 ----A---- C:\Windows\system32\psisdecd.dll
2009-12-02 14:31:04 ----A---- C:\Windows\system32\AudioSes.dll
2009-12-02 14:31:03 ----A---- C:\Windows\system32\dpapimig.exe
2009-12-02 14:31:03 ----A---- C:\Windows\system32\dot3msm.dll
2009-12-02 14:31:02 ----A---- C:\Windows\system32\whealogr.dll
2009-12-02 14:31:02 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-12-02 14:31:02 ----A---- C:\Windows\system32\perfdisk.dll
2009-12-02 14:31:01 ----A---- C:\Windows\system32\wlanui.dll
2009-12-02 14:31:01 ----A---- C:\Windows\system32\wiaaut.dll
2009-12-02 14:31:01 ----A---- C:\Windows\system32\SCardSvr.dll
2009-12-02 14:31:01 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-12-02 14:31:01 ----A---- C:\Windows\system32\dimsroam.dll
2009-12-02 14:30:57 ----A---- C:\Windows\system32\dataclen.dll
2009-12-02 14:30:57 ----A---- C:\Windows\system32\chtbrkr.dll
2009-12-02 14:30:56 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-12-02 14:30:56 ----A---- C:\Windows\system32\rdpwsx.dll
2009-12-02 14:30:55 ----A---- C:\Windows\system32\certprop.dll
2009-12-02 14:30:54 ----A---- C:\Windows\system32\thawbrkr.dll
2009-12-02 14:30:54 ----A---- C:\Windows\system32\rdpclip.exe
2009-12-02 14:30:54 ----A---- C:\Windows\system32\dmsynth.dll
2009-12-02 14:30:53 ----A---- C:\Windows\system32\version.dll
2009-12-02 14:30:53 ----A---- C:\Windows\system32\puiapi.dll
2009-12-02 14:30:52 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-12-02 14:30:52 ----A---- C:\Windows\system32\dmusic.dll
2009-12-02 14:30:51 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-12-02 14:30:51 ----A---- C:\Windows\system32\rasdiag.dll
2009-12-02 14:30:51 ----A---- C:\Windows\system32\gpscript.exe
2009-12-02 14:30:51 ----A---- C:\Windows\system32\fdWCN.dll
2009-12-02 14:30:51 ----A---- C:\Windows\system32\eappcfg.dll
2009-12-02 14:30:51 ----A---- C:\Windows\system32\eapp3hst.dll
2009-12-02 14:30:51 ----A---- C:\Windows\system32\dot3cfg.dll
2009-12-02 14:30:51 ----A---- C:\Windows\system32\bthci.dll
2009-12-02 14:30:50 ----A---- C:\Windows\system32\tscupgrd.exe
2009-12-02 14:30:50 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-12-02 14:30:50 ----A---- C:\Windows\system32\mmcico.dll
2009-12-02 14:30:50 ----A---- C:\Windows\system32\hbaapi.dll
2009-12-02 14:30:50 ----A---- C:\Windows\system32\gpscript.dll
2009-12-02 14:30:50 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-12-02 14:30:50 ----A---- C:\Windows\system32\eappgnui.dll
2009-12-02 14:30:48 ----A---- C:\Windows\system32\winrnr.dll
2009-12-02 14:30:47 ----A---- C:\Windows\system32\midimap.dll
2009-12-02 14:29:15 ----A---- C:\Windows\system32\drvstore.dll
2009-12-02 13:35:26 ----D---- C:\Windows\system32\WindowsPowerShell
2009-12-02 13:23:06 ----A---- C:\Windows\system32\gameux.dll
2009-12-02 13:23:05 ----A---- C:\Windows\system32\GameUXLegacyGDFs.dll
2009-12-02 13:23:05 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-12-02 13:22:01 ----A---- C:\Windows\system32\wmp.dll
2009-12-02 13:21:59 ----A---- C:\Windows\system32\unregmp2.exe
2009-12-02 13:21:58 ----A---- C:\Windows\system32\wmploc.DLL
2009-11-30 22:18:46 ----A---- C:\Windows\system32\tzres.dll
2009-11-30 22:17:15 ----A---- C:\Windows\system32\msxml6.dll
