Jump to content

jukieat

Members
 View Profile  See their activity

  • Posts

    1

  • Joined

  • Last visited

Reputation

0 Neutral
  1. jukieat
    Merged post We look for post with 0 replies, so when you reply to your own topic, we assume you were being helped. Hi, I'm afraid of being infected. My laptop's webcam was turned on suddenly. After that, I opened Yahoo Messenger and turn on and off my webcam manually. I think it is OK. But now I lose settings that started my VPN software with administrator rights. Without that, I'm not protected against secret surveillance. And I can't access to Intel Graphics Properties via right click on Intel Graphics tray icon. So I decide to put my HijackThis log here. I hope you guys can help me identify any threat in my laptop. Thanks. Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 12:05:53 AM, on 4/27/2012 Platform: Windows 7 SP1 (WinNT 6.00.3505) MSIE: Internet Explorer v9.00 (9.00.8112.16421) Boot mode: Normal Running processes: C:\Program Files (x86)\IDriveWindows\idwbg_501.exe C:\Program Files (x86)\IDriveWindows\idwmonitor.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Yahoo!\Messenger\ymsgr_tray.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=userinit.exe O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Babylon IE plugin - {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll O2 - BHO: link filter bho - {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O4 - HKLM\..\Run: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start O4 - HKLM\..\Run: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" O4 - HKLM\..\Run: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe O4 - HKLM\..\Run: [babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart O4 - HKLM\..\Run: [iDrive Background process] "C:\Program Files (x86)\IDriveWindows\idwbg_501.exe" O4 - HKLM\..\Run: [iDrive Monitor] "C:\Program Files (x86)\IDriveWindows\idwmonitor.exe" Min O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [GoTiengViet] "D:\Setup\Office\GoTiengViet1\GoTiengViet64.exe" /RunAtLogin O4 - HKCU\..\Run: [iDrive Background process] "C:\Program Files (x86)\IDriveWindows\idwbg_501.exe" O4 - HKCU\..\Run: [iDrive Monitor] "C:\Program Files (x86)\IDriveWindows\idwmonitor.exe" Min O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe O4 - HKUS\S-1-5-19\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun (User 'Default user') O4 - Global Startup: Bluetooth.lnk = ? O8 - Extra context menu item: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 O8 - Extra context menu item: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm O8 - Extra context menu item: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O8 - Extra context menu item: Translate this web page with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm O8 - Extra context menu item: Translate with Babylon - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll O9 - Extra button: &Virtual Keyboard - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm O9 - Extra button: URLs c&heck - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll O9 - Extra button: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O9 - Extra 'Tools' menuitem: Translate this web page with Babylon - {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O17 - HKLM\System\CCS\Services\Tcpip\..\{691760D7-40D1-4D8B-AAB5-FE5350CB9C29}: NameServer = 198.153.192.50,198.153.194.50 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe O23 - Service: Andrea ADI Filters Service (AEADIFilters) - Unknown owner - C:\Windows\system32\AEADISRV.EXE (file missing) O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: Kaspersky Anti-Virus Service (AVP) - Kaspersky Lab ZAO - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe O23 - Service: @%systemroot%\system32\CISVC.EXE,-1 (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing) O23 - Service: Com4QLBEx - Hewlett-Packard Development Company, L.P. - C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe O23 - Service: COMODO Dragon Update Service (DragonUpdater) - Unknown owner - C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: hpqwmiex - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe O23 - Service: HP Service (hpsrv) - Unknown owner - C:\Windows\system32\Hpservice.exe (file missing) O23 - Service: Intel® Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe O23 - Service: IDriveService - Unknown owner - C:\Program Files (x86)\IDriveWindows\idwservice_501.exe O23 - Service: IDWAdmin - Unknown owner - C:\Program Files (x86)\IDriveWindows\idwadminsrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NitroPDFReaderDriverCreatorReadSpool2 (NitroReaderDriverReadSpool2) - Nitro PDF Software - C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe O23 - Service: OpenVPN Service (OpenVPNService) - Unknown owner - C:\Program Files (x86)\OpenVPN\bin\openvpnserv.exe O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing) O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: tuEagles Service (tuEaglesService) - Unknown owner - C:\Program Files (x86)\tuEagles\eglsrv.exe O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: WinMagic SecureDoc Service - WinMagic Inc. - C:\Program Files\WinMagic\SecureDoc-NT\SDService.exe O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing) -- End of file - 14401 bytes Here is the DDS log. I am very appreciated that anyone here can help me . DDS (Ver_2011-08-26.01) - NTFSAMD64 Internet Explorer: 9.0.8112.16421 BrowserJavaVersion: 10.3.1 Run by Martin at 0:25:06 on 2012-04-27 Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.3996.914 [GMT 7:00] . AV: Kaspersky Internet Security *Enabled/Updated* {2EAA32A5-1EE1-1B22-95DA-337730C6E984} SP: Kaspersky Internet Security *Enabled/Updated* {95CBD341-38DB-14AC-AF6A-08054B41A339} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} FW: Kaspersky Internet Security *Enabled* {1691B380-548E-1A7A-BE85-9A42CE15AEFF} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Program Files (x86)\tuEagles\eglsrv.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Hpservice.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE C:\Windows\system32\AEADISRV.EXE C:\Program Files\LSI SoftModem\agr64svc.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe c:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Windows\system32\CISVC.EXE C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe C:\Program Files (x86)\IDriveWindows\idwservice_501.exe C:\Program Files (x86)\IDriveWindows\idwadminsrv.exe C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe C:\Program Files\WinMagic\SecureDoc-NT\SDService.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files (x86)\tuEagles\eaglesvr.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Program Files (x86)\tuEagles\EaglePrx.exe C:\Windows\system32\taskeng.exe C:\Program Files (x86)\BatteryCare\BatteryCare.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\WinMagic\SecureDoc-NT\SDPin.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe D:\Setup\Office\GoTiengViet1\GoTiengViet64.exe C:\Program Files (x86)\IDriveWindows\idwbg_501.exe C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE C:\Program Files (x86)\IDriveWindows\idw_web.exe C:\Windows\system32\conhost.exe C:\Program Files (x86)\IDriveWindows\idwmonitor.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Windows\System32\StikyNot.exe C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCtrl.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe C:\Windows\explorer.exe C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpqToaster.exe C:\Program Files (x86)\Hewlett-Packard\Shared\hpCaslNotification.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\x64\klwtblfs.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Windows\system32\DllHost.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Windows\SysWOW64\NOTEPAD.EXE C:\Program Files (x86)\Comodo\Dragon\dragon.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = hxxp://www.google.com/ie uDefault_Search_URL = hxxp://www.google.com/ie uStart Page = about:blank uInternet Settings,ProxyOverride = local uSearchAssistant = hxxp://www.google.com/ie uSearchURL,(Default) = hxxp://www.google.com/search?q=%s mWinlogon: Userinit=userinit.exe BHO: IEVkbdBHO Class: {59273ab4-e7d3-40f9-a1a8-6fa9cca1862c} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO: Babylon IE plugin: {9cfaccb6-2f3f-4177-94ea-0d2b72d384c1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll BHO: Office Document Cache Handler: {b4f3a835-0e21-4959-ba22-42b3008e02ff} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll BHO: FilterBHO Class: {e33cf602-d945-461a-83f0-819f76a199f8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll uRun: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe uRun: [Messenger (Yahoo!)] "C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe" -quiet uRun: [GoTiengViet] "D:\Setup\Office\GoTiengViet1\GoTiengViet64.exe" /RunAtLogin uRun: [iDrive Background process] "C:\Program Files (x86)\IDriveWindows\idwbg_501.exe" uRun: [iDrive Monitor] "C:\Program Files (x86)\IDriveWindows\idwmonitor.exe" Min uRun: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe mRun: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" mRun: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe mRun: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun: [babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart mRun: [iDrive Background process] "C:\Program Files (x86)\IDriveWindows\idwbg_501.exe" mRun: [iDrive Monitor] "C:\Program Files (x86)\IDriveWindows\idwmonitor.exe" Min dRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: Add to Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ie_banner_deny.htm IE: Add to Google Photos Screensa&ver - C:\Windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000 IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105 IE: Send image to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm IE: Send page to &Bluetooth Device... - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: Translate this web page with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: Translate with Babylon - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/Action.htm IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll IE: {4248FE82-7FCB-46AC-B270-339F08212110} - {4248FE82-7FCB-46AC-B270-339F08212110} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-0017-0000-0003-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.7.0/jinstall-1_7_0_03-windows-i586.cab TCP: DhcpNameServer = 208.67.222.123 208.67.220.123 TCP: Interfaces\{691760D7-40D1-4D8B-AAB5-FE5350CB9C29} : NameServer = 198.153.192.50,198.153.194.50 TCP: Interfaces\{691760D7-40D1-4D8B-AAB5-FE5350CB9C29} : DhcpNameServer = 208.67.222.123 208.67.220.123 TCP: Interfaces\{691760D7-40D1-4D8B-AAB5-FE5350CB9C29}\05564727F6C696D656870264C6F6F6270213 : NameServer = 198.153.192.50,198.153.194.50 TCP: Interfaces\{691760D7-40D1-4D8B-AAB5-FE5350CB9C29}\05564727F6C696D656870264C6F6F6270213 : DhcpNameServer = 10.59.254.1 10.0.0.203 10.0.0.201 TCP: Interfaces\{691760D7-40D1-4D8B-AAB5-FE5350CB9C29}\13038302855716E60244965657 : NameServer = 198.153.192.50,198.153.194.50 TCP: Interfaces\{691760D7-40D1-4D8B-AAB5-FE5350CB9C29}\13038302855716E60244965657 : DhcpNameServer = 192.168.0.1 TCP: Interfaces\{A8481C7C-56FC-4F49-B0D0-495788FD45EC} : DhcpNameServer = 204.152.204.10 204.152.204.100 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll SEH: N/A: {a5be62ca-de0f-4764-a0cb-4044816db174} - C:\PROGRA~2\tuEagles\EagleObj.dll BHO-X64: IEVkbdBHO Class: {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ievkbd.dll BHO-X64: IEVkbdBHO - No File BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll BHO-X64: Babylon IE plugin: {9CFACCB6-2F3F-4177-94EA-0D2B72D384C1} - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll BHO-X64: Babylon IE plugin - No File BHO-X64: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL BHO-X64: URLRedirectionBHO - No File BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\jp2ssv.dll BHO-X64: FilterBHO Class: {E33CF602-D945-461A-83F0-819F76A199F8} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\klwtbbho.dll BHO-X64: link filter bho - No File mRun-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRun-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" mRun-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRun-x64: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe mRun-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRun-x64: [babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart mRun-x64: [iDrive Background process] "C:\Program Files (x86)\IDriveWindows\idwbg_501.exe" mRun-x64: [iDrive Monitor] "C:\Program Files (x86)\IDriveWindows\idwmonitor.exe" Min mRunOnce-x64: [QlbCtrl.exe] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe /Start mRunOnce-x64: [AVP] "C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe" mRunOnce-x64: [bCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices mRunOnce-x64: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe mRunOnce-x64: [WirelessAssistant] C:\Program Files (x86)\Hewlett-Packard\HP Wireless Assistant\HPWAMain.exe mRunOnce-x64: [babylon Client] C:\Program Files (x86)\Babylon\Babylon-Pro\Babylon.exe -AutoStart mRunOnce-x64: [iDrive Background process] "C:\Program Files (x86)\IDriveWindows\idwbg_501.exe" mRunOnce-x64: [iDrive Monitor] "C:\Program Files (x86)\IDriveWindows\idwmonitor.exe" Min IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm IE-X64: {F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478} - res://C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\BabylonIEPI.dll/ActionTU.htm SEH-X64: : {A5BE62CA-DE0F-4764-A0CB-4044816DB174} - C:\PROGRA~2\tuEagles\EagleObj.dll . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\2im1zf05.default\ FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL FF - plugin: C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll FF - plugin: C:\Program Files (x86)\Java\jre7\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrlui.dll FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npdf.dll FF - plugin: C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll FF - plugin: C:\Program Files (x86)\Oracle\JavaFX 2.0 Runtime\bin\plugin2\npjp2.dll FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll FF - plugin: C:\Windows\system32\npdeployJava1.dll FF - plugin: C:\Windows\system32\npmproxy.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_233.dll . ============= SERVICES / DRIVERS =============== . R0 PinFile;PinFile;C:\Windows\system32\DRIVERS\PinFile.sys --> C:\Windows\system32\DRIVERS\PinFile.sys [?] R0 SDDisk2K;SDDisk2K;C:\Windows\system32\DRIVERS\SDDisk2K.sys --> C:\Windows\system32\DRIVERS\SDDisk2K.sys [?] R0 SDDToki;SDDToki;C:\Windows\system32\DRIVERS\SDDToki.sys --> C:\Windows\system32\DRIVERS\SDDToki.sys [?] R0 SDDVD;SDDVD;C:\Windows\system32\DRIVERS\SDDVD.sys --> C:\Windows\system32\DRIVERS\SDDVD.sys [?] R0 SDUPC;SDUPC;C:\Windows\system32\DRIVERS\SDUPC.sys --> C:\Windows\system32\DRIVERS\SDUPC.sys [?] R1 kl2;kl2;C:\Windows\system32\DRIVERS\kl2.sys --> C:\Windows\system32\DRIVERS\kl2.sys [?] R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:\Windows\system32\DRIVERS\klim6.sys --> C:\Windows\system32\DRIVERS\klim6.sys [?] R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-13 12368] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2011-8-12 140672] R2 AVP;Kaspersky Anti-Virus Service;C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [2011-4-24 202296] R2 DragonUpdater;COMODO Dragon Update Service;C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2012-4-13 409232] R2 hpsrv;HP Service;C:\Windows\system32\Hpservice.exe --> C:\Windows\system32\Hpservice.exe [?] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-3-30 13592] R2 IDriveService;IDriveService;C:\Program Files (x86)\IDriveWindows\idwservice_501.exe [2012-4-10 181728] R2 IDWAdmin;IDWAdmin;C:\Program Files (x86)\IDriveWindows\idwadminsrv.exe [2012-4-10 124384] R2 NitroReaderDriverReadSpool2;NitroPDFReaderDriverCreatorReadSpool2;C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [2012-3-25 204304] R3 ATSwpWDF;AuthenTec TruePrint USB WBF WDF Driver;C:\Windows\system32\Drivers\ATSwpWDF.sys --> C:\Windows\system32\Drivers\ATSwpWDF.sys [?] R3 Com4QLBEx;Com4QLBEx;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe [2012-3-29 227896] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?] R3 klmouflt;Kaspersky Lab KLMOUFLT;C:\Windows\system32\DRIVERS\klmouflt.sys --> C:\Windows\system32\DRIVERS\klmouflt.sys [?] R3 NETw5s64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows 7 - 64 Bit;C:\Windows\system32\DRIVERS\NETw5s64.sys --> C:\Windows\system32\DRIVERS\NETw5s64.sys [?] R3 osppsvc;Office Software Protection Platform;C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-1-9 4925184] R3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Program Files (x86)\BatteryCare\WinRing0x64.sys [2012-4-5 14544] R3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\system32\DRIVERS\yk62x64.sys --> C:\Windows\system32\DRIVERS\yk62x64.sys [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 egldrv;egldrv;C:\Program Files (x86)\tuEagles\egldrv.sys [2012-4-23 67480] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-3-29 253088] S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?] S3 cmnsusbser;Mobile Connector USB Device for Legacy Serial Communication LCT2053s;C:\Windows\system32\DRIVERS\cmnsusbser.sys --> C:\Windows\system32\DRIVERS\cmnsusbser.sys [?] S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?] S3 netw5v64;Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\system32\DRIVERS\netw5v64.sys --> C:\Windows\system32\DRIVERS\netw5v64.sys [?] S3 tapoas;TAP-Win32 Adapter OAS;C:\Windows\system32\DRIVERS\tapoas.sys --> C:\Windows\system32\DRIVERS\tapoas.sys [?] S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?] . =============== Created Last 30 ================ . 