Компьютер ужасно тормозит…

[taska7]

Logfile of random’s system information tool 1.06 (written by random/random)
Run by lulu at 2009-09-29 17:25:52
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 82 GB (28%) free of 290 GB
Total RAM: 4054 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:31:18 PM, on 9/29/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe
C:Program Files (x86)SkypePhoneSkype.exe
C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program Files (x86)Dell Video ChatDellVideoChat.exe
C:Program Files (x86)Yahoo!MessengerYahooMessenger.exe
C:Program Files (x86)ViiKiiDesktopPluginViiKiiDesktopPlugin.exe
C:Program Files (x86)Sensible VisionFast AccessFATrayMon.exe
C:Program Files (x86)DellMediaDirectPCMService.exe
C:WindowsSamsungPanelMgrSSMMgr.exe
C:Program Files (x86)SamsungEmoDioSMSTray.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:Program Files (x86)Sensible VisionFast AccessFATrayAlert.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program Files (x86)SkypePlugin ManagerskypePM.exe
C:Program Files (x86)Operaopera.exe
C:Program Files (x86)Malwarebytes’ Anti-Malwarembam.exe
C:UsersluluAppDataLocalOperaOperaprofilecache4temporary_downloadRSIT.exe
C:Program Files (x86)trend microlulu.exe
C:WindowsSysWOW64conime.exe
C:UsersluluAppDataLocalTempnircmd.exe
C:UsersluluAppDataLocalTempnircmd.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/USCON/1
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll
O1 — Hosts: ::1 localhost
O2 — BHO: &Yahoo! Toolbar Helper — {02478D38-C3F9-4efb-9B51-7695ECA05670} — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~2MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: FAIESSO Helper Object — {A2F122DA-055F-4df7-8F24-7354DBDBA85B} — C:Program Files (x86)Sensible VisionFast AccessFAIESSO.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.3.4501.1418swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 — BHO: SingleInstance Class — {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} — C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll
O4 — HKLM..Run: [FATrayAlert] C:Program Files (x86)Sensible VisionFast AccessFATrayMon.exe
O4 — HKLM..Run: [Dell Webcam Central] «C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell.exe» /mode2
O4 — HKLM..Run: [PCMService] «C:Program Files (x86)DellMediaDirectPCMService.exe»
O4 — HKLM..Run: [GrooveMonitor] «C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [QuickTime Task] «C:Program Files (x86)QuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [Samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun
O4 — HKLM..Run: [TkBellExe] «C:Program Files (x86)Common FilesRealUpdate_OBrealsched.exe» -osboot
O4 — HKLM..Run: [SMSTray] «C:Program Files (x86)SamsungEmoDioSMSTray.exe»
O4 — HKLM..Run: [iTunesHelper] «C:Program Files (x86)iTunesiTunesHelper.exe»
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Javajre6binjusched.exe»
O4 — HKLM..RunOnce: [Malwarebytes’ Anti-Malware] «C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe» /install /silent
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [Skype] «C:Program Files (x86)SkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [SightSpeed] «C:Program Files (x86)Dell Video ChatDellVideoChat.exe» -bootmode
O4 — HKCU..Run: [Google Update] «C:UsersluluAppDataLocalGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 — HKCU..Run: [Messenger (Yahoo!)] «C:Program Files (x86)Yahoo!MessengerYahooMessenger.exe» -quiet
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User ‘Default user’)
O4 — Startup: ViiKiiDesktopPlugin.lnk = C:Program Files (x86)ViiKiiDesktopPluginViiKiiDesktopPlugin.exe
O4 — Global Startup: QuickSet.lnk = C:Program FilesDellQuickSetquickset.exe
O8 — Extra context menu item: Add to Google Photos Screensa&ver — res://C:Windowssystem32GPhotos.scr/200
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: (no name) — {85d1f590-48f4-11d9-9669-0800200c9a66} — C:Windowsbdoscandel.exe (file missing)
O9 — Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner — {85d1f590-48f4-11d9-9669-0800200c9a66} — C:Windowsbdoscandel.exe (file missing)
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~2MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program Files (x86)ICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program Files (x86)ICQ6.5ICQ.exe
O13 — Gopher Prefix:
O15 — Trusted Zone: *.ssi.com.vn
O16 — DPF: iFISv — https://smarttrading.ssi.com.vn/cabinet/iFISv.cab
O16 — DPF: {0349EF81-B9C1-4B97-86F7-7B931D0E2532} (NowStarter2 Control) — http://sticube.clubbox.co.kr/sticubeupdate/cab/NowStarter2.cab
O16 — DPF: {3EE92798-D5D0-4E9D-BD75-39B1424CA890} (Script Class) — https://smarttrading.ssi.com.vn/cabinet/ScriptUtil.cab
O16 — DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) — http://download.eset.com/special/eos/OnlineScanner.cab
O18 — Protocol: cozi — {5356518D-FE9C-4E08-9C1F-1E872ECD367F} — C:Program Files (x86)Cozi ExpressCoziProtocolHandler.dll
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~2MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O20 — Winlogon Notify: FastAccess — C:Program Files (x86)Sensible VisionFast AccessFALogNot.dll
O23 — Service: Andrea ST Filters Service (AESTFilters) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cAESTSr64.exe (file missing)
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program Files (x86)BonjourmDNSResponder.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Unknown owner — C:Windowssystem32DFSR.exe (file missing)
O23 — Service: Dock Login Service (DockLoginService) — Stardock Corporation — C:Program FilesDellDellDockDockLogin.exe
O23 — Service: FAService — Sensible Vision — C:Program Files (x86)Sensible VisionFast AccessFAService.exe
O23 — Service: GameConsoleService — WildTangent, Inc. — C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe
O23 — Service: Google Update Service (gupdate1c9eea238f51b07) (gupdate1c9eea238f51b07) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: iPod Service — Apple Inc. — C:Program Files (x86)iPodbiniPodService.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Trend Micro Central Control Component (SfCtlCom) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe
O23 — Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) — Unknown owner — C:Windowssystem32SLsvc.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: Audio Service (STacSV) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cSTacSV64.exe (file missing)
O23 — Service: stllssvr — MicroVision Development, Inc. — C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe
O23 — Service: TabletService — Unknown owner — C:Windowssystem32Tablet.exe (file missing)
O23 — Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) — Trend Micro Inc. — C:Program FilesTrend MicroBMTMBMSRV.exe
O23 — Service: Trend Micro Personal Firewall (TmPfw) — Trend Micro Inc. — C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecurityTmProxy.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: Dell Wireless WLAN Tray Service (wltrysvc) — Unknown owner — C:WindowsSystem32WLTRYSVC.EXE (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

—
End of file — 14361 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksGoogleUpdateTaskUserS-1-5-21-3312132438-936696768-3914326451-1000Core.job
C:WindowstasksGoogleUpdateTaskUserS-1-5-21-3312132438-936696768-3914326451-1000UA.job
C:WindowstasksNorton Security Scan for lulu.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll [2009-07-31 909040]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2009-05-27 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~2MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-02-18 408440]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A2F122DA-055F-4df7-8F24-7354DBDBA85B}]
FAIESSOHelper Class — C:Program Files (x86)Sensible VisionFast AccessFAIESSO.dll [2008-09-06 206080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2009-09-12 256112]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.3.4501.1418swg.dll [2009-09-18 762864]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll [2009-09-12 458736]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-09 1067352]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class — C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll [2009-07-31 159472]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-09 1067352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2009-09-12 256112]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll [2009-07-31 909040]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«FATrayAlert»=C:Program Files (x86)Sensible VisionFast AccessFATrayMon.exe [2008-09-06 95488]
«Dell Webcam Central»=C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell.exe [2008-06-04 446635]
«FAStartup»= []
«PCMService»=C:Program Files (x86)DellMediaDirectPCMService.exe [2008-01-14 132392]
«GrooveMonitor»=C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016]
«Adobe Reader Speed Launcher»=C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2009-02-28 35696]
«QuickTime Task»=C:Program Files (x86)QuickTimeQTTask.exe [2009-05-27 413696]
«Samsung PanelMgr»=C:WindowsSamsungPanelMgrSSMMgr.exe [2008-03-03 536576]
«TkBellExe»=C:Program Files (x86)Common FilesRealUpdate_OBrealsched.exe [2009-09-05 185896]
«SMSTray»=C:Program Files (x86)SamsungEmoDioSMSTray.exe [2008-09-17 484880]
«iTunesHelper»=C:Program Files (x86)iTunesiTunesHelper.exe [2009-07-13 292128]
«SunJavaUpdateSched»=C:Program Files (x86)Javajre6binjusched.exe [2009-07-25 149280]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunOnce]
«Malwarebytes’ Anti-Malware»=C:Program Files (x86)Malwarebytes’ Anti-Malwarembamgui.exe [2009-09-10 420176]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-21 1555968]
«Skype»=C:Program Files (x86)SkypePhoneSkype.exe [2009-05-27 24264488]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-06-16 39408]
«SightSpeed»=C:Program Files (x86)Dell Video ChatDellVideoChat.exe [2008-12-18 4823928]
«Google Update»=C:UsersluluAppDataLocalGoogleUpdateGoogleUpdate.exe [2009-06-16 133104]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-21 138240]
«WMPNSCFG»=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []
«Messenger (Yahoo!)»=C:Program Files (x86)Yahoo!MessengerYahooMessenger.exe [2009-05-26 4351216]

C:Documents and SettingsAll UsersStart MenuProgramsStartup
QuickSet.lnk — C:Program Files (x86)DellQuickSetquickset.exe

C:UsersluluAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
ViiKiiDesktopPlugin.lnk — C:Program Files (x86)ViiKiiDesktopPluginViiKiiDesktopPlugin.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyFastAccess]
C:Program Files (x86)Sensible VisionFast AccessFALogNot.dll [2008-09-06 140544]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~2MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«notification packages»=scecli
FAPassSync

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPEVSystemStart]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPEVSystemStart]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=FFFFFFFF
«NoDriveTypeAutoRun»=36

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=
«NoActiveDesktopChanges»=
«ForceActiveDesktopOn»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2a1e6dc6-69f3-11de-ad58-002219ee4cd1}]
shellAutoRuncommand — dynrn6e.cmd
shellexplorecommand — dynrn6e.cmd
shellopencommand — dynrn6e.cmd

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cefa3b36-6550-11de-a3ab-002219ee4cd1}]
shellAutoRuncommand — F:o8tf6l.exe
shellopencommand — F:o8tf6l.exe

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f6261f2b-86fb-11de-85ac-002219ee4cd1}]
shellAutoRuncommand — dynrn6e.cmd
shellexplorecommand — dynrn6e.cmd
shellopencommand — dynrn6e.cmd

