Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Malware Bytes detects Malicious software


  • This topic is locked This topic is locked
2 replies to this topic

#1 FrkMstr20

FrkMstr20

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:56 AM

Posted 16 November 2009 - 01:08 AM

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 1:05:09 AM, on 11/16/2009
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v7.00 (7.00.6002.18005)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe
C:\Program Files (x86)\F-Secure\Common\FSM32.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Windows\SysWOW64\notepad.exe
C:\Windows\SysWOW64\notepad.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: SITEguard BHO - {1827766B-9F49-4854-8034-F6EE26FCB1EC} - C:\Program Files (x86)\Stopzilla!\Toolbar\SZSG.dll
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: LitmusBHO - {C6867EB7-8350-4856-877F-93CF8AE3DC9C} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (file missing)
O2 - BHO: STOPzilla Browser Helper Object - {E3215F20-3212-11D6-9F8B-00D0B743919D} - C:\Program Files (x86)\STOPzilla!\SZIEBHO.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O3 - Toolbar: Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files (x86)\F-Secure\NRS\iescript\baselitmus.dll (file missing)
O3 - Toolbar: STOPzilla - {98828DED-A591-462F-83BA-D2F62A68B8B8} - C:\Program Files (x86)\Stopzilla!\Toolbar\SZSG.dll
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [Anti Trojan Elite] "C:\Program Files (x86)\Anti Trojan Elite\TJEnder.exe" :NO
O4 - HKLM\..\Run: [a-squared] "C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe"
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files (x86)\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray
O4 - HKCU\..\Run: [Aim] "C:\Program Files (x86)\AIM\aim.exe" /d locale=en-US
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - HKCU\..\Run: [igndlm.exe] C:\Program Files (x86)\Download Manager\DLM.exe /windowsstart /startifwork
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CtxfiReg] CTXFIREG.exe /FAIL2 (User 'Default user')
O4 - Startup: Logitech . Product Registration.lnk = C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program Files (x86)\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Logitech SetPoint.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~2\MICROS~1\Office12\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~2\SPYBOT~1\SDHelper.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\is3\anti-spyware\is3lsp.dll
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) - https://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab
O16 - DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} (Battlefield Heroes Updater) - https://www.battlefieldheroes.com/static/up...er_4.0.27.0.cab
O16 - DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} (F-Secure Health Check 1.1) - http://support.f-secure.com/enu/home/onlin.../fshc/fscax.cab
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files (x86)\SUPERAntiSpyware\SASWINLO.dll
O23 - Service: a-squared Anti-Malware Service (a2AntiMalware) - Emsi Software GmbH - C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: FSMA - F-Secure Corporation - C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
O23 - Service: F-Secure ORSP Client (FSORSPClient) - F-Secure Corporation - C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\GEST\GSvr.exe
O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc. - C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: STOPzilla Service (szserver) - iS3, Inc. - C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12702 bytes



UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT

DDS (Ver_09-10-26.01)

Microsoft® Windows Vista™ Home Premium
Boot Device: \Device\HarddiskVolume1
Install Date: 9/29/2009 6:43:48 PM
System Uptime: 11/15/2009 10:04:25 PM (3 hours ago)

Motherboard: Gigabyte Technology Co., Ltd. | | X48-DS4
Processor: Intel® Core™2 Quad CPU Q6600 @ 2.40GHz | Socket 775 | 2400/266mhz

==== Disk Partitions =========================

A: is Removable
C: is FIXED (NTFS) - 279 GiB total, 101.584 GiB free.
D: is CDROM (UDF)
E: is CDROM ()
F: is FIXED (FAT32) - 466 GiB total, 320.471 GiB free.

==== Disabled Device Manager Items =============

==== System Restore Points ===================

RP155: 11/11/2009 9:33:12 AM - Windows Update
RP157: 11/12/2009 9:46:21 AM - Windows Update
RP159: 11/13/2009 6:29:23 PM - Windows Update
RP161: 11/15/2009 5:39:20 PM - Scheduled Checkpoint
RP163: 11/15/2009 9:07:17 PM - Installed STOPzilla. Available with Windows Installer version 1.2 and later.
RP165: 11/15/2009 10:11:38 PM - StopZILLA! Restore Point.
RP167: 11/15/2009 10:40:54 PM - Removed iS3 STOPzilla Toolbar