2012-04-26 17:00:29 388096 ----a-r- C:\Users\Martin\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2012-04-26 17:00:29 -------- d-----w- C:\Program Files (x86)\Trend Micro 2012-04-26 06:12:43 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63951FE7-97A2-48F4-B710-8D85909728AD}\offreg.dll 2012-04-25 16:43:21 -------- d-----w- C:\Windows\System32\appmgmt 2012-04-25 02:25:39 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{63951FE7-97A2-48F4-B710-8D85909728AD}\mpengine.dll 2012-04-23 05:52:03 122760 ----a-w- C:\Windows\NFCHS.exe 2012-04-23 05:51:55 -------- d-sh--r- C:\Program Files (x86)\tuEagles 2012-04-21 16:56:39 -------- d-----w- C:\Users\Martin\AppData\Roaming\TeamViewer 2012-04-18 03:20:56 -------- d-----w- C:\Program Files (x86)\uTorrent 2012-04-16 16:45:24 -------- d-----w- C:\IBWINTEMP 2012-04-16 14:41:21 -------- d-----w- C:\IBCOMMON 2012-04-16 12:43:22 -------- d-----w- C:\Program Files\COMODO 2012-04-15 01:50:41 8741536 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-04-11 01:03:32 5559152 ----a-w- C:\Windows\System32\ntoskrnl.exe 2012-04-11 01:03:29 3968368 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe 2012-04-11 01:03:28 3913072 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe 2012-04-11 00:59:27 81408 ----a-w- C:\Windows\System32\imagehlp.dll 2012-04-11 00:59:27 23408 ----a-w- C:\Windows\System32\drivers\fs_rec.sys 2012-04-11 00:59:27 159232 ----a-w- C:\Windows\SysWow64\imagehlp.dll 2012-04-11 00:59:24 5120 ----a-w- C:\Windows\SysWow64\wmi.dll 2012-04-11 00:59:24 5120 ----a-w- C:\Windows\System32\wmi.dll 2012-04-11 00:59:24 220672 ----a-w- C:\Windows\System32\wintrust.dll 2012-04-11 00:59:24 172544 ----a-w- C:\Windows\SysWow64\wintrust.dll 2012-04-10 05:55:39 -------- d-----w- C:\IDrive 2012-04-10 05:15:30 -------- d-----w- C:\Program Files (x86)\cygdrive 2012-04-10 05:14:50 -------- d-----w- C:\Windows\SysWow64\IBCOMMON 2012-04-10 05:14:10 -------- d-----w- C:\Users\Martin\AppData\Local\IDrive 2012-04-10 05:13:02 644400 ----a-w- C:\Windows\SysWow64\MSCOMCT2.OCX 2012-04-10 05:13:02 533776 ----a-w- C:\Windows\SysWow64\msxml.dll 2012-04-10 05:13:02 24064 ----a-w- C:\Windows\SysWow64\msxml3a.dll 2012-04-10 05:13:02 140288 ----a-w- C:\Windows\SysWow64\COMDLG32.OCX 2012-04-10 05:13:02 108336 ----a-w- C:\Windows\SysWow64\MSWINSCK.OCX 2012-04-10 05:13:01 94208 ----a-w- C:\Windows\SysWow64\IBColIml.ocx 2012-04-10 05:13:01 40960 ----a-w- C:\Windows\SysWow64\IBSSubTmr.dll 2012-04-10 05:13:01 103184 ----a-w- C:\Windows\SysWow64\asctrls.ocx 2012-04-10 05:13:01 -------- d-----w- C:\Program Files (x86)\IDriveWindows 2012-04-09 17:24:47 -------- d-----w- C:\Users\Martin\AppData\Roaming\ElephantDrive 2012-04-09 16:56:18 -------- d-----w- C:\Users\Martin\AppData\Roaming\Wuala 2012-04-09 16:55:45 -------- d-----w- C:\Users\Martin\AppData\Local\Wuala 2012-04-07 12:54:38 -------- d-----w- C:\Users\Martin\AppData\Roaming\Synaptics 2012-04-07 08:37:41 -------- d-----w- C:\VideoOutput 2012-04-07 07:34:47 -------- d-----w- C:\ProgramData\PDFC 2012-04-07 06:52:11 -------- d-----w- C:\Users\Martin\AppData\Local\PDFC 2012-04-07 05:03:59 -------- d-----w- C:\ProgramData\Synaptics 2012-04-07 05:03:29 274728 ----a-w- C:\Windows\System32\SynCtrl.dll 2012-04-07 05:03:29 225576 ----a-w- C:\Windows\System32\SynTPAPI.dll 2012-04-07 05:03:29 218408 ----a-w- C:\Windows\SysWow64\SynCtrl.dll 2012-04-07 05:03:29 173352 ----a-w- C:\Windows\SysWow64\SynCOM.dll 2012-04-07 05:03:29 148264 ----a-w- C:\Windows\System32\SynTPCo9.dll 2012-04-07 05:03:28 66856 ----a-w- C:\Windows\SysWow64\SynTPEnhPS.dll 2012-04-07 05:03:28 107816 ----a-w- C:\Windows\SysWow64\SynTPCOM.dll 2012-04-07 05:03:27 1424944 ----a-w- C:\Windows\System32\drivers\SynTP.sys 2012-04-06 12:14:47 -------- d-----w- C:\Program Files\WinMagic 2012-04-05 01:46:30 -------- d-----w- C:\Users\Martin\AppData\Roaming\BatteryCare 2012-04-05 01:45:56 -------- d-----w- C:\Program Files (x86)\BatteryCare 2012-04-04 02:07:23 -------- d-----w- C:\Users\Martin\AppData\Roaming\uTorrent 2012-04-03 08:00:47 -------- d-----w- C:\Users\Martin\AppData\Roaming\.purple 2012-04-02 17:58:01 -------- d-----w- C:\Program Files (x86)\pidgin-otr 2012-04-02 17:53:33 -------- d-----w- C:\Program Files (x86)\Pidgin 2012-03-31 14:21:53 -------- d-----w- C:\Program Files (x86)\Garena Classic 2012-03-31 03:26:10 -------- d-----w- C:\Users\Martin\AppData\Local\Comodo 2012-03-31 03:26:00 -------- d-----w- C:\Program Files (x86)\Comodo 2012-03-31 03:25:34 1700352 ----a-w- C:\Windows\SysWow64\gdiplus.dll 2012-03-31 03:25:34 1060864 ----a-w- C:\Windows\SysWow64\mfc71.dll 2012-03-30 18:01:19 -------- d-----w- C:\ProgramData\TrueCrypt 2012-03-30 17:20:25 231376 ----a-w- C:\Windows\System32\drivers\truecrypt.sys 2012-03-30 16:51:51 -------- d-----w- C:\Windows\pss 2012-03-30 13:21:16 -------- d-----w- C:\Users\Martin\AppData\Local\Apps 2012-03-30 12:46:09 -------- d-----w- C:\Program Files (x86)\Oracle 2012-03-30 12:45:27 637848 ----a-w- C:\Windows\SysWow64\npdeployJava1.dll 