Jump to content

Neonknight77

Anti-Spyware Brigade
  • Content Count

    563
  • Joined

  • Last visited

About Neonknight77

  • Rank
    Advanced Member
  • Birthday 12/20/1990

Contact Methods

  • AIM
    EvilDiabloGuy12
  • MSN
    Neonknight77@gmail.com
  • Website URL
    http://
  • ICQ
    0

Previous Fields

  • TechExpress Link:
    http://www.pcpitstop.com/techexpress.asp?id=GFTTFWXFCMJS8WAC
  • Teams:
    Nothing Selected
  1. Hello Juliet: My laptop has been with me for over 4 years, so I guess wear /// tear plus time have done their jobs... It just seems a bit slow at certain points and using too many resources at random times causing laptop to shut-down [overheating]. I wanted to find out if there was any malware hiding which would make it run slower or whatever could be hijacking all my CPU Usage / Memory.
  2. Greetings Juliet, it has been too long since we last interacted, I hope all is well. They all found nothing worthwile to note here, leading me to believe my PC is hooked up as Workstation so it is accessable via Remote Connection or proxy ports. Also, I have never downloaded, installed, or signed up for anything nor given consent to install an application called CryptoPrevent. I'm clueless as to what it is as well. How can I proceed further to make my computer run safely and efficiently without having to worry my information is being leaked? Did logs show anything? Thank you for your time, Tom
  3. Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 12:56:10 AM, on 10/1/2014 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v8.00 (8.00.7601.18571) FIREFOX: 32.0.3 (x86 en-US) Boot mode: Normal Running processes: C:\Program Files (x86)\ClamWin\bin\ClamTray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.56\deploy\League of Legends.exe C:\Users\OPERATOR\Downloads\HijackThis.exe R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll O4 - HKLM\..\Run: [ClamWin] "C:\Program Files (x86)\ClamWin\bin\ClamTray.exe" --logon O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-21-2062969748-2399301820-3542092180-1000\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (User '?') O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe O15 - Trusted Zone: http://*.OPERATOR-PC O15 - ESC Trusted Zone: http://*.OPERATOR-PC O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Kaspersky Security Scan Service (KSS) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) -- End of file - 5074 bytes Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-09-2014 Ran by OPERATOR (administrator) on OPERATOR-PC on 01-10-2014 00:15:05 Running from C:\Users\OPERATOR\Downloads Loaded Profile: OPERATOR (Available profiles: OPERATOR) Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 8 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (alch) C:\Program Files (x86)\ClamWin\bin\ClamTray.exe (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe () C:\Riot Games\League of Legends\RADS\system\rads_user_kernel.exe () C:\Riot Games\League of Legends\RADS\projects\lol_launcher\releases\0.0.0.223\deploy\LoLLauncher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_patcher\releases\0.0.0.7\deploy\LoLPatcher.exe () C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.112\deploy\LolClient.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe () C:\Riot Games\League of Legends\RADS\solutions\lol_game_client_sln\releases\0.0.1.56\deploy\League of Legends.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5581888 2014-02-24] (ESET) HKLM-x32\...\Run: [ClamWin] => C:\Program Files (x86)\ClamWin\bin\ClamTray.exe [86016 2014-08-07] (alch) HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.) HKU\S-1-5-21-2062969748-2399301820-3542092180-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7763736 2014-09-09] (SUPERAntiSpyware) ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers: [sharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\SysWOW64\EhStorShell.dll (Microsoft Corporation) ShellIconOverlayIdentifiers-x32: [sharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\SysWOW64\ntshrui.dll (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x771E25CD55CCCF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab Tcpip\Parameters: [DhcpNameServer] 10.0.1.1 FireFox: ======== FF ProfilePath: C:\Users\OPERATOR\AppData\Roaming\Mozilla\Firefox\Profiles\f3nybbca.default FF NetworkProxy: "type", 0 FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: LanSweeper Shellexec plugin - C:\Users\OPERATOR\AppData\Roaming\Mozilla\Firefox\Profiles\f3nybbca.default\Extensions\lansweeperplugin@lansweeper.com [2014-09-11] FF Extension: Adblock Plus - C:\Users\OPERATOR\AppData\Roaming\Mozilla\Firefox\Profiles\f3nybbca.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-21] FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-09-09] Chrome: ======= ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [1343408 2014-02-24] (ESET) R2 KSS; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Security Scan 2.0\kss.exe [202080 2014-02-21] (Kaspersky Lab ZAO) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2014-09-11] (Emsisoft GmbH) U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) S3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [94720 2014-06-21] (Advanced Micro Devices) [File not signed] S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-09-11] (Emsisoft GmbH) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [239320 2013-09-17] (ESET) U5 edevmon; C:\Windows\System32\Drivers\edevmon.sys [239296 2013-09-17] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [168256 2013-09-17] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [157432 2013-09-17] (ESET) S3 MEMSWEEP2; C:\Windows\system32\4C5D.tmp [6144 2011-05-12] (Sophos Plc) [File not signed] S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.) S3 rspSanity; C:\Windows\System32\DRIVERS\rspSanity64.sys [29752 2010-08-23] (Resplendence Software Projects Sp.) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S1 SAVRKBootTasks; C:\Windows\SysWOW64\SAVRKBootTasks.sys [18816 2011-05-12] (Sophos Group) [File not signed] S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.) S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X] S3 MFE_RR; \??\C:\Users\OPERATOR\AppData\Local\Temp\mfe_rr.sys [X] S3 NSNDIS5; \??\C:\Windows\system32\NSNDIS5.SYS [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-01 00:15 - 2014-10-01 00:15 - 00008736 _____ () C:\Users\OPERATOR\Downloads\FRST.txt 2014-10-01 00:14 - 2014-10-01 00:15 - 00000000 ____D () C:\FRST 2014-10-01 00:14 - 2014-10-01 00:14 - 02108928 _____ (Farbar) C:\Users\OPERATOR\Downloads\FRST64.exe 2014-09-30 16:39 - 2014-09-30 16:39 - 00000012 _____ () C:\Users\OPERATOR\Desktop\nme.txt 2014-09-30 14:24 - 2014-09-30 15:10 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\pangu 2014-09-30 14:23 - 2014-09-30 14:24 - 35796928 _____ () C:\Users\OPERATOR\Downloads\Pangu_v1.2.1.exe 2014-09-29 16:08 - 2014-09-30 14:16 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Apple Computer 2014-09-29 16:08 - 2014-09-29 16:08 - 00001783 _____ () C:\Users\Public\Desktop\iTunes.lnk 2014-09-29 16:08 - 2014-09-29 16:08 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Apple Computer 2014-09-29 16:08 - 2014-09-29 16:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes 2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Windows\System32\Tasks\Apple 2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Apple 2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\ProgramData\Apple Computer 2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69 2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Program Files\iTunes 2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Program Files\iPod 2014-09-29 16:07 - 2014-09-29 16:07 - 00000000 ____D () C:\Program Files (x86)\iTunes 2014-09-29 16:07 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys 2014-09-29 16:06 - 2014-09-29 16:06 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk 2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\ProgramData\Apple 2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files\Common Files\Apple 2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files\Bonjour 2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files (x86)\Bonjour 2014-09-29 16:06 - 2014-09-29 16:06 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update 2014-09-29 16:04 - 2014-09-29 16:05 - 112794960 _____ (Apple Inc.) C:\Users\OPERATOR\Downloads\iTunes64Setup.exe 2014-09-29 15:55 - 2014-09-29 15:55 - 41951144 _____ (Curse) C:\Users\OPERATOR\Downloads\CurseClientSetup_c4MB.exe 2014-09-29 15:55 - 2014-09-29 15:55 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Curse 2014-09-28 15:43 - 2011-05-12 16:05 - 00018816 ____N (Sophos Group) C:\Windows\SysWOW64\SAVRKBootTasks.sys 2014-09-28 15:22 - 2011-05-12 16:03 - 00006144 ____N (Sophos Plc) C:\Windows\system32\4C5D.tmp 2014-09-28 15:20 - 2011-05-12 16:03 - 