View Full Version : Vista laptop slowing to a crawl
bphester99
2010-03-10, 17:26
Hi,
my HP laptop is now running so slowly it has become almost unusable. So, faced with the decision of fixing it or getting a new one, I have decided to have one last push at getting some more performance out of it.
The laptop is 3 years old and is running Vista Home Basic edition. I have installed Service Pack 2 and upgraded to IE8 which seemed to help for a while but it's slowing down again. I have also found some spyware through Spybot, annoyingly Spybot won't let me remove all of it since it says I do not have admin rights, I am an administrator for this machine and besides there has only ever been one account on it. The offending software seems to be MyWebSearch.
Where I am up to so far, I have taken off the Resident TeaTimer in Spybot, disabled User Account Controls and run ERUNT, and below is the HiJackThis log. Any help from here would be greatly appreciated!
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 16:14:54, on 10/03/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\igfxsrvc.exe
C:\Users\Paula and Ben\AppData\Local\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\Paula and Ben\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paula and Ben\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paula and Ben\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paula and Ben\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paula and Ben\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\Paula and Ben\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [Google Update] "C:\Users\Paula and Ben\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\Windows\system32\browseui.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: dlcc_device - - C:\Windows\system32\dlcccoms.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 10394 bytes
Thanks,
Ben
Hi bphester99
Download random's system information tool (RSIT) by random/random from here (http://images.malwareremoval.com/random/RSIT.exe) and save it to your desktop.
Double click on RSIT.exe to run RSIT.
Click Continue at the disclaimer screen.
Once it has finished, two logs will open. Please post the contents of both log.txt (<< will be maximized) and info.txt (<< will be minimized)
bphester99
2010-03-16, 21:36
Hi,
thanks for coming back to me!
log file and info file below:
Logfile of random's system information tool 1.06 (written by random/random)
Run by Paula and Ben at 2010-03-16 20:18:36
Microsoft® Windows Vista™ Home Basic Service Pack 2
System drive C: has 20 GB (29%) free of 69 GB
Total RAM: 1015 MB (31% free)
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:19:49, on 16/03/2010
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v8.00 (8.00.6001.18882)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe
C:\Program Files\Hp\HP Software Update\hpwuSchd2.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Kontiki\KHost.exe
C:\Program Files\MyWebSearch\bar\1.bin\M3SRCHMN.EXE
C:\Program Files\MyWebSearch\bar\1.bin\MWSOEMON.EXE
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\AVG\AVG9\avgtray.exe
C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Hewlett-Packard\Shared\HpqToaster.exe
C:\Users\Paula and Ben\AppData\Local\Google\Update\1.2.183.17\GoogleCrashHandler.exe
C:\Users\Paula and Ben\Desktop\RSIT.exe
C:\Program Files\trend micro\Paula and Ben.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.hp.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.co.uk/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [hpWirelessAssistant] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe
O4 - HKLM\..\Run: [WAWifiMessage] %ProgramFiles%\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe
O4 - HKLM\..\Run: [HP Health Check Scheduler] c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe
O4 - HKLM\..\Run: [QlbCtrl] %ProgramFiles%\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start
O4 - HKLM\..\Run: [HP Software Update] c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [4oD] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [kdx] "C:\Program Files\Kontiki\KHost.exe" -all
O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM\..\Run: [My Web Search Bar Search Scope Monitor] "C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe" /m=2 /w
O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [WatchDog] C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O4 - HKCU\..\Run: [CTZDetec.exe] C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe
O4 - HKCU\..\Run: [kdx] C:\Program Files\Kontiki\KHost.exe -all
O4 - HKCU\..\Run: [Google Update] "C:\Users\Paula and Ben\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Global Startup: DVD Check.lnk = C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {0A5FD7C5-A45C-49FC-ADB5-9952547D5715} (Creative Software AutoUpdate) - http://www.creative.com/su/ocx/15031/CTSUEng.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5 Control) - http://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-4/ZwinkyInitialSetup1.0.1.1.cab
O16 - DPF: {6C269571-C6D7-4818-BCA4-32A035E8C884} (Creative Software AutoUpdate) - http://www.creative.com/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} (Creative Software AutoUpdate Support Package) - http://www.creative.com/su/ocx/15033/CTPID.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: dlcc_device - - C:\Windows\system32\dlcccoms.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: IviRegMgr - InterVideo - C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe
O23 - Service: KService - Kontiki Inc. - C:\Program Files\Kontiki\KService.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe
O23 - Service: stllssvr - MicroVision Development, Inc. - c:\Program Files\Common Files\SureThing Shared\stllssvr.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio.exe
--
End of file - 9833 bytes
======Scheduled tasks folder======
C:\Windows\tasks\Google Software Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3463493832-3515462822-1806411736-1003Core.job
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-3463493832-3515462822-1806411736-1003UA.job
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00A6FAF1-072E-44cf-8957-5838F569A31D}]
MyWebSearch Search Assistant BHO - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL [2008-11-13 61440]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}]
Adobe PDF Reader Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll [2006-10-22 62080]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{07B18EA1-A523-4961-B6BB-170DE4475CCA}]
mwsBar BHO - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2008-11-13 417887]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}]
AVG Safe Search - C:\Program Files\AVG\AVG9\avgssie.dll [2010-02-02 1484056]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar2.dll [2007-10-07 2403392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll [2009-09-15 761840]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-10-11 41760]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar2.dll [2007-10-07 2403392]
{07B18EA9-A523-4961-B6BB-170DE4475CCA} - My Web Search - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL [2008-11-13 417887]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"Windows Defender"=C:\Program Files\Windows Defender\MSASCui.exe [2008-01-19 1008184]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2007-01-12 827392]
"hpWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe [2007-03-01 472776]
"WAWifiMessage"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\WiFiMsg.exe [2007-01-10 317128]
"HP Health Check Scheduler"=c:\Program Files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe [2008-10-09 75008]
"QlbCtrl"=C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [2007-02-07 159744]
"HP Software Update"=c:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2005-02-17 49152]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-10-18 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-10-18 166424]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-10-18 133656]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [2008-01-11 39792]
"4oD"=C:\Program Files\Kontiki\KHost.exe [2008-01-25 1032376]
"kdx"=C:\Program Files\Kontiki\KHost.exe [2008-01-25 1032376]
"MyWebSearch Plugin"=rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF []
"My Web Search Bar Search Scope Monitor"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\m3SrchMn.exe [2008-11-13 24688]
"MyWebSearch Email Plugin"=C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe [2008-11-13 32838]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2009-11-10 417792]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2009-11-12 141600]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-10-11 149280]
"AVG9_TRAY"=C:\PROGRA~1\AVG\AVG9\avgtray.exe [2010-02-02 2033432]
"WatchDog"=C:\Program Files\InterVideo\DVD Check\DVDCheck.exe [2006-09-06 184320]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CTZDetec.exe"=C:\Program Files\Creative\Creative Media Lite\CTZDetec.exe [2007-05-15 98304]
"kdx"=C:\Program Files\Kontiki\KHost.exe [2008-01-25 1032376]
"Google Update"=C:\Users\Paula and Ben\AppData\Local\Google\Update\GoogleUpdate.exe [2008-10-07 133104]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-19 202240]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
DVD Check.lnk - C:\Program Files\InterVideo\DVD Check\DVDCheck.exe
C:\Users\Paula and Ben\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