2012-03-30 11:27:41 -------- d-----w- C:\Program Files (x86)\NextUp-ScanSoft 2012-03-30 11:24:37 -------- d-----w- C:\Program Files (x86)\NeoSpeech 2012-03-30 11:11:40 -------- d-----w- C:\Users\Martin\AppData\Local\Babylon 2012-03-30 11:11:30 142336 ----a-w- C:\Program Files (x86)\Mozilla Firefox\BabyFox.dll 2012-03-30 11:11:23 -------- d-----w- C:\Program Files (x86)\Babylon 2012-03-30 11:11:08 -------- d-----w- C:\Users\Martin\AppData\Roaming\Babylon 2012-03-30 11:11:08 -------- d-----w- C:\ProgramData\Babylon 2012-03-30 11:08:36 -------- d-----w- C:\Users\Martin\AppData\Local\{BC3D31C5-181C-4856-A140-6E2A58C46ADF} 2012-03-30 11:07:50 -------- d-----w- C:\Program Files (x86)\Mobipocket.com 2012-03-30 10:01:08 -------- d-----w- C:\Users\Martin\AppData\Roaming\JonDo 2012-03-30 09:52:44 567696 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2012-03-30 09:49:37 -------- d-----w- C:\Program Files (x86)\JonDo 2012-03-30 09:14:54 -------- d-----w- C:\Program Files (x86)\OpenVPN 2012-03-30 09:10:04 -------- d-----w- C:\Program Files (x86)\OpenVPN Technologies 2012-03-30 04:16:16 117888 ----a-w- C:\Windows\System32\drivers\cmnsusbser.sys 2012-03-30 04:15:16 -------- d-----w- C:\Program Files (x86)\HSPA MODEM 2012-03-30 04:13:42 65024 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ISBEW64.exe 2012-03-30 04:13:41 32768 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\Objectps.dll 2012-03-30 04:13:40 69715 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\ctor.dll 2012-03-30 04:13:40 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll 2012-03-30 04:13:40 204800 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll 2012-03-30 04:13:38 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\DotNetInstaller.exe 2012-03-30 04:13:37 757760 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iKernel.dll 2012-03-30 04:13:15 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iGdi.dll 2012-03-30 04:13:05 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\setup.dll 2012-03-30 03:30:22 41136 ----a-w- C:\Windows\System32\drivers\sncduvc.sys 2012-03-30 03:30:22 312368 ----a-w- C:\Windows\System32\csnp2uvc.dll 2012-03-30 03:30:22 27184 ----a-w- C:\Windows\snuvcdsm.exe 2012-03-30 03:30:22 186928 ----a-w- C:\Windows\SysWow64\rsnp2uvc.dll 2012-03-30 03:30:22 1848496 ----a-w- C:\Windows\System32\drivers\snp2uvc.sys 2012-03-30 03:30:22 183856 ----a-w- C:\Windows\System32\rsnp2uvc.dll 2012-03-30 03:30:21 -------- d-----w- C:\Program Files (x86)\Common Files\SNP2UVC 2012-03-30 03:27:42 -------- d-----w- C:\Users\Martin\AppData\Local\Broadcom 2012-03-30 03:26:46 -------- d-----w- C:\Program Files (x86)\HP Webcam Application 2012-03-30 03:26:37 61440 ------w- C:\Windows\SysWow64\agrsmdel.exe 2012-03-30 03:26:37 14848 ------w- C:\Windows\SysWow64\agrsco64.dll 2012-03-30 03:26:37 13824 ------w- C:\Windows\SysWow64\agrscoin.dll 2012-03-30 03:26:28 -------- d-----w- C:\Program Files\LSI SoftModem 2012-03-30 03:25:16 -------- d-----w- C:\Windows\Options 2012-03-30 03:25:04 98344 ----a-w- C:\Windows\System32\drivers\btwaudio.sys 2012-03-30 03:25:04 35104 ----a-w- C:\Windows\System32\drivers\btwl2cap.sys 2012-03-30 03:25:04 21160 ----a-w- C:\Windows\System32\drivers\btwrchid.sys 2012-03-30 03:25:04 132648 ----a-w- C:\Windows\System32\drivers\btwavdt.sys 2012-03-30 03:22:59 -------- d-----w- C:\Program Files (x86)\Marvell 2012-03-30 03:22:24 -------- d-----w- C:\Program Files\WIDCOMM 2012-03-30 03:20:44 -------- d-----w- C:\system.sav 2012-03-30 03:19:34 -------- d-----w- C:\Program Files (x86)\Common Files\Intel Corporation 2012-03-30 03:19:07 -------- d-----w- C:\Users\Martin\AppData\Roaming\Intel Corporation 2012-03-30 03:01:14 559384 ----a-w- C:\Windows\System32\drivers\iaStor.sys 2012-03-30 02:59:01 -------- d-----w- C:\Program Files (x86)\SCM Microsystems 2012-03-30 02:58:24 -------- d-----w- C:\Windows\Downloaded Installations 2012-03-30 02:42:27 53248 ----a-w- C:\Windows\SysWow64\CSVer.dll 2012-03-30 00:12:04 -------- d-----w- C:\Windows\Panther 2012-03-30 00:11:49 -------- d-sh--w- C:\Boot 2012-03-29 14:24:43 -------- d-----w- C:\Users\Martin\AppData\Local\Apple Computer 2012-03-29 14:22:41 -------- dc----w- C:\Users\Martin\AppData\Local\MigWiz 2012-03-29 14:15:54 32768 ----a-w- C:\Windows\SysWow64\adidrm.dll 2012-03-29 14:15:53 60928 ----a-w- C:\Windows\SysWow64\SFFXComm.dll 2012-03-29 14:15:15 -------- d-----w- C:\ProgramData\SonicFocus 2012-03-29 14:07:54 -------- d-----w- C:\SwSetup 2012-03-29 14:07:25 -------- d-----w- C:\ProgramData\NortonInstaller 2012-03-29 14:04:45 -------- d-----w- C:\ProgramData\Norton 