00006144 ____N (Sophos Plc) C:\Windows\system32\531F.tmp 2014-09-28 13:42 - 2014-09-28 13:42 - 01112064 _____ () C:\Users\OPERATOR\Downloads\MicrosoftFixit50409.msi 2014-09-19 15:52 - 2014-09-30 23:53 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-09-19 15:52 - 2014-09-19 15:52 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-09-16 15:47 - 2014-09-16 15:47 - 00001330 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk 2014-09-16 15:47 - 2014-09-16 15:47 - 00000000 ____D () C:\Windows\ShellNew 2014-09-16 15:46 - 2014-09-16 15:46 - 00000000 __RHD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC 2014-09-16 15:46 - 2014-09-16 15:46 - 00000000 ____D () C:\Program Files\Windows Journal 2014-09-16 15:46 - 2014-09-16 15:46 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar 2014-09-16 15:42 - 2014-09-16 15:42 - 02372738 _____ () C:\Users\OPERATOR\Downloads\3fcn22ww_64.exe 2014-09-16 15:42 - 2014-09-16 15:42 - 00000000 ____D () C:\bios 2014-09-15 23:27 - 2014-09-15 23:27 - 00167112 _____ (ESET) C:\Users\OPERATOR\Downloads\ESETDorkbotCleaner.exe 2014-09-15 23:27 - 2014-09-15 23:27 - 00004862 _____ () C:\Users\OPERATOR\Downloads\ESETDorkbotCleaner.exe_20140915.212736.2236.log 2014-09-15 23:27 - 2014-09-15 23:27 - 00003902 _____ () C:\Users\OPERATOR\Downloads\ESETSpyEyeCleaner.exe_20140915.212703.1948.log 2014-09-15 23:26 - 2014-09-15 23:26 - 02991832 _____ (ESET) C:\Users\OPERATOR\Downloads\ERARemover_x64(1).exe 2014-09-15 23:26 - 2014-09-15 23:26 - 00164344 _____ (ESET) C:\Users\OPERATOR\Downloads\ESETSpyEyeCleaner.exe 2014-09-15 23:25 - 2014-09-15 23:25 - 00078832 _____ (ESET spol. s r.o.) C:\Users\OPERATOR\Downloads\ESETIRCBotANRCleaner.exe 2014-09-15 23:25 - 2014-09-15 23:25 - 00004952 _____ () C:\Users\OPERATOR\Downloads\ESETSirefefCleaner.exe_20140915.212510.2640.log 2014-09-15 23:25 - 2014-09-15 23:25 - 00004952 _____ () C:\Users\OPERATOR\Downloads\ESETSirefefCleaner.exe_20140915.212500.2964.log 2014-09-15 23:24 - 2014-09-15 23:24 - 00368992 _____ (ESET) C:\Users\OPERATOR\Downloads\ESETSirefefCleaner.exe 2014-09-15 23:19 - 2014-09-30 23:06 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware 2014-09-15 23:19 - 2014-09-15 23:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2014-09-15 23:18 - 2014-09-15 23:18 - 19279408 _____ (SUPERAntiSpyware) C:\Users\OPERATOR\Downloads\SUPERAntiSpyware(1).exe 2014-09-15 21:54 - 2014-09-15 21:54 - 00013247 _____ () C:\Users\OPERATOR\Desktop\Untitled 1.odt 2014-09-15 01:12 - 2014-09-15 01:12 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\OpenOffice 2014-09-15 00:56 - 2014-09-15 00:56 - 00001112 _____ () C:\Users\Public\Desktop\OpenOffice 4.1.1.lnk 2014-09-15 00:56 - 2014-09-15 00:56 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.1 2014-09-15 00:55 - 2014-09-15 00:55 - 00000000 ____D () C:\Program Files (x86)\OpenOffice 4 2014-09-15 00:53 - 2014-09-15 00:53 - 00000000 ____D () C:\Users\OPERATOR\Desktop\OpenOffice 4.1.1 (en-US) Installation Files 2014-09-15 00:52 - 2014-09-15 00:53 - 140852175 _____ () C:\Users\OPERATOR\Downloads\Apache_OpenOffice_4.1.1_Win_x86_install_en-US.exe 2014-09-11 05:34 - 2014-09-15 23:19 - 00001808 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2014-09-11 04:40 - 2014-09-11 04:40 - 00095480 _____ (Lansweeper) C:\Users\OPERATOR\Downloads\TestConnection.exe 2014-09-11 04:39 - 2014-09-11 04:39 - 00001439 _____ () C:\Users\OPERATOR\Downloads\lansweeper.vbs 2014-09-11 04:26 - 2014-09-30 23:06 - 00002042 _____ () C:\Windows\setupact.log 2014-09-11 04:26 - 2014-09-16 15:45 - 00009086 _____ () C:\Windows\PFRO.log 2014-09-11 04:26 - 2014-09-11 04:26 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-11 03:10 - 2014-09-11 03:10 - 00003936 _____ () C:\Users\OPERATOR\Downloads\wmiexp.xml 2014-09-11 03:10 - 2014-09-11 03:10 - 00000106 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc 2014-09-11 03:10 - 2014-09-11 03:10 - 00000000 ____D () C:\Program Files (x86)\IIS Express 2014-09-11 03:09 - 2014-09-11 05:27 - 00000000 ____D () C:\Program Files (x86)\Lansweeper 2014-09-11 03:09 - 2014-09-11 03:09 - 00098304 _____ (Coopware) C:\Users\OPERATOR\Downloads\wmiexp.exe 2014-09-11 03:08 - 2014-09-11 03:09 - 83414472 _____ (Lansweeper.com ) C:\Users\OPERATOR\Downloads\LansweeperSetup.exe 2014-09-11 03:07 - 2014-09-11 03:07 - 00931678 _____ (NoVirusThanks Company Srl ) C:\Users\OPERATOR\Downloads\hijackhunter_setup.exe 2014-09-11 03:07 - 2014-09-11 03:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Hen_IT 2014-09-11 03:07 - 2014-09-11 03:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Hen IT 2014-09-11 03:07 - 2014-09-11 03:07 - 00000000 ____D () C:\Program Files (x86)\Hen IT 2014-09-11 03:06 - 2014-09-11 03:06 - 04759552 _____ () C:\Users\OPERATOR\Downloads\QuickMon3.23.msi 2014-09-11 02:44 - 2014-09-11 05:30 - 00000000 ____D () C:\ProgramData\Foolish IT 2014-09-11 02:44 - 2014-09-11 02:44 - 00053248 _____ () C:\Windows\SysWOW64\zlib.dll 2014-09-11 02:42 - 2014-09-11 02:42 - 00959032 _____ (Foolish IT LLC ) C:\Users\OPERATOR\Downloads\CryptoPreventSetup.exe 2014-09-11 02:35 - 2014-09-11 02:35 - 04454112 _____ () C:\Users\OPERATOR\Downloads\crystal_aep_installer_1_0.exe 2014-09-11 02:18 - 2014-09-11 02:18 - 00372800 _____ (Kaspersky Lab.) C:\Users\OPERATOR\Downloads\klwk.exe 2014-09-11 02:18 - 2014-09-11 02:18 - 00171344 _____ (Kaspersky Lab) C:\Users\OPERATOR\Downloads\kidokiller(1).exe 2014-09-11 02:15 - 2014-09-11 02:15 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\WindowsUpdate 2014-09-11 02:03 - 2014-09-11 02:03 - 01288568 _____ (Microsoft Corporation) C:\Users\OPERATOR\Downloads\WindowsServer2003.WindowsXP-KB958644-x64-ENU.exe 2014-09-11 02:03 - 2014-09-11 02:03 - 00171344 _____ (Kaspersky Lab) C:\Users\OPERATOR\Downloads\kidokiller.exe 2014-09-11 02:01 - 2014-09-11 02:01 - 00702840 _____ (Microsoft Corporation) C:\Users\OPERATOR\Downloads\WindowsServer2003-KB958644-x86-ENU.exe 2014-09-11 01:48 - 2014-09-11 01:49 - 00000227 _____ () C:\Users\OPERATOR\Downloads\mbr.log 2014-09-11 01:44 - 2014-09-11 01:44 - 00089088 _____ () C:\Users\OPERATOR\Downloads\mbr.exe 2014-09-11 01:44 - 2014-09-11 01:44 - 00000000 ____D () C:\Program Files\Reason 2014-09-11 01:33 - 2014-09-11 01:33 - 02454896 _____ (Reason Company Software Inc.) C:\Users\OPERATOR\Downloads\herdProtectScan_Setup.exe 2014-09-11 01:26 - 2014-09-11 02:09 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\WinMHR 2014-09-11 01:26 - 2014-09-11 01:26 - 08756232 _____ (Team Cymru, Inc. ) C:\Users\OPERATOR\Downloads\WinMHR Beta Setup.exe 2014-09-11 01:26 - 2014-09-11 01:26 - 00000923 _____ () C:\Users\OPERATOR\Desktop\WinMHR.lnk 2014-09-11 01:26 - 2014-09-11 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinMHR 2014-09-11 01:26 - 2014-09-11 01:26 - 00000000 ____D () C:\Program Files (x86)\WinMHR 2014-09-11 01:18 - 2014-09-28 14:16 - 00000000 ____D () C:\EEK 2014-09-11 01:18 - 2014-09-11 01:18 - 00000743 _____ () C:\Users\OPERATOR\Desktop\Start Emsisoft Emergency Kit.lnk 2014-09-11 01:16 - 2014-09-11 01:17 - 156195952 _____ () C:\Users\OPERATOR\Downloads\EmsisoftEmergencyKit.exe 2014-09-11 01:06 - 2014-09-11 01:07 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\.clamwin 2014-09-11 01:06 - 2014-09-11 01:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ClamWin Antivirus 2014-09-11 01:06 - 2014-09-11 01:06 - 00000000 ____D () C:\ProgramData\.clamwin 2014-09-11 01:06 - 2014-09-11 01:06 - 00000000 ____D () C:\Program Files (x86)\ClamWin 2014-09-11 01:04 - 2014-09-11 01:05 - 101262137 _____ (alch ) C:\Users\OPERATOR\Downloads\clamwin-0.98.4.1-setup.exe 2014-09-11 01:04 - 2014-09-11 01:04 - 00737886 _____ (Andrea Russo - Italy ) C:\Users\OPERATOR\Downloads\ClamSentinel1.22.exe 2014-09-11 00:55 - 2014-09-28 15:20 - 00000000 ____D () C:\Program Files (x86)\Belarc 2014-09-11 00:52 - 2014-09-11 00:52 - 03297424 _____ () C:\Users\OPERATOR\Downloads\advisorinstaller.exe 2014-09-11 00:48 - 2014-09-11 00:48 - 00565352 _____ (Nsasoft LLC. ) C:\Users\OPERATOR\Downloads\RegAuditor.exe 2014-09-11 00:41 - 2014-09-11 00:41 - 00000000 ____D () C:\Windows\Minidump\Cezurity 2014-09-11 00:40 - 2014-09-11 00:40 - 01396968 _____ (Cezurity) C:\Users\OPERATOR\Downloads\Cezurity_Antivirus.exe 2014-09-11 00:38 - 2014-09-11 00:38 - 00000000 ____D () C:\ProgramData\Quietzone 2014-09-11 00:36 - 2014-09-11 00:36 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Quietzone 2014-09-11 00:35 - 2014-09-11 00:36 - 00522016 _____ (Returnil and its licensors) C:\Users\OPERATOR\Downloads\RQZ_NI_SETUP.exe 2014-09-11 00:17 - 2014-09-11 00:17 - 00000000 ____D () C:\Users\OPERATOR\SecurityScans 2014-09-11 00:15 - 2014-09-11 00:15 - 01810432 _____ () C:\Users\OPERATOR\Downloads\MBSASetup-x64-EN.msi 2014-09-11 00:10 - 2014-09-11 00:10 - 04493312 _____ () C:\Users\OPERATOR\Downloads\inSSIDer_WiFiHelper_Installer.msi 2014-09-11 00:09 - 2014-09-11 00:09 - 00000000 __SHD () C:\Users\OPERATOR\AppData\Local\icsxml 2014-09-11 00:08 - 2014-09-11 00:08 - 00000037 ___SH () C:\Users\OPERATOR\AppData\Local\69ff07055291669bb2b218.72821112 2014-09-11 00:08 - 2014-09-11 00:08 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\MetaGeek,_LLC 2014-09-11 00:06 - 2014-09-11 00:39 - 00000000 ____D () C:\Program Files (x86)\nProbe-Win32 2014-09-11 00:06 - 2014-09-11 00:07 - 04509696 _____ () C:\Users\OPERATOR\Downloads\inSSIDer4-installer.msi 2014-09-11 00:00 - 2014-09-11 01:29 - 00000000 ____D () C:\Program Files (x86)\SystemTools 2014-09-11 00:00 - 2003-03-19 03:12 - 01047552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll 2014-09-11 00:00 - 2003-03-19 01:14 - 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2014-09-10 23:25 - 2014-09-10 23:25 - 01324940 _____ () C:\Users\OPERATOR\Downloads\NetStumblerInstaller_0_4_0.exe 2014-09-10 22:19 - 2014-09-11 04:02 - 00000000 ____D () C:\Users\OPERATOR\Desktop\mbar 2014-09-10 22:13 - 2014-09-11 04:15 - 00002214 _____ () C:\Users\OPERATOR\Desktop\Rkill.txt 2014-09-10 22:10 - 2014-09-10 22:11 - 00000310 _____ () C:\Users\OPERATOR\Downloads\RootkitRemover_20140910_201059.log 2014-09-10 22:02 - 2014-09-10 22:02 - 00004284 _____ () C:\Users\OPERATOR\Downloads\Audiosrv(1).reg 2014-09-10 19:15 - 2014-09-10 19:46 - 00093930 _____ () C:\Windows\system32\config\rules.rdb 2014-09-10 19:14 - 2014-09-10 19:47 - 37300224 _____ () C:\Windows\system32\config\sscan.xas 2014-09-10 19:14 - 2014-09-10 19:30 - 01118208 _____ () C:\Windows\system32\config\sscan.0 2014-09-10 19:12 - 2014-09-10 19:12 - 00000148 _____ () C:\Windows\system32\machine.ini 2014-09-10 19:09 - 2014-09-10 19:11 - 207788256 _____ (Agnitum, Ltd. ) C:\Users\OPERATOR\Downloads\OutpostSecuritySuiteProInstall_x64.exe 2014-09-10 18:41 - 2014-09-10 21:12 - 00000000 ____D () C:\Program Files (x86)\Nagios 2014-09-10 18:41 - 2014-09-10 18:41 - 09934771 _____ () C:\Users\OPERATOR\Downloads\ncpa-1.7.2.exe 2014-09-10 18:18 - 2014-09-10 18:18 - 02723908 _____ () C:\Users\OPERATOR\Downloads\ipscan-3.3.1-setup.exe 2014-09-10 18:18 - 2014-09-10 18:18 - 01990013 _____ () C:\Users\OPERATOR\Downloads\ipscan-win64-3.3.1.exe 2014-09-10 18:18 - 2014-09-10 18:18 - 00000000 ____D () C:\Users\OPERATOR\.swt 2014-09-10 18:15 - 2014-09-10 18:15 - 00005632 _____ () C:\Users\OPERATOR\Downloads\noshare.exe 2014-09-10 18:14 - 2014-09-10 18:14 - 00117312 _____ (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\securable.exe 2014-09-10 18:13 - 2014-09-10 18:13 - 00013824 _____ () C:\Users\OPERATOR\Downloads\id.exe 2014-09-10 18:09 - 2014-09-10 18:09 - 00029696 _____ (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\DCOMbob.exe 2014-09-10 18:08 - 2014-09-10 18:08 - 00025600 ____R (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\leaktest.exe 2014-09-10 18:07 - 2014-09-10 18:07 - 00022528 _____ (Gibson Research Corp.) C:\Users\OPERATOR\Downloads\unpnp.exe 2014-09-10 17:58 - 2014-09-10 18:03 - 00000000 ____D () C:\Users\OPERATOR\.zenmap 2014-09-10 17:57 - 2014-09-10 21:12 - 00000000 ____D () C:\Program Files (x86)\Nmap 2014-09-10 17:57 - 2014-09-10 17:57 - 27111830 _____ (Insecure.org) C:\Users\OPERATOR\Downloads\nmap-6.47-setup.exe 2014-09-10 17:51 - 2014-09-10 17:51 - 08734520 _____ (Microsoft Corporation) C:\Users\OPERATOR\Downloads\NM34_ia64.exe 2014-09-10 17:10 - 2014-09-10 17:10 - 00000000 ____D () C:\Users\OPERATOR\Documents\SweetScape 2014-09-10 17:10 - 2014-09-10 17:10 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\SweetScape 2014-09-10 17:09 - 2014-09-10 17:09 - 13446424 _____ (SweetScape Software ) C:\Users\OPERATOR\Downloads\010EditorWin32Installer502.exe 2014-09-10 16:38 - 2014-09-10 16:38 - 00000017 _____ () C:\Users\OPERATOR\AppData\Local\resmon.resmoncfg 2014-09-10 15:06 - 2014-09-28 22:03 - 00000000 ____D () C:\Program Files\MyDefrag v4.3.1 2014-09-10 15:06 - 2014-09-10 15:06 - 02082630 _____ (J.C. Kessels ) C:\Users\OPERATOR\Downloads\MyDefrag-v4.3.1.exe 2014-09-10 15:06 - 2014-09-10 15:06 - 00000863 _____ () C:\Users\Public\Desktop\MyDefrag.lnk 2014-09-10 15:06 - 2014-09-10 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MyDefrag v4.3.1 2014-09-10 15:04 - 2014-09-10 15:05 - 13213240 _____ (IObit ) C:\Users\OPERATOR\Downloads\smart-defrag-setup.exe.part 2014-09-10 14:35 - 2014-09-10 14:35 - 00000000 ____D () C:\ProgramData\Western Digital 2014-09-10 13:35 - 2014-09-26 16:30 - 00063568 _____ () C:\Users\OPERATOR\AppData\Local\GDIPFONTCACHEV1.DAT 2014-09-10 13:31 - 2014-09-10 13:31 - 04901352 _____ (Piriform Ltd) C:\Users\OPERATOR\Downloads\ccsetup417.exe 2014-09-10 13:31 - 2014-09-10 13:31 - 00002778 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC 2014-09-10 13:31 - 2014-09-10 13:31 - 00000822 _____ () C:\Users\Public\Desktop\CCleaner.lnk 2014-09-10 13:31 - 2014-09-10 13:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2014-09-10 13:31 - 2014-09-10 13:31 - 00000000 ____D () C:\Program Files\CCleaner 2014-09-10 12:54 - 2014-09-10 12:55 - 00000000 ____D () C:\HiJack This 2014-09-10 12:52 - 2014-09-10 12:52 - 00019091 _____ () C:\Users\OPERATOR\Desktop\dds.txt 2014-09-10 12:52 - 2014-09-10 12:52 - 00002749 _____ () C:\Users\OPERATOR\Desktop\attach.txt 2014-09-10 12:51 - 2014-09-10 12:51 - 00688992 ____R (Swearware) C:\Users\OPERATOR\Downloads\dds.com 2014-09-10 12:48 - 2014-09-10 12:48 - 00001841 _____ () C:\Users\OPERATOR\Downloads\sg_backup_2014-09-10-1048.spg 2014-09-10 12:48 - 2014-09-10 12:48 - 00001841 _____ () C:\Users\OPERATOR\Downloads\FirstBackup.spg 2014-09-10 12:46 - 2014-09-10 12:46 - 00659456 _____ (Speed Guide Inc.) C:\Users\OPERATOR\Downloads\TCPOptimizer.exe 2014-09-10 12:18 - 2014-09-10 12:18 - 00854417 _____ () C:\Users\OPERATOR\Downloads\SecurityCheck.exe 2014-09-10 12:17 - 2014-09-10 12:17 - 00400632 _____ (Bleeping Computer, LLC) C:\Users\OPERATOR\Downloads\ListCWall(1).exe 2014-09-10 12:13 - 2014-09-10 12:13 - 11424456 _____ (Bitdefender LLC) C:\Users\OPERATOR\Downloads\BootkitRemoval_x64.exe 2014-09-10 12:12 - 2014-09-10 12:12 - 00783120 _____ (McAfee, Inc.) C:\Users\OPERATOR\Downloads\rootkitremover.exe 2014-09-10 12:12 - 2014-09-10 12:12 - 00000310 _____ () C:\Users\OPERATOR\Downloads\RootkitRemover_20140910_101228.log 2014-09-10 12:04 - 2013-12-24 18:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll 2014-09-10 12:04 - 2013-12-24 17:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 12:04 - 2013-11-26 03:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll 2014-09-10 12:04 - 2013-11-22 17:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll 2014-09-10 12:04 - 2011-04-27 22:55 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys 2014-09-10 12:04 - 2011-04-27 22:54 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS 2014-09-10 11:53 - 2014-09-10 11:53 - 00000000 ____D () C:\ProgramData\Intel 2014-09-10 03:37 - 2014-09-10 03:37 - 09950232 _____ (Trend Micro Inc.) C:\Users\OPERATOR\Downloads\RootkitBusterV5.0-1129.exe 2014-09-10 03:04 - 2014-09-10 03:04 - 00945272 _____ (Prevx) C:\Users\OPERATOR\Downloads\prevxcsifree.exe 2014-09-10 02:57 - 2014-09-10 02:57 - 00064912 _____ (ESET spol. s r.o.) C:\Users\OPERATOR\Downloads\ESETDaonolCleaner.exe 2014-09-10 02:51 - 2014-09-10 02:52 - 02991832 _____ (ESET) C:\Users\OPERATOR\Downloads\ERARemover_x64.exe 2014-09-10 02:41 - 2010-08-23 19:07 - 00029752 _____ (Resplendence Software Projects Sp.) C:\Windows\system32\Drivers\rspSanity64.sys 2014-09-10 02:40 - 2014-09-10 02:40 - 00777872 _____ (Resplendence Software Projects Sp. ) C:\Users\OPERATOR\Downloads\hookanlz.exe 2014-09-10 02:22 - 2014-09-10 02:24 - 154949200 _____ () C:\Users\OPERATOR\Downloads\9kvwprn6.exe 2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Notepad++ 2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++ 2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++ 2014-09-10 01:49 - 2014-09-10 01:49 - 00000000 ____D () C:\Program Files (x86)\Notepad++ 2014-09-10 01:48 - 2014-09-10 01:49 - 07945210 _____ () C:\Users\OPERATOR\Downloads\npp.6.6.9.Installer.exe 2014-09-10 01:16 - 2014-09-10 01:16 - 00004284 _____ () C:\Users\OPERATOR\Downloads\Audiosrv.reg 2014-09-10 00:28 - 2014-09-10 00:28 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM 2014-09-10 00:28 - 2014-09-10 00:28 - 00000000 ____D () C:\Program Files\Realtek 2014-09-10 00:27 - 2014-04-10 14:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll 2014-09-10 00:27 - 2009-11-24 11:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2014-09-10 00:27 - 2009-11-24 11:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2014-09-10 00:27 - 2009-11-24 11:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2014-09-10 00:27 - 2009-11-24 11:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2014-09-10 00:26 - 2014-05-14 20:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2014-09-10 00:26 - 2014-05-14 18:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT 2014-09-10 00:26 - 2014-05-09 13:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2014-09-10 00:26 - 2014-04-30 13:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2014-09-10 