malware woes, can't shake this virus off of my system [Solved], "winiblueshield" is causing problems & no cache links goog |
Need a geek? Geeks to Go offers free, quality tech support -- in terms anyone can understand. Volunteers are waiting to help, friendly, technology experts who have knowledge to share, and enjoy helping others. Feel free to browse the site as a guest. However, you must log in to reply to existing topics, or to start a new topic of your own. Other benefits of joining include richer forum features, and removal of all advertising. Learn more in our Welcome Guide Infected? Malware and Spyware Cleaning Guide. What are you waiting for? Click here to join for free today!
|
|
|
  |
 May 9 2009, 04:37 PM
Post
#1
|
|
|
Member  Posts: 76 From: Toronto OS: xp sp3, vista sp1  |
Hi guys,
I was lazy in updating my antivirus certification when something called: "winiblueshield" got installed on my laptop. Since then this is what I have been experiencing: 1. Small red shield with an "X" that resembles the icon used to identify windows security alert, sits in the system tray with an intermittent balloon that says "virus infection found, click here to remove." 2. Intermittent alerts from the bottom left and right hand corners of my screen warn me of the viruses found on my system and what they are capable of doing, and then "click here" to remove them. 3. Occasionally, I get redirected to sites and I do not see "cache links" on google search results. I want to say thanks in advance. Here are the logs that were outlined in the "read this before posting..." section of this site: Microsoft Windows Vista Home Edition (6.0.6001) Service Pack 1 C:\ [Fixed] - NTFS - (Total:107705 Mo/Free:1382 Mo) D:\ [Removable] (Total:0 Mo/Free:0 Mo) E:\ [Removable] (Total:0 Mo/Free:0 Mo) F:\ [CD-Rom] (Total:0 Mo/Free:0 Mo) 09/05/2009|18:16 ----------------------\\ Processes.. --Locked-- [System Process] --Locked-- System ---------- \SystemRoot\System32\smss.exe ---------- C:\Windows\system32\csrss.exe ---------- C:\Windows\system32\wininit.exe ---------- C:\Windows\system32\csrss.exe ---------- C:\Windows\system32\services.exe ---------- C:\Windows\system32\winlogon.exe ---------- C:\Windows\system32\lsass.exe ---------- C:\Windows\system32\lsm.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\system32\svchost.exe --Locked-- audiodg.exe ---------- C:\Windows\system32\SLsvc.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\System32\spoolsv.exe ---------- C:\Windows\system32\taskeng.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\Dwm.exe ---------- C:\Windows\system32\taskeng.exe ---------- C:\Program Files\Google\Update\GoogleUpdate.exe ---------- C:\Windows\Explorer.EXE ---------- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe ---------- C:\Windows\system32\taskeng.exe ---------- C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe ---------- C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe ---------- C:\Program Files\Sony\ISB Utility\ISBMgr.exe ---------- C:\Windows\System32\hkcmd.exe ---------- C:\Windows\System32\igfxpers.exe ---------- C:\Windows\ehome\ehtray.exe ---------- C:\Program Files\Windows Sidebar\sidebar.exe ---------- C:\Program Files\Windows Media Player\wmpnscfg.exe ---------- C:\Program Files\Sophos\AutoUpdate\ALMon.exe ---------- C:\Windows\ehome\ehmsas.exe ---------- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe ---------- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe ---------- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe ---------- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe ---------- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe ---------- C:\Windows\system32\svchost.exe ---------- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe ---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe ---------- C:\Windows\System32\svchost.exe ---------- C:\Windows\system32\SearchIndexer.exe ---------- C:\Windows\system32\DRIVERS\xaudio.exe ---------- C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe ---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe ---------- C:\Windows\system32\igfxext.exe ---------- C:\Windows\system32\igfxsrvc.exe ---------- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe ---------- C:\Program Files\Sony\VAIO Power Management\SPMgr.exe ---------- C:\Windows\system32\WLANExt.exe ---------- C:\Windows\System32\mobsync.exe ---------- C:\Program Files\Windows Media Player\wmpnetwk.exe ---------- C:\Program Files\Google\Chrome\Application\chrome.exe ---------- C:\Windows\system32\wbem\unsecapp.exe ---------- C:\Windows\system32\wbem\wmiprvse.exe ---------- C:\Program Files\Google\Chrome\Application\chrome.exe ---------- C:\Program Files\Google\Chrome\Application\chrome.exe ---------- C:\Windows\system32\conime.exe ---------- C:\Windows\system32\Taskmgr.exe ---------- C:\Windows\notepad.exe ---------- C:\Windows\system32\DllHost.exe ---------- C:\Windows\system32\DllHost.exe ---------- C:\Windows\system32\cmd.exe ---------- C:\Rooter$\RK.exe ----------------------\\ Search.. OTListIt logfile created on: 09/05/2009 18:07:59 - Run 5 OTListIt2 by OldTimer - Version 2.0.15.5 Folder = C:\Users\Neeraj Tohan\Documents\Downloads Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 1013.45 Mb Total Physical Memory | 223.05 Mb Available Physical Memory | 22.01% Memory free 2.24 Gb Paging File | 1.33 Gb Available in Paging File | 59.48% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 105.18 Gb Total Space | 13.35 Gb Free Space | 12.69% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NEERAJTOHAN-PC Current User Name: Neeraj Tohan Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation) PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation) PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation) PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc) PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) PRC - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Windows\system32\igfxext.exe (Intel Corporation) PRC - C:\Windows\system32\igfxsrvc.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Windows\System32\mobsync.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Windows\system32\wbem\unsecapp.exe (Microsoft Corporation) PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) PRC - C:\Windows\system32\conime.exe (Microsoft Corporation) PRC - C:\Windows\system32\Taskmgr.exe (Microsoft Corporation) PRC - C:\Users\Neeraj Tohan\Documents\Downloads\OTListIt2.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gupdate1c9c168f65895d0 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (MSSQL$VAIO_VEDB [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper [Disabled | Stopped]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe () SRV - (QBCFMonitorService [Auto | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe ( ) SRV - (QBFCService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.) SRV - (RapiMgr [Auto | Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (SAVAdminService [Unknown | Running]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) SRV - (SAVService [Unknown | Stopped]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc) SRV - (SonicStage Back-End Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation) SRV - (Sophos AutoUpdate Service [Auto | Running]) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SQLBrowser [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (SQLWriter [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VAIO Event Service [Auto | Running]) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (Vcsw [On_Demand | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VzCdbSvc [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VzFw [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (WcesComm [Auto | Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (XAudioService [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (ApfiltrService [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (athr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\athr.sys (Atheros Communications, Inc.) DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (Cdr4_xp [System | Running]) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions) DRV - (Cdralw2k [System | Running]) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions) DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (DMICall [System | Running]) -- C:\Windows\system32\DRIVERS\DMICall.sys (Sony Corporation) DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation) DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (HSFHWAZL [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (igfx [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\system32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys (Conexant) DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (NETw3v32 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\NETw3v32.sys (Intel® Corporation) DRV - (NETw4v32 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\NETw4v32.sys (Intel Corporation) DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (SAVOnAccess [System | Running]) -- C:\Windows\system32\DRIVERS\savonaccess.sys (Sophos Plc) DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (SNC [On_Demand | Running]) -- C:\Windows\System32\Drivers\SonyNC.sys (Sony Corporation) DRV - (SophosBootDriver [Disabled | Stopped]) -- C:\Windows\system32\DRIVERS\SophosBootDriver.sys (Sophos Plc) DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (ti21sony [On_Demand | Running]) -- C:\Windows\system32\drivers\ti21sony.sys (Texas Instruments) DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (WimFltr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\wimfltr.sys (Microsoft Corporation) DRV - (winachsf [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (XAudio [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.sys (Conexant Systems, Inc.) DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\yk60x86.sys (Marvell) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\PROGRAMDATA\MOZILLA\FIREFOX EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C} [2007/10/30 20:49:37 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/25 00:34:10 | 00,000,000 | ---D | M] [2007/10/31 04:49:44 | 00,000,000 | ---D | M] -- C:\Users\Neeraj Tohan\AppData\Roaming\mozilla\Firefox\Profiles\xr4qj960.default\extensions [2007/10/31 04:49:44 | 00,000,000 | ---D | M] -- C:\Users\Neeraj Tohan\AppData\Roaming\mozilla\Firefox\Profiles\xr4qj960.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} O1 HOSTS File: (213378 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 7504 more lines... O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" (Sony Corporation) O4 - HKLM..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security Center\VSC.exe" 1 () O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe () O4 - HKLM..\Run: [WiniBlueSoft] C:\Program Files\WiniBlueSoft Software\WiniBlueSoft\WiniBlueSoft.exe -min File not found O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [setup2.exe] C:\Windows\System32\setup2.exe (Microsoft Corporation) O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Expression\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.154,85.255.112.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{44DC6B8B-39D5-4F19-AF45-12ECF73AFF37}\\NameServer = 85.255.112.154,85.255.112.