2009-11-30 22:17:15 ----A---- C:\Windows\system32\msxml3.dll
2009-11-29 21:19:15 ----D---- C:\Program Files\GPLGS
2009-11-29 21:18:46 ----D---- C:\Program Files\Acro Software
2009-11-29 21:18:46 ----A---- C:\Windows\system32\cpwmon2k.dll
2009-11-27 15:24:30 ----D---- C:\Program Files\Trend Micro
2009-11-17 15:01:11 ----A---- C:\Windows\system32\mshtml.dll
2009-11-17 14:54:42 ----A---- C:\Windows\system32\wups2.dll
2009-11-17 14:54:42 ----A---- C:\Windows\system32\wucltux.dll
2009-11-17 14:54:42 ----A---- C:\Windows\system32\wuauclt.exe
2009-11-17 14:54:41 ----A---- C:\Windows\system32\wuaueng.dll
2009-11-17 14:54:32 ----A---- C:\Windows\system32\wups.dll
2009-11-17 14:54:32 ----A---- C:\Windows\system32\wudriver.dll
2009-11-17 14:54:32 ----A---- C:\Windows\system32\wuapi.dll
2009-11-17 14:54:29 ----A---- C:\Windows\system32\wuwebv.dll
2009-11-17 14:54:29 ----A---- C:\Windows\system32\wuapp.exe
======List of files/folders modified in the last 1 months======
2009-12-12 17:04:35 ----D---- C:\Windows\temp
2009-12-12 17:04:13 ----D---- C:\Windows\Prefetch
2009-12-12 16:49:07 ----SHD---- C:\System Volume Information
2009-12-12 16:00:02 ----D---- C:\Windows\System32
2009-12-12 16:00:02 ----D---- C:\Windows\inf
2009-12-12 16:00:02 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-12-11 11:40:42 ----SHD---- C:\Windows\Installer
2009-12-11 10:30:25 ----RD---- C:\Program Files
2009-12-11 10:30:25 ----HD---- C:\ProgramData
2009-12-11 10:30:23 ----SD---- C:\Windows\Downloaded Program Files
2009-12-10 14:26:06 ----D---- C:\Windows\system32\drivers
2009-12-10 14:11:35 ----D---- C:\Windows\ERDNT
2009-12-10 14:08:52 ----D---- C:\Windows
2009-12-10 08:43:48 ----D---- C:\Program Files\Mozilla Firefox
2009-12-07 14:45:01 ----D---- C:\Windows\rescache
2009-12-07 14:20:11 ----D---- C:\Windows\system32\da-DK
2009-12-07 14:20:09 ----D---- C:\Windows\system32\wbem
2009-12-07 14:20:06 ----D---- C:\Windows\system32\pt-BR
2009-12-07 14:20:06 ----D---- C:\Windows\system32\it-IT
2009-12-07 14:20:06 ----D---- C:\Windows\system32\bg-BG
2009-12-07 14:20:05 ----D---- C:\Windows\system32\zh-TW
2009-12-07 14:20:05 ----D---- C:\Windows\system32\zh-HK
2009-12-07 14:20:05 ----D---- C:\Windows\system32\zh-CN
2009-12-07 14:20:05 ----D---- C:\Windows\system32\uk-UA
2009-12-07 14:20:05 ----D---- C:\Windows\system32\tr-TR
2009-12-07 14:20:05 ----D---- C:\Windows\system32\th-TH
2009-12-07 14:20:05 ----D---- C:\Windows\system32\sv-SE
2009-12-07 14:20:05 ----D---- C:\Windows\system32\sr-Latn-CS
2009-12-07 14:20:05 ----D---- C:\Windows\system32\sl-SI
2009-12-07 14:20:05 ----D---- C:\Windows\system32\sk-SK
2009-12-07 14:20:05 ----D---- C:\Windows\system32\ru-RU
2009-12-07 14:20:05 ----D---- C:\Windows\system32\ro-RO
2009-12-07 14:20:05 ----D---- C:\Windows\system32\pt-PT
2009-12-07 14:20:05 ----D---- C:\Windows\system32\pl-PL
2009-12-07 14:20:05 ----D---- C:\Windows\system32\nl-NL
2009-12-07 14:20:05 ----D---- C:\Windows\system32\nb-NO
2009-12-07 14:20:05 ----D---- C:\Windows\system32\lv-LV
2009-12-07 14:20:05 ----D---- C:\Windows\system32\lt-LT
2009-12-07 14:20:05 ----D---- C:\Windows\system32\ko-KR
2009-12-07 14:20:05 ----D---- C:\Windows\system32\ja-JP