00:26 - 2014-04-28 17:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2014-09-10 00:26 - 2014-04-25 15:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2014-09-10 00:26 - 2014-04-25 15:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2014-09-10 00:26 - 2014-03-06 18:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2014-09-10 00:26 - 2014-01-28 13:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2014-09-10 00:26 - 2011-12-20 17:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2014-09-10 00:26 - 2011-11-22 18:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2014-09-10 00:26 - 2010-11-08 09:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2014-09-10 00:26 - 2010-11-08 09:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2014-09-10 00:26 - 2010-11-08 09:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2014-09-10 00:26 - 2010-11-08 09:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2014-09-10 00:26 - 2010-11-08 09:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2014-09-10 00:26 - 2010-11-08 09:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2014-09-10 00:26 - 2010-11-03 20:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2014-09-10 00:25 - 2014-04-10 14:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2014-09-10 00:25 - 2014-04-10 14:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll 2014-09-10 00:25 - 2010-09-27 11:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2014-09-10 00:24 - 2014-02-18 19:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2014-09-10 00:24 - 2013-10-16 05:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2014-09-10 00:24 - 2013-10-11 14:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2014-09-10 00:24 - 2012-03-08 13:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2014-09-09 23:43 - 2014-09-09 23:43 - 00000000 ____D () C:\Program Files (x86)\Realtek 2014-09-09 23:39 - 2014-09-09 23:40 - 231686082 _____ (Realtek Semiconductor Corp.) C:\Users\OPERATOR\Downloads\Win7_Win8_Win81_R275.exe 2014-09-09 23:35 - 2014-09-10 00:28 - 00000000 ___HD () C:\Program Files (x86)\Temp 2014-09-09 23:35 - 2014-09-09 23:35 - 50331681 _____ () C:\Users\OPERATOR\Downloads\MEI_Win8_8.1.10.1286_PV.exe 2014-09-09 23:35 - 2014-02-26 17:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2014-09-09 23:34 - 2014-09-09 23:34 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\OPERATOR\Downloads\64bit_Win7_Win8_Win81_R275(1).exe 2014-09-09 23:30 - 2014-09-10 00:24 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-09-09 23:30 - 2014-09-09 23:30 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\InstallShield 2014-09-09 23:29 - 2014-09-09 23:29 - 06976080 _____ (Macrovision Corporation) C:\Users\OPERATOR\Downloads\iata_enu.exe 2014-09-09 23:11 - 2014-09-09 23:11 - 08737656 _____ (Smith Micro Software, Inc.) C:\Users\OPERATOR\Downloads\StuffItExpanderx64_1507_2518a.exe 2014-09-09 22:56 - 2014-09-09 23:18 - 00000000 ____D () C:\Users\OPERATOR\.idlerc 2014-09-09 22:43 - 2014-09-09 22:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Python 2.7 2014-09-09 22:42 - 2014-09-09 22:43 - 00000000 ____D () C:\Python27 2014-09-09 22:42 - 2014-09-09 22:42 - 16703488 _____ () C:\Users\OPERATOR\Downloads\python-2.7.8.msi 2014-09-09 22:02 - 2014-09-09 22:02 - 00000000 ____D () C:\ProgramData\ATI 2014-09-09 21:59 - 2014-09-09 21:59 - 00062276 _____ () C:\Windows\SysWOW64\CCCInstall_201409091959309517.log 2014-09-09 21:59 - 2014-09-09 21:59 - 00000000 ____D () C:\Program Files (x86)\AMD AVT 2014-09-09 21:58 - 2014-09-09 21:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center 2014-09-09 21:50 - 2014-09-09 21:50 - 00000000 ____D () C:\Program Files (x86)\ATI Technologies 2014-09-09 21:48 - 2014-09-09 21:48 - 00000000 ____D () C:\Program Files\ATI 2014-09-09 21:47 - 2014-09-09 21:58 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-09-09 21:46 - 2014-09-09 21:46 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\Apps\2.0 2014-09-09 21:38 - 2014-09-09 21:26 - 00291606 _____ () C:\Users\OPERATOR\Desktop\TCPView-1.zip 2014-09-09 21:37 - 2014-09-11 04:33 - 00000000 ____D () C:\Windows\pss 2014-09-09 21:33 - 2014-09-09 21:34 - 320743024 _____ (AMD Inc.) C:\Users\OPERATOR\Downloads\amd-catalyst-14.7-rc3-windows-aug12.exe 2014-09-09 21:33 - 2014-09-09 21:33 - 00055240 _____ () C:\Windows\SysWOW64\CCCInstall_201409091933202786.log 2014-09-09 21:27 - 2014-09-09 21:27 - 00891224 _____ (AMD) C:\Users\OPERATOR\Downloads\amddriverdownloader(2).exe 2014-09-09 20:28 - 2014-09-09 20:28 - 00000000 ____D () C:\ProgramData\Sun 2014-09-09 20:28 - 2014-09-09 20:28 - 00000000 ____D () C:\ProgramData\Oracle 2014-09-09 20:27 - 2014-09-09 20:27 - 00918952 _____ (Oracle Corporation) C:\Users\OPERATOR\Downloads\jxpiinstall.exe 2014-09-09 20:27 - 2014-09-09 20:27 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe 2014-09-09 20:27 - 2014-09-09 20:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe 2014-09-09 20:27 - 2014-09-09 20:27 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe 2014-09-09 20:27 - 2014-09-09 20:27 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll 2014-09-09 20:27 - 2014-09-09 20:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-09-09 20:27 - 2014-09-09 20:27 - 00000000 ____D () C:\Program Files (x86)\Java 2014-09-09 20:26 - 2014-09-09 20:26 - 00001124 _____ () C:\Users\Public\Desktop\Aggiorna ESET license.lnk 2014-09-09 20:26 - 2014-09-09 20:26 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-09-09 20:24 - 2014-09-09 20:24 - 00000000 ____D () C:\Users\OPERATOR\AppData\Local\ESET 2014-09-09 20:19 - 2014-09-10 02:53 - 00000000 ____D () C:\ProgramData\ESET 2014-09-09 20:19 - 2014-09-09 20:19 - 00000000 ____D () C:\ProgramData\SeriousBit 2014-09-09 20:19 - 2014-09-09 20:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2014-09-09 20:19 - 2014-09-09 20:19 - 00000000 ____D () C:\Program Files\ESET 2014-09-09 20:18 - 2014-09-09 20:18 - 05093168 _____ (SeriousBit ) C:\Users\OPERATOR\Downloads\NetBalancerSetup.exe 2014-09-09 20:18 - 2013-11-25 12:28 - 00041392 _____ (SeriousBit) C:\Windows\system32\Drivers\nbdrv.sys 2014-09-09 20:11 - 2014-09-09 20:11 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\WinRAR 2014-09-09 20:11 - 2014-09-09 20:11 - 00000000 ____D () C:\Users\OPERATOR\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-09-09 20:11 - 2014-09-09 20:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2014-09-09 20:10 - 2014-09-09 20:11 - 00000000 ____D () C:\Program Files\WinRAR 2014-09-09 20:10 - 2014-09-09 20:10 - 01922688 _____ () C:\Users\OPERATOR\Downloads\winrar-x64-511.exe 2014-09-09 20:09 - 2014-09-09 20:11 - 95059299 _____ () C:\Users\OPERATOR\Downloads\sHaRewbb_eavnt7317w64n.rar 2014-09-09 19:41 - 2014-09-09 19:41 - 00985600 _____ () C:\Users\OPERATOR\Downloads\MicrosoftFixit50123.msi 2014-09-09 18:32 - 2014-09-09 18:33 - 00000000 ____D () C:\Windows\system32\MRT 2014-09-09 18:31 - 2014-08-16 00:56 - 12289024 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 09055232 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 02466816 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00495616 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-09 18:31 - 2014-08-16 00:56 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe 2014-09-09 18:31 - 2014-08-16 00:56 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe 2014-09-09 18:31 - 2014-08-16 00:55 - 01538048 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-09 18:31 - 2014-08-16 00:55 - 00174592 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-09-09 18:31 - 2014-08-16 00:36 - 06025728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-09-09 18:31 - 2014-08-16 00:36 - 01266176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-09-09 18:31 - 2014-08-16 00:36 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-09-09 18:31 - 2014-08-16 00:36 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-09-09 18:31 - 2014-08-16 00:36 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll 2014-09-09 18:31 - 2014-08-16 00:36 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-09-09 18:31 - 2014-08-16 00:36 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll 2014-09-09 18:31 - 2014-08-16 00:35 - 11019264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-09-09 18:31 - 2014-08-16 00:35 - 02086400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-09-09 18:31 - 2014-08-16 00:35 - 01466368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-09-09 18:31 - 2014-08-16 00:35 - 00345600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-09-09 18:31 - 2014-08-16 00:35 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-09-09 18:31 - 2014-08-16 00:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-09-09 18:31 - 2014-08-16 00:35 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-09-09 18:31 - 2014-08-16 00:35 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe 2014-09-09 