ERUNT AutoBackup.lnk - C:\Program Files\ERUNT\AUTOBACK.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="avgrsstx.dll"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-10-18 200704]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"EnableLUA"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"BindDirectlyToPropertySetStorage"=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{69a36083-f9d9-11dc-af81-fc4153d9f5fa}]
shell\AutoRun\command - H:\InstallTomTomHOME.exe
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 months======
2010-03-16 20:18:44 ----D---- C:\Program Files\trend micro
2010-03-16 20:18:36 ----D---- C:\rsit
2010-03-10 16:13:00 ----D---- C:\Program Files\TrendMicro
2010-03-10 16:10:34 ----D---- C:\Windows\ERDNT
2010-03-10 16:09:08 ----D---- C:\Program Files\ERUNT
2010-03-10 16:07:18 ----A---- C:\Windows\system32\igfxres.dll
2010-03-07 20:40:58 ----D---- C:\Windows\system32\eu-ES
2010-03-07 20:40:58 ----D---- C:\Windows\system32\ca-ES
2010-03-07 20:40:54 ----D---- C:\Windows\system32\vi-VN
2010-03-07 19:50:04 ----D---- C:\Windows\system32\EventProviders
2010-02-26 16:28:10 ----D---- C:\Users\Paula and Ben\AppData\Roaming\Facebook
2010-02-23 21:05:38 ----A---- C:\Windows\system32\jscript.dll
2010-02-23 21:05:30 ----A---- C:\Windows\system32\tzres.dll
2010-02-22 12:01:48 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2010-02-22 12:01:42 ----A---- C:\Windows\system32\SLsvc.exe
2010-02-22 12:01:42 ----A---- C:\Windows\system32\SLCExt.dll
2010-02-22 12:01:38 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2010-02-22 12:01:38 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2010-02-22 12:01:34 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2010-02-22 12:01:31 ----A---- C:\Windows\system32\mssrch.dll
2010-02-22 12:01:28 ----A---- C:\Windows\system32\tquery.dll
2010-02-22 12:01:26 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2010-02-22 12:01:25 ----A---- C:\Windows\system32\scavenge.dll
2010-02-22 12:01:25 ----A---- C:\Windows\system32\RMActivate_isv.exe
2010-02-22 12:01:24 ----A---- C:\Windows\system32\RMActivate.exe
2010-02-22 12:01:22 ----A---- C:\Windows\system32\msi.dll
2010-02-22 12:01:21 ----A---- C:\Windows\system32\imapi2fs.dll
2010-02-22 12:01:19 ----A---- C:\Windows\system32\secproc_isv.dll
2010-02-22 12:01:18 ----A---- C:\Windows\system32\WscEapPr.dll
2010-02-22 12:01:18 ----A---- C:\Windows\system32\wcnwiz2.dll
2010-02-22 12:01:18 ----A---- C:\Windows\system32\sysmain.dll
2010-02-22 12:01:16 ----A---- C:\Windows\system32\icardagt.exe
2010-02-22 12:01:15 ----A---- C:\Windows\system32\EhStorShell.dll
2010-02-22 12:01:13 ----A---- C:\Windows\system32\spreview.exe
2010-02-22 12:01:13 ----A---- C:\Windows\system32\spinstall.exe
2010-02-22 12:01:13 ----A---- C:\Windows\system32\drmv2clt.dll
2010-02-22 12:01:11 ----A---- C:\Windows\system32\spwizui.dll
2010-02-22 12:01:10 ----A---- C:\Windows\system32\secproc.dll
2010-02-22 12:01:10 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2010-02-22 12:01:07 ----A---- C:\Windows\system32\shell32.dll
2010-02-22 12:01:06 ----A---- C:\Windows\system32\SearchIndexer.exe
2010-02-22 12:01:06 ----A---- C:\Windows\system32\p2psvc.dll
2010-02-22 12:01:06 ----A---- C:\Windows\system32\mssvp.dll
2010-02-22 12:01:05 ----A---- C:\Windows\system32\mssphtb.dll
2010-02-22 12:01:05 ----A---- C:\Windows\system32\mssph.dll
2010-02-22 12:01:05 ----A---- C:\Windows\system32\mscoree.dll
2010-02-22 12:01:05 ----A---- C:\Windows\system32\imapi2.dll
2010-02-22 12:01:03 ----A---- C:\Windows\system32\sdohlp.dll
2010-02-22 12:01:02 ----A---- C:\Windows\system32\IMJP10K.DLL
2010-02-22 12:01:02 ----A---- C:\Windows\system32\esent.dll
2010-02-22 12:01:01 ----A---- C:\Windows\system32\DevicePairing.dll
2010-02-22 12:00:59 ----A---- C:\Windows\system32\wevtsvc.dll
2010-02-22 12:00:59 ----A---- C:\Windows\system32\sperror.dll
2010-02-22 12:00:59 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2010-02-22 12:00:59 ----A---- C:\Windows\system32\korwbrkr.dll
2010-02-22 12:00:54 ----A---- C:\Windows\system32\SLC.dll
2010-02-22 12:00:54 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2010-02-22 12:00:54 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2010-02-22 12:00:54 ----A---- C:\Windows\system32\IasMigReader.exe
2010-02-22 12:00:53 ----A---- C:\Windows\system32\msshsq.dll
2010-02-22 12:00:50 ----A---- C:\Windows\system32\msjet40.dll
2010-02-22 12:00:49 ----A---- C:\Windows\system32\MPSSVC.dll
2010-02-22 12:00:47 ----A---- C:\Windows\system32\Query.dll
2010-02-22 12:00:47 ----A---- C:\Windows\system32\qmgr.dll
2010-02-22 12:00:46 ----A---- C:\Windows\system32\msexch40.dll
2010-02-22 12:00:46 ----A---- C:\Windows\system32\diagperf.dll
2010-02-22 12:00:45 ----A---- C:\Windows\system32\P2PGraph.dll
2010-02-22 12:00:45 ----A---- C:\Windows\system32\ole32.dll
2010-02-22 12:00:45 ----A---- C:\Windows\system32\ntdll.dll
2010-02-22 12:00:44 ----A---- C:\Windows\system32\winload.exe
2010-02-22 12:00:44 ----A---- C:\Windows\system32\uDWM.dll
2010-02-22 12:00:44 ----A---- C:\Windows\system32\srchadmin.dll
2010-02-22 12:00:44 ----A---- C:\Windows\system32\mblctr.exe
2010-02-22 12:00:44 ----A---- C:\Windows\system32\EncDec.dll
2010-02-22 12:00:43 ----A---- C:\Windows\system32\mmc.exe
2010-02-22 12:00:43 ----A---- C:\Windows\system32\dfsr.exe
2010-02-22 12:00:42 ----A---- C:\Windows\system32\riched20.dll
2010-02-22 12:00:42 ----A---- C:\Windows\system32\IasMigPlugin.dll
2010-02-22 12:00:42 ----A---- C:\Windows\system32\fdBth.dll
2010-02-22 12:00:41 ----A---- C:\Windows\system32\RacEngn.dll
2010-02-22 12:00:40 ----A---- C:\Windows\system32\kernel32.dll
2010-02-22 12:00:39 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2010-02-22 12:00:39 ----A---- C:\Windows\system32\SearchFilterHost.exe
2010-02-22 12:00:39 ----A---- C:\Windows\system32\milcore.dll
2010-02-22 12:00:38 ----A---- C:\Windows\system32\spoolss.dll
2010-02-22 12:00:38 ----A---- C:\Windows\system32\schedsvc.dll
2010-02-22 12:00:38 ----A---- C:\Windows\system32\EhStorAPI.dll
2010-02-22 12:00:38 ----A---- C:\Windows\system32\CertEnroll.dll
2010-02-22 12:00:37 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2010-02-22 12:00:36 ----A---- C:\Windows\system32\msvcp60.dll
2010-02-22 12:00:36 ----A---- C:\Windows\system32\msjtes40.dll
2010-02-22 12:00:36 ----A---- C:\Windows\system32\gpedit.dll
2010-02-22 12:00:35 ----A---- C:\Windows\system32\WinSAT.exe
2010-02-22 12:00:35 ----A---- C:\Windows\system32\infocardapi.dll
2010-02-22 12:00:35 ----A---- C:\Windows\system32\es.dll
2010-02-22 12:00:34 ----A---- C:\Windows\system32\Magnify.exe
2010-02-22 12:00:33 ----A---- C:\Windows\system32\mstext40.dll
2010-02-22 12:00:33 ----A---- C:\Windows\system32\advapi32.dll
2010-02-22 12:00:32 ----A---- C:\Windows\system32\WMPhoto.dll
2010-02-22 12:00:32 ----A---- C:\Windows\system32\WebClnt.dll
2010-02-22 12:00:32 ----A---- C:\Windows\system32\msexcl40.dll
2010-02-22 12:00:31 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2010-02-22 12:00:31 ----A---- C:\Windows\system32\slwmi.dll
2010-02-22 12:00:31 ----A---- C:\Windows\system32\msxbde40.dll
2010-02-22 12:00:31 ----A---- C:\Windows\system32\comsvcs.dll
2010-02-22 12:00:30 ----A---- C:\Windows\system32\vssapi.dll
2010-02-22 12:00:29 ----A---- C:\Windows\system32\authui.dll
2010-02-22 12:00:28 ----A---- C:\Windows\system32\PresentationHost.exe
2010-02-22 12:00:28 ----A---- C:\Windows\system32\msrepl40.dll
2010-02-22 12:00:27 ----A---- C:\Windows\system32\propsys.dll
2010-02-22 12:00:27 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2010-02-22 12:00:27 ----A---- C:\Windows\system32\newdev.dll
2010-02-22 12:00:27 ----A---- C:\Windows\system32\iasrecst.dll
2010-02-22 12:00:26 ----A---- C:\Windows\system32\gpsvc.dll
2010-02-22 12:00:26 ----A---- C:\Windows\system32\eudcedit.exe
2010-02-22 12:00:26 ----A---- C:\Windows\system32\crypt32.dll
2010-02-22 12:00:26 ----A---- C:\Windows\explorer.exe
2010-02-22 12:00:25 ----A---- C:\Windows\system32\setupapi.dll
2010-02-22 12:00:25 ----A---- C:\Windows\system32\rpcss.dll
2010-02-22 12:00:25 ----A---- C:\Windows\system32\mspbde40.dll
2010-02-22 12:00:24 ----A---- C:\Windows\system32\davclnt.dll
2010-02-22 12:00:24 ----A---- C:\Windows\system32\d3d9.dll
2010-02-22 12:00:23 ----A---- C:\Windows\system32\shlwapi.dll
2010-02-22 12:00:23 ----A---- C:\Windows\system32\msltus40.dll
2010-02-22 12:00:23 ----A---- C:\Windows\system32\mfc42.dll
2010-02-22 12:00:23 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2010-02-22 12:00:23 ----A---- C:\Windows\system32\EhStorAuthn.dll
2010-02-22 12:00:22 ----A---- C:\Windows\system32\msrd3x40.dll
2010-02-22 12:00:22 ----A---- C:\Windows\system32\msdtctm.dll
2010-02-22 12:00:21 ----A---- C:\Windows\system32\wevtapi.dll
2010-02-22 12:00:21 ----A---- C:\Windows\system32\photowiz.dll
2010-02-22 12:00:21 ----A---- C:\Windows\system32\nlhtml.dll
2010-02-22 12:00:21 ----A---- C:\Windows\system32\browseui.dll
2010-02-22 12:00:19 ----A---- C:\Windows\system32\user32.dll
2010-02-22 12:00:19 ----A---- C:\Windows\system32\samsrv.dll
2010-02-22 12:00:19 ----A---- C:\Windows\system32\ci.dll
2010-02-22 12:00:18 ----A---- C:\Windows\system32\win32spl.dll
2010-02-22 12:00:18 ----A---- C:\Windows\system32\WcnNetsh.dll
2010-02-22 12:00:18 ----A---- C:\Windows\system32\SLCommDlg.dll
2010-02-22 12:00:17 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2010-02-22 12:00:17 ----A---- C:\Windows\system32\oleaut32.dll
2010-02-22 12:00:16 ----A---- C:\Windows\system32\netshell.dll
2010-02-22 12:00:16 ----A---- C:\Windows\system32\IKEEXT.DLL
2010-02-22 12:00:15 ----A---- C:\Windows\system32\compcln.exe
2010-02-22 12:00:15 ----A---- C:\Windows\system32\apds.dll
