DDS (Ver_10-03-17.01) - NTFSX64 Run by ASUS at 6:32:41,02 on ned 27.06.2010 Internet Explorer: 8.0.7600.16385 Microsoft Windows 7 Ultimate SP: SUPERAntiSpyware *disabled* (Updated) {222A897C-5018-402e-943F-7E7AC8560DA7} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\atiesrxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\system32\atieclxx.exe C:\Windows\system32\FBAgent.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ASLDRSrv.exe C:\Program Files\ATKGFNEX\GFNEXSrv.exe C:\Program Files\Avast5\AvastSvc.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Windows\System32\spoolsv.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControl.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\system32\taskeng.exe C:\Program Files (x86)\ASUS\Net4Switch\Net4Switch.exe C:\Program Files (x86)\ASUS\ControlDeck\ControlDeckStartUp.exe C:\Program Files (x86)\ASUS\Splendid\ACMON.exe C:\Program Files (x86)\ASUS\ASUS CopyProtect\aspg.exe C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe C:\Program Files\ASUS\BatteryLife.exe C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe C:\Program Files\Elantech\ETDCtrl.exe C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame.exe C:\Windows\SysWOW64\ACEngSvr.exe C:\Portable\Real Temp\RealTemp.exe C:\Windows\system32\presentationsettings.exe C:\Program Files (x86)\ASUS\ATK Hotkey\HControlUser.exe C:\Program Files (x86)\ASUS\ATK Media\DMedia.exe C:\Program Files (x86)\ASUS\ATKOSD2\ATKOSD2.exe C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Avast5\AvastUI.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\ASUS\Asus MultiFrame\MultiFrame32.exe C:\Windows\system32\SearchIndexer.exe C:\Program Files (x86)\ASUS\ATK Hotkey\ATKOSD.exe C:\Program Files (x86)\ASUS\ATK Hotkey\WDC.exe C:\Program Files (x86)\Opera\opera.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMTray.exe C:\Program Files (x86)\ASUS\ASUS Data Security Manager\ADSMSrv.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\ASUS\NB Probe\SPM\spmgr.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\ASUS\Desktop\dds.scr C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== mLocal Page = c:\windows\syswow64\blank.htm uInternet Settings,ProxyOverride = BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files (x86)\common files\microsoft shared\windows live\WindowsLiveLogin.dll uRun: [NB Probe] mRun: [HControlUser] c:\program files (x86)\asus\atk hotkey\HControlUser.exe mRun: [ATKMEDIA] c:\program files (x86)\asus\atk media\DMedia.exe mRun: [ATKOSD2] c:\program files (x86)\asus\atkosd2\ATKOSD2.exe mRun: [NUSB3MON] "c:\program files (x86)\nec electronics\usb 3.0 host controller driver\application\nusb3mon.exe" mRun: [avast5] "c:\program files\avast5\avastUI.exe" /nogui StartupFolder: c:\users\asus\appdata\roaming\micros~1\windows\startm~1\programs\startup\multif~1.lnk - c:\program files (x86)\asus\asus multiframe\MultiFrame.exe StartupFolder: c:\users\asus\appdata\roaming\micros~1\windows\startm~1\programs\startup\realtemp.lnk - c:\portable\real temp\RealTemp.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: ForceActiveDesktopOn = 0 (0x0) mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) mPolicies-system: PromptOnSecureDesktop = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~2\micros~4\office12\EXCEL.EXE/3000 IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - c:\program files (x86)\windows live\writer\WriterBrowserExtension.dll BHO-X64: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll mRun-x64: [AmIcoSinglun64] c:\program files (x86)\amicosinglun\AmIcoSinglun64.exe mRun-x64: [ETDWare] c:\program files\elantech\ETDCtrl.exe Hosts: 255.255.255.255 broadcasthost Hosts: 216.34.181.45 s # slashdot.org Hosts: 64.233.187.104 g # google.com ================= FIREFOX =================== FF - ProfilePath - c:\users\asus\appdata\roaming\mozilla\firefox\profiles\9d25g7v1.default\ FF - prefs.js: browser.startup.homepage - www.google.rs FF - component: c:\users\asus\appdata\roaming\mozilla\firefox\profiles\9d25g7v1.default\extensions\capturefoxmovie@advancity.net\components\capturefoxxpi_win32.dll FF - component: c:\users\asus\appdata\roaming\mozilla\firefox\profiles\9d25g7v1.