18:31 - 2014-08-16 00:35 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-09-09 18:31 - 2014-08-16 00:35 - 00015872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe 2014-09-09 18:31 - 2014-08-16 00:05 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-09 18:31 - 2014-08-15 23:48 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-09-09 18:29 - 2013-01-13 16:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 16:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll 2014-09-09 18:29 - 2013-01-13 15:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll 2014-09-09 18:29 - 2013-01-13 15:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll 2014-09-09 18:29 - 2013-01-13 15:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll 2014-09-09 18:29 - 2013-01-13 15:08 - 01504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll 2014-09-09 18:29 - 2013-01-13 15:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll 2014-09-09 18:29 - 2013-01-13 14:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2014-09-09 18:29 - 2013-01-13 14:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2014-09-09 18:29 - 2013-01-13 14:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll 2014-09-09 18:29 - 2013-01-13 14:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll 2014-09-09 18:29 - 2013-01-13 14:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll 2014-09-09 18:29 - 2013-01-13 14:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll 2014-09-09 18:29 - 2013-01-13 14:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll 2014-09-09 18:29 - 2013-01-13 14:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll 2014-09-09 18:29 - 2013-01-13 14:43 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll 2014-09-09 18:29 - 2013-01-13 14:38 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll 2014-09-09 18:29 - 2013-01-13 14:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll 2014-09-09 18:29 - 2013-01-13 14:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll 2014-09-09 18:29 - 2013-01-13 14:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll 2014-09-09 18:29 - 2013-01-13 14:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll 2014-09-09 18:29 - 2013-01-13 14:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll 2014-09-09 18:29 - 2013-01-13 14:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll 2014-09-09 18:29 - 2013-01-13 14:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll 2014-09-09 18:29 - 2013-01-13 14:15 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll 2014-09-09 18:29 - 2013-01-13 14:02 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll 2014-09-09 18:29 - 2013-01-13 13:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll 2014-09-09 18:29 - 2013-01-13 13:32 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll 2014-09-09 18:29 - 2013-01-13 13:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll 2014-09-09 18:29 - 2013-01-13 12:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll 2014-09-09 18:29 - 2013-01-13 12:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll 2014-09-09 18:29 - 2013-01-04 01:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-09 18:29 - 2013-01-04 01:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll 2014-09-09 18:29 - 2012-03-01 01:46 - 00023408 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys 2014-09-09 18:29 - 2012-03-01 01:28 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll 2014-09-09 18:29 - 2012-03-01 00:29 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll 2014-09-09 18:21 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-09-09 18:21 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll 2014-09-09 18:21 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-09-09 18:21 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-09-09 18:21 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe 2014-09-09 18:21 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll 2014-09-09 18:20 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2014-09-09 18:20 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-09-09 18:19 - 2014-03-04 04:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2014-09-09 18:19 - 2014-03-04 04:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll 2014-09-09 18:19 - 2014-03-04 04:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll 2014-09-09 18:19 - 2014-03-04 04:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll 2014-09-09 18:19 - 2014-03-04 04:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-09-09 18:19 - 2014-03-04 04:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll 2014-09-09 18:19 - 2014-03-04 04:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll 2014-09-09 18:19 - 2014-03-04 04:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll 2014-09-09 18:19 - 2014-03-04 04:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll 2014-09-09 18:19 - 2014-03-04 04:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll 2014-09-09 18:19 - 2014-03-04 04:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe 2014-09-09 18:19 - 2014-03-04 04:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe 2014-09-09 18:19 - 2014-03-04 04:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll 2014-09-09 18:19 - 2014-03-04 04:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll 2014-09-09 18:19 - 2014-03-04 04:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll 2014-09-09 18:19 - 2014-03-04 04:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll 2014-09-09 18:19 - 2014-03-04 04:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll 2014-09-09 18:19 - 2014-03-04 04:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll 2014-09-09 18:19 - 2014-03-04 04:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll 2014-09-09 18:19 - 2014-03-04 04:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll 2014-09-09 18:19 - 2013-08-01 21:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2014-09-09 18:19 - 2013-08-01 21:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2014-09-09 18:19 - 2013-08-01 21:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2014-09-09 18:19 - 2013-08-01 20:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll 2014-09-09 18:19 - 2013-08-01 20:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll 2014-09-09 18:19 - 2013-08-01 19:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2014-09-09 18:18 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-09-09 18:18 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-09-09 18:18 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-09-09 18:18 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll 2014-09-09 18:18 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll 2014-09-09 18:18 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll 2014-09-09 18:18 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll 2014-09-09 18:18 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll 2014-09-09 18:18 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll 2014-09-09 18:18 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe 2014-09-09 18:18 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll 2014-09-09 18:18 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe 2014-09-09 18:18 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe 2014-09-09 18:18 - 2013-08-01 21:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 21:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 20:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 20:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll 2014-09-09 18:18 - 2013-08-01 20:48 - 00004096 ____H (Microsoft Corporation) C
  4. I'm guessing I posted the log in my dream or something.... No further comment haha. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 11:23:28 PM, on 5/19/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16766) Boot mode: Normal Running processes: C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugin-container.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugin-container.exe C:\Program Files (x86)\iTunes\iTunes.exe C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe C:\Users\Tom\Hijack This\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart O4 - HKCU\..\Run: [F.lux] "C:\Users\Tom\Local Settings\Apps\F.lux\flux.exe" /noshow O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-21-2648566887-3171390982-2798019677-1007\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'UpdatusUser') O4 - HKUS\S-1-5-21-2648566887-3171390982-2798019677-1007\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'UpdatusUser') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B7D1AFFF-DC37-4B33-AF54-5EC824633B1A}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS64.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 11541 bytes
  5. Did you see anything that should be 'ticked' in the Hijack This log, and then Fixed? Okay, and I have ran the command in my Run box.