2010-02-22 12:00:14 ----A---- C:\Windows\system32\xmlfilter.dll
2010-02-22 12:00:14 ----A---- C:\Windows\system32\mswstr10.dll
2010-02-22 12:00:14 ----A---- C:\Windows\system32\audiosrv.dll
2010-02-22 12:00:13 ----A---- C:\Windows\system32\msctf.dll
2010-02-22 12:00:13 ----A---- C:\Windows\system32\emdmgmt.dll
2010-02-22 12:00:12 ----A---- C:\Windows\system32\QAGENTRT.DLL
2010-02-22 12:00:12 ----A---- C:\Windows\system32\msvcrt.dll
2010-02-22 12:00:12 ----A---- C:\Windows\system32\gdi32.dll
2010-02-22 12:00:11 ----A---- C:\Windows\system32\VSSVC.exe
2010-02-22 12:00:11 ----A---- C:\Windows\system32\SLUI.exe
2010-02-22 12:00:11 ----A---- C:\Windows\system32\mfc42u.dll
2010-02-22 12:00:11 ----A---- C:\Windows\system32\iphlpsvc.dll
2010-02-22 12:00:10 ----A---- C:\Windows\system32\sqlsrv32.dll
2010-02-22 12:00:10 ----A---- C:\Windows\system32\msrd2x40.dll
2010-02-22 12:00:10 ----A---- C:\Windows\system32\eapphost.dll
2010-02-22 12:00:09 ----A---- C:\Windows\system32\winresume.exe
2010-02-22 12:00:09 ----A---- C:\Windows\system32\propdefs.dll
2010-02-22 12:00:09 ----A---- C:\Windows\system32\odbc32.dll
2010-02-22 12:00:08 ----A---- C:\Windows\system32\shdocvw.dll
2010-02-22 12:00:07 ----A---- C:\Windows\system32\dbgeng.dll
2010-02-22 12:00:06 ----A---- C:\Windows\system32\wevtutil.exe
2010-02-22 12:00:06 ----A---- C:\Windows\system32\mssitlb.dll
2010-02-22 12:00:05 ----A---- C:\Windows\system32\WsmSvc.dll
2010-02-22 12:00:05 ----A---- C:\Windows\system32\swprv.dll
2010-02-22 12:00:05 ----A---- C:\Windows\system32\mmcndmgr.dll
2010-02-22 12:00:04 ----A---- C:\Windows\system32\usp10.dll
2010-02-22 12:00:03 ----A---- C:\Windows\system32\vds.exe
2010-02-22 12:00:02 ----A---- C:\Windows\system32\netlogon.dll
2010-02-22 12:00:02 ----A---- C:\Windows\system32\msctfp.dll
2010-02-22 12:00:02 ----A---- C:\Windows\system32\fdBthProxy.dll
2010-02-22 12:00:02 ----A---- C:\Windows\system32\drvinst.exe
2010-02-22 12:00:02 ----A---- C:\Windows\system32\devmgr.dll
2010-02-22 12:00:01 ----A---- C:\Windows\system32\msscb.dll
2010-02-22 12:00:01 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2010-02-22 12:00:01 ----A---- C:\Windows\system32\BFE.DLL
2010-02-22 12:00:01 ----A---- C:\Windows\system32\adsldpc.dll
2010-02-22 12:00:00 ----A---- C:\Windows\system32\wcnwiz.dll
2010-02-22 12:00:00 ----A---- C:\Windows\system32\evr.dll
2010-02-22 11:59:59 ----A---- C:\Windows\system32\WMVSDECD.DLL
2010-02-22 11:59:59 ----A---- C:\Windows\system32\Wldap32.dll
2010-02-22 11:59:59 ----A---- C:\Windows\system32\WindowsCodecs.dll
2010-02-22 11:59:59 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2010-02-22 11:59:58 ----A---- C:\Windows\system32\wercon.exe
2010-02-22 11:59:58 ----A---- C:\Windows\system32\services.exe
2010-02-22 11:59:57 ----A---- C:\Windows\system32\wcncsvc.dll
2010-02-22 11:59:57 ----A---- C:\Windows\system32\mimefilt.dll
2010-02-22 11:59:57 ----A---- C:\Windows\system32\comdlg32.dll
2010-02-22 11:59:57 ----A---- C:\Windows\system32\adtschema.dll
2010-02-22 11:59:56 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2010-02-22 11:59:56 ----A---- C:\Windows\system32\msjter40.dll
2010-02-22 11:59:56 ----A---- C:\Windows\system32\msdtcprx.dll
2010-02-22 11:59:56 ----A---- C:\Windows\system32\msdrm.dll
2010-02-22 11:59:56 ----A---- C:\Windows\system32\ipsmsnap.dll
2010-02-22 11:59:56 ----A---- C:\Windows\system32\certcli.dll
2010-02-22 11:59:55 ----A---- C:\Windows\system32\taskeng.exe
2010-02-22 11:59:55 ----A---- C:\Windows\system32\rtffilt.dll
2010-02-22 11:59:55 ----A---- C:\Windows\system32\reg.exe
2010-02-22 11:59:55 ----A---- C:\Windows\system32\mswdat10.dll
2010-02-22 11:59:55 ----A---- C:\Windows\system32\dnsapi.dll
2010-02-22 11:59:54 ----A---- C:\Windows\system32\WMNetMgr.dll
2010-02-22 11:59:54 ----A---- C:\Windows\system32\umpnpmgr.dll
2010-02-22 11:59:54 ----A---- C:\Windows\system32\certutil.exe
2010-02-22 11:59:53 ----A---- C:\Windows\system32\w32time.dll
2010-02-22 11:59:53 ----A---- C:\Windows\system32\IPSECSVC.DLL
2010-02-22 11:59:52 ----A---- C:\Windows\system32\msshooks.dll
2010-02-22 11:59:52 ----A---- C:\Windows\system32\msscntrs.dll
2010-02-22 11:59:52 ----A---- C:\Windows\system32\bthserv.dll
2010-02-22 11:59:52 ----A---- C:\Windows\system32\bcrypt.dll
2010-02-22 11:59:51 ----A---- C:\Windows\system32\rsaenh.dll
2010-02-22 11:59:51 ----A---- C:\Windows\system32\msihnd.dll
2010-02-22 11:59:50 ----A---- C:\Windows\system32\TsWpfWrp.exe
2010-02-22 11:59:50 ----A---- C:\Windows\system32\netapi32.dll
2010-02-22 11:59:50 ----A---- C:\Windows\system32\msstrc.dll
2010-02-22 11:59:50 ----A---- C:\Windows\system32\MMDevAPI.dll
2010-02-22 11:59:50 ----A---- C:\Windows\system32\inetpp.dll
2010-02-22 11:59:50 ----A---- C:\Windows\system32\inetcomm.dll
2010-02-22 11:59:50 ----A---- C:\Windows\system32\dfshim.dll
2010-02-22 11:59:49 ----A---- C:\Windows\system32\mtxclu.dll
2010-02-22 11:59:49 ----A---- C:\Windows\system32\mscories.dll
2010-02-22 11:59:49 ----A---- C:\Windows\system32\hidserv.dll
2010-02-22 11:59:49 ----A---- C:\Windows\system32\fundisc.dll
2010-02-22 11:59:49 ----A---- C:\Windows\system32\cryptsvc.dll
2010-02-22 11:59:48 ----A---- C:\Windows\system32\wmicmiplugin.dll
2010-02-22 11:59:48 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2010-02-22 11:59:47 ----A---- C:\Windows\system32\termsrv.dll
2010-02-22 11:59:47 ----A---- C:\Windows\system32\profsvc.dll
2010-02-22 11:59:46 ----A---- C:\Windows\system32\gameux.dll
2010-02-22 11:59:44 ----A---- C:\Windows\system32\shsvcs.dll
2010-02-22 11:59:44 ----A---- C:\Windows\system32\msiexec.exe
2010-02-22 11:59:44 ----A---- C:\Windows\system32\imapi.dll
2010-02-22 11:59:43 ----A---- C:\Windows\system32\wdc.dll
2010-02-22 11:59:43 ----A---- C:\Windows\system32\chsbrkr.dll
2010-02-22 11:59:42 ----A---- C:\Windows\system32\rasmans.dll
2010-02-22 11:59:42 ----A---- C:\Windows\system32\pnidui.dll
2010-02-22 11:59:42 ----A---- C:\Windows\system32\iassdo.dll
2010-02-22 11:59:41 ----A---- C:\Windows\system32\spoolsv.exe
2010-02-22 11:59:41 ----A---- C:\Windows\system32\icardres.dll
2010-02-22 11:59:41 ----A---- C:\Windows\system32\autofmt.exe
2010-02-22 11:59:39 ----A---- C:\Windows\system32\wersvc.dll
2010-02-22 11:59:39 ----A---- C:\Windows\system32\scrrun.dll
2010-02-22 11:59:39 ----A---- C:\Windows\system32\PSHED.DLL
2010-02-22 11:59:38 ----A---- C:\Windows\system32\slmgr.vbs
2010-02-22 11:59:38 ----A---- C:\Windows\system32\pdh.dll
2010-02-22 11:59:38 ----A---- C:\Windows\system32\dhcpcsvc.dll
2010-02-22 11:59:37 ----A---- C:\Windows\system32\pidgenx.dll
2010-02-22 11:59:37 ----A---- C:\Windows\system32\CertEnrollUI.dll
2010-02-22 11:59:37 ----A---- C:\Windows\system32\azroles.dll
2010-02-22 11:59:35 ----A---- C:\Windows\system32\wmpmde.dll
2010-02-22 11:59:33 ----A---- C:\Windows\system32\winlogon.exe
2010-02-22 11:59:32 ----A---- C:\Windows\system32\SyncCenter.dll
2010-02-22 11:59:30 ----A---- C:\Windows\system32\SLUINotify.dll
2010-02-22 11:59:29 ----A---- C:\Windows\system32\ncrypt.dll
2010-02-22 11:59:29 ----A---- C:\Windows\system32\msjetoledb40.dll
2010-02-22 11:59:29 ----A---- C:\Windows\system32\comuid.dll
2010-02-22 11:59:29 ----A---- C:\Windows\system32\certmgr.dll
2010-02-22 11:59:28 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2010-02-22 11:59:28 ----A---- C:\Windows\system32\untfs.dll
2010-02-22 11:59:28 ----A---- C:\Windows\system32\spp.dll
2010-02-22 11:59:28 ----A---- C:\Windows\system32\sethc.exe
2010-02-22 11:59:28 ----A---- C:\Windows\system32\scrobj.dll
2010-02-22 11:59:28 ----A---- C:\Windows\system32\kd1394.dll
2010-02-22 11:59:28 ----A---- C:\Windows\system32\iassam.dll
2010-02-22 11:59:27 ----A---- C:\Windows\system32\wisptis.exe
2010-02-22 11:59:27 ----A---- C:\Windows\system32\taskcomp.dll
2010-02-22 11:59:27 ----A---- C:\Windows\system32\rtutils.dll
2010-02-22 11:59:27 ----A---- C:\Windows\system32\dwm.exe
2010-02-22 11:59:27 ----A---- C:\Windows\system32\autochk.exe
2010-02-22 11:59:26 ----A---- C:\Windows\system32\printui.dll
2010-02-22 11:59:26 ----A---- C:\Windows\system32\iasnap.dll
2010-02-22 11:59:26 ----A---- C:\Windows\system32\autoconv.exe
2010-02-22 11:59:25 ----A---- C:\Windows\system32\winsrv.dll
2010-02-22 11:59:25 ----A---- C:\Windows\system32\onex.dll
2010-02-22 11:59:25 ----A---- C:\Windows\system32\kdcom.dll
2010-02-22 11:59:25 ----A---- C:\Windows\system32\cscript.exe
2010-02-22 11:59:25 ----A---- C:\Windows\system32\basecsp.dll
2010-02-22 11:59:24 ----A---- C:\Windows\system32\wow32.dll
2010-02-22 11:59:24 ----A---- C:\Windows\system32\userenv.dll
2010-02-22 11:59:24 ----A---- C:\Windows\system32\osk.exe
2010-02-22 11:59:24 ----A---- C:\Windows\system32\mswsock.dll
2010-02-22 11:59:24 ----A---- C:\Windows\system32\audiodg.exe
2010-02-22 11:59:23 ----A---- C:\Windows\system32\spcmsg.dll
2010-02-22 11:59:23 ----A---- C:\Windows\system32\RelMon.dll
2010-02-22 11:59:23 ----A---- C:\Windows\system32\kdusb.dll
2010-02-22 11:59:22 ----A---- C:\Windows\system32\WinSCard.dll
2010-02-22 11:59:22 ----A---- C:\Windows\system32\winmm.dll
2010-02-22 11:59:22 ----A---- C:\Windows\system32\WerFaultSecure.exe
2010-02-22 11:59:22 ----A---- C:\Windows\system32\rdpencom.dll
2010-02-22 11:59:22 ----A---- C:\Windows\system32\msftedit.dll
2010-02-22 11:59:21 ----A---- C:\Windows\system32\offfilt.dll
2010-02-22 11:59:21 ----A---- C:\Windows\system32\dnsrslvr.dll
2010-02-22 11:59:20 ----A---- C:\Windows\system32\wsepno.dll
2010-02-22 11:59:20 ----A---- C:\Windows\system32\WerFault.exe
2010-02-22 11:59:20 ----A---- C:\Windows\system32\Utilman.exe
2010-02-22 11:59:20 ----A---- C:\Windows\system32\stobject.dll
