ArtOfSound
2011-06-08, 09:13
I have this message from eset after a scan (.MBR sector of the 2. physical disk Win32/Olmarik.AJL trojan)I can remove the trojan.My computer slow down and even my browser wok very slow.
.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by ArtOfSound at 10:00:24 on 2011-06-08
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.40.1033.18.3327.2252 [GMT 3:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IoctlSvc.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com/406
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.5\bh\BabylonToolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GR469A~1.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi3c8a~1\toolbar\searchqudtx.dll
BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll
BHO: UrlHelper Class: {a40dc6c5-79d0-4ca8-a185-8ff989af1115} - c:\progra~1\wi3c8a~1\datamngr\IEBHO.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi3c8a~1\toolbar\searchqudtx.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.5\BabylonToolbarTlbr.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [<NO NAME>]
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
StartupFolder: c:\users\artofs~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: Download with Xilisoft Download YouTube Video - c:\program files\xilisoft\download youtube video\upod_link.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\artofsound\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\artofsound\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: Translate this web page with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm
IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
TCP: DhcpNameServer = 78.96.7.88 95.77.94.88
TCP: Interfaces\{2D2975A5-0CF4-4C7A-8ED0-B5F688A1B8F9} : DhcpNameServer = 78.96.7.88 95.77.94.88
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GRA32A~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\progra~1\wi3c8a~1\datamngr\datamngr.dll c:\progra~1\wi3c8a~1\datamngr\IEBHO.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GR469A~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-6-7 217032]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-21 218688]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2011-6-7 112592]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-1-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-12-21 41336]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2011-6-7 366840]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2011-6-7 1142224]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
R3 motubus;MOTU Audio MIDI Extension;c:\windows\system32\drivers\motubus.sys [2009-11-20 23600]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-7 10064]
S2 ABP_InstallCheckerService;ABP_InstallCheckerService;c:\users\artofs~1\appdata\local\temp\nsic16e.tmp\abp_installchecker.exe --> c:\users\artofs~1\appdata\local\temp\nsic16e.tmp\ABP_InstallChecker.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [2011-4-21 8192]
S2 srv6E8;srv6E8;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 mfwamidi;MOTU Audio MIDI;c:\windows\system32\drivers\MFWAMIDI.sys [2009-11-20 26160]
S3 mfwawave;MOTU Audio Wave;c:\windows\system32\drivers\mfwawave.sys [2009-11-20 69680]
S3 MotuFWA;MotuFWA;c:\windows\system32\drivers\motufwa.sys [2009-11-20 464944]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-06-08 06:25:44 -------- d-----w- C:\!KillBox
2011-06-07 20:14:00 621944 ----a-w- c:\windows\system32\pskill.exe
2011-06-07 19:33:13 767952 ----a-w- c:\windows\BDTSupport.dll
2011-06-07 19:33:13 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-06-07 19:33:12 165840 ----a-w- c:\windows\PCTBDRes.dll
2011-06-07 19:33:12 1652688 ----a-w- c:\windows\PCTBDCore.dll
2011-06-07 19:31:18 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-06-07 19:31:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-06-07 19:31:17 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-06-07 19:31:17 217032 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-06-07 19:31:15 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-06-07 19:31:10 -------- d-----w- c:\users\artofsound\appdata\roaming\PC Tools