==== Installed Programs ======================

a-squared Anti-Malware 4.5
Adobe AIR
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.2
AIM 7
Battlefield Heroes
BitTorrent
Borderlands
Call of Duty® - World at War™ 1.6 Patch
Call of Duty: Modern Warfare 2
Call of Duty: Modern Warfare 2 - Multiplayer
CCScore
Creative Audio Control Panel
Creative Software AutoUpdate
Creative Sound Blaster Properties x64 Edition
Download Manager 2.3.9
Download Updater (AOL LLC)
Dynamic Energy Saver 1.0 B8.0128.1
erLT
ESSCDBK
ESScore
ESSgui
ESSini
ESSPCD
ESSSONIC
ESSTOOLS
essvatgt
F-Secure Internet Security 2010
F-Secure PSC Prerequisites
Heroes of Newerth
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
iS3 STOPzilla Toolbar
kgcbaby
kgcbase
kgchday
kgchlwn
kgcinvt
kgckids
kgcmove
kgcvday
Kodak EasyShare software
KSU
League of Legends
Left 4 Dead 2 Demo
Logitech SetPoint
LogMeIn Hamachi
Malwarebytes' Anti-Malware
Microsoft Games for Windows - LIVE
Microsoft Games for Windows - LIVE Redistributable
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Access MUI (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (English) 2007
Microsoft Office Groove MUI (English) 2007
Microsoft Office Groove Setup Metadata MUI (English) 2007
Microsoft Office InfoPath MUI (English) 2007
Microsoft Office Live Add-in 1.4
Microsoft Office OneNote MUI (English) 2007
Microsoft Office Outlook MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Publisher MUI (English) 2007
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft VC9 runtime libraries
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Mozilla Firefox (3.5.4)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB954430)
netbrdg
Notifier
NVIDIA PhysX
OfotoXMI
OpenAL
PCDADDIN
PCDHELP
PokerStars
PowerISO
QuickTime
Realtek 8169, 8168, 8101E and 8102E Ethernet Network Card Driver for Windows Vista
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB973704)
Security Update for Microsoft Office Excel 2007 (KB973593)
Security Update for Microsoft Office Outlook 2007 (KB972363)
Security Update for Microsoft Office PowerPoint 2007 (KB957789)
Security Update for Microsoft Office Publisher 2007 (KB969693)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB969613)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
SFR
SHASTA
SKIN0001
SKINXSDK
Spybot - Search & Destroy
staticcr
STOPzilla
SUPERAntiSpyware Professional
tooltips
Torchlight
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office Access 2007 Help (KB963663)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office Infopath 2007 Help (KB963662)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Outlook 2007 Help (KB963677)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Publisher 2007 Help (KB963667)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 (KB974561)
Update for Microsoft Office Word 2007 Help (KB963665)
Update for Outlook 2007 Junk Email Filter (kb975960)
VLC media player 1.0.2
VPRINTOL
WIRELESS
World of Warcraft
Xfire (remove only)

==== Event Viewer Messages From Past Week ========

11/15/2009 9:12:05 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: papycpu2 papyjoy SASDIFSV SASKUTIL
11/15/2009 4:49:28 PM, Error: F-Secure Gatekeeper [1] -
11/15/2009 10:11:40 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
11/15/2009 10:11:40 PM, Error: Service Control Manager [7000] - The Windows Search service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
11/15/2009 10:11:40 PM, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
11/15/2009 10:05:51 PM, Error: Service Control Manager [7000] - The SASENUM service failed to start due to the following error: This driver has been blocked from loading
11/15/2009 10:05:50 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASENUM.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/15/2009 10:05:29 PM, Error: Service Control Manager [7000] - The SASKUTIL service failed to start due to the following error: This driver has been blocked from loading
11/15/2009 10:05:29 PM, Error: Service Control Manager [7000] - The SASDIFSV service failed to start due to the following error: This driver has been blocked from loading
11/15/2009 10:05:29 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASKUTIL.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/15/2009 10:05:29 PM, Error: Application Popup [1060] - \??\C:\Program Files (x86)\SUPERAntiSpyware\SASDIFSV.SYS has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/15/2009 10:05:13 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: is3srv papycpu2 papyjoy SASDIFSV SASKUTIL
11/15/2009 10:04:39 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\papyjoy.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/15/2009 10:04:39 PM, Error: Application Popup [1060] - \SystemRoot\SysWow64\DRIVERS\papycpu2.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
11/13/2009 6:55:08 PM, Error: Service Control Manager [7031] - The a-squared Anti-Malware Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-tw-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-hk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-zh-cn-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-uk-ua-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-tr-tr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-th-th-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sv-se-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sr-latn-cs-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sl-si-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-sk-sk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ru-ru-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ro-ro-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-pt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pt-br-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ps-ps-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-pl-pl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nl-nl-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-Neutral from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-nb-no-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lv-lv-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-lt-lt-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ko-kr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ja-jp-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-it-it-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hu-hu-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-hr-hr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-he-il-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fr-fr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-fi-fi-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-et-ee-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-es-es-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP from package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP(Feature Pack) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-en-us-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-el-gr-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-de-de-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-da-dk-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-cs-cz-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-bg-bg-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update WUClient-SelfUpdate-Aux-ar-sa-LP-Toplevel from package KBWUClient-SelfUpdate-Aux(Feature Pack) into Absent(Absent) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxResourcesLP from package WindowsUpdateClient-SelfUpdate-Aux-Package(Language Pack) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update AuxComp from package WindowsUpdateClient-SelfUpdate-Aux-Package(Update) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux32 from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux32 from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US(Language Pack) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4385] - Windows Servicing failed to complete the process of changing update Aux from package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package(Update) into Staged(Staged) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WUClient-SelfUpdate-Aux-Package-en-us-MiniLP (Feature Pack) into Install Requested(Install Requested) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Update) into Install Requested(Install Requested) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-Package (Language Pack) into Install Requested(Install Requested) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package_en-US (Language Pack) into Install Requested(Install Requested) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package WindowsUpdateClient-SelfUpdate-Aux-AuxComp-Package (Update) into Install Requested(Install Requested) state
11/13/2009 6:30:57 PM, Error: Microsoft-Windows-Servicing [4375] - Windows Servicing failed to complete the process of setting package KBWUClient-SelfUpdate-Aux (Feature Pack) into Install Requested(Install Requested) state
11/12/2009 11:57:11 PM, Error: Service Control Manager [7016] - The NVIDIA Display Driver Service service has reported an invalid current state 32.