2010-02-22 11:59:20 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2010-02-22 11:59:20 ----A---- C:\Windows\system32\secproc_ssp.dll
2010-02-22 11:59:20 ----A---- C:\Windows\system32\mfplat.dll
2010-02-22 11:59:20 ----A---- C:\Windows\system32\diskraid.exe
2010-02-22 11:59:19 ----A---- C:\Windows\system32\SndVol.exe
2010-02-22 11:59:19 ----A---- C:\Windows\system32\msnetobj.dll
2010-02-22 11:59:19 ----A---- C:\Windows\system32\mscms.dll
2010-02-22 11:59:19 ----A---- C:\Windows\system32\apphelp.dll
2010-02-22 11:59:19 ----A---- C:\Windows\system32\adsmsext.dll
2010-02-22 11:59:18 ----A---- C:\Windows\system32\wscript.exe
2010-02-22 11:59:18 ----A---- C:\Windows\system32\wiaservc.dll
2010-02-22 11:59:18 ----A---- C:\Windows\system32\ulib.dll
2010-02-22 11:59:18 ----A---- C:\Windows\system32\sysclass.dll
2010-02-22 11:59:18 ----A---- C:\Windows\system32\prnntfy.dll
2010-02-22 11:59:18 ----A---- C:\Windows\system32\odbccp32.dll
2010-02-22 11:59:18 ----A---- C:\Windows\system32\iasdatastore.dll
2010-02-22 11:59:17 ----A---- C:\Windows\system32\wscntfy.dll
2010-02-22 11:59:17 ----A---- C:\Windows\system32\rastapi.dll
2010-02-22 11:59:17 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2010-02-22 11:59:17 ----A---- C:\Windows\system32\dsound.dll
2010-02-22 11:59:17 ----A---- C:\Windows\system32\cryptui.dll
2010-02-22 11:59:16 ----A---- C:\Windows\system32\wlangpui.dll
2010-02-22 11:59:16 ----A---- C:\Windows\system32\pnpsetup.dll
2010-02-22 11:59:16 ----A---- C:\Windows\system32\ipsecsnp.dll
2010-02-22 11:59:16 ----A---- C:\Windows\system32\fdProxy.dll
2010-02-22 11:59:16 ----A---- C:\Windows\system32\brcpl.dll
2010-02-22 11:59:15 ----A---- C:\Windows\system32\wscsvc.dll
2010-02-22 11:59:15 ----A---- C:\Windows\system32\vdsdyn.dll
2010-02-22 11:59:15 ----A---- C:\Windows\system32\logman.exe
2010-02-22 11:59:15 ----A---- C:\Windows\system32\iashlpr.dll
2010-02-22 11:59:15 ----A---- C:\Windows\system32\gpapi.dll
2010-02-22 11:59:15 ----A---- C:\Windows\system32\diskpart.exe
2010-02-22 11:59:14 ----A---- C:\Windows\system32\WMVENCOD.DLL
2010-02-22 11:59:14 ----A---- C:\Windows\system32\regsvc.dll
2010-02-22 11:59:14 ----A---- C:\Windows\system32\rasapi32.dll
2010-02-22 11:59:14 ----A---- C:\Windows\system32\ntprint.dll
2010-02-22 11:59:13 ----A---- C:\Windows\system32\zipfldr.dll
2010-02-22 11:59:13 ----A---- C:\Windows\system32\wusa.exe
2010-02-22 11:59:13 ----A---- C:\Windows\system32\wshext.dll
2010-02-22 11:59:13 ----A---- C:\Windows\system32\wpccpl.dll
2010-02-22 11:59:13 ----A---- C:\Windows\system32\mscorier.dll
2010-02-22 11:59:13 ----A---- C:\Windows\system32\iasrad.dll
2010-02-22 11:59:13 ----A---- C:\Windows\system32\findstr.exe
2010-02-22 11:59:12 ----A---- C:\Windows\system32\rasdlg.dll
2010-02-22 11:59:12 ----A---- C:\Windows\system32\netcenter.dll
2010-02-22 11:59:12 ----A---- C:\Windows\system32\iassvcs.dll
2010-02-22 11:59:11 ----A---- C:\Windows\system32\wsnmp32.dll
2010-02-22 11:59:11 ----A---- C:\Windows\system32\wer.dll
2010-02-22 11:59:11 ----A---- C:\Windows\system32\themecpl.dll
2010-02-22 11:59:10 ----A---- C:\Windows\system32\uxsms.dll
2010-02-22 11:59:10 ----A---- C:\Windows\system32\srvsvc.dll
2010-02-22 11:59:10 ----A---- C:\Windows\system32\mssprxy.dll
2010-02-22 11:58:52 ----A---- C:\Windows\system32\slcc.dll
2010-02-22 11:58:52 ----A---- C:\Windows\system32\scansetting.dll
2010-02-22 11:58:52 ----A---- C:\Windows\system32\powrprof.dll
2010-02-22 11:58:52 ----A---- C:\Windows\system32\ntmarta.dll
2010-02-22 11:58:52 ----A---- C:\Windows\system32\msutb.dll
2010-02-22 11:58:52 ----A---- C:\Windows\system32\mstsc.exe
2010-02-22 11:58:52 ----A---- C:\Windows\system32\mstlsapi.dll
2010-02-22 11:58:52 ----A---- C:\Windows\system32\iasads.dll
2010-02-22 11:58:51 ----A---- C:\Windows\system32\powercpl.dll
2010-02-22 11:58:51 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2010-02-22 11:58:51 ----A---- C:\Windows\system32\networkmap.dll
2010-02-22 11:58:51 ----A---- C:\Windows\system32\iasacct.dll
2010-02-22 11:58:50 ----A---- C:\Windows\system32\sud.dll
2010-02-22 11:58:50 ----A---- C:\Windows\system32\newdev.exe
2010-02-22 11:58:50 ----A---- C:\Windows\system32\dot3svc.dll
2010-02-22 11:58:50 ----A---- C:\Windows\system32\connect.dll
2010-02-22 11:58:50 ----A---- C:\Windows\system32\authz.dll
2010-02-22 11:58:49 ----A---- C:\Windows\system32\themeui.dll
2010-02-22 11:58:49 ----A---- C:\Windows\system32\systemcpl.dll
2010-02-22 11:58:49 ----A---- C:\Windows\system32\samlib.dll
2010-02-22 11:58:49 ----A---- C:\Windows\system32\pcaui.dll
2010-02-22 11:58:49 ----A---- C:\Windows\system32\accessibilitycpl.dll
2010-02-22 11:58:48 ----A---- C:\Windows\system32\usercpl.dll
2010-02-22 11:58:48 ----A---- C:\Windows\system32\mmci.dll
2010-02-22 11:58:48 ----A---- C:\Windows\system32\autoplay.dll
2010-02-22 11:58:47 ----A---- C:\Windows\system32\wlanpref.dll
2010-02-22 11:58:47 ----A---- C:\Windows\system32\rpchttp.dll
2010-02-22 11:58:47 ----A---- C:\Windows\system32\qdvd.dll
2010-02-22 11:58:46 ----A---- C:\Windows\system32\wpcao.dll
2010-02-22 11:58:46 ----A---- C:\Windows\system32\vdsutil.dll
2010-02-22 11:58:46 ----A---- C:\Windows\system32\regapi.dll
2010-02-22 11:58:46 ----A---- C:\Windows\system32\msinfo32.exe
2010-02-22 11:58:45 ----A---- C:\Windows\system32\tapisrv.dll
2010-02-22 11:58:45 ----A---- C:\Windows\system32\scksp.dll
2010-02-22 11:58:45 ----A---- C:\Windows\system32\scesrv.dll
2010-02-22 11:58:45 ----A---- C:\Windows\system32\psisdecd.dll
2010-02-22 11:58:45 ----A---- C:\Windows\system32\oleprn.dll
2010-02-22 11:58:45 ----A---- C:\Windows\system32\mpr.dll
2010-02-22 11:58:45 ----A---- C:\Windows\system32\feclient.dll
2010-02-22 11:58:45 ----A---- C:\Windows\system32\AudioSes.dll
2010-02-22 11:58:44 ----A---- C:\Windows\system32\wscisvif.dll
2010-02-22 11:58:44 ----A---- C:\Windows\system32\rekeywiz.exe
2010-02-22 11:58:44 ----A---- C:\Windows\system32\imm32.dll
2010-02-22 11:58:44 ----A---- C:\Windows\system32\iaspolcy.dll
2010-02-22 11:58:44 ----A---- C:\Windows\system32\Faultrep.dll
2010-02-22 11:58:44 ----A---- C:\Windows\system32\dot3msm.dll
2010-02-22 11:58:44 ----A---- C:\Windows\system32\DeviceEject.exe
2010-02-22 11:58:43 ----A---- C:\Windows\system32\sdclt.exe
2010-02-22 11:58:43 ----A---- C:\Windows\system32\ncryptui.dll
2010-02-22 11:58:43 ----A---- C:\Windows\system32\dpapimig.exe
2010-02-22 11:58:42 ----A---- C:\Windows\system32\scecli.dll
2010-02-22 11:58:42 ----A---- C:\Windows\system32\rasgcw.dll
2010-02-22 11:58:42 ----A---- C:\Windows\system32\qedit.dll
2010-02-22 11:58:42 ----A---- C:\Windows\system32\pnpui.dll
2010-02-22 11:58:42 ----A---- C:\Windows\system32\perfdisk.dll
2010-02-22 11:58:42 ----A---- C:\Windows\system32\hdwwiz.exe
2010-02-22 11:58:42 ----A---- C:\Windows\system32\certreq.exe
2010-02-22 11:58:41 ----A---- C:\Windows\system32\TSTheme.exe
2010-02-22 11:58:41 ----A---- C:\Windows\system32\tcpipcfg.dll
2010-02-22 11:58:41 ----A---- C:\Windows\system32\spwinsat.dll
2010-02-22 11:58:41 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2010-02-22 11:58:41 ----A---- C:\Windows\system32\rasplap.dll
2010-02-22 11:58:41 ----A---- C:\Windows\system32\PnPUnattend.exe
2010-02-22 11:58:41 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2010-02-22 11:58:41 ----A---- C:\Windows\system32\cmmon32.exe
2010-02-22 11:58:40 ----A---- C:\Windows\system32\whealogr.dll
2010-02-22 11:58:40 ----A---- C:\Windows\system32\tcpmon.dll
2010-02-22 11:58:40 ----A---- C:\Windows\system32\srcore.dll
2010-02-22 11:58:40 ----A---- C:\Windows\system32\fdWSD.dll
2010-02-22 11:58:39 ----A---- C:\Windows\system32\SCardSvr.dll
2010-02-22 11:58:39 ----A---- C:\Windows\system32\raschap.dll
2010-02-22 11:58:39 ----A---- C:\Windows\system32\conime.exe
2010-02-22 11:58:39 ----A---- C:\Windows\system32\cmdial32.dll
2010-02-22 11:58:38 ----A---- C:\Windows\system32\wiaaut.dll
2010-02-22 11:58:38 ----A---- C:\Windows\system32\MSVidCtl.dll
2010-02-22 11:58:38 ----A---- C:\Windows\system32\fontext.dll
2010-02-22 11:58:37 ----A---- C:\Windows\system32\WMVXENCD.DLL
2010-02-22 11:58:37 ----A---- C:\Windows\system32\wlanui.dll
2010-02-22 11:58:37 ----A---- C:\Windows\system32\rasppp.dll
2010-02-22 11:58:37 ----A---- C:\Windows\system32\PnPutil.exe
2010-02-22 11:58:37 ----A---- C:\Windows\system32\dsprop.dll
2010-02-22 11:58:36 ----A---- C:\Windows\system32\shwebsvc.dll
2010-02-22 11:58:36 ----A---- C:\Windows\system32\oobefldr.dll
2010-02-22 11:58:36 ----A---- C:\Windows\system32\dimsroam.dll
2010-02-22 11:58:35 ----A---- C:\Windows\system32\shsetup.dll
2010-02-22 11:58:35 ----A---- C:\Windows\system32\rasmontr.dll
2010-02-22 11:58:35 ----A---- C:\Windows\system32\mscandui.dll
2010-02-22 11:58:35 ----A---- C:\Windows\system32\modemui.dll
2010-02-22 11:58:34 ----A---- C:\Windows\system32\wmdrmsdk.dll
2010-02-22 11:58:34 ----A---- C:\Windows\system32\dataclen.dll
2010-02-22 11:58:34 ----A---- C:\Windows\system32\chtbrkr.dll
2010-02-22 11:58:33 ----A---- C:\Windows\system32\wlgpclnt.dll
2010-02-22 11:58:33 ----A---- C:\Windows\system32\smss.exe
2010-02-22 11:58:33 ----A---- C:\Windows\system32\rdpwsx.dll
2010-02-22 11:58:33 ----A---- C:\Windows\system32\netplwiz.dll
2010-02-22 11:58:33 ----A---- C:\Windows\system32\credui.dll
2010-02-22 11:58:33 ----A---- C:\Windows\system32\blackbox.dll
2010-02-22 11:58:32 ----A---- C:\Windows\system32\WSDMon.dll
2010-02-22 11:58:32 ----A---- C:\Windows\system32\wmpeffects.dll
2010-02-22 11:58:32 ----A---- C:\Windows\system32\certprop.dll
2010-02-22 11:58:31 ----A---- C:\Windows\system32\wpcsvc.dll
2010-02-22 11:58:31 ----A---- C:\Windows\system32\networkexplorer.dll