  6. No, I am not. Does the HJT log have anything that needs to be deleted?
  7. File "c:\windows\SysWOW64\yhloadb4D.dll" has been deleted by my anti-virus (AntiVir), detailed results show it was a Trojan. Also, after scanning with ESET, there was no indications of any suspicious file/s.
  8. ComboFix 11-05-16.03 - Tom 05/17/2011 7:41.2.2 - x64 Microsoft Windows 7 Ultimate 6.1.7600.0.1252.1.1033.18.4094.2548 [GMT -5:00] Running from: c:\users\Tom\Downloads\ComboFix.exe AV: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2011 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\users\Tom\AppData\Roaming\EurekaLog . . ((((((((((((((((((((((((( Files Created from 2011-04-17 to 2011-05-17 ))))))))))))))))))))))))))))))) . . 2011-05-17 12:45 . 2011-05-17 12:45 -------- d-----w- c:\users\LogMeInRemoteUser\AppData\Local\temp 2011-05-17 12:45 . 2011-05-17 12:45 -------- d-----w- c:\users\Default\AppData\Local\temp 2011-05-17 12:31 . 2011-05-17 12:31 -------- d-----w- c:\windows\SysWow64\Wat 2011-05-17 12:30 . 2011-05-17 12:31 -------- d-----w- c:\windows\system32\Wat 2011-05-17 04:39 . 2011-05-17 04:39 -------- d-----w- c:\program files (x86)\MSXML 4.0 2011-05-17 04:24 . 2010-08-26 05:27 148992 ----a-w- c:\windows\system32\t2embed.dll 2011-05-17 04:20 . 2010-10-16 05:17 720896 ----a-w- c:\windows\system32\odbc32.dll 2011-05-17 04:20 . 2010-10-16 05:16 495616 ----a-w- c:\program files\Common Files\System\ado\msadox.dll 2011-05-17 04:20 . 2010-10-16 05:16 466944 ----a-w- c:\program files\Common Files\System\ado\msadomd.dll 2011-05-17 04:20 . 2010-10-16 05:16 1425408 ----a-w- c:\program files\Common Files\System\ado\msado15.dll 2011-05-17 04:20 . 2010-10-16 05:16 258048 ----a-w- c:\program files\Common Files\System\msadc\msadco.dll 2011-05-17 04:20 . 2010-10-16 04:34 573440 ----a-w- c:\windows\SysWow64\odbc32.dll 2011-05-17 04:20 . 2010-10-16 04:33 372736 ----a-w- c:\program files (x86)\Common Files\System\ado\msadox.dll 2011-05-17 04:20 . 2010-10-16 04:33 352256 ----a-w- c:\program files (x86)\Common Files\System\ado\msadomd.dll 2011-05-17 04:20 . 2010-10-16 04:33 987136 ----a-w- c:\program files (x86)\Common Files\System\ado\msado15.dll 2011-05-17 04:20 . 2010-10-16 04:33 208896 ----a-w- c:\program files (x86)\Common Files\System\msadc\msadco.dll 2011-05-17 04:19 . 2010-08-27 06:14 236032 ----a-w- c:\windows\system32\srvsvc.dll 2011-05-17 04:19 . 2010-08-27 05:46 9728 ----a-w- c:\windows\SysWow64\sscore.dll 2011-05-16 22:45 . 2011-05-16 22:45 404640 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2011-05-16 21:21 . 2011-05-16 21:21 -------- d-----w- c:\users\Tom\AppData\Roaming\SUPERAntiSpyware.com 2011-05-16 21:21 . 2011-05-16 21:21 -------- d-----w- c:\programdata\SUPERAntiSpyware.com 2011-05-16 21:21 . 2011-05-16 21:21 -------- d-----w- c:\programdata\!SASCORE 2011-05-16 21:21 . 2011-05-16 21:21 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-05-15 08:00 . 2011-05-15 08:00 -------- d--h--w- c:\program files (x86)\InstallShield Installation Information 2011-05-15 07:59 . 2011-05-16 22:46 -------- d-----w- c:\users\UpdatusUser 2011-05-15 07:46 . 2011-05-15 07:49 -------- d-----w- c:\program files (x86)\DiskCheckup 2011-05-15 05:46 . 2011-05-16 21:15 -------- d-----w- c:\users\Tom\Hijack This 2011-05-15 05:35 . 2010-05-26 15:45 18816 ------w- c:\windows\SysWow64\SAVRKBootTasks.sys 2011-05-15 04:48 . 2010-05-26 15:39 6144 ------w- c:\windows\system32\7AB0.tmp 2011-05-15 04:47 . 2010-05-26 15:39 6144 ------w- c:\windows\system32\BF.tmp 2011-05-15 04:47 . 2011-05-15 04:47 -------- d-----w- c:\program files (x86)\Sophos 2011-05-15 04:45 . 2011-05-15 04:45 -------- d-----w- c:\users\Tom\Pavark 2011-05-15 04:18 . 2011-05-15 04:40 -------- d-----w- c:\users\Tom\DoctorWeb 2011-05-12 05:42 . 2011-05-15 05:08 -------- d-----w- c:\programdata\Spybot - Search & Destroy 2011-05-12 05:42 . 2011-05-12 05:43 -------- d-----w- c:\program files (x86)\Spybot - Search & Destroy 2011-05-12 03:17 . 2011-05-16 22:42 -------- d-----w- c:\program files\PeerBlock 2011-05-12 02:04 . 2011-05-16 22:55 -------- d-----w- c:\programdata\Skype Extras 2011-05-12 02:03 . 2011-05-12 02:03 -------- d-----w- c:\program files (x86)\Common Files\Skype 2011-05-11 00:04 . 2011-05-11 00:04 -------- d-----w- c:\program files\iPod 2011-05-11 00:04 . 2011-05-11 00:04 -------- d-----w- c:\program files\iTunes 2011-05-11 00:02 . 2011-05-11 00:02 -------- d-----w- c:\program files (x86)\Bonjour 2011-05-11 00:02 . 2011-05-11 00:02 -------- d-----w- c:\program files\Bonjour 2011-05-09 23:43 . 2011-05-09 23:43 -------- d-----w- c:\programdata\ProcessLasso 2011-05-09 23:42 . 2011-05-09 23:43 -------- d-----w- c:\users\Tom\AppData\Roaming\ProcessLasso 2011-05-09 23:42 . 2011-05-09 23:43 -------- d-----w- c:\program files\Process Lasso 2011-04-27 15:47 . 1999-06-23 21:13 86016 ----a-w- c:\windows\unvise32.exe 2011-04-27 15:47 . 2011-04-27 15:48 -------- d-----w- c:\program files (x86)\Aleks 3.14 2011-04-22 15:11 . 2011-04-22 15:11 -------- d-----w- c:\users\Tom\AppData\Local\Apps . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-04-08 05:14 . 2011-02-20 08:03 2034280 ----a-w- c:\windows\SysWow64\nvapi.dll 2011-04-08 05:14 . 2010-08-24 18:50 6299752 ----a-w- c:\windows\SysWow64\nvwgf2um.dll 2011-04-08 05:14 . 2009-12-26 04:23 2273896 ----a-w- c:\windows\system32\nvapi64.dll 2011-04-08 05:14 . 2009-07-13 21:59 8411752 ----a-w- c:\windows\system32\nvwgf2umx.dll 2011-04-08 04:19 . 2011-04-08 04:19 117864 ----a-w- c:\windows\system32\nvmctray.dll 2011-04-08 04:19 . 2011-04-08 04:19 797288 ----a-w- c:\windows\system32\easyUpdatusAPIU64.dll 2011-04-08 04:19 . 2011-04-08 04:19 1012328 ----a-w- c:\windows\system32\nvvsvc.exe 2011-04-08 04:19 . 2011-04-08 04:19 6338152 ----a-w- c:\windows\system32\nvcpl.dll 2011-04-08 04:19 . 2011-04-08 04:19 3041384 ----a-w- c:\windows\system32\nvsvc64.dll 2011-04-06 21:26 . 2011-04-06 21:26 96544 ----a-w- c:\windows\system32\dnssd.dll 2011-04-06 21:26 . 2011-04-06 21:26 69408 ----a-w- c:\windows\system32\jdns_sd.dll 2011-04-06 21:26 . 2011-04-06 21:26 237856 ----a-w- c:\windows\system32\dnssdX.dll 2011-04-06 21:26 . 2011-04-06 21:26 119584 ----a-w- c:\windows\system32\dns-sd.exe 2011-04-06 21:20 . 2011-04-06 21:20 91424 ----a-w- c:\windows\SysWow64\dnssd.dll 2011-04-06 21:20 . 2011-04-06 21:20 75040 ----a-w- c:\windows\SysWow64\jdns_sd.dll 2011-04-06 21:20 . 2011-04-06 21:20 197920 ----a-w- c:\windows\SysWow64\dnssdX.dll 2011-04-06 21:20 . 2011-04-06 21:20 107808 ----a-w- c:\windows\SysWow64\dns-sd.exe 2011-03-01 17:12 . 2010-01-09 02:02 87456 ----a-w- c:\windows\system32\LMIRfsClientNP.dll 2011-03-01 17:12 . 2010-01-09 02:02 33152 ----a-w- c:\windows\system32\LMIport.dll 2011-03-01 17:12 . 2010-01-09 02:02 80768 ----a-w- c:\windows\system32\LMIinit.dll 2011-02-18 21:36 . 2011-02-18 21:36 51712 ----a-w- c:\windows\system32\drivers\usbaapl64.sys 2011-02-18 21:36 . 2011-02-18 21:36 4184352 ----a-w- c:\windows\system32\usbaaplrc.dll 2009-07-14 01:11 585728 --sha-w- c:\windows\SysWOW64\yhloadb4D.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Eraser"="c:\program files\Eraser\Eraser.exe" [2007-12-22 542720] "OpenDNS Updater"="c:\program files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" [2010-06-16 839680] "F.lux"="c:\users\Tom\Local Settings\Apps\F.lux\flux.exe" [2009-08-29 966656] "Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2011-04-18 15146376] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2011-05-04 2988928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 31016] "WinampAgent"="c:\program files (x86)\Winamp\winampa.exe" [2010-12-09 74752] "Adobe Reader Speed Launcher"="c:\program files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-12-22 35760] "Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-21 932288] "SunJavaUpdateSched"="c:\program files (x86)\Java\jre6\bin\jusched.exe" [2010-02-26 149280] "HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2007-05-08 54840] "hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528] "TkBellExe"="c:\program files (x86)\Real\RealPlayer\update\realsched.exe" [2011-01-29 273544] "QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2010-11-29 421888] "iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2011-04-27 421160] . c:\users\Tom\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ scanadiskf51.dll [2009-7-13 585728] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-9-20 270336] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~2\AVG\AVG10\avgchsva.exe /sync\0c:\progra~2\AVG\AVG10\avgrsa.exe /sync /restart . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . R3 connctfy;Connectify Service;c:\windows\system32\DRIVERS\connctfy.sys [x] R3 connctfyMP;connctfyMP;c:\windows\system32\DRIVERS\connctfy.sys [x] R3 cpuz130;cpuz130;c:\users\Tom\AppData\Local\Temp\cpuz130\cpuz_x64.sys [x] R3 ENTECH64;ENTECH64;c:\windows\system32\DRIVERS\ENTECH64.sys [x] R3 MEMSWEEP2;MEMSWEEP2;c:\windows\system32\7AB0.tmp [x] R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys [2010-11-07 24176] R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe [x] S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV64.SYS [2010-02-17 14920] S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL64.SYS [2010-02-17 12360] S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE64.EXE [2011-05-04 128384] S2 Akamai;Akamai NetSession Interface;c:\windows\System32\svchost.exe [2009-07-14 27136] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-03-18 138576] S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2011-03-01 373640] S2 LMIInfo;LogMeIn Kernel Information Provider;c:\program files (x86)\LogMeIn\x64\RaInfo.sys [2008-08-11 15928] S2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2011-04-08 2218600] S2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2011-04-08 378472] S2 TeamViewer5;TeamViewer 5;c:\program files (x86)\TeamViewer\Version5\TeamViewer_Service.exe [2010-03-18 172328] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys [x] S3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys [x] . . [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper Akamai REG_MULTI_SZ Akamai hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc . . --------- x86-64 ----------- . . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal] @="{C5994560-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified] @="{C5994561-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict] @="{C5994562-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked] @="{C5994563-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly] @="{C5994564-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted] @="{C5994565-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded] @="{C5994566-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored] @="{C5994567-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned] @="{C5994568-53D9-4125-87C9-F193FC689CB2}" [HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}] 2010-03-21 13:55 99080 ----a-w- c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "LogMeIn GUI"="c:\program files (x86)\LogMeIn\x64\LogMeInSystray.exe" [2008-08-11 57928] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows] "LoadAppInit_DLLs"=0x1 . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm mLocal Page = c:\windows\SysWOW64\blank.htm uInternet Settings,ProxyOverride = *.local IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000 TCP: {B7D1AFFF-DC37-4B33-AF54-5EC824633B1A} = 208.67.222.222,208.67.220.220 FF - ProfilePath - c:\users\Tom\AppData\Roaming\Mozilla\Firefox\Profiles\j96tf79x.default\ FF - prefs.js: network.proxy.type - 0 . - - - - ORPHANS REMOVED - - - - . WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe . . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\MEMSWEEP2] "ImagePath"="\??\c:\windows\system32\7AB0.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil10e.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\LocalServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\FlashUtil10e.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{19114156-8E9A-4D4E-9EE9-17A0E48D3BBB}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Shockwave Flash Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus] @="0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID] @="ShockwaveFlash.ShockwaveFlash.10" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="ShockwaveFlash.ShockwaveFlash" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}] @Denied: (A 2) (Everyone) @="Macromedia Flash Factory Object" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx" "ThreadingModel"="Apartment" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID] @="FlashFactory.FlashFactory.1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32] @="c:\\Windows\\SysWow64\\Macromed\\Flash\\Flash10e.ocx, 1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib] @="{D27CDB6B-AE6D-11cf-96B8-444553540000}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version] @="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID] @="FlashFactory.FlashFactory" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}] @Denied: (A 2) (Everyone) @="IFlashBroker3" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{1D4C8A81-B7AC-460A-8C23-98713C41D6B3}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2011-05-17 07:46:55 ComboFix-quarantined-files.txt 2011-05-17 12:46 . Pre-Run: 271,495,516,160 bytes free Post-Run: 271,170,039,808 bytes free . - - End Of File - - 88B1FC61686D511F2258EFEBF9AD257E -100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C -100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C
  9. I have never heard of "Super shield", and after a Google search it doesn't seem like a very popular defense system. I'd probably uninstall it and get something more suitable such as AVG, ClamWin, Antivir etc. -T
  10. HJT Log: Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:46:58 AM, on 5/15/2011 Platform: Windows 7 (WinNT 6.00.3504) MSIE: Internet Explorer v8.00 (8.00.7600.16385) Boot mode: Normal Running processes: C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe C:\Users\Tom\Local Settings\Apps\F.lux\flux.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe C:\Program Files (x86)\AVG\AVG10\avgtray.exe C:\Program Files (x86)\iTunes\iTunesHelper.exe C:\Program Files (x86)\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSTE08.exe C:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe C:\Program Files (x86)\TrueCrypt\TrueCrypt.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Windows\SysWOW64\ctfmon.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\firefox.exe C:\Program Files (x86)\Mozilla Firefox 4.0 Beta 7\plugin-container.exe C:\Users\Tom\Hijack This\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG10\avgssie.dll O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office12\GR469A~1.DLL O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe O4 - HKLM\..\Run: [AVG_TRAY] C:\Program Files (x86)\AVG\AVG10\avgtray.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe" O4 - HKCU\..\Run: [Eraser] C:\Program Files\Eraser\Eraser.exe -hide O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files (x86)\OpenDNS Updater\OpenDNSUpdater.exe" /autostart O4 - HKCU\..\Run: [F.lux] "C:\Users\Tom\Local Settings\Apps\F.lux\flux.exe" /noshow O4 - HKCU\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - Startup: scanadiskf51.dll O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/betapit/PCPitStop.CAB O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} (get_atlcom Class) - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{B7D1AFFF-DC37-4B33-AF54-5EC824633B1A}: NameServer = 208.67.222.222,208.67.220.220 O18 - Protocol: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - C:\Program Files (x86)\AVG\AVG10\Toolbar\IEToolbar.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~1\Office12\GRA32A~1.DLL O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG10\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\Windows\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing) O23 - Service: AVG Security Toolbar Service - Unknown owner - C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe O23 - Service: AVGIDSAgent - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - C:\Program Files (x86)\AVG\AVG10\avgwdsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: LMIGuardianSvc - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe O23 - Service: LogMeIn Maintenance Service (LMIMaint) - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe O23 - Service: LogMeIn - LogMeIn, Inc. - C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe O23 - Service: MSCamSvc - Unknown owner - C:\Program Files\Microsoft LifeCam\MSCamS64.