======File associations======

.inf — open — %SystemRoot%SysWow64NOTEPAD.EXE %1
.js — edit — C:WindowsSysWOW64Notepad.exe %1
.js — open — C:WindowsSysWOW64WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2009-09-29 17:31:13 —-RASHD—- C:autorun.inf
2009-09-29 17:25:52 —-D—- C:rsit
2009-09-29 17:25:52 —-D—- C:Program Files (x86)trend micro
2009-09-29 06:23:19 —-D—- C:WTablet
2009-09-28 21:04:38 —-D—- C:ComboFix
2009-09-28 21:04:37 —-A—- C:Windowssystem32CF9374.exe
2009-09-28 20:54:21 —-A—- C:Windowssystem32xvidvfw.dll
2009-09-28 20:54:21 —-A—- C:Windowssystem32xvidcore.dll
2009-09-28 20:54:19 —-A—- C:Windowssystem32pthreadGC2.dll
2009-09-28 20:54:19 —-A—- C:Windowssystem32ff_vfw.dll
2009-09-28 18:22:36 —-D—- C:UsersluluAppDataRoamingViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
2009-09-28 18:22:29 —-D—- C:Program Files (x86)ViiKiiDesktopPlugin
2009-09-28 18:22:25 —-D—- C:Program Files (x86)Common FilesAdobe AIR
2009-09-27 19:08:39 —-A—- C:Windowssystem32XAudio2_5.dll
2009-09-27 19:08:38 —-A—- C:Windowssystem32xactengine3_5.dll
2009-09-27 19:08:37 —-A—- C:Windowssystem32D3DCompiler_42.dll
2009-09-27 19:08:36 —-A—- C:Windowssystem32d3dcsx_42.dll
2009-09-27 19:08:35 —-A—- C:Windowssystem32d3dx11_42.dll
2009-09-27 19:08:35 —-A—- C:Windowssystem32d3dx10_42.dll
2009-09-27 19:08:34 —-A—- C:Windowssystem32D3DX9_42.dll
2009-09-27 19:08:33 —-A—- C:Windowssystem32d3dx10_41.dll
2009-09-27 19:08:33 —-A—- C:Windowssystem32D3DCompiler_41.dll
2009-09-27 19:08:32 —-A—- C:Windowssystem32D3DX9_41.dll
2009-09-27 19:08:31 —-A—- C:Windowssystem32XAudio2_4.dll
2009-09-27 19:08:31 —-A—- C:Windowssystem32XAPOFX1_3.dll
2009-09-27 19:08:30 —-A—- C:Windowssystem32xactengine3_4.dll
2009-09-27 19:08:30 —-A—- C:Windowssystem32X3DAudio1_6.dll
2009-09-27 19:08:29 —-A—- C:Windowssystem32d3dx10_40.dll
2009-09-27 19:08:29 —-A—- C:Windowssystem32D3DCompiler_40.dll
2009-09-27 19:08:28 —-A—- C:Windowssystem32D3DX9_40.dll
2009-09-27 19:08:27 —-A—- C:Windowssystem32XAudio2_3.dll
2009-09-27 19:08:27 —-A—- C:Windowssystem32XAPOFX1_2.dll
2009-09-27 19:08:26 —-A—- C:Windowssystem32xactengine3_3.dll
2009-09-27 19:08:26 —-A—- C:Windowssystem32X3DAudio1_5.dll
2009-09-27 19:08:25 —-A—- C:Windowssystem32XAudio2_2.dll
2009-09-27 19:08:25 —-A—- C:Windowssystem32XAPOFX1_1.dll
2009-09-27 19:08:24 —-A—- C:Windowssystem32xactengine3_2.dll
2009-09-27 19:08:22 —-A—- C:Windowssystem32d3dx10_39.dll
2009-09-27 19:08:22 —-A—- C:Windowssystem32D3DCompiler_39.dll
2009-09-27 19:08:21 —-A—- C:Windowssystem32XAudio2_1.dll
2009-09-27 19:08:21 —-A—- C:Windowssystem32XAPOFX1_0.dll
2009-09-27 19:08:21 —-A—- C:Windowssystem32D3DX9_39.dll
2009-09-27 19:08:20 —-A—- C:Windowssystem32xactengine3_1.dll
2009-09-27 19:08:20 —-A—- C:Windowssystem32X3DAudio1_4.dll
2009-09-27 19:08:19 —-A—- C:Windowssystem32d3dx10_38.dll
2009-09-27 19:08:19 —-A—- C:Windowssystem32D3DCompiler_38.dll
2009-09-27 19:08:18 —-A—- C:Windowssystem32D3DX9_38.dll
2009-09-27 19:08:16 —-A—- C:Windowssystem32XAudio2_0.dll
2009-09-27 19:08:15 —-A—- C:Windowssystem32xactengine3_0.dll
2009-09-27 19:08:15 —-A—- C:Windowssystem32X3DAudio1_3.dll
2009-09-27 19:08:14 —-A—- C:Windowssystem32d3dx10_37.dll
2009-09-27 19:08:14 —-A—- C:Windowssystem32D3DCompiler_37.dll
2009-09-27 19:08:13 —-A—- C:Windowssystem32xactengine2_10.dll
2009-09-27 19:08:13 —-A—- C:Windowssystem32D3DX9_37.dll
2009-09-27 19:08:11 —-A—- C:Windowssystem32d3dx10_36.dll
2009-09-27 19:08:11 —-A—- C:Windowssystem32D3DCompiler_36.dll
2009-09-27 19:08:10 —-A—- C:Windowssystem32d3dx9_36.dll
2009-09-27 19:08:08 —-A—- C:Windowssystem32xactengine2_9.dll
2009-09-27 19:08:07 —-A—- C:Windowssystem32d3dx10_35.dll
2009-09-27 19:08:07 —-A—- C:Windowssystem32D3DCompiler_35.dll
2009-09-27 19:08:06 —-A—- C:Windowssystem32d3dx9_35.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32xactengine2_8.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32X3DAudio1_2.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32d3dx10_34.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32D3DCompiler_34.dll
2009-09-27 19:08:03 —-A—- C:Windowssystem32d3dx9_34.dll
2009-09-27 19:08:02 —-A—- C:Windowssystem32xinput1_3.dll
2009-09-27 19:08:01 —-A—- C:Windowssystem32xactengine2_7.dll
2009-09-27 19:08:01 —-A—- C:Windowssystem32d3dx10_33.dll
2009-09-27 19:08:01 —-A—- C:Windowssystem32D3DCompiler_33.dll
2009-09-27 19:08:00 —-A—- C:Windowssystem32d3dx9_33.dll
2009-09-27 19:07:58 —-A—- C:Windowssystem32xactengine2_6.dll
2009-09-27 19:07:57 —-A—- C:Windowssystem32xactengine2_5.dll
2009-09-27 19:07:57 —-A—- C:Windowssystem32d3dx10.dll
2009-09-27 19:07:56 —-A—- C:Windowssystem32xactengine2_4.dll
2009-09-27 19:07:56 —-A—- C:Windowssystem32x3daudio1_1.dll
2009-09-27 19:07:55 —-A—- C:Windowssystem32xactengine2_3.dll
2009-09-27 19:07:55 —-A—- C:Windowssystem32d3dx9_31.dll
2009-09-27 19:07:54 —-A—- C:Windowssystem32xinput1_2.dll
2009-09-27 19:07:54 —-A—- C:Windowssystem32xactengine2_2.dll
2009-09-27 19:07:53 —-A—- C:Windowssystem32xinput1_1.dll
2009-09-27 19:07:52 —-A—- C:Windowssystem32xactengine2_1.dll
2009-09-27 19:07:50 —-A—- C:Windowssystem32d3dx9_30.dll
2009-09-27 19:07:48 —-A—- C:Windowssystem32xactengine2_0.dll
2009-09-27 19:07:48 —-A—- C:Windowssystem32x3daudio1_0.dll
2009-09-27 19:07:48 —-A—- C:Windowssystem32d3dx9_29.dll
2009-09-27 19:07:47 —-A—- C:Windowssystem32d3dx9_28.dll
2009-09-27 19:07:46 —-A—- C:Windowssystem32d3dx9_27.dll
2009-09-27 19:07:44 —-A—- C:Windowssystem32d3dx9_26.dll
2009-09-27 19:07:43 —-A—- C:Windowssystem32d3dx9_25.dll
2009-09-27 19:07:42 —-A—- C:Windowssystem32d3dx9_24.dll
2009-09-27 18:59:08 —-HD—- C:Windowsmsdownld.tmp
2009-09-27 18:59:06 —-D—- C:Windowssystem32directx
2009-09-23 19:22:06 —-D—- C:FPC
2009-09-23 17:27:03 —-A—- C:Windowsunvise32.exe
2009-09-23 17:27:02 —-D—- C:Program Files (x86)DivXLand
2009-09-23 16:59:29 —-D—- C:Program Files (x86)DivX
2009-09-23 16:45:55 —-D—- C:Program Files (x86)Avi2Dvd
2009-09-21 21:22:31 —-D—- C:Program Files (x86)URUSoft
2009-09-20 21:04:22 —-D—- C:ProgramDataYahoo! Companion
2009-09-19 16:03:26 —-D—- C:Program Files (x86)TVAnts
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTWMVFile.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTWMAFile2.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTVideoFile.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTVideoCoreM.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTVideoCompress.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAVIFile.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAudioFormatSettings3.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAudioCompress3.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAudioCompress2.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32msvcp70.dll
2009-09-14 06:25:52 —-A—- C:Windowssystem32javaws.exe
2009-09-14 06:25:52 —-A—- C:Windowssystem32javaw.exe
2009-09-14 06:25:52 —-A—- C:Windowssystem32java.exe
2009-09-13 18:37:44 —-D—- C:Program Files (x86)CCleaner
2009-09-13 07:09:25 —-D—- C:System32
2009-09-12 19:59:30 —-D—- C:Windowssystem32crc
2009-09-12 19:42:01 —-A—- C:Windowssystem32fscflist.ini.tmp
2009-09-12 19:41:15 —-A—- C:Windowssystem32nod.dll
2009-09-12 19:40:53 —-A—- C:Windowssystem32fscflist.ini
2009-09-12 19:40:39 —-A—- C:Windowssystem32fscagent.ini.tmp
2009-09-12 19:40:39 —-A—- C:Windowssystem32fscagent.ini
2009-09-12 15:43:14 —-D—- C:Program Files (x86)Cheat Engine
2009-09-11 21:22:10 —-D—- C:UsersluluAppDataRoamingBitTorrent
2009-09-11 21:22:06 —-D—- C:Program Files (x86)BitTorrent
2009-09-10 22:19:46 —-A—- C:Windowsdd_ATL90SP1_KB973924MSI5FCB.txt
2009-09-10 22:19:45 —-A—- C:Windowsdd_ATL90SP1_KB973924UI5FCB.txt
2009-09-09 20:38:02 —-D—- C:UsersluluAppDataRoamingBroad Intelligence
2009-09-09 20:34:00 —-D—- C:Program Files (x86)AviSynth 2.5
2009-09-09 19:52:46 —-D—- C:WMSDK
2009-09-09 19:51:01 —-D—- C:Program Files (x86)MediaCoder
2009-09-09 17:19:54 —-A—- C:Windowssystem32netiohlp.dll
2009-09-09 17:19:53 —-A—- C:Windowssystem32TCPSVCS.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32ROUTE.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32NETSTAT.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32MRINFO.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32HOSTNAME.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32finger.exe
2009-09-09 17:19:53 —-A—- C:Windowssystem32ARP.EXE
2009-09-09 17:19:52 —-A—- C:Windowssystem32netevent.dll
2009-09-09 17:19:13 —-A—- C:Windowssystem32WMVCORE.DLL
2009-09-09 17:19:13 —-A—- C:Windowssystem32mf.dll
2009-09-09 17:17:42 —-A—- C:Windowssystem32jscript.dll
2009-09-09 17:17:39 —-A—- C:Windowssystem32wlanmsm.dll
2009-09-09 17:17:38 —-A—- C:Windowssystem32wlansec.dll
2009-09-09 17:17:38 —-A—- C:Windowssystem32L2SecHC.dll
2009-09-09 16:21:20 —-A—- C:Windowssystem32NowUpdate.exe
2009-09-09 16:18:13 —-D—- C:Program Files (x86)ICQ6Toolbar
2009-09-09 16:18:11 —-D—- C:ProgramDataICQ
2009-09-09 16:17:47 —-D—- C:UsersluluAppDataRoamingICQ
2009-09-09 16:17:00 —-D—- C:Program Files (x86)ICQ6.5
2009-09-06 20:52:07 —-D—- C:UsersluluAppDataRoamingApple Computer
2009-09-06 20:51:25 —-A—- C:Windowssystem32GEARAspi.dll
2009-09-06 20:50:53 —-D—- C:Program Files (x86)iPod
2009-09-06 20:50:47 —-D—- C:ProgramData{35733029-9859-49C7-8475-1E78E2AAE413}
2009-09-06 20:50:47 —-D—- C:Program Files (x86)iTunes
2009-09-06 20:50:02 —-D—- C:Program Files (x86)Bonjour
2009-09-06 20:48:26 —-D—- C:Program Files (x86)Common FilesApple
2009-09-06 20:46:39 —-D—- C:Program Files (x86)MarkAny
2009-09-06 19:40:50 —-D—- C:WindowsBDOSCAN8
2009-09-06 18:14:07 —-D—- C:Program Files (x86)ESET
2009-09-05 23:30:15 —-D—- C:Program Files (x86)Common Filesxing shared
2009-09-05 23:29:56 —-A—- C:Windowssystem32rmoc3260.dll
2009-09-05 23:29:42 —-A—- C:Windowssystem32pndx5032.dll
2009-09-05 23:29:42 —-A—- C:Windowssystem32pndx5016.dll
2009-09-05 23:29:40 —-A—- C:Windowssystem32pncrt.dll
2009-09-05 23:29:33 —-D—- C:Program Files (x86)Common FilesReal
2009-09-05 23:29:32 —-D—- C:Program Files (x86)Real
2009-09-05 23:28:45 —-D—- C:UsersluluAppDataRoamingReal
2009-09-04 19:20:46 —-D—- C:ProgramDataRoxio
2009-09-04 19:20:45 —-D—- C:UsersluluAppDataRoamingRoxio
2009-09-03 17:53:07 —-D—- C:Windowssystem32IOSUBSYS
2009-09-03 05:44:54 —-A—- C:Windowssystem32GameUXLegacyGDFs.dll
2009-09-03 05:44:54 —-A—- C:Windowssystem32Apphlpdm.dll
2009-09-02 18:16:15 —-D—- C:UsersluluAppDataRoamingMalwarebytes
2009-09-02 18:16:06 —-D—- C:ProgramDataMalwarebytes
2009-09-02 18:16:06 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
2009-09-02 18:14:10 —-A—- C:Windowssystem32CF12940.exe
2009-09-02 18:14:09 —-A—- C:Windowssystem32swsc.exe
2009-09-02 18:13:51 —-A—- C:Windowssystem32cmd.execf
2009-09-01 06:16:15 —-D—- C:WindowsMinidump