2011-06-07 19:31:10 -------- d-----w- c:\programdata\PC Tools
2011-06-07 19:31:10 -------- d-----w- c:\program files\Spyware Doctor
2011-06-07 19:31:10 -------- d-----w- c:\program files\common files\PC Tools
2011-06-07 18:53:01 -------- d-----w- c:\program files\ESET
2011-06-06 07:18:50 -------- d-----w- c:\users\artofsound\appdata\local\Babylon
2011-06-06 07:18:24 -------- d-----w- c:\users\artofsound\appdata\roaming\Acapela Group
2011-06-06 07:18:02 -------- d-----w- c:\programdata\Babylon
2011-06-06 07:14:56 -------- d-----w- c:\program files\BabylonToolbar
2011-06-06 07:14:19 -------- d-----w- c:\users\artofsound\appdata\roaming\Babylon
2011-06-04 16:32:46 -------- d-----w- c:\program files\ASIO4ALL v2
2011-06-04 16:32:23 1554944 ----a-w- c:\windows\system32\vorbis.acm
2011-06-04 16:32:21 -------- d-----w- c:\program files\Outsim
2011-06-04 16:30:50 -------- d-----w- c:\program files\Image-Line
2011-06-03 07:56:13 -------- d-----w- c:\users\artofsound\appdata\local\ElevatedDiagnostics
2011-06-03 07:36:09 -------- d-----w- c:\users\artofsound\appdata\local\Diagnostics
2011-06-01 10:48:32 -------- d-----w- c:\programdata\Sound Quest
2011-06-01 09:23:35 283648 ----a-w- c:\windows\uninst.exe
2011-06-01 08:43:17 -------- d-----w- c:\users\artofsound\appdata\roaming\Sound Quest
2011-06-01 08:43:15 -------- d-----w- c:\program files\Sound Quest
2011-06-01 08:35:20 -------- d-----w- c:\users\artofsound\appdata\roaming\Free Download Manager
2011-06-01 08:35:18 -------- d-----w- c:\programdata\FreeDownloadManager.ORG
2011-06-01 08:35:17 -------- d-----w- c:\program files\Free Download Manager
2011-05-28 15:18:03 -------- d-----w- c:\program files\VirtualDJ
2011-05-23 13:36:37 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2011-05-23 13:36:37 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2011-05-23 13:36:37 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2011-05-23 13:36:37 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2011-05-23 13:36:37 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2011-05-23 13:36:36 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2011-05-23 13:36:36 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2011-05-22 18:10:54 -------- d-----w- c:\programdata\Solidshield
2011-05-22 18:10:38 -------- d-----w- c:\program files\NVIDIA Corporation
2011-05-22 18:10:16 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2011-05-19 20:35:36 -------- d-----w- c:\users\artofsound\appdata\roaming\Guitar Pro 6
2011-05-19 20:35:36 -------- d-----w- c:\programdata\Guitar Pro 6
2011-05-19 20:31:25 -------- d-----w- c:\program files\Guitar Pro 6
2011-05-19 19:48:41 -------- d-----w- c:\windows\Recent
2011-05-19 19:48:38 5727 ----a-w- c:\windows\system32\VcakeD.vxd
2011-05-19 19:48:38 -------- d-----w- C:\audio
2011-05-18 18:17:23 -------- d-----w- c:\program files\Mv 2 Player Plus
2011-05-18 12:50:46 -------- d-----w- C:\temp
2011-05-17 14:45:49 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-17 14:45:49 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-17 14:45:49 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-05-17 14:45:49 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-17 14:45:49 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-05-17 14:41:44 -------- d-----w- c:\program files\il-2 sturmovik cliffs of dover
2011-05-17 14:28:35 -------- d-----w- c:\program files\common files\Steam
2011-05-16 12:22:47 -------- d-----w- c:\program files\Windows iLivid Toolbar
2011-05-16 12:22:35 -------- d-----w- c:\users\artofsound\appdata\local\PackageAware
2011-05-15 09:36:35 -------- d-----w- c:\users\artofsound\appdata\local\PCDJ Dex
2011-05-15 09:25:05 -------- d--h--w- c:\programdata\{A3A7BCCE-9005-4A6C-82AB-8D46F544F53B}
2011-05-15 09:24:36 -------- d--h--w- c:\programdata\{8477994D-889C-43C2-80D8-0B371F90DD94}
2011-05-15 09:24:05 -------- d--h--w- c:\programdata\{76E54BAB-9F4F-4028-B1A2-EB9D256C6827}
2011-05-15 09:24:02 -------- d-----w- c:\program files\Visiosonic
2011-05-15 09:23:26 -------- d-----w- c:\program files\PCDJ DEX
2011-05-15 09:23:09 -------- d-----w- c:\program files\Digital1Audio
.