==== End Of File ===========================


============== Running Processes ===============

C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files (x86)\Common Files\iS3\Anti-Spyware\SZServer.exe
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\WUDFHost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\a-squared Anti-Malware\a2service.exe
C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE
C:\Program Files (x86)\F-Secure\Anti-Virus\FSGK32.EXE
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Program Files (x86)\F-Secure\Common\FSHDLL32.EXE
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe
C:\Program Files (x86)\F-Secure\Common\FSHDLL64.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\STOPzilla!\STOPzilla.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\Program Files (x86)\AIM\aim.exe
C:\Program Files (x86)\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Logitech\SetPoint\SetPoint.exe
C:\Windows\SysWOW64\Ctxfihlp.exe
C:\Program Files (x86)\a-squared Anti-Malware\a2guard.exe
C:\Program Files (x86)\F-Secure\Common\FSM32.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Windows\SysWOW64\CTXFISPI.EXE
C:\Program Files\Logitech\GamePanel Software\Applets\LCDClock.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDCountdown.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\F-Secure\Spam Control\fsscoepl_x64.exe
C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
C:\Program Files (x86)\Windows Media Player\wmplayer.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDMedia.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDPop3.exe
C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe
C:\Program Files\Logitech\GamePanel Software\Applets\LCDRSS.exe
C:\Program Files\Common Files\Logishrd\KHAL2\KHALMNPR.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Steam\steam.exe
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Windows\explorer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Program Files (x86)\World of Warcraft\WoW.exe
C:\Games\dds.scr
C:\Windows\system32\wbem\wmiprvse.exe

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.yahoo.com/
mURLSearchHooks: SrchHook Class: {d3f669eb-57ce-4f45-8fbd-e245cbb46366} - c:\program files (x86)\stopzilla!\toolbar\SZIESearchHook.dll
BHO: ZILLAbar Browser Helper Object: {1827766b-9f49-4854-8034-f6ee26fcb1ec} - c:\program files (x86)\stopzilla!\toolbar\SZSG.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files (x86)\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~2\spybot~1\SDHelper.dll
BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Browsing Protection Class: {c6867eb7-8350-4856-877f-93cf8ae3dc9c} - c:\program files (x86)\f-secure\nrs\iescript\baselitmus.dll
BHO: STOPzilla Browser Helper Object: {e3215f20-3212-11d6-9f8b-00d0b743919d} - c:\program files (x86)\stopzilla!\SZIEBHO.dll
TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
TB: Browsing Protection Toolbar: {265eee8e-3228-44d3-aea5-f7fdf5860049} - c:\program files (x86)\f-secure\nrs\iescript\baselitmus.dll
TB: STOPzilla: {98828ded-a591-462f-83ba-d2f62a68b8b8} - c:\program files (x86)\stopzilla!\toolbar\SZSG.dll
TB: {A057A204-BACC-4D26-8398-26FADCF27386} - No File
TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File
uRun: [Aim] "c:\program files (x86)\aim\aim.exe" /d locale=en-US
uRun: [SUPERAntiSpyware] c:\program files (x86)\superantispyware\SUPERAntiSpyware.exe
uRun: [igndlm.exe] c:\program files (x86)\download manager\DLM.exe /windowsstart /startifwork
uRun: [SpybotSD TeaTimer] c:\program files (x86)\spybot - search & destroy\TeaTimer.exe
uRun: [WMPNSCFG] c:\program files (x86)\windows media player\WMPNSCFG.exe
mRun: [CTxfiHlp] CTXFIHLP.EXE
mRun: [QuickTime Task] "c:\program files (x86)\quicktime\qttask.exe" -atboottime
mRun: [GrooveMonitor] "c:\program files (x86)\microsoft office\office12\GrooveMonitor.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files (x86)\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files (x86)\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Anti Trojan Elite] "c:\program files (x86)\anti trojan elite\TJEnder.exe" :NO
mRun: [a-squared] "c:\program files (x86)\a-squared anti-malware\a2guard.exe"
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files (x86)\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [F-Secure Manager] "c:\program files (x86)\f-secure\common\FSM32.EXE" /splash
mRun: [F-Secure TNB] "c:\program files (x86)\f-secure\fsgui\TNBUtil.exe" /CHECKALL /WAITFORSW
mRun: [Malwarebytes' Anti-Malware] "c:\program files (x86)\malwarebytes' anti-malware\mbamgui.exe" /starttray
dRun: [CtxfiReg] CTXFIREG.exe /FAIL2
StartupFolder: c:\users\roule\appdata\roaming\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files (x86)\common files\logishrd\ereg\setpoint\eReg.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\kodake~1.lnk - c:\program files (x86)\kodak\kodak easyshare software\bin\EasyShare.exe
StartupFolder: c:\progra~3\micros~1\windows\startm~1\programs\startup\logite~1.lnk - c:\program files\logitech\setpoint\SetPoint.exe
mPolicies-explorer: NoActiveDesktop = 1 (0x1)
mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0)
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableLUA = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: E&xport to Microsoft Excel - c:\progra~2\micros~1\office12\EXCEL.EXE/3000
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - c:\program files (x86)\pokerstars\PokerStarsUpdate.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~2\micros~1\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~2\micros~1\office12\REFIEBAR.DLL
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\progra~2\spybot~1\SDHelper.dll
LSP: c:\program files (x86)\common files\is3\anti-spyware\iS3lsp.dll
LSP: c:\program files (x86)\f-secure\fsps\program\FSLSP.DLL
DPF: {49232000-16E4-426C-A231-62846947304B} - hxxps://wimpro.cce.hp.com/ChatEntry/downloads/sysinfo.cab
DPF: {784797A8-342D-4072-9486-03C8D0F2F0A1} - hxxps://www.battlefieldheroes.com/static/updater/BFHUpdater_4.0.27.0.cab
DPF: {B9F79165-A264-4C4A-A211-133A5E8D647F} - hxxp://support.f-secure.com/enu/home/onlineservices/fshc/fscax.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files (x86)\microsoft office\office12\GrooveSystemServices.dll
Notify: !SASWinLogon - c:\program files (x86)\superantispyware\SASWINLO.dll
SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files (x86)\microsoft office\office12\GrooveShellExtensions.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files (x86)\superantispyware\SASSEH.DLL
BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
TB-X64: DAEMON Tools Toolbar: {32099AAC-C132-4136-9E9A-4E364A424E17} - c:\program files (x86)\daemon tools toolbar\DTToolbar64.dll
TB-X64: {A057A204-BACC-4D26-8398-26FADCF27386} - No File
TB-X64: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
mRun-x64: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
mRun-x64: [Launch LgDeviceAgent] "c:\program files\logitech\gamepanel software\LgDevAgt.exe"
mRun-x64: [Launch LCDMon] "c:\program files\logitech\gamepanel software\lcd manager\LCDMon.exe"
mRun-x64: [Launch LGDCore] "c:\program files\logitech\gamepanel software\g-series software\LGDCore.exe" /SHOWHIDE
mRun-x64: [Kernel and Hardware Abstraction Layer] KHALMNPR.EXE