======List of files/folders modified in the last 1 months======

2009-09-29 17:30:56 —-D—- C:WindowsTemp
2009-09-29 17:25:52 —-RD—- C:Program Files (x86)
2009-09-29 17:23:43 —-D—- C:UsersluluAppDataRoamingSkype
2009-09-29 17:10:07 —-D—- C:Windowssystem32drivers
2009-09-29 16:04:00 —-D—- C:UsersluluAppDataRoamingskypePM
2009-09-29 07:13:38 —-D—- C:WindowsSystem32
2009-09-29 07:13:37 —-D—- C:Windowsinf
2009-09-29 07:10:59 —-D—- C:Windows
2009-09-29 06:29:35 —-D—- C:WindowsSysWOW64
2009-09-28 23:30:49 —-D—- C:UsersluluAppDataRoamingWTablet
2009-09-28 21:53:17 —-SHD—- C:System Volume Information
2009-09-28 21:04:38 —-A—- C:Bug.txt
2009-09-28 20:54:56 —-D—- C:Program Files (x86)Mozilla Firefox
2009-09-28 20:54:36 —-D—- C:Program Files (x86)K-Lite Codec Pack
2009-09-28 20:52:16 —-D—- C:ProgramDataYahoo!
2009-09-28 20:52:16 —-D—- C:Program Files (x86)Yahoo!
2009-09-28 20:48:45 —-SHD—- C:WindowsInstaller
2009-09-28 20:48:45 —-D—- C:DELL
2009-09-28 20:48:08 —-D—- C:Program Files (x86)Adobe
2009-09-28 18:22:35 —-D—- C:ProgramDataAdobe
2009-09-28 18:22:25 —-D—- C:Program Files (x86)Common Files
2009-09-28 18:22:05 —-D—- C:UsersluluAppDataRoamingAdobe
2009-09-27 19:07:52 —-RSD—- C:Windowsassembly
2009-09-27 19:07:33 —-D—- C:WindowsMicrosoft.NET
2009-09-27 18:59:05 —-D—- C:WindowsLogs
2009-09-27 18:01:42 —-D—- C:Program Files (x86)Common FilesSymantec Shared
2009-09-27 08:55:14 —-D—- C:WindowsPrefetch
2009-09-23 16:56:52 —-D—- C:Windowssystem
2009-09-21 06:34:07 —-RD—- C:Program Files
2009-09-20 21:04:22 —-HD—- C:ProgramData
2009-09-20 10:12:46 —-SD—- C:WindowsDownloaded Program Files
2009-09-14 06:25:48 —-D—- C:Program Files (x86)Java
2009-09-13 18:38:17 —-D—- C:WindowsDebug
2009-09-10 22:20:04 —-D—- C:Windowswinsxs
2009-09-10 10:32:27 —-D—- C:Windowsrescache
2009-09-10 10:16:20 —-D—- C:Program Files (x86)Microsoft Silverlight
2009-09-10 10:15:15 —-D—- C:Windowssystem32en-US
2009-09-10 10:15:15 —-D—- C:Windowsehome
2009-09-10 10:15:15 —-D—- C:Program Files (x86)Windows Mail
2009-09-10 06:07:50 —-D—- C:ProgramDataMicrosoft Help
2009-09-09 16:18:30 —-HD—- C:Program Files (x86)InstallShield Installation Information
2009-09-08 15:51:04 —-D—- C:ProgramDataTrend Micro
2009-09-06 20:50:47 —-D—- C:ProgramDataApple Computer
2009-09-06 20:46:05 —-D—- C:Program Files (x86)Samsung
2009-09-04 10:26:07 —-D—- C:HINH ANH
2009-09-04 03:06:44 —-D—- C:WindowsAppPatch
2009-09-03 17:53:23 —-D—- C:Program Files (x86)Common FilesPX Storage Engine
2009-09-03 17:52:55 —-D—- C:Program Files (x86)Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:Windowssystem32DRIVERStmlwf.sys []
R1 tmtdi;Trend Micro TDI Driver; C:Windowssystem32DRIVERStmtdi.sys []
R2 rimmptsk;rimmptsk; C:Windowssystem32DRIVERSrimmpx64.sys []
R2 rimsptsk;rimsptsk; C:Windowssystem32DRIVERSrimspx64.sys []
R2 rismxdp;Ricoh xD-Picture Card Driver; C:Windowssystem32DRIVERSrixdpx64.sys []
R2 SSPORT;SSPORT; ??C:Windowssystem32DriversSSPORT.sys []
R2 tmpreflt;tmpreflt; C:Windowssystem32DRIVERStmpreflt.sys []
R2 tmwfp;Trend Micro WFP Callout Driver; C:Windowssystem32DRIVERStmwfp.sys []
R2 tmxpflt;tmxpflt; C:Windowssystem32DRIVERStmxpflt.sys []
R2 vsapint;vsapint; C:Windowssystem32DRIVERSvsapint.sys []
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows XP/Vista x64; C:Windowssystem32DRIVERSApfiltr.sys []
R3 BCM42RLY;BCM42RLY; C:Windowssystem32driversBCM42RLY.sys []
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:Windowssystem32DRIVERSbcmwl664.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:Windowssystem32DRIVERSCmBatt.sys []
R3 FACAP;facap, FastAccess Video Capture; C:Windowssystem32DRIVERSfacap.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys []
R3 igfx;igfx; C:Windowssystem32DRIVERSigdkmd64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:Windowssystem32driversIntcHdmi.sys []
R3 itecir;ITECIR Infrared Receiver; C:Windowssystem32DRIVERSitecir.sys []
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet — NDIS 6.0; C:Windowssystem32DRIVERSk57nd60a.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:Windowssystem32DRIVERSOA001Ufd.sys []
R3 OA001Vid;Creative Camera OA001 Function Driver; C:Windowssystem32DRIVERSOA001Vid.sys []
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 wacommousefilter;Wacom Mouse Filter Driver; C:Windowssystem32DRIVERSwacommousefilter.sys []
R3 wacomvhid;Wacom Virtual Hid Driver; C:Windowssystem32DRIVERSwacomvhid.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32DRIVERSwmiacpi.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S2 DgiVecp;DgiVecp; ??C:Windowssystem32DriversDgiVecp.sys []
S3 CrystalSysInfo;CrystalSysInfo; ??C:Program Files (x86)MediaCoderSysInfoX64.sys [2007-09-25 18128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 usbscan;USB Scanner Driver; C:Windowssystem32DRIVERSusbscan.sys []
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cAESTSr64.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; C:Program Files (x86)BonjourmDNSResponder.exe [2008-12-12 238888]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-12-18 155648]
R2 FAService;FAService; C:Program Files (x86)Sensible VisionFast AccessFAService.exe [2008-09-06 2340096]
R2 SeaPort;SeaPort; C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-05-19 240512]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cSTacSV64.exe []
R2 TabletService;TabletService; C:Windowssystem32Tablet.exe []
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:WindowsSystem32WLTRYSVC.EXE C:WindowsSystem32bcmwltry.exe []
R3 iPod Service;iPod Service; C:Program Files (x86)iPodbiniPodService.exe [2009-07-13 542496]
S2 gupdate1c9eea238f51b07;Google Update Service (gupdate1c9eea238f51b07); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2009-06-16 133104]
S2 SfCtlCom;Trend Micro Central Control Component; C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe [2009-04-11 821000]
S2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:Program FilesTrend MicroBMTMBMSRV.exe [2008-10-03 563464]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-07-27 93184]
S3 GameConsoleService;GameConsoleService; C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe [2009-06-06 250616]
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-06-16 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-27 441136]
S3 ose;Office Source Engine; C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-21 19968]
S3 stllssvr;stllssvr; C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe [2008-03-24 74384]
S3 TmPfw;Trend Micro Personal Firewall; C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe [2009-04-11 587696]
S3 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet SecurityTmProxy.exe [2008-10-03 854280]

---

EOF

---

[taska7]

info.txt logfile of random’s system information tool 1.06 2009-09-29 17:31:24

======Uninstall list======

—>»C:Program Files (x86)WildTangentDell GamesAmazing Adventures Around the WorldUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesBejeweled 2 DeluxeUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesBlackhawk Striker 2Uninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesBlasterball 2 RevolutionUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesBookworm DeluxeUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesBuild-a-lot 3Uninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesChicken Invaders 3 — Revenge of the YolkUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesChuzzle DeluxeUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesDell Game ConsoleUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesDiner Dash 2 Restaurant RescueUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesDora’s Carnival AdventureUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesFarm FrenzyUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesFarm ManiaUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesFATE Undiscovered RealmsUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesFlip WordsUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesInsaniquarium DeluxeUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesJewel Quest SolitaireUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesJewel QuestUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesMah Jong QuestUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesMy TribeUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesPoker Superstars IIIUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesPolar BowlerUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesPolar GolferUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesSlingo DeluxeUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesSuper GrannyUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesTradewindsUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesVirtual Villagers — A New HomeUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesVirtual Villagers — Chapter 2 — The Lost ChildrenUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesWheel of Fortune 2Uninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesWorld of GooUninstall.exe»
—>»C:Program Files (x86)WildTangentDell GamesZuma DeluxeUninstall.exe»
—>C:PROGRA~2Yahoo!CommonUNYT_W~1.EXE
—>C:Program Files (x86)Common FilesRealUpdate_OBr1puninst.exe RealNetworks|RealPlayer|6.0
—>C:WindowsCtDrvIns.exe -uninstall -script OA001.uns -unsext NTamd64 -plugin OA001Pin.dll -pluginres OA001Pin.crl -nodisconprompt -langid 0x0409
—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {6D15B89B-EFAD-40D8-A9BB-205094F21698}
—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}setup.exe» -l0x9
—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{BC12448A-0B41-4E11-B242-B1129512F5B7}setup.exe» -l0x9
Ŭ·´¹Ú½º ÆÄÀÏÀü¼Û°ü¸®ÀÚ—>C:Windowssystem32clubboxuninstall.exe
Adobe AIR—>C:Program Files (x86)Common FilesAdobe AIRVersions1.0ResourcesAdobe AIR Updater.exe -arp:uninstall
Adobe AIR—>MsiExec.exe /I{A2BCA9F1-566C-4805-97D1-7FDC93386723}
Adobe Flash Player 10 ActiveX—>C:WindowsSysWOW64MacromedFlashuninstall_activeX.exe
Adobe Flash Player 10 Plugin—>C:WindowsSysWOW64MacromedFlashuninstall_plugin.exe
Adobe Reader 9.1.3—>MsiExec.exe /I{AC76BA86-7AD7-1033-7B44-A91000000001}
Adobe Shockwave Player 11.5—>»C:Windowssystem32AdobeShockwave 11uninstaller.exe»
Advanced Audio FX Engine—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{88564CEF-20A5-4EF2-A05F-309F2EBA9B06}setup.exe» -l0x9 /remove
Apple Software Update—>MsiExec.exe /I{6956856F-B6B3-4BE0-BA0B-8F495BE32033}
AviSynth 2.5—>»C:Program Files (x86)AviSynth 2.5Uninstall.exe»
CCleaner (remove only)—>»C:Program Files (x86)CCleaneruninst.exe»
Choice Guard—>MsiExec.exe /I{8FFC5648-FAF8-43A3-BC8F-42BA1E275C4E}
Cisco EAP-FAST Module—>MsiExec.exe /I{415B2719-AD3A-4944-B404-C472DB6085B3}
Cisco LEAP Module—>MsiExec.exe /I{83770D14-21B9-44B3-8689-F7B523F94560}
Cisco PEAP Module—>MsiExec.exe /I{669C7BD8-DAA2-49B6-966C-F1E2AAE6B17E}
Compatibility Pack for the 2007 Office system—>MsiExec.exe /X{90120000-0020-0409-0000-0000000FF1CE}
Cozi—>MsiExec.exe /X{7456BBA3-642F-4E59-9F89-7639977D7C39}
Dell Getting Started Guide—>MsiExec.exe /I{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}
Dell Video Chat—>C:Program Files (x86)Dell Video Chatuninst.exe
Dell Webcam Central—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1PROFES~1RunTime91Intel32Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{BC12448A-0B41-4E11-B242-B1129512F5B7}setup.exe» -l0x9 /remove
DELL0703—>MsiExec.exe /I{053C30EA-D4C6-47A0-8537-8D231D9BE873}
DivX—>C:Program Files (x86)DivXDivXCodecUninstall.exe /CODEC
DivXLand Media Subtitler—>C:Windowsunvise32.exe C:Program Files (x86)DivXLandMedia Subtitleruninstal.log
EmoDio—>»C:Program Files (x86)InstallShield Installation Information{C20CE592-B0F8-4D20-BF31-0151CA6331A6}setup.exe» -runfromtemp -l0x0409 -removeonly
EmoDio—>MsiExec.exe /X{C20CE592-B0F8-4D20-BF31-0151CA6331A6}
ESET Online Scanner v3—>C:Program Files (x86)ESETESET Online ScannerOnlineScannerUninstaller.exe
full version by IiN—>»C:Program FilesIiNDinner Dash Flo on the gounins000.exe»
Geniesoft Overture v4.0.2.21—>»C:Program Files (x86)GenieSoftOverture 4.0Uninstallunins000.exe»
Google Earth—>MsiExec.exe /X{CC016F21-3970-11DE-B878-005056806466}
Google Toolbar for Internet Explorer—>»C:Program Files (x86)GoogleGoogle ToolbarComponentGoogleToolbarManager_E582EA556D8DE101.exe» /uninstall
Google Toolbar for Internet Explorer—>MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
Google Update Helper—>MsiExec.exe /I{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
HijackThis 2.0.2—>»C:Program Files (x86)trend microHijackThis.exe» /uninstall
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)—>c:WindowsSysWOW64msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall /qb+ REBOOTPROMPT=»»
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)—>c:WindowsSysWOW64msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {08155812-0202-4D5F-A7FF-12A2782DC548} /qb+ REBOOTPROMPT=»»
ICQ6.5—>»C:Program Files (x86)InstallShield Installation Information{60DE4033-9503-48D1-A483-7846BD217CA9}setup.exe» -runfromtemp -l0x0009 -removeonly
ITECIR—>C:Program Files (x86)InstallShield Installation Information{F6BB6248-C507-46FE-8A35-1B16F35E0441}setup.exe -runfromtemp -l0x0009 -removeonly
Java(TM) 6 Update 15—>MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216011FF}
Junk Mail filter update—>MsiExec.exe /I{4AB8B41B-3AF1-46BE-99B0-0ACD3B300C0A}
K-Lite Mega Codec Pack 5.1.0—>»C:Program Files (x86)K-Lite Codec Packunins000.exe»
Live! Cam Avatar Creator—>C:Program Files (x86)InstallShield Installation Information{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}setup.exe -runfromtemp -l0x0009 -removeonly /remove
Lyrics Station—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{A806D0D0-417F-4F2E-9CEC-22F19B5EC07A}Setup.exe» -l0x9
Malwarebytes’ Anti-Malware—>»C:Program Files (x86)Malwarebytes’ Anti-Malwareunins000.exe»
MediaCoder 0.7.2.4502—>C:Program Files (x86)MediaCoderuninst.exe
MediaDirect—>C:Program Files (x86)InstallShield Installation Information{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}setup.exe -runfromtemp -l0x0009 -cluninstall
Microsoft Office Access MUI (English) 2007—>MsiExec.exe /X{90120000-0015-0409-0000-0000000FF1CE}
Microsoft Office Access Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0117-0409-0000-0000000FF1CE}
Microsoft Office Enterprise 2007—>»C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12Office Setup Controllersetup.exe» /uninstall ENTERPRISE /dll OSETUP.DLL
Microsoft Office Enterprise 2007—>MsiExec.exe /X{90120000-0030-0000-0000-0000000FF1CE}
Microsoft Office Excel MUI (English) 2007—>MsiExec.exe /X{90120000-0016-0409-0000-0000000FF1CE}
Microsoft Office Groove MUI (English) 2007—>MsiExec.exe /X{90120000-00BA-0409-0000-0000000FF1CE}
Microsoft Office Groove Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0114-0409-0000-0000000FF1CE}
Microsoft Office InfoPath MUI (English) 2007—>MsiExec.exe /X{90120000-0044-0409-0000-0000000FF1CE}
Microsoft Office OneNote MUI (English) 2007—>MsiExec.exe /X{90120000-00A1-0409-0000-0000000FF1CE}
Microsoft Office Outlook MUI (English) 2007—>MsiExec.exe /X{90120000-001A-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint MUI (English) 2007—>MsiExec.exe /X{90120000-0018-0409-0000-0000000FF1CE}
Microsoft Office PowerPoint Viewer 2007 (English)—>MsiExec.exe /X{95120000-00AF-0409-0000-0000000FF1CE}
Microsoft Office Proof (English) 2007—>MsiExec.exe /X{90120000-001F-0409-0000-0000000FF1CE}
Microsoft Office Proof (French) 2007—>MsiExec.exe /X{90120000-001F-040C-0000-0000000FF1CE}
Microsoft Office Proof (Spanish) 2007—>MsiExec.exe /X{90120000-001F-0C0A-0000-0000000FF1CE}
Microsoft Office Proofing (English) 2007—>MsiExec.exe /X{90120000-002C-0409-0000-0000000FF1CE}
Microsoft Office Publisher MUI (English) 2007—>MsiExec.exe /X{90120000-0019-0409-0000-0000000FF1CE}
Microsoft Office Shared MUI (English) 2007—>MsiExec.exe /X{90120000-006E-0409-0000-0000000FF1CE}
Microsoft Office Shared Setup Metadata MUI (English) 2007—>MsiExec.exe /X{90120000-0115-0409-0000-0000000FF1CE}
Microsoft Office Word MUI (English) 2007—>MsiExec.exe /X{90120000-001B-0409-0000-0000000FF1CE}
Microsoft Search Enhancement Pack—>MsiExec.exe /X{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}
Microsoft Silverlight—>MsiExec.exe /X{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}
Microsoft SQL Server 2005 Compact Edition [ENU]—>MsiExec.exe /I{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}
Microsoft Sync Framework Runtime Native v1.0 (x86)—>MsiExec.exe /I{8A74E887-8F0F-4017-AF53-CBA42211AAA5}
Microsoft Sync Framework Services Native v1.0 (x86)—>MsiExec.exe /I{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}
Microsoft Visual C++ 2005 ATL Update kb973923 — x86 8.0.50727.4053—>MsiExec.exe /X{770657D0-A123-3C07-8E44-1C83EC895118}
Microsoft Visual C++ 2005 Redistributable—>MsiExec.exe /X{7299052b-02a4-4627-81f2-1818da5d550d}
Microsoft Visual C++ 2008 ATL Update kb973924 — x86 9.0.30729.4148—>MsiExec.exe /X{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}
Microsoft Visual C++ 2008 Redistributable — x86 9.0.21022—>MsiExec.exe /X{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}
Microsoft Works—>MsiExec.exe /I{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}
Mozilla Firefox (3.5.3)—>C:Program Files (x86)Mozilla Firefoxuninstallhelper.exe
MSVCRT—>MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}
MSXML 4.0 SP2 (KB954430)—>MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}
Nokia Connectivity Cable Driver—>MsiExec.exe /I{52D02A2B-03D2-4E34-A358-DC5D951FD296}
Norton Security Scan—>C:Program Files (x86)NortonInstaller{397E31AA-0D78-4649-A01C-339D73A2ED35}NSSLicenseType2.3.0.44InstStub.exe /X
Opera 9.64—>MsiExec.exe /X{A2A60894-E3ED-46FE-9A6A-7CF7A87572A0}
Picasa 3—>»C:Program Files (x86)GooglePicasa3Uninstall.exe»
QuickTime—>MsiExec.exe /I{C78EAC6F-7A73-452E-8134-DBB2165C5A68}
Readiris Pro 10—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}setup.exe» -l0x9
RealPlayer—>C:Program Files (x86)Common FilesRealUpdate_OBr1puninst.exe RealNetworks|RealPlayer|6.0
Roxio Creator Audio—>MsiExec.exe /I{73A4F29F-31AC-4EBD-AA1B-0CC5F18C8F83}
Roxio Creator Copy—>MsiExec.exe /I{B6A26DE5-F2B5-4D58-9570-4FC760E00FCD}
Roxio Creator Data—>MsiExec.exe /I{08E81ABD-79F7-49C2-881F-FD6CB0975693}
Roxio Creator DE—>C:ProgramDataUninstall{09760D42-E223-42AD-8C3E-55B47D0DDAC3}setup.exe /x {09760D42-E223-42AD-8C3E-55B47D0DDAC3}
Roxio Creator DE—>MsiExec.exe /I{ED439A64-F018-4DD4-8BA5-328D85AB09AB}
Roxio Creator Tools—>MsiExec.exe /I{1F54DAFA-9261-4A62-B59D-6C9F26B48FE4}
Roxio Express Labeler 3—>MsiExec.exe /I{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}
Roxio Update Manager—>MsiExec.exe /I{30465B6C-B53F-49A1-9EBA-A3F187AD502E}
Samsung SCX-4200 Series—>C:Program Files (x86)SamsungSamsung SCX-4200 SeriesInstallSetup.exe /R
Skype™ 4.0—>MsiExec.exe /X{24D753CA-6AE9-4E30-8F5F-EFC93E08BF3D}
SmarThru 4—>RunDll32 C:PROGRA~2COMMON~1INSTAL~1engine6INTEL3~1Ctor.dll,LaunchSetup «C:Program Files (x86)InstallShield Installation Information{90F1943D-EA4A-4460-B59F-30023F3BA69A}Setup.exe» -l0x9 uninstall -l0009
Subtitle Workshop 2.51—>»C:Program Files (x86)URUSoftSubtitle Workshopuninstall.exe»
Tablet—>C:Program Files (x86)TabletRemove.exe /u
TVAnts 1.0—>C:PROGRA~2TVAntsUNWISE.EXE C:PROGRA~2TVAntsINSTALL.LOG
Update for 2007 Microsoft Office System (KB967642)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {C444285D-5E4F-48A4-91DD-47AAAA68E92D}
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)—>c:WindowsSysWOW64msiexec.exe /package {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9} /uninstall {B2AE9C82-DC7B-3641-BFC8-87275C4F3607} /qb+ REBOOTPROMPT=»»
Update for Microsoft Office 2007 Help for Common Features (KB963673)—>msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {AB365889-0395-4FAD-B702-CA5985D53D42}
Update for Microsoft Office Access 2007 Help (KB963663)—>msiexec /package {90120000-0015-0409-0000-0000000FF1CE} /uninstall {6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}
Update for Microsoft Office Excel 2007 Help (KB963678)—>msiexec /package {90120000-0016-0409-0000-0000000FF1CE} /uninstall {199DF7B6-169C-448C-B511-1054101BE9C9}
Update for Microsoft Office Infopath 2007 Help (KB963662)—>msiexec /package {90120000-0044-0409-0000-0000000FF1CE} /uninstall {716B81B8-B13C-41DF-8EAC-7A2F656CAB63}
Update for Microsoft Office OneNote 2007 Help (KB963670)—>msiexec /package {90120000-00A1-0409-0000-0000000FF1CE} /uninstall {2744EF05-38E1-4D5D-B333-E021EDAEA245}
Update for Microsoft Office Outlook 2007 Help (KB963677)—>msiexec /package {90120000-001A-0409-0000-0000000FF1CE} /uninstall {0451F231-E3E3-4943-AB9F-58EB96171784}
Update for Microsoft Office Powerpoint 2007 Help (KB963669)—>msiexec /package {90120000-0018-0409-0000-0000000FF1CE} /uninstall {397B1D4F-ED7B-4ACA-A637-43B670843876}
Update for Microsoft Office Publisher 2007 Help (KB963667)—>msiexec /package {90120000-0019-0409-0000-0000000FF1CE} /uninstall {2E40DE55-B289-4C8B-8901-5D369B16814F}
Update for Microsoft Office Script Editor Help (KB963671)—>msiexec /package {90120000-006E-0409-0000-0000000FF1CE} /uninstall {CD11C6A2-FFC6-4271-8EAB-79C3582F505C}
Update for Microsoft Office Word 2007 Help (KB963665)—>msiexec /package {90120000-001B-0409-0000-0000000FF1CE} /uninstall {80E762AA-C921-4839-9D7D-DB62A72C0726}
Update for Outlook 2007 Junk Email Filter (kb973514)—>msiexec /package {90120000-0030-0000-0000-0000000FF1CE} /uninstall {03B11C77-336F-43B4-9B43-79890BA84504}
ViiKii Desktop Plug-in—>msiexec /qb /x {CD8F775C-F958-9788-CB1B-3A3C2EBF3BB5}
ViiKii Desktop Plug-in—>MsiExec.exe /I{CD8F775C-F958-9788-CB1B-3A3C2EBF3BB5}
WildTangent Games—>»C:Program Files (x86)WildTangentDell GamesUninstall.exe»
Windows Live Call—>MsiExec.exe /I{020D8396-D6D9-4B53-A9A1-83C47E2E27AA}
Windows Live Communications Platform—>MsiExec.exe /I{F69E83CF-B440-43F8-89E6-6EA80712109B}
Windows Live Essentials—>C:Program Files (x86)Windows LiveInstallerwlarp.exe
Windows Live Essentials—>MsiExec.exe /I{D9D754A1-EAC5-406C-A28B-C49B1E846711}
Windows Live Mail—>MsiExec.exe /I{63C1109E-D977-49ED-BCE3-D00D0BF187D6}
Windows Live Messenger—>MsiExec.exe /X{0AAA9C97-74D4-47CE-B089-0B147EF3553C}
Windows Live Photo Gallery—>MsiExec.exe /X{F73A5B18-EB75-4B2C-B32D-9457576E2417}
Windows Live Sign-in Assistant—>MsiExec.exe /I{9422C8EA-B0C6-4197-B8FC-DC797658CA00}
Windows Live Sync—>MsiExec.exe /X{FDD810CA-D5E3-40E9-AB7B-36440B0D41EF}
Windows Live Toolbar—>MsiExec.exe /X{2B4C7E1E-E446-4740-ADB5-9842E742EE8A}
Windows Live Upload Tool—>MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238}
Windows Live Writer—>MsiExec.exe /X{6A92E5C5-0578-443D-91F3-92ECE5F2CAE2}
Windows Media Format 11 SDK—>MsiExec.exe /X{009435FA-9011-4C36-AE7C-CCC9669E7875}
Windows Media Player Firefox Plugin—>MsiExec.exe /I{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}
WinRAR archiver—>C:Program Files (x86)WinRARuninstall.exe
Yahoo! Messenger—>C:PROGRA~2Yahoo!MESSEN~1UNWISE.EXE /U C:PROGRA~2Yahoo!MESSEN~1INSTALL.LOG
Yahoo! Toolbar—>C:PROGRA~2Yahoo!CommonUNYT_W~1.EXE