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{7EC5F23B-DDE9-4616-8DD9-3C78B2911781}\\NameServer = 85.255.112.154,85.255.112.227 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\system32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\system32\VESWinlogon.dll (Sony Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found ========== Files/Folders - Created Within 30 Days ========== [2009/12/28 15:58:31 | 00,014,347 | ---- | C] () -- C:\Windows\System32\4c5zbackdoo92804.bin [2009/12/27 21:20:35 | 00,003,442 | ---- | C] () -- C:\Windows\System32\353czpy59re2933.dll [2009/12/26 14:49:18 | 00,004,758 | ---- | C] () -- C:\Windows\System32\6037not-a-viru945z.bin [2009/12/24 17:39:03 | 00,004,245 | ---- | C] () -- C:\Windows\29215spzmbot3bb.bin [2009/12/23 14:04:39 | 00,006,955 | ---- | C] () -- C:\Windows\55z0worm3d9.cpl [2009/12/23 10:37:03 | 00,014,839 | ---- | C] () -- C:\Windows\System32\7z6e5hief1917.bin [2009/12/22 19:38:28 | 00,009,924 | ---- | C] () -- C:\Windows\System32\90878tr5j8z.ocx [2009/12/22 19:10:17 | 00,005,187 | ---- | C] () -- C:\Windows\5919v5r1396z.dll [2009/12/19 18:20:32 | 00,008,618 | ---- | C] () -- C:\Windows\23761vz9u5b7.ocx [2009/12/19 00:30:11 | 00,008,526 | ---- | C] () -- C:\Windows\System32\7963sparse5z9.cpl [2009/12/18 09:02:34 | 00,009,972 | ---- | C] () -- C:\Windows\24054h59ktozl3db.bin [2009/12/18 05:21:59 | 00,010,415 | ---- | C] () -- C:\Windows\1225do5nl9ader287z.exe [2009/12/18 04:52:51 | 00,010,867 | ---- | C] () -- C:\Windows\System32\75z3t5re9t2847.cpl [2009/12/16 07:17:06 | 00,017,324 | ---- | C] () -- C:\Windows\System32\1569zspy152.bin [2009/12/16 05:18:45 | 00,009,084 | ---- | C] () -- C:\Windows\System32\a9fdownzoad592262.cpl [2009/12/16 01:25:44 | 00,008,283 | ---- | C] () -- C:\Windows\45e09z5eat9856.exe [2009/12/15 00:32:23 | 00,005,441 | ---- | C] () -- C:\Windows\2f93thzeat56625.dll [2009/12/13 07:47:51 | 00,007,720 | ---- | C] () -- C:\Windows\7951downloader19z95.exe [2009/12/12 09:34:43 | 00,004,857 | ---- | C] () -- C:\Windows\System32\15047not-5-9iruz33a.exe [2009/12/10 15:04:54 | 00,011,611 | ---- | C] () -- C:\Windows\System32\25292spz5fb9.bin [2009/12/09 11:11:19 | 00,013,956 | ---- | C] () -- C:\Windows\System32\4053threat98047z.dll [2009/12/08 20:10:19 | 00,003,424 | ---- | C] () -- C:\Windows\39599irzs43d.exe [2009/12/08 15:23:35 | 00,008,098 | ---- | C] () -- C:\Windows\System32\422zs5yware2195.bin [2009/12/05 06:21:46 | 00,008,808 | ---- | C] () -- C:\Windows\5a25steaz936.cpl [2009/12/02 03:51:10 | 00,007,986 | ---- | C] () -- C:\Windows\256fspyw9re960z.cpl [2009/12/01 23:00:25 | 00,012,576 | ---- | C] () -- C:\Windows\55bzs5arse2917.ocx [2009/12/01 03:51:16 | 00,013,780 | ---- | C] () -- C:\Windows\System32\9497zviru5453.ocx [2009/11/28 17:27:21 | 00,010,061 | ---- | C] () -- C:\Windows\System32\194aszeal9545.ocx [2009/11/28 05:21:18 | 00,002,918 | ---- | C] () -- C:\Windows\System32\5868z9dware475.bin [2009/11/24 06:22:51 | 00,010,388 | ---- | C] () -- C:\Windows\System32\z0377w5r972c.cpl [2009/11/24 01:55:47 | 00,013,851 | ---- | C] () -- C:\Windows\System32\ze01downl5ader93.dll [2009/11/22 07:29:38 | 00,017,644 | ---- | C] () -- C:\Windows\6142ha5ktooz697.cpl [2009/11/21 22:32:57 | 00,008,612 | ---- | C] () -- C:\Windows\System32\zeecsparse5129.exe [2009/11/21 02:31:53 | 00,004,537 | ---- | C] () -- C:\Windows\System32\26922tro53z89.exe [2009/11/19 18:28:09 | 00,002,697 | ---- | C] () -- C:\Windows\System32\7029z5rus99.ocx [2009/11/19 08:14:31 | 00,014,778 | ---- | C] () -- C:\Windows\System32\3592th5ef2239z.exe [2009/11/19 05:59:54 | 00,004,018 | ---- | C] () -- C:\Windows\9a9z95ware1744.cpl [2009/11/17 23:09:06 | 00,009,502 | ---- | C] () -- C:\Windows\31195nzt-5-virus9fc.bin [2009/11/16 11:27:56 | 00,010,792 | ---- | C] () -- C:\Windows\4fe1stzal56029.ocx [2009/11/16 00:15:45 | 00,013,748 | ---- | C] () -- C:\Windows\System32\1f795zyware2644.dll [2009/11/15 16:11:38 | 00,010,807 | ---- | C] () -- C:\Windows\8810s5am9ot4dz.exe [2009/11/14 15:36:34 | 00,016,051 | ---- | C] () -- C:\Windows\System32\59cthief26z7.bin [2009/11/13 19:14:43 | 00,016,880 | ---- | C] () -- C:\Windows\1cfz5a9kdoor1867.ocx [2009/11/10 21:12:14 | 00,015,842 | ---- | C] () -- C:\Windows\System32\12507tr9z1ce.ocx [2009/11/09 10:17:37 | 00,008,134 | ---- | C] () -- C:\Windows\System32\3dbbs5eaz1669.cpl [2009/11/08 00:58:24 | 00,013,072 | ---- | C] () -- C:\Windows\25d3download5910z7.ocx [2009/11/07 15:33:05 | 00,003,947 | ---- | C] () -- C:\Windows\4f4159dwzre1800.cpl [2009/11/07 13:58:24 | 00,004,933 | ---- | C] () -- C:\Windows\System32\3054z5irus9c2.exe [2009/11/06 20:42:36 | 00,007,190 | ---- | C] () -- C:\Windows\51z69spy59b.cpl [2009/11/06 03:39:03 | 00,013,481 | ---- | C] () -- C:\Windows\System32\3aa7zddw5re9730.bin [2009/11/05 17:53:26 | 00,016,020 | ---- | C] () -- C:\Windows\acftzre5t94699.exe [2009/11/04 05:17:52 | 00,003,432 | ---- | C] () -- C:\Windows\55945troj7c5z.bin [2009/11/03 01:45:28 | 00,013,431 | ---- | C] () -- C:\Windows\System32\599athiefz119.exe [2009/11/02 19:51:29 | 00,008,630 | ---- | C] () -- C:\Windows\2781659zj619.dll [2009/11/02 11:07:51 | 00,015,564 | ---- | C] () -- C:\Windows\10891virzs17f5.ocx [2009/10/28 00:43:02 | 00,012,049 | ---- | C] () -- C:\Windows\System32\6z039pam5ot6d3.bin [2009/10/23 19:09:54 | 00,005,133 | ---- | C] () -- C:\Windows\2c02sp5zse2929.dll [2009/10/23 17:44:52 | 00,016,484 | ---- | C] () -- C:\Windows\z3659virus758.ocx [2009/10/20 23:55:23 | 00,008,975 | ---- | C] () -- C:\Windows\9950troj6fz.exe [2009/10/19 21:27:07 | 00,015,131 | ---- | C] () -- C:\Windows\System32\2d66downloa59rz225.ocx [2009/10/17 09:31:19 | 00,008,639 | ---- | C] () -- C:\Windows\System32\7d27vir23z95.cpl [2009/10/16 07:51:04 | 00,006,691 | ---- | C] () -- C:\Windows\System32\6z4t9oj3bf5.dll [2009/10/14 21:05:39 | 00,008,146 | ---- | C] () -- C:\Windows\35559ddwaze2512.dll [2009/10/11 10:15:16 | 00,018,063 | ---- | C] () -- C:\Windows\System32\4395spazbot7d05.exe [2009/10/11 01:18:28 | 00,008,114 | ---- | C] () -- C:\Windows\System32\301509ot-a-v5rus292z.cpl [2009/10/09 16:54:10 | 00,006,667 | ---- | C] () -- C:\Windows\System32\5zccspy9are389.exe [2009/10/07 19:42:51 | 00,004,426 | ---- | C] () -- C:\Windows\24519not-a59irzs4de.ocx [2009/10/04 03:25:57 | 00,013,056 | ---- | C] () -- C:\Windows\19610wo954zf.exe [2009/10/03 21:08:41 | 00,010,355 | ---- | C] () -- C:\Windows\System32\b9dth5eat122z.cpl [2009/10/02 01:23:14 | 00,011,203 | ---- | C] () -- C:\Windows\System32\355zspywar92442.cpl [2009/10/01 20:24:56 | 00,016,334 | ---- | C] () -- C:\Windows\System32\43a1zh9ef5949.ocx [2009/09/27 22:30:00 | 00,005,063 | ---- | C] () -- C:\Windows\53eebacz9oor2951.exe [2009/09/24 18:47:32 | 00,005,019 | ---- | C] () -- C:\Windows\System32\10157worz839.exe [2009/09/23 08:40:55 | 00,015,350 | ---- | C] () -- C:\Windows\System32\9161not-a-9iru59z.dll [2009/09/18 14:16:38 | 00,008,308 | ---- | C] () -- C:\Windows\558cst9zl16.dll [2009/09/18 01:02:38 | 00,003,611 | ---- | C] () -- C:\Windows\System32\z50995acktoolc3.bin [2009/09/17 16:37:12 | 00,004,796 | ---- | C] () -- C:\Windows\System32\15898notza-virus4d2.exe [2009/09/17 16:18:37 | 00,008,149 | ---- | C] () -- C:\Windows\b5aba5kzo9r492.exe [2009/09/17 08:43:17 | 00,017,464 | ---- | C] () -- C:\Windows\5591vir277z9.bin [2009/09/17 04:04:39 | 00,016,453 | ---- | C] () -- C:\Windows\328v9r9z5.dll [2009/09/15 18:26:09 | 00,010,872 | ---- | C] () -- C:\Windows\315629pambot1z2.bin [2009/09/14 16:08:19 | 00,005,751 | ---- | C] () -- C:\Windows\System32\5859sparse123z.exe [2009/09/13 16:18:48 | 00,014,657 | ---- | C] () -- C:\Windows\7zc59pyware163.cpl [2009/09/12 22:16:25 | 00,005,229 | ---- | C] () -- C:\Windows\System32\3296downl5aderz103.ocx [2009/09/12 10:03:07 | 00,011,554 | ---- | C] () -- C:\Windows\27616spzmbo59d2.dll [2009/09/12 04:32:44 | 00,011,733 | ---- | C] () -- C:\Windows\System32\589astza51150.cpl [2009/09/11 19:47:32 | 00,008,773 | ---- | C] () -- C:\Windows\15z49spambot69d.exe [2009/09/10 09:01:18 | 00,010,135 | ---- | C] () -- C:\Windows\31335zack59ol799.ocx [2009/09/07 02:56:04 | 00,006,641 | ---- | C] () -- C:\Windows\6f79ad5wa9e1z18.exe [2009/09/06 16:15:28 | 00,003,250 | ---- | C] () -- C:\Windows\System32\7467sparz95115.cpl [2009/09/04 17:40:00 | 00,015,833 | ---- | C] () -- C:\Windows\System32\56zor975.exe [2009/09/01 13:39:44 | 00,013,890 | ---- | C] () -- C:\Windows\b6ethzeat15697.ocx [2009/09/01 04:06:57 | 00,017,013 | ---- | C] () -- C:\Windows\5z59vir135.bin [2009/08/28 11:36:05 | 00,012,119 | ---- | C] () -- C:\Windows\10az9i5144.bin [2009/08/27 01:39:46 | 00,005,256 | ---- | C] () -- C:\Windows\31954vir9sc5z.bin [2009/08/26 14:59:04 | 00,004,843 | ---- | C] () -- C:\Windows\System32\25952spy7z3.dll [2009/08/26 05:38:26 | 00,003,098 | ---- | C] () -- C:\Windows\96113not-a-virus65z.exe [2009/08/24 23:13:26 | 00,015,310 | ---- | C] () -- C:\Windows\8982hzckto5l31a.cpl [2009/08/24 14:30:35 | 00,010,118 | ---- | C] () -- C:\Windows\52709acktzol4285.bin [2009/08/24 09:57:51 | 00,007,912 | ---- | C] () -- C:\Windows\System32\28950worz53d5.cpl [2009/08/24 04:46:02 | 00,006,939 | ---- | C] () -- C:\Windows\System32\4707zhreat15591.dll [2009/08/18 18:14:48 | 00,013,637 | ---- | C] () -- C:\Windows\System32\47ffdo5nl9aderz587.exe [2009/08/13 23:18:22 | 00,009,215 | ---- | C] () -- C:\Windows\System32\2169stez52927.cpl [2009/08/12 14:10:02 | 00,011,936 | ---- | C] () -- C:\Windows\System32\10209wor51zf9.bin [2009/08/11 12:08:09 | 00,007,099 | ---- | C] () -- C:\Windows\12970hacktz9l5b7.cpl [2009/08/10 23:03:08 | 00,018,430 | ---- | C] () -- C:\Windows\System32\1z85spyware879.dll [2009/08/10 07:41:37 | 00,012,367 | ---- | C] () -- C:\Windows\System32\6z54sp9war51531.bin [2009/08/09 01:10:27 | 00,004,755 | ---- | C] () -- C:\Windows\26109wor57z49.cpl [2009/08/08 22:14:26 | 00,016,564 | ---- | C] () -- C:\Windows\System32\255629roj3fz.exe [2009/08/08 14:56:55 | 00,006,276 | ---- | C] () -- C:\Windows\55steal3099z.bin [2009/08/07 22:51:16 | 00,016,547 | ---- | C] () -- C:\Windows\z8396hackt59l49e.bin [2009/08/07 13:30:04 | 00,010,100 | ---- | C] () -- C:\Windows\7dddzhre9t54645.cpl [2009/08/07 11:05:13 | 00,003,452 | ---- | C] () -- C:\Windows\System32\26399s592zb.dll [2009/08/06 10:52:41 | 00,014,789 | ---- | C] () -- C:\Windows\System32\55579worz559.ocx [2009/08/05 05:08:05 | 00,007,230 | ---- | C] () -- C:\Windows\715059z4aa.dll [2009/08/04 15:33:45 | 00,007,669 | ---- | C] () -- C:\Windows\1d9zspy59re1306.ocx [2009/08/03 16:27:00 | 00,015,946 | ---- | C] () -- C:\Windows\System32\1989thzef3546.dll [2009/08/03 06:01:44 | 00,005,083 | ---- | C] () -- C:\Windows\System32\2z589hreat7973.exe [2009/08/01 10:07:17 | 00,016,179 | ---- | C] () -- C:\Windows\System32\1905ztr59479.dll [2009/08/01 08:45:35 | 00,008,951 | ---- | C] () -- C:\Windows\System32\5ade9hief579z.exe [2009/07/27 05:36:14 | 00,016,606 | ---- | C] () -- C:\Windows\295thzef1533.ocx [2009/07/27 00:50:22 | 00,007,200 | ---- | C] () -- C:\Windows\System32\1c49downloadzr5968.exe [2009/07/26 06:04:00 | 00,016,970 | ---- | C] () -- C:\Windows\System32\171215acktozl4149.exe [2009/07/26 03:27:07 | 00,016,633 | ---- | C] () -- C:\Windows\12159ownloadzr11815.dll [2009/07/25 20:04:39 | 00,002,721 | ---- | C] () -- C:\Windows\System32\2d5bst9alz56.exe [2009/07/24 09:56:23 | 00,010,432 | ---- | C] () -- C:\Windows\System32\7559sp573z.bin [2009/07/22 18:04:50 | 00,011,052 | ---- | C] () -- C:\Windows\System32\f5zaddw9re2365.exe [2009/07/22 08:26:39 | 00,010,664 | ---- | C] () -- C:\Windows\fz1vir5924.bin [2009/07/22 06:35:50 | 00,004,965 | ---- | C] () -- C:\Windows\System32\195zaddware1132.dll [2009/07/20 12:50:32 | 00,015,915 | ---- | C] () -- C:\Windows\10a9dow5lza9er2069.cpl [2009/07/18 19:17:04 | 00,006,363 | ---- | C] () -- C:\Windows\14261not-a-virus95ez.bin [2009/07/18 11:32:22 | 00,010,469 | ---- | C] () -- C:\Windows\System32\798dzpar5e148.bin [2009/07/17 22:00:27 | 00,013,086 | ---- | C] () -- C:\Windows\System32\50899troj37z.bin [2009/07/14 10:19:57 | 00,017,477 | ---- | C] () -- C:\Windows\System32\129esparsez55.exe [2009/07/14 02:14:04 | 00,004,940 | ---- | C] () -- C:\Windows\System32\5762ad5war92z41.cpl [2009/07/12 21:10:11 | 00,013,219 | ---- | C] () -- C:\Windows\52z69h5ef2970.bin [2009/07/12 17:19:31 | 00,007,420 | ---- | C] () -- C:\Windows\27105s5y9z3.bin [2009/07/10 22:39:32 | 00,010,717 | ---- | C] () -- C:\Windows\System32\z536vir590.ocx [2009/07/10 20:22:28 | 00,010,997 | ---- | C] () -- C:\Windows\System32\6284vir930z5.exe [2009/07/08 17:55:09 | 00,011,652 | ---- | C] () -- C:\Windows\29859virus581z.ocx [2009/07/08 10:31:30 | 00,005,232 | ---- | C] () -- C:\Windows\System32\265zs5ea9541.bin [2009/07/07 01:12:03 | 00,003,794 | ---- | C] () -- C:\Windows\System32\2244h5zktool7a79.dll [2009/07/06 12:44:03 | 00,014,899 | ---- | C] () -- C:\Windows\232979ackto5z494.bin [2009/07/06 05:43:26 | 00,014,278 | ---- | C] () -- C:\Windows\285z1virus319.exe [2009/07/05 17:50:19 | 00,016,131 | ---- | C] () -- C:\Windows\System32\1989zspa9bo5721.exe [2009/07/03 07:51:10 | 00,005,800 | ---- | C] () -- C:\Windows\2908zvirus359.dll [2009/07/03 03:47:07 | 00,017,001 | ---- | C] () -- C:\Windows\System32\5e15th5eat296z0.exe [2009/07/02 11:28:01 | 00,004,608 | ---- | C] () -- C:\Windows\5a59backdzor3143.cpl [2009/07/01 02:55:20 | 00,010,861 | ---- | C] () -- C:\Windows\z558virus592.cpl [2009/06/27 20:09:54 | 00,006,734 | ---- | C] () -- C:\Windows\100639ot-a-virus5z3.ocx [2009/06/27 03:08:31 | 00,008,651 | ---- | C] () -- C:\Windows\System32\5564not-a9zirus118.cpl [2009/06/26 22:31:10 | 00,013,356 | ---- | C] () -- C:\Windows\44fbthre5t729z.bin [2009/06/26 12:26:19 | 00,005,122 | ---- | C] () -- C:\Windows\System32\323z9ha5ktool3e19.exe [2009/06/23 17:49:03 | 00,012,307 | ---- | C] () -- C:\Windows\System32\91ezp9ware5809.dll [2009/06/23 03:00:36 | 00,014,376 | ---- | C] () -- C:\Windows\26369s5y2z7.bin [2009/06/22 02:53:17 | 00,017,599 | ---- | C] () -- C:\Windows\2f93thief1563z.dll [2009/06/18 08:51:28 | 00,004,465 | ---- | C] () -- C:\Windows\5f01backdooz926.ocx [2009/06/17 18:08:03 | 00,011,598 | ---- | C] () -- C:\Windows\224et5ief955z.bin [2009/06/15 16:23:41 | 00,015,725 | ---- | C] () -- C:\Windows\590ds5zal3049.dll [2009/06/15 11:33:34 | 00,002,823 | ---- | C] () -- C:\Windows\9532zirus5c35.ocx [2009/06/15 06:40:34 | 00,011,406 | ---- | C] () -- C:\Windows\20sparze19145.bin [2009/06/13 14:06:57 | 00,014,994 | ---- | C] () -- C:\Windows\System32\4983s5az9ot37c.bin [2009/06/13 02:00:26 | 00,003,179 | ---- | C] () -- C:\Windows\369zworm5789.exe [2009/06/10 23:24:14 | 00,007,204 | ---- | C] () -- C:\Windows\56z0download5r15929.bin [2009/06/10 08:41:52 | 00,003,899 | ---- | C] () -- C:\Windows\System32\15704not-a-v95us7e9z.bin [2009/06/08 17:07:24 | 00,011,265 | ---- | C] () -- C:\Windows\2ef4doznloa9er5524.exe [2009/06/07 06:45:45 | 00,004,077 | ---- | C] () -- C:\Windows\2046tzr5at79.cpl [2009/06/04 07:16:16 | 00,007,091 | ---- | C] () -- C:\Windows\System32\50985pyware22z7.bin [2009/06/03 16:19:30 | 00,013,971 | ---- | C] () -- C:\Windows\941zr5j139.exe [2009/06/03 15:58:52 | 00,012,764 | ---- | C] () -- C:\Windows\5d65addzare3049.ocx [2009/06/03 13:51:51 | 00,005,952 | ---- | C] () -- C:\Windows\System32\93ff5ir21z2.cpl [2009/06/03 04:12:56 | 00,005,670 | ---- | C] () -- C:\Windows\System32\79a0st59l17z4.bin [2009/06/01 13:21:17 | 00,002,813 | ---- | C] () -- C:\Windows\System32\2157backdoo9670z.ocx [2009/05/28 19:50:28 | 00,007,720 | ---- | C] () -- C:\Windows\5099th9ef19z0.cpl [2009/05/28 07:39:43 | 00,009,157 | ---- | C] () -- C:\Windows\33z9pyware552.ocx [2009/05/27 00:58:42 | 00,006,994 | ---- | C] () -- C:\Windows\System32\5126viz9675.exe [2009/05/24 14:40:01 | 00,008,905 | ---- | C] () -- C:\Windows\326b5zr593.exe [2009/05/23 05:06:01 | 00,003,887 | ---- | C] () -- C:\Windows\za8ste5l2519.exe [2009/05/22 21:05:05 | 00,002,628 | ---- | C] () -- C:\Windows\27dfaddwa9e265z.ocx [2009/05/21 23:42:06 | 00,005,558 | ---- | C] () -- C:\Windows\System32\15921z5y7ce9.bin [2009/05/20 14:14:46 | 00,011,260 | ---- | C] () -- C:\Windows\45e7downlozder54049.exe [2009/05/18 01:03:41 | 00,008,701 | ---- | C] () -- C:\Windows\System32\5a399ownzo5der3255.bin [2009/05/17 17:05:21 | 00,007,738 | ---- | C] () -- C:\Windows\z12475py329.dll [2009/05/15 17:48:19 | 00,017,316 | ---- | C] () -- C:\Windows\31275notz5-vir9s787.ocx [2009/05/15 11:48:55 | 00,008,941 | ---- | C] () -- C:\Windows\1z5449ot-a5virus382.bin [2009/05/14 09:08:58 | 00,009,053 | ---- | C] () -- C:\Windows\1z587troj955.dll [2009/05/13 13:53:23 | 00,012,091 | ---- | C] () -- C:\Windows\System32\505zrus954.exe [2009/05/11 01:19:14 | 00,011,968 | ---- | C] () -- C:\Windows\System32\68d2zte9l1507.ocx [2009/05/09 17:53:15 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/05/09 04:56:49 | 00,014,848 | ---- | C] () -- C:\Windows\59z9spambot352.dll [2009/05/08 00:30:58 | 00,130,104 | ---- | C] (Sophos Plc) -- C:\Windows\System32\sdccoinstaller.dll [2009/05/08 00:27:46 | 00,020,288 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\SophosBootDriver.sys [2009/05/08 00:27:40 | 00,000,000 | ---D | C] -- C:\savwsa [2009/05/08 00:08:49 | 40,153,280 | ---- | C] () -- C:\Users\Neeraj Tohan\Desktop\savw76sasfx.exe [2009/05/07 23:37:32 | 00,009,404 | ---- | C] () -- C:\Windows\System32\70z9threat255875.bin [2009/05/07 23:37:32 | 00,009,325 | ---- | C] () -- C:\Windows\158daddware2z98.cpl [2009/05/07 23:37:32 | 00,003,728 | ---- | C] () -- C:\Windows\System32\z9b9s5yw9re1317.ocx [2009/05/07 23:37:32 | 00,003,102 | ---- | C] () -- C:\Windows\System32\2348195zktool386.bin [2009/05/07 23:37:31 | 00,018,195 | ---- | C] () -- C:\Windows\c1za5dware30419.cpl [2009/05/07 23:37:31 | 00,011,681 | ---- | C] () -- C:\Windows\System32\26543worz99.exe [2009/05/07 23:37:31 | 00,011,307 | ---- | C] () -- C:\Windows\System32\524down9ozd5r48.bin [2009/05/07 23:37:31 | 00,010,599 | ---- | C] () -- C:\Windows\System32\22512s9yz5f.ocx [2009/05/07 23:37:31 | 00,008,053 | ---- | C] () -- C:\Windows\90016z5y409.dll [2009/05/07 23:37:31 | 00,006,791 | ---- | C] () -- C:\Windows\System32\2005tzreat23659.cpl [2009/05/07 23:37:31 | 00,004,865 | ---- | C] () -- C:\Windows\23949wor56e5z.exe [2009/05/07 23:37:31 | 00,004,345 | ---- | C] () -- C:\Windows\3839worm515z.cpl [2009/05/07 23:37:31 | 00,004,064 | ---- | C] () -- C:\Windows\4ce5addwar92852z.ocx [2009/05/07 23:37:30 | 00,012,279 | ---- | C] () -- C:\Windows\91609sp5mbot188z.ocx [2009/05/07 23:37:30 | 00,008,456 | ---- | C] () -- C:\Windows\System32\95z2troj92.ocx [2009/05/07 23:37:30 | 00,007,171 | ---- | C] () -- C:\Windows\2a74szyware945.exe [2009/05/07 23:37:30 | 00,006,297 | ---- | C] () -- C:\Windows\69a9thi5f194z.cpl [2009/05/07 23:37:30 | 00,005,654 | ---- | C] () -- C:\Windows\5c57vi91z88.cpl [2009/05/07 23:37:30 | 00,003,376 | ---- | C] () -- C:\Windows\System32\3945spzrs928195.ocx [2009/05/07 23:37:30 | 00,002,886 | ---- | C] () -- C:\Windows\58133vizu915a.exe [2009/05/07 23:37:29 | 00,016,402 | ---- | C] () -- C:\Windows\59e9bazkdoor1651.exe [2009/05/07 23:37:29 | 00,016,095 | ---- | C] () -- C:\Windows\System32\3458addwarez3195.dll [2009/05/07 23:37:29 | 00,015,043 | ---- | C] () -- C:\Windows\System32\z515hief698.ocx [2009/05/07 23:37:29 | 00,013,966 | ---- | C] () -- C:\Windows\System32\291369rzj588.bin [2009/05/07 23:37:29 | 00,012,724 | ---- | C] () -- C:\Windows\9689z5pambot205.bin [2009/05/07 23:37:29 | 00,012,584 | ---- | C] () -- C:\Windows\150evir19z4.bin [2009/05/07 23:37:29 | 00,010,162 | ---- | C] () -- C:\Windows\System32\22521zorm39e.dll [2009/05/07 23:37:29 | 00,008,982 | ---- | C] () -- C:\Windows\System32\32541sp9mbot3z3.bin [2009/05/07 23:37:29 | 00,008,850 | ---- | C] () -- C:\Windows\8714n9t-a-viruz45f.bin [2009/05/07 23:37:29 | 00,007,814 | ---- | C] () -- C:\Windows\System32\5fzavir9166.dll [2009/05/07 23:37:29 | 00,007,463 | ---- | C] () -- C:\Windows\17091not-azvi9us855.cpl [2009/05/07 23:37:28 | 00,016,198 | ---- | C] () -- C:\Windows\2d45stza92504.bin [2009/05/07 23:37:28 | 00,010,781 | ---- | C] () -- C:\Windows\21850spzmbot269.cpl [2009/05/07 23:37:28 | 00,008,275 | ---- | C] () -- C:\Windows\972zspy576.ocx [2009/05/07 23:37:28 | 00,004,198 | ---- | C] () -- C:\Windows\System32\73ebspyware9z765.cpl [2009/05/07 23:37:28 | 00,003,602 | ---- | C] () -- C:\Windows\System32\24893spz33b5.ocx [2009/05/07 23:37:27 | 00,016,962 | ---- | C] () -- C:\Windows\5a73addwarez989.ocx [2009/05/07 23:37:27 | 00,014,844 | ---- | C] () -- C:\Windows\System32\zc739pars52346.cpl [2009/05/07 23:37:27 | 00,012,142 | ---- | C] () -- C:\Windows\zdb5ba59door1676.exe [2009/05/07 23:37:27 | 00,011,749 | ---- | C] () -- C:\Windows\System32\556bthreat116z59.ocx [2009/05/07 23:37:27 | 00,011,574 | ---- | C] () -- C:\Windows\b92backdoor25z.cpl [2009/05/07 23:37:27 | 00,011,321 | ---- | C] () -- C:\Windows\z189vir55.exe [2009/05/07 23:37:27 | 00,010,084 | ---- | C] () -- C:\Windows\System32\66d5downloaderz7789.bin [2009/05/07 23:37:27 | 00,009,982 | ---- | C] () -- C:\Windows\System32\23f1bazk9oor9815.ocx [2009/05/07 23:37:27 | 00,009,889 | ---- | C] () -- C:\Windows\2425zwo9533c.dll [2009/05/07 23:37:27 | 00,008,990 | ---- | C] () -- C:\Windows\6135tzoj2209.cpl [2009/05/07 23:37:27 | 00,008,594 | ---- | C] () -- C:\Windows\31z90tro53ae9.ocx [2009/05/07 23:37:27 | 00,003,633 | ---- | C] () -- C:\Windows\9694z5irus5c7.ocx [2009/05/07 23:37:27 | 00,003,015 | ---- | C] () -- C:\Windows\28662ha5k9ooz728.bin [2009/05/07 23:37:26 | 00,014,143 | ---- | C] () -- C:\Windows\System32\5903zteal2125.exe [2009/05/07 23:37:26 | 00,010,585 | ---- | C] () -- C:\Windows\System32\15689tr9j2bz.dll [2009/05/07 23:37:26 | 00,003,892 | ---- | C] () -- C:\Windows\z607not-9-vir5s1ff.exe [2009/05/07 23:37:25 | 00,011,749 | ---- | C] () -- C:\Windows\System32\16695spz5559.exe [2009/05/07 23:37:25 | 00,011,001 | ---- | C] () -- C:\Windows\95121v5rus18az.ocx [2009/05/07 23:37:25 | 00,008,858 | ---- | C] () -- C:\Windows\System32\17990t5oj6z.bin [2009/05/07 23:37:25 | 00,008,420 | ---- | C] () -- C:\Windows\4967thre5t310z1.bin [2009/05/07 23:37:25 | 00,007,315 | ---- | C] () -- C:\Windows\System32\2z819w9rm385.dll [2009/05/07 23:37:25 | 00,002,537 | ---- | C] () -- C:\Windows\95c5sparz5585.cpl [2009/05/07 23:37:24 | 00,017,810 | ---- | C] () -- C:\Windows\System32\789ebaczdo5r824.ocx [2009/05/07 23:37:24 | 00,016,240 | ---- | C] () -- C:\Windows\System32\25194hack9ool2z5.cpl [2009/05/07 23:37:24 | 00,015,894 | ---- | C] () -- C:\Windows\System32\28692s5z2b59.exe [2009/05/07 23:37:24 | 00,014,075 | ---- | C] () -- C:\Windows\459zworm769.cpl [2009/05/07 23:37:24 | 00,013,149 | ---- | C] () -- C:\Windows\System32\z7ee9pyware1445.exe [2009/05/07 23:37:24 | 00,012,031 | ---- | C] () -- C:\Windows\System32\4bez9i5f84.bin [2009/05/07 23:37:24 | 00,010,650 | ---- | C] () -- C:\Windows\System32\z916vir24455.exe [2009/05/07 23:37:24 | 00,010,458 | ---- | C] () -- C:\Windows\4279th5ef1z70.ocx [2009/05/07 23:37:24 | 00,007,775 | ---- | C] () -- C:\Windows\System32\75f4threa9z8144.exe [2009/05/07 23:37:24 | 00,004,374 | ---- | C] () -- C:\Windows\133559orz481.exe [2009/05/07 23:37:24 | 00,003,969 | ---- | C] () -- C:\Windows\11325not-a-9irus7ez5.bin [2009/05/07 23:37:23 | 00,017,415 | ---- | C] () -- C:\Windows\System32\5175thizf2950.bin [2009/05/07 23:37:23 | 00,017,396 | ---- | C] () -- C:\Windows\System32\5b58download9r2044z.exe [2009/05/07 23:37:23 | 00,016,197 | ---- | C] () -- C:\Windows\System32\339zthrea5314.ocx [2009/05/07 23:37:23 | 00,015,753 | ---- | C] () -- C:\Windows\System32\195irz998.exe [2009/05/07 23:37:23 | 00,015,079 | ---- | C] () -- C:\Windows\System32\349f5hrzat4925.exe [2009/05/07 23:37:23 | 00,014,113 | ---- | C] () -- C:\Windows\System32\555v9z1225.exe [2009/05/07 23:37:23 | 00,012,247 | ---- | C] () -- C:\Windows\147869rzj495.cpl [2009/05/07 23:37:23 | 00,012,061 | ---- | C] () -- C:\Windows\System32\5522t9iefz079.dll [2009/05/07 23:37:23 | 00,011,975 | ---- | C] () -- C:\Windows\System32\258z5wo9m61b.ocx [2009/05/07 23:37:23 | 00,011,702 | ---- | C] () -- C:\Windows\System32\50f4thrza513943.dll [2009/05/07 23:37:23 | 00,011,617 | ---- | C] () -- C:\Windows\1459t9izf38.exe [2009/05/07 23:37:23 | 00,011,102 | ---- | C] () -- C:\Windows\System32\219z4hackt9o5519.dll [2009/05/07 23:37:23 | 00,009,225 | ---- | C] () -- C:\Windows\System32\16044ha9kzoo55bc.dll [2009/05/07 23:37:23 | 00,008,898 | ---- | C] () -- C:\Windows\59382not-azvirus2b9.bin [2009/05/07 