==================== Find3M ====================
.
2011-05-31 13:55:29 5954 --sha-w- c:\programdata\KGyGaAvL.sys
2011-05-31 13:55:01 88 --sh--r- c:\programdata\1318199541.sys
2011-03-23 12:20:26 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-03-23 12:19:31 684313 ----a-w- c:\windows\unins000.exe
2011-03-22 17:00:56 21 ----a-w- c:\users\artofsound\appdata\roaming\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC5.dll
2011-03-21 17:50:52 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-03-21 17:50:52 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-03-21 17:19:20 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-21 15:16:50 0 ----a-w- c:\windows\ativpsrm.bin
2011-03-14 12:57:06 307200 ----a-w- c:\windows\system32\TubeFinder.exe
.
============= FINISH: 10:01:05,12 ===============
.
DDS (Ver_2011-06-03.01) - NTFSx86
Internet Explorer: 8.0.7600.16385
Run by ArtOfSound at 10:00:24 on 2011-06-08
Microsoft Windows 7 Ultimate 6.1.7600.0.1250.40.1033.18.3327.2252 [GMT 3:00]
.
AV: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {77DEAFED-8149-104B-25A1-21771CA47CD1}
SP: ESET NOD32 Antivirus 4.2 *Enabled/Updated* {CCBF4E09-A773-1FC5-1F11-1A056723366C}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\rundll32.exe
C:\Program Files\Spyware Doctor\BDT\BDTUpdateService.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\IoctlSvc.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\CyberLink\Shared files\RichVideo.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesService32.exe
C:\Windows\system32\taskhost.exe
C:\Program Files\TuneUp Utilities 2011\TuneUpUtilitiesApp32.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files\Microsoft Office\Office12\WINWORD.EXE
C:\Program Files\RocketDock\RocketDock.exe
C:\Users\ArtOfSound\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\conhost.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.searchqu.com/406
uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
mURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: &Yahoo! Toolbar Helper: {02478d38-c3f9-4efb-9b51-7695eca05670} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
BHO: ContributeBHO Class: {074c1dc5-9320-4a9a-947d-c042949c6216} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.5\bh\BabylonToolbar.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
BHO: CescrtHlpr Object: {64182481-4f71-486b-a045-b233bd0da8fc} - c:\program files\facemoods.com\facemoods\1.4.17.5\bh\facemoods.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~2\office12\GR469A~1.DLL
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi3c8a~1\toolbar\searchqudtx.dll
BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll
BHO: UrlHelper Class: {a40dc6c5-79d0-4ca8-a185-8ff989af1115} - c:\progra~1\wi3c8a~1\datamngr\IEBHO.dll
BHO: Adobe PDF Conversion Toolbar Helper: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: Skype Plug-In: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
BHO: FDMIECookiesBHO Class: {cc59e0f9-7e43-44fa-9faa-8377850bf205} - c:\program files\free download manager\iefdm2.dll
BHO: SmartSelect Class: {f4971ee7-daa0-4053-9964-665d8ee6a077} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
BHO: SingleInstance Class: {fdad4da1-61a2-4fd8-9c17-86f7ac245081} - c:\progra~1\yahoo!\companion\installs\cpn\YTSingleInstance.dll
TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll
TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll
TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} - c:\program files\daemon tools toolbar\DTToolbar.dll
TB: facemoods Toolbar: {db4e9724-f518-4dfd-9c7c-78b52103cab9} - c:\program files\facemoods.com\facemoods\1.4.17.5\facemoodsTlbr.dll
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} - c:\progra~1\yahoo!\companion\installs\cpn\yt.dll
TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll
TB: Contribute Toolbar: {517bdde4-e3a7-4570-b21e-2b52b6139fc7} - c:\program files\adobe\/Adobe Contribute CS4/contributeieplugin.dll
TB: Searchqu Toolbar: {99079a25-328f-4bd4-be04-00955acaa0a7} - c:\progra~1\wi3c8a~1\toolbar\searchqudtx.dll
TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - c:\program files\babylontoolbar\babylontoolbar\1.4.19.5\BabylonToolbarTlbr.dll
TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll
uRun: [Sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun
mRun: [Malwarebytes' Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [<NO NAME>]