================= FIREFOX ===================

FF - ProfilePath - c:\users\roule\appdata\roaming\mozilla\firefox\profiles\h5nrxsrn.default\
FF - plugin: c:\program files (x86)\download manager\npfpdlm.dll
FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll
FF - plugin: c:\program files (x86)\mozilla firefox\plugins\npPandoWebInst.dll
FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

---- FIREFOX POLICIES ----
c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

============= SERVICES / DRIVERS ===============

R1 F-Secure HIPS;F-Secure HIPS Driver;c:\program files (x86)\f-secure\hips\drivers\fshs.sys [2009-11-9 57920]
R1 FSES;F-Secure Email Scanning Driver;c:\windows\system32\drivers\fses.sys [2009-11-9 44480]
R1 FSFW;F-Secure Firewall Driver;c:\windows\system32\drivers\fsdfw.sys [2009-11-9 92160]
R1 fsvista;F-Secure Vista Support Driver;c:\program files (x86)\f-secure\anti-virus\minifilter\fsvista.sys [2009-11-9 14904]
R2 Hamachi2Svc;LogMeIn Hamachi 2.0 Tunneling Engine;c:\program files (x86)\logmein hamachi\hamachi-2.exe [2009-10-29 1767816]
R2 MBAMService;MBAMService;c:\program files (x86)\malwarebytes' anti-malware\mbamservice.exe [2009-11-3 269648]
R2 SBSDWSCService;SBSD Security Center Service;c:\program files (x86)\spybot - search & destroy\SDWinSec.exe [2009-9-30 1153368]
R2 wlidsvc;Windows Live ID Sign-in Assistant;c:\program files\common files\microsoft shared\windows live\WLIDSVC.EXE [2009-3-30 2297216]
R3 a2exec;a-squared OnExecution scan driver.;c:\program files (x86)\a-squared anti-malware\a2exec64.sys [2009-11-3 10608]
R3 CT20XUT.SYS;CT20XUT.SYS;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 202776]
R3 CTEXFIFX.SYS;CTEXFIFX.SYS;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1417240]
R3 CTHWIUT.SYS;CTHWIUT.SYS;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 94744]
R3 F-Secure Gatekeeper;F-Secure Gatekeeper;c:\program files (x86)\f-secure\anti-virus\minifilter\fsgk.sys [2009-11-9 151168]
R3 FSORSPClient;F-Secure ORSP Client;c:\program files (x86)\f-secure\orsp client\fsorsp.exe [2009-11-9 55928]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys [2009-7-14 22408]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2009-11-3 22104]
S1 SASDIFSV;SASDIFSV;c:\program files (x86)\superantispyware\sasdifsv.sys [2009-10-12 9968]
S1 SASKUTIL;SASKUTIL;c:\program files (x86)\superantispyware\SASKUTIL.SYS [2009-10-12 74480]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64;c:\windows\microsoft.net\framework64\v2.0.50727\mscorsvw.exe [2009-9-29 89920]
S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;c:\program files (x86)\common files\creative labs shared\service\CTAELicensing.exe [2009-9-29 79360]
S3 CT20XUT;CT20XUT;c:\windows\system32\drivers\CT20XUT.sys [2009-6-4 202776]
S3 CTEXFIFX;CTEXFIFX;c:\windows\system32\drivers\CTEXFIFX.sys [2009-6-4 1417240]
S3 CTHWIUT;CTHWIUT;c:\windows\system32\drivers\CTHWIUT.sys [2009-6-4 94744]
S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-1-20 27648]
S3 GEST Service;GEST Service for program management.;c:\program files (x86)\gigabyte\gest\GSvr.exe [2009-9-29 47624]
S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]
S3 PerfHost;Performance Counter DLL Host;c:\windows\syswow64\perfhost.exe [2008-1-20 19968]
S3 SASENUM;SASENUM;c:\program files (x86)\superantispyware\SASENUM.SYS [2009-10-12 7408]
S4 F-Secure Filter;F-Secure File System Filter;c:\program files (x86)\f-secure\anti-virus\win2k\fsfilter.sys [2009-11-9 39776]
S4 F-Secure Recognizer;F-Secure File System Recognizer;c:\program files (x86)\f-secure\anti-virus\win2k\fsrec.sys [2009-11-9 25184]

