[preacherswife]

I was on my laptop and all of a sudden, this warning message comes up and tells me I have a potential threat. It said I can click on a program called, "Windows System Suite" and install the program and remove "all" threats.

It gave me a choice of 3 different choices with three different prices. I never did proceed with this and every 5 or so minutes, this same message would pop up.

I went on Geeks to Go and someone there told me to post since this is Malware.

I hope someone can help me with this.

I am running Vista and I currently have installed: Avira, CC, Malware (Anti-Malware, Spyware Guard and Spyware Blaster.

[Advertisements]

Hello, my name is fenzodahl512 and welcome to the forum.. Please do the following....


Please download The Comedian.exe by Rorschach112 to your desktop

• Please disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..
• Double click the program to run it. It will only take around several minutes to run.
• It will do a series of tasks and tell you when each one is finished.
• You will be prompted to press any key after each step
• When it is done it will close and exit itself automatically.
• You can delete The_Comedian.exe once it is finished

STOP! if you can't complete this step.. Tell me more about it..



NEXT


Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.



NEXT


Please download RSIT by random/random and save it to your Desktop.

• Double click on RSIT.exe to run RSIT
• Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.

NEXT


Please download GMER and unzip it to your Desktop. <<mirror>>
Please rename the random filename or GMER into GAMERS

• Open the renamed program and click on the Rootkit tab.
• Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
• Click on Scan.
• When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.

IMPORTANT: Do NOT run any program while you are doing these scans as it may interfere with the output results



Post me these logs in your next reply.. Post each log in separate post..

1. Malwarebytes'
2. RSIT log.txt
3. RSIT info.txt
4. Attach GAMERS result..

[fenzodahl512]

Hello, my name is fenzodahl512 and welcome to the forum.. Please do the following....


Please download The Comedian.exe by Rorschach112 to your desktop

• Please disable all of your antivirus/firewall before doing this step. Please visit HERE if you don't know how..
• Double click the program to run it. It will only take around several minutes to run.
• It will do a series of tasks and tell you when each one is finished.
• You will be prompted to press any key after each step
• When it is done it will close and exit itself automatically.
• You can delete The_Comedian.exe once it is finished

STOP! if you can't complete this step.. Tell me more about it..



NEXT


Please download Malwarebytes' Anti-Malware from HERE or HERE

Note: If you already have Malwarebytes' Anti-Malware, just run and update it.. Then do a "Perform Full Scan"

Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy&Paste the entire report in your next reply.

Extra Note:
If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediately.



NEXT


Please download RSIT by random/random and save it to your Desktop.

• Double click on RSIT.exe to run RSIT
• Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.

NEXT


Please download GMER and unzip it to your Desktop. <<mirror>>
Please rename the random filename or GMER into GAMERS

• Open the renamed program and click on the Rootkit tab.
• Make sure all the boxes on the right of the screen are checked, EXCEPT for ‘Show All’.
• Click on Scan.
• When the scan has run click Copy and paste the results into a Notepad >> save it and attach in this thread.

IMPORTANT: Do NOT run any program while you are doing these scans as it may interfere with the output results



Post me these logs in your next reply.. Post each log in separate post..

1. Malwarebytes'
2. RSIT log.txt
3. RSIT info.txt
4. Attach GAMERS result..

[preacherswife]

Here is the results of the Malware scan:

Malwarebytes' Anti-Malware 1.36
Database version: 2156
Windows 6.0.6002 Service Pack 2

8/11/2009 7:44:33 PM
mbam-log-2009-08-11 (19-44-33).txt

Scan type: Full Scan (C:\|D:\|)
Objects scanned: 216957
Time elapsed: 5 hour(s), 15 minute(s), 11 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

I am now doing the RSIT so I will touch base later on.

Thanks!

[preacherswife]

Here is one result:


info.txt logfile of random's system information tool 1.06 2009-08-11 19:58:54

======Uninstall list======

-->"C:\Program Files\InstallShield Installation Information\{A644254B-92F6-4970-8635-AB0775371E72}\setup.exe" --u:{A644254B-92F6-4970-8635-AB0775371E72}
-->"C:\Program Files\TOSHIBA Games\Bejeweled 2 Deluxe\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Blackhawk Striker 2\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\FATE\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Mah Jong Quest\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Monopoly\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Mystery P.I. - The Lottery Ticket\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Penguins!\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Polar Bowler\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Polar Golfer\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Scrabble\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Sea Life Safari\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\Uninstall.exe"
-->"C:\Program Files\TOSHIBA Games\Virtual Villagers - A New Home\Uninstall.exe"
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{622E6F16-0904-49B6-BBE1-4CC836314CCF}\setup.exe" -l0x9
-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{697AFC77-F318-4CD4-BF16-F50F4C1072DA}\setup.exe" -l0x9
Acrobat.com-->msiexec /qb /x {77DCDCE3-2DED-62F3-8154-05E745472D07}
Acrobat.com-->MsiExec.exe /I{77DCDCE3-2DED-62F3-8154-05E745472D07}
Adobe AIR-->c:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
Adobe AIR-->MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Download Manager-->"C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1
Adobe Flash Player 10 ActiveX-->C:\Windows\system32\Macromed\Flash\uninstall_activeX.exe
Adobe Reader 9.1.3-->MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
ALPS Touch Pad Driver-->C:\Program Files\Apoint2K\Uninstap.exe ADDREMOVE
Atheros Driver Installation Program-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\11\50\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{28006915-2739-4EBE-B5E8-49B25D32EB33}\setup.exe" -l0x9 -removeonly
Atheros Wi-Fi Protected Setup Library-->C:\Program Files\InstallShield Installation Information\{B0BCDCBD-863D-4CAB-BF68-8D1F6B1BDC13}\setup.exe -runfromtemp -l0x0009 -removeonly
Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE
AviSynth 2.5-->"C:\Program Files\AviSynth 2.5\Uninstall.exe"
Bluetooth Stack for Windows by Toshiba-->MsiExec.exe /X{CEBB6BFB-D708-4F99-A633-BC2600E01EF6}
CCleaner (remove only)-->"C:\Program Files\CCleaner\uninst.exe"
CD/DVD Drive Acoustic Silencer-->C:\Program Files\InstallShield Installation Information\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}\setup.exe -runfromtemp -l0x0009 -removeonly
Compatibility Pack for the 2007 Office system-->MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Digital Photo Slide Show & Screen Saver 2008.1-->"C:\Program Files\SlideShow\unins000.exe"
Download Updater (AOL LLC)-->C:\Program Files\Common Files\Software Update Utility\uninstall.exe
Driver Detective-->MsiExec.exe /X{5721A8EA-A30F-4F66-9046-3F40C43AE1DC}
DVD MovieFactory for TOSHIBA-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{F214EAA4-A069-4BAF-9DA4-4DB8BEEDE485}\setup.exe" -l0x9
ERUNT 1.1j-->"C:\Program Files\ERUNT\unins000.exe"
GearDrvs-->MsiExec.exe /I{206FD69B-F9FE-4164-81BD-D52552BC9C23}
Google Desktop-->C:\Program Files\Google\Google Desktop Search\GoogleDesktopSetup.exe -uninstall
Google Toolbar for Internet Explorer-->MsiExec.exe /I{DBEA1034-5882-4A88-8033-81C4EF0CFA29}
Google Toolbar for Internet Explorer-->regsvr32 /u /s "c:\program files\google\googletoolbar1.dll"
HijackThis 2.0.2-->"C:\Program Files\trend micro\HijackThis.exe" /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=""
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)-->C:\Windows\system32\msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {A7EEA2F2-BFCD-4A54-A575-7B81A786E658} /qb+ REBOOTPROMPT=""
iMesh-->C:\Program Files\iMesh Applications\iMesh\UninstallSurvey.exe C:\PROGRA~1\IMESHA~1\iMesh\UNWISE.EXE /U C:\PROGRA~1\IMESHA~1\iMesh\INSTALL.LOG
Intel® Graphics Media Accelerator Driver-->C:\Windows\system32\igxpun.exe -uninstall
Java™ 6 Update 13-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216013FF}
Java™ 6 Update 3-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160030}
Java™ 6 Update 4-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160040}
Java™ 6 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160050}
Java™ 6 Update 7-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0160070}
K-Lite Codec Pack 4.9.5 (Standard)-->"C:\Program Files\K-Lite Codec Pack\unins000.exe"
LiveUpdate 3.2 (Symantec Corporation)-->"C:\Program Files\Symantec\LiveUpdate\LSETUP.EXE" /U
LiveUpdate Notice (Symantec Corporation)-->MsiExec.exe /X{DBA4DB9D-EE51-4944-A419-98AB1F1249C8}
Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe"
Microsoft .NET Framework 3.5 SP1-->c:\Windows\Microsoft.NET\Framework\v3.5\Microsoft .NET Framework 3.5 SP1\setup.exe
Microsoft .NET Framework 3.5 SP1-->MsiExec.exe /I{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}
Microsoft Office PowerPoint Viewer 2007 (English)-->MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053-->MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable-->MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148-->MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475}
Microsoft Works-->MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
mIRC-->C:\Program Files\mIRC\uninstall.exe _?=C:\Program Files\mIRC
MSXML 4.0 SP2 (KB941833)-->MsiExec.exe /I{C523D256-313D-4866-B36A-F3DE528246EF}
MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Norton 360-->MsiExec.exe /I{63A6E9A9-A190-46D4-9430-2DB28654AFD8}
OpenOffice.org 2.4-->MsiExec.exe /I{F87A8E11-02A4-4875-A3A5-5961081B0E4E}
Picasa 2-->"C:\Program Files\Picasa2\Uninstall.exe"
QuickBooks Financial Center-->MsiExec.exe /I{890EF3F8-742F-46BD-9E8E-084B3A1F4364}
QuickTime-->MsiExec.exe /I{08CA9554-B5FE-4313-938F-D4A417B81175}
Realtek 8169 PCI, 8168 and 8101E PCIe Ethernet Network Card Driver for Windows Vista-->C:\Program Files\InstallShield Installation Information\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}\setup.exe -runfromtemp -l0x0009 -removeonly
Realtek High Definition Audio Driver-->RtlUpd.exe -r -m
Sibelius Scorch (ActiveX Only)-->MsiExec.exe /I{15CCBC5D-66A7-4131-8D36-E05F27B0E68F}
SlideShow Expressions-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{2D83C0A3-EA20-4254-948A-B89B16571F9A}\Setup.exe" -l0x9
SpeedFan (remove only)-->"C:\Program Files\SpeedFan\uninstall.exe"
Spelling Dictionaries Support For Adobe Reader 9-->MsiExec.exe /I{AC76BA86-7AD7-5464-3428-900000000004}
SpywareBlaster 4.2-->"C:\Program Files\SpywareBlaster\unins000.exe"
SpywareGuard v2.2-->"C:\Program Files\SpywareGuard\unins000.exe"
Texas Instruments PCIxx21/x515/xx12 drivers.-->C:\Program Files\InstallShield Installation Information\{DB780B85-B4B5-4864-A49C-9B706B169C93}\setup.exe -runfromtemp -l0x0409
TOSHIBA Assist-->C:\Program Files\InstallShield Installation Information\{12B3A009-A080-4619-9A2A-C6DB151D8D67}\setup.exe -runfromtemp -l0x0009 -removeonly
TOSHIBA ConfigFree-->MsiExec.exe /X{78C6A78A-8B03-48C8-A47C-78BA1FCA2307}
TOSHIBA Disc Creator-->MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
TOSHIBA DVD PLAYER-->C:\Program Files\InstallShield Installation Information\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}\setup.exe -runfromtemp -l0x0009 -ADDREMOVE -removeonly
TOSHIBA Extended Tiles for Windows Mobility Center-->C:\Program Files\InstallShield Installation Information\{617C36FD-0CBE-4600-84B2-441CEB12FADF}\setup.exe -runfromtemp -l0x0409
TOSHIBA Flash Cards Support Utility-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{620BBA5E-F848-4D56-8BDA-584E44584C5E}
TOSHIBA Hardware Setup-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{5279374D-87FE-4879-9385-F17278EBB9D3} /l1033
Toshiba Registration-->MsiExec.exe /I{C53D16CC-E56F-47B8-906E-70AAF8EABB4F}
TOSHIBA SD Memory Utilities-->MsiExec.exe /X{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}
TOSHIBA Software Modem-->Tosmreg -U
TOSHIBA Software Upgrades-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{425A2BC2-AA64-4107-9C29-484245BBEA05}\setup.exe" -l0x9 -removeonly
TOSHIBA Speech System Applications-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}\Setup.exe" -l0x9
TOSHIBA Speech System SR Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{008D69EB-70FF-46AB-9C75-924620DF191A}\Setup.exe" -l0x9 UNINSTALL
TOSHIBA Speech System TTS Engine(U.S.) Version1.0-->RunDll32 C:\PROGRA~1\COMMON~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}\Setup.exe" -l0x9
TOSHIBA Supervisor Password-->C:\PROGRA~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe /M{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE} /l1033
TOSHIBA Value Added Package-->C:\Program Files\InstallShield Installation Information\{FEDD27A0-B306-45EF-BF58-B527406B42C8}\setup.exe -runfromtemp -l0x0409
WildTangent Games-->"C:\Program Files\TOSHIBA Games\Uninstall.exe"
Winamp-->"C:\Program Files\Winamp\UninstWA.exe"

======Security center information======

FW: COMODO Firewall Pro
AS: Windows Defender

======System event log======

Computer Name: Dorraine-PC
Event Code: 4376
Message: Servicing has required reboot to complete the operation of setting package KB953838(Security Update) into Install Requested(Install Requested) state
Record Number: 31138
Source Name: Microsoft-Windows-Servicing
Time Written: 20080817032714.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Dorraine-PC
Event Code: 4374
Message: Windows Servicing identified that package KB953838(Security Update) is not applicable for this system
Record Number: 31030
Source Name: Microsoft-Windows-Servicing
Time Written: 20080817032504.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Dorraine-PC
Event Code: 4374
Message: Windows Servicing identified that package KB953838(Security Update) is not applicable for this system
Record Number: 31029
Source Name: Microsoft-Windows-Servicing
Time Written: 20080817032504.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Dorraine-PC
Event Code: 4374
Message: Windows Servicing identified that package KB953838(Security Update) is not applicable for this system
Record Number: 31028
Source Name: Microsoft-Windows-Servicing
Time Written: 20080817032504.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Dorraine-PC
Event Code: 4374
Message: Windows Servicing identified that package KB953838(Security Update) is not applicable for this system
Record Number: 31022
Source Name: Microsoft-Windows-Servicing
Time Written: 20080817032457.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

=====Application event log=====

Computer Name: Dorraine-PC
Event Code: 0
Message:
Record Number: 1325
Source Name: AtBroker
Time Written: 20080530041528.000000-000
Event Type: Warning
User:

Computer Name: Dorraine-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 1319
Source Name: Microsoft-Windows-WMI
Time Written: 20080530034411.000000-000
Event Type: Error
User:

Computer Name: Dorraine-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL -
1 user registry handles leaked from \Registry\User\S-1-5-21-1934124357-3260022189-218695766-1000:
Process 608 (\Device\HarddiskVolume2\Windows\System32\winlogon.exe) has opened key \REGISTRY\USER\S-1-5-21-1934124357-3260022189-218695766-1000

Record Number: 1295
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20080530032032.000000-000
Event Type: Warning
User: NT AUTHORITY\SYSTEM

Computer Name: Dorraine-PC
Event Code: 10
Message: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 1267
Source Name: Microsoft-Windows-WMI
Time Written: 20080530031349.000000-000
Event Type: Error
User:

Computer Name: Dorraine-PC
Event Code: 1008
Message: The Windows Search Service is attempting to remove the old catalog.

Record Number: 1263
Source Name: Microsoft-Windows-Search
Time Written: 20080530031339.000000-000
Event Type: Warning
User:

=====Security event log=====

Computer Name: Dorraine-PC
Event Code: 4608
Message: Windows is starting up.

This event is logged when LSASS.EXE starts and the auditing subsystem is initialized.
Record Number: 1463
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080530025402.974963-000
Event Type: Audit Success
User:

Computer Name: Dorraine-PC
Event Code: 1101
Message: Audit events have been dropped by the transport. The real time backup file was corrupt due to improper shutdown.
Record Number: 1462
Source Name: Microsoft-Windows-Eventlog
Time Written: 20080530031325.151213-000
Event Type: Audit Success
User:

Computer Name: WIN-YX5RBQI5MYX
Event Code: 4616
Message: The system time was changed.