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing) O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Remote Procedure Call (RPC) Locator (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe O23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\Version5\TeamViewer_Service.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 12495 bytes DDS Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_11-03-05.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 12/25/2009 11:52:18 PM System Uptime: 5/11/2011 8:59:24 PM (76 hours ago) . Motherboard: Gigabyte Technology Co., Ltd. | | EP45-UD3P Processor: Intel® Core2 Duo CPU E7400 @ 2.80GHz | Socket 775 | 2800/266mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 298 GiB total, 253.091 GiB free. T: is FIXED (NTFS) - 932 GiB total, 556.616 GiB free. . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP139: 4/19/2011 12:27:34 AM - Scheduled Checkpoint RP140: 4/26/2011 5:31:20 PM - Device Driver Package Install: Connectify Network Service RP141: 5/4/2011 12:00:01 AM - Scheduled Checkpoint RP142: 5/11/2011 4:57:06 PM - Scheduled Checkpoint RP143: 5/12/2011 11:09:31 PM - Removed Futuremark SystemInfo RP144: 5/12/2011 11:14:25 PM - Removed TI Connect 1.6 . ==== Installed Programs ====================== . . µTorrent 1400 1400_Help 1400Trb Acrobat.com Adobe AIR Adobe Download Manager Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 9.3 Adobe Shockwave Player 11.5 Advertising Center AIO_CDB_ProductContext AIO_CDB_Software AIO_Scan Akamai NetSession Interface Aleks 3.14 Apple Application Support Apple Software Update AviSynth 2.5 BufferChm Copy Destinations DeviceDiscovery DocProc DolbyFiles Eraser F.lux Fax FrostWire 4.21.1 Garmin Communicator Plugin Garmin POI Loader Garmin USB Drivers Garmin WebUpdater GPBaseService2 GTK+ Runtime 2.14.7 rev a (remove only) HP Update HPPhotoGadget HPPhotoSmartDiscLabelContent1 HPPhotosmartEssential HPProductAssistant HPSSupply ImagXpress ImgBurn Java 6 Update 17 Java SE Development Kit 6 Update 17 JavaFX 1.2 SDK LogMeIn Malwarebytes' Anti-Malware MarketResearch Microsoft .NET Framework 1.1 Microsoft Corporation Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox 4.0.1 (x86 en-US) Nero ControlCenter Nero Installer neroxml Notepad++ NVIDIA PhysX NVIDIA Stereoscopic 3D Driver OpenDNS Updater 2.2.1 Picasa 3 Pidgin Process Lasso QuickTime RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer RealUpgrade 1.1 Scan Skype™ 5.3 SmartWebPrinting SolutionCenter Sophos Anti-Rootkit 1.5.4 Spybot - Search & Destroy Status System Requirements Lab TeamViewer 5 Toolbox TrayApp TrueCrypt UnloadSupport Visual C++ 8.0 Runtime Setup Package (x64) Visual Studio 2008 x64 Redistributables VLC media player 1.1.9 WebReg Winamp Winamp Detector Plug-in Windows Media Player Firefox Plugin Windows Movie Maker 2.6 WinSCP 4.3.2 . ==== Event Viewer Messages From Past Week ======== . 5/15/2011 12:32:28 AM, Error: Service Control Manager [7000] - The MEMSWEEP2 service failed to start due to the following error: This driver has been blocked from loading 5/15/2011 12:32:28 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\7AB0.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 5/15/2011 12:20:31 AM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 5/15/2011 12:20:28 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 3 time(s). 5/15/2011 12:20:28 AM, Error: Service Control Manager [7031] - The Akamai NetSession Interface service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 1000 milliseconds: Restart the service. 5/15/2011 12:19:32 AM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 2 time(s). 5/15/2011 12:08:25 AM, Error: Application Popup [1060] - \??\C:\Windows\system32\BF.tmp has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver. 5/14/2011 11:40:41 PM, Error: Microsoft-Windows-DNS-Client [1012] - There was an error while attempting to read the local hosts file. 5/14/2011 10:25:09 PM, Error: Service Control Manager [7034] - The hpqcxs08 service terminated unexpectedly. It has done this 1 time(s). 5/14/2011 10:25:09 PM, Error: Service Control Manager [7034] - The HP CUE DeviceDiscovery Service service terminated unexpectedly. It has done this 1 time(s). 5/11/2011 9:01:40 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom 5/11/2011 9:01:00 PM, Error: Service Control Manager [7000] - The MSCamSvc service failed to start due to the following error: The system cannot find the file specified. 5/11/2011 9:00:29 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Connectify service to connect. 5/11/2011 9:00:29 PM, Error: Service Control Manager [7000] - The Connectify service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 5/11/2011 8:47:16 PM, Error: Service Control Manager [7034] - The LMIGuardianSvc service terminated unexpectedly. It has done this 1 time(s). . ==== End Of File =========================== DDS AKS: Nothing was saved after scan since nothing was shown after scan.
  11. Everything has been taken care of. Thanks alot Juliet
  12. IE is just a joke. With Firefox coming out with it's ever so continuous nightly builds of version 3, it is the fastest and safest browser.
  13. I recently finished scanning with MalwareBytes, AVG, Spyobt and I removed Rogue AV 2009 as well as some other trojans from what those applications found. However, I do still find that Virus Doctor is present. I also find my mouse sometimes lags or moves slowly across the screen. Thanks for the help, ToM Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:12:18 AM, on 6/16/2009 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16850) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\McAfee\Common Framework\FrameworkService.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\PROGRA~1\AVG\AVG8\avgnsx.exe C:\Program Files\McAfee\Common Framework\UdaterUI.exe C:\WINDOWS\system32\igfxtray.exe C:\WINDOWS\system32\hkcmd.exe C:\WINDOWS\AGRSMMSG.exe C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe C:\Program Files\Analog Devices\SoundMAX\Smax4.exe C:\Program Files\McAfee\Common Framework\McTray.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe C:\Program Files\Logitech\QuickCam10\QuickCam10.exe C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\All Users\Application Data\ff05\VDoc84bc.exe C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe C:\Program Files\Common Files\Logishrd\LQCVFX\COCIManager.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Yoe\Desktop\trendmicro\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/defaul...rch/search.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://us.rd.yahoo.com/customize/ie/defaul...//www.yahoo.com R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll O3 - Toolbar: HP view - {B2847E28-5D7D-4DEB-8B67-05D28BCF79F5} - C:\Program Files\HP\Digital Imaging\bin\HPDTLK02.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll O4 - HKLM\..\Run: [iMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32 O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName O4 - HKLM\..\Run: [McAfeeUpdaterUI] "C:\Program Files\McAfee\Common Framework\UdaterUI.exe" /StartedFromRunKey O4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exe O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH) O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [YSearchProtection] "C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe" O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Virus Doctor] "C:\Documents and Settings\All Users\Application Data\ff05\VDoc84bc.exe" /s /d O4 - HKCU\..\Run: [search Protection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - HKCU\..\Run: [YSearchProtection] C:\Program Files\Yahoo!\Search Protection\SearchProtection.exe O4 - .DEFAULT User Startup: AutoTBar.exe (User 'Default user') O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing) O9 - Extra 'Tools' menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe O23 - Service: McAfee Framework Service (McAfeeFramework) - McAfee, Inc. - C:\Program Files\McAfee\Common Framework\FrameworkService.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- End of file - 8936 bytes
×
×
  • Create New...