2009-12-07 14:20:05 ----D---- C:\Windows\system32\hu-HU
2009-12-07 14:20:05 ----D---- C:\Windows\system32\hr-HR
2009-12-07 14:20:05 ----D---- C:\Windows\system32\he-IL
2009-12-07 14:20:05 ----D---- C:\Windows\system32\fr-FR
2009-12-07 14:20:05 ----D---- C:\Windows\system32\fi-FI
2009-12-07 14:20:05 ----D---- C:\Windows\system32\et-EE
2009-12-07 14:20:05 ----D---- C:\Windows\system32\es-ES
2009-12-07 14:20:05 ----D---- C:\Windows\system32\en-US
2009-12-07 14:20:05 ----D---- C:\Windows\system32\el-GR
2009-12-07 14:20:05 ----D---- C:\Windows\system32\de-DE
2009-12-07 14:20:05 ----D---- C:\Windows\system32\cs-CZ
2009-12-07 14:20:05 ----D---- C:\Windows\system32\ar-SA
2009-12-07 14:18:25 ----D---- C:\ProgramData\NVIDIA
2009-12-07 14:15:36 ----D---- C:\Windows\winsxs
2009-12-07 14:15:35 ----D---- C:\Windows\system32\catroot
2009-12-07 14:15:17 ----D---- C:\Windows\system32\catroot2
2009-12-07 12:59:46 ----D---- C:\ProgramData\Adobe
2009-12-07 12:59:41 ----D---- C:\Program Files\Common Files
2009-12-07 12:59:41 ----D---- C:\Program Files\Adobe
2009-12-07 12:55:15 ----D---- C:\Program Files\Java
2009-12-07 12:53:44 ----D---- C:\Windows\system32\Adobe
2009-12-05 22:40:11 ----RSD---- C:\Windows\assembly
2009-12-05 22:40:11 ----D---- C:\Windows\Microsoft.NET
2009-12-05 22:33:59 ----SHD---- C:\Boot
2009-12-05 22:26:39 ----D---- C:\Program Files\Windows Mail
2009-12-05 22:26:39 ----D---- C:\Program Files\Windows Calendar
2009-12-05 22:26:39 ----D---- C:\Program Files\Movie Maker
2009-12-05 22:26:38 ----D---- C:\Program Files\Windows Sidebar
2009-12-05 22:26:38 ----D---- C:\Program Files\Windows Photo Gallery
2009-12-05 22:26:38 ----D---- C:\Program Files\Windows Media Player
2009-12-05 22:26:38 ----D---- C:\Program Files\Windows Journal
2009-12-05 22:26:38 ----D---- C:\Program Files\Internet Explorer
2009-12-05 22:26:38 ----D---- C:\Program Files\Common Files\System
2009-12-05 22:26:31 ----D---- C:\Windows\servicing
2009-12-05 22:26:31 ----D---- C:\Program Files\Windows Defender
2009-12-05 22:26:28 ----D---- C:\Windows\PolicyDefinitions
2009-12-05 22:26:28 ----D---- C:\Windows\IME
2009-12-05 22:26:27 ----D---- C:\Windows\system32\XPSViewer
2009-12-05 22:26:26 ----D---- C:\Windows\system32\oobe
2009-12-05 22:26:26 ----D---- C:\Windows\system32\migration
2009-12-05 22:26:25 ----D---- C:\Windows\system32\setup
2009-12-05 22:26:25 ----D---- C:\Windows\system32\AdvancedInstallers
2009-12-05 22:26:24 ----D---- C:\Windows\system32\SLUI
2009-12-05 22:26:24 ----D---- C:\Windows\system32\manifeststore
2009-12-05 22:26:23 ----D---- C:\Windows\system32\inetsrv
2009-12-05 22:26:21 ----D---- C:\Windows\system32\migwiz
2009-12-05 22:26:21 ----D---- C:\Windows\system32\da
2009-12-05 22:26:11 ----RSD---- C:\Windows\Fonts
2009-12-05 22:26:11 ----D---- C:\Windows\AppPatch
2009-12-05 22:26:02 ----D---- C:\Windows\system32\Boot
2009-12-05 18:36:50 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-12-05 16:56:22 ----D---- C:\Windows\system32\Msdtc
2009-12-05 16:54:23 ----D---- C:\Windows\system32\config
2009-12-05 16:54:07 ----D---- C:\Windows\Tasks
2009-12-05 16:54:07 ----D---- C:\Windows\system32\Tasks
2009-12-05 16:54:07 ----D---- C:\Windows\system32\spool