======Security center information======

AV: Trend Micro Internet Security (disabled)
AS: Windows Defender

======System event log======

Computer Name: lulu-PC
Event Code: 1003
Message: Your computer was not able to renew its address from the network (from the DHCP Server) for the Network Card with network address 002219EE4CD1. The following error occurred:
The operation was canceled by the user.. Your computer will continue to try and obtain an address on its own from the network address (DHCP) server.
Record Number: 59126
Source Name: Microsoft-Windows-Dhcp-Client
Time Written: 20090929090242.000000-000
Event Type: Warning
User:

Computer Name: lulu-PC
Event Code: 4
Message: Broadcom NetLink (TM) Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 59130
Source Name: k57nd60a
Time Written: 20090929090242.718234-000
Event Type: Warning
User:

Computer Name: lulu-PC
Event Code: 4
Message: Broadcom NetLink (TM) Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 59135
Source Name: k57nd60a
Time Written: 20090929090251.708234-000
Event Type: Warning
User:

Computer Name: lulu-PC
Event Code: 4
Message: Broadcom NetLink (TM) Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 59140
Source Name: k57nd60a
Time Written: 20090929090305.794234-000
Event Type: Warning
User:

Computer Name: lulu-PC
Event Code: 4
Message: Broadcom NetLink (TM) Gigabit Ethernet: The network link is down. Check to make sure the network cable is properly connected.
Record Number: 59150
Source Name: k57nd60a
Time Written: 20090929132914.159234-000
Event Type: Warning
User:

=====Application event log=====

Computer Name: lulu-PC
Event Code: 6006
Message: The winlogon notification subscriber took 509 second(s) to handle the notification event (Logoff).
Record Number: 7888
Source Name: Microsoft-Windows-Winlogon
Time Written: 20090928193946.000000-000
Event Type: Warning
User:

Computer Name: lulu-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL —
37 user registry handles leaked from RegistryUserS-1-5-21-3312132438-936696768-3914326451-1000:
Process 2480 (DeviceHarddiskVolume3WindowsSystem32taskeng.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000
Process 2528 (DeviceHarddiskVolume3Program FilesCommon FilesMicrosoft SharedinkInputPersonalization.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunService
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionRunService
Process 2528 (DeviceHarddiskVolume3Program FilesCommon FilesMicrosoft SharedinkInputPersonalization.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionExplorer
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindows NTCurrentVersionWindows
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunServiceOnce
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftInternet Explorer
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunServicesOnce
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks
Process 2528 (DeviceHarddiskVolume3Program FilesCommon FilesMicrosoft SharedinkInputPersonalization.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftInputPersonalization
Process 2528 (DeviceHarddiskVolume3Program FilesCommon FilesMicrosoft SharedinkInputPersonalization.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftInputPersonalization
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunOnceEx
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionRun
Process 2480 (DeviceHarddiskVolume3WindowsSystem32taskeng.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindows NTCurrentVersion
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionRun
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionRunServiceOnce
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionShell ExtensionsApproved
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings
Process 2480 (DeviceHarddiskVolume3WindowsSystem32taskeng.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionInternet Settings
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunOnce
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindows NTCurrentVersionWinlogon
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionRunOnceEx
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsShellNoRoamMUICache
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionPolicies
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionRunOnce
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftSearch Assistant
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
Process 2528 (DeviceHarddiskVolume3Program FilesCommon FilesMicrosoft SharedinkInputPersonalization.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftSpeechCurrentUserLexicon
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareWow6432NodeMicrosoftWindowsCurrentVersionRunServices
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionExplorerUserAssist
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftSearch Assistant
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionRunServices
Process 3228 (DeviceHarddiskVolume3Program FilesTrend MicroInternet SecuritySfCtlCom.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000SoftwareMicrosoftWindowsCurrentVersionRunServicesOnce

Record Number: 7890
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090928193946.000000-000
Event Type: Warning
User: NT AUTHORITYSYSTEM

Computer Name: lulu-PC
Event Code: 118
Message: The handwriting recognition personalization component that manages handwriting settings terminated unexpectedly.

The only possible consequence is that handwriting recognition personalization currently has no effect on the accuracy of handwriting recognition.

Possible user action: Restart the computer. If this does not fix the problem then you may need to update or repair the operating system.
Record Number: 7891
Source Name: Handwriting Recognition
Time Written: 20090928193946.000000-000
Event Type: Warning
User: lulu-PClulu

Computer Name: lulu-PC
Event Code: 1530
Message: Windows detected your registry file is still in use by other applications or services. The file will be unloaded now. The applications or services that hold your registry file may not function properly afterwards.