Subject:
Security ID: S-1-5-19
Account Name: LOCAL SERVICE
Account Domain: NT AUTHORITY
Logon ID: 0x3e5

Process Information:
Process ID: 0x530
Name: C:\Windows\System32\svchost.exe

Previous Time: 12:20:15 PM 3/24/2008
New Time: 12:20:15 PM 3/24/2008

This event is generated when the system time is changed. It is normal for the Windows Time Service, which runs with System privilege, to change the system time on a regular basis. Other system time changes may be indicative of attempts to tamper with the computer.
Record Number: 1461
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20080324192015.606600-000
Event Type: Audit Success
User:

Computer Name: WIN-YX5RBQI5MYX
Event Code: 1100
Message: The event logging service has shut down.
Record Number: 1460
Source Name: Microsoft-Windows-Eventlog
Time Written: 20080324192015.918600-000
Event Type: Audit Success
User:

Computer Name: WIN-YX5RBQI5MYX
Event Code: 1102
Message: The audit log was cleared.
Subject:
Security ID: S-1-5-21-1934124357-3260022189-218695766-500
Account Name: Administrator
Domain Name: WIN-YX5RBQI5MYX
Logon ID: 0x40c02
Record Number: 1459
Source Name: Microsoft-Windows-Eventlog
Time Written: 20080324191939.430556-000
Event Type: Audit Success
User:

======Environment variables======

"ComSpec"=%SystemRoot%\system32\cmd.exe
"FP_NO_HOST_CHECK"=NO
"OS"=Windows_NT
"Path"=%systemroot%\system32;%systemroot%;%systemroot%\system32\wbem;C:\PROGRA~1\COMMON~1\ULEADS~1\MPEG;C:\Program Files\QuickTime\QTSystem
"PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
"PROCESSOR_ARCHITECTURE"=x86
"TEMP"=%SystemRoot%\TEMP
"TMP"=%SystemRoot%\TEMP
"USERNAME"=SYSTEM
"windir"=%SystemRoot%
"PROCESSOR_LEVEL"=6
"PROCESSOR_IDENTIFIER"=x86 Family 6 Model 15 Stepping 13, GenuineIntel
"PROCESSOR_REVISION"=0f0d
"NUMBER_OF_PROCESSORS"=2
"TRACE_FORMAT_SEARCH_PATH"=\\NTREL202.ntdev.corp.microsoft.com\4F18C3A5-CA09-4DBD-B6FC-219FDD4C6BE0\TraceFormat
"DFSTRACINGON"=FALSE
"CLASSPATH"=.;C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip
"QTJAVA"=C:\Program Files\Java\jre1.6.0_05\lib\ext\QTJava.zip

-----------------EOF-----------------

[preacherswife]

Here is the results of the second scan:


Logfile of random's system information tool 1.06 (written by random/random)
Run by Dorraine at 2009-08-11 19:58:29
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 105 GB (70%) free of 151 GB
Total RAM: 2038 MB (42% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 7:58:45 PM, on 8/11/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iMesh Applications\Personalization\iMeshPersonalization.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Windows\Explorer.EXE
c:\TOSHIBA\IVP\swupdate\TaisSoftIcon.exe
C:\Windows\system32\Macromed\Flash\FlashUtil10c.exe
C:\Program Files\iMesh Applications\iMesh\iMesh.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Dorraine\Desktop\RSIT.exe
C:\Program Files\trend micro\Dorraine.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/d
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: iMeshPersonalization - {2E172451-9577-461f-BD9D-16D2E88D0F50} - C:\Program Files\iMesh Applications\Personalization\iMeshPersonalizationIE_v1053.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunOnce: [Uninstall Adobe Download Manager] "C:\Program Files\NOS\bin\getPlus_HelperSvc.exe" /UninstallGet1noarp
O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent
O4 - HKCU\..\Run: [iMeshPersonalization] "C:\Program Files\iMesh Applications\Personalization\iMeshPersonalization.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [toscdspd] TOSCDSPD.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.appl...ex/qtplugin.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.ad...Plus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: getPlus® Helper - NOS Microsystems Ltd. - C:\Program Files\NOS\bin\getPlus_HelperSvc.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 9529 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E172451-9577-461f-BD9D-16D2E88D0F50}]
iMeshPersonalization - C:\Program Files\iMesh Applications\Personalization\iMeshPersonalizationIE_v1053.dll [2008-06-10 661424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-02-18 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-20 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-02-18 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-20 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-20 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-20 129560]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-16 448080]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-09-11 180224]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-23 438272]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-19 29744]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-07-08 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-20 148888]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall Adobe Download Manager"=C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
"Malwarebytes' Anti-Malware"=C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe [2009-08-03 419088]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iMeshPersonalization"=C:\Program Files\iMesh Applications\Personalization\iMeshPersonalization.exe [2008-06-10 1272240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-20 202240]
"toscdspd"=TOSCDSPD.EXE []

C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2009-08-11 19:58:29 ----D---- C:\rsit
2009-08-11 14:19:09 ----D---- C:\Program Files\ERUNT
2009-08-10 22:20:14 ----SHD---- C:\Users\Dorraine\AppData\Roaming\Windows System Suite
2009-08-10 22:19:06 ----SHD---- C:\ProgramData\WSYSSSys
2009-08-10 22:18:53 ----SHD---- C:\ProgramData\6dc5568
2009-07-31 22:51:09 ----D---- C:\Program Files\SpeedFan
2009-07-29 12:48:56 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 12:48:52 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 12:48:51 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 12:48:49 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 12:48:49 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 12:48:48 ----A---- C:\Windows\system32\ieencode.dll
2009-07-17 21:54:34 ----A---- C:\Windows\system32\t2embed.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\lpk.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\fontsub.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\dciman32.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\atmfd.dll
2009-07-14 23:11:55 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-07-14 23:11:46 ----D---- C:\Program Files\PC Drivers HeadQuarters
2009-07-09 22:18:43 ----A---- C:\Windows\system32\unrar.dll
2009-07-09 22:18:28 ----D---- C:\Program Files\K-Lite Codec Pack
2009-06-11 22:26:45 ----A---- C:\Windows\system32\localspl.dll
2009-06-11 22:26:33 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-08 22:54:47 ----D---- C:\Program Files\SpywareGuard
2009-06-08 22:43:51 ----D---- C:\ProgramData\Avira
2009-06-08 22:43:51 ----D---- C:\Program Files\Avira
2009-06-04 01:36:11 ----D---- C:\_OTMoveIt
2009-06-02 00:41:45 ----D---- C:\Windows\system32\vi-VN
2009-06-02 00:41:45 ----D---- C:\Windows\system32\eu-ES
2009-06-02 00:41:45 ----D---- C:\Windows\system32\ca-ES
2009-06-02 00:27:44 ----D---- C:\Windows\system32\EventProviders
2009-06-02 00:25:44 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-06-02 00:25:35 ----A---- C:\Windows\system32\SLCExt.dll
2009-06-02 00:25:34 ----A---- C:\Windows\system32\SLsvc.exe
2009-06-02 00:25:29 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-02 00:25:29 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-06-02 00:25:25 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-06-02 00:25:20 ----A---- C:\Windows\system32\mssrch.dll
2009-06-02 00:25:16 ----A---- C:\Windows\system32\tquery.dll
2009-06-02 00:25:13 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-02 00:25:12 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-06-02 00:25:12 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-02 00:25:11 ----A---- C:\Windows\system32\scavenge.dll
2009-06-02 00:25:11 ----A---- C:\Windows\system32\RMActivate.exe
2009-06-02 00:25:07 ----A---- C:\Windows\system32\msi.dll
2009-06-02 00:25:05 ----A---- C:\Windows\system32\imapi2fs.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\WscEapPr.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\sysmain.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\secproc_isv.dll
2009-06-02 00:25:00 ----A---- C:\Windows\system32\icardagt.exe
2009-06-02 00:24:59 ----A---- C:\Windows\system32\mf.dll
2009-06-02 00:24:58 ----A---- C:\Windows\system32\EhStorShell.dll
2009-06-02 00:24:58 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-06-02 00:24:55 ----A---- C:\Windows\system32\spreview.exe
2009-06-02 00:24:55 ----A---- C:\Windows\system32\spinstall.exe
2009-06-02 00:24:55 ----A---- C:\Windows\system32\drmv2clt.dll
2009-06-02 00:24:53 ----A---- C:\Windows\system32\spwizui.dll
2009-06-02 00:24:53 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-06-02 00:24:52 ----A---- C:\Windows\system32\shell32.dll
2009-06-02 00:24:52 ----A---- C:\Windows\system32\secproc.dll
2009-06-02 00:24:49 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-02 00:24:49 ----A---- C:\Windows\system32\p2psvc.dll
2009-06-02 00:24:48 ----A---- C:\Windows\system32\mssvp.dll
2009-06-02 00:24:47 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-06-02 00:24:47 ----A---- C:\Windows\system32\mscoree.dll
2009-06-02 00:24:46 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-02 00:24:46 ----A---- C:\Windows\system32\mssph.dll
2009-06-02 00:24:46 ----A---- C:\Windows\system32\imapi2.dll
2009-06-02 00:24:45 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-02 00:24:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-02 00:24:43 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-06-02 00:24:43 ----A---- C:\Windows\system32\esent.dll
2009-06-02 00:24:42 ----A---- C:\Windows\system32\DevicePairing.dll
2009-06-02 00:24:41 ----A---- C:\Windows\system32\sperror.dll
2009-06-02 00:24:41 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-06-02 00:24:41 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\wevtsvc.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\SLC.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\IasMigReader.exe
2009-06-02 00:24:39 ----A---- C:\Windows\system32\wmp.dll
2009-06-02 00:24:39 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-06-02 00:24:39 ----A---- C:\Windows\system32\msshsq.dll
2009-06-02 00:24:36 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-02 00:24:36 ----A---- C:\Windows\system32\msjet40.dll
2009-06-02 00:24:35 ----A---- C:\Windows\system32\MPSSVC.dll
2009-06-02 00:24:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-02 00:24:34 ----A---- C:\Windows\system32\msxml6.dll
2009-06-02 00:24:32 ----A---- C:\Windows\system32\Query.dll
2009-06-02 00:24:32 ----A---- C:\Windows\system32\qmgr.dll
2009-06-02 00:24:31 ----A---- C:\Windows\system32\msexch40.dll
2009-06-02 00:24:30 ----A---- C:\Windows\system32\P2PGraph.dll
2009-06-02 00:24:30 ----A---- C:\Windows\system32\ole32.dll
2009-06-02 00:24:30 ----A---- C:\Windows\system32\diagperf.dll
2009-06-02 00:24:29 ----A---- C:\Windows\system32\ntdll.dll
2009-06-02 00:24:28 ----A---- C:\Windows\system32\winload.exe
2009-06-02 00:24:28 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-02 00:24:28 ----A---- C:\Windows\system32\msxml3.dll
2009-06-02 00:24:27 ----A---- C:\Windows\system32\uDWM.dll
2009-06-02 00:24:27 ----A---- C:\Windows\system32\mmc.exe
2009-06-02 00:24:27 ----A---- C:\Windows\system32\mblctr.exe
2009-06-02 00:24:27 ----A---- C:\Windows\system32\EncDec.dll
2009-06-02 00:24:26 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-06-02 00:24:26 ----A---- C:\Windows\system32\dfsr.exe
2009-06-02 00:24:25 ----A---- C:\Windows\system32\riched20.dll
2009-06-02 00:24:25 ----A---- C:\Windows\system32\fdBth.dll
2009-06-02 00:24:24 ----A---- C:\Windows\system32\RacEngn.dll
2009-06-02 00:24:23 ----A---- C:\Windows\system32\kernel32.dll
2009-06-02 00:24:22 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-02 00:24:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-02 00:24:22 ----A---- C:\Windows\system32\milcore.dll
2009-06-02 00:24:22 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\spoolss.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\schedsvc.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\CertEnroll.dll
2009-06-02 00:24:20 ----A---- C:\Windows\system32\jscript.dll
2009-06-02 00:24:19 ----A---- C:\Windows\system32\msjtes40.dll
2009-06-02 00:24:19 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-06-02 00:24:18 ----A---- C:\Windows\system32\msvcp60.dll
2009-06-02 00:24:18 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-02 00:24:18 ----A---- C:\Windows\system32\gpedit.dll
2009-06-02 00:24:16 ----A---- C:\Windows\system32\WinSAT.exe
2009-06-02 00:24:15 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-06-02 00:24:15 ----A---- C:\Windows\system32\es.dll
2009-06-02 00:24:14 ----A---- C:\Windows\system32\mstext40.dll
2009-06-02 00:24:14 ----A---- C:\Windows\system32\Magnify.exe
2009-06-02 00:24:14 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-06-02 00:24:14 ----A---- C:\Windows\system32\advapi32.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\WMPhoto.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\WebClnt.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\slwmi.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\msexcl40.dll
2009-06-02 00:24:10 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-06-02 00:24:10 ----A---- C:\Windows\system32\msxbde40.dll
2009-06-02 00:24:10 ----A---- C:\Windows\system32\comsvcs.dll
2009-06-02 00:24:09 ----A---- C:\Windows\system32\vssapi.dll
2009-06-02 00:24:09 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-02 00:24:09 ----A---- C:\Windows\system32\authui.dll
2009-06-02 00:24:08 ----A---- C:\Windows\system32\mstscax.dll
2009-06-02 00:24:07 ----A---- C:\Windows\system32\vbscript.dll
2009-06-02 00:24:07 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-02 00:24:07 ----A---- C:\Windows\system32\NetProjW.dll
2009-06-02 00:24:07 ----A---- C:\Windows\system32\msrepl40.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\propsys.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\newdev.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\gpsvc.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\eudcedit.exe
2009-06-02 00:24:06 ----A---- C:\Windows\system32\crypt32.dll
2009-06-02 00:24:05 ----A---- C:\Windows\system32\rpcss.dll
2009-06-02 00:24:05 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-02 00:24:05 ----A---- C:\Windows\explorer.exe
2009-06-02 00:24:04 ----A---- C:\Windows\system32\setupapi.dll
2009-06-02 00:24:04 ----A---- C:\Windows\system32\mspbde40.dll
2009-06-02 00:24:03 ----A---- C:\Windows\system32\d3d9.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\shlwapi.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\msltus40.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\mfc42.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\davclnt.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\msrd3x40.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\msdtctm.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\wevtapi.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\photowiz.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\browseui.dll
2009-06-02 00:23:58 ----A---- C:\Windows\system32\user32.dll
2009-06-02 00:23:57 ----A---- C:\Windows\system32\samsrv.dll
2009-06-02 00:23:57 ----A---- C:\Windows\system32\quartz.dll
2009-06-02 00:23:57 ----A---- C:\Windows\system32\ci.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\win32spl.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\oleaut32.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\kerberos.dll
2009-06-02 00:23:55 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-02 00:23:55 ----A---- C:\Windows\system32\netshell.dll
2009-06-02 00:23:55 ----A---- C:\Windows\system32\msv1_0.dll
2009-06-02 00:23:55 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-06-02 00:23:54 ----A---- C:\Windows\system32\winhttp.dll
2009-06-02 00:23:54 ----A---- C:\Windows\system32\compcln.exe
2009-06-02 00:23:54 ----A---- C:\Windows\system32\apds.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\mswstr10.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\msctf.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\audiosrv.dll
2009-06-02 00:23:52 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-06-02 00:23:52 ----A---- C:\Windows\system32\msvcrt.dll
2009-06-02 00:23:52 ----A---- C:\Windows\system32\gdi32.dll
2009-06-02 00:23:51 ----A---- C:\Windows\system32\VSSVC.exe
2009-06-02 00:23:51 ----A---- C:\Windows\system32\SLUI.exe
2009-06-02 00:23:51 ----A---- C:\Windows\system32\mfc42u.dll
2009-06-02 00:23:51 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-06-02 00:23:50 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-06-02 00:23:50 ----A---- C:\Windows\system32\msrd2x40.dll
2009-06-02 00:23:50 ----A---- C:\Windows\system32\eapphost.dll
2009-06-02 00:23:49 ----A---- C:\Windows\system32\winresume.exe
2009-06-02 00:23:49 ----A---- C:\Windows\system32\shdocvw.dll
2009-06-02 00:23:49 ----A---- C:\Windows\system32\propdefs.dll
2009-06-02 00:23:49 ----A---- C:\Windows\system32\odbc32.dll
2009-06-02 00:23:48 ----A---- C:\Windows\system32\dbgeng.dll
2009-06-02 00:23:47 ----A---- C:\Windows\system32\wevtutil.exe
2009-06-02 00:23:47 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-02 00:23:45 ----A---- C:\Windows\system32\WsmSvc.dll
2009-06-02 00:23:45 ----A---- C:\Windows\system32\swprv.dll
2009-06-02 00:23:45 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-06-02 00:23:44 ----A---- C:\Windows\system32\usp10.dll
2009-06-02 00:23:44 ----A---- C:\Windows\system32\ieapfltr.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\vds.exe
2009-06-02 00:23:43 ----A---- C:\Windows\system32\netlogon.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\msscb.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\mshtmled.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\msctfp.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\drvinst.exe
2009-06-02 00:23:43 ----A---- C:\Windows\system32\devmgr.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\adsldpc.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\wcnwiz.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\schannel.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\evr.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\BFE.DLL
2009-06-02 00:23:41 ----A---- C:\Windows\system32\Wldap32.dll
2009-06-02 00:23:41 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-02 00:23:40 ----A---- C:\Windows\system32\WSDApi.dll
2009-06-02 00:23:40 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-06-02 00:23:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\wercon.exe
2009-06-02 00:23:39 ----A---- C:\Windows\system32\services.exe
2009-06-02 00:23:39 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\iertutil.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\comdlg32.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\adtschema.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\wcncsvc.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\msdrm.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\certcli.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\taskeng.exe
2009-06-02 00:23:37 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\reg.exe
2009-06-02 00:23:37 ----A---- C:\Windows\system32\mswdat10.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\msjter40.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\dnsapi.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\certutil.exe
2009-06-02 00:23:36 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-02 00:23:36 ----A---- C:\Windows\system32\w32time.dll
2009-06-02 00:23:36 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-02 00:23:35 ----A---- C:\Windows\system32\rsaenh.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\msshooks.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\msihnd.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\bthserv.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\bcrypt.dll
2009-06-02 00:23:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-06-02 00:23:34 ----A---- C:\Windows\system32\msstrc.dll
2009-06-02 00:23:34 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-06-02 00:23:34 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\netapi32.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\mtxclu.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\mscories.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\inetpp.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\hidserv.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\fundisc.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\dfshim.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\cryptsvc.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\termsrv.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\profsvc.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-06-02 00:23:31 ----A---- C:\Windows\system32\gameux.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\wdc.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\shsvcs.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\msiexec.exe
2009-06-02 00:23:30 ----A---- C:\Windows\system32\imapi.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\spoolsv.exe
2009-06-02 00:23:29 ----A---- C:\Windows\system32\rasmans.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\pnidui.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\icardres.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\iassdo.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\wersvc.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\slmgr.vbs
2009-06-02 00:23:28 ----A---- C:\Windows\system32\scrrun.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\PSHED.DLL
2009-06-02 00:23:28 ----A---- C:\Windows\system32\pdh.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\autofmt.exe
2009-06-02 00:23:27 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-06-02 00:23:27 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-06-02 00:23:27 ----A---- C:\Windows\system32\azroles.dll
2009-06-02 00:23:26 ----A---- C:\Windows\system32\wmpmde.dll
2009-06-02 00:23:26 ----A---- C:\Windows\system32\winlogon.exe
2009-06-02 00:23:26 ----A---- C:\Windows\system32\SyncCenter.dll
2009-06-02 00:23:26 ----A---- C:\Windows\system32\pidgenx.dll
2009-06-02 00:23:24 ----A---- C:\Windows\system32\SLUINotify.dll
2009-06-02 00:23:24 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-06-02 00:23:24 ----A---- C:\Windows\system32\comuid.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\sethc.exe
2009-06-02 00:23:23 ----A---- C:\Windows\system32\ncrypt.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\kd1394.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\certmgr.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\wisptis.exe
2009-06-02 00:23:22 ----A---- C:\Windows\system32\untfs.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\taskcomp.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\spp.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\scrobj.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\rtutils.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\iassam.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\dwm.exe
2009-06-02 00:23:22 ----A---- C:\Windows\system32\autochk.exe
2009-06-02 00:23:21 ----A---- C:\Windows\system32\printui.dll
2009-06-02 00:23:21 ----A---- C:\Windows\system32\iasnap.dll
2009-06-02 00:23:21 ----A---- C:\Windows\system32\autoconv.exe
2009-06-02 00:23:20 ----A---- C:\Windows\system32\winsrv.dll
2009-06-02 00:23:20 ----A---- C:\Windows\system32\onex.dll
2009-06-02 00:23:20 ----A---- C:\Windows\system32\kdcom.dll
2009-06-02 00:23:20 ----A---- C:\Windows\system32\cscript.exe
2009-06-02 00:23:20 ----A---- C:\Windows\system32\basecsp.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\wow32.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\userenv.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\osk.exe
2009-06-02 00:23:19 ----A---- C:\Windows\system32\mswsock.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\audiodg.exe
2009-06-02 00:23:18 ----A---- C:\Windows\system32\winmm.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\spcmsg.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\RelMon.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\rdpencom.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\kdusb.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\WinSCard.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-06-02 00:23:17 ----A---- C:\Windows\system32\offfilt.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\msftedit.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\wsepno.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\WerFault.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\Utilman.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\stobject.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\SndVol.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\mfplat.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\diskraid.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\apphelp.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\wiaservc.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\sysclass.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\prnntfy.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\odbccp32.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\msnetobj.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\mscms.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\mcmde.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\adsmsext.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\wscript.exe
2009-06-02 00:23:13 ----A---- C:\Windows\system32\ulib.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\secur32.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\dsound.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\cryptui.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\wscntfy.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\wlansvc.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\rastapi.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\pnpsetup.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-06-02 00:23:12 ----A---- C:\Windows\system32\fdProxy.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\brcpl.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\wscsvc.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-06-02 00:23:11 ----A---- C:\Windows\system32\wlangpui.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\vdsdyn.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\rastls.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\netiohlp.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\logman.exe
2009-06-02 00:23:11 ----A---- C:\Windows\system32\iepeers.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\iashlpr.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\gpapi.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\diskpart.exe
2009-06-02 00:23:10 ----A---- C:\Windows\system32\zipfldr.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\wusa.exe
2009-06-02 00:23:10 ----A---- C:\Windows\system32\wshext.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\regsvc.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\rasapi32.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\ntprint.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\mscorier.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\iasrad.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\findstr.exe
2009-06-02 00:23:09 ----A---- C:\Windows\system32\wpccpl.dll
2009-06-02 00:23:09 ----A---- C:\Windows\system32\webcheck.dll
2009-06-02 00:23:09 ----A---- C:\Windows\system32\netcenter.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\wsnmp32.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\wer.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\themecpl.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\rasdlg.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\iassvcs.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\uxsms.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\tsbyuv.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\srvsvc.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\slcc.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\scansetting.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\ntmarta.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\msutb.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\mstlsapi.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\iasads.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\powrprof.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\powercpl.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\networkmap.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\mstsc.exe
2009-06-02 00:23:05 ----A---- C:\Windows\system32\iasacct.dll
2009-06-02 00:23:04 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-06-02 00:23:04 ----A---- C:\Windows\system32\authz.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\wlanhlp.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\sud.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\newdev.exe
2009-06-02 00:23:03 ----A---- C:\Windows\system32\dot3svc.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\connect.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\themeui.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\systemcpl.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\pcaui.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\usercpl.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\samlib.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\mmci.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\autoplay.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\wlanpref.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\rpchttp.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\regapi.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\qdvd.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\wpcao.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\vdsutil.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\tapisrv.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\msinfo32.exe
2009-06-02 00:22:58 ----A---- C:\Windows\system32\wscisvif.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\scksp.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\scesrv.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\rekeywiz.exe
2009-06-02 00:22:58 ----A---- C:\Windows\system32\psisdecd.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\oleprn.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\mpr.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\imm32.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\iaspolcy.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\feclient.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\dot3msm.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\AudioSes.dll
2009-06-02 00:22:57 ----A---- C:\Windows\system32\sdclt.exe
2009-06-02 00:22:57 ----A---- C:\Windows\system32\dpapimig.exe
2009-06-02 00:22:57 ----A---- C:\Windows\system32\DeviceEject.exe
2009-06-02 00:22:56 ----A---- C:\Windows\system32\scecli.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\rasplap.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\rasgcw.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\qedit.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\pnpui.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\perfdisk.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\ncryptui.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\hdwwiz.exe
2009-06-02 00:22:56 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-06-02 00:22:56 ----A---- C:\Windows\system32\extmgr.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\certreq.exe
2009-06-02 00:22:55 ----A---- C:\Windows\system32\whealogr.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\TSTheme.exe
2009-06-02 00:22:55 ----A---- C:\Windows\system32\tcpmon.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\spwinsat.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-06-02 00:22:55 ----A---- C:\Windows\system32\fdWSD.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\cmmon32.exe
2009-06-02 00:22:54 ----A---- C:\Windows\system32\srcore.dll
2009-06-02 00:22:54 ----A---- C:\Windows\system32\SnippingTool.exe
2009-06-02 00:22:54 ----A---- C:\Windows\system32\SCardSvr.dll
2009-06-02 00:22:54 ----A---- C:\Windows\system32\conime.exe
2009-06-02 00:22:54 ----A---- C:\Windows\system32\cmdial32.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\wiaaut.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\raschap.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\fontext.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-06-02 00:22:52 ----A---- C:\Windows\system32\wlanui.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\wlanmsm.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\shwebsvc.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\rasppp.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\PnPutil.exe
2009-06-02 00:22:52 ----A---- C:\Windows\system32\oobefldr.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\dsprop.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\dimsroam.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\shsetup.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\rasmontr.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\occache.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\mscandui.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\modemui.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-02 00:22:50 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-06-02 00:22:50 ----A---- C:\Windows\system32\dataclen.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\WSDMon.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\smss.exe
2009-06-02 00:22:49 ----A---- C:\Windows\system32\rdpwsx.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\netplwiz.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\credui.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\blackbox.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\wpcsvc.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\networkexplorer.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\mstime.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\ifmon.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\cipher.exe
2009-06-02 00:22:48 ----A---- C:\Windows\system32\certprop.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\wscapi.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\softkbd.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\sendmail.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\msscp.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\msrating.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\msimtf.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\logagent.exe
2009-06-02 00:22:47 ----A---- C:\Windows\system32\InkEd.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\gpresult.exe
2009-06-02 00:22:46 ----A---- C:\Windows\system32\olepro32.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\msctfui.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\dmsynth.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\wshbth.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\version.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\SLLUA.exe
2009-06-02 00:22:45 ----A---- C:\Windows\system32\puiapi.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\msisip.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\mprapi.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\input.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\fc.exe
2009-06-02 00:22:45 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\cdd.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\msjint40.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\l2nacp.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\fdSSDP.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\eapp3hst.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\dmusic.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\cscapi.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\wsdchngr.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\Storprop.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\rrinstaller.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\rasdial.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\rasdiag.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\ftp.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\fdWCN.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\dot3cfg.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\cscdll.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\bthudtask.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\bthci.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\tscupgrd.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\slcinst.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\ocsetup.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\nslookup.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\mfps.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\ipconfig.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\hbaapi.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\fdeploy.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\eappgnui.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\eappcfg.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\aaclient.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\tsgqec.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\mmcico.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\mfpmp.exe
2009-06-02 00:22:41 ----A---- C:\Windows\system32\gpupdate.exe
2009-06-02 00:22:41 ----A---- C:\Windows\system32\atmlib.dll
2009-06-02 00:22:40 ----A---- C:\Windows\system32\NcdProp.dll
2009-06-02 00:22:40 ----A---- C:\Windows\system32\iscsilog.dll
2009-06-02 00:22:40 ----A---- C:\Windows\system32\csrstub.exe
2009-06-02 00:22:40 ----A---- C:\Windows\system32\cbsra.exe
2009-06-02 00:22:40 ----A---- C:\Windows\system32\bitsigd.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\winrnr.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\vdmdbg.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\slwga.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\odbcconf.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\midimap.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\inetppui.dll
2009-06-02 00:22:38 ----A---- C:\Windows\system32\spwmp.dll
2009-06-02 00:22:37 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-02 00:22:37 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-02 00:22:36 ----A---- C:\Windows\system32\msimsg.dll
2009-06-02 00:22:36 ----A---- C:\Windows\system32\mferror.dll
2009-06-02 00:22:36 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-06-02 00:22:06 ----A---- C:\Windows\system32\SmiEngine.dll
2009-06-02 00:22:02 ----A---- C:\Windows\system32\wdscore.dll
2009-06-02 00:22:02 ----A---- C:\Windows\system32\PkgMgr.exe
2009-06-02 00:21:51 ----A---- C:\Windows\system32\drvstore.dll
2009-05-27 13:21:35 ----A---- C:\Windows\system32\CF22803.exe
2009-05-23 00:39:17 ----SHD---- C:\$RECYCLE.BIN
2009-05-21 21:17:38 ----D---- C:\Windows\temp
2009-05-21 20:25:19 ----A---- C:\Windows\ntbtlog.txt
2009-05-21 18:36:44 ----A---- C:\Windows\PEV.exe
2009-05-21 18:36:08 ----D---- C:\Windows\ERDNT
2009-05-20 22:32:34 ----A---- C:\Windows\system32\javaws.exe
2009-05-20 22:32:34 ----A---- C:\Windows\system32\javaw.exe
2009-05-20 22:32:34 ----A---- C:\Windows\system32\java.exe
2009-05-19 19:28:38 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-05-19 19:28:22 ----D---- C:\Users\Dorraine\AppData\Roaming\SUPERAntiSpyware.com
2009-05-19 19:28:22 ----D---- C:\Program Files\SUPERAntiSpyware