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRun: [ISTray] "c:\program files\spyware doctor\pctsTray.exe"
StartupFolder: c:\users\artofs~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5)
mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Append Link Target to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
IE: Append to Existing PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIEAppend.html
IE: Convert Link Target to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
IE: Convert to Adobe PDF - c:\program files\common files\adobe\acrobat\activex\AcroIEFavClient.dll/AcroIECapture.html
IE: Download all with Free Download Manager - file://c:\program files\free download manager\dlall.htm
IE: Download selected with Free Download Manager - file://c:\program files\free download manager\dlselected.htm
IE: Download video with Free Download Manager - file://c:\program files\free download manager\dlfvideo.htm
IE: Download with Free Download Manager - file://c:\program files\free download manager\dllink.htm
IE: Download with Xilisoft Download YouTube Video - c:\program files\xilisoft\download youtube video\upod_link.HTM
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000
IE: Free YouTube Download - c:\users\artofsound\appdata\roaming\dvdvideosoftiehelpers\freeyoutubedownload.htm
IE: Free YouTube to MP3 Converter - c:\users\artofsound\appdata\roaming\dvdvideosoftiehelpers\freeyoutubetomp3converter.htm
IE: Se&nd to OneNote - c:\progra~1\micros~2\office14\ONBttnIE.dll/105
IE: Translate this web page with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: Translate with Babylon - c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/Action.htm
IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://c:\program files\babylon\babylon-pro\utils\BabylonIEPI.dll/ActionTU.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL
LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_01-windows-i586.cab
TCP: DhcpNameServer = 78.96.7.88 95.77.94.88
TCP: Interfaces\{2D2975A5-0CF4-4C7A-8ED0-B5F688A1B8F9} : DhcpNameServer = 78.96.7.88 95.77.94.88
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~2\office12\GRA32A~1.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL
AppInit_DLLs: c:\progra~1\wi3c8a~1\datamngr\datamngr.dll c:\progra~1\wi3c8a~1\datamngr\IEBHO.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~2\office12\GR469A~1.DLL
.
============= SERVICES / DRIVERS ===============
.
R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2011-6-7 217032]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2011-3-21 218688]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656]
R2 Browser Defender Update Service;Browser Defender Update Service;c:\program files\spyware doctor\bdt\BDTUpdateService.exe [2011-6-7 112592]
R2 eamonm;eamonm;c:\windows\system32\drivers\eamonm.sys [2010-12-21 137144]
R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2011-1-12 810144]
R2 epfwwfp;epfwwfp;c:\windows\system32\drivers\epfwwfp.sys [2010-12-21 41336]
R2 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2011-6-7 366840]
R2 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2011-6-7 1142224]
R2 TuneUp.UtilitiesSvc;TuneUp Utilities Service;c:\program files\tuneup utilities 2011\TuneUpUtilitiesService32.exe [2010-10-27 1483072]
R3 motubus;MOTU Audio MIDI Extension;c:\windows\system32\drivers\motubus.sys [2009-11-20 23600]
R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;c:\program files\tuneup utilities 2011\TuneUpUtilitiesDriver32.sys [2010-10-7 10064]
S2 ABP_InstallCheckerService;ABP_InstallCheckerService;c:\users\artofs~1\appdata\local\temp\nsic16e.tmp\abp_installchecker.exe --> c:\users\artofs~1\appdata\local\temp\nsic16e.tmp\ABP_InstallChecker.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 KMService;KMService;c:\windows\system32\srvany.exe [2011-4-21 8192]
S2 srv6E8;srv6E8;c:\windows\system32\svchost.exe -k netsvcs [2009-7-14 20992]
S3 Adobe Version Cue CS4;Adobe Version Cue CS4;c:\program files\common files\adobe\adobe version cue cs4\server\bin\VersionCueCS4.exe [2008-8-15 284016]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888]
S3 mfwamidi;MOTU Audio MIDI;c:\windows\system32\drivers\MFWAMIDI.sys [2009-11-20 26160]
S3 mfwawave;MOTU Audio Wave;c:\windows\system32\drivers\mfwawave.sys [2009-11-20 69680]
S3 MotuFWA;MotuFWA;c:\windows\system32\drivers\motufwa.sys [2009-11-20 464944]
S3 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
.