DETAIL —
3 user registry handles leaked from RegistryUserS-1-5-21-3312132438-936696768-3914326451-1000_Classes:
Process 2480 (DeviceHarddiskVolume3WindowsSystem32taskeng.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000_CLASSES
Process 2480 (DeviceHarddiskVolume3WindowsSystem32taskeng.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000_CLASSES
Process 2528 (DeviceHarddiskVolume3Program FilesCommon FilesMicrosoft SharedinkInputPersonalization.exe) has opened key REGISTRYUSERS-1-5-21-3312132438-936696768-3914326451-1000_CLASSES

Record Number: 7893
Source Name: Microsoft-Windows-User Profiles Service
Time Written: 20090928193946.000000-000
Event Type: Warning
User: NT AUTHORITYSYSTEM

Computer Name: lulu-PC
Event Code: 10
Message: Event filter with query «SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA «Win32_Processor» AND TargetInstance.LoadPercentage > 99″ could not be reactivated in namespace «//./root/CIMV2» because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Record Number: 7915
Source Name: Microsoft-Windows-WMI
Time Written: 20090929022355.000000-000
Event Type: Error
User:

=====Security event log=====

Computer Name: lulu-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: DeviceHarddiskVolume3WindowsSystem32driverstcpip.sys
Record Number: 12944
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090929022515.054234-000
Event Type: Audit Failure
User:

Computer Name: lulu-PC
Event Code: 5038
Message: Code integrity determined that the image hash of a file is not valid. The file could be corrupt due to unauthorized modification or the invalid hash could indicate a potential disk device error.

File Name: DeviceHarddiskVolume3WindowsSystem32driverstcpip.sys
Record Number: 12945
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090929022515.111234-000
Event Type: Audit Failure
User:

Computer Name: lulu-PC
Event Code: 4648
Message: A logon was attempted using explicit credentials.

Subject:
Security ID: S-1-5-18
Account Name: LULU-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Account Whose Credentials Were Used:
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon GUID: {00000000-0000-0000-0000-000000000000}

Target Server:
Target Server Name: localhost
Additional Information: localhost

Process Information:
Process ID: 0x288
Process Name: C:WindowsSystem32services.exe

Network Information:
Network Address: —
Port: —

This event is generated when a process attempts to log on an account by explicitly specifying that account’s credentials. This most commonly occurs in batch-type configurations such as scheduled tasks, or when using the RUNAS command.
Record Number: 12946
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090929022626.353234-000
Event Type: Audit Success
User:

Computer Name: lulu-PC
Event Code: 4624
Message: An account was successfully logged on.

Subject:
Security ID: S-1-5-18
Account Name: LULU-PC$
Account Domain: WORKGROUP
Logon ID: 0x3e7

Logon Type: 5

New Logon:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}

Process Information:
Process ID: 0x288
Process Name: C:WindowsSystem32services.exe

Network Information:
Workstation Name:
Source Network Address: —
Source Port: —

Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: —
Package Name (NTLM only): —
Key Length: 0

This event is generated when a logon session is created. It is generated on the computer that was accessed.

The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.

The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).

The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.

The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.

The authentication information fields provide detailed information about this specific logon request.
— Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
— Transited services indicate which intermediate services have participated in this logon request.
— Package name indicates which sub-protocol was used among the NTLM protocols.
— Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
Record Number: 12947
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090929022626.353234-000
Event Type: Audit Success
User:

Computer Name: lulu-PC
Event Code: 4672
Message: Special privileges assigned to new logon.

Subject:
Security ID: S-1-5-18
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3e7

Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
Record Number: 12948
Source Name: Microsoft-Windows-Security-Auditing
Time Written: 20090929022626.353234-000
Event Type: Audit Success
User:

======Environment variables======

«ComSpec»=%SystemRoot%system32cmd.exe
«FP_NO_HOST_CHECK»=NO
«OS»=Windows_NT
«Path»=%SystemRoot%system32;%SystemRoot%;%SystemRoot%System32Wbem;C:Program Files (x86)Common FilesRoxio SharedDLLShared;C:Program Files (x86)Common FilesRoxio Shared10.0DLLShared;C:Program Files (x86)QuickTimeQTSystem;C:WindowsMicrosoft.NETFrameworkv2.0.50727
«PATHEXT»=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
«PROCESSOR_ARCHITECTURE»=AMD64
«TEMP»=%SystemRoot%TEMP
«TMP»=%SystemRoot%TEMP
«USERNAME»=SYSTEM
«windir»=%SystemRoot%
«PROCESSOR_LEVEL»=6
«PROCESSOR_IDENTIFIER»=Intel64 Family 6 Model 23 Stepping 10, GenuineIntel
«PROCESSOR_REVISION»=170a
«NUMBER_OF_PROCESSORS»=2
«TRACE_FORMAT_SEARCH_PATH»=\NTREL202.ntdev.corp.microsoft.com34FB5F65-FFEB-4B61-BF0E-A6A76C450FAATraceFormat
«DFSTRACINGON»=FALSE
«RoxioCentral»=C:Program Files (x86)Common FilesRoxio Shared10.0Roxio Central36
«CLASSPATH»=.;C:Program Files (x86)Javajre6libextQTJava.zip
«QTJAVA»=C:Program Files (x86)Javajre6libextQTJava.zip

---

EOF

---

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Лог в основном выглядит нормально, есть небольгая мелочь оставленная autorun.inf трояном.
Скачайте OTM by OldTimer кликнув по этой ссылке.
Запустите OTM и в большое поле ввода (заголовок этого поля выделен желтым цветом) скопируйте следующий текст.

:reg

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2a1e6dc6-69f3-11de-ad58-002219ee4cd1}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cefa3b36-6550-11de-a3ab-002219ee4cd1}]

[-HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f6261f2b-86fb-11de-85ac-002219ee4cd1}]



:Commands

[emptytemp]

[Reboot]

Проверьте вставленный скрипт, если слева перед директивами появились пробелы, то удалите их, скрипт должен выглядеть так же как в сообщении. Кликните по кнопке MoveIt!. В процессе работы возможна перезагрузка компьютера.
По-завершении работы программы должен будет показан лог. Если лог не будет показан, то его можно найти в папке C:_OTMMovedFiles.

Вставьте в ваше ответное сообщение содержимое этого лога. Так же приложите свежий RSIT лог.

Кроме этого сообщите как работает ваш компьютер, если всё так же тормозит, то сообщите когда это происходит, при загрузке, запуске программ …

[taska7]

All processes killed
========== REGISTRY ==========
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{2a1e6dc6-69f3-11de-ad58-002219ee4cd1} not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{2a1e6dc6-69f3-11de-ad58-002219ee4cd1} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{cefa3b36-6550-11de-a3ab-002219ee4cd1} deleted successfully.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{cefa3b36-6550-11de-a3ab-002219ee4cd1} not found.
Registry key HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionexplorermountpoints2{f6261f2b-86fb-11de-85ac-002219ee4cd1} not found.
Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{f6261f2b-86fb-11de-85ac-002219ee4cd1} not found.
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
File delete failed. C:UsersDefaultAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5TRE4BICSdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefaultAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5QSB366YVdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefaultAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5MFYQNYEWdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefaultAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE52QANSRPPdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefaultAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5desktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefaultAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
File delete failed. C:UsersDefaultAppDataLocalMicrosoftWindowsTemporary Internet Filesdesktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: Default User
->Temp folder emptied: 0 bytes
File delete failed. C:UsersDefault UserAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5TRE4BICSdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefault UserAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5QSB366YVdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefault UserAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5MFYQNYEWdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefault UserAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE52QANSRPPdesktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefault UserAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5desktop.ini scheduled to be deleted on reboot.
File delete failed. C:UsersDefault UserAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
File delete failed. C:UsersDefault UserAppDataLocalMicrosoftWindowsTemporary Internet Filesdesktop.ini scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService

User: lulu
->Temp folder emptied: 32233 bytes
File delete failed. C:UsersluluAppDataLocalMicrosoftWindowsTemporary Internet FilesContent.IE5index.dat scheduled to be deleted on reboot.
->Temporary Internet Files folder emptied: 146246180 bytes
->Java cache emptied: 31778364 bytes
->FireFox cache emptied: 107069429 bytes
->Google Chrome cache emptied: 76457751 bytes
->Opera cache emptied: 73371185 bytes

User: Public

User: User

%systemdrive% .tmp files removed: 0 bytes
Folder delete failed. C:Windowsmsdownld.tmp scheduled to be deleted on reboot.
%systemroot% .tmp files removed: 2048 bytes
%systemroot%System32 .tmp files removed: 212 bytes
%systemroot%System32 (64bit) .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
RecycleBin emptied: 78336 bytes

Total Files Cleaned = 414.95 mb

OTM by OldTimer — Version 3.0.0.6 log created on 10012009_213216

[taska7]

Logfile of random’s system information tool 1.06 (written by random/random)
Run by lulu at 2009-10-01 21:40:50
Microsoft® Windows Vista™ Home Premium Service Pack 1
System drive C: has 68 GB (23%) free of 290 GB
Total RAM: 4054 MB (50% free)

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 9:40:52 PM, on 10/1/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v8.00 (8.00.6001.18813)
Boot mode: Normal

Running processes:
C:Program Files (x86)Common FilesMicrosoft SharedInkTabTip32.exe
C:Program Files (x86)SkypePhoneSkype.exe
C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
C:Program Files (x86)Dell Video ChatDellVideoChat.exe
C:Program Files (x86)Yahoo!MessengerYahooMessenger.exe
C:Program Files (x86)ViiKiiDesktopPluginViiKiiDesktopPlugin.exe
C:Program Files (x86)Sensible VisionFast AccessFATrayMon.exe
C:Program Files (x86)DellMediaDirectPCMService.exe
C:Program Files (x86)iTunesiTunesHelper.exe
C:Program Files (x86)Javajre6binjusched.exe
C:Program Files (x86)Sensible VisionFast AccessFATrayAlert.exe
C:Program Files (x86)SkypePlugin ManagerskypePM.exe
C:Program Files (x86)K-Lite Codec PackMedia Player Classicmplayerc.exe
C:UsersluluAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersluluAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersluluAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersluluAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersluluAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersluluAppDataLocalGoogleChromeApplicationchrome.exe
C:UsersluluDownloadsRSIT.exe
C:Program Files (x86)trend microlulu.exe