23:37:23 | 00,008,686 | ---- | C] () -- C:\Windows\System32\49fespywaze3542.bin [2009/05/07 23:37:23 | 00,008,582 | ---- | C] () -- C:\Windows\z2555tr9jdd.dll [2009/05/07 23:37:23 | 00,008,321 | ---- | C] () -- C:\Windows\2738no5-a-9izus302.dll [2009/05/07 23:37:23 | 00,007,941 | ---- | C] () -- C:\Windows\System32\251z5worm957.exe [2009/05/07 23:37:23 | 00,007,908 | ---- | C] () -- C:\Windows\z5096vi9us578.cpl [2009/05/07 23:37:23 | 00,007,600 | ---- | C] () -- C:\Windows\2ac0t95ef766z.cpl [2009/05/07 23:37:23 | 00,005,170 | ---- | C] () -- C:\Windows\System32\3891stzal12615.cpl [2009/05/07 23:37:23 | 00,003,379 | ---- | C] () -- C:\Windows\System32\7d79d5wnloazer2592.ocx [2009/05/07 23:37:23 | 00,003,300 | ---- | C] () -- C:\Windows\18925not-a-virzs9b4.exe [2009/05/07 23:37:23 | 00,003,235 | ---- | C] () -- C:\Windows\System32\1f5atzi5f9809.ocx [2009/05/07 23:37:23 | 00,002,860 | ---- | C] () -- C:\Windows\System32\19646not-9-vir5s3bez.cpl [2009/05/07 23:37:23 | 00,002,725 | ---- | C] () -- C:\Windows\System32\109cdow5loaze9868.cpl [2009/05/07 23:37:22 | 00,018,282 | ---- | C] () -- C:\Windows\System32\5692steal2z9.bin [2009/05/07 23:37:22 | 00,017,516 | ---- | C] () -- C:\Windows\System32\696s5ywarez4899.exe [2009/05/07 23:37:22 | 00,015,483 | ---- | C] () -- C:\Windows\29999vi5uszb5.cpl [2009/05/07 23:37:22 | 00,015,247 | ---- | C] () -- C:\Windows\a65vir232z9.exe [2009/05/07 23:37:22 | 00,014,645 | ---- | C] () -- C:\Windows\20767not-a9virzs54f.bin [2009/05/07 23:37:22 | 00,014,333 | ---- | C] () -- C:\Windows\55809aczdoor1163.ocx [2009/05/07 23:37:22 | 00,012,626 | ---- | C] () -- C:\Windows\215z49py7b5.ocx [2009/05/07 23:37:22 | 00,010,620 | ---- | C] () -- C:\Windows\System32\z95evir9569.ocx [2009/05/07 23:37:22 | 00,006,304 | ---- | C] () -- C:\Windows\5699not-a-vzrus35.exe [2009/05/07 23:37:22 | 00,006,247 | ---- | C] () -- C:\Windows\3aa9sp5waze1735.bin [2009/05/07 23:37:22 | 00,005,066 | ---- | C] () -- C:\Windows\24z48spa9b5t519.exe [2009/05/07 23:37:21 | 00,018,139 | ---- | C] () -- C:\Windows\System32\3985s9yware88z.bin [2009/05/07 23:37:21 | 00,017,603 | ---- | C] () -- C:\Windows\6bzcdownlo95er1626.ocx [2009/05/07 23:37:21 | 00,016,771 | ---- | C] () -- C:\Windows\z7375not9a-virusb.cpl [2009/05/07 23:37:21 | 00,014,903 | ---- | C] () -- C:\Windows\System32\3z54downloader3199.cpl [2009/05/07 23:37:21 | 00,013,618 | ---- | C] () -- C:\Windows\System32\z50dvir9033.cpl [2009/05/07 23:37:21 | 00,009,426 | ---- | C] () -- C:\Windows\2de8stealz9955.ocx [2009/05/07 23:37:21 | 00,007,927 | ---- | C] () -- C:\Windows\System32\3950sparsz2967.bin [2009/05/07 23:37:21 | 00,007,669 | ---- | C] () -- C:\Windows\1563downloazer9895.cpl [2009/05/07 23:37:21 | 00,007,599 | ---- | C] () -- C:\Windows\8179teal1553z.exe [2009/05/07 23:37:21 | 00,005,731 | ---- | C] () -- C:\Windows\System32\1b95backdozr1965.exe [2009/05/07 23:37:21 | 00,005,404 | ---- | C] () -- C:\Windows\389th5zf967.exe [2009/05/07 23:37:21 | 00,005,043 | ---- | C] () -- C:\Windows\System32\z25dt9ief2585.dll [2009/05/07 23:37:21 | 00,004,875 | ---- | C] () -- C:\Windows\System32\33235o9z26f.dll [2009/05/07 23:37:21 | 00,003,605 | ---- | C] () -- C:\Windows\System32\24957h59ktzol3ca.dll [2009/05/07 23:37:21 | 00,002,972 | ---- | C] () -- C:\Windows\System32\5065spzrse119.ocx [2009/05/07 23:37:20 | 00,009,187 | ---- | C] () -- C:\Windows\7395viz998.bin [2009/05/07 23:37:20 | 00,008,700 | ---- | C] () -- C:\Windows\System32\1810bzckdo5r2093.ocx [2009/05/07 23:37:20 | 00,006,241 | ---- | C] () -- C:\Windows\System32\307049pzmbo569b.bin [2009/05/07 23:37:19 | 01,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setup2.exe [2009/05/04 20:53:36 | 00,003,243 | ---- | C] () -- C:\Windows\System32\2493steal24z05.bin [2009/05/03 22:30:59 | 00,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2009/05/03 22:28:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Cisco Systems [2009/05/03 22:28:37 | 00,023,552 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SophosBootTasks.exe [2009/05/03 21:04:29 | 00,000,000 | ---D | C] -- C:\Program Files\Sophos [2009/05/03 13:25:56 | 00,010,834 | ---- | C] () -- C:\Windows\8523wormz97.dll [2009/05/03 02:51:19 | 00,008,905 | ---- | C] () -- C:\Windows\54cabackd5or79z.ocx [2009/04/28 07:10:31 | 00,006,795 | ---- | C] () -- C:\Windows\25559n9t-a-vizus11f.cpl [2009/04/27 23:42:08 | 13,946,7815 | ---- | C] () -- C:\Windows\MEMORY.DMP [2009/04/27 23:07:22 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2009/04/26 11:27:06 | 00,014,299 | ---- | C] () -- C:\Windows\z9523hackt9ol565.cpl [2009/04/24 23:43:47 | 00,015,623 | ---- | C] () -- C:\Windows\System32\47e8sp9zse2537.dll [2009/04/24 08:46:00 | 00,003,841 | ---- | C] () -- C:\Windows\53416hackto9l29cz.cpl [2009/04/23 18:47:25 | 00,005,828 | ---- | C] () -- C:\Windows\5129vir222z.exe [2009/04/22 16:00:07 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/04/22 01:04:50 | 00,015,514 | ---- | C] () -- C:\Windows\System32\155z9orm543.bin [2009/04/21 02:59:17 | 00,012,879 | ---- | C] () -- C:\Windows\System32\2570ad9ware3015z.cpl [2009/04/20 17:59:24 | 00,093,192 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\savonaccess.sys [2009/04/20 17:59:14 | 00,000,000 | ---D | C] -- C:\escwsa [2009/04/19 23:36:23 | 00,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2009/04/19 23:34:54 | 00,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job [2009/04/19 23:34:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2009/04/19 23:34:18 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/04/19 23:34:17 | 00,001,401 | ---- | C] () -- C:\Users\Neeraj Tohan\Desktop\DivX Movies.lnk [2009/04/19 23:34:17 | 00,000,000 | ---D | C] -- C:\Program Files\DivX [2009/04/19 22:55:20 | 00,017,903 | ---- | C] () -- C:\Windows\System32\59z25not-a9virus606.cpl [2009/04/18 03:37:02 | 00,003,704 | ---- | C] () -- C:\Windows\17835viz59155.dll [2009/04/17 21:55:55 | 00,008,598 | ---- | C] () -- C:\Windows\System32\9456szamb5t24b9.ocx [2009/04/16 20:31:05 | 00,015,365 | ---- | C] () -- C:\Windows\System32\517d9hief225z.cpl [2009/04/16 19:07:07 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll [2009/04/16 19:07:03 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll [2009/04/16 19:07:03 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll [2009/04/16 19:06:51 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2009/04/16 19:06:51 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll [2009/04/16 19:06:50 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2009/04/16 19:06:49 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2009/04/16 19:06:49 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2009/04/16 19:06:49 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2009/04/16 19:06:49 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2009/04/16 19:06:49 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2009/04/16 19:06:49 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2009/04/16 19:06:48 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe [2009/04/16 19:06:41 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2009/04/16 19:06:40 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll [2009/04/16 19:06:40 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll [2009/04/16 19:06:39 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll [2009/04/16 19:06:39 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll [2009/04/16 19:06:16 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009/04/16 19:06:13 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll [2009/04/16 19:06:11 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll [2009/04/16 19:06:10 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll [2009/04/16 19:06:09 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll [2009/04/16 19:06:09 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009/04/16 19:06:09 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009/04/16 19:06:08 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2009/04/16 19:06:08 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2009/04/16 19:06:08 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll [2009/04/16 19:06:08 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2009/04/16 19:06:08 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2009/04/16 19:06:07 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009/04/16 19:06:05 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009/04/16 19:06:04 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009/04/15 01:25:22 | 00,015,043 | ---- | C] () -- C:\Windows\System32\49435o9m7z9.exe [2009/04/13 10:15:10 | 00,017,675 | ---- | C] () -- C:\Windows\System32\7151spyzare11449.bin [2009/04/12 07:42:07 | 00,017,247 | ---- | C] () -- C:\Windows\System32\7946thiez1952.dll [2009/04/11 23:12:49 | 00,015,691 | ---- | C] () -- C:\Windows\z5b9ir424.bin [2009/04/11 15:42:41 | 00,008,937 | ---- | C] () -- C:\Windows\19555not-z-vir5s62c.bin [2009/04/02 20:41:39 | 00,002,781 | ---- | C] () -- C:\Windows\25z58hacktoo9203.dll [2009/03/22 03:15:35 | 00,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2009/03/17 21:25:08 | 00,010,920 | ---- | C] () -- C:\Windows\System32\25261zpamb9t267.dll [2009/03/14 21:30:57 | 00,006,568 | ---- | C] () -- C:\Windows\208235o9-a-virusz83.dll [2009/03/14 11:53:55 | 00,012,698 | ---- | C] () -- C:\Windows\System32\dc5tzi9f461.dll [2009/03/11 06:05:21 | 00,007,734 | ---- | C] () -- C:\Windows\System32\14253hzckt5ole9.dll [2009/03/09 23:49:33 | 00,011,008 | ---- | C] () -- C:\Windows\System32\25d7threat1z3849.dll [2009/03/08 19:30:54 | 00,014,471 | ---- | C] () -- C:\Windows\System32\57d9a5dware16z9.dll [2009/02/28 18:13:47 | 00,017,233 | ---- | C] () -- C:\Windows\System32\41a4do5nzoa9er1890.dll [2009/02/21 05:43:51 | 00,016,854 | ---- | C] () -- C:\Windows\8z4dow5loader9589.dll [2009/01/25 20:31:52 | 00,009,318 | ---- | C] () -- C:\Windows\System32\6191threat2z855.dll [2009/01/22 18:32:43 | 00,002,850 | ---- | C] () -- C:\Windows\System32\6227down9oaze52754.dll [2009/01/07 16:11:58 | 00,011,806 | ---- | C] () -- C:\Windows\79b7b5ckdoor1922z.dll [2009/01/01 15:55:16 | 00,007,882 | ---- | C] () -- C:\Windows\System32\4a8c9dzw5re2718.dll [2008/12/24 12:52:14 | 00,016,635 | ---- | C] () -- C:\Windows\System32\564edowzloade93555.dll [2008/12/09 02:57:47 | 00,004,937 | ---- | C] () -- C:\Windows\45ddown9oaderz278.dll [2008/12/07 23:07:06 | 00,003,348 | ---- | C] () -- C:\Windows\71zv5r9023.dll [2008/11/10 12:57:40 | 00,008,809 | ---- | C] () -- C:\Windows\System32\741995rz155.dll [2008/10/26 11:45:55 | 00,015,034 | ---- | C] () -- C:\Windows\System32\62ccdownlo9dez265.dll [2008/10/21 03:39:06 | 00,016,337 | ---- | C] () -- C:\Windows\1994addwzr51653.dll [2008/10/19 03:15:44 | 00,010,709 | ---- | C] () -- C:\Windows\22649spz457.dll [2008/10/18 10:43:17 | 00,004,693 | ---- | C] () -- C:\Windows\System32\a7fvi92561z.dll [2008/10/13 01:54:12 | 00,003,308 | ---- | C] () -- C:\Windows\System32\76b4t95ezt12471.dll [2008/10/11 07:54:31 | 00,007,788 | ---- | C] () -- C:\Windows\11982no5-a-virzs11d.dll [2008/10/08 16:55:58 | 00,014,926 | ---- | C] () -- C:\Windows\53f9downloader129z5.dll [2008/09/22 22:10:13 | 00,013,242 | ---- | C] () -- C:\Windows\2b9cz9ea5944.dll [2008/09/22 06:26:08 | 00,008,331 | ---- | C] () -- C:\Windows\4035hzcktoo945f.dll [2008/09/20 20:30:18 | 00,004,617 | ---- | C] () -- C:\Windows\System32\z0951w9rm78c.dll [2008/09/20 07:22:40 | 00,008,517 | ---- | C] () -- C:\Windows\29955noz-a-vir9s2b2.dll [2008/09/18 06:16:40 | 00,013,154 | ---- | C] () -- C:\Windows\System32\19151zpambot4729.dll [2008/09/12 17:06:23 | 00,009,520 | ---- | C] () -- C:\Windows\System32\1696spywaze3051.dll [2008/09/11 20:43:52 | 00,004,514 | ---- | C] () -- C:\Windows\System32\27z59trojf9.dll [2008/09/10 09:38:09 | 00,017,242 | ---- | C] () -- C:\Windows\System32\755azackdoor1097.dll [2008/09/08 23:39:48 | 00,007,463 | ---- | C] () -- C:\Windows\System32\29486v5rus6ez.dll [2008/09/08 14:48:28 | 00,017,471 | ---- | C] () -- C:\Windows\2734thze5t14519.dll [2008/09/07 18:42:31 | 00,004,620 | ---- | C] () -- C:\Windows\System32\25250w9rm46z.dll [2008/09/06 16:18:39 | 00,004,952 | ---- | C] () -- C:\Windows\System32\9999vizus54.dll [2008/08/20 07:16:56 | 00,004,578 | ---- | C] () -- C:\Windows\System32\e21dow5loade9240z.dll [2008/08/14 01:10:38 | 00,010,946 | ---- | C] () -- C:\Windows\20z08wo951a4.dll [2008/08/13 22:33:54 | 00,010,820 | ---- | C] () -- C:\Windows\13057w9rz120.dll [2008/08/07 16:19:29 | 00,005,803 | ---- | C] () -- C:\Windows\System32\2z529troj1ad.dll [2008/08/06 14:42:17 | 00,008,296 | ---- | C] () -- C:\Windows\2zc0back59or1254.dll [2008/07/20 14:28:07 | 00,016,784 | ---- | C] () -- C:\Windows\1304zviru59db.dll [2008/07/15 06:06:41 | 00,007,780 | ---- | C] () -- C:\Windows\9668hacztool505.dll [2008/07/12 03:55:03 | 00,012,066 | ---- | C] () -- C:\Windows\14589hacktzol5a6.dll [2008/07/09 16:01:13 | 00,014,650 | ---- | C] () -- C:\Windows\System32\263z3s5yd29.dll [2008/07/03 04:46:34 | 00,017,736 | ---- | C] () -- C:\Windows\System32\7c94st5alz186.dll [2008/06/28 14:52:39 | 00,015,441 | ---- | C] () -- C:\Windows\280959zo585.dll [2008/06/20 19:32:26 | 00,008,723 | ---- | C] () -- C:\Windows\466espzr5e13279.dll [2008/06/17 17:26:08 | 00,014,339 | ---- | C] () -- C:\Windows\2554ztr59250.dll [2008/06/10 18:42:58 | 00,000,142 | ---- | C] () -- C:\Windows\ODBC.INI [2008/06/08 12:55:01 | 00,003,089 | ---- | C] () -- C:\Windows\System32\16z575pambot159.dll [2008/06/03 17:36:07 | 00,010,600 | ---- | C] () -- C:\Windows\System32\4159thze92820.dll [2008/06/02 06:09:17 | 00,013,408 | ---- | C] () -- C:\Windows\6df9thie5916z.dll [2008/05/03 19:54:47 | 00,007,243 | ---- | C] () -- C:\Windows\System32\915noz-a-vir5s479.dll [2008/04/20 20:33:41 | 00,009,950 | ---- | C] () -- C:\Windows\System32\124eszars91574.dll [2008/04/15 00:15:35 | 00,008,744 | ---- | C] () -- C:\Windows\System32\3378sparse5z729.dll [2008/04/05 23:41:40 | 00,008,438 | ---- | C] () -- C:\Windows\z9957troj785.dll [2008/04/04 22:16:29 | 00,003,125 | ---- | C] () -- C:\Windows\System32\20250sp5mbot94z.dll [2008/03/27 14:55:40 | 00,003,147 | ---- | C] () -- C:\Windows\575dtzre9t4627.dll [2008/03/21 17:12:22 | 00,017,238 | ---- | C] () -- C:\Windows\System32\26494vir5z399.dll [2008/03/19 07:50:17 | 00,008,011 | ---- | C] () -- C:\Windows\System32\15efspa5s92869z.dll [2008/03/16 08:06:30 | 00,012,590 | ---- | C] () -- C:\Windows\System32\12190virzs591.dll [2008/03/11 07:36:14 | 00,017,474 | ---- | C] () -- C:\Windows\1a9zstea926165.dll [2008/03/09 14:02:06 | 00,009,324 | ---- | C] () -- C:\Windows\System32\982zpy5e4.dll [2008/03/08 05:09:28 | 00,005,818 | ---- | C] () -- C:\Windows\System32\6ff9steal32z5.dll [2008/03/05 11:33:47 | 00,011,494 | ---- | C] () -- C:\Windows\System32\6927zp55f5.dll [2008/03/02 04:29:12 | 00,009,777 | ---- | C] () -- C:\Windows\9546ba5kdoorz319.dll [2008/03/01 11:12:59 | 00,011,717 | ---- | C] () -- C:\Windows\1694th5e9tz889.dll [2008/02/24 12:56:18 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll [2008/02/24 12:56:18 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2008/02/24 12:56:18 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll [2008/02/24 12:56:17 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1151.dll [2008/02/15 12:18:20 | 00,003,846 | ---- | C] () -- C:\Windows\System32\7769zackdoor5579.dll [2008/02/07 07:18:28 | 00,013,176 | ---- | C] () -- C:\Windows\System32\13925zre9t19707.dll [2008/02/01 22:45:26 | 00,016,639 | ---- | C] () -- C:\Windows\System32\1264zhackt9ol35.dll [2008/01/26 19:50:23 | 00,003,447 | ---- | C] () -- C:\Windows\78459zreat6312.dll [2008/01/26 10:32:38 | 00,005,004 | ---- | C] () -- C:\Windows\System32\1f9zad9ware1656.dll [2008/01/25 23:56:02 | 00,018,312 | ---- | C] () -- C:\Windows\System32\15c3s5arse5z59.dll [2008/01/25 16:25:28 | 00,006,199 | ---- | C] () -- C:\Windows\55b39h5ef15z6.dll [2008/01/23 03:44:57 | 00,003,082 | ---- | C] () -- C:\Windows\System32\26f1b5c9dzor505.dll [2008/01/18 17:14:46 | 00,017,524 | ---- | C] () -- C:\Windows\524fzac95oor2976.dll [2008/01/18 05:40:45 | 00,000,203 | ---- | C] () -- C:\Windows\SpssLM.ini [2008/01/14 16:54:57 | 00,006,277 | ---- | C] () -- C:\Windows\System32\3502zspy5669.dll [2008/01/13 14:31:17 | 00,012,553 | ---- | C] () -- C:\Windows\System32\70d7t9zef1851.dll [2008/01/04 02:38:43 | 00,007,307 | ---- | C] () -- C:\Windows\System32\4z2tro94e5.dll [2007/12/31 12:34:21 | 00,299,008 | ---- | C] () -- C:\Windows\System32\LAME_MP3.dll [2007/11/23 05:01:31 | 00,000,099 | ---- | C] () -- C:\Windows\MXDebug2.ini [2007/11/22 04:24:41 | 00,000,032 | ---- | C] () -- C:\Windows\MS Office 2007 Pro Plus & Expression Web.INI [2007/10/08 09:21:46 | 00,958,464 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2007/05/10 02:02:08 | 00,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll [2007/05/10 02:00:26 | 00,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll [2007/02/24 14:59:14 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2007/02/08 20:02:54 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2007/02/08 20:02:52 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2007/02/08 20:00:44 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini [2006/11/02 06:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2004/12/20 06:08:28 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004/12/20 06:03:26 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll ========== Files - Modified Within 30 Days ========== [1 C:\Users\Neeraj Tohan\Documents\*.tmp files] [2009/12/28 15:58:31 | 00,014,347 | ---- | M] () -- C:\Windows\System32\4c5zbackdoo92804.bin [2009/12/27 21:20:35 | 00,003,442 | ---- | M] () -- C:\Windows\System32\353czpy59re2933.dll [2009/12/26 14:49:18 | 00,004,758 | ---- | M] () -- C:\Windows\System32\6037not-a-viru945z.bin [2009/12/24 17:39:03 | 00,004,245 | ---- | M] () -- C:\Windows\29215spzmbot3bb.bin [2009/12/23 14:04:39 | 00,006,955 | ---- | M] () -- C:\Windows\55z0worm3d9.cpl [2009/12/23 10:37:03 | 00,014,839 | ---- | M] () -- C:\Windows\System32\7z6e5hief1917.bin [2009/12/22 19:38:28 | 00,009,924 | ---- | M] () -- C:\Windows\System32\90878tr5j8z.ocx [2009/12/22 19:10:17 | 00,005,187 | ---- | M] () -- C:\Windows\5919v5r1396z.dll [2009/12/19 18:20:32 | 00,008,618 | ---- | M] () -- C:\Windows\23761vz9u5b7.ocx [2009/12/19 00:30:11 | 00,008,526 | ---- | M] () -- C:\Windows\System32\7963sparse5z9.cpl [2009/12/18 09:02:34 | 00,009,972 | ---- | M] () -- C:\Windows\24054h59ktozl3db.bin [2009/12/18 05:21:59 | 00,010,415 | ---- | M] () -- C:\Windows\1225do5nl9ader287z.exe [2009/12/18 04:52:51 | 00,010,867 | ---- | M] () -- C:\Windows\System32\75z3t5re9t2847.cpl [2009/12/16 07:17:06 | 00,017,324 | ---- | M] () -- C:\Windows\System32\1569zspy152.bin [2009/12/16 05:18:45 | 00,009,084 | ---- | M] () -- C:\Windows\System32\a9fdownzoad592262.cpl [2009/12/16 01:25:44 | 00,008,283 | ---- | M] () -- C:\Windows\45e09z5eat9856.exe [2009/12/15 00:32:23 | 00,005,441 | ---- | M] () -- C:\Windows\2f93thzeat56625.dll [2009/12/13 07:47:51 | 00,007,720 | ---- | M] () -- C:\Windows\7951downloader19z95.exe [2009/12/12 09:34:43 | 00,004,857 | ---- | M] () -- C:\Windows\System32\15047not-5-9iruz33a.exe [2009/12/10 15:04:54 | 00,011,611 | ---- | M] () -- C:\Windows\System32\25292spz5fb9.bin [2009/12/09 11:11:19 | 00,013,956 | ---- | M] () -- C:\Windows\System32\4053threat98047z.dll [2009/12/08 20:10:19 | 00,003,424 | ---- | M] () -- C:\Windows\39599irzs43d.exe [2009/12/08 15:23:35 | 00,008,098 | ---- | M] () -- C:\Windows\System32\422zs5yware2195.bin [2009/12/05 06:21:46 | 00,008,808 | ---- | M] () -- C:\Windows\5a25steaz936.cpl [2009/12/02 03:51:10 | 00,007,986 | ---- | M] () -- C:\Windows\256fspyw9re960z.cpl [2009/12/01 23:00:25 | 00,012,576 | ---- | M] () -- C:\Windows\55bzs5arse2917.ocx [2009/12/01 03:51:16 | 00,013,780 | ---- | M] () -- C:\Windows\System32\9497zviru5453.ocx [2009/11/28 17:27:21 | 00,010,061 | ---- | M] () -- C:\Windows\System32\194aszeal9545.ocx [2009/11/28 05:21:18 | 00,002,918 | ---- | M] () -- C:\Windows\System32\5868z9dware475.bin [2009/11/24 06:22:51 | 00,010,388 | ---- | M] () -- C:\Windows\System32\z0377w5r972c.cpl [2009/11/24 01:55:47 | 00,013,851 | ---- | M] () -- C:\Windows\System32\ze01downl5ader93.dll [2009/11/22 07:29:38 | 00,017,644 | ---- | M] () -- C:\Windows\6142ha5ktooz697.cpl [2009/11/21 22:32:57 | 00,008,612 | ---- | M] () -- C:\Windows\System32\zeecsparse5129.exe [2009/11/21 02:31:53 | 00,004,537 | ---- | M] () -- C:\Windows\System32\26922tro53z89.exe [2009/11/19 18:28:09 | 00,002,697 | ---- | M] () -- C:\Windows\System32\7029z5rus99.ocx [2009/11/19 08:14:31 | 00,014,778 | ---- | M] () -- C:\Windows\System32\3592th5ef2239z.exe [2009/11/19 05:59:54 | 00,004,018 | ---- | M] () -- C:\Windows\9a9z95ware1744.cpl [2009/11/17 23:09:06 | 00,009,502 | ---- | M] () -- C:\Windows\31195nzt-5-virus9fc.bin [2009/11/16 11:27:56 | 00,010,792 | ---- | M] () -- C:\Windows\4fe1stzal56029.ocx [2009/11/16 00:15:45 | 00,013,748 | ---- | M] () -- C:\Windows\System32\1f795zyware2644.dll [2009/11/15 16:11:38 | 00,010,807 | ---- | M] () -- C:\Windows\8810s5am9ot4dz.exe [2009/11/14 15:36:34 | 00,016,051 | ---- | M] () -- C:\Windows\System32\59cthief26z7.bin [2009/11/13 19:14:43 | 00,016,880 | ---- | M] () -- C:\Windows\1cfz5a9kdoor1867.ocx [2009/11/10 21:12:14 | 00,015,842 | ---- | M] () -- C:\Windows\System32\12507tr9z1ce.ocx [2009/11/09 10:17:37 | 00,008,134 | ---- | M] () -- C:\Windows\System32\3dbbs5eaz1669.cpl [2009/11/08 00:58:24 | 00,013,072 | ---- | M] () -- C:\Windows\25d3download5910z7.ocx [2009/11/07 15:33:05 | 00,003,947 | ---- | M] () -- C:\Windows\4f4159dwzre1800.cpl [2009/11/07 13:58:24 | 00,004,933 | ---- | M] () -- C:\Windows\System32\3054z5irus9c2.exe [2009/11/06 20:42:36 | 00,007,190 | ---- | M] () -- C:\Windows\51z69spy59b.cpl [2009/11/06 03:39:03 | 00,013,481 | ---- | M] () -- C:\Windows\System32\3aa7zddw5re9730.bin [2009/11/05 17:53:26 | 00,016,020 | ---- | M] () -- C:\Windows\acftzre5t94699.exe [2009/11/04 05:17:52 | 00,003,432 | ---- | M] () -- C:\Windows\55945troj7c5z.bin [2009/11/03 01:45:28 | 00,013,431 | ---- | M] () -- C:\Windows\System32\599athiefz119.exe [2009/11/02 19:51:29 | 00,008,630 | ---- | M] () -- C:\Windows\2781659zj619.dll [2009/11/02 11:07:51 | 00,015,564 | ---- | M] () -- C:\Windows\10891virzs17f5.ocx [2009/10/28 00:43:02 | 00,012,049 | ---- | M] () -- C:\Windows\System32\6z039pam5ot6d3.bin [2009/10/23 19:09:54 | 00,005,133 | ---- | M] () -- C:\Windows\2c02sp5zse2929.dll [2009/10/23 17:44:52 | 00,016,484 | ---- | M] () -- C:\Windows\z3659virus758.ocx [2009/10/20 23:55:23 | 00,008,975 | ---- | M] () -- C:\Windows\9950troj6fz.exe [2009/10/19 21:27:07 | 00,015,131 | ---- | M] () -- C:\Windows\System32\2d66downloa59rz225.ocx [2009/10/17 09:31:19 | 00,008,639 | ---- | M] () -- C:\Windows\System32\7d27vir23z95.cpl [2009/10/16 07:51:04 | 00,006,691 | ---- | M] () -- C:\Windows\System32\6z4t9oj3bf5.dll [2009/10/14 21:05:39 | 00,008,146 | ---- | M] () -- C:\Windows\35559ddwaze2512.dll [2009/10/11 10:15:16 | 00,018,063 | ---- | M] () -- C:\Windows\System32\4395spazbot7d05.exe [2009/10/11 01:18:28 | 00,008,114 | ---- | M] () -- C:\Windows\System32\301509ot-a-v5rus292z.cpl [2009/10/09 16:54:10 | 00,006,667 | ---- | M] () -- C:\Windows\System32\5zccspy9are389.exe [2009/10/07 19:42:51 | 00,004,426 | ---- | M] () -- C:\Windows\24519not-a59irzs4de.ocx [2009/10/04 03:25:57 | 00,013,056 | ---- | M] () -- C:\Windows\19610wo954zf.exe [2009/10/03 21:08:41 | 00,010,355 | ---- | M] () -- C:\Windows\System32\b9dth5eat122z.cpl [2009/10/02 01:23:14 | 00,011,203 | ---- | M] () -- C:\Windows\System32\355zspywar92442.cpl [2009/10/01 20:24:56 | 00,016,334 | ---- | M] () -- C:\Windows\System32\43a1zh9ef5949.ocx [2009/09/27 22:30:00 | 00,005,063 | ---- | M] () -- C:\Windows\53eebacz9oor2951.exe [2009/09/24 18:47:32 | 00,005,019 | ---- | M] () -- C:\Windows\System32\10157worz839.exe [2009/09/23 08:40:55 | 00,015,350 | ---- | M] () -- C:\Windows\System32\9161not-a-9iru59z.dll [2009/09/18 14:16:38 | 00,008,308 | ---- | M] () -- C:\Windows\558cst9zl16.dll [2009/09/18 01:02:38 | 00,003,611 | ---- | M] () -- C:\Windows\System32\z50995acktoolc3.bin [2009/09/17 16:37:12 | 00,004,796 | ---- | M] () -- C:\Windows\System32\15898notza-virus4d2.exe [2009/09/17 16:18:37 | 00,008,149 | ---- | M] () -- C:\Windows\b5aba5kzo9r492.exe [2009/09/17 08:43:17 | 00,017,464 | ---- | M] () -- C:\Windows\5591vir277z9.bin [2009/09/17 04:04:39 | 00,016,453 | ---- | M] () -- C:\Windows\328v9r9z5.dll [2009/09/15 18:26:09 | 00,010,872 | ---- | M] () -- C:\Windows\315629pambot1z2.bin [2009/09/14 16:08:19 | 00,005,751 | ---- | M] () -- C:\Windows\System32\5859sparse123z.exe [2009/09/13 16:18:48 | 00,014,657 | ---- | M] () -- C:\Windows\7zc59pyware163.cpl [2009/09/12 22:16:25 | 00,005,229 | ---- | M] () -- C:\Windows\System32\3296downl5aderz103.ocx [2009/09/12 10:03:07 | 00,011,554 | ---- | M] () -- C:\Windows\27616spzmbo59d2.dll [2009/09/12 04:32:44 | 00,011,733 | ---- | M] () -- C:\Windows\System32\589astza51150.cpl [2009/09/11 19:47:32 | 00,008,773 | ---- | M] () -- C:\Windows\15z49spambot69d.exe [2009/09/10 09:01:18 | 00,010,135 | ---- | M] () -- C:\Windows\31335zack59ol799.ocx [2009/09/07 02:56:04 | 00,006,641 | ---- | M] () -- C:\Windows\6f79ad5wa9e1z18.exe [2009/09/06 16:15:28 | 00,003,250 | ---- | M] () -- C:\Windows\System32\7467sparz95115.cpl [2009/09/04 17:40:00 | 00,015,833 | ---- | M] () -- C:\Windows\System32\56zor975.exe [2009/09/01 13:39:44 | 00,013,890 | ---- | M] () -- C:\Windows\b6ethzeat15697.ocx [2009/09/01 04:06:57 | 00,017,013 | ---- | M] () -- C:\Windows\5z59vir135.bin [2009/08/28 11:36:05 | 00,012,119 | ---- | M] () -- C:\Windows\10az9i5144.bin [2009/08/27 01:39:46 | 00,005,256 | ---- | M] () -- C:\Windows\31954vir9sc5z.bin [2009/08/26 14:59:04 | 00,004,843 | ---- | M] () -- C:\Windows\System32\25952spy7z3.dll [2009/08/26 05:38:26 | 00,003,098 | ---- | M] () -- C:\Windows\96113not-a-virus65z.exe [2009/08/24 23:13:26 | 00,015,310 | ---- | M] () -- C:\Windows\8982hzckto5l31a.cpl [2009/08/24 14:30:35 | 00,010,118 | ---- | M] () -- C:\Windows\52709acktzol4285.bin [2009/08/24 09:57:51 | 00,007,912 | ---- | M] () -- C:\Windows\System32\28950worz53d5.cpl [2009/08/24 04:46:02 | 00,006,939 | ---- | M] () -- C:\Windows\System32\4707zhreat15591.dll [2009/08/18 18:14:48 | 00,013,637 | ---- | M] () -- C:\Windows\System32\47ffdo5nl9aderz587.exe [2009/08/13 23:18:22 | 00,009,215 | ---- | M] () -- C:\Windows\System32\2169stez52927.cpl [2009/08/12 14:10:02 | 00,011,936 | ---- | M] () -- C:\Windows\System32\10209wor51zf9.bin [2009/08/11 12:08:09 | 00,007,099 | ---- | M] () -- C:\Windows\12970hacktz9l5b7.cpl [2009/08/10 23:03:08 | 00,018,430 | ---- | M] () -- C:\Windows\System32\1z85spyware879.dll [2009/08/10 07:41:37 | 00,012,367 | ---- | M] () -- C:\Windows\System32\6z54sp9war51531.bin [2009/08/09 01:10:27 | 00,004,755 | ---- | M] () -- C:\Windows\26109wor57z49.cpl [2009/08/08 22:14:26 | 00,016,564 | ---- | M] () -- C:\Windows\System32\255629roj3fz.exe [2009/08/08 14:56:55 | 00,006,276 | ---- | M] () -- C:\Windows\55steal3099z.bin [2009/08/07 22:51:16 | 00,016,547 | ---- | M] () -- C:\Windows\z8396hackt59l49e.bin [2009/08/07 13:30:04 | 00,010,100 | ---- | M] () -- C:\Windows\7dddzhre9t54645.cpl [2009/08/07 11:05:13 | 00,003,452 | ---- | M] () -- C:\Windows\System32\26399s592zb.dll [2009/08/06 10:52:41 | 00,014,789 | ---- | M] () -- C:\Windows\System32\55579worz559.ocx [2009/08/05 05:08:05 | 00,007,230 | ---- | M] () -- C:\Windows\715059z4aa.dll [2009/08/04 15:33:45 | 00,007,669 | ---- | M] () -- C:\Windows\1d9zspy59re1306.ocx [2009/08/03 16:27:00 | 00,015,946 | ---- | M] () -- C:\Windows\System32\1989thzef3546.dll [2009/08/03 06:01:44 | 00,005,083 | ---- | M] () -- C:\Windows\System32\2z589hreat7973.exe [2009/08/01 10:07:17 | 00,016,179 | ---- | M] () -- C:\Windows\System32\1905ztr59479.dll [2009/08/01 08:45:35 | 00,008,951 | ---- | M] () -- C:\Windows\System32\5ade9hief579z.exe [2009/07/27 05:36:14 | 00,016,606 | ---- | M] () -- C:\Windows\295thzef1533.ocx [2009/07/27 00:50:22 | 00,007,200 | ---- | M] () -- C:\Windows\System32\1c49downloadzr5968.exe [2009/07/26 06:04:00 | 00,016,970 | ---- | M] () -- C:\Windows\System32\171215acktozl4149.exe [2009/07/26 03:27:07 | 00,016,633 | ---- | M] () -- C:\Windows\12159ownloadzr11815.dll [2009/07/25 20:04:39 | 00,002,721 | ---- | M] () -- C:\Windows\System32\2d5bst9alz56.exe [2009/07/24 09:56:23 | 00,010,432 | ---- | M] () -- C:\Windows\System32\7559sp573z.bin [2009/07/22 18:04:50 | 00,011,052 | ---- | M] () -- C:\Windows\System32\f5zaddw9re2365.exe [2009/07/22 08:26:39 | 00,010,664 | ---- | M] () -- C:\Windows\fz1vir5924.bin [2009/07/22 06:35:50 | 00,004,965 | ---- | M] () -- C:\Windows\System32\195zaddware1132.dll [2009/07/20 12:50:32 | 00,015,915 | ---- | M] () -- C:\Windows\10a9dow5lza9er2069.cpl [2009/07/18 19:17:04 | 00,006,363 | ---- | M] () -- C:\Windows\14261not-a-virus95ez.bin [2009/07/18 11:32:22 | 00,010,469 | ---- | M] () -- C:\Windows\System32\798dzpar5e148.bin [2009/07/17 22:00:27 | 00,013,086 | ---- | M] () -- C:\Windows\System32\50899troj37z.bin [2009/07/14 10:19:57 | 00,017,477 | ---- | M] () -- C:\Windows\System32\129esparsez55.exe [2009/07/14 02:14:04 | 00,004,940 | ---- | M] () -- C:\Windows\System32\5762ad5war92z41.cpl [2009/07/12 21:10:11 | 00,013,219 | ---- | M] () -- C:\Windows\52z69h5ef2970.bin [2009/07/12 17:19:31 | 00,007,420 | ---- | M] () -- C:\Windows\27105s5y9z3.bin [2009/07/10 22:39:32 | 00,010,717 | ---- | M] () -- C:\Windows\System32\z536vir590.ocx [2009/07/10 20:22:28 | 00,010,997 | ---- | M] () -- C:\Windows\System32\6284vir930z5.exe [2009/07/08 17:55:09 | 00,011,652 | ---- | M] () -- C:\Windows\29859virus581z.ocx [2009/07/08 10:31:30 | 00,005,232 | ---- | M] () -- C:\Windows\System32\265zs5ea9541.bin [2009/07/07 01:12:03 | 00,003,794 | ---- | M] () -- C:\Windows\System32\2244h5zktool7a79.dll [2009/07/06 12:44:03 | 00,014,899 | ---- | M] () -- C:\Windows\232979ackto5z494.bin [2009/07/06 05:43:26 | 00,014,278 | ---- | M] () -- C:\Windows\285z1virus319.exe [2009/07/05 17:50:19 | 00,016,131 | ---- | M] () -- C:\Windows\System32\1989zspa9bo5721.exe [2009/07/03 07:51:10 | 00,005,800 | ---- | M] () -- C:\Windows\2908zvirus359.dll [2009/07/03 03:47:07 | 00,017,001 | ---- | M] () -- C:\Windows\System32\5e15th5eat296z0.exe [2009/07/02 11:28:01 | 00,004,608 | ---- | M] () -- C:\Windows\5a59backdzor3143.cpl [2009/07/01 02:55:20 | 00,010,861 | ---- | M] () -- C:\Windows\z558virus592.cpl [2009/06/27 20:09:54 | 00,006,734 | ---- | M] () -- C:\Windows\100639ot-a-virus5z3.ocx [2009/06/27 03:08:31 | 00,008,651 | ---- | M] () -- C:\Windows\System32\5564not-a9zirus118.cpl [2009/06/26 22:31:10 | 00,013,356 | ---- | M] () -- C:\Windows\44fbthre5t729z.bin [2009/06/26 12:26:19 | 00,005,122 | ---- | M] () -- C:\Windows\System32\323z9ha5ktool3e19.exe [2009/06/23 17:49:03 | 00,012,307 | ---- | M] () -- C:\Windows\System32\91ezp9ware5809.dll [2009/06/23 03:00:36 | 00,014,376 | ---- | M] () -- C:\Windows\26369s5y2z7.bin [2009/06/22 02:53:17 | 00,017,599 | ---- | M] () -- C:\Windows\2f93thief1563z.dll [2009/06/18 08:51:28 | 00,004,465 | ---- | M] () -- C:\Windows\5f01backdooz926.ocx [2009/06/17 18:08:03 | 00,011,598 | ---- | M] () -- C:\Windows\224et5ief955z.bin [2009/06/15 16:23:41 | 00,015,725 | ---- | M] () -- C:\Windows\590ds5zal3049.dll [2009/06/15 11:33:34 | 00,002,823 | ---- | M] () -- C:\Windows\9532zirus5c35.ocx [2009/06/15 06:40:34 | 00,011,406 | ---- | M] () -- C:\Windows\20sparze19145.bin [2009/06/13 14:06:57 | 00,014,994 | ---- | M] () -- C:\Windows\System32\4983s5az9ot37c.bin [2009/06/13 02:00:26 | 00,003,179 | ---- | M] () -- C:\Windows\369zworm5789.exe [2009/06/10 23:24:14 | 00,007,204 | ---- | M] () -- C:\Windows\56z0download5r15929.bin [2009/06/10 08:41:52 | 00,003,899 | ---- | M] () -- C:\Windows\System32\15704not-a-v95us7e9z.bin [2009/06/08 17:07:24 | 00,011,265 | ---- | M] () -- C:\Windows\2ef4doznloa9er5524.exe [2009/06/07 06:45:45 | 00,004,077 | ---- | M] () -- C:\Windows\2046tzr5at79.cpl [2009/06/04 07:16:16 | 00,007,091 | ---- | M] () -- C:\Windows\System32\50985pyware22z7.bin [2009/06/03 16:19:30 | 00,013,971 | ---- | M] () -- C:\Windows\941zr5j139.exe [2009/06/03 15:58:52 | 00,012,764 | ---- | M] () -- C:\Windows\5d65addzare3049.ocx [2009/06/03 13:51:51 | 00,005,952 | ---- | M] () -- C:\Windows\System32\93ff5ir21z2.cpl [2009/06/03 04:12:56 | 00,005,670 | ---- | M] () -- C:\Windows\System32\79a0st59l17z4.bin [2009/06/01 13:21:17 | 00,002,813 | ---- | M] () -- C:\Windows\System32\2157backdoo9670z.ocx [2009/05/28 19:50:28 | 00,007,720 | ---- | M] () -- C:\Windows\5099th9ef19z0.cpl [2009/05/28 07:39:43 | 00,009,157 | ---- | M] () -- C:\Windows\33z9pyware552.ocx [2009/05/27 00:58:42 | 00,006,994 | ---- | M] () -- C:\Windows\System32\5126viz9675.exe [2009/05/24 14:40:01 | 00,008,905 | ---- | M] () -- C:\Windows\326b5zr593.exe [2009/05/23 05:06:01 | 00,003,887 | ---- | M] () -- C:\Windows\za8ste5l2519.exe [2009/05/22 21:05:05 | 00,002,628 | ---- | M] () -- C:\Windows\27dfaddwa9e265z.ocx [2009/05/21 23:42:06 | 00,005,558 | ---- | M] () -- C:\Windows\System32\15921z5y7ce9.bin [2009/05/20 14:14:46 | 00,011,260 | ---- | M] () -- C:\Windows\45e7downlozder54049.exe [2009/05/18 01:03:41 | 00,008,701 | ---- | M] () -- C:\Windows\System32\5a399ownzo5der3255.bin [2009/05/17 17:05:21 | 00,007,738 | ---- | M] () -- C:\Windows\z12475py329.dll [2009/05/15 17:48:19 | 00,017,316 | ---- | M] () -- C:\Windows\31275notz5-vir9s787.ocx [2009/05/15 11:48:55 | 00,008,941 | ---- | M] () -- C:\Windows\1z5449ot-a5virus382.bin [2009/05/14 09:08:58 | 00,009,053 | ---- | M] () -- C:\Windows\1z587troj955.dll [2009/05/13 13:53:23 | 00,012,091 | ---- | M] () -- C:\Windows\System32\505zrus954.exe [2009/05/11 01:19:14 | 00,011,968 | ---- | M] () -- C:\Windows\System32\68d2zte9l1507.ocx [2009/05/09 17:30:34 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job [2009/05/09 17:30:32 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/05/09 17:30:14 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/05/09 17:30:14 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/05/09 17:30:03 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/05/09 04:56:49 | 00,014,848 | ---- | M] () -- C:\Windows\59z9spambot352.dll [2009/05/08 07:58:46 | 00,000,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2009/05/08 00:09:26 | 40,153,280 | ---- | M] () -- C:\Users\Neeraj Tohan\Desktop\savw76sasfx.exe [2009/05/07 23:37:32 | 00,009,404 | ---- | M] () -- C:\Windows\System32\70z9threat255875.bin [2009/05/07 23:37:32 | 00,009,325 | ---- | M] () -- C:\Windows\158daddware2z98.cpl [2009/05/07 23:37:32 | 00,003,728 | ---- | M] () -- C:\Windows\System32\z9b9s5yw9re1317.ocx [2009/05/07 23:37:32 | 00,003,102 | ---- | M] () -- C:\Windows\System32\2348195zktool386.bin [2009/05/07 23:37:31 | 00,018,195 | ---- | M] () -- C:\Windows\c1za5dware30419.cpl [2009/05/07 23:37:31 | 00,011,681 | ---- | M] () -- C:\Windows\System32\26543worz99.exe [2009/05/07 23:37:31 | 00,011,307 | ---- | M] () -- C:\Windows\System32\524down9ozd5r48.bin [2009/05/07 23:37:31 | 00,010,599 | ---- | M] () -- C:\Windows\System32\22512s9yz5f.ocx [2009/05/07 23:37:31 | 00,008,053 | ---- | M] () -- C:\Windows\90016z5y409.dll [2009/05/07 23:37:31 | 00,006,791 | ---- | M] () -- C:\Windows\System32\2005tzreat23659.cpl [2009/05/07 23:37:31 | 00,004,865 | ---- | M] () -- C:\Windows\23949wor56e5z.exe [2009/05/07 23:37:31 | 00,004,345 | ---- | M] () -- C:\Windows\3839worm515z.cpl [2009/05/07 23:37:31 | 00,004,064 | ---- | M] () -- C:\Windows\4ce5addwar92852z.ocx [2009/05/07 23:37:30 | 00,012,279 | ---- | M] () -- C:\Windows\91609sp5mbot188z.ocx [2009/05/07 23:37:30 | 00,008,456 | ---- | M] () -- C:\Windows\System32\95z2troj92.ocx [2009/05/07 23:37:30 | 00,007,171 | ---- | M] () -- C:\Windows\2a74szyware945.exe [2009/05/07 23:37:30 | 00,006,297 | ---- | M] () -- C:\Windows\69a9thi5f194z.cpl [2009/05/07 23:37:30 | 00,005,654 | ---- | M] () -- C:\Windows\5c57vi91z88.cpl [2009/05/07 23:37:30 | 00,003,376 | ---- | M] () -- C:\Windows\System32\3945spzrs928195.ocx [2009/05/07 23:37:30 | 00,002,886 | ---- | M] () -- C:\Windows\58133vizu915a.exe [2009/05/07 23:37:29 | 00,016,402 | ---- | M] () -- C:\Windows\59e9bazkdoor1651.exe [2009/05/07 23:37:29 | 00,016,095 | ---- | M] () -- C:\Windows\System32\3458addwarez3195.dll [2009/05/07 23:37:29 | 00,015,043 | ---- | M] () -- C:\Windows\System32\z515hief698.ocx [2009/05/07 23:37:29 | 00,013,966 | ---- | M] () -- C:\Windows\System32\291369rzj588.bin [2009/05/07 23:37:29 | 00,012,724 | ---- | M] () -- C:\Windows\9689z5pambot205.bin [2009/05/07 23:37:29 | 00,012,584 | ---- | M] () -- C:\Windows\150evir19z4.bin [2009/05/07 23:37:29 | 00,010,162 | ---- | M] () -- C:\Windows\System32\22521zorm39e.dll [2009/05/07 23:37:29 | 00,008,982 | ---- | M] () -- C:\Windows\System32\32541sp9mbot3z3.bin [2009/05/07 23:37:29 | 00,008,850 | ---- | M] () -- C:\Windows\8714n9t-a-viruz45f.bin [2009/05/07 23:37:29 | 00,007,814 | ---- | M] () -- C:\Windows\System32\5fzavir9166.dll [2009/05/07 23:37:29 | 00,007,463 | ---- | M] () -- C:\Windows\17091not-azvi9us855.cpl [2009/05/07 23:37:28 | 00,016,198 | ---- | M] () -- C:\Windows\2d45stza92504.bin [2009/05/07 23:37:28 | 00,010,781 | ---- | M] () -- C:\Windows\21850spzmbot269.cpl [2009/05/07 23:37:28 | 00,008,275 | ---- | M] () -- C:\Windows\972zspy576.ocx [2009/05/07 23:37:28 | 00,004,198 | ---- | M] () -- C:\Windows\System32\73ebspyware9z765.cpl [2009/05/07 23:37:28 | 00,003,602 | ---- | M] () -- C:\Windows\System32\24893spz33b5.ocx [2009/05/07 23:37:27 | 00,016,962 | ---- | M] () -- C:\Windows\5a73addwarez989.ocx [2009/05/07 23:37:27 | 00,014,844 | ---- | M] () -- C:\Windows\System32\zc739pars52346.cpl [2009/05/07 23:37:27 | 00,012,142 | ---- | M] () -- C:\Windows\zdb5ba59door1676.exe [2009/05/07 23:37:27 | 00,011,749 | ---- | M] () -- C:\Windows\System32\556bthreat116z59.ocx [2009/05/07 23:37:27 | 00,011,574 | ---- | M] () -- C:\Windows\b92backdoor25z.cpl [2009/05/07 23:37:27 | 00,011,321 | ---- | M] () -- C:\Windows\z189vir55.exe [2009/05/07 23:37:27 | 00,010,084 | ---- | M] () -- C:\Windows\System32\66d5downloaderz7789.bin [2009/05/07 23:37:27 | 00,009,982 | ---- | M] () -- C:\Windows\System32\23f1bazk9oor9815.ocx [2009/05/07 23:37:27 | 00,009,889 | ---- | M] () -- C:\Windows\2425zwo9533c.dll [2009/05/07 23:37:27 | 00,008,990 | ---- | M] () -- C:\Windows\6135tzoj2209.cpl [2009/05/07 23:37:27 | 00,008,594 | ---- | M] () -- C:\Windows\31z90tro53ae9.ocx [2009/05/07 23:37:27 | 00,003,633 | ---- | M] () -- C:\Windows\9694z5irus5c7.ocx [2009/05/07 23:37:27 | 00,003,015 | ---- | M] () -- C:\Windows\28662ha5k9ooz728.bin [2009/05/07 23:37:26 | 00,014,143 | ---- | M] () -- C:\Windows\System32\5903zteal2125.exe [2009/05/07 23:37:26 | 00,010,585 | ---- | M] () -- C:\Windows\System32\15689tr9j2bz.dll [2009/05/07 23:37:26 | 00,003,892 | ---- | M] () -- C:\Windows\z607not-9-vir5s1ff.exe [2009/05/07 23:37:25 | 00,011,749 | ---- | M] () -- C:\Windows\System32\16695spz5559.exe [2009/05/07 23:37:25 | 00,011,001 | ---- | M] () -- C:\Windows\95121v5rus18az.ocx [2009/05/07 23:37:25 | 00,008,858 | ---- | M] () -- C:\Windows\System32\17990t5oj6z.bin [2009/05/07 23:37:25 | 00,008,420 | ---- | M] () -- C:\Windows\4967thre5t310z1.bin [2009/05/07 23:37:25 | 00,007,315 | ---- | M] () -- C:\Windows\System32\2z819w9rm385.dll [2009/05/07 23:37:25 | 00,002,537 | ---- | M] () -- C:\Windows\95c5sparz5585.cpl [2009/05/07 23:37:24 | 00,017,810 | ---- | M] () -- C:\Windows\System32\789ebaczdo5r824.ocx [2009/05/07 23:37:24 | 00,016,240 | ---- | M] () -- C:\Windows\System32\25194hack9ool2z5.cpl [2009/05/07 23:37:24 | 00,015,894 | ---- | M] () -- C:\Windows\System32\28692s5z2b59.exe [2009/05/07 23:37:24 | 00,014,075 | ---- | M] () -- C:\Windows\459zworm769.cpl [2009/05/07 23:37:24 | 00,013,149 | ---- | M] () -- C:\Windows\System32\z7ee9pyware1445.exe [2009/05/07 23:37:24 | 00,012,031 | ---- | M] () -- C:\Windows\System32\4bez9i5f84.bin [2009/05/07 23:37:24 | 00,010,650 | ---- | M] () -- C:\Windows\System32\z916vir24455.exe [2009/05/07 23:37:24 | 00,010,458 | ---- | M] () -- C:\Windows\4279th5ef1z70.ocx [2009/05/07 23:37:24 | 00,007,775 | ---- | M] () -- C:\Windows\System32\75f4threa9z8144.exe [2009/05/07 23:37:24 | 00,004,374 | ---- | M] () -- C:\Windows\133559orz481.exe [2009/05/07 23:37:24 | 00,003,969 | ---- | M] () -- C:\Windows\11325not-a-9irus7ez5.bin [2009/05/07 23:37:23 | 00,017,415 | ---- | M] () -- C:\Windows\System32\5175thizf2950.bin [2009/05/07 23:37:23 | 00,017,396 | ---- | M] () -- C:\Windows\System32\5b58download9r2044z.exe [2009/05/07 23:37:23 | 00,016,197 | ---- | M] () -- C:\Windows\System32\339zthrea5314.ocx [2009/05/07 23:37:23 | 00,015,753 | ---- | M] () -- C:\Windows\System32\195irz998.exe [2009/05/07 23:37:23 | 00,015,079 | ---- | M] () -- C:\Windows\System32\349f5hrzat4925.exe [2009/05/07 23:37:23 | 00,014,113 | ---- | M] () -- C:\Windows\System32\555v9z1225.exe [2009/05/07 23:37:23 | 00,012,247 | ---- | M] () -- C:\Windows\147869rzj495.cpl [2009/05/07 23:37:23 | 00,012,061 | ---- | M] () -- C:\Windows\System32\5522t9iefz079.dll [2009/05/07 23:37:23 | 00,011,975 | ---- | M] () -- C:\Windows\System32\258z5wo9m61b.ocx [2009/05/07 23:37:23 | 00,011,702 | ---- | M] () -- C:\Windows\System32\50f4thrza513943.dll [2009/05/07 23:37:23 | 00,011,617 | ---- | M] () -- C:\Windows\1459t9izf38.exe [2009/05/07 23:37:23 | 00,011,102 | ---- | M] () -- C:\Windows\System32\219z4hackt9o5519.dll [2009/05/07 23:37:23 | 00,009,225 | ---- | M] () -- C:\Windows\System32\16044ha9kzoo55bc.dll [2009/05/07 23:37:23 | 00,008,898 | ---- | M] () -- C:\Windows\59382not-azvirus2b9.bin [2009/05/07 23:37:23 | 00,008,686 | ---- | M] () -- C:\Windows\System32\49fespywaze3542.bin [2009/05/07 23:37:23 | 00,008,582 | ---- | M] () -- C:\Windows\z2555tr9jdd.dll [2009/05/07 23:37:23 | 00,008,321 | ---- | M] () -- C:\Windows\2738no5-a-9izus302.dll [2009/05/07 23:37:23 | 00,007,941 | ---- | M] () -- C:\Windows\System32\251z5worm957.exe [2009/05/07 23:37:23 | 00,007,908 | ---- | M] () -- C:\Windows\z5096vi9us578.cpl [2009/05/07 23:37:23 | 00,007,600 | ---- | M] () -- C:\Windows\2ac0t95ef766z.cpl [2009/05/07 23:37:23 | 00,005,170 | ---- | M] () -- C:\Windows\System32\3891stzal12615.cpl [2009/05/07 23:37:23 | 00,003,379 | ---- | M] () -- C:\Windows\System32\7d79d5wnloazer2592.ocx [2009/05/07 23:37:23 | 00,003,300 | ---- | M] () -- C:\Windows\18925not-a-virzs9b4.exe [2009/05/07 23:37:23 | 00,003,235 | ---- | M] () -- C:\Windows\System32\1f5atzi5f9809.ocx [2009/05/07 23:37:23 | 00,002,860 | ---- | M] () -- C:\Windows\System32\19646not-9-vir5s3bez.cpl [2009/05/07 23:37:23 | 00,002,725 | ---- | M] () -- C:\Windows\System32\109cdow5loaze9868.cpl [2009/05/07 23:37:22 | 00,018,282 | ---- | M] () -- C:\Windows\System32\5692steal2z9.bin [2009/05/07 23:37:22 | 00,017,516 | ---- | M] () -- C:\Windows\System32\696s5ywarez4899.exe [2009/05/07 23:37:22 | 00,015,483 | ---- | M] () -- C:\Windows\29999vi5uszb5.cpl [2009/05/07 23:37:22 | 00,015,247 | ---- | M] () -- C:\Windows\a65vir232z9.exe [2009/05/07 23:37:22 | 00,014,645 | ---- | M] () -- C:\Windows\20767not-a9virzs54f.bin [2009/05/07 23:37:22 | 00,014,333 | ---- | M] () -- C:\Windows\55809aczdoor1163.ocx [2009/05/07 23:37:22 | 00,012,626 | ---- | M] () -- C:\Windows\215z49py7b5.ocx [2009/05/07 23:37:22 | 00,010,620 | ---- | M] () -- C:\Windows\System32\z95evir9569.ocx [2009/05/07 23:37:22 | 00,006,304 | ---- | M] () -- C:\Windows\5699not-a-vzrus35.exe [2009/05/07 23:37:22 | 00,006,247 | ---- | M] () -- C:\Windows\3aa9sp5waze1735.bin [2009/05/07 23:37:22 | 00,005,066 | ---- | M] () -- C:\Windows\24z48spa9b5t519.exe [2009/05/07 23:37:21 | 00,018,139 | ---- | M] () -- C:\Windows\System32\3985s9yware88z.bin [2009/05/07 23:37:21 | 00,017,603 | ---- | M] () -- C:\Windows\6bzcdownlo95er1626.ocx [2009/05/07 23:37:21 | 00,016,771 | ---- | M] () -- C:\Windows\z7375not9a-virusb.cpl [2009/05/07 23:37:21 | 00,014,903 | ---- | M] () -- C:\Windows\System32\3z54downloader3199.cpl [2009/05/07 23:37:21 | 00,013,618 | ---- | M] () -- C:\Windows\System32\z50dvir9033.cpl [2009/05/07 23:37:21 | 00,009,426 | ---- | M] () -- C:\Windows\2de8stealz9955.ocx [2009/05/07 23:37:21 | 00,007,927 | ---- | M] () -- C:\Windows\System32\3950sparsz2967.bin [2009/05/07 23:37:21 | 00,007,669 | ---- | M] () -- C:\Windows\1563downloazer9895.cpl [2009/05/07 23:37:21 | 00,007,599 | ---- | M] () -- C:\Windows\8179teal1553z.exe [2009/05/07 23:37:21 | 00,005,731 | ---- | M] () -- C:\Windows\System32\1b95backdozr1965.exe [2009/05/07 23:37:21 | 00,005,404 | ---- | M] () -- C:\Windows\389th5zf967.exe [2009/05/07 23:37:21 | 00,005,043 | ---- | M] () -- C:\Windows\System32\z25dt9ief2585.dll [2009/05/07 23:37:21 | 00,004,875 | ---- | M] () -- C:\Windows\System32\33235o9z26f.dll [2009/05/07 23:37:21 | 00,003,605 | ---- | M] () -- C:\Windows\System32\24957h59ktzol3ca.dll [2009/05/07 23:37:21 | 00,002,972 | ---- | M] () -- C:\Windows\System32\5065spzrse119.ocx [2009/05/07 23:37:20 | 00,009,187 | ---- | M] () -- C:\Windows\7395viz998.bin [2009/05/07 23:37:20 | 00,008,700 | ---- | M] () -- C:\Windows\System32\1810bzckdo5r2093.ocx [2009/05/07 23:37:20 | 00,006,241 | ---- | M] () -- C:\Windows\System32\307049pzmbo569b.bin [2009/05/07 23:37:11 | 01,097,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setup2.exe [2009/05/05 00:28:24 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2009/05/04 20:53:36 | 00,003,243 | ---- | M] () -- C:\Windows\System32\2493steal24z05.bin [2009/05/03 13:25:56 | 00,010,834 | ---- | M] () -- C:\Windows\8523wormz97.dll [2009/05/03 02:51:19 | 00,008,905 | ---- | M] () -- C:\Windows\54cabackd5or79z.ocx [2009/05/01 01:22:47 | 00,000,142 | ---- | M] () -- C:\Windows\ODBC.INI [2009/05/01 01:22:07 | 13,946,7815 | ---- | M] () -- C:\Windows\MEMORY.DMP [2009/04/28 07:10:31 | 00,006,795 | ---- | M] () -- C:\Windows\25559n9t-a-vizus11f.cpl [2009/04/26 11:27:06 | 00,014,299 | ---- | M] () -- C:\Windows\z9523hackt9ol565.cpl [2009/04/24 23:43:47 | 00,015,623 | ---- | M] () -- C:\Windows\System32\47e8sp9zse2537.dll [2009/04/24 13:35:51 | 00,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2009/04/24 08:46:00 | 00,003,841 | ---- | M] () -- C:\Windows\53416hackto9l29cz.cpl [2009/04/23 18:47:25 | 00,005,828 | ---- | M] () -- C:\Windows\5129vir222z.exe [2009/04/22 16:57:01 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2009/04/22 01:04:50 | 00,015,514 | ---- | M] () -- C:\Windows\System32\155z9orm543.bin [2009/04/21 02:59:17 | 00,012,879 | ---- | M] () -- C:\Windows\System32\2570ad9ware3015z.cpl [2009/04/21 00:27:11 | 00,409,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2009/04/19 23:34:17 | 00,001,401 | ---- | M] () -- C:\Users\Neeraj Tohan\Desktop\DivX Movies.lnk [2009/04/19 22:55:20 | 00,017,903 | ---- | M] () -- C:\Windows\System32\59z25not-a9virus606.cpl [2009/04/18 03:37:02 | 00,003,704 | ---- | M] () -- C:\Windows\17835viz59155.dll [2009/04/17 21:55:55 | 00,008,598 | ---- | M] () -- C:\Windows\System32\9456szamb5t24b9.ocx [2009/04/16 20:31:05 | 00,015,365 | ---- | M] () -- C:\Windows\System32\517d9hief225z.cpl [2009/04/15 01:25:22 | 00,015,043 | ---- | M] () -- C:\Windows\System32\49435o9m7z9.exe [2009/04/13 10:15:10 | 00,017,675 | ---- | M] () -- C:\Windows\System32\7151spyzare11449.bin [2009/04/12 07:42:07 | 00,017,247 | ---- | M] () -- C:\Windows\System32\7946thiez1952.dll [2009/04/11 23:12:49 | 00,015,691 | ---- | M] () -- C:\Windows\z5b9ir424.bin [2009/04/11 15:42:41 | 00,008,937 | ---- | M] () -- C:\Windows\19555not-z-vir5s62c.bin < End of report > |
 |
 
|
|
May 9 2009, 08:15 PM
Post
#2
|
|
|
Member Posts: 76 From: Toronto OS: xp sp3, vista sp1 |
hey guys, i messed up. the name of the malware is: "winibluesoft." not sure if it makes a difference though; thanks.