======List of files/folders modified in the last 3 months======

2009-08-11 19:58:42 ----D---- C:\Windows\Prefetch
2009-08-11 19:58:33 ----D---- C:\Program Files\Trend Micro
2009-08-11 19:47:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-11 19:47:47 ----D---- C:\Windows\system32\drivers
2009-08-11 15:11:40 ----D---- C:\Windows\system32\catroot
2009-08-11 15:11:37 ----D---- C:\Windows\winsxs
2009-08-11 15:09:25 ----D---- C:\Windows\system32\catroot2
2009-08-11 14:19:09 ----D---- C:\Program Files
2009-08-11 14:03:06 ----SHD---- C:\System Volume Information
2009-08-10 23:48:00 ----D---- C:\Users\Dorraine\AppData\Roaming\mIRC
2009-08-10 22:29:56 ----D---- C:\Users\Dorraine\AppData\Roaming\iMesh
2009-08-10 22:19:06 ----HD---- C:\ProgramData
2009-08-10 14:06:06 ----SHD---- C:\Windows\Installer
2009-08-10 14:05:09 ----AD---- C:\Windows\System32
2009-08-03 13:58:27 ----D---- C:\Windows
2009-08-03 13:56:29 ----D---- C:\Windows\inf
2009-08-01 19:25:13 ----D---- C:\ProgramData\NOS
2009-08-01 19:24:26 ----SD---- C:\Windows\Downloaded Program Files
2009-08-01 19:24:19 ----D---- C:\Program Files\NOS
2009-07-31 21:59:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-07-31 21:55:05 ----D---- C:\Users\Dorraine\AppData\Roaming\OpenOffice.org2
2009-07-29 12:47:11 ----D---- C:\Program Files\Windows Mail
2009-07-14 23:13:13 ----RSD---- C:\Windows\assembly
2009-07-09 22:47:17 ----D---- C:\Program Files\SpiralFrog
2009-07-09 13:28:54 ----D---- C:\Windows\system32\Macromed
2009-07-07 11:10:56 ----A---- C:\Windows\system32\mrt.exe
2009-07-07 00:32:28 ----A---- C:\Windows\swupdate.INI
2009-06-20 22:14:23 ----D---- C:\Windows\Microsoft.NET
2009-06-20 21:58:49 ----D---- C:\Windows\ehome
2009-06-20 21:50:38 ----D---- C:\Program Files\Microsoft Works
2009-06-08 22:52:49 ----AD---- C:\ProgramData\TEMP
2009-06-08 22:52:28 ----D---- C:\Program Files\SpywareBlaster
2009-06-04 00:48:11 ----D---- C:\Program Files\mIRC
2009-06-02 21:31:15 ----D---- C:\Windows\system32\WDI
2009-06-02 01:02:18 ----D---- C:\Windows\rescache
2009-06-02 00:53:02 ----SHD---- C:\Boot
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Sidebar
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Media Player
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Journal
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Collaboration
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Calendar
2009-06-02 00:42:20 ----D---- C:\Program Files\Movie Maker
2009-06-02 00:42:20 ----D---- C:\Program Files\Internet Explorer
2009-06-02 00:42:20 ----D---- C:\Program Files\Common Files\System
2009-06-02 00:42:19 ----D---- C:\Program Files\Windows Photo Gallery
2009-06-02 00:42:18 ----D---- C:\Windows\servicing
2009-06-02 00:42:18 ----D---- C:\Program Files\Windows Defender
2009-06-02 00:42:15 ----D---- C:\Windows\system32\XPSViewer
2009-06-02 00:42:15 ----D---- C:\Windows\system32\sk-SK
2009-06-02 00:42:15 ----D---- C:\Windows\system32\lv-LV
2009-06-02 00:42:15 ----D---- C:\Windows\system32\ko-KR
2009-06-02 00:42:15 ----D---- C:\Windows\system32\hr-HR
2009-06-02 00:42:15 ----D---- C:\Windows\system32\et-EE
2009-06-02 00:42:15 ----D---- C:\Windows\system32\da-DK
2009-06-02 00:42:15 ----D---- C:\Windows\IME
2009-06-02 00:42:14 ----D---- C:\Windows\system32\it-IT
2009-06-02 00:42:14 ----D---- C:\Windows\system32\en-US
2009-06-02 00:42:14 ----D---- C:\Windows\system32\el-GR
2009-06-02 00:42:14 ----D---- C:\Windows\system32\de-DE
2009-06-02 00:42:13 ----D---- C:\Windows\system32\oobe
2009-06-02 00:42:13 ----D---- C:\Windows\system32\migration
2009-06-02 00:42:07 ----D---- C:\Windows\system32\sv-SE
2009-06-02 00:42:07 ----D---- C:\Windows\system32\ru-RU
2009-06-02 00:42:07 ----D---- C:\Windows\system32\he-IL
2009-06-02 00:42:07 ----D---- C:\Windows\system32\fr-FR
2009-06-02 00:42:07 ----D---- C:\Windows\system32\AdvancedInstallers
2009-06-02 00:42:06 ----D---- C:\Windows\system32\SLUI
2009-06-02 00:42:06 ----D---- C:\Windows\system32\setup
2009-06-02 00:42:06 ----D---- C:\Windows\system32\pt-PT
2009-06-02 00:42:06 ----D---- C:\Windows\system32\hu-HU
2009-06-02 00:42:06 ----D---- C:\Windows\system32\fi-FI
2009-06-02 00:42:06 ----D---- C:\Windows\system32\cs-CZ
2009-06-02 00:42:05 ----D---- C:\Windows\system32\zh-TW
2009-06-02 00:42:05 ----D---- C:\Windows\system32\zh-CN
2009-06-02 00:42:05 ----D---- C:\Windows\system32\uk-UA
2009-06-02 00:42:05 ----D---- C:\Windows\system32\th-TH
2009-06-02 00:42:05 ----D---- C:\Windows\system32\sr-Latn-CS
2009-06-02 00:42:05 ----D---- C:\Windows\system32\sl-SI
2009-06-02 00:42:05 ----D---- C:\Windows\system32\ro-RO
2009-06-02 00:42:05 ----D---- C:\Windows\system32\pl-PL
2009-06-02 00:42:05 ----D---- C:\Windows\system32\manifeststore
2009-06-02 00:42:05 ----D---- C:\Windows\system32\ja-JP
2009-06-02 00:42:05 ----D---- C:\Windows\system32\es-ES
2009-06-02 00:42:05 ----D---- C:\Windows\system32\en
2009-06-02 00:42:05 ----D---- C:\Windows\system32\bg-BG
2009-06-02 00:42:04 ----D---- C:\Windows\system32\wbem
2009-06-02 00:42:04 ----D---- C:\Windows\system32\tr-TR
2009-06-02 00:42:04 ----D---- C:\Windows\system32\nl-NL
2009-06-02 00:42:04 ----D---- C:\Windows\system32\nb-NO
2009-06-02 00:42:04 ----D---- C:\Windows\system32\lt-LT
2009-06-02 00:42:04 ----D---- C:\Windows\system32\ar-SA
2009-06-02 00:42:03 ----D---- C:\Windows\system32\pt-BR
2009-06-02 00:42:03 ----D---- C:\Windows\system32\migwiz
2009-06-02 00:41:52 ----RSD---- C:\Windows\Fonts
2009-06-02 00:41:52 ----D---- C:\Windows\AppPatch
2009-06-02 00:41:45 ----D---- C:\Windows\system32\Boot
2009-06-02 00:40:13 ----D---- C:\Windows\system32\RTCOM
2009-05-23 00:35:46 ----A---- C:\Windows\system.ini
2009-05-23 00:28:14 ----D---- C:\Program Files\Common Files
2009-05-21 20:33:03 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-05-21 20:33:02 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-05-21 12:08:52 ----D---- C:\Program Files\TOSHIBA Games
2009-05-20 22:32:08 ----A---- C:\Windows\system32\deploytk.dll
2009-05-20 22:31:59 ----D---- C:\Program Files\Java
2009-05-19 19:57:48 ----D---- C:\ProgramData\WildTangent
2009-05-18 01:57:40 ----D---- C:\ProgramData\Adobe
2009-05-18 01:57:36 ----D---- C:\Program Files\Common Files\Adobe
2009-05-12 14:50:01 ----D---- C:\Windows\PolicyDefinitions

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2007-08-31 20352]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-07 55656]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
S1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
S1 Cdr4_xp;Cdr4_xp; C:\Windows\system32\drivers\Cdr4_xp.sys [2006-10-04 2432]
S1 Cdralw2k;Cdralw2k; C:\Windows\system32\drivers\Cdralw2k.sys [2006-10-04 2560]
S3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-22 11776]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-07-12 49904]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 NCHSSVAD;SoundTap Recorder; C:\Windows\system32\drivers\nchssvad.sys [2008-07-22 27136]
S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-20 2225664]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-20 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-20 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-09 219264]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-09 211072]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-20 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-07 185089]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 pinger;pinger; C:\Toshiba\IVP\ISM\pinger.exe [2007-01-25 136816]
R2 Swupdtmr;Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [2007-10-23 66928]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 GameConsoleService;GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2009-05-15 250616]
S3 getPlus® Helper;getPlus® Helper; C:\Program Files\NOS\bin\getPlus_HelperSvc.exe [2009-07-14 66056]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-19 29744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-18 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2007-10-30 937984]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]

-----------------EOF-----------------

[fenzodahl512]

waiting for GMER results

[preacherswife]

Hey there,

This GMER scan has been running for HOURS! Does it take this long?

How will I know when it is finished?

Edited by preacherswife, 11 August 2009 - 09:50 PM.