=============== Created Last 30 ================
.
2011-06-08 06:25:44 -------- d-----w- C:\!KillBox
2011-06-07 20:14:00 621944 ----a-w- c:\windows\system32\pskill.exe
2011-06-07 19:33:13 767952 ----a-w- c:\windows\BDTSupport.dll
2011-06-07 19:33:13 149456 ----a-w- c:\windows\SGDetectionTool.dll
2011-06-07 19:33:12 165840 ----a-w- c:\windows\PCTBDRes.dll
2011-06-07 19:33:12 1652688 ----a-w- c:\windows\PCTBDCore.dll
2011-06-07 19:31:18 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys
2011-06-07 19:31:18 100136 ----a-w- c:\windows\system32\drivers\pctwfpfilter.sys
2011-06-07 19:31:17 88040 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys
2011-06-07 19:31:17 217032 ----a-w- c:\windows\system32\drivers\PCTCore.sys
2011-06-07 19:31:15 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys
2011-06-07 19:31:10 -------- d-----w- c:\users\artofsound\appdata\roaming\PC Tools
2011-06-07 19:31:10 -------- d-----w- c:\programdata\PC Tools
2011-06-07 19:31:10 -------- d-----w- c:\program files\Spyware Doctor
2011-06-07 19:31:10 -------- d-----w- c:\program files\common files\PC Tools
2011-06-07 18:53:01 -------- d-----w- c:\program files\ESET
2011-06-06 07:18:50 -------- d-----w- c:\users\artofsound\appdata\local\Babylon
2011-06-06 07:18:24 -------- d-----w- c:\users\artofsound\appdata\roaming\Acapela Group
2011-06-06 07:18:02 -------- d-----w- c:\programdata\Babylon
2011-06-06 07:14:56 -------- d-----w- c:\program files\BabylonToolbar
2011-06-06 07:14:19 -------- d-----w- c:\users\artofsound\appdata\roaming\Babylon
2011-06-04 16:32:46 -------- d-----w- c:\program files\ASIO4ALL v2
2011-06-04 16:32:23 1554944 ----a-w- c:\windows\system32\vorbis.acm
2011-06-04 16:32:21 -------- d-----w- c:\program files\Outsim
2011-06-04 16:30:50 -------- d-----w- c:\program files\Image-Line
2011-06-03 07:56:13 -------- d-----w- c:\users\artofsound\appdata\local\ElevatedDiagnostics
2011-06-03 07:36:09 -------- d-----w- c:\users\artofsound\appdata\local\Diagnostics
2011-06-01 10:48:32 -------- d-----w- c:\programdata\Sound Quest
2011-06-01 09:23:35 283648 ----a-w- c:\windows\uninst.exe
2011-06-01 08:43:17 -------- d-----w- c:\users\artofsound\appdata\roaming\Sound Quest
2011-06-01 08:43:15 -------- d-----w- c:\program files\Sound Quest
2011-06-01 08:35:20 -------- d-----w- c:\users\artofsound\appdata\roaming\Free Download Manager
2011-06-01 08:35:18 -------- d-----w- c:\programdata\FreeDownloadManager.ORG
2011-06-01 08:35:17 -------- d-----w- c:\program files\Free Download Manager
2011-05-28 15:18:03 -------- d-----w- c:\program files\VirtualDJ
2011-05-23 13:36:37 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll
2011-05-23 13:36:37 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll
2011-05-23 13:36:37 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe
2011-05-23 13:36:37 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll
2011-05-23 13:36:37 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll
2011-05-23 13:36:36 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll
2011-05-23 13:36:36 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll
2011-05-22 18:10:54 -------- d-----w- c:\programdata\Solidshield
2011-05-22 18:10:38 -------- d-----w- c:\program files\NVIDIA Corporation
2011-05-22 18:10:16 -------- d-----w- c:\program files\common files\Wise Installation Wizard
2011-05-19 20:35:36 -------- d-----w- c:\users\artofsound\appdata\roaming\Guitar Pro 6
2011-05-19 20:35:36 -------- d-----w- c:\programdata\Guitar Pro 6
2011-05-19 20:31:25 -------- d-----w- c:\program files\Guitar Pro 6
2011-05-19 19:48:41 -------- d-----w- c:\windows\Recent
2011-05-19 19:48:38 5727 ----a-w- c:\windows\system32\VcakeD.vxd
2011-05-19 19:48:38 -------- d-----w- C:\audio
2011-05-18 18:17:23 -------- d-----w- c:\program files\Mv 2 Player Plus
2011-05-18 12:50:46 -------- d-----w- C:\temp
2011-05-17 14:45:49 99176 ----a-w- c:\windows\system32\PresentationHostProxy.dll
2011-05-17 14:45:49 49472 ----a-w- c:\windows\system32\netfxperf.dll
2011-05-17 14:45:49 297808 ----a-w- c:\windows\system32\mscoree.dll
2011-05-17 14:45:49 295264 ----a-w- c:\windows\system32\PresentationHost.exe
2011-05-17 14:45:49 1130824 ----a-w- c:\windows\system32\dfshim.dll
2011-05-17 14:41:44 -------- d-----w- c:\program files\il-2 sturmovik cliffs of dover
2011-05-17 14:28:35 -------- d-----w- c:\program files\common files\Steam
2011-05-16 12:22:47 -------- d-----w- c:\program files\Windows iLivid Toolbar
2011-05-16 12:22:35 -------- d-----w- c:\users\artofsound\appdata\local\PackageAware
2011-05-15 09:36:35 -------- d-----w- c:\users\artofsound\appdata\local\PCDJ Dex
2011-05-15 09:25:05 -------- d--h--w- c:\programdata\{A3A7BCCE-9005-4A6C-82AB-8D46F544F53B}
2011-05-15 09:24:36 -------- d--h--w- c:\programdata\{8477994D-889C-43C2-80D8-0B371F90DD94}
2011-05-15 09:24:05 -------- d--h--w- c:\programdata\{76E54BAB-9F4F-4028-B1A2-EB9D256C6827}
2011-05-15 09:24:02 -------- d-----w- c:\program files\Visiosonic
2011-05-15 09:23:26 -------- d-----w- c:\program files\PCDJ DEX
2011-05-15 09:23:09 -------- d-----w- c:\program files\Digital1Audio
.
==================== Find3M ====================
.
2011-05-31 13:55:29 5954 --sha-w- c:\programdata\KGyGaAvL.sys
2011-05-31 13:55:01 88 --sh--r- c:\programdata\1318199541.sys
2011-03-23 12:20:26 1700352 ----a-w- c:\windows\system32\gdiplus.dll
2011-03-23 12:19:31 684313 ----a-w- c:\windows\unins000.exe
2011-03-22 17:00:56 21 ----a-w- c:\users\artofsound\appdata\roaming\iasna_C92E1371-3DF5-4322-9729-82CC0DD90EC5.dll
2011-03-21 17:50:52 499712 ----a-w- c:\windows\system32\msvcp71.dll
2011-03-21 17:50:52 348160 ----a-w- c:\windows\system32\msvcr71.dll
2011-03-21 17:19:20 218688 ----a-w- c:\windows\system32\drivers\dtsoftbus01.sys
2011-03-21 15:16:50 0 ----a-w- c:\windows\ativpsrm.bin
2011-03-14 12:57:06 307200 ----a-w- c:\windows\system32\TubeFinder.exe
.
============= FINISH: 10:01:05,12 ===============