2010-02-22 11:58:31 ----A---- C:\Windows\system32\msscp.dll
2010-02-22 11:58:31 ----A---- C:\Windows\system32\logagent.exe
2010-02-22 11:58:31 ----A---- C:\Windows\system32\ifmon.dll
2010-02-22 11:58:31 ----A---- C:\Windows\system32\cipher.exe
2010-02-22 11:58:30 ----A---- C:\Windows\system32\wscapi.dll
2010-02-22 11:58:30 ----A---- C:\Windows\system32\thawbrkr.dll
2010-02-22 11:58:30 ----A---- C:\Windows\system32\msimtf.dll
2010-02-22 11:58:30 ----A---- C:\Windows\system32\InkEd.dll
2010-02-22 11:58:30 ----A---- C:\Windows\system32\gpresult.exe
2010-02-22 11:58:28 ----A---- C:\Windows\system32\softkbd.dll
2010-02-22 11:58:28 ----A---- C:\Windows\system32\sendmail.dll
2010-02-22 11:58:27 ----A---- C:\Windows\system32\olepro32.dll
2010-02-22 11:58:27 ----A---- C:\Windows\system32\msctfui.dll
2010-02-22 11:58:27 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2010-02-22 11:58:27 ----A---- C:\Windows\system32\dmsynth.dll
2010-02-22 11:58:27 ----A---- C:\Windows\system32\Apphlpdm.dll
2010-02-22 11:58:26 ----A---- C:\Windows\system32\puiapi.dll
2010-02-22 11:58:26 ----A---- C:\Windows\system32\input.dll
2010-02-22 11:58:26 ----A---- C:\Windows\system32\drmmgrtn.dll
2010-02-22 11:58:26 ----A---- C:\Windows\system32\cdd.dll
2010-02-22 11:58:25 ----A---- C:\Windows\system32\wshbth.dll
2010-02-22 11:58:25 ----A---- C:\Windows\system32\version.dll
2010-02-22 11:58:25 ----A---- C:\Windows\system32\SLLUA.exe
2010-02-22 11:58:25 ----A---- C:\Windows\system32\msisip.dll
2010-02-22 11:58:25 ----A---- C:\Windows\system32\mprapi.dll
2010-02-22 11:58:25 ----A---- C:\Windows\system32\fc.exe
2010-02-22 11:58:25 ----A---- C:\Windows\system32\ExplorerFrame.dll
2010-02-22 11:58:24 ----A---- C:\Windows\system32\fdSSDP.dll
2010-02-22 11:58:24 ----A---- C:\Windows\system32\dmusic.dll
2010-02-22 11:58:23 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2010-02-22 11:58:23 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2010-02-22 11:58:23 ----A---- C:\Windows\system32\msjint40.dll
2010-02-22 11:58:23 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2010-02-22 11:58:23 ----A---- C:\Windows\system32\l2nacp.dll
2010-02-22 11:58:23 ----A---- C:\Windows\system32\ftp.exe
2010-02-22 11:58:23 ----A---- C:\Windows\system32\eapp3hst.dll
2010-02-22 11:58:23 ----A---- C:\Windows\system32\cscapi.dll
2010-02-22 11:58:22 ----A---- C:\Windows\system32\wsdchngr.dll
2010-02-22 11:58:22 ----A---- C:\Windows\system32\SMBHelperClass.dll
2010-02-22 11:58:22 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2010-02-22 11:58:22 ----A---- C:\Windows\system32\cscdll.dll
2010-02-22 11:58:22 ----A---- C:\Windows\system32\bthci.dll
2010-02-22 11:58:21 ----A---- C:\Windows\system32\Storprop.dll
2010-02-22 11:58:21 ----A---- C:\Windows\system32\rasdial.exe
2010-02-22 11:58:21 ----A---- C:\Windows\system32\rasdiag.dll
2010-02-22 11:58:21 ----A---- C:\Windows\system32\fdWCN.dll
2010-02-22 11:58:21 ----A---- C:\Windows\system32\dot3cfg.dll
2010-02-22 11:58:21 ----A---- C:\Windows\system32\bthudtask.exe
2010-02-22 11:58:20 ----A---- C:\Windows\system32\tscupgrd.exe
2010-02-22 11:58:20 ----A---- C:\Windows\system32\slcinst.dll
2010-02-22 11:58:20 ----A---- C:\Windows\system32\nslookup.exe
2010-02-22 11:58:20 ----A---- C:\Windows\system32\networkitemfactory.dll
2010-02-22 11:58:20 ----A---- C:\Windows\system32\ipconfig.exe
2010-02-22 11:58:20 ----A---- C:\Windows\system32\eappcfg.dll
2010-02-22 11:58:20 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2010-02-22 11:58:19 ----A---- C:\Windows\system32\ocsetup.exe
2010-02-22 11:58:19 ----A---- C:\Windows\system32\hbaapi.dll
2010-02-22 11:58:19 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2010-02-22 11:58:19 ----A---- C:\Windows\system32\fdeploy.dll
2010-02-22 11:58:19 ----A---- C:\Windows\system32\eappgnui.dll
2010-02-22 11:58:18 ----A---- C:\Windows\system32\PNPXAssoc.dll
2010-02-22 11:58:18 ----A---- C:\Windows\system32\mmcico.dll
2010-02-22 11:58:17 ----A---- C:\Windows\system32\gpupdate.exe
2010-02-22 11:58:16 ----A---- C:\Windows\system32\csrstub.exe
2010-02-22 11:58:16 ----A---- C:\Windows\system32\cbsra.exe
2010-02-22 11:58:16 ----A---- C:\Windows\system32\bitsigd.dll
2010-02-22 11:58:15 ----A---- C:\Windows\system32\NcdProp.dll
2010-02-22 11:58:15 ----A---- C:\Windows\system32\iscsilog.dll
2010-02-22 11:58:14 ----A---- C:\Windows\system32\vdmdbg.dll
2010-02-22 11:58:14 ----A---- C:\Windows\system32\odbcconf.dll
2010-02-22 11:58:13 ----A---- C:\Windows\system32\winrnr.dll
2010-02-22 11:58:13 ----A---- C:\Windows\system32\slwga.dll
2010-02-22 11:58:13 ----A---- C:\Windows\system32\midimap.dll
2010-02-22 11:58:13 ----A---- C:\Windows\system32\inetppui.dll
2010-02-22 11:58:08 ----A---- C:\Windows\system32\f3ahvoas.dll
2010-02-22 11:58:07 ----A---- C:\Windows\system32\msimsg.dll
2010-02-22 11:57:44 ----A---- C:\Windows\system32\SmiEngine.dll
2010-02-22 11:57:38 ----A---- C:\Windows\system32\wdscore.dll
2010-02-22 11:57:38 ----A---- C:\Windows\system32\PkgMgr.exe
2010-02-22 11:57:24 ----A---- C:\Windows\system32\drvstore.dll
2010-02-22 11:12:28 ----D---- C:\ProgramData\WindowsSearch
2010-02-21 16:38:16 ----D---- C:\PerfLogs
2010-02-21 14:09:00 ----A---- C:\Windows\system32\occache.dll
2010-02-21 14:09:00 ----A---- C:\Windows\system32\msfeeds.dll
2010-02-21 14:09:00 ----A---- C:\Windows\system32\jsproxy.dll
2010-02-21 14:09:00 ----A---- C:\Windows\system32\iepeers.dll
2010-02-21 14:08:59 ----A---- C:\Windows\system32\msfeedsbs.dll
2010-02-21 14:08:59 ----A---- C:\Windows\system32\ieui.dll
2010-02-21 14:08:58 ----A---- C:\Windows\system32\wininet.dll
2010-02-21 14:08:58 ----A---- C:\Windows\system32\iesetup.dll
2010-02-21 14:08:58 ----A---- C:\Windows\system32\iernonce.dll
2010-02-21 14:08:57 ----A---- C:\Windows\system32\msfeedssync.exe
2010-02-21 14:08:57 ----A---- C:\Windows\system32\iertutil.dll
2010-02-21 14:08:57 ----A---- C:\Windows\system32\iedkcs32.dll
2010-02-21 14:08:57 ----A---- C:\Windows\system32\ie4uinit.exe
2010-02-21 14:08:56 ----A---- C:\Windows\system32\urlmon.dll
2010-02-21 14:08:56 ----A---- C:\Windows\system32\ieUnatt.exe
2010-02-21 14:08:56 ----A---- C:\Windows\system32\iesysprep.dll
2010-02-21 14:08:53 ----A---- C:\Windows\system32\mshtml.dll
2010-02-21 14:08:53 ----A---- C:\Windows\system32\ieframe.dll
2010-02-21 13:51:25 ----A---- C:\Windows\system32\mshtmled.dll
2010-02-21 13:51:25 ----A---- C:\Windows\system32\icardie.dll
2010-02-21 13:51:24 ----A---- C:\Windows\system32\mshtmler.dll
2010-02-21 13:51:24 ----A---- C:\Windows\system32\admparse.dll
2010-02-21 13:51:22 ----A---- C:\Windows\system32\msls31.dll
2010-02-21 13:51:22 ----A---- C:\Windows\system32\corpol.dll
2010-02-21 13:51:21 ----A---- C:\Windows\system32\imgutil.dll
2010-02-21 13:51:21 ----A---- C:\Windows\system32\ieakeng.dll
2010-02-21 13:51:21 ----A---- C:\Windows\system32\dxtrans.dll
2010-02-21 13:51:21 ----A---- C:\Windows\system32\dxtmsft.dll
2010-02-21 13:51:20 ----A---- C:\Windows\system32\licmgr10.dll
2010-02-21 13:51:20 ----A---- C:\Windows\system32\inseng.dll
2010-02-21 13:51:19 ----A---- C:\Windows\system32\WinFXDocObj.exe
2010-02-21 13:51:19 ----A---- C:\Windows\system32\wextract.exe
2010-02-21 13:51:19 ----A---- C:\Windows\system32\webcheck.dll
2010-02-21 13:51:19 ----A---- C:\Windows\system32\msrating.dll
2010-02-21 13:51:19 ----A---- C:\Windows\system32\ieakui.dll
2010-02-21 13:51:19 ----A---- C:\Windows\system32\ieaksie.dll
2010-02-21 13:51:18 ----A---- C:\Windows\system32\pngfilt.dll
2010-02-21 13:51:18 ----A---- C:\Windows\system32\mstime.dll
2010-02-21 13:51:18 ----A---- C:\Windows\system32\advpack.dll
2010-02-21 13:51:17 ----A---- C:\Windows\system32\vbscript.dll
2010-02-21 13:51:17 ----A---- C:\Windows\system32\ieapfltr.dll
2010-02-21 13:51:16 ----A---- C:\Windows\system32\url.dll
2010-02-21 13:51:14 ----A---- C:\Windows\system32\mshta.exe
2010-02-21 13:51:14 ----A---- C:\Windows\system32\iexpress.exe
2010-02-21 13:51:13 ----A---- C:\Windows\system32\SetIEInstalledDate.exe
2010-02-21 13:51:13 ----A---- C:\Windows\system32\SetDepNx.exe
2010-02-21 13:51:13 ----A---- C:\Windows\system32\RegisterIEPKEYs.exe
2010-02-21 13:51:13 ----A---- C:\Windows\system32\PDMSetup.exe
2010-02-21 13:19:10 ----D---- C:\Users\Paula and Ben\AppData\Roaming\GTek
======List of files/folders modified in the last 1 months======
2010-03-16 20:19:56 ----D---- C:\ProgramData\Kontiki
2010-03-16 20:19:08 ----D---- C:\Windows\Prefetch
2010-03-16 20:18:44 ----RD---- C:\Program Files
2010-03-16 20:13:50 ----D---- C:\Windows\Temp
2010-03-16 20:08:46 ----D---- C:\Windows\Tasks
2010-03-15 12:48:13 ----SHD---- C:\System Volume Information
2010-03-12 03:09:46 ----SHD---- C:\Windows\Installer
2010-03-12 03:09:04 ----D---- C:\Windows\winsxs
2010-03-12 03:09:03 ----D---- C:\Program Files\Movie Maker
2010-03-12 03:07:19 ----A---- C:\Windows\win.ini
2010-03-11 18:42:23 ----D---- C:\Windows\system32\catroot
2010-03-11 18:42:18 ----D---- C:\Windows\system32\catroot2
2010-03-10 16:13:02 ----SD---- C:\Users\Paula and Ben\AppData\Roaming\Microsoft
2010-03-10 16:10:34 ----D---- C:\WINDOWS
2010-03-10 16:07:18 ----D---- C:\Windows\System32
2010-03-10 15:29:36 ----D---- C:\Windows\inf
2010-03-10 15:29:36 ----A---- C:\Windows\system32\PerfStringBackup.INI
2010-03-09 19:06:59 ----RSD---- C:\Windows\assembly
2010-03-09 18:35:00 ----D---- C:\Windows\Microsoft.NET
2010-03-07 21:26:14 ----D---- C:\Windows\rescache
2010-03-07 20:54:10 ----SHD---- C:\boot
2010-03-07 20:42:46 ----D---- C:\Program Files\Windows Mail
2010-03-07 20:42:46 ----D---- C:\Program Files\Windows Calendar
2010-03-07 20:42:45 ----D---- C:\Program Files\Windows Sidebar