2009-12-05 16:54:07 ----D---- C:\Windows\system32\CodeIntegrity
2009-12-05 16:54:05 ----D---- C:\Windows\registration
2009-12-04 23:42:38 ----D---- C:\Windows\Minidump
2009-12-04 14:04:08 ----D---- C:\Program Files\RegistryFix6
2009-12-03 20:00:40 ----D---- C:\Program Files\Free Download Manager
2009-12-03 17:16:08 ----HD---- C:\Program Files\InstallShield Installation Information
2009-12-03 17:16:08 ----D---- C:\Program Files\Realtek
2009-12-03 15:25:08 ----DC---- C:\Windows\system32\DRVSTORE
2009-12-03 15:16:37 ----D---- C:\ProgramData\Nokia
2009-12-03 15:14:13 ----D---- C:\Windows\ModemLogs
2009-12-03 08:38:05 ----D---- C:\Downloads
2009-12-02 16:37:47 ----A---- C:\Windows\win.ini
2009-12-02 13:44:10 ----D---- C:\ProgramData\Microsoft Help
2009-12-02 13:33:52 ----D---- C:\Program Files\Common Files\microsoft shared
2009-11-27 15:17:01 ----D---- C:\Windows\Debug
2009-11-25 00:05:25 ----D---- C:\Windows\LiveKernelReports
2009-11-18 11:27:08 ----D---- C:\ProgramData\DVD Shrink
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 CSC;Offline Files Driver; C:\Windows\system32\drivers\csc.sys [2009-04-11 351744]
R1 dwvkbd;DameWare Virtual Keyboard 32 bit Driver; C:\Windows\system32\DRIVERS\dwvkbd.sys [2007-02-15 26624]
R1 omci;OMCI WDM Device Driver; C:\Windows\system32\DRIVERS\omci.sys [2008-08-21 20480]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-12-07 56816]
R2 niarbk;niarbk; C:\Windows\system32\drivers\niarbk.dll [2002-07-09 37376]
R2 nibffrk;nibffrk; C:\Windows\system32\drivers\nibffrk.dll [2002-07-09 21504]
R2 Nidaq32k;Nidaq32k; C:\Windows\system32\drivers\Nidaq32k.sys [2002-07-09 670720]
R2 nidmmk;NI DMM and Data Logger Kernel Driver; C:\Windows\system32\drivers\nidmmk.dll [2002-07-09 50688]
R2 nimdsk;nimdsk; C:\Windows\system32\drivers\nimdsk.dll [2002-07-09 31232]
R2 nistck;nistck; C:\Windows\system32\drivers\nistck.dll [2002-07-09 111616]
R3 BCM43XX;Dell trådløst WLAN-kortdriver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-12-06 1044984]
R3 BthAvrcp;Bluetooth AVRCP-profil; C:\Windows\system32\DRIVERS\BthAvrcp.sys [2007-01-23 12800]
R3 BthEnum;Tjeneste til Bluetooth-optælling; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-04-11 22528]
R3 BTHFILT;Bluetooth-kommandofilter; C:\Windows\system32\DRIVERS\BthFilt.sys [2006-11-06 13824]
R3 BthPan;Bluetooth-enhed (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2008-01-19 92160]
R3 BTHUSB;USB-driver til Bluetooth-radio; C:\Windows\System32\Drivers\BTHUSB.sys [2009-04-11 29696]
R3 CmBatt;Microsoft ACPI Control Method-batteri; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 DwMirror;DwMirror; C:\Windows\system32\DRIVERS\DamewareMini.sys [2007-02-07 3712]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HdAudAddService;Microsoft 1.1 UAA-funktionsdriver til High Definition Audio-tjeneste; C:\Windows\system32\drivers\HdAudio.sys [2009-04-11 236544]
R3 LHidFilt;Logitech SetPoint KMDF HID Filter Driver; C:\Windows\system32\DRIVERS\LHidFilt.Sys [2007-01-11 32272]
R3 LMouFilt;Logitech SetPoint KMDF Mouse Filter Driver; C:\Windows\system32\DRIVERS\LMouFilt.Sys [2007-01-11 32528]
R3 MovRVDrv32;MovRVDrv32; C:\Windows\system32\DRIVERS\MovRVDrv32.sys [2007-12-28 3768]