R1 — HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://g.msn.com/USCON/1
R0 — HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 — HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 — HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 — HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page = C:WindowsSysWOW64blank.htm
R0 — HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 — URLSearchHook: (no name) — — (no file)
R3 — URLSearchHook: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll
O1 — Hosts: ::1 localhost
O2 — BHO: &Yahoo! Toolbar Helper — {02478D38-C3F9-4efb-9B51-7695ECA05670} — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll
O2 — BHO: AcroIEHelperStub — {18DF081C-E8AD-4283-A596-FA578C2EBDC3} — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll
O2 — BHO: Skype add-on (mastermind) — {22BF413B-C6D2-4d91-82A9-A0F997BA588C} — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 — BHO: (no name) — {5C255C8A-E604-49b4-9D64-90988571CECB} — (no file)
O2 — BHO: Search Helper — {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll
O2 — BHO: Groove GFS Browser Helper — {72853161-30C5-4D22-B7F9-0BBC1D38A37E} — C:PROGRA~2MICROS~2Office12GRA8E1~1.DLL
O2 — BHO: Windows Live Sign-in Helper — {9030D464-4C02-4ABF-8ECC-5164760863C6} — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 — BHO: FAIESSO Helper Object — {A2F122DA-055F-4df7-8F24-7354DBDBA85B} — C:Program Files (x86)Sensible VisionFast AccessFAIESSO.dll
O2 — BHO: Google Toolbar Helper — {AA58ED58-01DD-4d91-8333-CF10577473F7} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O2 — BHO: Google Toolbar Notifier BHO — {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} — C:Program Files (x86)GoogleGoogleToolbarNotifier5.3.4501.1418swg.dll
O2 — BHO: Google Dictionary Compression sdch — {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} — C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll
O2 — BHO: Java(tm) Plug-In 2 SSV Helper — {DBC80044-A445-435b-BC74-9C25C1C588A9} — C:Program Files (x86)Javajre6binjp2ssv.dll
O2 — BHO: Windows Live Toolbar Helper — {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O2 — BHO: SingleInstance Class — {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} — C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll
O3 — Toolbar: &Windows Live Toolbar — {21FA44EF-376D-4D53-9B0F-8A89D3229068} — C:Program Files (x86)Windows LiveToolbarwltcore.dll
O3 — Toolbar: Google Toolbar — {2318C2B1-4965-11d4-9B18-009027A5CD4F} — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll
O3 — Toolbar: Yahoo! Toolbar — {EF99BD32-C1FB-11D2-892F-0090271D4F88} — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll
O4 — HKLM..Run: [FATrayAlert] C:Program Files (x86)Sensible VisionFast AccessFATrayMon.exe
O4 — HKLM..Run: [Dell Webcam Central] «C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell.exe» /mode2
O4 — HKLM..Run: [PCMService] «C:Program Files (x86)DellMediaDirectPCMService.exe»
O4 — HKLM..Run: [GrooveMonitor] «C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe»
O4 — HKLM..Run: [Adobe Reader Speed Launcher] «C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe»
O4 — HKLM..Run: [QuickTime Task] «C:Program Files (x86)QuickTimeQTTask.exe» -atboottime
O4 — HKLM..Run: [Samsung PanelMgr] C:WindowsSamsungPanelMgrSSMMgr.exe /autorun
O4 — HKLM..Run: [TkBellExe] «C:Program Files (x86)Common FilesRealUpdate_OBrealsched.exe» -osboot
O4 — HKLM..Run: [SMSTray] «C:Program Files (x86)SamsungEmoDioSMSTray.exe»
O4 — HKLM..Run: [iTunesHelper] «C:Program Files (x86)iTunesiTunesHelper.exe»
O4 — HKLM..Run: [SunJavaUpdateSched] «C:Program Files (x86)Javajre6binjusched.exe»
O4 — HKLM..Run: [Malwarebytes Anti-Malware (reboot)] «C:Program Files (x86)Malwarebytes’ Anti-Malwarembam.exe» /runcleanupscript
O4 — HKCU..Run: [Sidebar] C:Program FilesWindows Sidebarsidebar.exe /autoRun
O4 — HKCU..Run: [Skype] «C:Program Files (x86)SkypePhoneSkype.exe» /nosplash /minimized
O4 — HKCU..Run: [swg] «C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe»
O4 — HKCU..Run: [SightSpeed] «C:Program Files (x86)Dell Video ChatDellVideoChat.exe» -bootmode
O4 — HKCU..Run: [Google Update] «C:UsersluluAppDataLocalGoogleUpdateGoogleUpdate.exe» /c
O4 — HKCU..Run: [ehTray.exe] C:WindowsehomeehTray.exe
O4 — HKCU..Run: [WMPNSCFG] C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe
O4 — HKCU..Run: [Messenger (Yahoo!)] «C:Program Files (x86)Yahoo!MessengerYahooMessenger.exe» -quiet
O4 — HKUSS-1-5-19..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-19..Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘LOCAL SERVICE’)
O4 — HKUSS-1-5-20..Run: [Sidebar] %ProgramFiles%Windows SidebarSidebar.exe /detectMem (User ‘NETWORK SERVICE’)
O4 — .DEFAULT User Startup: Dell Dock First Run.lnk = C:Program FilesDellDellDockDellDock.exe (User ‘Default user’)
O4 — Startup: ViiKiiDesktopPlugin.lnk = C:Program Files (x86)ViiKiiDesktopPluginViiKiiDesktopPlugin.exe
O4 — Global Startup: QuickSet.lnk = C:Program FilesDellQuickSetquickset.exe
O8 — Extra context menu item: Add to Google Photos Screensa&ver — res://C:Windowssystem32GPhotos.scr/200
O8 — Extra context menu item: E&xport to Microsoft Excel — res://C:PROGRA~2MICROS~2Office12EXCEL.EXE/3000
O9 — Extra button: Blog This — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer — {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} — C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dll
O9 — Extra button: Send to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 — Extra ‘Tools’ menuitem: S&end to OneNote — {2670000A-7350-4f3c-8081-5663EE0C6C49} — C:PROGRA~2MICROS~2Office12ONBttnIE.dll
O9 — Extra button: Skype — {77BF5300-1474-4EC7-9980-D32B190E9B07} — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 — Extra button: (no name) — {85d1f590-48f4-11d9-9669-0800200c9a66} — C:Windowsbdoscandel.exe (file missing)
O9 — Extra ‘Tools’ menuitem: Uninstall BitDefender Online Scanner — {85d1f590-48f4-11d9-9669-0800200c9a66} — C:Windowsbdoscandel.exe (file missing)
O9 — Extra button: Research — {92780B25-18CC-41C8-B9BE-3C9C571A8263} — C:PROGRA~2MICROS~2Office12REFIEBAR.DLL
O9 — Extra button: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program Files (x86)ICQ6.5ICQ.exe
O9 — Extra ‘Tools’ menuitem: ICQ6 — {E59EB121-F339-4851-A3BA-FE49C35617C2} — C:Program Files (x86)ICQ6.5ICQ.exe
O13 — Gopher Prefix:
O15 — Trusted Zone: *.ssi.com.vn
O16 — DPF: iFISv — https://smarttrading.ssi.com.vn/cabinet/iFISv.cab
O16 — DPF: {0349EF81-B9C1-4B97-86F7-7B931D0E2532} (NowStarter2 Control) — http://sticube.clubbox.co.kr/sticubeupdate/cab/NowStarter2.cab
O16 — DPF: {3EE92798-D5D0-4E9D-BD75-39B1424CA890} (Script Class) — https://smarttrading.ssi.com.vn/cabinet/ScriptUtil.cab
O16 — DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} (OnlineScanner Control) — http://download.eset.com/special/eos/OnlineScanner.cab
O18 — Protocol: cozi — {5356518D-FE9C-4E08-9C1F-1E872ECD367F} — C:Program Files (x86)Cozi ExpressCoziProtocolHandler.dll
O18 — Protocol: grooveLocalGWS — {88FED34C-F0CA-4636-A375-3CB6248B04CD} — C:PROGRA~2MICROS~2Office12GR99D3~1.DLL
O18 — Protocol: skype4com — {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} — C:PROGRA~2COMMON~1SkypeSKYPE4~1.DLL
O20 — Winlogon Notify: FastAccess — C:Program Files (x86)Sensible VisionFast AccessFALogNot.dll
O23 — Service: Andrea ST Filters Service (AESTFilters) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cAESTSr64.exe (file missing)
O23 — Service: @%SystemRoot%system32Alg.exe,-112 (ALG) — Unknown owner — C:WindowsSystem32alg.exe (file missing)
O23 — Service: Apple Mobile Device — Apple Inc. — C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe
O23 — Service: Bonjour Service — Apple Inc. — C:Program Files (x86)BonjourmDNSResponder.exe
O23 — Service: @dfsrres.dll,-101 (DFSR) — Unknown owner — C:Windowssystem32DFSR.exe (file missing)
O23 — Service: Dock Login Service (DockLoginService) — Stardock Corporation — C:Program FilesDellDellDockDockLogin.exe
O23 — Service: FAService — Sensible Vision — C:Program Files (x86)Sensible VisionFast AccessFAService.exe
O23 — Service: GameConsoleService — WildTangent, Inc. — C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe
O23 — Service: Google Update Service (gupdate1c9eea238f51b07) (gupdate1c9eea238f51b07) — Google Inc. — C:Program Files (x86)GoogleUpdateGoogleUpdate.exe
O23 — Service: Google Software Updater (gusvc) — Google — C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 — Service: iPod Service — Apple Inc. — C:Program Files (x86)iPodbiniPodService.exe
O23 — Service: @keyiso.dll,-100 (KeyIso) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @comres.dll,-2797 (MSDTC) — Unknown owner — C:WindowsSystem32msdtc.exe (file missing)
O23 — Service: @%SystemRoot%System32netlogon.dll,-102 (Netlogon) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32psbase.dll,-300 (ProtectedStorage) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: @%systemroot%system32Locator.exe,-2 (RpcLocator) — Unknown owner — C:Windowssystem32locator.exe (file missing)
O23 — Service: @%SystemRoot%system32samsrv.dll,-1 (SamSs) — Unknown owner — C:Windowssystem32lsass.exe (file missing)
O23 — Service: Trend Micro Central Control Component (SfCtlCom) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe
O23 — Service: @%SystemRoot%system32SLsvc.exe,-101 (slsvc) — Unknown owner — C:Windowssystem32SLsvc.exe (file missing)
O23 — Service: @%SystemRoot%system32snmptrap.exe,-3 (SNMPTRAP) — Unknown owner — C:WindowsSystem32snmptrap.exe (file missing)
O23 — Service: @%systemroot%system32spoolsv.exe,-1 (Spooler) — Unknown owner — C:WindowsSystem32spoolsv.exe (file missing)
O23 — Service: Audio Service (STacSV) — Unknown owner — C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cSTacSV64.exe (file missing)
O23 — Service: stllssvr — MicroVision Development, Inc. — C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe
O23 — Service: TabletService — Unknown owner — C:Windowssystem32Tablet.exe (file missing)
O23 — Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) — Trend Micro Inc. — C:Program FilesTrend MicroBMTMBMSRV.exe
O23 — Service: Trend Micro Personal Firewall (TmPfw) — Trend Micro Inc. — C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe
O23 — Service: Trend Micro Proxy Service (tmproxy) — Trend Micro Inc. — C:Program FilesTrend MicroInternet SecurityTmProxy.exe
O23 — Service: @%SystemRoot%system32ui0detect.exe,-101 (UI0Detect) — Unknown owner — C:Windowssystem32UI0Detect.exe (file missing)
O23 — Service: @%SystemRoot%system32vds.exe,-100 (vds) — Unknown owner — C:WindowsSystem32vds.exe (file missing)
O23 — Service: @%systemroot%system32vssvc.exe,-102 (VSS) — Unknown owner — C:Windowssystem32vssvc.exe (file missing)
O23 — Service: Dell Wireless WLAN Tray Service (wltrysvc) — Unknown owner — C:WindowsSystem32WLTRYSVC.EXE (file missing)
O23 — Service: @%Systemroot%system32wbemwmiapsrv.exe,-110 (wmiApSrv) — Unknown owner — C:Windowssystem32wbemWmiApSrv.exe (file missing)
O23 — Service: @%ProgramFiles%Windows Media Playerwmpnetwk.exe,-101 (WMPNetworkSvc) — Unknown owner — C:Program Files (x86)Windows Media Playerwmpnetwk.exe (file missing)

—
End of file — 14472 bytes

======Scheduled tasks folder======

C:WindowstasksGoogleUpdateTaskMachineCore.job
C:WindowstasksGoogleUpdateTaskMachineUA.job
C:WindowstasksGoogleUpdateTaskUserS-1-5-21-3312132438-936696768-3914326451-1000Core.job
C:WindowstasksGoogleUpdateTaskUserS-1-5-21-3312132438-936696768-3914326451-1000UA.job
C:WindowstasksNorton Security Scan for lulu.job

======Registry dump======

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}]
&Yahoo! Toolbar Helper — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll [2009-07-31 909040]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}]
Adobe PDF Link Helper — C:Program Files (x86)Common FilesAdobeAcrobatActiveXAcroIEHelperShim.dll [2009-02-27 75128]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{22BF413B-C6D2-4d91-82A9-A0F997BA588C}]
Skype add-on (mastermind) — C:Program Files (x86)SkypeToolbarsInternet ExplorerSkypeIEPlugin.dll [2009-05-27 1088296]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{5C255C8A-E604-49b4-9D64-90988571CECB}]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{6EBF7485-159F-4bff-A14F-B9E3AAC4465B}]
Search Helper — C:Program Files (x86)MicrosoftSearch Enhancement PackSearch HelperSEPsearchhelperie.dll [2009-05-19 137600]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper — C:PROGRA~2MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live Sign-in Helper — C:Program Files (x86)Common FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll [2009-02-18 408440]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{A2F122DA-055F-4df7-8F24-7354DBDBA85B}]
FAIESSOHelper Class — C:Program Files (x86)Sensible VisionFast AccessFAIESSO.dll [2008-09-06 206080]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2009-09-12 256112]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO — C:Program Files (x86)GoogleGoogleToolbarNotifier5.3.4501.1418swg.dll [2009-09-18 762864]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{C84D72FE-E17D-4195-BB24-76C02E2E7C4E}]
Google Dictionary Compression sdch — C:Program Files (x86)GoogleGoogle ToolbarComponentfastsearch_B7C5AC242193BB3E.dll [2009-09-12 458736]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper — C:Program Files (x86)Javajre6binjp2ssv.dll [2009-07-25 41760]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{E15A8DC0-8516-42A1-81EA-DC94EC1ACF10}]
Windows Live Toolbar Helper — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-09 1067352]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}]
SingleInstance Class — C:Program Files (x86)Yahoo!CompanionInstallscpnYTSingleInstance.dll [2009-07-31 159472]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerToolbar]
{21FA44EF-376D-4D53-9B0F-8A89D3229068} — &Windows Live Toolbar — C:Program Files (x86)Windows LiveToolbarwltcore.dll [2008-12-09 1067352]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} — Google Toolbar — C:Program Files (x86)GoogleGoogle ToolbarGoogleToolbar_32.dll [2009-09-12 256112]
{EF99BD32-C1FB-11D2-892F-0090271D4F88} — Yahoo! Toolbar — C:Program Files (x86)Yahoo!CompanionInstallscpnyt.dll [2009-07-31 909040]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRun]
«FATrayAlert»=C:Program Files (x86)Sensible VisionFast AccessFATrayMon.exe [2008-09-06 95488]
«Dell Webcam Central»=C:Program Files (x86)Dell WebcamDell Webcam CentralWebcamDell.exe [2008-06-04 446635]
«FAStartup»= []
«PCMService»=C:Program Files (x86)DellMediaDirectPCMService.exe [2008-01-14 132392]
«GrooveMonitor»=C:Program Files (x86)Microsoft OfficeOffice12GrooveMonitor.exe [2006-10-27 31016]
«Adobe Reader Speed Launcher»=C:Program Files (x86)AdobeReader 9.0ReaderReader_sl.exe [2009-02-28 35696]
«QuickTime Task»=C:Program Files (x86)QuickTimeQTTask.exe [2009-05-27 413696]
«Samsung PanelMgr»=C:WindowsSamsungPanelMgrSSMMgr.exe [2008-03-03 536576]
«TkBellExe»=C:Program Files (x86)Common FilesRealUpdate_OBrealsched.exe [2009-09-05 185896]
«SMSTray»=C:Program Files (x86)SamsungEmoDioSMSTray.exe [2008-09-17 484880]
«iTunesHelper»=C:Program Files (x86)iTunesiTunesHelper.exe [2009-07-13 292128]
«SunJavaUpdateSched»=C:Program Files (x86)Javajre6binjusched.exe [2009-07-25 149280]
«Malwarebytes Anti-Malware (reboot)»=C:Program Files (x86)Malwarebytes’ Anti-Malwarembam.exe [2009-09-10 1312080]

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun]
«Sidebar»=C:Program FilesWindows Sidebarsidebar.exe [2008-01-21 1555968]
«Skype»=C:Program Files (x86)SkypePhoneSkype.exe [2009-05-27 24264488]
«swg»=C:Program Files (x86)GoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe [2009-06-16 39408]
«SightSpeed»=C:Program Files (x86)Dell Video ChatDellVideoChat.exe [2008-12-18 4823928]
«Google Update»=C:UsersluluAppDataLocalGoogleUpdateGoogleUpdate.exe [2009-06-16 133104]
«ehTray.exe»=C:WindowsehomeehTray.exe [2008-01-21 138240]
«WMPNSCFG»=C:Program Files (x86)Windows Media PlayerWMPNSCFG.exe []
«Messenger (Yahoo!)»=C:Program Files (x86)Yahoo!MessengerYahooMessenger.exe [2009-05-26 4351216]

C:Documents and SettingsAll UsersStart MenuProgramsStartup
QuickSet.lnk — C:Program Files (x86)DellQuickSetquickset.exe

C:UsersluluAppDataRoamingMicrosoftWindowsStart MenuProgramsStartup
ViiKiiDesktopPlugin.lnk — C:Program Files (x86)ViiKiiDesktopPluginViiKiiDesktopPlugin.exe

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionWinlogonNotifyFastAccess]
C:Program Files (x86)Sensible VisionFast AccessFALogNot.dll [2008-09-06 140544]

[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionExplorerShellExecuteHooks]
«{B5A7F190-DDA6-4420-B3BA-52453494E6CD}»=C:PROGRA~2MICROS~2Office12GRA8E1~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlLsa]
«notification packages»=scecli
FAPassSync

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalPEVSystemStart]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkPEVSystemStart]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkprocexp90.Sys]

[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootnetworkWdf01000.sys]