2010-03-07 20:42:45 ----D---- C:\Program Files\Windows Media Player
2010-03-07 20:42:45 ----D---- C:\Program Files\Internet Explorer
2010-03-07 20:42:44 ----D---- C:\Program Files\Windows Collaboration
2010-03-07 20:42:43 ----D---- C:\Program Files\Windows Photo Gallery
2010-03-07 20:42:43 ----D---- C:\Program Files\Common Files\System
2010-03-07 20:42:41 ----D---- C:\Windows\servicing
2010-03-07 20:42:41 ----D---- C:\Program Files\Windows Defender
2010-03-07 20:42:32 ----D---- C:\Windows\IME
2010-03-07 20:42:31 ----D---- C:\Windows\system32\XPSViewer
2010-03-07 20:42:31 ----D---- C:\Windows\system32\sk-SK
2010-03-07 20:42:31 ----D---- C:\Windows\system32\lv-LV
2010-03-07 20:42:31 ----D---- C:\Windows\system32\hr-HR
2010-03-07 20:42:31 ----D---- C:\Windows\system32\et-EE
2010-03-07 20:42:31 ----D---- C:\Windows\system32\da-DK
2010-03-07 20:42:30 ----D---- C:\Windows\system32\ko-KR
2010-03-07 20:42:30 ----D---- C:\Windows\system32\en-US
2010-03-07 20:42:27 ----D---- C:\Windows\system32\oobe
2010-03-07 20:42:27 ----D---- C:\Windows\system32\migration
2010-03-07 20:42:27 ----D---- C:\Windows\system32\it-IT
2010-03-07 20:42:27 ----D---- C:\Windows\system32\el-GR
2010-03-07 20:42:27 ----D---- C:\Windows\system32\de-DE
2010-03-07 20:42:24 ----D---- C:\Windows\system32\sv-SE
2010-03-07 20:42:24 ----D---- C:\Windows\system32\setup
2010-03-07 20:42:24 ----D---- C:\Windows\system32\ru-RU
2010-03-07 20:42:24 ----D---- C:\Windows\system32\hu-HU
2010-03-07 20:42:24 ----D---- C:\Windows\system32\he-IL
2010-03-07 20:42:24 ----D---- C:\Windows\system32\fr-FR
2010-03-07 20:42:24 ----D---- C:\Windows\system32\fi-FI
2010-03-07 20:42:24 ----D---- C:\Windows\system32\cs-CZ
2010-03-07 20:42:24 ----D---- C:\Windows\system32\AdvancedInstallers
2010-03-07 20:42:23 ----D---- C:\Windows\system32\SLUI
2010-03-07 20:42:23 ----D---- C:\Windows\system32\pt-PT
2010-03-07 20:42:22 ----D---- C:\Windows\system32\zh-TW
2010-03-07 20:42:22 ----D---- C:\Windows\system32\zh-CN
2010-03-07 20:42:22 ----D---- C:\Windows\system32\uk-UA
2010-03-07 20:42:22 ----D---- C:\Windows\system32\sr-Latn-CS
2010-03-07 20:42:22 ----D---- C:\Windows\system32\sl-SI
2010-03-07 20:42:22 ----D---- C:\Windows\system32\ro-RO
2010-03-07 20:42:22 ----D---- C:\Windows\system32\pl-PL
2010-03-07 20:42:22 ----D---- C:\Windows\system32\manifeststore
2010-03-07 20:42:22 ----D---- C:\Windows\system32\ja-JP
2010-03-07 20:42:22 ----D---- C:\Windows\system32\es-ES
2010-03-07 20:42:22 ----D---- C:\Windows\system32\en
2010-03-07 20:42:22 ----D---- C:\Windows\system32\bg-BG
2010-03-07 20:42:21 ----D---- C:\Windows\system32\th-TH
2010-03-07 20:42:21 ----D---- C:\Windows\system32\drivers
2010-03-07 20:42:20 ----D---- C:\Windows\system32\tr-TR
2010-03-07 20:42:19 ----D---- C:\Windows\system32\wbem
2010-03-07 20:42:18 ----D---- C:\Windows\system32\nl-NL
2010-03-07 20:42:18 ----D---- C:\Windows\system32\nb-NO
2010-03-07 20:42:18 ----D---- C:\Windows\system32\lt-LT
2010-03-07 20:42:18 ----D---- C:\Windows\system32\ar-SA
2010-03-07 20:42:17 ----D---- C:\Windows\system32\pt-BR
2010-03-07 20:42:17 ----D---- C:\Windows\system32\migwiz
2010-03-07 20:41:15 ----RSD---- C:\Windows\Fonts
2010-03-07 20:41:15 ----D---- C:\Windows\AppPatch
2010-03-07 20:40:54 ----D---- C:\Windows\system32\Boot
2010-03-03 14:43:49 ----D---- C:\Windows\system32\Tasks
2010-03-02 05:30:12 ----A---- C:\Windows\system32\mrt.exe
2010-02-25 18:34:36 ----D---- C:\Windows\LiveKernelReports
2010-02-24 20:15:43 ----D---- C:\Windows\Logs
2010-02-22 11:12:28 ----HD---- C:\ProgramData
2010-02-21 16:56:46 ----ASH---- C:\Program Files\desktop.ini
2010-02-21 16:41:24 ----D---- C:\Windows\MSAgent
2010-02-21 16:41:21 ----D---- C:\Windows\L2Schemas
2010-02-21 16:41:21 ----D---- C:\Windows\DigitalLocker
2010-02-21 16:41:19 ----D---- C:\Windows\system32\com
2010-02-21 16:41:19 ----D---- C:\Windows\PolicyDefinitions
2010-02-21 16:41:04 ----D---- C:\Windows\system32\sysprep
2010-02-21 16:40:58 ----D---- C:\Windows\system32\ias
2010-02-21 16:40:57 ----D---- C:\Windows\system32\ras
2010-02-21 16:40:51 ----D---- C:\Windows\system32\icsxml
2010-02-21 16:38:29 ----D---- C:\Windows\Boot
2010-02-21 16:14:59 ----A---- C:\Windows\system32\ifxcardm.dll
2010-02-21 16:14:46 ----A---- C:\Windows\system32\axaltocm.dll
2010-02-21 13:18:51 ----D---- C:\Program Files\Hp
2010-02-21 13:18:12 ----HD---- C:\Program Files\InstallShield Installation Information
2010-02-21 13:18:08 ----D---- C:\Program Files\Hewlett-Packard
2010-02-21 13:15:08 ----D---- C:\SWSetup
2010-02-21 13:13:01 ----D---- C:\Users\Paula and Ben\AppData\Roaming\Hewlett-Packard
2010-02-21 11:17:56 ----D---- C:\ProgramData\Spybot - Search & Destroy
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
bphester99
2010-03-16, 21:38
log file continued, then info file:
R1 AvgLdx86;AVG Free AVI Loader Driver x86; C:\Windows\System32\Drivers\avgldx86.sys [2010-02-02 333192]
R1 AvgMfx86;AVG Minifilter x86 Resident Driver; C:\Windows\System32\Drivers\avgmfx86.sys [2010-02-02 28424]
R1 AvgTdiX;AVG Free Network Redirector; C:\Windows\System32\Drivers\avgtdix.sys [2010-02-02 360584]
R1 eabfiltr;eabfiltr; C:\Windows\system32\DRIVERS\eabfiltr.sys [2006-11-30 8192]
R1 StarOpen;StarOpen; C:\Windows\system32\drivers\StarOpen.sys [2006-07-24 5632]
R2 mdmxsdk;mdmxsdk; C:\Windows\system32\DRIVERS\mdmxsdk.sys [2006-06-19 12672]
R2 XAudio;XAudio; C:\Windows\system32\DRIVERS\xaudio.sys [2006-11-28 8192]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-01 534016]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-19 14208]
R3 CnxtHdAudService;Conexant UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDRT32.sys [2008-03-04 188416]
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2009-05-18 26600]
R3 HBtnKey;HBtnKey; C:\Windows\system32\DRIVERS\cpqbttn.sys [2006-06-28 9472]
R3 HSF_DPV;HSF_DPV; C:\Windows\system32\DRIVERS\HSX_DPV.sys [2006-12-07 985600]
R3 HSXHWAZL;HSXHWAZL; C:\Windows\system32\DRIVERS\HSXHWAZL.sys [2006-12-07 207360]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-18 2009088]
R3 SynTP;Synaptics TouchPad Driver; C:\Windows\system32\DRIVERS\SynTP.sys [2007-01-12 181432]
R3 winachsf;winachsf; C:\Windows\system32\DRIVERS\HSX_CNXT.sys [2006-12-07 659968]
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\DRIVERS\wmiacpi.sys [2008-01-19 11264]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2006-11-02 167936]
S3 BCM43XV;Broadcom Extensible 802.11 Network Adapter Driver; C:\Windows\system32\DRIVERS\bcmwl6.sys [2007-03-01 534016]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2006-11-02 19456]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2006-11-02 92160]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2006-11-02 220160]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2006-11-02 29184]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-19 5632]
S3 E100B;Intel(R) PRO Network Connection Driver; C:\Windows\system32\DRIVERS\e100b325.sys [2006-10-31 165760]
S3 HdAudAddService;Microsoft UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\CHDART.sys [2007-02-22 159232]
S3 HSFHWAZL;HSFHWAZL; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2006-11-02 200704]
S3 ialm;ialm; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-10-18 2009088]
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-19 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-19 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-19 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-19 6016]
S3 NETw3v32;Intel(R) PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2006-11-02 1781760]
S3 nmwcd;Nokia USB Phone Parent; C:\Windows\system32\drivers\ccdcmb.sys [2009-02-09 17664]
S3 nmwcdc;Nokia USB Generic; C:\Windows\system32\drivers\ccdcmbo.sys [2009-02-09 22016]
S3 pccsmcfd;PCCS Mode Change Filter Driver; C:\Windows\system32\DRIVERS\pccsmcfd.sys [2008-08-26 18816]
S3 R300;R300; C:\Windows\system32\DRIVERS\atikmdag.sys [2006-11-02 2028032]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2006-11-02 49664]
S3 ss_bus;SAMSUNG Mobile USB Device 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ss_bus.sys [2007-05-02 83592]
S3 ss_mdfl;SAMSUNG Mobile USB Modem 1.0 Filter; C:\Windows\system32\DRIVERS\ss_mdfl.sys [2007-05-02 15112]
S3 ss_mdm;SAMSUNG Mobile USB Modem 1.0 Drivers; C:\Windows\system32\DRIVERS\ss_mdm.sys [2007-05-02 109704]
S3 ssm_bus;SAMSUNG Mobile USB Device II 1.0 driver (WDM); C:\Windows\system32\DRIVERS\ssm_bus.sys [2007-05-02 83592]
S3 ssm_mdfl;SAMSUNG Mobile USB Modem II 1.0 Filter; C:\Windows\system32\DRIVERS\ssm_mdfl.sys [2007-05-02 15112]
S3 ssm_mdm;SAMSUNG Mobile USB Modem II 1.0 Drivers; C:\Windows\system32\DRIVERS\ssm_mdm.sys [2007-05-02 109704]
S3 TPM;TPM; C:\Windows\system32\drivers\tpm.sys [2006-11-02 41064]
S3 upperdev;upperdev; C:\Windows\system32\DRIVERS\usbser_lowerflt.sys [2009-02-09 7808]
S3 USBAAPL;Apple Mobile USB Driver; C:\Windows\System32\Drivers\usbaapl.sys [2009-08-28 40448]
S3 usbscan;USB Scanner Driver; C:\Windows\system32\DRIVERS\usbscan.sys [2008-01-19 35328]
S3 usbser;Nokia USB Serial Port; C:\Windows\system32\drivers\usbser.sys [2009-04-11 27648]
S3 UsbserFilt;UsbserFilt; C:\Windows\system32\DRIVERS\usbser_lowerfltj.sys [2009-02-09 7808]
S3 WimFltr;WimFltr; C:\Windows\system32\DRIVERS\wimfltr.sys [2006-11-02 128104]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-19 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-03-26 83328]
S4 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2006-11-02 82432]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe [2009-08-28 144672]
R2 avg9wd;AVG Free WatchDog; C:\Program Files\AVG\AVG9\avgwdsvc.exe [2010-02-02 285392]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2008-12-12 238888]