=============== Created Last 30 ================

2009-11-16 03:05:27 12224 ----a-w- c:\windows\system32\drivers\kgpcpy.cfg
2009-11-16 02:08:22 0 d-----w- c:\programdata\SITEguard
2009-11-16 02:07:33 0 d-----w- c:\program files (x86)\STOPzilla!
2009-11-16 02:07:32 0 d-----w- c:\program files (x86)\common files\iS3
2009-11-16 02:07:31 0 d-----w- c:\programdata\STOPzilla!
2009-11-13 23:30:10 2621440 ----a-w- c:\windows\system32\wucltux.dll
2009-11-13 23:29:53 87552 ----a-w- c:\windows\syswow64\wudriver.dll
2009-11-13 23:29:52 98816 ----a-w- c:\windows\system32\wudriver.dll
2009-11-13 23:29:52 575704 ----a-w- c:\windows\syswow64\wuapi.dll
2009-11-13 23:29:51 35552 ----a-w- c:\windows\syswow64\wups.dll
2009-11-13 23:29:31 36864 ----a-w- c:\windows\system32\wuapp.exe
2009-11-13 23:29:31 33792 ----a-w- c:\windows\syswow64\wuapp.exe
2009-11-13 23:29:31 185416 ----a-w- c:\windows\system32\wuwebv.dll
2009-11-13 23:29:31 171608 ----a-w- c:\windows\syswow64\wuwebv.dll
2009-11-11 21:23:45 0 d-----w- c:\program files (x86)\common files\PC Tools
2009-11-11 21:22:49 0 d---a-w- c:\programdata\TEMP
2009-11-11 14:33:03 441856 ----a-w- c:\windows\system32\WSDApi.dll
2009-11-11 14:33:03 355328 ----a-w- c:\windows\syswow64\WSDApi.dll
2009-11-11 14:32:58 2751488 ----a-w- c:\windows\system32\win32k.sys
2009-11-09 14:00:54 44480 ----a-w- c:\windows\system32\drivers\fses.sys
2009-11-09 14:00:51 92160 ----a-w- c:\windows\system32\drivers\fsdfw.sys
2009-11-09 13:59:22 0 d-----w- c:\program files (x86)\F-Secure
2009-11-09 06:34:55 0 d-----w- c:\programdata\fssg
2009-11-09 06:33:47 0 d-----w- c:\programdata\f-secure
2009-11-09 06:15:39 0 d-----w- c:\users\roule\Pavark
2009-11-06 03:27:00 0 d-----w- c:\users\roule\appdata\roaming\Acreon
2009-11-05 21:41:48 70992 ----a-w- c:\windows\syswow64\XAPOFX1_2.dll
2009-11-05 21:41:48 514384 ----a-w- c:\windows\syswow64\XAudio2_3.dll
2009-11-05 21:41:48 235856 ----a-w- c:\windows\syswow64\xactengine3_3.dll
2009-11-05 21:41:47 23376 ----a-w- c:\windows\syswow64\X3DAudio1_5.dll
2009-11-05 21:40:53 0 d-----w- c:\windows\syswow64\xlive
2009-11-05 21:40:52 0 d-----w- c:\program files (x86)\Microsoft Games for Windows - LIVE
2009-11-05 21:40:24 0 d-----w- c:\windows\11AE680750D24F5982B32C3E695E94C2.TMP
2009-11-05 21:13:08 0 d-----w- c:\programdata\WindowsSearch
2009-11-05 19:00:34 0 d-----w- c:\program files (x86)\Pando Networks
2009-11-05 02:35:49 0 d-----w- c:\programdata\Blizzard Entertainment
2009-11-04 22:41:11 0 d-----w- c:\programdata\Blizzard
2009-11-04 21:51:42 0 d-----w- c:\program files (x86)\World of Warcraft
2009-11-04 21:51:42 0 d-----w- c:\program files (x86)\common files\Blizzard Entertainment
2009-11-04 13:53:53 0 d-----w- c:\program files (x86)\LogMeIn Hamachi
2009-11-03 20:16:22 0 d-----w- c:\program files (x86)\bittorrent
2009-11-03 19:52:51 0 d-----w- c:\program files (x86)\a-squared Anti-Malware
2009-11-03 19:45:20 0 d-----w- c:\program files (x86)\ThreatFire
2009-11-03 18:18:53 0 d-----w- c:\users\roule\appdata\roaming\Malwarebytes
2009-11-03 18:18:40 22104 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-11-03 18:18:40 0 d-----w- c:\programdata\Malwarebytes
2009-11-03 18:18:40 0 d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware
2009-11-03 17:31:15 3599872 ----a-w- c:\windows\syswow64\mshtml.dll
2009-11-03 02:15:36 0 d-----w- c:\program files (x86)\2K Games
2009-11-02 04:56:59 411656 ----a-w- c:\windows\system32\xactengine2_10.dll
2009-11-02 04:31:48 0 d-----w- c:\program files (x86)\Borderlands
2009-10-28 14:09:05 0 d-----w- c:\users\roule\appdata\roaming\runic games
2009-10-28 14:07:21 0 d-----w- c:\program files (x86)\Runic Games
2009-10-28 14:04:36 0 d-----w- c:\programdata\DAEMON Tools Lite
2009-10-28 14:04:30 0 d-----w- c:\program files (x86)\DAEMON Tools Toolbar
2009-10-28 14:00:10 0 d-----w- c:\windows\syswow64\spool
2009-10-28 14:00:09 0 d-----w- c:\program files (x86)\Windows Portable Devices
2009-10-28 14:00:08 0 d-----w- c:\program files\Windows Portable Devices
2009-10-28 13:10:07 834544 ----a-w- c:\windows\system32\drivers\sptd.sys
2009-10-28 13:09:58 0 d-----w- c:\users\roule\appdata\roaming\DAEMON Tools Lite
2009-10-28 13:04:27 4096 ----a-w- c:\windows\syswow64\oleaccrc.dll
2009-10-28 13:04:27 4096 ----a-w- c:\windows\system32\oleaccrc.dll
2009-10-28 13:04:26 736256 ----a-w- c:\windows\system32\UIAutomationCore.dll
2009-10-28 13:04:26 555520 ----a-w- c:\windows\syswow64\UIAutomationCore.dll
2009-10-28 13:04:26 315904 ----a-w- c:\windows\system32\oleacc.dll
2009-10-28 13:04:26 234496 ----a-w- c:\windows\syswow64\oleacc.dll
2009-10-28 13:04:01 92672 ----a-w- c:\windows\syswow64\UIAnimation.dll
2009-10-28 13:04:01 3815424 ----a-w- c:\windows\system32\UIRibbon.dll
2009-10-28 13:04:01 1164800 ----a-w- c:\windows\syswow64\UIRibbonRes.dll
2009-10-28 13:04:01 1164800 ----a-w- c:\windows\system32\UIRibbonRes.dll
2009-10-28 13:04:01 103424 ----a-w- c:\windows\system32\UIAnimation.dll
2009-10-28 13:04:00 3023360 ----a-w- c:\windows\syswow64\UIRibbon.dll
2009-10-28 12:59:57 10626560 ----a-w- c:\windows\syswow64\wmp.dll
2009-10-28 12:59:56 372736 ----a-w- c:\windows\system32\unregmp2.exe
2009-10-28 12:59:56 310784 ----a-w- c:\windows\syswow64\unregmp2.exe
2009-10-28 12:59:51 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-10-28 12:59:51 8147456 ----a-w- c:\windows\syswow64\wmploc.DLL
2009-10-27 15:08:16 545424 ----a-r- c:\windows\syswow64\SZComp5.dll
2009-10-27 15:08:14 402064 ----a-r- c:\windows\syswow64\SZBase5.dll
2009-10-27 14:59:38 17408 ----a-r- c:\windows\syswow64\SZIO5.dll
2009-10-22 16:25:34 0 d-----w- c:\programdata\PopCap Games
2009-10-20 18:40:34 126976 ----a-r- c:\windows\syswow64\IS3HTUI5.dll
2009-10-20 18:40:24 393216 ----a-r- c:\windows\syswow64\IS3DBA5.dll
2009-10-20 18:38:16 385024 ----a-r- c:\windows\syswow64\IS3UI5.dll
2009-10-20 18:37:58 61440 ----a-r- c:\windows\syswow64\IS3Hks5.dll
2009-10-20 18:37:40 23040 ----a-r- c:\windows\syswow64\IS3XDat5.dll
2009-10-20 18:35:40 225280 ----a-r- c:\windows\syswow64\IS3Win325.dll
2009-10-20 18:35:18 94208 ----a-r- c:\windows\syswow64\IS3Inet5.dll
2009-10-20 18:35:04 90112 ----a-r- c:\windows\syswow64\IS3Svc5.dll
2009-10-20 18:31:52 729088 ----a-r- c:\windows\syswow64\IS3Base5.dll