[preacherswife]

Okay, here is the scan results from the GMER:


GMER 1.0.15.15020 [GAMERS.exe] - http://www.gmer.net
Rootkit scan 2009-08-12 00:03:08
Windows 6.0.6002 Service Pack 2


---- System - GMER 1.0.15 ----

SSDT 88BB9D0C ZwCreateThread
SSDT 88BB9CF8 ZwOpenProcess
SSDT 88BB9CFD ZwOpenThread
SSDT 88BB9D07 ZwTerminateProcess

---- Kernel code sections - GMER 1.0.15 ----

.text ntkrnlpa.exe!KeSetEvent + 221 822BF964 4 Bytes [0C, 9D, BB, 88]
.text ntkrnlpa.exe!KeSetEvent + 3F1 822BFB34 4 Bytes [F8, 9C, BB, 88]
.text ntkrnlpa.exe!KeSetEvent + 40D 822BFB50 4 Bytes [FD, 9C, BB, 88]
.text ntkrnlpa.exe!KeSetEvent + 621 822BFD64 4 Bytes [07, 9D, BB, 88]

---- User code sections - GMER 1.0.15 ----

.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!GetScrollBarInfo 7643D171 5 Bytes JMP 006FFD32 C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!SetScrollRange 7643D185 5 Bytes JMP 006FFB3C C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!GetScrollInfo 7643F073 5 Bytes JMP 006FFCA6 C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!ShowScrollBar 7643F8AE 5 Bytes JMP 006FFAF6 C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!SetScrollInfo 764471D8 5 Bytes JMP 006FFBD1 C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!EnableScrollBar 7645AF53 5 Bytes JMP 006FFCEC C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!GetScrollPos 7646337D 5 Bytes JMP 006FFC63 C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!GetScrollRange 764634A5 5 Bytes JMP 006FFC1A C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\iMesh Applications\iMesh\iMesh.exe[7748] USER32.dll!SetScrollPos 76463602 5 Bytes JMP 006FFB88 C:\Program Files\iMesh Applications\iMesh\iMesh.exe (iMesh/iMesh, Inc)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!DialogBoxParamW 764610B0 5 Bytes JMP 6B93BFA7 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!DialogBoxIndirectParamW 76462EF5 5 Bytes JMP 6BA7B43B C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!DialogBoxParamA 76478152 5 Bytes JMP 6BA7B400 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!DialogBoxIndirectParamA 7647847D 5 Bytes JMP 6BA7B476 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!MessageBoxIndirectA 7648D4D9 5 Bytes JMP 6BA7B3BC C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!MessageBoxIndirectW 7648D5D3 5 Bytes JMP 6BA7B378 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!MessageBoxExA 7648D639 5 Bytes JMP 6BA7B33E C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] USER32.dll!MessageBoxExW 7648D65D 5 Bytes JMP 6BA7B304 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHEvaluateSystemCommandTemplate + 1211 76B76010 4 Bytes [99, 0B, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHEvaluateSystemCommandTemplate + 1219 76B76018 4 Bytes [A7, 0A, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHEvaluateSystemCommandTemplate + 1F7D 76B76D7C 4 Bytes [99, 0B, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHEvaluateSystemCommandTemplate + 1F85 76B76D84 4 Bytes [A7, 0A, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHRestricted + D95 76BA8988 4 Bytes [99, 0B, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHRestricted + D9D 76BA8990 8 Bytes [A7, 0A, DF, 71, A4, 32, DE, ...]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!ILFree + 3DA 76BA8DFC 4 Bytes [99, 0B, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!ILFree + 3E2 76BA8E04 4 Bytes [A7, 0A, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHBindToObject + 8C 76BAE188 4 Bytes [99, 0B, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHBindToObject + 94 76BAE190 4 Bytes [A7, 0A, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHCoCreateInstance + 28F 76BB1738 4 Bytes [99, 0B, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] SHELL32.dll!SHCoCreateInstance + 297 76BB1740 4 Bytes [A7, 0A, DF, 71]
.text C:\Program Files\Internet Explorer\iexplore.exe[8548] ole32.dll!OleLoadFromStream 75FB1E12 5 Bytes JMP 6BA7B638 C:\Windows\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation)

---- User IAT/EAT - GMER 1.0.15 ----

IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusShutdown] [73BD7817] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCloneImage] [73C2A86D] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDrawImageRectI] [73BDBB22] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetInterpolationMode] [73BCF695] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdiplusStartup] [73BD75E9] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateFromHDC] [73BCE7CA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStreamICM] [73C08395] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipCreateBitmapFromStream] [73BDDA60] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageHeight] [73BCFFFA] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipGetImageWidth] [73BCFF61] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDisposeImage] [73BC71CF] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFileICM] [73C5CAE2] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipLoadImageFromFile] [73BFC8D8] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipDeleteGraphics] [73BCD968] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipFree] [73BC6853] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipAlloc] [73BC687E] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Windows\Explorer.EXE[1232] @ C:\Windows\Explorer.EXE [gdiplus.dll!GdipSetCompositingMode] [73BD2AD1] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6002.18005_none_9e50b396ca17ae07\gdiplus.dll (Microsoft GDI+/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryExW] [71DDD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryA] [71DDD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CopyFileW] [71DDB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!LoadLibraryW] [71DDD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!CreateFileW] [71DDBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!SearchPathW] [71DDF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\GDI32.dll [KERNEL32.dll!DeleteFileW] [71DDC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SearchPathW] [71DDF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryExW] [71DDD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CopyFileW] [71DDB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!MoveFileW] [71DDDE50] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!DeleteFileW] [71DDC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!SetCurrentDirectoryW] [71DDF49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindClose] [71DE0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindNextFileW] [71DDFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!FindFirstFileW] [71DE02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryA] [71DDD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!CreateFileW] [71DDBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!WritePrivateProfileStringW] [71DDB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!LoadLibraryW] [71DDD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [KERNEL32.dll!GetPrivateProfileStringW] [71DDA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [71DEDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegEnumValueW] [71DEE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegOpenKeyExW] [71DECB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegQueryValueExW] [71DED773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegDeleteKeyW] [71DECEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCreateKeyExW] [71DEC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\USER32.dll [ADVAPI32.dll!RegCloseKey] [71DECD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindClose] [71DE0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileA] [71DDFF42] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileA] [71DDFB96] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindFirstFileW] [71DE02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!FindNextFileW] [71DDFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesA] [71DD89D0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryA] [71DDEBFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesA] [71DD8C26] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryA] [71DDE3CB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryA] [71DDE9A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileA] [71DDC1D6] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!GetFileAttributesW] [71DD8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetCurrentDirectoryW] [71DDF49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!SetFileAttributesW] [71DD8D54] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateDirectoryW] [71DDE4F9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!DeleteFileW] [71DDC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileW] [71DDDE50] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!RemoveDirectoryW] [71DDEAD0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!MoveFileA] [71DDDDDD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryA] [71DDD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileA] [71DDBBD2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!CreateFileW] [71DDBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\msvcrt.dll [KERNEL32.dll!LoadLibraryW] [71DDD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryW] [71DDD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!ReplaceFileW] [71DDE151] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!WritePrivateProfileStringW] [71DDB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringW] [71DDA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetPrivateProfileStringA] [71DDA819] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!DeleteFileW] [71DDC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryExW] [71DDD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesW] [71DD8D54] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileW] [71DDBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileW] [71DE02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileW] [71DDFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathW] [71DDF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesW] [71DD8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SetFileAttributesA] [71DD8C26] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!CreateFileA] [71DDBBD2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindFirstFileA] [71DDFF42] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindNextFileA] [71DDFB96] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!FindClose] [71DE0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!SearchPathA] [71DDEFA8] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!GetFileAttributesA] [71DD89D0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [KERNEL32.dll!LoadLibraryA] [71DDD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpW] [71DDCF65] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [USER32.dll!WinHelpA] [71DDCE2E] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCloseKey] [71DECD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExA] [71DEC49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyA] [71DECD5C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyA] [71DED913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExA] [71DECA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegCreateKeyExW] [71DEC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegOpenKeyExW] [71DECB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExW] [71DEE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueW] [71DED437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegDeleteKeyW] [71DECEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryInfoKeyW] [71DEDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExW] [71DED773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueW] [71DEE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyW] [71DEDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyExA] [71DEDFE1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumValueA] [71DEE2F1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegEnumKeyA] [71DEDD0B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHLWAPI.dll [ADVAPI32.dll!RegQueryValueExA] [71DED5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionW] [71DDA460] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindNextFileW] [71DDFC09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!ReplaceFileW] [71DDE151] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileSectionNamesW] [71DDA6E2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileSectionW] [71DDAE92] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!WritePrivateProfileStringW] [71DDB114] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateHardLinkW] [71DDC023] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetCurrentDirectoryW] [71DDF49D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CopyFileW] [71DDB6A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetBinaryTypeW] [71DD9700] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryExW] [71DDD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileW] [71DDDE50] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindFirstFileW] [71DE02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!FindClose] [71DE0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameA] [71DD9362] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesA] [71DD89D0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SearchPathW] [71DDF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileIntW] [71DDA1D8] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetPrivateProfileStringW] [71DDA970] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!RemoveDirectoryW] [71DDEAD0] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateDirectoryW] [71DDE4F9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!DeleteFileW] [71DDC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!SetFileAttributesW] [71DD8D54] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesW] [71DD8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!MoveFileExW] [71DDDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetShortPathNameW] [71DD94A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryW] [71DDD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!CreateFileW] [71DDBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetFileAttributesExW] [71DD8FC1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!LoadLibraryA] [71DDD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [KERNEL32.dll!GetLongPathNameW] [71DD9231] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [USER32.dll!LoadImageW] [71DDC58B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [USER32.dll!WinHelpW] [71DDCF65] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [USER32.dll!PrivateExtractIconsW] [71DDCA80] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExW] [71DECB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyExW] [71DEC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyW] [71DEDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumValueW] [71DEE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegDeleteKeyW] [71DECEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [71DEDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [71DED913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegEnumKeyExW] [71DEE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegSetValueW] [71DED13F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExW] [71DED773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueW] [71DED437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyW] [71DEC8E9] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCreateKeyW] [71DEC35D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegQueryValueExA] [71DED5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegOpenKeyExA] [71DECA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ADVAPI32.dll!RegCloseKey] [71DECD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\SHELL32.dll [ntdll.dll!NtQueryDirectoryFile] [71DE91AC] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindClose] [71DE0D4C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!FindFirstFileW] [71DE02A5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryExW] [71DDD537] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!SearchPathW] [71DDF233] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!DeleteFileW] [71DDC301] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetShortPathNameW] [71DD94A1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesExW] [71DD8FC1] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!CreateFileW] [71DDBD1B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryW] [71DDD221] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!GetFileAttributesW] [71DD8AFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [KERNEL32.dll!LoadLibraryA] [71DDD09C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegSetValueW] [71DED13F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueA] [71DED28F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyExW] [71DEE169] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumValueW] [71DEE479] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyA] [71DEDD0B] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyA] [71DECD5C] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyW] [71DEDB0F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryInfoKeyA] [71DED913] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueW] [71DED437] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegEnumKeyW] [71DEDE75] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCloseKey] [71DECD09] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExW] [71DED773] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExW] [71DECB9D] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegDeleteKeyW] [71DECEA5] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegCreateKeyExW] [71DEC625] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegQueryValueExA] [71DED5D3] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\ole32.dll [ADVAPI32.dll!RegOpenKeyExA] [71DECA25] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueW] [71DE5CFD] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHRegGetValueA] [71DE5C9F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathUnExpandEnvStringsA] [71DE4D95] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteKeyA] [71DE50AF] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHDeleteValueW] [71DE519F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCreateFromUrlW] [71DE40A2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueA] [71DE5357] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueA] [71DE619F] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHGetValueW] [71DE53B2] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!SHSetValueW] [71DE61FA] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)
IAT C:\Program Files\Internet Explorer\iexplore.exe[8548] @ C:\Windows\system32\WININET.dll [SHLWAPI.dll!PathCombineW] [71DE3FFB] C:\Windows\AppPatch\AcRedir.DLL (Windows Compatibility DLL/Microsoft Corporation)