R2 BthServ;@%SystemRoot%\System32\bthserv.dll,-101; C:\Windows\system32\svchost.exe [2008-01-19 21504]
R2 CTDevice_Srv;CT Device Query service; C:\Program Files\Creative\Shared Files\CTDevSrv.exe [2007-04-02 61440]
R2 dlcc_device;dlcc_device; C:\Windows\system32\dlcccoms.exe [2007-02-14 538096]
R2 HP Health Check Service;HP Health Check Service; c:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe [2008-10-09 94208]
R2 hpqwmiex;hpqwmiex; C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe [2006-05-02 135168]
R2 IviRegMgr;IviRegMgr; C:\Program Files\Common Files\InterVideo\RegMgr\iviRegMgr.exe [2007-01-05 112152]
R2 KService;KService; C:\Program Files\Kontiki\KService.exe [2008-01-25 3072184]
R2 MyWebSearchService;My Web Search Service; C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe [2008-11-13 28762]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2008-01-28 810320]
R2 WinVNC4;VNC Server Version 4; C:\Program Files\RealVNC\VNC4\WinVNC4.exe [2006-05-12 439248]
R2 XAudioService;XAudioService; C:\Windows\system32\DRIVERS\xaudio.exe [2006-11-28 386560]
R3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2009-11-12 545568]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2009-09-15 133104]
S2 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2009-09-15 194032]
S3 Com4Qlb;Com4Qlb; C:\Program Files\Hewlett-Packard\HP Quick Launch Buttons\Com4Qlb.exe [2007-01-09 110592]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 ServiceLayer;ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [2009-06-02 637952]
S3 stllssvr;stllssvr; c:\Program Files\Common Files\SureThing Shared\stllssvr.exe [2006-11-01 73728]
-----------------EOF-----------------
info.txt logfile of random's system information tool 1.06 2010-03-16 20:20:09
======Uninstall list======
-->C:\Program Files\InstallShield Installation Information\{69333A04-5134-40A5-A055-9166A7AA1EC8}\setup.exe -runfromtemp -l0x0009 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{22EB2FA7-1BA0-4FFB-972F-353EC6ABA9D5}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28B97CAB-828F-49D8-A30A-675476F9BA92}\setup.exe" -l0x9 /cont -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{4E7DC12A-3597-4A94-9429-F6C6987361B1}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{6813C983-427E-4511-8456-E98FCAA1A125}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{7DADB304-AF20-48C3-A780-4B4133A08817}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{9C423CF6-2DAA-4A37-94B8-59D7ECC7DB13}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{ACE66099-E18E-4037-83C8-9D182E5B9FA8}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{B34B6E67-FCDD-4E03-8742-B5701427FAFB}\setup.exe" -l0x9 -removeonly
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{FA6CC4B4-7741-4F8D-8E81-15C4BAB9869B}\setup.exe" -l0x9 -removeonly
4oD-->MsiExec.exe /I {8B7443F5-E141-42A0-AB61-ED2331AAD606}
ActiveCheck component for HP Active Support Library-->MsiExec.exe /X{254C37AA-6B72-4300-84F6-98A82419187E}
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742)-->MsiExec.exe /X{6846389C-BAC0-4374-808E-B120F86AF5D7}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Flash Player 10 Plugin-->C:\Windows\system32\Macromed\Flash\uninstall_plugin.exe
Adobe Reader 8.1.2-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A81200000003}
Apple Application Support-->MsiExec.exe /I{3FA365DF-2D68-45ED-8F83-8C8A33E65143}
Apple Mobile Device Support-->MsiExec.exe /I{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}
Apple Software Update-->MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
Application Installer 4.00.B13-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{70CEFEBA-F757-4DBE-8A21-027C326137CE}\SETUP.EXE" -l0x9
AVG Free 9.0-->C:\Program Files\AVG\AVG9\setup.exe /UNINSTALL
BBC iPlayer Desktop-->MsiExec.exe /X{BEA18030-8B42-1286-EF64-CDA6BD083888}
BBC iPlayer Download Manager-->MsiExec.exe /I {D466F3D9-510C-4729-B7D4-2E70490E4CDF}
Bonjour-->MsiExec.exe /I{07287123-B8AC-41CE-8346-3D777245C35B}
BT Home Hub-->C:\Program Files\BT Home Hub\Uninstall.exe
Canon SELPHY CP760-->C:\ProgramData\CanonCP\CNYSELPHYCP\CNYWindows\CNYCanon SELPHY CP760\CNYCPUIN.EXE
Conexant HD Audio-->C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU32a.exe -U -IcV30D5a.INF
Creative Media Lite-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\09\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{1A99CB37-AEB0-492F-A85A-8A2536D22393}\setup.exe" -l0x9 /remove
Creative ZEN Stone Plus User's Guide-->"C:\Program Files\Creative\Creative ZEN Stone Plus\UGRemove.exe" /Product_Name:ZENStonePlusUG
DHTML Editing Component-->MsiExec.exe /I{2EA870FA-585F-4187-903D-CB9FFD21E2E0}
Driving Test Success - Hazard Perception (2008-2009)-->"C:\Program Files\Driving Test Success - Hazard Perception (2008-2009)\unins000.exe"
Dungeon Keeper 2-->C:\Windows\IsUninst.exe -f"C:\Program Files\Bullfrog\Dungeon Keeper 2\Uninst.isu" -c"C:\Program Files\Bullfrog\Dungeon Keeper 2\uninst.dll"
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
ESU for Microsoft Vista-->MsiExec.exe /X{2E886C29-857C-4CE5-A205-F6AA7278E666}
Google Earth-->MsiExec.exe /X{2EAF7E61-068E-11DF-953C-005056806466}
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar2.dll"
Google Update Helper-->MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
Google Updater-->"C:\Program Files\Google\Google Updater\GoogleUpdater.exe" -uninstall
HDAUDIO Soft Data Fax Modem with SmartCP-->C:\Program Files\CONEXANT\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_5045&SUBSYS_103C30B7\UIU32m.EXE -U -IwqcVenz.inf
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
HiJackThis-->MsiExec.exe /X{0761C9A8-8F3A-4216-B4A7-B7AFBF24A24A}
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
HP Active Support Library 32 bit components-->MsiExec.exe /I{FAB0C302-CB18-4A7A-BA03-C3DC23101A68}
HP Active Support Library-->"C:\Program Files\InstallShield Installation Information\{CE7E3BE0-2DD3-4416-A690-F9E4A99A8CFF}\setup.exe" -runfromtemp -l0x0409 -removeonly
HP Backup and Recovery Manager Installer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3F9F7336-6DF8-476F-ABF6-C70A17FAF619}\setup.exe" -l0x9 -uninst -removeonly
HP Doc Viewer-->MsiExec.exe /I{082702D5-5DD8-4600-BCE5-48B15174687F}
HP Help and Support-->MsiExec.exe /I{9061CEF2-51F5-42C9-8A70-9ED351C6597A}
HP Notebook Accessories Product Tour-->MsiExec.exe /I{521F72F4-FFE4-4959-AA88-EED06125211F}
HP Quick Launch Buttons 6.20 C1-->C:\Program Files\InstallShield Installation Information\{34D2AB40-150D-475D-AE32-BD23FB5EE355}\setup.exe -runfromtemp -l0x0009 -removeonly uninst
HP Update-->MsiExec.exe /X{8C6027FD-53DC-446D-BB75-CACD7028A134}
HP User Guides 0077-->MsiExec.exe /I{B51C3024-333B-4FB6-B1EC-49ECE2DE6056}
HP Wireless Assistant-->MsiExec.exe /I{D32067CD-7409-4792-BFA0-1469BCD8F0C8}
HPAsset component for HP Active Support Library-->MsiExec.exe /X{669D4A35-146B-4314-89F1-1AC3D7B88367}
HPNetworkAssistant-->MsiExec.exe /I{228C6B46-64E2-404E-898A-EF0830603EF4}
Intel(R) Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Intel(R) PRO Network Connections Drivers-->Prounstl.exe
InterVideo DVD Check-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5D97A4A7-C274-4B63-86D9-07A33435F505}\setup.exe" REMOVEALL
InterVideo WinDVD-->"C:\Program Files\InstallShield Installation Information\{91810AFC-A4F8-4EBA-A5AA-B198BBC81144}\setup.exe" REMOVEALL
iPhone Configuration Utility-->MsiExec.exe /I{FA54AFB1-5745-4389-B8C1-9F7509672ED1}
iTunes-->MsiExec.exe /I{A6FDF86A-F541-4E7B-AEA0-8849A2A700D5}
Java(TM) 6 Update 17-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216012FF}
Java(TM) 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java(TM) 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java(TM) 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
Java(TM) SE Runtime Environment 6-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160000}
Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\Windows\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp"
Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office Professional Edition 2003-->MsiExec.exe /I{90110409-6000-11D3-8CFE-0150048383C9}
Microsoft Silverlight-->MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{837b34e3-7c30-493c-8f6a-2b0f04e2912c}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148-->MsiExec.exe /X{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}
MSVC80_x86-->MsiExec.exe /I{212748BB-0DA5-46DE-82A1-403736DC9F27}
MSXML 4.0 SP2 (KB936181)-->MsiExec.exe /I{C04E32E0-0416-434D-AFB9-6969D703A9EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}
My Web Search (Zwinky)-->rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsbar.dll,O
Nokia Connectivity Cable Driver-->MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
Nokia PC Suite-->C:\ProgramData\Installations\{3D39E775-DDDA-4327-B747-0BDC5F191331}\Nokia_PC_Suite_7_1_30_9_eng.exe
Nokia PC Suite-->MsiExec.exe /I{3D39E775-DDDA-4327-B747-0BDC5F191331}
Nokia Software Updater-->MsiExec.exe /X{17BD85F9-3B88-4C85-BB47-4AB8DD68F8BB}
PC Connectivity Solution-->MsiExec.exe /I{0C973594-7DDF-4BD0-84ED-3517F7622037}
Picture Package Music Transfer-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{CE2121C6-C94D-4A73-8EA4-6943F33EE335}\setup.exe" -l0x9 -removeonly
QuickTime-->MsiExec.exe /I{1451DE6B-ABE1-4F62-BE9A-B363A17588A2}
Roxio Creator Audio-->MsiExec.exe /I{83FFCFC7-88C6-41c6-8752-958A45325C82}
Roxio Creator Basic v9-->MsiExec.exe /I{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}