==================== Find3M ====================

2009-11-16 03:05:39 52943 ----a-w- c:\programdata\nvModes.dat
2009-11-09 06:45:43 86016 ----a-w- c:\windows\inf\infstor.dat
2009-11-09 06:45:43 51200 ----a-w- c:\windows\inf\infpub.dat
2009-11-09 06:45:43 143360 ----a-w- c:\windows\inf\infstrng.dat
2009-11-05 06:09:39 20544 ----a-w- c:\windows\gdrv.sys
2009-11-03 01:42:06 226688 ------w- c:\windows\system32\MpSigStub.exe
2009-10-28 14:00:04 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-10-22 02:45:24 111928 ----a-w- c:\windows\syswow64\PnkBstrB.exe
2009-10-08 00:34:22 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSBW_01_00_00.Wdf
2009-10-08 00:34:18 0 ---ha-w- c:\windows\system32\drivers\Msft_User_lgSSQVGA_01_00_00.Wdf
2009-10-01 04:54:00 66872 ----a-w- c:\windows\syswow64\PnkBstrA.exe
2009-10-01 01:02:17 2537472 ----a-w- c:\windows\syswow64\wpdshext.dll
2009-10-01 01:02:05 30208 ----a-w- c:\windows\syswow64\WPDShextAutoplay.exe
2009-10-01 01:02:04 334848 ----a-w- c:\windows\syswow64\PortableDeviceApi.dll
2009-10-01 01:02:02 87552 ----a-w- c:\windows\syswow64\WPDShServiceObj.dll
2009-10-01 01:01:59 160256 ----a-w- c:\windows\syswow64\PortableDeviceTypes.dll
2009-10-01 01:01:56 60928 ----a-w- c:\windows\syswow64\PortableDeviceConnectApi.dll
2009-10-01 01:01:56 350208 ----a-w- c:\windows\syswow64\WPDSp.dll
2009-10-01 01:01:56 196608 ----a-w- c:\windows\syswow64\PortableDeviceWMDRM.dll
2009-10-01 01:01:56 100864 ----a-w- c:\windows\syswow64\PortableDeviceClassExtension.dll
2009-10-01 00:52:29 2727936 ----a-w- c:\windows\system32\wpdshext.dll
2009-10-01 00:52:10 453120 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-10-01 00:52:02 34816 ----a-w- c:\windows\system32\WPDShextAutoplay.exe
2009-10-01 00:51:59 110080 ----a-w- c:\windows\system32\WPDShServiceObj.dll
2009-10-01 00:51:56 37888 ----a-w- c:\windows\system32\BthMtpContextHandler.dll
2009-10-01 00:51:54 573440 ----a-w- c:\windows\system32\wpd_ci.dll
2009-10-01 00:51:50 433152 ----a-w- c:\windows\system32\WPDSp.dll
2009-10-01 00:51:46 218624 ----a-w- c:\windows\system32\PortableDeviceWMDRM.dll
2009-10-01 00:51:45 77824 ----a-w- c:\windows\system32\PortableDeviceConnectApi.dll
2009-10-01 00:51:45 113152 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-10-01 00:51:40 107008 ----a-w- c:\windows\system32\wpdbusenum.dll
2009-10-01 00:51:34 214528 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-09-30 07:06:18 466456 ----a-w- c:\windows\system32\wrap_oal.dll
2009-09-30 07:06:18 444952 ----a-w- c:\windows\syswow64\wrap_oal.dll
2009-09-30 07:06:18 121880 ----a-w- c:\windows\system32\OpenAL32.dll
2009-09-30 07:06:18 109080 ----a-w- c:\windows\syswow64\OpenAL32.dll
2009-09-30 04:14:26 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont
2009-09-30 01:39:17 525792 ----a-w- c:\windows\DIFxAPI.dll
2009-09-27 22:24:22 3778664 ----a-w- c:\windows\system32\nvcplui.exe
2009-09-27 22:23:00 4546152 ----a-w- c:\windows\system32\nvvitvs.dll
2009-09-27 22:23:00 3746920 ----a-w- c:\windows\system32\nvwss.dll
2009-09-27 22:23:00 289896 ----a-w- c:\windows\system32\nvmccss.dll
2009-09-27 22:23:00 1647720 ----a-w- c:\windows\system32\nvmobls.dll
2009-09-27 22:23:00 1646696 ----a-w- c:\windows\system32\nvsvs.dll
2009-09-27 22:22:00 991848 ----a-w- c:\windows\system32\nvsvc64.dll
2009-09-27 22:22:00 82536 ----a-w- c:\windows\system32\nvmctray.dll
2009-09-27 22:22:00 5426792 ----a-w- c:\windows\system32\nvdisps.dll
2009-09-27 22:22:00 5208168 ----a-w- c:\windows\system32\nvgames.dll
2009-09-27 22:22:00 383592 ----a-w- c:\windows\system32\nvvsvc.exe