---- Registry - GMER 1.0.15 ----

Reg HKLM\SOFTWARE\Classes\.acrobatsecuritysettings@Content Type application/vnd.adobe.acrobat-security-settings
Reg HKLM\SOFTWARE\Classes\.acrobatsecuritysettings@ AcroExch.acrobatsecuritysettings
Reg HKLM\SOFTWARE\Classes\.acrobatsecuritysettings\OpenWithList
Reg HKLM\SOFTWARE\Classes\.acrobatsecuritysettings\OpenWithList\Acrobat.exe
Reg HKLM\SOFTWARE\Classes\.acrobatsecuritysettings\OpenWithList\Acrobat.exe@
Reg HKLM\SOFTWARE\Classes\.acrobatsecuritysettings\OpenWithList\AcroRd32.exe
Reg HKLM\SOFTWARE\Classes\.acrobatsecuritysettings\OpenWithList\AcroRd32.exe@
Reg HKLM\SOFTWARE\Classes\.air@ AIR.InstallerPackage
Reg HKLM\SOFTWARE\Classes\.air@Content Type application/vnd.adobe.air-application-installer-package+zip
Reg HKLM\SOFTWARE\Classes\.air\OpenWithProgids
Reg HKLM\SOFTWARE\Classes\.air\[email protected]
Reg HKLM\SOFTWARE\Classes\.api@ AcroExch.Plugin
Reg HKLM\SOFTWARE\Classes\.api\AcroExch.Plugin
Reg HKLM\SOFTWARE\Classes\.api\AcroExch.Plugin\ShellNew
Reg HKLM\SOFTWARE\Classes\.csproj\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.csproj\PersistentHandler@ {7E9D8D44-6926-426F-AA2B-217A819A5CCE}
Reg HKLM\SOFTWARE\Classes\.csv\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.fdf@Content Type application/vnd.fdf
Reg HKLM\SOFTWARE\Classes\.fdf@ AcroExch.FDFDoc
Reg HKLM\SOFTWARE\Classes\.fdf\AcroExch.FDFDoc
Reg HKLM\SOFTWARE\Classes\.fdf\AcroExch.FDFDoc\ShellNew
Reg HKLM\SOFTWARE\Classes\.jar@ jarfile
Reg HKLM\SOFTWARE\Classes\.jnlp@ JNLPFile
Reg HKLM\SOFTWARE\Classes\.jnlp@Content Type application/x-java-jnlp-file
Reg HKLM\SOFTWARE\Classes\.msg\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.pdf@Content Type application/pdf
Reg HKLM\SOFTWARE\Classes\.pdf@ AcroExch.Document
Reg HKLM\SOFTWARE\Classes\.pdf\OpenWithList
Reg HKLM\SOFTWARE\Classes\.pdf\OpenWithList@
Reg HKLM\SOFTWARE\Classes\.pdf\OpenWithList\AcroRd32.exe
Reg HKLM\SOFTWARE\Classes\.pdf\OpenWithList\AcroRd32.exe@
Reg HKLM\SOFTWARE\Classes\.pdf\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.pdf\PersistentHandler@ {F6594A6D-D57F-4EFD-B2C3-DCD9779E382E}
Reg HKLM\SOFTWARE\Classes\.pdf\ShellEx
Reg HKLM\SOFTWARE\Classes\.pdf\ShellEx\{8895b1c6-b41f-4c1c-a562-0d564250836f}
Reg HKLM\SOFTWARE\Classes\.pdf\ShellEx\{8895b1c6-b41f-4c1c-a562-0d564250836f}@ {DC6EFB56-9CFA-464D-8880-44885D7DC193}
Reg HKLM\SOFTWARE\Classes\.pdfxml@Content Type application/vnd.adobe.pdfxml
Reg HKLM\SOFTWARE\Classes\.pdfxml@ AcroExch.pdfxml
Reg HKLM\SOFTWARE\Classes\.pdfxml\OpenWithList
Reg HKLM\SOFTWARE\Classes\.pdfxml\OpenWithList\Acrobat.exe
Reg HKLM\SOFTWARE\Classes\.pdfxml\OpenWithList\Acrobat.exe@
Reg HKLM\SOFTWARE\Classes\.pdfxml\OpenWithList\AcroRd32.exe
Reg HKLM\SOFTWARE\Classes\.pdfxml\OpenWithList\AcroRd32.exe@
Reg HKLM\SOFTWARE\Classes\.pdx@Content Type application/vnd.adobe.pdx
Reg HKLM\SOFTWARE\Classes\.pdx@ PDXFileType
Reg HKLM\SOFTWARE\Classes\.pdx\PDXFileType
Reg HKLM\SOFTWARE\Classes\.pdx\PDXFileType\ShellNew
Reg HKLM\SOFTWARE\Classes\.rtf\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.secstore@ AcroExch.SecStore
Reg HKLM\SOFTWARE\Classes\.secstore\AcroExch.SecStore
Reg HKLM\SOFTWARE\Classes\.secstore\AcroExch.SecStore\ShellNew
Reg HKLM\SOFTWARE\Classes\.vbproj\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.vbproj\PersistentHandler@ {7E9D8D44-6926-426F-AA2B-217A819A5CCE}
Reg HKLM\SOFTWARE\Classes\.wll\PersistentHandler
Reg HKLM\SOFTWARE\Classes\.xdp@Content Type application/vnd.adobe.xdp+xml
Reg HKLM\SOFTWARE\Classes\.xdp@ AcroExch.XDPDoc
Reg HKLM\SOFTWARE\Classes\.xdp\AcroExch.XDPDoc
Reg HKLM\SOFTWARE\Classes\.xdp\AcroExch.XDPDoc\ShellNew
Reg HKLM\SOFTWARE\Classes\.xfdf@Content Type application/vnd.adobe.xfdf
Reg HKLM\SOFTWARE\Classes\.xfdf@ AcroExch.XFDFDoc
Reg HKLM\SOFTWARE\Classes\.xfdf\AcroExch.XFDFDoc
Reg HKLM\SOFTWARE\Classes\.xfdf\AcroExch.XFDFDoc\ShellNew
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess@ AcrobatAccess Class
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess\CLSID
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess\CLSID@ {C523F39F-9C83-11D3-9094-00104BD0D535}
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess\CurVer
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess\CurVer@ AcroAccess.AcrobatAccess.1
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess.1@ AcrobatAccess Class
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess.1\CLSID
Reg HKLM\SOFTWARE\Classes\AcroAccess.AcrobatAccess.1\CLSID@ {C523F39F-9C83-11D3-9094-00104BD0D535}
Reg HKLM\SOFTWARE\Classes\acrobat@ URL:Acrobat Protocol
Reg HKLM\SOFTWARE\Classes\acrobat@URL Protocol
Reg HKLM\SOFTWARE\Classes\acrobat\DefaultIcon
Reg HKLM\SOFTWARE\Classes\acrobat\DefaultIcon@ C:\Program Files\Adobe\Reader 9.0\Acrobat\AcroRd32.exe
Reg HKLM\SOFTWARE\Classes\acrobat\shell
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\command
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /u "%1"
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\ddeexec
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\ddeexec@ [HandleAcroURL("%1")]
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\ddeexec\application
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\ddeexec\application@ Acroview
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\ddeexec\topic
Reg HKLM\SOFTWARE\Classes\acrobat\shell\open\ddeexec\topic@ Control
Reg HKLM\SOFTWARE\Classes\Acrobat.AcroAXDoc.1\Shellex
Reg HKLM\SOFTWARE\Classes\Acrobat.AcroAXDoc.1\Shellex\PropertySheetHandlers
Reg HKLM\SOFTWARE\Classes\Acrobat.AcroAXDoc.1\Shellex\PropertySheetHandlers\InfoPage
Reg HKLM\SOFTWARE\Classes\Acrobat.AcroAXDoc.1\Shellex\PropertySheetHandlers\InfoPage@ {F9DB5320-233E-11D1-9F84-707F02C10627}
Reg HKLM\SOFTWARE\Classes\Acrobat.AcroAXDoc.1\Shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\Acrobat.AcroAXDoc.1\Shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {F9DB5320-233E-11D1-9F84-707F02C10627}
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker@ Broker Class
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker\CLSID
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker\CLSID@ {BD57A9B2-4E7D-4892-9107-9F4106472DA4}
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker\CurVer
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker\CurVer@ AcroBroker.Broker.1
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker.1@ Broker Class
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker.1\CLSID
Reg HKLM\SOFTWARE\Classes\AcroBroker.Broker.1\CLSID@ {BD57A9B2-4E7D-4892-9107-9F4106472DA4}
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings@ Adobe Acrobat Security Settings Document
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings\CurVer
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings\CurVer@ AcroExch.acrobatsecuritysettings.1
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1@ Adobe Acrobat Security Settings Document
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\PDFFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\Insertable
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\Insertable@
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell@ Read
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Open
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Open\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Print
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Print\command
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Print\command@ ""C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe"" /p /h "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Printto
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Printto\command
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Printto\command@ ""C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe"" /t "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Read
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Read@ Open with Adobe Reader 9
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Read\command
Reg HKLM\SOFTWARE\Classes\AcroExch.acrobatsecuritysettings.1\shell\Read\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7@ Adobe Acrobat Document
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\PDFFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Insertable
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Insertable@
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\RequestDataFormats
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\RequestDataFormats@ NoteshNote
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\server
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\server@ "C:\Program Files\Adobe\Reader 9.0\Acrobat\Acrobat.exe"
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\SetDataFormats
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\SetDataFormats@ NotesDocInfo
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\verb
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\verb\0
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\protocol\StdFileEditing\verb\0@ &Open
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell@ Read
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Open
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Open\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Print
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Print\command
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Print\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /p /h "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Printto
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Printto\command
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Printto\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /t "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Read
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Read@ Open with Adobe Reader 9
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Read\command
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\shell\Read\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Shellex
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Shellex\PropertySheetHandlers
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Shellex\PropertySheetHandlers@ InfoPage
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Shellex\PropertySheetHandlers\InfoPage
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Shellex\PropertySheetHandlers\InfoPage@ {F9DB5320-233E-11D1-9F84-707F02C10627}
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}
Reg HKLM\SOFTWARE\Classes\AcroExch.Document.7\Shellex\{BB2E617C-0920-11d1-9A0B-00C04FC2D6C1}@ {F9DB5320-233E-11D1-9F84-707F02C10627}
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc@ Adobe Acrobat Forms Document
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\AcrobatVersion
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\AcrobatVersion@ 9.0
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\FDFFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell@ Read
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Open
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Open\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Print
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Print@ Print
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Print\command
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Print\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /p /h "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Printto
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Printto\command
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Printto\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /t "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Read
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Read@ Open with Adobe Reader 9
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Read\command
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Read\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.FDFDoc\shell\Read\command@command 34TL`i`Z5(L)2F($,CC!ReaderProgramFiles>p=@0y{Wn0A8XHjl@4WqB "%1"?
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml@ Adobe Acrobat PDFXML Document
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml\CurVer
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml\CurVer@ AcroExch.pdfxml.1
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1@ Adobe Acrobat PDFXML Document
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\PDFFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\Insertable
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\Insertable@
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell@ Read
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Open
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Open@
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Open\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Print
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Print\command
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Print\command@ ""C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe"" /p /h "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Printto
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Printto\command
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Printto\command@ ""C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe"" /t "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Read
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Read@ Open with Adobe Reader 9
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Read\command
Reg HKLM\SOFTWARE\Classes\AcroExch.pdfxml.1\shell\Read\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.Plugin\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.Plugin\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\APIFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.RMFFile\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.RMFFile\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\RMFFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.SecStore\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.SecStore\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\SecStoreFile.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc@ Adobe Acrobat XML Data Package File
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\AcrobatVersion
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\AcrobatVersion@ 9.0
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\XDPFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell@ Read
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Open
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Open\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Print
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Print\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Print\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /p /h "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Printto
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Printto\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Printto\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /t "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Read
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Read@ Open with Adobe Reader 9
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Read\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Read\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.XDPDoc\shell\Read\command@command 34TL`i`Z5(L)2F($,CC!ReaderProgramFiles>p=@0y{Wn0A8XHjl@4WqB "%1"?
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc@ Adobe Acrobat Forms Document
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc@BrowseInPlace 1
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\AcrobatVersion
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\AcrobatVersion@ 9.0
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\CLSID
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\CLSID@ {B801CA65-A1FC-11D0-85AD-444553540000}
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\XFDFFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell@ Read
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Open
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Open\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Open\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Print
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Print@
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Print\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Print\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /p /h "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Printto
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Printto\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Printto\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" /t "%1" "%2" "%3" "%4"
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Read
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Read@ Open with Adobe Reader 9
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Read\command
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Read\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\AcroExch.XFDFDoc\shell\Read\command@command 34TL`i`Z5(L)2F($,CC!ReaderProgramFiles>p=@0y{Wn0A8XHjl@4WqB "%1"?
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj@ Adobe PDF Link Helper
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj\CLSID
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj\CLSID@ {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj\CurVer
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj\CurVer@ AcroIEHelperShim.AcroIEHelperShimObj.1
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj.1@ Adobe PDF Link Helper
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj.1\CLSID
Reg HKLM\SOFTWARE\Classes\AcroIEHelperShim.AcroIEHelperShimObj.1\CLSID@ {18DF081C-E8AD-4283-A596-FA578C2EBDC3}
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch@ Acrobat Search
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch\CLSID
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch\CLSID@ {2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch\CurVer
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch\CurVer@ Adobe.AcrobatSearch.1
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch.1@ Acrobat Search
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch.1\CLSID
Reg HKLM\SOFTWARE\Classes\Adobe.AcrobatSearch.1\CLSID@ {2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Reg HKLM\SOFTWARE\Classes\AFormAut.App@ AFormApp Class
Reg HKLM\SOFTWARE\Classes\AFormAut.App\CLSID
Reg HKLM\SOFTWARE\Classes\AFormAut.App\CLSID@ {7CD069A1-50AA-11D1-B8F0-00A0C9259304}
Reg HKLM\SOFTWARE\Classes\AFormAut.App\CurVer
Reg HKLM\SOFTWARE\Classes\AFormAut.App\CurVer@ AFormAut.App.1
Reg HKLM\SOFTWARE\Classes\AFormAut.App.1@ AFormApp Class
Reg HKLM\SOFTWARE\Classes\AFormAut.App.1\CLSID
Reg HKLM\SOFTWARE\Classes\AFormAut.App.1\CLSID@ {7CD069A1-50AA-11D1-B8F0-00A0C9259304}
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage@ Installer Package
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage\DefaultIcon
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage\DefaultIcon@ c:\PROGRA~1\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE,1
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage\shell
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage\shell\open
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage\shell\open@ Install
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage\shell\open\command
Reg HKLM\SOFTWARE\Classes\AIR.InstallerPackage\shell\open\command@ c:\PROGRA~1\COMMON~1\ADOBEA~1\Versions\1.0\ADOBEA~1.EXE "%1"
Reg HKLM\SOFTWARE\Classes\EhStorACT.EhStorACT.1\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorACT.EhStorACT.1\CLSID@ {af076a15-2ece-4ad4-bb21-29f040e176d8}
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler@ Autoplay Handler Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler\CLSID@ {36F54939-CD3B-4C73-92D5-F9A389ED631C}
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler\CurVer
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler\CurVer@ EhStorShell.AutoplayHandler.1
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler.1@ Autoplay Handler Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler.1\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.AutoplayHandler.1\CLSID@ {36F54939-CD3B-4C73-92D5-F9A389ED631C}
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler@ Enhanced Storage Context Menu Handler Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler\CLSID@ {2854F705-3548-414C-A113-93E27C808C85}
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler\CurVer
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler\CurVer@ EhStorShell.ContextMenuHandler.1
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler.1@ Enhanced Storage Context Menu Handler Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler.1\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.ContextMenuHandler.1\CLSID@ {2854F705-3548-414C-A113-93E27C808C85}
Reg HKLM\SOFTWARE\Classes\EhStorShell.EhStorFolder.1@ Enhanced Storage Folder Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.EhStorFolder.1\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.EhStorFolder.1\CLSID@ {9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}
Reg HKLM\SOFTWARE\Classes\EhStorShell.EnhancedStorageFolder@ Enhanced Storage Folder Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.EnhancedStorageFolder\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.EnhancedStorageFolder\CLSID@ {9113A02D-00A3-46B9-BC5F-9C04DADDD5D7}
Reg HKLM\SOFTWARE\Classes\EhStorShell.EnhancedStorageFolder\CurVer
Reg HKLM\SOFTWARE\Classes\EhStorShell.EnhancedStorageFolder\CurVer@ EhStorShell.EhStorFolder.1
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler@ Enhanced Storage Icon Overlay Handler Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler\CLSID@ {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler\CurVer
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler\CurVer@ EhStorShell.IconOverlayHandler.1
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler.1@ Enhanced Storage Icon Overlay Handler Class
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler.1\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorShell.IconOverlayHandler.1\CLSID@ {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D}
Reg HKLM\SOFTWARE\Classes\EhStorSilo.EhStorSilo.1\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorSilo.EhStorSilo.1\CLSID@ {cb25220c-76c7-4fee-842b-f3383cd022bc}
Reg HKLM\SOFTWARE\Classes\EhStorSiloAction.EhStorSiloAction.1\CLSID
Reg HKLM\SOFTWARE\Classes\EhStorSiloAction.EhStorSiloAction.1\CLSID@ {886D29DD-B506-466B-9FBF-B44FF383FB3F}
Reg HKLM\SOFTWARE\Classes\EnumEhStorACT.EnumEhStorACT.1\CLSID
Reg HKLM\SOFTWARE\Classes\EnumEhStorACT.EnumEhStorACT.1\CLSID@ {fe841493-835c-4fa3-b6cc-b4b2d4719848}
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager@ CA3DMemoryManager Object
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager\CLSID
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager\CLSID@ {633D6DA1-70AB-49A5-9539-54E90F132763}
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager\CurVer
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager\CurVer@ IA3DServer.A3DMemoryManager.1
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager.1@ CA3DMemoryManager Object
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\IA3DServer.A3DMemoryManager.1\CLSID@ {633D6DA1-70AB-49A5-9539-54E90F132763}
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager@ CFontManager Object
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager\CLSID
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager\CLSID@ {B22D0C7B-1E65-4533-97FA-A7335B8BCD94}
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager\CurVer
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager\CurVer@ IA3DServer.FontManager.1
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager.1@ CFontManager Object
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager.1\CLSID
Reg HKLM\SOFTWARE\Classes\IA3DServer.FontManager.1\CLSID@ {B22D0C7B-1E65-4533-97FA-A7335B8BCD94}
Reg HKLM\SOFTWARE\Classes\jarfile@ Executable Jar File
Reg HKLM\SOFTWARE\Classes\jarfile\shell
Reg HKLM\SOFTWARE\Classes\jarfile\shell\open
Reg HKLM\SOFTWARE\Classes\jarfile\shell\open\command
Reg HKLM\SOFTWARE\Classes\jarfile\shell\open\command@ "C:\Program Files\Java\jre6\bin\javaw.exe" -jar "%1" %*
Reg HKLM\SOFTWARE\Classes\JavaPlugin\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin\CLSID@ {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_03\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_03\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_04\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_04\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_05\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_05\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_07\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_07\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_13\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin.160_13\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}
Reg HKLM\SOFTWARE\Classes\JavaPlugin.FamilyVersionSupport\CLSID
Reg HKLM\SOFTWARE\Classes\JavaPlugin.FamilyVersionSupport\CLSID@ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled@ isInstalled Class
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled\CLSID
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled\CurVer
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled\CurVer@ JavaWebStart.isInstalled.1.6.0.0
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0@ isInstalled Class
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0\CLSID
Reg HKLM\SOFTWARE\Classes\JavaWebStart.isInstalled.1.6.0.0\CLSID@ {5852F5ED-8BF4-11D4-A245-0080C6F74284}
Reg HKLM\SOFTWARE\Classes\JNLPFile@ JNLP File
Reg HKLM\SOFTWARE\Classes\JNLPFile\Shell
Reg HKLM\SOFTWARE\Classes\JNLPFile\Shell\Open
Reg HKLM\SOFTWARE\Classes\JNLPFile\Shell\Open@ &Launch
Reg HKLM\SOFTWARE\Classes\JNLPFile\Shell\Open\Command
Reg HKLM\SOFTWARE\Classes\JNLPFile\Shell\Open\Command@ "C:\Program Files\Java\jre6\bin\javaws.exe" "%1"
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler@ Adobe PDF Preview Handler for Vista
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler\CLSID
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler\CLSID@ {DC6EFB56-9CFA-464D-8880-44885D7DC193}
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler\CurVer
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler\CurVer@ PDFPrevHndlr.PDFPreviewHandler.1
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler.1@ Adobe PDF Preview Handler for Vista
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler.1\CLSID
Reg HKLM\SOFTWARE\Classes\PDFPrevHndlr.PDFPreviewHandler.1\CLSID@ {DC6EFB56-9CFA-464D-8880-44885D7DC193}
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell@ Adobe PDF Shell Extension
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell\CLSID
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell\CLSID@ {F9DB5320-233E-11D1-9F84-707F02C10627}
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell\CurVer
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell\CurVer@ PDFShell.PDFShell.1
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell.1@ Adobe PDF Shell Extension
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell.1\CLSID
Reg HKLM\SOFTWARE\Classes\PDFShell.PDFShell.1\CLSID@ {F9DB5320-233E-11D1-9F84-707F02C10627}
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo@ PDFShellInfo Class
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo\CLSID
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo\CLSID@ {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo\CurVer
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo\CurVer@ PDFShellServer.PDFShellInfo.1
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo.1@ PDFShellInfo Class
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo.1\CLSID
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo.1\CLSID@ {98D9A6F1-4696-4B5E-A2E8-36B3F9C1E12C}
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2@ PDFShellInfo2 Class
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2\CLSID
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2\CLSID@ {D38406DA-E8AA-484b-B80D-3D3DBDCC2FB2}
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2\Cur Ver
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2\Cur Ver@ PDFShellServer.PDFShellInfo2.1
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2.1@ PDFShellServer.PDFShellInfo2.1
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2.1\CLSID
Reg HKLM\SOFTWARE\Classes\PDFShellServer.PDFShellInfo2.1\CLSID@ {D38406DA-E8AA-484b-B80D-3D3DBDCC2FB2}
Reg HKLM\SOFTWARE\Classes\PDXFileType@ Acrobat Catalog Index
Reg HKLM\SOFTWARE\Classes\PDXFileType\DefaultIcon
Reg HKLM\SOFTWARE\Classes\PDXFileType\DefaultIcon@ C:\Windows\Installer\{AC76BA86-7AD7-1033-7B44-A91000000001}\PDXFile_8.ico,0
Reg HKLM\SOFTWARE\Classes\PDXFileType\shell
Reg HKLM\SOFTWARE\Classes\PDXFileType\shell\Read
Reg HKLM\SOFTWARE\Classes\PDXFileType\shell\Read@ Open with Adobe Reader 9
Reg HKLM\SOFTWARE\Classes\PDXFileType\shell\Read\command
Reg HKLM\SOFTWARE\Classes\PDXFileType\shell\Read\command@ "C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe" "%1"
Reg HKLM\SOFTWARE\Classes\PDXFileType\shell\Read\command@command 34TL`i`Z5(L)2F($,CC!ReaderProgramFiles>p=@0y{Wn0A8XHjl@4WqB "%1"?
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.3g2\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.3g2\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.3gp\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.3gp\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.aac\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.aac\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.ac3\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.ac3\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.aiff\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.aiff\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.amc\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.amc\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.AMR\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.AMR\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.au\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.au\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.caf\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.caf\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.flc\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.flc\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.gsm\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.gsm\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.jp2\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.jp2\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4a\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4a\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4b\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4b\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4p\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4p\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4v\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.m4v\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.mid\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.mid\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.mp4\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.mp4\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.mpeg\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.mpeg\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.pict\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.pict\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.png\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.png\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.qcp\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.qcp\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.rtsp\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.rtsp\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.sdp\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.sdp\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.sdv\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.sdv\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.sgi\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.sgi\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.targa\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.targa\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.wav\CLSID
Reg HKLM\SOFTWARE\Classes\QuickTimeMIME.wav\CLSID@ {4063BE15-3B08-470D-A0D5-B37161CFFD69}

---- EOF - GMER 1.0.15 ----

[fenzodahl512]

Please download the OTM by OldTimer

• Save it to your Desktop.
• Please double-click OTM to run it. (Vista users, please right click on OTM and select "Run as an Administrator")
• Copy the codebox contents and paste it to the "Paste List of Files/Folders to Move" window (under the light Yellow bar)
  
  

  :processes
  explorer.exe
  
  :files
  C:\Users\Dorraine\AppData\Roaming\Windows System Suite
  C:\ProgramData\WSYSSSys
  C:\ProgramData\6dc5568
  
  :commands
  [purity]
  [emptytemp]
  [start explorer]
  [reboot]

• Click the red Moveit! button.
• A log of files and folders moved will be created in the c:\_OTM\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
• Close OTM

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.



Run RSIT again... Post these logs in your next reply..

1. OTM
2. RSIT log.txt

[preacherswife]

Here is the first OTM results:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
C:\Users\Dorraine\AppData\Roaming\Windows System Suite moved successfully.
C:\ProgramData\WSYSSSys moved successfully.
C:\ProgramData\6dc5568\WSYSSSys moved successfully.
C:\ProgramData\6dc5568\BackUp moved successfully.
C:\ProgramData\6dc5568 moved successfully.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dorraine
->Temp folder emptied: 2041751 bytes
->Temporary Internet Files folder emptied: 194261931 bytes
->Java cache emptied: 27283753 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
C:\Windows\msdownld.tmp folder deleted successfully.
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 931586 bytes
RecycleBin emptied: 81829371 bytes

Total Files Cleaned = 292.19 mb


OTM by OldTimer - Version 3.0.0.6 log created on 08122009_133209

Files moved on Reboot...

Registry entries deleted on Reboot...

[preacherswife]

Here are the results of the second scan:

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\Users\Dorraine\AppData\Roaming\Windows System Suite not found.
File/Folder C:\ProgramData\WSYSSSys not found.
File/Folder C:\ProgramData\6dc5568 not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Dorraine
->Temp folder emptied: 779532 bytes
->Temporary Internet Files folder emptied: 5210226 bytes
->Java cache emptied: 0 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 5.71 mb


OTM by OldTimer - Version 3.0.0.6 log created on 08122009_135739

Files moved on Reboot...

Registry entries deleted on Reboot...




How are things looking thus far?

[fenzodahl512]

Er.. Why do you run OTM twice?.. Please run RSIT and post the fresh RSIT log here

[preacherswife]

I'm so very sorry for running that twice. I suppose I misread your information.

Please remind me, how do I run the RSIT scan?

[fenzodahl512]

Please download RSIT by random/random and save it to your Desktop.

• Double click on RSIT.exe to run RSIT
• Before you click "Continue", make sure you change the List files/folders created or modified in the last 3 months
• Click Continue at the disclaimer screen.
• Once it has finished, two logs will open. Please post the contents of both log.txt and info.txt in your next reply.

[preacherswife]

Here are the results of the Log.txt: Nothing came up with results from a "Info.txt."