Roxio Creator Copy-->MsiExec.exe /I{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}
Roxio Creator Data-->MsiExec.exe /I{0D397393-9B50-4c52-84D5-77E344289F87}
Roxio Creator Tools-->MsiExec.exe /I{0394CDC8-FABD-4ed8-B104-03393876DFDF}
Roxio Express Labeler 3-->MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Safari-->MsiExec.exe /I{E56D39F8-2A9F-44B4-B068-A72E45A073E6}
SAMSUNG Mobile Modem Driver Set-->C:\Windows\system32\Samsung_USB_Drivers\3\SSCDUninstall.exe
Samsung Mobile phone USB driver Software-->C:\Windows\system32\Samsung_USB_Drivers\5\SSSDUninstall.exe
SAMSUNG Mobile USB Modem 1.0 Software-->C:\Windows\system32\Samsung_USB_Drivers\1\SS_Uninstall.exe
SAMSUNG Mobile USB Modem Software-->C:\Windows\system32\Samsung_USB_Drivers\2\SSM_Uninstall.exe
Samsung PC Studio 3-->"C:\Program Files\InstallShield Installation Information\{C4A4722E-79F9-417C-BD72-8D359A090C97}\setup.exe" -runfromtemp -l0x0009 -removeonly
Sky Anytime-->MsiExec.exe /X{DD30C2FD-F485-46A8-8153-88EC2650BC79}
Sonic Activation Module-->MsiExec.exe /I{35E1EC43-D4FC-4E4A-AAB3-20DDA27E8BB0}
Sony Picture Utility-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{D5068583-D569-468B-9755-5FBF5848F46F}\setup.exe" -l0x9 /removeonly uninstall -removeonly
Sony USB Driver-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\01\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{5C29CB8B-AC1E-4114-8D68-9CD080140D4A}\setup.exe" -l0x9 UNINSTALL -removeonly
Spybot - Search & Destroy-->"C:\Program Files\Spybot - Search & Destroy\unins000.exe"
Synaptics Pointing Device Driver-->rundll32.exe "C:\Program Files\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
TomTom HOME-->C:\Program Files\TomTom HOME 2\Uninstall TomTom HOME.exe
Turbo Lister 2-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\9\INTEL3~1\IDriver.exe /M{69640730-B830-4C24-BB5C-222DA1260548}
TweetDeck-->MsiExec.exe /X{A891CEA5-6315-D8AF-4426-FFB797285A22}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=""
VC_MergeModuleToMSI-->MsiExec.exe /I{900A92BA-19EF-4A34-86CF-7B6C85BDD971}
Vista Default Settings-->MsiExec.exe /I{2C86D799-6203-4BE4-8175-126D69742F2F}
VNC Free Edition 4.1.2-->"C:\Program Files\RealVNC\VNC4\unins000.exe"
Windows Driver Package - Nokia Modem (05/22/2008 3.8)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_5e0e55c3\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (05/22/2008 7.00.0.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_dcd936c5\nokbtmdm.inf
Windows Driver Package - Nokia Modem (06/01/2009 4.1)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokia_bluetooth.inf_44b2e2d6\nokia_bluetooth.inf
Windows Driver Package - Nokia Modem (06/01/2009 7.01.0.3)-->C:\PROGRA~1\DIFX\270581355A767BF1\dpinst.exe /u C:\Windows\System32\DriverStore\FileRepository\nokbtmdm.inf_34a3d799\nokbtmdm.inf
Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)-->C:\PROGRA~1\DIFX\B4723E9A0713E5B1\dpinst.exe /u C:\Windows\system32\DRVSTORE\pccsmcfd_A3B3916E5D8138F59EE218321B27B044D3B18294\pccsmcfd.inf
Xvid 1.2.2 final uninstall-->"C:\Program Files\Xvid\unins000.exe"
======Security center information======
AV: AVG Anti-Virus Free
AS: AVG Anti-Virus Free (disabled)
AS: Spybot - Search and Destroy (disabled) (outdated)
AS: Windows Defender
======System event log======
Computer Name: Lyla
Event Code: 4374
Message: Windows Servicing identified that package KB975467(Security Update) is not applicable for this system
Record Number: 216086
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016093043.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Lyla
Event Code: 4374
Message: Windows Servicing identified that package KB974455(Security Update) is not applicable for this system
Record Number: 215892
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016092621.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Lyla
Event Code: 4374
Message: Windows Servicing identified that package KB974455(Security Update) is not applicable for this system
Record Number: 215891
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016092621.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Lyla
Event Code: 4374
Message: Windows Servicing identified that package KB974455(Security Update) is not applicable for this system
Record Number: 215890
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016092621.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Lyla
Event Code: 4374
Message: Windows Servicing identified that package KB974455(Security Update) is not applicable for this system
Record Number: 215881
Source Name: Microsoft-Windows-Servicing
Time Written: 20091016092612.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Application event log=====
Computer Name: Lyla
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3463493832-3515462822-1806411736-1003:
Process 828 (\Device\HarddiskVolume1\WINDOWS\System32\svchost.exe) has opened key \REGISTRY\USER\S-1-5-21-3463493832-3515462822-1806411736-1003
Record Number: 132
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20071010171942.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
Computer Name: Lyla
Event Code: 215
Message: WinMail (3252) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.
Record Number: 110
Source Name: ESENT
Time Written: 20071010163941.000000-000
Event Type: Error
User:
Computer Name: Lyla
Event Code: 6006
Message: The winlogon notification subscriber <TrustedInstaller> took 94 second(s) to handle the notification event (CreateSession).
Record Number: 101
Source Name: Microsoft-Windows-Winlogon
Time Written: 20071010163920.000000-000
Event Type: Warning
User:
Computer Name: Lyla
Event Code: 6005
Message: The winlogon notification subscriber <TrustedInstaller> is taking long time to handle the notification event (CreateSession).
Record Number: 96
Source Name: Microsoft-Windows-Winlogon
Time Written: 20071010163846.000000-000
Event Type: Warning
User:
Computer Name: Lyla
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.
DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-3463493832-3515462822-1806411736-1003:
Process 488 (\Device\HarddiskVolume1\WINDOWS\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-3463493832-3515462822-1806411736-1003
Record Number: 35
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20071007221259.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM
=====Security event log=====
Computer Name: Lyla
Event Code: 4902
Message: The Per-user audit policy table was created.
Number of Elements: 0
Policy ID: 0xe8e4
Record Number: 57848
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090219095413.059002-000
Event Type: Audit Success
User:
Computer Name: Lyla
Event Code: 4624
Message: An account was successfully logged on.
Subject:
Security ID: S-1-0-0
Account Name: -
Account Domain: -
Logon ID: 0x0
Logon Type: 0
New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x4
Process Name:
Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: -
Authentication Package: -
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 57847
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090219095412.778200-000
Event Type: Audit Success
User:
Computer Name: Lyla
Event Code: 4608
Message: Windows is starting up.
This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 57846
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090219095412.778200-000
Event Type: Audit Success
User:
Computer Name: Lyla
Event Code: 4634
Message: An account was logged off.
Subject:
Security ID: S-1-5-7
Account Name: ANONYMOUS LOGON
Account Domain: NT AUTHORITY
Logon ID: 0x32384
Logon Type: 3
This event is generated when a logon session is destroyed. It may be positively correlated with a logon event using the Logon ID value. Logon IDs are only unique between reboots on the same computer.
Record Number: 57845
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090218234311.398000-000
Event Type: Audit Success
User:
Computer Name: Lyla
Event Code: 4616
Message: The system time was changed.
Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5
Process Information:
Process ID: 0x4c4
Name: C:\WINDOWS\System32\svchost.exe
Previous Time: 23:43:07 18/02/2009
New Time: 23:43:07 18/02/2009
This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 57844
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090218234311.398000-000
Event Type: Audit Success
User:
======Environment variables======
"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=C:\Program Files\PC Connectivity Solution\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Program Files\Common Files\Roxio Shared\DLLShared\;C:\Program Files\QuickTime\QTSystem\
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 14 Stepping 8, GenuineIntel
"PROCESSOR_REVISION"=0e08
"NUMBER_OF_PROCESSORS"=1
"RoxioCentral"=c:\Program Files\Common Files\Roxio Shared\9.0\Roxio Central33\
"CLASSPATH"=.;C:\Program Files\Java\jre6\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre6\lib\ext\QTJava.zip
-----------------EOF-----------------
Thanks!!!!!!
Main reason for slowness is that you have too little RAM for vista to run smoothly.
I recommend at least to double it.
I can suggest which startup programs to disable but adding RAM will help a lot more.
bphester99
2010-03-21, 22:24
Thanks for the recommendation, I would have thought 1GB was enough to run Vista for basic web browsing. Given that the Windows Experience scores the processor at just 2.6, and given the cost of 2GB of decent RAM, I think I'll save up for a new laptop instead, maybe even an iPad.
Thanks for taking the time out to look at this for me, I really appreciate it.
You can now consider this thread as closed.
Ben