2009-09-27 22:22:00 16666728 ----a-w- c:\windows\system32\nvcpl.dll
2009-09-25 22:21:54 41872 ----a-w- c:\windows\syswow64\xfcodec.dll
2009-09-25 22:21:54 27536 ----a-w- c:\windows\system32\xfcodec64.dll
2009-09-25 02:27:43 1209856 ----a-w- c:\windows\system32\WindowsCodecs.dll
2009-09-25 02:10:10 974848 ----a-w- c:\windows\syswow64\WindowsCodecs.dll
2009-09-25 02:10:01 245248 ----a-w- c:\windows\system32\WindowsCodecsExt.dll
2009-09-25 02:09:10 411648 ----a-w- c:\windows\system32\PhotoMetadataHandler.dll
2009-09-25 02:07:08 189440 ----a-w- c:\windows\syswow64\WindowsCodecsExt.dll
2009-09-25 02:04:32 321024 ----a-w- c:\windows\syswow64\PhotoMetadataHandler.dll
2009-09-25 02:00:39 3068416 ----a-w- c:\windows\system32\xpsservices.dll
2009-09-25 01:56:42 643072 ----a-w- c:\windows\system32\XpsPrint.dll
2009-09-25 01:49:22 1554432 ----a-w- c:\windows\syswow64\xpsservices.dll
2009-09-25 01:48:08 351232 ----a-w- c:\windows\syswow64\XpsPrint.dll
2009-09-25 01:40:43 1461760 ----a-w- c:\windows\system32\OpcServices.dll
2009-09-25 01:40:07 470016 ----a-w- c:\windows\system32\XpsGdiConverter.dll
2009-09-25 01:39:09 231936 ----a-w- c:\windows\system32\XpsRasterService.dll
2009-09-25 01:38:29 847360 ----a-w- c:\windows\syswow64\OpcServices.dll
2009-09-25 01:36:16 262656 ----a-w- c:\windows\system32\dxdiagn.dll
2009-09-25 01:36:13 280064 ----a-w- c:\windows\syswow64\XpsGdiConverter.dll
2009-09-25 01:36:08 1548800 ----a-w- c:\windows\system32\d3d10warp.dll
2009-09-25 01:35:49 328192 ----a-w- c:\windows\system32\dxdiag.exe
2009-09-25 01:35:48 449024 ----a-w- c:\windows\system32\WMPhoto.dll
2009-09-25 01:35:31 135680 ----a-w- c:\windows\syswow64\XpsRasterService.dll
2009-09-25 01:34:58 1269248 ----a-w- c:\windows\system32\d3d10.dll
2009-09-25 01:33:48 792576 ----a-w- c:\windows\system32\d3d11.dll
2009-09-25 01:33:25 195584 ----a-w- c:\windows\syswow64\dxdiagn.dll
2009-09-25 01:33:15 829440 ----a-w- c:\windows\syswow64\d3d10warp.dll
2009-09-25 01:33:01 369664 ----a-w- c:\windows\syswow64\WMPhoto.dll
2009-09-25 01:32:59 252928 ----a-w- c:\windows\syswow64\dxdiag.exe
2009-09-25 01:32:22 566272 ----a-w- c:\windows\system32\d3d10level9.dll
2009-09-25 01:31:53 519680 ----a-w- c:\windows\syswow64\d3d11.dll
2009-09-25 01:31:53 196608 ----a-w- c:\windows\system32\d3d10_1.dll
2009-09-25 01:31:51 326656 ----a-w- c:\windows\system32\d3d10_1core.dll
2009-09-25 01:31:47 625664 ----a-w- c:\windows\system32\dxgi.dll
2009-09-25 01:31:41 287744 ----a-w- c:\windows\system32\d3d10core.dll
2009-09-25 01:31:36 981504 ----a-w- c:\windows\system32\d2d1.dll
2009-09-25 01:31:26 486912 ----a-w- c:\windows\syswow64\d3d10level9.dll
2009-09-25 01:31:21 161280 ----a-w- c:\windows\syswow64\d3d10_1.dll
2009-09-25 01:31:19 218112 ----a-w- c:\windows\syswow64\d3d10_1core.dll
2009-09-25 01:31:16 1030144 ----a-w- c:\windows\syswow64\d3d10.dll
2009-09-25 01:31:15 828928 ----a-w- c:\windows\syswow64\d2d1.dll
2009-09-25 01:30:23 481792 ----a-w- c:\windows\syswow64\dxgi.dll
2009-09-25 01:30:23 190464 ----a-w- c:\windows\syswow64\d3d10core.dll
2009-09-25 01:27:18 893440 ----a-w- c:\windows\system32\drivers\dxgkrnl.sys
2009-09-25 01:27:04 1064448 ----a-w- c:\windows\syswow64\DWrite.dll
2009-09-25 01:26:38 47616 ----a-w- c:\windows\system32\cdd.dll
2009-09-25 01:26:26 1548800 ----a-w- c:\windows\system32\DWrite.dll
2009-09-25 01:26:26 1142272 ----a-w- c:\windows\system32\FntCache.dll
2009-09-24 22:54:55 258048 ----a-w- c:\windows\syswow64\winspool.drv
2009-09-23 14:42:58 33856 ---ha-w- c:\windows\system32\hamachi.sys
2009-09-16 23:49:02 35840 ----a-w- c:\windows\system32\printfilterpipelineprxy.dll