Logfile of random's system information tool 1.06 (written by random/random)
Run by Dorraine at 2009-08-12 14:36:08
Microsoft® Windows Vista™ Home Premium Service Pack 2
System drive C: has 105 GB (70%) free of 151 GB
Total RAM: 2038 MB (58% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 2:36:23 PM, on 8/12/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
C:\Program Files\Toshiba\SmoothView\SmoothView.exe
C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\Program Files\Toshiba\ConfigFree\NDSTray.exe
C:\Program Files\Toshiba\Utilities\KeNotify.exe
C:\Program Files\Apoint2K\ApMsgFwd.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
C:\Program Files\iMesh Applications\Personalization\iMeshPersonalization.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Toshiba\TOSCDSPD\TOSCDSPD.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\OpenOffice.org 2.4\program\soffice.BIN
C:\Program Files\Apoint2K\Apntex.exe
C:\Program Files\SpywareGuard\sgbhp.exe
C:\Program Files\Toshiba\ConfigFree\CFSwMgr.exe
C:\Program Files\Internet Explorer\ieuser.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\Users\Dorraine\Desktop\RSIT.exe
C:\Program Files\trend micro\Dorraine.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.toshibadirect.com/dpdstart
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/d
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: iMeshPersonalization - {2E172451-9577-461f-BD9D-16D2E88D0F50} - C:\Program Files\iMesh Applications\Personalization\iMeshPersonalizationIE_v1053.dll
O2 - BHO: SpywareGuard Download Protection - {4A368E80-174F-4872-96B5-0B27DDD11DB2} - C:\Program Files\SpywareGuard\dlprotect.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [ITSecMng] %ProgramFiles%\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe /START
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [KeNotify] C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe" /startup
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe" /a /m "C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [Skytel] Skytel.exe
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKCU\..\Run: [iMeshPersonalization] "C:\Program Files\iMesh Applications\Personalization\iMeshPersonalization.exe"
O4 - HKCU\..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU\..\Run: [toscdspd] TOSCDSPD.EXE
O4 - Startup: OpenOffice.org 2.4.lnk = C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
O4 - Startup: SpywareGuard.lnk = C:\Program Files\SpywareGuard\sgmain.exe
O13 - Gopher Prefix:
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) - http://appldnld.appl...ex/qtplugin.cab
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) - file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx
O16 - DPF: {A8F2B9BD-A6A0-486A-9744-18920D898429} (ScorchPlugin Class) - http://www.sibelius....tiveXPlugin.cab
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} (ArmHelper Control) - file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.ad...Plus/1.6/gp.cab
O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\Windows\system32\agrsmsvc.exe
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe
O23 - Service: Google Desktop Manager 5.7.806.10245 (GoogleDesktopManager-061008-081103) - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files\Jumpstart\jswpsapi.exe
O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe
O23 - Service: pinger - Unknown owner - C:\Toshiba\IVP\ISM\pinger.exe
O23 - Service: Swupdtmr - Unknown owner - c:\Toshiba\IVP\swupdate\swupdtmr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

--
End of file - 8972 bytes

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2E172451-9577-461f-BD9D-16D2E88D0F50}]
iMeshPersonalization - C:\Program Files\iMesh Applications\Personalization\iMeshPersonalizationIE_v1053.dll [2008-06-10 661424]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{4A368E80-174F-4872-96B5-0B27DDD11DB2}]
SpywareGuardDLBLOCK.CBrowserHelper - C:\Program Files\SpywareGuard\dlprotect.dll [2003-08-02 192512]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - c:\program files\google\googletoolbar1.dll [2008-02-18 2403392]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java™ Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-05-20 35840]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - &Google - c:\program files\google\googletoolbar1.dll [2008-02-18 2403392]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"=C:\Windows\system32\igfxtray.exe [2007-09-20 141848]
"HotKeysCmds"=C:\Windows\system32\hkcmd.exe [2007-09-20 154136]
"Persistence"=C:\Windows\system32\igfxpers.exe [2007-09-20 129560]
"TPwrMain"=C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [2008-01-17 431456]
"SmoothView"=C:\Program Files\Toshiba\SmoothView\SmoothView.exe [2007-06-16 448080]
"00TCrdMain"=C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [2008-01-22 712704]
"Apoint"=C:\Program Files\Apoint2K\Apoint.exe [2006-09-11 180224]
"ITSecMng"=C:\Program Files\TOSHIBA\Bluetooth Toshiba Stack\ItSecMng.exe [2007-09-28 75136]
"NDSTray.exe"=NDSTray.exe []
"SVPWUTIL"=C:\Program Files\TOSHIBA\Utilities\SVPWUTIL.exe [2006-03-23 438272]
"KeNotify"=C:\Program Files\TOSHIBA\Utilities\KeNotify.exe [2006-11-06 34352]
"Google Desktop Search"=C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-19 29744]
"RtHDVCpl"=C:\Windows\RtHDVCpl.exe [2008-01-29 4911104]
"Symantec PIF AlertEng"=C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
"QuickTime Task"=C:\Program Files\QuickTime\qttask.exe [2008-07-08 413696]
"Adobe Reader Speed Launcher"=C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe [2009-02-27 35696]
"SunJavaUpdateSched"=C:\Program Files\Java\jre6\bin\jusched.exe [2009-05-20 148888]
"Skytel"=C:\Windows\Skytel.exe [2007-11-20 1826816]
"avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"iMeshPersonalization"=C:\Program Files\iMesh Applications\Personalization\iMeshPersonalization.exe [2008-06-10 1272240]
"ehTray.exe"=C:\Windows\ehome\ehTray.exe [2008-01-20 125952]
"WMPNSCFG"=C:\Program Files\Windows Media Player\WMPNSCFG.exe [2008-01-20 202240]
"toscdspd"=TOSCDSPD.EXE []

C:\Users\Dorraine\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
OpenOffice.org 2.4.lnk - C:\Program Files\OpenOffice.org 2.4\program\quickstart.exe
SpywareGuard.lnk - C:\Program Files\SpywareGuard\sgmain.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLS"="C:\PROGRA~1\Google\GOOGLE~1\GoogleDesktopNetwork3.dll"

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2007-09-13 204800]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{81559C35-8464-49F7-BB0E-07A383BEF910}"=C:\Program Files\SpywareGuard\spywareguard.dll [2003-08-02 126976]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\procexp90.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfPf]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfRd]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\WudfUsbccidDriver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableUIADesktopToggle"=0

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=
"BindDirectlyToPropertySetStorage"=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\TOSHIBA\ivp\NetInt\Netint.exe"="C:\TOSHIBA\ivp\NetInt\Netint.exe:*:Enabled:NIE - Toshiba Software Upgrades Engine"
"C:\TOSHIBA\Ivp\ISM\pinger.exe"="C:\TOSHIBA\Ivp\ISM\pinger.exe:*:Enabled:Toshiba Software Upgrades Pinger"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