R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2009-06-16 9768640]
R3 O2MDRDR;O2MDRDR; C:\Windows\system32\DRIVERS\o2media.sys [2006-11-20 38400]
R3 O2SDRDR;O2SDRDR; C:\Windows\system32\DRIVERS\o2sd.sys [2006-11-17 31360]
R3 RFCOMM;Bluetooth-enhed (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-04-11 148992]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2009-11-16 216576]
R3 SndTDriverV32;SndTDriverV32; C:\Windows\system32\drivers\SndTDriverV32.sys [2007-12-28 23096]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2009-03-20 208688]
R3 usbvideo;USB-videoenhed (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-19 134016]
R3 WinDriver6;WinDriver6; C:\Windows\system32\drivers\windrvr6.sys [2007-06-08 194362]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S2 yimywsgcirjsh;yimywsgcirjsh; \??\C:\Windows\system32\drivers\mxiba.sys []
S3 ADIHdAudAddService;ADI UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\ADIHdAud.sys [2007-08-03 347648]
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2008-04-10 3591168]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2008-01-19 179712]
S3 BCM42RLY;BCM42RLY; C:\Windows\system32\drivers\BCM42RLY.sys []
S3 BTHPORT;Bluetooth-portdriver; C:\Windows\System32\Drivers\BTHport.sys [2009-04-11 507904]
S3 catchme;catchme; \??\C:\Users\sla\AppData\Local\Temp\catchme.sys []
S3 CSRBC;CSRBC.Sys CSR test driver; C:\Windows\System32\Drivers\csrbcxp.sys [2007-01-16 31744]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 fssfltr;FssFltr; C:\Windows\system32\DRIVERS\fssfltr.sys [2009-08-05 54632]
S3 hwdatacard;Huawei DataCard USB Modem and USB Serial; C:\Windows\system32\DRIVERS\ewusbmdm.sys [2007-08-08 101504]
S3 LUsbFilt;Logitech SetPoint KMDF USB Filter; C:\Windows\System32\Drivers\LUsbFilt.Sys [2007-01-11 28048]
S3 mcdbus;Driver for MagicISO SCSI Host Controller; C:\Windows\system32\DRIVERS\mcdbus.sys []
S3 MSKSSRV;Serviceproxy til Microsoft Streaming; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Kvalitetsstyringsproxy til Microsoft Streaming; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Tee/Sink-to-Sink-konverteringsprogram til Microsoft Streaming; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys []
S3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys []
S3 usbscan;USB-scannerdriver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-19 83328]
S4 SMARTMouseFilterx86;HID-compliant mouse; C:\Windows\system32\DRIVERS\SMARTMouseFilterx86.sys [2008-04-02 11048]
S4 SMARTVHidMini2000x86;SMART HID Device; C:\Windows\system32\DRIVERS\SMARTVHidMini2000x86.sys [2008-04-02 14120]
S4 SMARTVTabletPCx86;SMART Virtual TabletPC; C:\Windows\system32\DRIVERS\SMARTVTabletPCx86.sys [2008-04-02 16808]
S4 sptd;sptd; C:\Windows\System32\Drivers\sptd.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-05 185089]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-06-05 144712]
R2 Ati External Event Utility;Ati External Event Utility; C:\Windows\system32\Ati2evxx.exe [2008-04-10 675840]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 Iap;Iap; C:\Program Files\Dell\OpenManage\Client\Iap.exe [2008-03-10 240416]