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - plugin: c:\program files (x86)\microsoft\office live\npOLW.dll FF - plugin: c:\program files (x86)\opera\program\plugins\nppl3260.dll FF - plugin: c:\program files (x86)\opera\program\plugins\nprpjplug.dll FF - plugin: c:\program files (x86)\windows live\photo gallery\NPWLPG.dll FF - plugin: c:\users\asus\appdata\roaming\mozilla\firefox\profiles\9d25g7v1.default\extensions\piclens@cooliris.com\plugins\npcoolirisplugin.dll FF - plugin: c:\windows\syswow64\macromed\flash\NPSWF32.dll ---- FIREFOX POLICIES ---- c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.lu", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nu", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.nz", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgberp4a5d4ar", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--p1ai", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.xn--mgbayh7gpa", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.IDN.whitelist.tel", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("network.proxy.type", 5); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("dom.ipc.plugins.timeoutSecs", 10); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("accelerometer.enabled", true); c:\program files (x86)\mozilla firefox\greprefs\all.js - pref("html5.enable", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files (x86)\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com"); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.nptest.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npswf32.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npctrl.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled.npqtplugin.dll", true); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("dom.ipc.plugins.enabled", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20); c:\program files (x86)\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20); ============= SERVICES / DRIVERS =============== R0 lullaby;lullaby;c:\windows\system32\drivers\lullaby.sys [2010-3-24 15928] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-2-25 121936] R1 vwififlt;Virtual WiFi Filter Driver;c:\windows\system32\drivers\vwififlt.sys [2009-7-14 59904] R2 AFBAgent;AFBAgent;c:\windows\system32\FBAgent.exe [2010-2-25 359552] R2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe [2009-11-18 202752] R2 ASMMAP64;ASMMAP64;c:\program files\atkgfnex\ASMMAP64.sys [2010-2-25 14904] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-2-25 22096] R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-2-25 63568] R2 avast! Antivirus;avast! Antivirus;c:\program files\avast5\AvastSvc.exe [2010-5-10 40384] R2 SSPORT;SSPORT;c:\windows\system32\drivers\SSPORT.SYS [2010-4-20 11576] R2 UNS;Intel(R) Management & Security Application User Notification Service;c:\program files (x86)\intel\intel(r) management engine components\uns\UNS.exe [2010-2-25 2314240] R3 avast! Web Scanner;avast! Web Scanner;c:\program files\avast5\AvastSvc.exe [2010-5-10 40384] R3 ETD;ELAN PS/2 Port Input Device;c:\windows\system32\drivers\ETD.sys [2010-2-25 117760] R3 