======List of files/folders created in the last 3 months======

2009-08-12 13:32:09 ----D---- C:\_OTM
2009-08-11 19:58:29 ----D---- C:\rsit
2009-08-11 14:19:09 ----D---- C:\Program Files\ERUNT
2009-07-31 22:51:09 ----D---- C:\Program Files\SpeedFan
2009-07-29 12:48:56 ----A---- C:\Windows\system32\mshtml.dll
2009-07-29 12:48:52 ----A---- C:\Windows\system32\ieframe.dll
2009-07-29 12:48:51 ----A---- C:\Windows\system32\urlmon.dll
2009-07-29 12:48:49 ----A---- C:\Windows\system32\wininet.dll
2009-07-29 12:48:49 ----A---- C:\Windows\system32\ieui.dll
2009-07-29 12:48:48 ----A---- C:\Windows\system32\ieencode.dll
2009-07-17 21:54:34 ----A---- C:\Windows\system32\t2embed.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\lpk.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\fontsub.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\dciman32.dll
2009-07-17 21:54:33 ----A---- C:\Windows\system32\atmfd.dll
2009-07-14 23:11:55 ----D---- C:\ProgramData\PC Drivers HeadQuarters
2009-07-14 23:11:46 ----D---- C:\Program Files\PC Drivers HeadQuarters
2009-07-09 22:18:43 ----A---- C:\Windows\system32\unrar.dll
2009-07-09 22:18:28 ----D---- C:\Program Files\K-Lite Codec Pack
2009-06-11 22:26:45 ----A---- C:\Windows\system32\localspl.dll
2009-06-11 22:26:33 ----A---- C:\Windows\system32\rpcrt4.dll
2009-06-08 22:54:47 ----D---- C:\Program Files\SpywareGuard
2009-06-08 22:43:51 ----D---- C:\ProgramData\Avira
2009-06-08 22:43:51 ----D---- C:\Program Files\Avira
2009-06-04 01:36:11 ----D---- C:\_OTMoveIt
2009-06-02 00:41:45 ----D---- C:\Windows\system32\vi-VN
2009-06-02 00:41:45 ----D---- C:\Windows\system32\eu-ES
2009-06-02 00:41:45 ----D---- C:\Windows\system32\ca-ES
2009-06-02 00:27:44 ----D---- C:\Windows\system32\EventProviders
2009-06-02 00:25:44 ----A---- C:\Windows\system32\NlsLexicons0007.dll
2009-06-02 00:25:35 ----A---- C:\Windows\system32\SLCExt.dll
2009-06-02 00:25:34 ----A---- C:\Windows\system32\SLsvc.exe
2009-06-02 00:25:29 ----A---- C:\Windows\system32\FunctionDiscoveryFolder.dll
2009-06-02 00:25:29 ----A---- C:\Windows\system32\DevicePairingWizard.exe
2009-06-02 00:25:25 ----A---- C:\Windows\system32\NlsLexicons0009.dll
2009-06-02 00:25:20 ----A---- C:\Windows\system32\mssrch.dll
2009-06-02 00:25:16 ----A---- C:\Windows\system32\tquery.dll
2009-06-02 00:25:13 ----A---- C:\Windows\system32\PresentationNative_v0300.dll
2009-06-02 00:25:12 ----A---- C:\Windows\system32\RMActivate_isv.exe
2009-06-02 00:25:12 ----A---- C:\Windows\system32\lsasrv.dll
2009-06-02 00:25:11 ----A---- C:\Windows\system32\scavenge.dll
2009-06-02 00:25:11 ----A---- C:\Windows\system32\RMActivate.exe
2009-06-02 00:25:07 ----A---- C:\Windows\system32\msi.dll
2009-06-02 00:25:05 ----A---- C:\Windows\system32\imapi2fs.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\WscEapPr.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\wcnwiz2.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\sysmain.dll
2009-06-02 00:25:03 ----A---- C:\Windows\system32\secproc_isv.dll
2009-06-02 00:25:00 ----A---- C:\Windows\system32\icardagt.exe
2009-06-02 00:24:59 ----A---- C:\Windows\system32\mf.dll
2009-06-02 00:24:58 ----A---- C:\Windows\system32\EhStorShell.dll
2009-06-02 00:24:58 ----A---- C:\Windows\system32\AuxiliaryDisplayCpl.dll
2009-06-02 00:24:55 ----A---- C:\Windows\system32\spreview.exe
2009-06-02 00:24:55 ----A---- C:\Windows\system32\spinstall.exe
2009-06-02 00:24:55 ----A---- C:\Windows\system32\drmv2clt.dll
2009-06-02 00:24:53 ----A---- C:\Windows\system32\spwizui.dll
2009-06-02 00:24:53 ----A---- C:\Windows\system32\mcupdate_GenuineIntel.dll
2009-06-02 00:24:52 ----A---- C:\Windows\system32\shell32.dll
2009-06-02 00:24:52 ----A---- C:\Windows\system32\secproc.dll
2009-06-02 00:24:49 ----A---- C:\Windows\system32\SearchIndexer.exe
2009-06-02 00:24:49 ----A---- C:\Windows\system32\p2psvc.dll
2009-06-02 00:24:48 ----A---- C:\Windows\system32\mssvp.dll
2009-06-02 00:24:47 ----A---- C:\Windows\system32\MSMPEG2VDEC.DLL
2009-06-02 00:24:47 ----A---- C:\Windows\system32\mscoree.dll
2009-06-02 00:24:46 ----A---- C:\Windows\system32\mssphtb.dll
2009-06-02 00:24:46 ----A---- C:\Windows\system32\mssph.dll
2009-06-02 00:24:46 ----A---- C:\Windows\system32\imapi2.dll
2009-06-02 00:24:45 ----A---- C:\Windows\system32\sdohlp.dll
2009-06-02 00:24:44 ----A---- C:\Windows\system32\ntkrnlpa.exe
2009-06-02 00:24:43 ----A---- C:\Windows\system32\IMJP10K.DLL
2009-06-02 00:24:43 ----A---- C:\Windows\system32\esent.dll
2009-06-02 00:24:42 ----A---- C:\Windows\system32\DevicePairing.dll
2009-06-02 00:24:41 ----A---- C:\Windows\system32\sperror.dll
2009-06-02 00:24:41 ----A---- C:\Windows\system32\RMActivate_ssp.exe
2009-06-02 00:24:41 ----A---- C:\Windows\system32\korwbrkr.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\wevtsvc.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\SLC.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\PresentationHostProxy.dll
2009-06-02 00:24:40 ----A---- C:\Windows\system32\IasMigReader.exe
2009-06-02 00:24:39 ----A---- C:\Windows\system32\wmp.dll
2009-06-02 00:24:39 ----A---- C:\Windows\system32\RMActivate_ssp_isv.exe
2009-06-02 00:24:39 ----A---- C:\Windows\system32\msshsq.dll
2009-06-02 00:24:36 ----A---- C:\Windows\system32\WMVCORE.DLL
2009-06-02 00:24:36 ----A---- C:\Windows\system32\msjet40.dll
2009-06-02 00:24:35 ----A---- C:\Windows\system32\MPSSVC.dll
2009-06-02 00:24:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2009-06-02 00:24:34 ----A---- C:\Windows\system32\msxml6.dll
2009-06-02 00:24:32 ----A---- C:\Windows\system32\Query.dll
2009-06-02 00:24:32 ----A---- C:\Windows\system32\qmgr.dll
2009-06-02 00:24:31 ----A---- C:\Windows\system32\msexch40.dll
2009-06-02 00:24:30 ----A---- C:\Windows\system32\P2PGraph.dll
2009-06-02 00:24:30 ----A---- C:\Windows\system32\ole32.dll
2009-06-02 00:24:30 ----A---- C:\Windows\system32\diagperf.dll
2009-06-02 00:24:29 ----A---- C:\Windows\system32\ntdll.dll
2009-06-02 00:24:28 ----A---- C:\Windows\system32\winload.exe
2009-06-02 00:24:28 ----A---- C:\Windows\system32\srchadmin.dll
2009-06-02 00:24:28 ----A---- C:\Windows\system32\msxml3.dll
2009-06-02 00:24:27 ----A---- C:\Windows\system32\uDWM.dll
2009-06-02 00:24:27 ----A---- C:\Windows\system32\mmc.exe
2009-06-02 00:24:27 ----A---- C:\Windows\system32\mblctr.exe
2009-06-02 00:24:27 ----A---- C:\Windows\system32\EncDec.dll
2009-06-02 00:24:26 ----A---- C:\Windows\system32\IasMigPlugin.dll
2009-06-02 00:24:26 ----A---- C:\Windows\system32\dfsr.exe
2009-06-02 00:24:25 ----A---- C:\Windows\system32\riched20.dll
2009-06-02 00:24:25 ----A---- C:\Windows\system32\fdBth.dll
2009-06-02 00:24:24 ----A---- C:\Windows\system32\RacEngn.dll
2009-06-02 00:24:23 ----A---- C:\Windows\system32\kernel32.dll
2009-06-02 00:24:22 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2009-06-02 00:24:22 ----A---- C:\Windows\system32\SearchFilterHost.exe
2009-06-02 00:24:22 ----A---- C:\Windows\system32\milcore.dll
2009-06-02 00:24:22 ----A---- C:\Windows\system32\EhStorAPI.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\spoolss.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\schedsvc.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\NaturalLanguage6.dll
2009-06-02 00:24:21 ----A---- C:\Windows\system32\CertEnroll.dll
2009-06-02 00:24:20 ----A---- C:\Windows\system32\jscript.dll
2009-06-02 00:24:19 ----A---- C:\Windows\system32\msjtes40.dll
2009-06-02 00:24:19 ----A---- C:\Windows\system32\AuxiliaryDisplayDriverLib.dll
2009-06-02 00:24:18 ----A---- C:\Windows\system32\msvcp60.dll
2009-06-02 00:24:18 ----A---- C:\Windows\system32\infocardapi.dll
2009-06-02 00:24:18 ----A---- C:\Windows\system32\gpedit.dll
2009-06-02 00:24:16 ----A---- C:\Windows\system32\WinSAT.exe
2009-06-02 00:24:15 ----A---- C:\Windows\system32\PresentationSettings.exe
2009-06-02 00:24:15 ----A---- C:\Windows\system32\es.dll
2009-06-02 00:24:14 ----A---- C:\Windows\system32\mstext40.dll
2009-06-02 00:24:14 ----A---- C:\Windows\system32\Magnify.exe
2009-06-02 00:24:14 ----A---- C:\Windows\system32\AuxiliaryDisplayServices.dll
2009-06-02 00:24:14 ----A---- C:\Windows\system32\advapi32.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\WMPhoto.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\WebClnt.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\slwmi.dll
2009-06-02 00:24:11 ----A---- C:\Windows\system32\msexcl40.dll
2009-06-02 00:24:10 ----A---- C:\Windows\system32\WindowsAnytimeUpgradeCPL.dll
2009-06-02 00:24:10 ----A---- C:\Windows\system32\msxbde40.dll
2009-06-02 00:24:10 ----A---- C:\Windows\system32\comsvcs.dll
2009-06-02 00:24:09 ----A---- C:\Windows\system32\vssapi.dll
2009-06-02 00:24:09 ----A---- C:\Windows\system32\msfeeds.dll
2009-06-02 00:24:09 ----A---- C:\Windows\system32\authui.dll
2009-06-02 00:24:08 ----A---- C:\Windows\system32\mstscax.dll
2009-06-02 00:24:07 ----A---- C:\Windows\system32\vbscript.dll
2009-06-02 00:24:07 ----A---- C:\Windows\system32\PresentationHost.exe
2009-06-02 00:24:07 ----A---- C:\Windows\system32\NetProjW.dll
2009-06-02 00:24:07 ----A---- C:\Windows\system32\msrepl40.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\propsys.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\newdev.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\iasrecst.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\gpsvc.dll
2009-06-02 00:24:06 ----A---- C:\Windows\system32\eudcedit.exe
2009-06-02 00:24:06 ----A---- C:\Windows\system32\crypt32.dll
2009-06-02 00:24:05 ----A---- C:\Windows\system32\rpcss.dll
2009-06-02 00:24:05 ----A---- C:\Windows\system32\iedkcs32.dll
2009-06-02 00:24:05 ----A---- C:\Windows\explorer.exe
2009-06-02 00:24:04 ----A---- C:\Windows\system32\setupapi.dll
2009-06-02 00:24:04 ----A---- C:\Windows\system32\mspbde40.dll
2009-06-02 00:24:03 ----A---- C:\Windows\system32\d3d9.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\shlwapi.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\msltus40.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\mfc42.dll
2009-06-02 00:24:02 ----A---- C:\Windows\system32\davclnt.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\msrd3x40.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\msdtctm.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\EhStorPwdMgr.dll
2009-06-02 00:24:01 ----A---- C:\Windows\system32\EhStorAuthn.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\wevtapi.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\photowiz.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\nlhtml.dll
2009-06-02 00:24:00 ----A---- C:\Windows\system32\browseui.dll
2009-06-02 00:23:58 ----A---- C:\Windows\system32\user32.dll
2009-06-02 00:23:57 ----A---- C:\Windows\system32\samsrv.dll
2009-06-02 00:23:57 ----A---- C:\Windows\system32\quartz.dll
2009-06-02 00:23:57 ----A---- C:\Windows\system32\ci.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\win32spl.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\WcnNetsh.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\SLCommDlg.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\oleaut32.dll
2009-06-02 00:23:56 ----A---- C:\Windows\system32\kerberos.dll
2009-06-02 00:23:55 ----A---- C:\Windows\system32\printfilterpipelinesvc.exe
2009-06-02 00:23:55 ----A---- C:\Windows\system32\netshell.dll
2009-06-02 00:23:55 ----A---- C:\Windows\system32\msv1_0.dll
2009-06-02 00:23:55 ----A---- C:\Windows\system32\IKEEXT.DLL
2009-06-02 00:23:54 ----A---- C:\Windows\system32\winhttp.dll
2009-06-02 00:23:54 ----A---- C:\Windows\system32\compcln.exe
2009-06-02 00:23:54 ----A---- C:\Windows\system32\apds.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\xmlfilter.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\mswstr10.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\msctf.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\emdmgmt.dll
2009-06-02 00:23:53 ----A---- C:\Windows\system32\audiosrv.dll
2009-06-02 00:23:52 ----A---- C:\Windows\system32\QAGENTRT.DLL
2009-06-02 00:23:52 ----A---- C:\Windows\system32\msvcrt.dll
2009-06-02 00:23:52 ----A---- C:\Windows\system32\gdi32.dll
2009-06-02 00:23:51 ----A---- C:\Windows\system32\VSSVC.exe
2009-06-02 00:23:51 ----A---- C:\Windows\system32\SLUI.exe
2009-06-02 00:23:51 ----A---- C:\Windows\system32\mfc42u.dll
2009-06-02 00:23:51 ----A---- C:\Windows\system32\iphlpsvc.dll
2009-06-02 00:23:50 ----A---- C:\Windows\system32\sqlsrv32.dll
2009-06-02 00:23:50 ----A---- C:\Windows\system32\msrd2x40.dll
2009-06-02 00:23:50 ----A---- C:\Windows\system32\eapphost.dll
2009-06-02 00:23:49 ----A---- C:\Windows\system32\winresume.exe
2009-06-02 00:23:49 ----A---- C:\Windows\system32\shdocvw.dll
2009-06-02 00:23:49 ----A---- C:\Windows\system32\propdefs.dll
2009-06-02 00:23:49 ----A---- C:\Windows\system32\odbc32.dll
2009-06-02 00:23:48 ----A---- C:\Windows\system32\dbgeng.dll
2009-06-02 00:23:47 ----A---- C:\Windows\system32\wevtutil.exe
2009-06-02 00:23:47 ----A---- C:\Windows\system32\mssitlb.dll
2009-06-02 00:23:45 ----A---- C:\Windows\system32\WsmSvc.dll
2009-06-02 00:23:45 ----A---- C:\Windows\system32\swprv.dll
2009-06-02 00:23:45 ----A---- C:\Windows\system32\mmcndmgr.dll
2009-06-02 00:23:44 ----A---- C:\Windows\system32\usp10.dll
2009-06-02 00:23:44 ----A---- C:\Windows\system32\ieapfltr.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\vds.exe
2009-06-02 00:23:43 ----A---- C:\Windows\system32\netlogon.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\msscb.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\mshtmled.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\msctfp.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\fdBthProxy.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\drvinst.exe
2009-06-02 00:23:43 ----A---- C:\Windows\system32\devmgr.dll
2009-06-02 00:23:43 ----A---- C:\Windows\system32\adsldpc.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\wcnwiz.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\schannel.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\evr.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\DevicePairingProxy.dll
2009-06-02 00:23:42 ----A---- C:\Windows\system32\BFE.DLL
2009-06-02 00:23:41 ----A---- C:\Windows\system32\Wldap32.dll
2009-06-02 00:23:41 ----A---- C:\Windows\system32\PhotoMetadataHandler.dll
2009-06-02 00:23:40 ----A---- C:\Windows\system32\WSDApi.dll
2009-06-02 00:23:40 ----A---- C:\Windows\system32\WMVSDECD.DLL
2009-06-02 00:23:40 ----A---- C:\Windows\system32\WindowsCodecs.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\wercon.exe
2009-06-02 00:23:39 ----A---- C:\Windows\system32\services.exe
2009-06-02 00:23:39 ----A---- C:\Windows\system32\mimefilt.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\iertutil.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\comdlg32.dll
2009-06-02 00:23:39 ----A---- C:\Windows\system32\adtschema.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\wcncsvc.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\PortableDeviceApi.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\msdtcprx.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\msdrm.dll
2009-06-02 00:23:38 ----A---- C:\Windows\system32\certcli.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\umpnpmgr.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\taskeng.exe
2009-06-02 00:23:37 ----A---- C:\Windows\system32\rtffilt.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\reg.exe
2009-06-02 00:23:37 ----A---- C:\Windows\system32\mswdat10.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\msjter40.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\ipsmsnap.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\dnsapi.dll
2009-06-02 00:23:37 ----A---- C:\Windows\system32\certutil.exe
2009-06-02 00:23:36 ----A---- C:\Windows\system32\WMNetMgr.dll
2009-06-02 00:23:36 ----A---- C:\Windows\system32\w32time.dll
2009-06-02 00:23:36 ----A---- C:\Windows\system32\IPSECSVC.DLL
2009-06-02 00:23:35 ----A---- C:\Windows\system32\rsaenh.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\msshooks.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\msscntrs.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\msihnd.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\bthserv.dll
2009-06-02 00:23:35 ----A---- C:\Windows\system32\bcrypt.dll
2009-06-02 00:23:34 ----A---- C:\Windows\system32\TsWpfWrp.exe
2009-06-02 00:23:34 ----A---- C:\Windows\system32\msstrc.dll
2009-06-02 00:23:34 ----A---- C:\Windows\system32\MMDevAPI.dll
2009-06-02 00:23:34 ----A---- C:\Windows\system32\inetcomm.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\netapi32.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\mtxclu.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\mscories.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\inetpp.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\hidserv.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\fundisc.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\dfshim.dll
2009-06-02 00:23:33 ----A---- C:\Windows\system32\cryptsvc.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\wmicmiplugin.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\termsrv.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\profsvc.dll
2009-06-02 00:23:32 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2009-06-02 00:23:31 ----A---- C:\Windows\system32\gameux.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\wdc.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\shsvcs.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\msiexec.exe
2009-06-02 00:23:30 ----A---- C:\Windows\system32\imapi.dll
2009-06-02 00:23:30 ----A---- C:\Windows\system32\chsbrkr.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\spoolsv.exe
2009-06-02 00:23:29 ----A---- C:\Windows\system32\rasmans.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\pnidui.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\icardres.dll
2009-06-02 00:23:29 ----A---- C:\Windows\system32\iassdo.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\wersvc.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\slmgr.vbs
2009-06-02 00:23:28 ----A---- C:\Windows\system32\scrrun.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\PSHED.DLL
2009-06-02 00:23:28 ----A---- C:\Windows\system32\pdh.dll
2009-06-02 00:23:28 ----A---- C:\Windows\system32\autofmt.exe
2009-06-02 00:23:27 ----A---- C:\Windows\system32\dhcpcsvc.dll
2009-06-02 00:23:27 ----A---- C:\Windows\system32\CertEnrollUI.dll
2009-06-02 00:23:27 ----A---- C:\Windows\system32\azroles.dll
2009-06-02 00:23:26 ----A---- C:\Windows\system32\wmpmde.dll
2009-06-02 00:23:26 ----A---- C:\Windows\system32\winlogon.exe
2009-06-02 00:23:26 ----A---- C:\Windows\system32\SyncCenter.dll
2009-06-02 00:23:26 ----A---- C:\Windows\system32\pidgenx.dll
2009-06-02 00:23:24 ----A---- C:\Windows\system32\SLUINotify.dll
2009-06-02 00:23:24 ----A---- C:\Windows\system32\msjetoledb40.dll
2009-06-02 00:23:24 ----A---- C:\Windows\system32\comuid.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\WindowsCodecsExt.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\sethc.exe
2009-06-02 00:23:23 ----A---- C:\Windows\system32\ncrypt.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\kd1394.dll
2009-06-02 00:23:23 ----A---- C:\Windows\system32\certmgr.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\wisptis.exe
2009-06-02 00:23:22 ----A---- C:\Windows\system32\untfs.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\taskcomp.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\spp.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\scrobj.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\rtutils.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\iassam.dll
2009-06-02 00:23:22 ----A---- C:\Windows\system32\dwm.exe
2009-06-02 00:23:22 ----A---- C:\Windows\system32\autochk.exe
2009-06-02 00:23:21 ----A---- C:\Windows\system32\printui.dll
2009-06-02 00:23:21 ----A---- C:\Windows\system32\iasnap.dll
2009-06-02 00:23:21 ----A---- C:\Windows\system32\autoconv.exe
2009-06-02 00:23:20 ----A---- C:\Windows\system32\winsrv.dll
2009-06-02 00:23:20 ----A---- C:\Windows\system32\onex.dll
2009-06-02 00:23:20 ----A---- C:\Windows\system32\kdcom.dll
2009-06-02 00:23:20 ----A---- C:\Windows\system32\cscript.exe
2009-06-02 00:23:20 ----A---- C:\Windows\system32\basecsp.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\wow32.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\userenv.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\osk.exe
2009-06-02 00:23:19 ----A---- C:\Windows\system32\mswsock.dll
2009-06-02 00:23:19 ----A---- C:\Windows\system32\audiodg.exe
2009-06-02 00:23:18 ----A---- C:\Windows\system32\winmm.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\spcmsg.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\RelMon.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\rdpencom.dll
2009-06-02 00:23:18 ----A---- C:\Windows\system32\kdusb.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\WinSCard.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\WerFaultSecure.exe
2009-06-02 00:23:17 ----A---- C:\Windows\system32\offfilt.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\msftedit.dll
2009-06-02 00:23:17 ----A---- C:\Windows\system32\dnsrslvr.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\wsepno.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\WerFault.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\Utilman.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\stobject.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\SndVol.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\secproc_ssp_isv.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\secproc_ssp.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\mfplat.dll
2009-06-02 00:23:15 ----A---- C:\Windows\system32\diskraid.exe
2009-06-02 00:23:15 ----A---- C:\Windows\system32\apphelp.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\wiaservc.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\sysclass.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\prnntfy.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\odbccp32.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\msnetobj.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\mscms.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\mcmde.dll
2009-06-02 00:23:14 ----A---- C:\Windows\system32\adsmsext.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\wscript.exe
2009-06-02 00:23:13 ----A---- C:\Windows\system32\ulib.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\secur32.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\iasdatastore.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\dsound.dll
2009-06-02 00:23:13 ----A---- C:\Windows\system32\cryptui.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\wscntfy.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\wlansvc.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\rastapi.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\pnpsetup.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\ipsecsnp.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\IPHLPAPI.DLL
2009-06-02 00:23:12 ----A---- C:\Windows\system32\fdProxy.dll
2009-06-02 00:23:12 ----A---- C:\Windows\system32\brcpl.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\wscsvc.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\WMVENCOD.DLL
2009-06-02 00:23:11 ----A---- C:\Windows\system32\wlangpui.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\vdsdyn.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\rastls.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\netiohlp.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\logman.exe
2009-06-02 00:23:11 ----A---- C:\Windows\system32\iepeers.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\iashlpr.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\gpapi.dll
2009-06-02 00:23:11 ----A---- C:\Windows\system32\diskpart.exe
2009-06-02 00:23:10 ----A---- C:\Windows\system32\zipfldr.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\wusa.exe
2009-06-02 00:23:10 ----A---- C:\Windows\system32\wshext.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\regsvc.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\rasapi32.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\ntprint.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\mscorier.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\iasrad.dll
2009-06-02 00:23:10 ----A---- C:\Windows\system32\findstr.exe
2009-06-02 00:23:09 ----A---- C:\Windows\system32\wpccpl.dll
2009-06-02 00:23:09 ----A---- C:\Windows\system32\webcheck.dll
2009-06-02 00:23:09 ----A---- C:\Windows\system32\netcenter.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\wsnmp32.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\wer.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\themecpl.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\rasdlg.dll
2009-06-02 00:23:08 ----A---- C:\Windows\system32\iassvcs.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\uxsms.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\tsbyuv.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\srvsvc.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\slcc.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\scansetting.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\ntmarta.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\msutb.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\mstlsapi.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\mssprxy.dll
2009-06-02 00:23:06 ----A---- C:\Windows\system32\iasads.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\powrprof.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\powercpl.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\networkmap.dll
2009-06-02 00:23:05 ----A---- C:\Windows\system32\mstsc.exe
2009-06-02 00:23:05 ----A---- C:\Windows\system32\iasacct.dll
2009-06-02 00:23:04 ----A---- C:\Windows\system32\PerfCenterCPL.dll
2009-06-02 00:23:04 ----A---- C:\Windows\system32\authz.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\wlanhlp.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\sud.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\newdev.exe
2009-06-02 00:23:03 ----A---- C:\Windows\system32\dot3svc.dll
2009-06-02 00:23:03 ----A---- C:\Windows\system32\connect.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\themeui.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\systemcpl.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\pcaui.dll
2009-06-02 00:23:02 ----A---- C:\Windows\system32\accessibilitycpl.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\usercpl.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\samlib.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\mmci.dll
2009-06-02 00:23:01 ----A---- C:\Windows\system32\autoplay.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\wlanpref.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\rpchttp.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\regapi.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\qdvd.dll
2009-06-02 00:23:00 ----A---- C:\Windows\system32\ieaksie.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\wpcao.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\vdsutil.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\tapisrv.dll
2009-06-02 00:22:59 ----A---- C:\Windows\system32\msinfo32.exe
2009-06-02 00:22:58 ----A---- C:\Windows\system32\wscisvif.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\scksp.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\scesrv.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\rekeywiz.exe
2009-06-02 00:22:58 ----A---- C:\Windows\system32\psisdecd.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\oleprn.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\mpr.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\imm32.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\iaspolcy.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\feclient.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\Faultrep.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\dot3msm.dll
2009-06-02 00:22:58 ----A---- C:\Windows\system32\AudioSes.dll
2009-06-02 00:22:57 ----A---- C:\Windows\system32\sdclt.exe
2009-06-02 00:22:57 ----A---- C:\Windows\system32\dpapimig.exe
2009-06-02 00:22:57 ----A---- C:\Windows\system32\DeviceEject.exe
2009-06-02 00:22:56 ----A---- C:\Windows\system32\scecli.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\rasplap.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\rasgcw.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\qedit.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\pnpui.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\perfdisk.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\ncryptui.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\hdwwiz.exe
2009-06-02 00:22:56 ----A---- C:\Windows\system32\FWPUCLNT.DLL
2009-06-02 00:22:56 ----A---- C:\Windows\system32\extmgr.dll
2009-06-02 00:22:56 ----A---- C:\Windows\system32\certreq.exe
2009-06-02 00:22:55 ----A---- C:\Windows\system32\whealogr.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\TSTheme.exe
2009-06-02 00:22:55 ----A---- C:\Windows\system32\tcpmon.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\tcpipcfg.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\spwinsat.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\SmartcardCredentialProvider.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\PnPUnattend.exe
2009-06-02 00:22:55 ----A---- C:\Windows\system32\fdWSD.dll
2009-06-02 00:22:55 ----A---- C:\Windows\system32\cmmon32.exe
2009-06-02 00:22:54 ----A---- C:\Windows\system32\srcore.dll
2009-06-02 00:22:54 ----A---- C:\Windows\system32\SnippingTool.exe
2009-06-02 00:22:54 ----A---- C:\Windows\system32\SCardSvr.dll
2009-06-02 00:22:54 ----A---- C:\Windows\system32\conime.exe
2009-06-02 00:22:54 ----A---- C:\Windows\system32\cmdial32.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\wiaaut.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\raschap.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\MSVidCtl.dll
2009-06-02 00:22:53 ----A---- C:\Windows\system32\fontext.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\WMVXENCD.DLL
2009-06-02 00:22:52 ----A---- C:\Windows\system32\wlanui.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\wlanmsm.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\shwebsvc.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\rasppp.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\PnPutil.exe
2009-06-02 00:22:52 ----A---- C:\Windows\system32\oobefldr.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\dsprop.dll
2009-06-02 00:22:52 ----A---- C:\Windows\system32\dimsroam.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\shsetup.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\rasmontr.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\occache.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\mscandui.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\modemui.dll
2009-06-02 00:22:51 ----A---- C:\Windows\system32\chtbrkr.dll
2009-06-02 00:22:50 ----A---- C:\Windows\system32\wmdrmsdk.dll
2009-06-02 00:22:50 ----A---- C:\Windows\system32\dataclen.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\WSDMon.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\wlgpclnt.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\smss.exe
2009-06-02 00:22:49 ----A---- C:\Windows\system32\rdpwsx.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\netplwiz.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\credui.dll
2009-06-02 00:22:49 ----A---- C:\Windows\system32\blackbox.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\wpcsvc.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\wmpeffects.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\networkexplorer.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\mstime.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\jsproxy.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\ifmon.dll
2009-06-02 00:22:48 ----A---- C:\Windows\system32\cipher.exe
2009-06-02 00:22:48 ----A---- C:\Windows\system32\certprop.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\wscapi.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\thawbrkr.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\softkbd.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\sendmail.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\msscp.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\msrating.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\msimtf.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\logagent.exe
2009-06-02 00:22:47 ----A---- C:\Windows\system32\InkEd.dll
2009-06-02 00:22:47 ----A---- C:\Windows\system32\gpresult.exe
2009-06-02 00:22:46 ----A---- C:\Windows\system32\olepro32.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\msctfui.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\MediaMetadataHandler.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\drmmgrtn.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\dmsynth.dll
2009-06-02 00:22:46 ----A---- C:\Windows\system32\Apphlpdm.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\wshbth.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\version.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\SLLUA.exe
2009-06-02 00:22:45 ----A---- C:\Windows\system32\puiapi.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\msisip.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\mprapi.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\input.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\fc.exe
2009-06-02 00:22:45 ----A---- C:\Windows\system32\ExplorerFrame.dll
2009-06-02 00:22:45 ----A---- C:\Windows\system32\cdd.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\printfilterpipelineprxy.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\msjint40.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\MsCtfMonitor.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\l2nacp.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\fdSSDP.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\eapp3hst.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\dmusic.dll
2009-06-02 00:22:44 ----A---- C:\Windows\system32\cscapi.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\wsdchngr.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\Storprop.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\SMBHelperClass.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\rrinstaller.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\rasdial.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\rasdiag.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\PortableDeviceTypes.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\PortableDeviceClassExtension.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\ftp.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\fdWCN.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\dot3cfg.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\cscdll.dll
2009-06-02 00:22:43 ----A---- C:\Windows\system32\bthudtask.exe
2009-06-02 00:22:43 ----A---- C:\Windows\system32\bthci.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\tscupgrd.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\slcinst.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\ocsetup.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\nslookup.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\networkitemfactory.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\msfeedsbs.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\mfps.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\ipconfig.exe
2009-06-02 00:22:42 ----A---- C:\Windows\system32\hbaapi.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\FwRemoteSvr.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\fdeploy.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\eappgnui.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\eappcfg.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\CHxReadingStringIME.dll
2009-06-02 00:22:42 ----A---- C:\Windows\system32\aaclient.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\tsgqec.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\PNPXAssoc.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\mmcico.dll
2009-06-02 00:22:41 ----A---- C:\Windows\system32\mfpmp.exe
2009-06-02 00:22:41 ----A---- C:\Windows\system32\gpupdate.exe
2009-06-02 00:22:41 ----A---- C:\Windows\system32\atmlib.dll
2009-06-02 00:22:40 ----A---- C:\Windows\system32\NcdProp.dll
2009-06-02 00:22:40 ----A---- C:\Windows\system32\iscsilog.dll
2009-06-02 00:22:40 ----A---- C:\Windows\system32\csrstub.exe
2009-06-02 00:22:40 ----A---- C:\Windows\system32\cbsra.exe
2009-06-02 00:22:40 ----A---- C:\Windows\system32\bitsigd.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\winrnr.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\vdmdbg.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\slwga.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\odbcconf.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\midimap.dll
2009-06-02 00:22:39 ----A---- C:\Windows\system32\inetppui.dll
2009-06-02 00:22:38 ----A---- C:\Windows\system32\spwmp.dll
2009-06-02 00:22:37 ----A---- C:\Windows\system32\wmploc.DLL
2009-06-02 00:22:37 ----A---- C:\Windows\system32\dxmasf.dll
2009-06-02 00:22:36 ----A---- C:\Windows\system32\msimsg.dll
2009-06-02 00:22:36 ----A---- C:\Windows\system32\mferror.dll
2009-06-02 00:22:36 ----A---- C:\Windows\system32\f3ahvoas.dll
2009-06-02 00:22:06 ----A---- C:\Windows\system32\SmiEngine.dll
2009-06-02 00:22:02 ----A---- C:\Windows\system32\wdscore.dll
2009-06-02 00:22:02 ----A---- C:\Windows\system32\PkgMgr.exe
2009-06-02 00:21:51 ----A---- C:\Windows\system32\drvstore.dll
2009-05-27 13:21:35 ----A---- C:\Windows\system32\CF22803.exe
2009-05-23 00:39:17 ----SHD---- C:\$RECYCLE.BIN
2009-05-21 21:17:38 ----D---- C:\Windows\temp
2009-05-21 20:25:19 ----A---- C:\Windows\ntbtlog.txt
2009-05-21 18:36:44 ----A---- C:\Windows\PEV.exe
2009-05-21 18:36:08 ----D---- C:\Windows\ERDNT
2009-05-20 22:32:34 ----A---- C:\Windows\system32\javaws.exe
2009-05-20 22:32:34 ----A---- C:\Windows\system32\javaw.exe
2009-05-20 22:32:34 ----A---- C:\Windows\system32\java.exe
2009-05-19 19:28:38 ----D---- C:\ProgramData\SUPERAntiSpyware.com
2009-05-19 19:28:22 ----D---- C:\Users\Dorraine\AppData\Roaming\SUPERAntiSpyware.com
2009-05-19 19:28:22 ----D---- C:\Program Files\SUPERAntiSpyware