2012-03-29 13:56:53 -------- d-----w- C:\Windows\en 2012-03-29 13:51:11 69464 ----a-w- C:\Windows\SysWow64\XAPOFX1_3.dll 2012-03-29 13:51:11 515416 ----a-w- C:\Windows\SysWow64\XAudio2_5.dll 2012-03-29 13:51:09 523088 ----a-w- C:\Windows\System32\d3dx10_42.dll 2012-03-29 13:51:09 453456 ----a-w- C:\Windows\SysWow64\d3dx10_42.dll 2012-03-29 13:51:06 -------- d-----w- C:\Windows\AutoKMS 2012-03-29 13:50:13 4398360 ----a-w- C:\Windows\System32\d3dx9_32.dll 2012-03-29 13:50:13 3426072 ----a-w- C:\Windows\SysWow64\d3dx9_32.dll 2012-03-29 13:49:38 89944 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c782e9c71cd0db207\DSETUP.dll 2012-03-29 13:49:38 537432 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c782e9c71cd0db207\DXSETUP.exe 2012-03-29 13:49:38 1801048 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c782e9c71cd0db207\dsetup32.dll 2012-03-29 13:49:32 525656 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c308c28f1cd0db206\DXSETUP.exe 2012-03-29 13:49:31 94040 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c308c28f1cd0db206\DSETUP.dll 2012-03-29 13:49:31 1691480 ----a-w- C:\Program Files (x86)\Common Files\Windows Live\.cache\c308c28f1cd0db206\dsetup32.dll 2012-03-29 13:47:01 -------- d-----w- C:\Users\Martin\AppData\Local\Windows Live 2012-03-29 13:46:59 -------- d-----w- C:\Program Files (x86)\Common Files\Windows Live 2012-03-29 13:46:46 -------- d-----w- C:\Users\Martin\AppData\Local\Google 2012-03-29 13:24:19 -------- d-----w- C:\Program Files (x86)\Yahoo! 2012-03-29 12:45:24 -------- d-----r- C:\Program Files (x86)\Skype 2012-03-29 12:43:32 -------- d-----w- C:\Users\Martin\AppData\Roaming\hpqLog 2012-03-29 12:42:59 -------- d-----w- C:\Program Files\CCleaner 2012-03-29 12:40:56 -------- d-----w- C:\Program Files (x86)\VideoLAN 2012-03-29 12:37:15 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin6.dll 2012-03-29 12:37:15 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin5.dll 2012-03-29 12:37:15 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin4.dll 2012-03-29 12:37:15 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin3.dll 2012-03-29 12:37:15 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin2.dll 2012-03-29 12:37:15 159744 ----a-w- C:\Program Files (x86)\Mozilla Firefox\plugins\npqtplugin.dll 2012-03-29 12:37:12 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx 2012-03-29 12:37:12 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts 2012-03-29 12:37:12 180224 ----a-w- C:\Windows\SysWow64\QTCF.dll 2012-03-29 12:37:10 -------- d-----w- C:\Program Files (x86)\QT Lite 2012-03-29 12:35:59 70304 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-03-29 12:35:59 418464 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-03-29 12:34:59 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-03-29 12:34:59 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-03-29 12:34:51 -------- d-----w- C:\Program Files (x86)\Real Alternative 2012-03-29 12:26:00 98816 ----a-w- C:\Windows\System32\drivers\usbccgp.sys 2012-03-29 12:26:00 7936 ----a-w- C:\Windows\System32\drivers\usbd.sys 2012-03-29 12:26:00 52736 ----a-w- C:\Windows\System32\drivers\usbehci.sys 2012-03-29 12:26:00 343040 ----a-w- C:\Windows\System32\drivers\usbhub.sys 2012-03-29 12:26:00 325120 ----a-w- C:\Windows\System32\drivers\usbport.sys 2012-03-29 12:26:00 30720 ----a-w- C:\Windows\System32\drivers\usbuhci.sys 2012-03-29 12:26:00 25600 ----a-w- C:\Windows\System32\drivers\usbohci.sys 2012-03-29 12:13:14 29712 ----a-w- C:\Windows\System32\nitrolocalmon2.dll 2012-03-29 12:13:14 17936 ----a-w- C:\Windows\System32\nitrolocalui2.dll 2012-03-29 12:12:56 -------- d-----w- C:\Program Files\Common Files\Nitro PDF 2012-03-29 12:12:55 -------- d-----w- C:\Program Files (x86)\Nitro PDF 2012-03-29 12:12:55 -------- d-----w- C:\Program Files (x86)\Common Files\Nitro PDF 2012-03-29 12:12:09 -------- d-----w- C:\Users\Martin\AppData\Roaming\SUPERAntiSpyware.com 2012-03-29 12:11:36 -------- d-----w- C:\ProgramData\SUPERAntiSpyware.com 2012-03-29 12:11:36 -------- d-----w- C:\Program Files\SUPERAntiSpyware 2012-03-29 12:11:26 -------- d-----w- C:\Users\Martin\AppData\Roaming\Downloaded Installations 2012-03-29 11:48:20 118784 ----a-w- C:\Windows\SysWow64\MSSTDFMT.DLL 2012-03-29 11:48:20 -------- d-----w- C:\Program Files (x86)\SpywareBlaster 2012-03-29 11:40:29 -------- d-----w- C:\Users\Martin\AppData\Roaming\abelhadigital.com 2012-03-29 11:40:29 -------- d-----w- C:\ProgramData\abelhadigital.com 2012-03-29 11:37:47 -------- d-----w- C:\Program Files (x86)\Microsoft Synchronization Services 2012-03-29 11:37:32 -------- d-----w- C:\Windows\PCHEALTH 2012-03-29 11:37:32 -------- d-----w- C:\Program Files (x86)\Microsoft SQL Server Compact Edition 2012-03-29 11:34:24 -------- d-----w- C:\Program Files (x86)\Microsoft Analysis Services 2012-03-29 11:33:47 -------- d-----w- C:\Users\Martin\AppData\Local\Microsoft Help 2012-03-29 11:19:12 -------- d-----w- C:\ProgramData\Kaspersky Lab 2012-03-29 11:19:12 -------- d-----w- C:\Program Files (x86)\Kaspersky Lab 2012-03-29 11:08:01 -------- d-----w- C:\Users\Martin\AppData\Local\Mozilla 2012-03-29 10:43:58 -------- d-----w- C:\Windows\SysWow64\Wat 2012-03-29 10:43:58 -------- d-----w- C:\Windows\System32\Wat 2012-03-29 10:36:57 -------- d-----w- C:\Program Files (x86)\Analog Devices 2012-03-29 10:34:34 -------- d-----w- C:\Intel 2012-03-29 10:29:33 -------- d-----w- C:\ProgramData\TrueSuite 2012-03-29 10:29:31 -------- d-----w- C:\Windows\System32\wocaffe 2012-03-29 10:29:31 -------- d-----w- C:\Program Files\TrueSuite 2012-03-29 10:29:28 -------- d-----w- C:\ProgramData\Downloaded Installations 2012-03-29 10:22:42 -------- d-----w- C:\Program Files\Synaptics 2012-03-29 10:13:38 -------- d-sh--w- C:\Windows\Installer 2012-03-29 10:13:09 1919968 ----a-w- C:\Windows\System32\drivers\wdfcoinstaller01005.dll 2012-03-29 10:13:09 18432 ----a-w- C:\Windows\System32\drivers\HpqKbFiltr.sys 2012-03-29 10:13:09 11264 ----a-w- C:\Windows\System32\drivers\CPQBttn64.sys 2012-03-29 10:13:08 1885488 ----a-w- C:\Windows\SysWow64\BttnCmns.dll 2012-03-29 10:13:08 1885488 ----a-r- C:\Windows\SysWow64\BttnCmn.dll 2012-03-29 10:13:02 -------- d-----w- C:\Windows\QLB 2012-03-29 10:04:34 902656 ----a-w- C:\Windows\System32\d2d1.dll 2012-03-29 10:04:34 739840 ----a-w- C:\Windows\SysWow64\d2d1.dll 2012-03-29 10:04:34 1139200 ----a-w- C:\Windows\System32\FntCache.dll 2012-03-29 09:57:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll 2012-03-29 09:56:58 75776 ----a-w- C:\Windows\SysWow64\psisrndr.ax 2012-03-29 09:56:58 613888 ----a-w- C:\Windows\System32\psisdecd.dll 2012-03-29 09:56:58 465408 ----a-w- C:\Windows\SysWow64\psisdecd.dll 2012-03-29 09:56:58 108032 ----a-w- C:\Windows\System32\psisrndr.ax 2012-03-29 09:56:56 498688 ----a-w- C:\Windows\System32\drivers\afd.sys 2012-03-29 09:56:19 642944 ----a-w- C:\Windows\System32\winload.efi 2012-03-29 09:56:19 605552 ----a-w- C:\Windows\System32\winload.exe 2012-03-29 09:56:19 566208 ----a-w- C:\Windows\System32\winresume.efi 2012-03-29 09:56:19 518672 ----a-w- C:\Windows\System32\winresume.exe 2012-03-29 09:56:19 20352 ----a-w- C:\Windows\System32\kdusb.dll 2012-03-29 09:56:19 19328 ----a-w- C:\Windows\System32\kd1394.dll 2012-03-29 09:56:19 17792 ----a-w- C:\Windows\System32\kdcom.dll 2012-03-29 09:54:38 77312 ----a-w- C:\Windows\System32\packager.dll 2012-03-29 09:54:38 67072 ----a-w- C:\Windows\SysWow64\packager.dll 2012-03-29 09:51:11 8917360 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2012-03-29 09:45:39 9216 ----a-w- C:\Windows\System32\rdrmemptylst.exe 2012-03-29 09:45:39 77312 ----a-w- C:\Windows\System32\rdpwsx.dll 2012-03-29 09:45:39 149504 ----a-w- C:\Windows\System32\rdpcorekmts.dll 2012-03-29 09:45:34 826880 ----a-w- C:\Windows\SysWow64\rdpcore.dll 2012-03-29 09:45:34 1031680 ----a-w- C:\Windows\System32\rdpcore.dll 2012-03-29 09:45:33 23552 ----a-w- C:\Windows\System32\drivers\tdtcp.sys 2012-03-29 09:45:33 210944 ----a-w- C:\Windows\System32\drivers\rdpwd.sys . ==================== Find3M ==================== . 2012-03-22 19:12:12 4435968 ----a-w- C:\Windows\SysWow64\GPhotos.scr 2012-03-08 11:37:20 302448 ----a-w- C:\Windows\WLXPGSS.SCR 2012-02-28 06:56:48 2311168 ----a-w- C:\Windows\System32\jscript9.dll 2012-02-28 06:49:56 1390080 ----a-w- C:\Windows\System32\wininet.dll 2012-02-28 06:48:57 1493504 ----a-w- C:\Windows\System32\inetcpl.cpl 2012-02-28 06:42:55 2382848 ----a-w- C:\Windows\System32\mshtml.tlb 2012-02-28 01:18:55 1799168 ----a-w- C:\Windows\SysWow64\jscript9.dll 2012-02-28 01:11:21 1427456 ----a-w- C:\Windows\SysWow64\inetcpl.cpl 2012-02-28 01:11:07 1127424 ----a-w- C:\Windows\SysWow64\wininet.dll 2012-02-28 01:03:16 2382848 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2012-02-23 03:18:36 279656 ------w- C:\Windows\System32\MpSigStub.exe 2012-02-14 05:09:44 1070352 ----a-w- C:\Windows\SysWow64\MSCOMCTL.OCX 2012-02-10 06:36:07 1544192 ----a-w- C:\Windows\System32\DWrite.dll 2012-02-10 05:38:43 1077248 ----a-w- C:\Windows\SysWow64\DWrite.dll 2012-02-03 04:34:34 3145728 ----a-w- C:\Windows\System32\win32k.sys . ============= FINISH: 0:31:14.85 ===============
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.