R2 MDM;Machine Debug Manager; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [2006-10-26 335872]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-16 211488]
R2 o2flash;O2Micro Flash Memory; C:\Windows\system32\o2flash.exe [2006-10-19 65536]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2008-01-19 21504]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 SeaPort;SeaPort; C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [2009-05-19 240512]
R2 wlidsvc;Windows Live ID Sign-in Assistant; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2009-03-30 1533808]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:\Windows\System32\WLTRYSVC.EXE [2007-12-08 24064]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 aspnet_state;ASP.NET-tilstandstjeneste; C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2009-03-30 31048]
S3 Fax;@%systemroot%\system32\fxsresm.dll,-118; C:\Windows\system32\fxssvc.exe [2008-01-19 523776]
S3 FontCache;@%systemroot%\system32\FntCache.dll,-100; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 fsssvc;Windows Live-tjenesten Family Safety; C:\Program Files\Windows Live\Family Safety\fsssvc.exe [2009-08-05 704864]
S3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 iPod Service;iPod-tjeneste; C:\Program Files\iPod\bin\iPodService.exe [2009-10-28 545568]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2008-10-25 65888]
S3 NtmsSvc;@%SystemRoot%\system32\ntmssvc.dll,-2; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2008-11-04 441712]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2008-01-19 21504]
S3 WAS;@%windir%\system32\inetsrv\iisres.dll,-30001; C:\Windows\system32\svchost.exe [2008-01-19 21504]
S3 wbengine;@%systemroot%\system32\wbengine.exe,-104; C:\Windows\system32\wbengine.exe [2009-04-11 918528]
S3 WLSetupSvc;Windows Live Setup Service; c:\Program Files\Windows Live\installer\WLSetupSvc.exe [2007-10-25 266240]
S4 Bonjour Service;Bonjour-tjeneste; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
S4 BthFilterHelper;Bluetooth Feature Support; C:\Program Files\CSR\Vista Profile Pack\BthFilterHelper.exe [2006-11-07 127488]
S4 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-03 133104]
S4 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-06-17 138168]
S4 SoundMovieServer;SoundMovieServer; C:\Windows\system32\snmvtsvc.exe [2007-12-28 184320]
S4 stllssvr;stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe []
-----------------EOF-----------------
I split it up in two... like you see....
Hi,
Thats ok, you did fine.
You need to enable windows to show all files and folders, instructions Here (http://www.bleepingcomputer.com/tutorials/tutorial62.html)
Go to VirusTotal (http://www.virustotal.com/) and submit this file for analysis, just use the browse feature and then Send File, you will get a report back, post the report into this thread for me to see.
C:\Windows\system32\drivers\mxiba.sys
Please download RootRepeal from one of these locations and save it to your desktop
Here (http://ad13.geekstogo.com/RootRepeal.exe)
Here (http://download.bleepingcomputer.com/rootrepeal/RootRepeal.exe)
Here (http://rootrepeal.psikotick.com/RootRepeal.exe)
Open http://billy-oneal.com/forums/rootRepeal/rootRepealDesktopIcon.png on your desktop.