======List of files/folders modified in the last 3 months======

2009-08-12 14:36:11 ----D---- C:\Program Files\Trend Micro
2009-08-12 14:04:07 ----AD---- C:\Windows\System32
2009-08-12 14:04:07 ----A---- C:\Windows\system32\PerfStringBackup.INI
2009-08-12 14:00:16 ----D---- C:\Users\Dorraine\AppData\Roaming\OpenOffice.org2
2009-08-12 13:56:38 ----D---- C:\Windows\Prefetch
2009-08-12 13:49:41 ----D---- C:\ProgramData\NOS
2009-08-12 13:49:35 ----D---- C:\Program Files\NOS
2009-08-12 13:49:26 ----SD---- C:\Windows\Downloaded Program Files
2009-08-12 13:48:47 ----D---- C:\Windows\system32\catroot2
2009-08-12 13:38:44 ----D---- C:\Windows
2009-08-12 13:32:37 ----HD---- C:\ProgramData
2009-08-11 20:11:21 ----D---- C:\Users\Dorraine\AppData\Roaming\iMesh
2009-08-11 19:47:51 ----D---- C:\Program Files\Malwarebytes' Anti-Malware
2009-08-11 19:47:47 ----D---- C:\Windows\system32\drivers
2009-08-11 15:11:40 ----D---- C:\Windows\system32\catroot
2009-08-11 15:11:37 ----D---- C:\Windows\winsxs
2009-08-11 14:19:09 ----D---- C:\Program Files
2009-08-11 14:03:06 ----SHD---- C:\System Volume Information
2009-08-10 23:48:00 ----D---- C:\Users\Dorraine\AppData\Roaming\mIRC
2009-08-10 14:06:06 ----SHD---- C:\Windows\Installer
2009-08-03 13:56:29 ----D---- C:\Windows\inf
2009-07-29 12:47:11 ----D---- C:\Program Files\Windows Mail
2009-07-14 23:13:13 ----RSD---- C:\Windows\assembly
2009-07-09 22:47:17 ----D---- C:\Program Files\SpiralFrog
2009-07-09 13:28:54 ----D---- C:\Windows\system32\Macromed
2009-07-07 11:10:56 ----A---- C:\Windows\system32\mrt.exe
2009-07-07 00:32:28 ----A---- C:\Windows\swupdate.INI
2009-06-20 22:14:23 ----D---- C:\Windows\Microsoft.NET
2009-06-20 21:58:49 ----D---- C:\Windows\ehome
2009-06-20 21:50:38 ----D---- C:\Program Files\Microsoft Works
2009-06-08 22:52:49 ----AD---- C:\ProgramData\TEMP
2009-06-08 22:52:28 ----D---- C:\Program Files\SpywareBlaster
2009-06-04 00:48:11 ----D---- C:\Program Files\mIRC
2009-06-02 21:31:15 ----D---- C:\Windows\system32\WDI
2009-06-02 01:02:18 ----D---- C:\Windows\rescache
2009-06-02 00:53:02 ----SHD---- C:\Boot
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Sidebar
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Media Player
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Journal
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Collaboration
2009-06-02 00:42:20 ----D---- C:\Program Files\Windows Calendar
2009-06-02 00:42:20 ----D---- C:\Program Files\Movie Maker
2009-06-02 00:42:20 ----D---- C:\Program Files\Internet Explorer
2009-06-02 00:42:20 ----D---- C:\Program Files\Common Files\System
2009-06-02 00:42:19 ----D---- C:\Program Files\Windows Photo Gallery
2009-06-02 00:42:18 ----D---- C:\Windows\servicing
2009-06-02 00:42:18 ----D---- C:\Program Files\Windows Defender
2009-06-02 00:42:15 ----D---- C:\Windows\system32\XPSViewer
2009-06-02 00:42:15 ----D---- C:\Windows\system32\sk-SK
2009-06-02 00:42:15 ----D---- C:\Windows\system32\lv-LV
2009-06-02 00:42:15 ----D---- C:\Windows\system32\ko-KR
2009-06-02 00:42:15 ----D---- C:\Windows\system32\hr-HR
2009-06-02 00:42:15 ----D---- C:\Windows\system32\et-EE
2009-06-02 00:42:15 ----D---- C:\Windows\system32\da-DK
2009-06-02 00:42:15 ----D---- C:\Windows\IME
2009-06-02 00:42:14 ----D---- C:\Windows\system32\it-IT
2009-06-02 00:42:14 ----D---- C:\Windows\system32\en-US
2009-06-02 00:42:14 ----D---- C:\Windows\system32\el-GR
2009-06-02 00:42:14 ----D---- C:\Windows\system32\de-DE
2009-06-02 00:42:13 ----D---- C:\Windows\system32\oobe
2009-06-02 00:42:13 ----D---- C:\Windows\system32\migration
2009-06-02 00:42:07 ----D---- C:\Windows\system32\sv-SE
2009-06-02 00:42:07 ----D---- C:\Windows\system32\ru-RU
2009-06-02 00:42:07 ----D---- C:\Windows\system32\he-IL
2009-06-02 00:42:07 ----D---- C:\Windows\system32\fr-FR
2009-06-02 00:42:07 ----D---- C:\Windows\system32\AdvancedInstallers
2009-06-02 00:42:06 ----D---- C:\Windows\system32\SLUI
2009-06-02 00:42:06 ----D---- C:\Windows\system32\setup
2009-06-02 00:42:06 ----D---- C:\Windows\system32\pt-PT
2009-06-02 00:42:06 ----D---- C:\Windows\system32\hu-HU
2009-06-02 00:42:06 ----D---- C:\Windows\system32\fi-FI
2009-06-02 00:42:06 ----D---- C:\Windows\system32\cs-CZ
2009-06-02 00:42:05 ----D---- C:\Windows\system32\zh-TW
2009-06-02 00:42:05 ----D---- C:\Windows\system32\zh-CN
2009-06-02 00:42:05 ----D---- C:\Windows\system32\uk-UA
2009-06-02 00:42:05 ----D---- C:\Windows\system32\th-TH
2009-06-02 00:42:05 ----D---- C:\Windows\system32\sr-Latn-CS
2009-06-02 00:42:05 ----D---- C:\Windows\system32\sl-SI
2009-06-02 00:42:05 ----D---- C:\Windows\system32\ro-RO
2009-06-02 00:42:05 ----D---- C:\Windows\system32\pl-PL
2009-06-02 00:42:05 ----D---- C:\Windows\system32\manifeststore
2009-06-02 00:42:05 ----D---- C:\Windows\system32\ja-JP
2009-06-02 00:42:05 ----D---- C:\Windows\system32\es-ES
2009-06-02 00:42:05 ----D---- C:\Windows\system32\en
2009-06-02 00:42:05 ----D---- C:\Windows\system32\bg-BG
2009-06-02 00:42:04 ----D---- C:\Windows\system32\wbem
2009-06-02 00:42:04 ----D---- C:\Windows\system32\tr-TR
2009-06-02 00:42:04 ----D---- C:\Windows\system32\nl-NL
2009-06-02 00:42:04 ----D---- C:\Windows\system32\nb-NO
2009-06-02 00:42:04 ----D---- C:\Windows\system32\lt-LT
2009-06-02 00:42:04 ----D---- C:\Windows\system32\ar-SA
2009-06-02 00:42:03 ----D---- C:\Windows\system32\pt-BR
2009-06-02 00:42:03 ----D---- C:\Windows\system32\migwiz
2009-06-02 00:41:52 ----RSD---- C:\Windows\Fonts
2009-06-02 00:41:52 ----D---- C:\Windows\AppPatch
2009-06-02 00:41:45 ----D---- C:\Windows\system32\Boot
2009-06-02 00:40:13 ----D---- C:\Windows\system32\RTCOM
2009-05-23 00:35:46 ----A---- C:\Windows\system.ini
2009-05-23 00:28:14 ----D---- C:\Program Files\Common Files
2009-05-21 20:33:03 ----D---- C:\Program Files\Spybot - Search & Destroy
2009-05-21 20:33:02 ----D---- C:\ProgramData\Spybot - Search & Destroy
2009-05-21 12:08:52 ----D---- C:\Program Files\TOSHIBA Games
2009-05-20 22:32:08 ----A---- C:\Windows\system32\deploytk.dll
2009-05-20 22:31:59 ----D---- C:\Program Files\Java
2009-05-19 19:57:48 ----D---- C:\ProgramData\WildTangent
2009-05-18 01:57:40 ----D---- C:\ProgramData\Adobe
2009-05-18 01:57:36 ----D---- C:\Program Files\Common Files\Adobe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [2009-02-13 11608]
R1 avipbb;avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [2009-03-30 96104]
R1 jswpslwf;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwf.sys [2007-08-31 20352]
R1 ssmdrv;ssmdrv; C:\Windows\system32\DRIVERS\ssmdrv.sys [2009-06-09 28520]
R2 avgntflt;avgntflt; C:\Windows\system32\DRIVERS\avgntflt.sys [2009-08-07 55656]
R3 AgereSoftModem;TOSHIBA V92 Software Modem; C:\Windows\system32\DRIVERS\AGRSM.sys [2006-11-28 1161888]
R3 ApfiltrService;Alps Pointing-device Filter Driver; C:\Windows\system32\DRIVERS\Apfiltr.sys [2006-08-30 140800]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2008-07-29 919552]
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:\Windows\system32\DRIVERS\CmBatt.sys [2008-01-20 14208]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2007-09-13 1925632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2008-01-30 2058528]
R3 RTL8169;Realtek 8169 NT Driver; C:\Windows\system32\DRIVERS\Rtlh86.sys [2007-04-30 81408]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2009-04-11 89088]
R3 tdcmdpst;TOSHIBA Writing Engine Filter Driver; C:\Windows\system32\DRIVERS\tdcmdpst.sys [2006-10-18 16128]
R3 tifm21;tifm21; C:\Windows\system32\drivers\tifm21.sys [2007-01-24 290304]
S1 Cdr4_xp;Cdr4_xp; C:\Windows\system32\drivers\Cdr4_xp.sys [2006-10-04 2432]
S1 Cdralw2k;Cdralw2k; C:\Windows\system32\drivers\Cdralw2k.sys [2006-10-04 2560]
S3 Afc;PPdus ASPI Shell; C:\Windows\system32\drivers\Afc.sys [2005-02-22 11776]
S3 BVRPMPR5;BVRPMPR5 NDIS Protocol Driver; \??\C:\Windows\system32\drivers\BVRPMPR5.SYS [2007-07-12 49904]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:\Windows\system32\drivers\drmkaud.sys [2008-01-20 5632]
S3 GEARAspiWDM;GEARAspiWDM; C:\Windows\System32\Drivers\GEARAspiWDM.sys [2006-09-19 15664]
S3 HdAudAddService;Microsoft 1.1 UAA Function Driver for High Definition Audio Service; C:\Windows\system32\drivers\HdAudio.sys [2006-11-02 235520]
S3 Inspect;Comodo Firewall Network Driver; C:\Windows\system32\DRIVERS\inspect.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:\Windows\system32\drivers\MSKSSRV.sys [2008-01-20 8192]
S3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:\Windows\system32\drivers\MSPCLOCK.sys [2008-01-20 5888]
S3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:\Windows\system32\drivers\MSPQM.sys [2008-01-20 5504]
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:\Windows\system32\drivers\MSTEE.sys [2008-01-20 6016]
S3 NCHSSVAD;SoundTap Recorder; C:\Windows\system32\drivers\nchssvad.sys [2008-07-22 27136]
S3 NETw3v32;Intel® PRO/Wireless 3945ABG Adapter Driver for Windows Vista 32 Bit; C:\Windows\system32\DRIVERS\NETw3v32.sys [2008-01-20 2225664]
S3 Tosrfcom;Tosrfcom; C:\Windows\system32\drivers\Tosrfcom.sys []
S3 tosrfec;Bluetooth ACPI; C:\Windows\system32\DRIVERS\tosrfec.sys [2006-10-23 9216]
S3 TpChoice;Touch Pad Detection Filter driver; C:\Windows\system32\DRIVERS\TpChoice.sys []
S3 usbvideo;USB Video Device (WDM); C:\Windows\System32\Drivers\usbvideo.sys [2008-01-20 134016]
S3 WpdUsb;WpdUsb; C:\Windows\system32\DRIVERS\wpdusb.sys [2008-01-20 39936]
S3 WUDFRd;WUDFRd; C:\Windows\system32\DRIVERS\WUDFRd.sys [2008-01-20 83328]
S4 ErrDev;Microsoft Hardware Error Device Driver; C:\Windows\system32\drivers\errdev.sys [2008-01-20 6656]
S4 KR10I;KR10I; C:\Windows\system32\drivers\kr10i.sys [2006-11-09 219264]
S4 KR10N;KR10N; C:\Windows\system32\drivers\kr10n.sys [2006-11-09 211072]
S4 MegaSR;MegaSR; C:\Windows\system32\drivers\megasr.sys [2008-01-20 386616]
S4 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:\Windows\system32\drivers\wmiacpi.sys [2008-01-20 11264]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AgereModemAudio;Agere Modem Call Progress Audio; C:\Windows\system32\agrsmsvc.exe [2006-10-05 9216]
R2 AntiVirSchedulerService;Avira AntiVir Scheduler; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2009-06-09 108289]
R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2009-08-07 185089]
R2 ConfigFree Service;ConfigFree Service; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [2007-12-25 40960]
R2 LiveUpdate Notice Service;LiveUpdate Notice Service; C:\Program Files\Common Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe [2008-01-29 583048]
R2 pinger;pinger; C:\Toshiba\IVP\ISM\pinger.exe [2007-01-25 136816]
R2 Swupdtmr;Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [2007-10-23 66928]
R2 TNaviSrv;TOSHIBA Navi Support Service; C:\Program Files\Toshiba\TOSHIBA DVD PLAYER\TNaviSrv.exe [2008-01-21 83312]
R2 TODDSrv;TOSHIBA Optical Disc Drive Service; C:\Windows\system32\TODDSrv.exe [2007-11-21 129632]
R2 TosCoSrv;TOSHIBA Power Saver; C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [2008-01-17 431456]
R2 TOSHIBA Bluetooth Service;TOSHIBA Bluetooth Service; C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe [2007-09-28 128360]
R2 TOSHIBA SMART Log Service;TOSHIBA SMART Log Service; C:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv.exe [2007-12-03 126976]
R2 UleadBurningHelper;Ulead Burning Helper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [2006-08-23 49152]
S2 CLTNetCnService;Symantec Lic NetConnect service; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S2 LiveUpdate Notice Ex;LiveUpdate Notice Service Ex; C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe /h ccCommon []
S3 GameConsoleService;GameConsoleService; C:\Program Files\TOSHIBA Games\TOSHIBA Game Console\GameConsoleService.exe [2009-05-15 250616]
S3 GoogleDesktopManager-061008-081103;Google Desktop Manager 5.7.806.10245; C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe [2008-12-19 29744]
S3 gusvc;Google Updater Service; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2008-02-18 138168]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [2005-11-14 69632]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files\Jumpstart\jswpsapi.exe [2007-10-30 937984]
S3 LiveUpdate;LiveUpdate; C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE [2007-09-12 2999664]

-----------------EOF-----------------

Edited by preacherswife, 12 August 2009 - 12:41 PM.