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesSystem]
«dontdisplaylastusername»=0
«legalnoticecaption»=
«legalnoticetext»=
«shutdownwithoutlogon»=1
«undockwithoutlogon»=1
«EnableUIADesktopToggle»=0

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoDriveAutoRun»=FFFFFFFF
«NoDriveTypeAutoRun»=36

[HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionPoliciesexplorer]
«NoActiveDesktop»=
«ForceActiveDesktopOn»=
«NoActiveDesktopChanges»=

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicystandardprofileauthorizedapplicationslist]

[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetservicessharedaccessparametersfirewallpolicydomainprofileauthorizedapplicationslist]

======File associations======

.inf — open — %SystemRoot%SysWow64NOTEPAD.EXE %1
.js — edit — C:WindowsSysWOW64Notepad.exe %1
.js — open — C:WindowsSysWOW64WScript.exe «%1» %*

======List of files/folders created in the last 1 months======

2009-10-01 20:54:27 —-D—- C:_OTM
2009-09-30 18:56:58 —-D—- C:Program Files (x86)UniKey
2009-09-29 18:01:54 —-A—- C:Bug.txt
2009-09-29 18:01:34 —-D—- C:32788R22FWJFW
2009-09-29 17:59:58 —-D—- C:ComboFix
2009-09-29 17:59:56 —-A—- C:Windowssystem32CF6512.exe
2009-09-29 17:31:13 —-RASHD—- C:autorun.inf
2009-09-29 17:25:52 —-D—- C:rsit
2009-09-29 17:25:52 —-D—- C:Program Files (x86)trend micro
2009-09-29 06:23:19 —-D—- C:WTablet
2009-09-28 21:04:37 —-A—- C:Windowssystem32CF9374.exe
2009-09-28 20:54:21 —-A—- C:Windowssystem32xvidvfw.dll
2009-09-28 20:54:21 —-A—- C:Windowssystem32xvidcore.dll
2009-09-28 20:54:19 —-A—- C:Windowssystem32pthreadGC2.dll
2009-09-28 20:54:19 —-A—- C:Windowssystem32ff_vfw.dll
2009-09-28 18:22:36 —-D—- C:UsersluluAppDataRoamingViiKiiDesktopPlugin.5E22EA0FF243470AB5EDDF282C0A5B52E9909C36.1
2009-09-28 18:22:29 —-D—- C:Program Files (x86)ViiKiiDesktopPlugin
2009-09-28 18:22:25 —-D—- C:Program Files (x86)Common FilesAdobe AIR
2009-09-27 19:08:39 —-A—- C:Windowssystem32XAudio2_5.dll
2009-09-27 19:08:38 —-A—- C:Windowssystem32xactengine3_5.dll
2009-09-27 19:08:37 —-A—- C:Windowssystem32D3DCompiler_42.dll
2009-09-27 19:08:36 —-A—- C:Windowssystem32d3dcsx_42.dll
2009-09-27 19:08:35 —-A—- C:Windowssystem32d3dx11_42.dll
2009-09-27 19:08:35 —-A—- C:Windowssystem32d3dx10_42.dll
2009-09-27 19:08:34 —-A—- C:Windowssystem32D3DX9_42.dll
2009-09-27 19:08:33 —-A—- C:Windowssystem32d3dx10_41.dll
2009-09-27 19:08:33 —-A—- C:Windowssystem32D3DCompiler_41.dll
2009-09-27 19:08:32 —-A—- C:Windowssystem32D3DX9_41.dll
2009-09-27 19:08:31 —-A—- C:Windowssystem32XAudio2_4.dll
2009-09-27 19:08:31 —-A—- C:Windowssystem32XAPOFX1_3.dll
2009-09-27 19:08:30 —-A—- C:Windowssystem32xactengine3_4.dll
2009-09-27 19:08:30 —-A—- C:Windowssystem32X3DAudio1_6.dll
2009-09-27 19:08:29 —-A—- C:Windowssystem32d3dx10_40.dll
2009-09-27 19:08:29 —-A—- C:Windowssystem32D3DCompiler_40.dll
2009-09-27 19:08:28 —-A—- C:Windowssystem32D3DX9_40.dll
2009-09-27 19:08:27 —-A—- C:Windowssystem32XAudio2_3.dll
2009-09-27 19:08:27 —-A—- C:Windowssystem32XAPOFX1_2.dll
2009-09-27 19:08:26 —-A—- C:Windowssystem32xactengine3_3.dll
2009-09-27 19:08:26 —-A—- C:Windowssystem32X3DAudio1_5.dll
2009-09-27 19:08:25 —-A—- C:Windowssystem32XAudio2_2.dll
2009-09-27 19:08:25 —-A—- C:Windowssystem32XAPOFX1_1.dll
2009-09-27 19:08:24 —-A—- C:Windowssystem32xactengine3_2.dll
2009-09-27 19:08:22 —-A—- C:Windowssystem32d3dx10_39.dll
2009-09-27 19:08:22 —-A—- C:Windowssystem32D3DCompiler_39.dll
2009-09-27 19:08:21 —-A—- C:Windowssystem32XAudio2_1.dll
2009-09-27 19:08:21 —-A—- C:Windowssystem32XAPOFX1_0.dll
2009-09-27 19:08:21 —-A—- C:Windowssystem32D3DX9_39.dll
2009-09-27 19:08:20 —-A—- C:Windowssystem32xactengine3_1.dll
2009-09-27 19:08:20 —-A—- C:Windowssystem32X3DAudio1_4.dll
2009-09-27 19:08:19 —-A—- C:Windowssystem32d3dx10_38.dll
2009-09-27 19:08:19 —-A—- C:Windowssystem32D3DCompiler_38.dll
2009-09-27 19:08:18 —-A—- C:Windowssystem32D3DX9_38.dll
2009-09-27 19:08:16 —-A—- C:Windowssystem32XAudio2_0.dll
2009-09-27 19:08:15 —-A—- C:Windowssystem32xactengine3_0.dll
2009-09-27 19:08:15 —-A—- C:Windowssystem32X3DAudio1_3.dll
2009-09-27 19:08:14 —-A—- C:Windowssystem32d3dx10_37.dll
2009-09-27 19:08:14 —-A—- C:Windowssystem32D3DCompiler_37.dll
2009-09-27 19:08:13 —-A—- C:Windowssystem32xactengine2_10.dll
2009-09-27 19:08:13 —-A—- C:Windowssystem32D3DX9_37.dll
2009-09-27 19:08:11 —-A—- C:Windowssystem32d3dx10_36.dll
2009-09-27 19:08:11 —-A—- C:Windowssystem32D3DCompiler_36.dll
2009-09-27 19:08:10 —-A—- C:Windowssystem32d3dx9_36.dll
2009-09-27 19:08:08 —-A—- C:Windowssystem32xactengine2_9.dll
2009-09-27 19:08:07 —-A—- C:Windowssystem32d3dx10_35.dll
2009-09-27 19:08:07 —-A—- C:Windowssystem32D3DCompiler_35.dll
2009-09-27 19:08:06 —-A—- C:Windowssystem32d3dx9_35.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32xactengine2_8.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32X3DAudio1_2.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32d3dx10_34.dll
2009-09-27 19:08:04 —-A—- C:Windowssystem32D3DCompiler_34.dll
2009-09-27 19:08:03 —-A—- C:Windowssystem32d3dx9_34.dll
2009-09-27 19:08:02 —-A—- C:Windowssystem32xinput1_3.dll
2009-09-27 19:08:01 —-A—- C:Windowssystem32xactengine2_7.dll
2009-09-27 19:08:01 —-A—- C:Windowssystem32d3dx10_33.dll
2009-09-27 19:08:01 —-A—- C:Windowssystem32D3DCompiler_33.dll
2009-09-27 19:08:00 —-A—- C:Windowssystem32d3dx9_33.dll
2009-09-27 19:07:58 —-A—- C:Windowssystem32xactengine2_6.dll
2009-09-27 19:07:57 —-A—- C:Windowssystem32xactengine2_5.dll
2009-09-27 19:07:57 —-A—- C:Windowssystem32d3dx10.dll
2009-09-27 19:07:56 —-A—- C:Windowssystem32xactengine2_4.dll
2009-09-27 19:07:56 —-A—- C:Windowssystem32x3daudio1_1.dll
2009-09-27 19:07:55 —-A—- C:Windowssystem32xactengine2_3.dll
2009-09-27 19:07:55 —-A—- C:Windowssystem32d3dx9_31.dll
2009-09-27 19:07:54 —-A—- C:Windowssystem32xinput1_2.dll
2009-09-27 19:07:54 —-A—- C:Windowssystem32xactengine2_2.dll
2009-09-27 19:07:53 —-A—- C:Windowssystem32xinput1_1.dll
2009-09-27 19:07:52 —-A—- C:Windowssystem32xactengine2_1.dll
2009-09-27 19:07:50 —-A—- C:Windowssystem32d3dx9_30.dll
2009-09-27 19:07:48 —-A—- C:Windowssystem32xactengine2_0.dll
2009-09-27 19:07:48 —-A—- C:Windowssystem32x3daudio1_0.dll
2009-09-27 19:07:48 —-A—- C:Windowssystem32d3dx9_29.dll
2009-09-27 19:07:47 —-A—- C:Windowssystem32d3dx9_28.dll
2009-09-27 19:07:46 —-A—- C:Windowssystem32d3dx9_27.dll
2009-09-27 19:07:44 —-A—- C:Windowssystem32d3dx9_26.dll
2009-09-27 19:07:43 —-A—- C:Windowssystem32d3dx9_25.dll
2009-09-27 19:07:42 —-A—- C:Windowssystem32d3dx9_24.dll
2009-09-27 18:59:08 —-HD—- C:Windowsmsdownld.tmp
2009-09-27 18:59:06 —-D—- C:Windowssystem32directx
2009-09-23 19:22:06 —-D—- C:FPC
2009-09-23 17:27:03 —-A—- C:Windowsunvise32.exe
2009-09-23 17:27:02 —-D—- C:Program Files (x86)DivXLand
2009-09-23 16:59:29 —-D—- C:Program Files (x86)DivX
2009-09-23 16:45:55 —-D—- C:Program Files (x86)Avi2Dvd
2009-09-21 21:22:31 —-D—- C:Program Files (x86)URUSoft
2009-09-20 21:04:22 —-D—- C:ProgramDataYahoo! Companion
2009-09-19 16:03:26 —-D—- C:Program Files (x86)TVAnts
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTWMVFile.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTWMAFile2.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTVideoFile.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTVideoCoreM.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTVideoCompress.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAVIFile.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAudioFormatSettings3.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAudioCompress3.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32NCTAudioCompress2.dll
2009-09-19 11:34:10 —-A—- C:Windowssystem32msvcp70.dll
2009-09-14 06:25:52 —-A—- C:Windowssystem32javaws.exe
2009-09-14 06:25:52 —-A—- C:Windowssystem32javaw.exe
2009-09-14 06:25:52 —-A—- C:Windowssystem32java.exe
2009-09-13 18:37:44 —-D—- C:Program Files (x86)CCleaner
2009-09-13 07:09:25 —-D—- C:System32
2009-09-12 19:59:30 —-D—- C:Windowssystem32crc
2009-09-12 19:42:01 —-A—- C:Windowssystem32fscflist.ini.tmp
2009-09-12 19:41:15 —-A—- C:Windowssystem32nod.dll
2009-09-12 19:40:53 —-A—- C:Windowssystem32fscflist.ini
2009-09-12 19:40:39 —-A—- C:Windowssystem32fscagent.ini.tmp
2009-09-12 19:40:39 —-A—- C:Windowssystem32fscagent.ini
2009-09-12 15:43:14 —-D—- C:Program Files (x86)Cheat Engine
2009-09-11 21:22:10 —-D—- C:UsersluluAppDataRoamingBitTorrent
2009-09-11 21:22:06 —-D—- C:Program Files (x86)BitTorrent
2009-09-10 22:19:46 —-A—- C:Windowsdd_ATL90SP1_KB973924MSI5FCB.txt
2009-09-10 22:19:45 —-A—- C:Windowsdd_ATL90SP1_KB973924UI5FCB.txt
2009-09-09 20:38:02 —-D—- C:UsersluluAppDataRoamingBroad Intelligence
2009-09-09 20:34:00 —-D—- C:Program Files (x86)AviSynth 2.5
2009-09-09 19:52:46 —-D—- C:WMSDK
2009-09-09 19:51:01 —-D—- C:Program Files (x86)MediaCoder
2009-09-09 17:19:54 —-A—- C:Windowssystem32netiohlp.dll
2009-09-09 17:19:53 —-A—- C:Windowssystem32TCPSVCS.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32ROUTE.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32NETSTAT.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32MRINFO.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32HOSTNAME.EXE
2009-09-09 17:19:53 —-A—- C:Windowssystem32finger.exe
2009-09-09 17:19:53 —-A—- C:Windowssystem32ARP.EXE
2009-09-09 17:19:52 —-A—- C:Windowssystem32netevent.dll
2009-09-09 17:19:13 —-A—- C:Windowssystem32WMVCORE.DLL
2009-09-09 17:19:13 —-A—- C:Windowssystem32mf.dll
2009-09-09 17:17:42 —-A—- C:Windowssystem32jscript.dll
2009-09-09 17:17:39 —-A—- C:Windowssystem32wlanmsm.dll
2009-09-09 17:17:38 —-A—- C:Windowssystem32wlansec.dll
2009-09-09 17:17:38 —-A—- C:Windowssystem32L2SecHC.dll
2009-09-09 16:21:20 —-A—- C:Windowssystem32NowUpdate.exe
2009-09-09 16:18:13 —-D—- C:Program Files (x86)ICQ6Toolbar
2009-09-09 16:18:11 —-D—- C:ProgramDataICQ
2009-09-09 16:17:47 —-D—- C:UsersluluAppDataRoamingICQ
2009-09-09 16:17:00 —-D—- C:Program Files (x86)ICQ6.5
2009-09-06 20:52:07 —-D—- C:UsersluluAppDataRoamingApple Computer
2009-09-06 20:51:25 —-A—- C:Windowssystem32GEARAspi.dll
2009-09-06 20:50:53 —-D—- C:Program Files (x86)iPod
2009-09-06 20:50:47 —-D—- C:ProgramData{35733029-9859-49C7-8475-1E78E2AAE413}
2009-09-06 20:50:47 —-D—- C:Program Files (x86)iTunes
2009-09-06 20:50:02 —-D—- C:Program Files (x86)Bonjour
2009-09-06 20:48:26 —-D—- C:Program Files (x86)Common FilesApple
2009-09-06 20:46:39 —-D—- C:Program Files (x86)MarkAny
2009-09-06 19:40:50 —-D—- C:WindowsBDOSCAN8
2009-09-06 18:14:07 —-D—- C:Program Files (x86)ESET
2009-09-05 23:30:15 —-D—- C:Program Files (x86)Common Filesxing shared
2009-09-05 23:29:56 —-A—- C:Windowssystem32rmoc3260.dll
2009-09-05 23:29:42 —-A—- C:Windowssystem32pndx5032.dll
2009-09-05 23:29:42 —-A—- C:Windowssystem32pndx5016.dll
2009-09-05 23:29:40 —-A—- C:Windowssystem32pncrt.dll
2009-09-05 23:29:33 —-D—- C:Program Files (x86)Common FilesReal
2009-09-05 23:29:32 —-D—- C:Program Files (x86)Real
2009-09-05 23:28:45 —-D—- C:UsersluluAppDataRoamingReal
2009-09-04 19:20:46 —-D—- C:ProgramDataRoxio
2009-09-04 19:20:45 —-D—- C:UsersluluAppDataRoamingRoxio
2009-09-03 17:53:07 —-D—- C:Windowssystem32IOSUBSYS
2009-09-03 05:44:54 —-A—- C:Windowssystem32GameUXLegacyGDFs.dll
2009-09-03 05:44:54 —-A—- C:Windowssystem32Apphlpdm.dll
2009-09-02 18:16:15 —-D—- C:UsersluluAppDataRoamingMalwarebytes
2009-09-02 18:16:06 —-D—- C:ProgramDataMalwarebytes
2009-09-02 18:16:06 —-D—- C:Program Files (x86)Malwarebytes’ Anti-Malware
2009-09-02 18:14:10 —-A—- C:Windowssystem32CF12940.exe
2009-09-02 18:14:09 —-A—- C:Windowssystem32swsc.exe
2009-09-02 18:13:51 —-A—- C:Windowssystem32cmd.execf