============= FINISH: 1:01:23.80 ===============

BC AdBot (Login to Remove)

 


#2 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:56 AM

Posted 24 November 2009 - 04:41 PM

Hello and welcome to Bleeping Computer

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

If you have since resolved the original problem you were having, we would appreciate you letting us know. If not please perform the following steps below so we can have a look at the current condition of your machine.

Please include a clear description of the problems you're having, along with any steps you may have performed so far.

Please refrain from running tools or applying updates other than those we suggest while we are cleaning up your computer. The reason for this is so we know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.

Even if you have already provided information about your PC, we need a new log to see what has changed since you originally posted your problem.
  • Please download OTL from following mirror:
  • Save it to your desktop.
  • Double click on the Posted Image icon on your desktop.
  • Click the "Scan All Users" checkbox.
  • Push the Posted Image button.
  • Two reports will open, copy and paste them in a reply here:
    • OTL.txt <-- Will be opened
    • Extra.txt <-- Will be minimized
In the upper right hand corner of the topic you will see a button called Options. If you click on this in the drop-down menu you can choose Track this topic. I suggest you do this and select Immediate E-Mail notification and click on Proceed. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

After 5 days if a topic is not replied to we assume it has been abandoned and it is closed.

regards _temp_

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+


#3 myrti

myrti

    Sillyberry


  • Malware Study Hall Admin
  • 33,771 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:At home
  • Local time:09:56 AM

Posted 29 November 2009 - 03:36 PM

Due to lack of feedback, this topic is now Closed

If you need this topic reopened, please send me a PM.
Please include the address of this thread in your request.
This applies only to the original topic starter.

Everyone else please start a new topic.

With Regards,
myrti

is that a bird?  a plane? nooo it's the flying blueberry!

If I have been helping you and haven't replied in 2 days, feel free to shoot me a PM! Please don't send help request via PM, unless I am already helping you. Use the forums!

 

Follow BleepingComputer on: Facebook | Twitter | Google+





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users