HECIx64;Intel(R) Management Engine Interface;c:\windows\system32\drivers\HECIx64.sys [2010-2-25 56344] R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller;c:\windows\system32\drivers\L1C62x64.sys [2009-11-13 67072] R3 nusb3hub;NEC Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys [2009-10-26 75264] R3 nusb3xhc;NEC Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys [2009-10-26 176640] R3 vwifimp;Microsoft Virtual WiFi Miniport Service;c:\windows\system32\drivers\vwifimp.sys [2009-7-14 17920] R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\portable\real temp\WinRing0x64.sys [2010-6-21 14544] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\microsoft.net\framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 AmUStor;AM USB Stroage Driver;c:\windows\system32\drivers\AmUStor.sys [2009-8-21 44032] S3 avast! Mail Scanner;avast! Mail Scanner;c:\program files\avast5\AvastSvc.exe [2010-5-10 40384] S3 btusbflt;Bluetooth USB Filter;c:\windows\system32\drivers\btusbflt.sys [2010-2-25 52264] S3 btwl2cap;Bluetooth L2CAP Service;c:\windows\system32\drivers\btwl2cap.sys [2010-2-25 35104] S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [2010-5-9 43664] S3 vpcuxd;USB Virtualization Stub Service;c:\windows\system32\drivers\vpcuxd.sys [2010-5-28 16384] =============== Created Last 30 ================ 2010-06-26 09:17:48 43616 ----a-w- c:\windows\system32\oemlogo.bmp 2010-06-26 08:54:39 36164 ----a-w- c:\users\asus\energy-report.html 2010-06-26 06:00:41 0 d-----w- c:\program files (x86)\Microsoft Corporation 2010-06-26 05:04:43 0 d-----w- c:\windows\syswow64\winevt 2010-06-26 05:04:43 0 d-----w- c:\windows\syswow64\SMI 2010-06-26 05:04:43 0 d-----w- c:\program files (x86)\Xenocode 2010-06-23 06:14:20 0 d-----w- c:\windows\pss 2010-06-22 19:10:48 99176 ----a-w- c:\windows\syswow64\PresentationHostProxy.dll 2010-06-22 19:10:48 49472 ----a-w- c:\windows\syswow64\netfxperf.dll 2010-06-22 19:10:48 48960 ----a-w- c:\windows\system32\netfxperf.dll 2010-06-22 19:10:48 444752 ----a-w- c:\windows\system32\mscoree.dll 2010-06-22 19:10:48 320352 ----a-w- c:\windows\system32\PresentationHost.exe 2010-06-22 19:10:48 297808 ----a-w- c:\windows\syswow64\mscoree.dll 2010-06-22 19:10:48 295264 ----a-w- c:\windows\syswow64\PresentationHost.exe 2010-06-22 19:10:48 1942856 ----a-w- c:\windows\system32\dfshim.dll 2010-06-22 19:10:48 1130824 ----a-w- c:\windows\syswow64\dfshim.dll 2010-06-22 19:10:48 109912 ----a-w- c:\windows\system32\PresentationHostProxy.dll 2010-06-22 19:02:49 961024 ----a-w- c:\windows\system32\CPFilters.dll 2010-06-22 19:02:49 641536 ----a-w- c:\windows\syswow64\CPFilters.dll 2010-06-22 19:02:48 552960 ----a-w- c:\windows\system32\msdri.dll 2010-06-22 19:02:48 258560 ----a-w- c:\windows\system32\mpg2splt.ax 2010-06-22 19:02:48 199680 ----a-w- c:\windows\syswow64\mpg2splt.ax 2010-06-22 19:02:47 288256 ----a-w- c:\windows\system32\MSNP.ax 2010-06-22 19:02:47 204288 ----a-w- c:\windows\syswow64\MSNP.ax 2010-06-22 19:02:30 1736608 ----a-w- c:\windows\system32\ntdll.dll 2010-06-22 19:02:29 1289528 ----a-w- c:\windows\syswow64\ntdll.dll 2010-06-18 04:25:40 14336 ----a-w- c:\windows\system32\drivers\sffp_sd.sys 2010-06-11 03:34:38 0 d-----w- c:\users\asus\appdata\roaming\Tomato 2010-06-11 03:34:38 0 d-----w- c:\program files (x86)\common files\Tomato 2010-05-28 19:30:28 359624 ----a-w- c:\windows\system32\drivers\vpcvmm.sys 2010-05-28 09:34:38 0 d-----r- c:\users\asus\Virtual Machines 2010-05-28 06:04:37 0 d-----w- c:\program files (x86)\Windows Virtual PC ==================== Find3M ==================== 2010-05-27 07:24:13 34304 ----a-w- c:\windows\syswow64\atmlib.dll 2010-05-27 06:34:09 46080 ----a-w- c:\windows\system32\atmlib.dll 2010-05-27 04:11:32 366080 ----a-w- c:\windows\system32\atmfd.dll 2010-05-27 03:49:37 293888 ----a-w- c:\windows\syswow64\atmfd.dll 2010-05-21 13:14:28 270208 ------w- c:\windows\system32\MpSigStub.exe 2010-05-21 05:52:30 1192960 ----a-w- c:\windows\system32\wininet.dll 2010-05-21 05:18:06 977920 ----a-w- c:\windows\syswow64\wininet.dll 2010-05-21 05:14:50 48128 ----a-w- c:\windows\syswow64\jsproxy.dll 2010-05-09 22:29:02 53264 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2010-05-09 22:29:02 165776 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2010-05-09 22:29:02 145936 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2010-05-09 22:29:00 43664 ----a-w- c:\windows\system32\drivers\VBoxUSB.sys 2010-05-09 22:29:00 318992 ----a-w- c:\windows\system32\VBoxNetFltNotify.dll 2010-05-09 22:29:00 193808 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2010-05-06 20:59:36 165032 ----a-w- c:\windows\syswow64\aswBoot.exe 2010-05-06 20:34:14 63568 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys 2010-05-06 12:42:05 1225216 ----a-w- c:\windows\syswow64\urlmon.dll 2010-05-06 12:41:55 606208 ----a-w- c:\windows\syswow64\mstime.dll 2010-05-06 12:41:53 64512 ----a-w- c:\windows\syswow64\msfeedsbs.dll 2010-05-06 12:41:53 5970944 ----a-w- c:\windows\syswow64\mshtml.dll 2010-05-06 12:41:49 381440 ----a-w- c:\windows\syswow64\iedkcs32.dll 2010-05-06 12:41:49 10984448 ----a-w- c:\windows\syswow64\ieframe.dll 2010-05-01 15:07:05 3122176 ----a-w- c:\windows\system32\win32k.sys 2010-04-29 14:39:28 24664 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-23 07:13:36 2048 ----a-w- c:\windows\syswow64\tzres.dll 2010-04-23 07:11:58 2048 ----a-w- c:\windows\system32\tzres.dll 2010-04-16 23:39:08 306544 ----a-w- c:\windows\WLXPGSS.SCR 2010-04-16 21:12:18 48464 ----a-w- c:\windows\syswow64\sirenacm.dll 2010-04-14 16:47:23 38848 ----a-w- c:\windows\syswow64\avastSS.scr 2010-04-11 17:47:43 45056 ----a-w- c:\windows\system32\acovcnt.exe 2010-04-10 00:25:53 44544 ----a-w- c:\windows\syswow64\agremove.exe 2010-04-10 00:22:39 17920 ----a-w- c:\windows\system32\rpcnetp.exe 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfd.dat 2009-07-14 05:37:38 31548 ----a-w- c:\windows\inf\perflib\0409\perfc.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfi.dat 2009-07-14 05:37:38 291294 ----a-w- c:\windows\inf\perflib\0409\perfh.dat 2009-07-14 04:54:24 174 --sha-w- c:\program files\desktop.ini 2009-07-14 04:54:24 174 --sha-w- c:\program files (x86)\desktop.ini 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2009-07-14 01:00:34 291294 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2009-07-14 01:00:32 31548 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2009-04-08 09:31:56 106496 ----a-w- c:\program files (x86)\common files\CPInstallAction.dll 2008-08-11 20:45:20 155648 ----a-w- c:\program files (x86)\common files\MSIactionall.dll 2008-05-22 07:35:54 51962 ----a-w- c:\program files (x86)\common files\banner.jpg 2007-06-12 08:34:50 35822 ----a-w- c:\program files (x86)\common files\ASPG_icon.ico 2006-06-02 13:27:44 17542 ----a-w- c:\program files\common files\Net4Switch.ico 2006-06-02 13:27:44 17542 ----a-w- c:\program files (x86)\common files\Net4Switch.ico 2009-06-10 20:44:08 9633792 --sha-r- c:\windows\fonts\StaticCache.dat 2009-07-14 01:39:53 398848 --sha-w- c:\windows\winsxs\amd64_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_4d4d1f2f696639a2\WinMail.exe 2009-07-14 01:14:45 396800 --sha-w- c:\windows\winsxs\x86_microsoft-windows-mail-app_31bf3856ad364e35_6.1.7600.16385_none_f12e83abb108c86c\WinMail.exe ============= FINISH: 6:33:55,75 ===============