======List of files/folders modified in the last 1 months======

2009-10-01 21:40:47 —-D—- C:WindowsTemp
2009-10-01 21:37:20 —-D—- C:UsersluluAppDataRoamingSkype
2009-10-01 21:35:36 —-D—- C:UsersluluAppDataRoamingWTablet
2009-10-01 21:34:32 —-D—- C:WindowsSystem32
2009-10-01 21:29:49 —-D—- C:Windowsinf
2009-10-01 20:50:23 —-D—- C:UsersluluAppDataRoamingskypePM
2009-09-30 18:56:58 —-RD—- C:Program Files (x86)
2009-09-30 18:00:51 —-D—- C:Program Files (x86)Common FilesSymantec Shared
2009-09-30 10:39:57 —-D—- C:WindowsSysWOW64
2009-09-29 19:51:59 —-SHD—- C:System Volume Information
2009-09-29 17:10:07 —-D—- C:Windowssystem32drivers
2009-09-29 07:10:59 —-D—- C:Windows
2009-09-28 20:54:56 —-D—- C:Program Files (x86)Mozilla Firefox
2009-09-28 20:54:36 —-D—- C:Program Files (x86)K-Lite Codec Pack
2009-09-28 20:52:16 —-D—- C:ProgramDataYahoo!
2009-09-28 20:52:16 —-D—- C:Program Files (x86)Yahoo!
2009-09-28 20:48:45 —-SHD—- C:WindowsInstaller
2009-09-28 20:48:45 —-D—- C:DELL
2009-09-28 20:48:08 —-D—- C:Program Files (x86)Adobe
2009-09-28 18:22:35 —-D—- C:ProgramDataAdobe
2009-09-28 18:22:25 —-D—- C:Program Files (x86)Common Files
2009-09-28 18:22:05 —-D—- C:UsersluluAppDataRoamingAdobe
2009-09-27 19:07:52 —-RSD—- C:Windowsassembly
2009-09-27 19:07:33 —-D—- C:WindowsMicrosoft.NET
2009-09-27 18:59:05 —-D—- C:WindowsLogs
2009-09-27 08:55:14 —-D—- C:WindowsPrefetch
2009-09-23 16:56:52 —-D—- C:Windowssystem
2009-09-21 06:34:07 —-RD—- C:Program Files
2009-09-20 21:04:22 —-HD—- C:ProgramData
2009-09-20 10:12:46 —-SD—- C:WindowsDownloaded Program Files
2009-09-14 06:25:48 —-D—- C:Program Files (x86)Java
2009-09-13 18:38:17 —-D—- C:WindowsMinidump
2009-09-13 18:38:17 —-D—- C:WindowsDebug
2009-09-10 22:20:04 —-D—- C:Windowswinsxs
2009-09-10 10:32:27 —-D—- C:Windowsrescache
2009-09-10 10:16:20 —-D—- C:Program Files (x86)Microsoft Silverlight
2009-09-10 10:15:15 —-D—- C:Windowssystem32en-US
2009-09-10 10:15:15 —-D—- C:Windowsehome
2009-09-10 10:15:15 —-D—- C:Program Files (x86)Windows Mail
2009-09-10 06:07:50 —-D—- C:ProgramDataMicrosoft Help
2009-09-09 16:18:30 —-HD—- C:Program Files (x86)InstallShield Installation Information
2009-09-08 15:51:04 —-D—- C:ProgramDataTrend Micro
2009-09-06 20:50:47 —-D—- C:ProgramDataApple Computer
2009-09-06 20:46:05 —-D—- C:Program Files (x86)Samsung
2009-09-04 10:26:07 —-D—- C:HINH ANH
2009-09-04 03:06:44 —-D—- C:WindowsAppPatch
2009-09-03 17:53:23 —-D—- C:Program Files (x86)Common FilesPX Storage Engine
2009-09-03 17:52:55 —-D—- C:Program Files (x86)Google

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R1 tmlwf;Trend Micro NDIS 6.0 Filter Driver; C:Windowssystem32DRIVERStmlwf.sys []
R1 tmtdi;Trend Micro TDI Driver; C:Windowssystem32DRIVERStmtdi.sys []
R2 rimmptsk;rimmptsk; C:Windowssystem32DRIVERSrimmpx64.sys []
R2 rimsptsk;rimsptsk; C:Windowssystem32DRIVERSrimspx64.sys []
R2 rismxdp;Ricoh xD-Picture Card Driver; C:Windowssystem32DRIVERSrixdpx64.sys []
R2 SSPORT;SSPORT; ??C:Windowssystem32DriversSSPORT.sys []
R2 tmpreflt;tmpreflt; C:Windowssystem32DRIVERStmpreflt.sys []
R2 tmwfp;Trend Micro WFP Callout Driver; C:Windowssystem32DRIVERStmwfp.sys []
R2 tmxpflt;tmxpflt; C:Windowssystem32DRIVERStmxpflt.sys []
R2 vsapint;vsapint; C:Windowssystem32DRIVERSvsapint.sys []
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows XP/Vista x64; C:Windowssystem32DRIVERSApfiltr.sys []
R3 BCM42RLY;BCM42RLY; C:Windowssystem32driversBCM42RLY.sys []
R3 BCM43XX;Dell Wireless WLAN Card Driver; C:Windowssystem32DRIVERSbcmwl664.sys []
R3 CmBatt;Microsoft ACPI Control Method Battery Driver; C:Windowssystem32DRIVERSCmBatt.sys []
R3 FACAP;facap, FastAccess Video Capture; C:Windowssystem32DRIVERSfacap.sys []
R3 GEARAspiWDM;GEAR ASPI Filter Driver; C:Windowssystem32DRIVERSGEARAspiWDM.sys []
R3 igfx;igfx; C:Windowssystem32DRIVERSigdkmd64.sys []
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:Windowssystem32driversIntcHdmi.sys []
R3 itecir;ITECIR Infrared Receiver; C:Windowssystem32DRIVERSitecir.sys []
R3 k57nd60a;Broadcom NetLink (TM) Gigabit Ethernet — NDIS 6.0; C:Windowssystem32DRIVERSk57nd60a.sys []
R3 ksthunk;Kernel Streaming Thunks; C:Windowssystem32driversksthunk.sys []
R3 MSPCLOCK;Microsoft Streaming Clock Proxy; C:Windowssystem32driversMSPCLOCK.sys []
R3 MSPQM;Microsoft Streaming Quality Manager Proxy; C:Windowssystem32driversMSPQM.sys []
R3 OA001Ufd;Creative Camera OA001 Upper Filter Driver; C:Windowssystem32DRIVERSOA001Ufd.sys []
R3 OA001Vid;Creative Camera OA001 Function Driver; C:Windowssystem32DRIVERSOA001Vid.sys []
R3 sdbus;sdbus; C:Windowssystem32DRIVERSsdbus.sys []
R3 STHDA;IDT High Definition Audio CODEC; C:Windowssystem32DRIVERSstwrt64.sys []
R3 wacommousefilter;Wacom Mouse Filter Driver; C:Windowssystem32DRIVERSwacommousefilter.sys []
R3 wacomvhid;Wacom Virtual Hid Driver; C:Windowssystem32DRIVERSwacomvhid.sys []
R3 WmiAcpi;Microsoft Windows Management Interface for ACPI; C:Windowssystem32DRIVERSwmiacpi.sys []
R3 WUDFRd;WUDFRd; C:Windowssystem32DRIVERSWUDFRd.sys []
S2 DgiVecp;DgiVecp; ??C:Windowssystem32DriversDgiVecp.sys []
S3 CrystalSysInfo;CrystalSysInfo; ??C:Program Files (x86)MediaCoderSysInfoX64.sys [2007-09-25 18128]
S3 drmkaud;Microsoft Kernel DRM Audio Descrambler; C:Windowssystem32driversdrmkaud.sys []
S3 e1express;Intel(R) PRO/1000 PCI Express Network Connection Driver; C:Windowssystem32DRIVERSe1e6032e.sys []
S3 MSKSSRV;Microsoft Streaming Service Proxy; C:Windowssystem32driversMSKSSRV.sys []
S3 MSTEE;Microsoft Streaming Tee/Sink-to-Sink Converter; C:Windowssystem32driversMSTEE.sys []
S3 R300;R300; C:Windowssystem32DRIVERSatikmdag.sys []
S3 usbscan;USB Scanner Driver; C:Windowssystem32DRIVERSusbscan.sys []
S3 WpdUsb;WpdUsb; C:Windowssystem32DRIVERSwpdusb.sys []
S4 ErrDev;Microsoft Hardware Error Device Driver; C:Windowssystem32driverserrdev.sys []
S4 MegaSR;MegaSR; C:Windowssystem32driversmegasr.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AESTFilters;Andrea ST Filters Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cAESTSr64.exe []
R2 Apple Mobile Device;Apple Mobile Device; C:Program Files (x86)Common FilesAppleMobile Device SupportbinAppleMobileDeviceService.exe [2009-07-09 144712]
R2 Bonjour Service;Bonjour Service; C:Program Files (x86)BonjourmDNSResponder.exe [2008-12-12 238888]
R2 DockLoginService;Dock Login Service; C:Program FilesDellDellDockDockLogin.exe [2008-12-18 155648]
R2 FAService;FAService; C:Program Files (x86)Sensible VisionFast AccessFAService.exe [2008-09-06 2340096]
R2 SeaPort;SeaPort; C:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exe [2009-05-19 240512]
R2 SfCtlCom;Trend Micro Central Control Component; C:Program FilesTrend MicroInternet SecuritySfCtlCom.exe [2009-04-11 821000]
R2 STacSV;Audio Service; C:WindowsSystem32DriverStoreFileRepositorystwrt64.inf_cce24a4cSTacSV64.exe []
R2 TabletService;TabletService; C:Windowssystem32Tablet.exe []
R2 TMBMServer;Trend Micro Unauthorized Change Prevention Service; C:Program FilesTrend MicroBMTMBMSRV.exe [2008-10-03 563464]
R2 wltrysvc;Dell Wireless WLAN Tray Service; C:WindowsSystem32WLTRYSVC.EXE C:WindowsSystem32bcmwltry.exe []
R3 iPod Service;iPod Service; C:Program Files (x86)iPodbiniPodService.exe [2009-07-13 542496]
R3 TmPfw;Trend Micro Personal Firewall; C:PROGRA~1TRENDM~1INTERN~1TmPfw.exe [2009-04-11 587696]
R3 tmproxy;Trend Micro Proxy Service; C:Program FilesTrend MicroInternet SecurityTmProxy.exe [2008-10-03 854280]
S2 gupdate1c9eea238f51b07;Google Update Service (gupdate1c9eea238f51b07); C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2009-06-16 133104]
S3 clr_optimization_v2.0.50727_64;Microsoft .NET Framework NGEN v2.0.50727_X64; C:WindowsMicrosoft.NETFramework64v2.0.50727mscorsvw.exe [2008-07-27 93184]
S3 GameConsoleService;GameConsoleService; C:Program Files (x86)WildTangentDell GamesDell Game ConsoleGameConsoleService.exe [2009-06-06 250616]
S3 gusvc;Google Software Updater; C:Program Files (x86)GoogleCommonGoogle UpdaterGoogleUpdaterService.exe [2009-06-16 182768]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:Program Files (x86)Microsoft OfficeOffice12GrooveAuditService.exe [2006-10-27 65824]
S3 odserv;Microsoft Office Diagnostics Service; C:Program Files (x86)Common FilesMicrosoft SharedOFFICE12ODSERV.EXE [2006-10-27 441136]
S3 ose;Office Source Engine; C:Program Files (x86)Common FilesMicrosoft SharedSource EngineOSE.EXE [2006-10-26 145184]
S3 PerfHost;@%systemroot%sysWow64perfhost.exe,-2; C:WindowsSysWow64perfhost.exe [2008-01-21 19968]
S3 stllssvr;stllssvr; C:Program Files (x86)Common FilesSureThing Sharedstllssvr.exe [2008-03-24 74384]

---

EOF

---

[Admin]

Лог выглядит нормально.
Как работает компьютер ?

[taska7]

уже все отлично)) спасибо вам за помощь!!!

[Admin]

Несколько дополнительных советов.

Запустите ваш антивирус и проверьте состояние автоматической защиты. Включите, если она выключена.

Не забывайте обновлять Windows, ваши программы и особенно ваш антивирус.

Не посещайте незнакомые сайты, очень внимательно относитесь к файлам скаченным с Интернета.

Всего доброго!

[Автор]

Сообщения