Click the http://billy-oneal.com/forums/rootRepeal/reportTab.png tab.
Click the http://billy-oneal.com/forums/rootRepeal/btnScan.png button.
Check just these boxes:
http://forums.whatthetech.com/uploads/monthly_08_2009/post-75503-1250480183.gif
Push Ok
Check the box for your main system drive (Usually C:, and press Ok.
Allow RootRepeal to run a scan of your system. This may take some time.
Once the scan completes, push the http://billy-oneal.com/forums/rootRepeal/saveReport.png button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your post.
I couldn't find the file...
Strange?
Nothing bad on the scans
Please download SystemLook from one of the links below and save it to your Desktop.
Download Mirror #1 (http://jpshortstuff.247fixes.com/SystemLook.exe)
Download Mirror #2 (http://images.malwareremoval.com/jpshortstuff/SystemLook.exe)
Double-click SystemLook.exe to run it.
Copy the content of the following codebox into the main textfield:
:filefind
mxiba.sys
Click the Look button to start the scan.
When finished, a notepad window will open with the results of the scan. Please post this log in your next reply.
Note: The log can also be found on your Desktop entitled SystemLook.txt
SystemLook v1.0 by jpshortstuff (29.08.09)
Log created at 01:03 on 13/12/2009 by SLA (Administrator - Elevation successful)
========== filefind ==========
Searching for "mxiba.sys"
No files found.
-=End Of File=-
Hi,
There does not appear to be any malware present on your system, I am going to link you to a windows support site that can help you as we just do malware removal on this one.
This is our sister site, like Safer the help is free but you will need to register.
http://forums.whatthetech.com/Microsoft_Windows_f119.html
How did I get infected in the first place ?
Read these links and find out how to prevent getting infected again.
Tutorial for System Restore (http://www.bleepingcomputer.com/tutorials/tutorial56.html) <-- Do this first to prevent yourself from being reinfected.
WhattheTech (http://forums.whatthetech.com/So_how_did_I_get_infected_in_the_first_place_t57817.html)
Grinler BleepingComputer (http://www.bleepingcomputer.com/forums/topic2520.html)
GeeksTo Go (http://www.geekstogo.com/forum/index.php?autocom=custom&page=How_did_I)
Dslreports (http://www.dslreports.com/faq/10002)
Keep in mind if you install some of these programs. Only ONE Anti Virus and only ONE Firewall is recommended, more is overkill and can cause you problems. You can install all the Spyware programs I have listed without any problems. If you install Spyware Blaster and Spyware Guard, they will conflict with the TeaTimer in Spybot , you can still install Spybot Search and Destroy but do not enable the TeaTimer .
Here are some free programs to install, all free and highly regarded by the fine people in the Malware Removal Community
Spybot Search and Destroy 1.6 (http://www.safer-networking.org/en/download/)
Check for Updates/ Immunize and run a Full System Scan on a regular basis. If you install Spyware Blaster ( Recommended ) then do not enable the TeaTimer in Spybot Search and Destroy.
Spyware Blaster (http://www.javacoolsoftware.com/spywareblaster.html) It will prevent most spyware from ever being installed. No scan to run, just update about once a week and enable all protection.
Spyware Guard (http://www.javacoolsoftware.com/spywareguard.html) It offers realtime protection from spyware installation attempts, again, no scan to run, just install it and let it do its thing.
IE-Spyad (http://www.pcworld.com/downloads/file/fid,23332-order,1-page,1-c,antispywaretools/description.html)
IE-Spyad places over 6000 web sites and domains in the IE Restricted list which will severely impair attempts to infect your system. It basically prevents any downloads (cookies etc) from the sites listed, although you will still be able to connect to the sites.
Firefox 3 (http://www.mozilla.org/products/firefox/) It has more features and is a lot more secure than IE. It is a very easy and painless download and install, it will no way interfere with IE, you can use them both.
Safe Surfn
Ken