|
|
|
|
|
May 15 2009, 03:38 AM
Post
#3
|
|
 Trusted Helper  Posts: 1,861 From: The Netherlands OS: Windows XP/Vista Dualboot |
Hello lucky-g,
Download Dr.Web CureIt to the desktop: ftp://ftp.drweb.com/pub/drweb/cureit/drweb-cureit.exe
After that, please psot also a new log of OTListIt2 Thunderbird1988 |
|
|
|
|
May 16 2009, 05:27 PM
Post
#4
|
|
|
Member Posts: 76 From: Toronto OS: xp sp3, vista sp1 |
Hi Thunderbird1988,
how are you? Thanks for replying. DrWeb found three things. During the "express scan" and "custom scan," I clicked "yes to all" when prompted for each of the files it had detected. After running the "custom scan," my pc restarted on its own. Not sure what happened and I wasn't able to save the file to the desktop. I ran the quick "express scan" again, but it detected nothing. I clicked the "custom scan" and selected "c drive" and ran this scan again. I stopped it when I thought to check folders in the c drive. There is a "CureIt.log" and a quarantine folder in DoctorWeb's main folder. There are two files in that quarantine folder: gxvxcrbsdrexiogscnifcwwpqtkddpqlotmmc.sys descript.ion The CureIt.log reads that no viruses were found and scan interrupted by user. But it found three before I had the chance to save the file. Here is the OTListIt log: OTListIt logfile created on: 16/05/2009 18:50:51 - Run 6 OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\Neeraj Tohan\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 1013.45 Mb Total Physical Memory | 100.40 Mb Available Physical Memory | 9.91% Memory free 2.24 Gb Paging File | 1.29 Gb Available in Paging File | 57.59% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 105.18 Gb Total Space | 13.13 Gb Free Space | 12.49% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NEERAJTOHAN-PC Current User Name: Neeraj Tohan Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) PRC - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Windows\system32\igfxext.exe (Intel Corporation) PRC - C:\Windows\system32\igfxsrvc.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation) PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation) PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Windows\System32\hkcmd.exe (Intel Corporation) PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation) PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc) PRC - C:\Windows\system32\wbem\unsecapp.exe (Microsoft Corporation) PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\Program Files\Internet Explorer\IEUser.exe (Microsoft Corporation) PRC - C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) PRC - C:\Users\Neeraj Tohan\Desktop\OTListIt2.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gupdate1c9c168f65895d0 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown | Running]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (MSSQL$VAIO_VEDB [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper [Disabled | Stopped]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe () SRV - (QBCFMonitorService [Auto | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe ( ) SRV - (QBFCService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.) SRV - (RapiMgr [Auto | Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (SAVAdminService [Unknown | Running]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) SRV - (SAVService [Unknown | Stopped]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc) SRV - (SonicStage Back-End Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation) SRV - (Sophos AutoUpdate Service [Auto | Running]) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SQLBrowser [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (SQLWriter [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VAIO Event Service [Auto | Running]) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (Vcsw [On_Demand | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VzCdbSvc [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VzFw [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (WcesComm [Auto | Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (XAudioService [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (ApfiltrService [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (athr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\athr.sys (Atheros Communications, Inc.) DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (Cdr4_xp [System | Running]) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions) DRV - (Cdralw2k [System | Running]) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions) DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (DMICall [System | Running]) -- C:\Windows\system32\DRIVERS\DMICall.sys (Sony Corporation) DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation) DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (HSFHWAZL [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (igfx [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\system32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys (Conexant) DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (NETw3v32 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\NETw3v32.sys (Intel® Corporation) DRV - (NETw4v32 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\NETw4v32.sys (Intel Corporation) DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (SAVOnAccess [System | Running]) -- C:\Windows\system32\DRIVERS\savonaccess.sys (Sophos Plc) DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (SNC [On_Demand | Running]) -- C:\Windows\System32\Drivers\SonyNC.sys (Sony Corporation) DRV - (SophosBootDriver [Disabled | Stopped]) -- C:\Windows\system32\DRIVERS\SophosBootDriver.sys (Sophos Plc) DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (ti21sony [On_Demand | Running]) -- C:\Windows\system32\drivers\ti21sony.sys (Texas Instruments) DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (WimFltr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\wimfltr.sys (Microsoft Corporation) DRV - (winachsf [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (XAudio [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.sys (Conexant Systems, Inc.) DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\yk60x86.sys (Marvell) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\PROGRAMDATA\MOZILLA\FIREFOX EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C} [2007/10/30 20:49:37 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/25 00:34:10 | 00,000,000 | ---D | M] [2007/10/31 04:49:44 | 00,000,000 | ---D | M] -- C:\Users\Neeraj Tohan\AppData\Roaming\mozilla\Firefox\Profiles\xr4qj960.default\extensions [2007/10/31 04:49:44 | 00,000,000 | ---D | M] -- C:\Users\Neeraj Tohan\AppData\Roaming\mozilla\Firefox\Profiles\xr4qj960.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} O1 HOSTS File: (213378 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 7504 more lines... O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" (Sony Corporation) O4 - HKLM..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security Center\VSC.exe" 1 () O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe () O4 - HKLM..\Run: [WiniBlueSoft] C:\Program Files\WiniBlueSoft Software\WiniBlueSoft\WiniBlueSoft.exe -min File not found O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [setup2.exe] C:\Windows\system32\setup2.exe (Microsoft Corporation) O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Expression\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.154,85.255.112.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{44DC6B8B-39D5-4F19-AF45-12ECF73AFF37}\\NameServer = 85.255.112.154,85.255.112.227 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Interfaces\{7EC5F23B-DDE9-4616-8DD9-3C78B2911781}\\NameServer = 85.255.112.154,85.255.112.227 O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\system32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\system32\VESWinlogon.dll (Sony Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009/05/16 18:50:24 | 00,000,000 | R--D | M] ========== Files/Folders - Created Within 30 Days ========== [2009/12/28 15:58:31 | 00,014,347 | ---- | C] () -- C:\Windows\System32\4c5zbackdoo92804.bin [2009/12/27 21:20:35 | 00,003,442 | ---- | C] () -- C:\Windows\System32\353czpy59re2933.dll [2009/12/26 14:49:18 | 00,004,758 | ---- | C] () -- C:\Windows\System32\6037not-a-viru945z.bin [2009/12/24 17:39:03 | 00,004,245 | ---- | C] () -- C:\Windows\29215spzmbot3bb.bin [2009/12/23 14:04:39 | 00,006,955 | ---- | C] () -- C:\Windows\55z0worm3d9.cpl [2009/12/23 10:37:03 | 00,014,839 | ---- | C] () -- C:\Windows\System32\7z6e5hief1917.bin [2009/12/22 19:38:28 | 00,009,924 | ---- | C] () -- C:\Windows\System32\90878tr5j8z.ocx [2009/12/22 19:10:17 | 00,005,187 | ---- | C] () -- C:\Windows\5919v5r1396z.dll [2009/12/19 18:20:32 | 00,008,618 | ---- | C] () -- C:\Windows\23761vz9u5b7.ocx [2009/12/19 00:30:11 | 00,008,526 | ---- | C] () -- C:\Windows\System32\7963sparse5z9.cpl [2009/12/18 09:02:34 | 00,009,972 | ---- | C] () -- C:\Windows\24054h59ktozl3db.bin [2009/12/18 05:21:59 | 00,010,415 | ---- | C] () -- C:\Windows\1225do5nl9ader287z.exe [2009/12/18 04:52:51 | 00,010,867 | ---- | C] () -- C:\Windows\System32\75z3t5re9t2847.cpl [2009/12/16 07:17:06 | 00,017,324 | ---- | C] () -- C:\Windows\System32\1569zspy152.bin [2009/12/16 05:18:45 | 00,009,084 | ---- | C] () -- C:\Windows\System32\a9fdownzoad592262.cpl [2009/12/16 01:25:44 | 00,008,283 | ---- | C] () -- C:\Windows\45e09z5eat9856.exe [2009/12/15 00:32:23 | 00,005,441 | ---- | C] () -- C:\Windows\2f93thzeat56625.dll [2009/12/13 07:47:51 | 00,007,720 | ---- | C] () -- C:\Windows\7951downloader19z95.exe [2009/12/12 09:34:43 | 00,004,857 | ---- | C] () -- C:\Windows\System32\15047not-5-9iruz33a.exe [2009/12/10 15:04:54 | 00,011,611 | ---- | C] () -- C:\Windows\System32\25292spz5fb9.bin [2009/12/09 11:11:19 | 00,013,956 | ---- | C] () -- C:\Windows\System32\4053threat98047z.dll [2009/12/08 20:10:19 | 00,003,424 | ---- | C] () -- C:\Windows\39599irzs43d.exe [2009/12/08 15:23:35 | 00,008,098 | ---- | C] () -- C:\Windows\System32\422zs5yware2195.bin [2009/12/05 06:21:46 | 00,008,808 | ---- | C] () -- C:\Windows\5a25steaz936.cpl [2009/12/02 03:51:10 | 00,007,986 | ---- | C] () -- C:\Windows\256fspyw9re960z.cpl [2009/12/01 23:00:25 | 00,012,576 | ---- | C] () -- C:\Windows\55bzs5arse2917.ocx [2009/12/01 03:51:16 | 00,013,780 | ---- | C] () -- C:\Windows\System32\9497zviru5453.ocx [2009/11/28 17:27:21 | 00,010,061 | ---- | C] () -- C:\Windows\System32\194aszeal9545.ocx [2009/11/28 05:21:18 | 00,002,918 | ---- | C] () -- C:\Windows\System32\5868z9dware475.bin [2009/11/24 06:22:51 | 00,010,388 | ---- | C] () -- C:\Windows\System32\z0377w5r972c.cpl [2009/11/24 01:55:47 | 00,013,851 | ---- | C] () -- C:\Windows\System32\ze01downl5ader93.dll [2009/11/22 07:29:38 | 00,017,644 | ---- | C] () -- C:\Windows\6142ha5ktooz697.cpl [2009/11/21 22:32:57 | 00,008,612 | ---- | C] () -- C:\Windows\System32\zeecsparse5129.exe [2009/11/21 02:31:53 | 00,004,537 | ---- | C] () -- C:\Windows\System32\26922tro53z89.exe [2009/11/19 18:28:09 | 00,002,697 | ---- | C] () -- C:\Windows\System32\7029z5rus99.ocx [2009/11/19 08:14:31 | 00,014,778 | ---- | C] () -- C:\Windows\System32\3592th5ef2239z.exe [2009/11/19 05:59:54 | 00,004,018 | ---- | C] () -- C:\Windows\9a9z95ware1744.cpl [2009/11/17 23:09:06 | 00,009,502 | ---- | C] () -- C:\Windows\31195nzt-5-virus9fc.bin [2009/11/16 11:27:56 | 00,010,792 | ---- | C] () -- C:\Windows\4fe1stzal56029.ocx [2009/11/16 00:15:45 | 00,013,748 | ---- | C] () -- C:\Windows\System32\1f795zyware2644.dll [2009/11/15 16:11:38 | 00,010,807 | ---- | C] () -- C:\Windows\8810s5am9ot4dz.exe [2009/11/14 15:36:34 | 00,016,051 | ---- | C] () -- C:\Windows\System32\59cthief26z7.bin [2009/11/13 19:14:43 | 00,016,880 | ---- | C] () -- C:\Windows\1cfz5a9kdoor1867.ocx [2009/11/10 21:12:14 | 00,015,842 | ---- | C] () -- C:\Windows\System32\12507tr9z1ce.ocx [2009/11/09 10:17:37 | 00,008,134 | ---- | C] () -- C:\Windows\System32\3dbbs5eaz1669.cpl [2009/11/08 00:58:24 | 00,013,072 | ---- | C] () -- C:\Windows\25d3download5910z7.ocx [2009/11/07 15:33:05 | 00,003,947 | ---- | C] () -- C:\Windows\4f4159dwzre1800.cpl [2009/11/07 13:58:24 | 00,004,933 | ---- | C] () -- C:\Windows\System32\3054z5irus9c2.exe [2009/11/06 20:42:36 | 00,007,190 | ---- | C] () -- C:\Windows\51z69spy59b.cpl [2009/11/06 03:39:03 | 00,013,481 | ---- | C] () -- C:\Windows\System32\3aa7zddw5re9730.bin [2009/11/05 17:53:26 | 00,016,020 | ---- | C] () -- C:\Windows\acftzre5t94699.exe [2009/11/04 05:17:52 | 00,003,432 | ---- | C] () -- C:\Windows\55945troj7c5z.bin [2009/11/03 01:45:28 | 00,013,431 | ---- | C] () -- C:\Windows\System32\599athiefz119.exe [2009/11/02 19:51:29 | 00,008,630 | ---- | C] () -- C:\Windows\2781659zj619.dll [2009/11/02 11:07:51 | 00,015,564 | ---- | C] () -- C:\Windows\10891virzs17f5.ocx [2009/10/28 00:43:02 | 00,012,049 | ---- | C] () -- C:\Windows\System32\6z039pam5ot6d3.bin [2009/10/23 19:09:54 | 00,005,133 | ---- | C] () -- C:\Windows\2c02sp5zse2929.dll [2009/10/23 17:44:52 | 00,016,484 | ---- | C] () -- C:\Windows\z3659virus758.ocx [2009/10/20 23:55:23 | 00,008,975 | ---- | C] () -- C:\Windows\9950troj6fz.exe [2009/10/19 21:27:07 | 00,015,131 | ---- | C] () -- C:\Windows\System32\2d66downloa59rz225.ocx [2009/10/17 09:31:19 | 00,008,639 | ---- | C] () -- C:\Windows\System32\7d27vir23z95.cpl [2009/10/16 07:51:04 | 00,006,691 | ---- | C] () -- C:\Windows\System32\6z4t9oj3bf5.dll [2009/10/14 21:05:39 | 00,008,146 | ---- | C] () -- C:\Windows\35559ddwaze2512.dll [2009/10/11 10:15:16 | 00,018,063 | ---- | C] () -- C:\Windows\System32\4395spazbot7d05.exe [2009/10/11 01:18:28 | 00,008,114 | ---- | C] () -- C:\Windows\System32\301509ot-a-v5rus292z.cpl [2009/10/09 16:54:10 | 00,006,667 | ---- | C] () -- C:\Windows\System32\5zccspy9are389.exe [2009/10/07 19:42:51 | 00,004,426 | ---- | C] () -- C:\Windows\24519not-a59irzs4de.ocx [2009/10/04 03:25:57 | 00,013,056 | ---- | C] () -- C:\Windows\19610wo954zf.exe [2009/10/03 21:08:41 | 00,010,355 | ---- | C] () -- C:\Windows\System32\b9dth5eat122z.cpl [2009/10/02 01:23:14 | 00,011,203 | ---- | C] () -- C:\Windows\System32\355zspywar92442.cpl [2009/10/01 20:24:56 | 00,016,334 | ---- | C] () -- C:\Windows\System32\43a1zh9ef5949.ocx [2009/09/27 22:30:00 | 00,005,063 | ---- | C] () -- C:\Windows\53eebacz9oor2951.exe [2009/09/24 18:47:32 | 00,005,019 | ---- | C] () -- C:\Windows\System32\10157worz839.exe [2009/09/23 08:40:55 | 00,015,350 | ---- | C] () -- C:\Windows\System32\9161not-a-9iru59z.dll [2009/09/18 14:16:38 | 00,008,308 | ---- | C] () -- C:\Windows\558cst9zl16.dll [2009/09/18 01:02:38 | 00,003,611 | ---- | C] () -- C:\Windows\System32\z50995acktoolc3.bin [2009/09/17 16:37:12 | 00,004,796 | ---- | C] () -- C:\Windows\System32\15898notza-virus4d2.exe [2009/09/17 16:18:37 | 00,008,149 | ---- | C] () -- C:\Windows\b5aba5kzo9r492.exe [2009/09/17 08:43:17 | 00,017,464 | ---- | C] () -- C:\Windows\5591vir277z9.bin [2009/09/17 04:04:39 | 00,016,453 | ---- | C] () -- C:\Windows\328v9r9z5.dll [2009/09/15 18:26:09 | 00,010,872 | ---- | C] () -- C:\Windows\315629pambot1z2.bin [2009/09/14 16:08:19 | 00,005,751 | ---- | C] () -- C:\Windows\System32\5859sparse123z.exe [2009/09/13 16:18:48 | 00,014,657 | ---- | C] () -- C:\Windows\7zc59pyware163.cpl [2009/09/12 22:16:25 | 00,005,229 | ---- | C] () -- C:\Windows\System32\3296downl5aderz103.ocx [2009/09/12 10:03:07 | 00,011,554 | ---- | C] () -- C:\Windows\27616spzmbo59d2.dll [2009/09/12 04:32:44 | 00,011,733 | ---- | C] () -- C:\Windows\System32\589astza51150.cpl [2009/09/11 19:47:32 | 00,008,773 | ---- | C] () -- C:\Windows\15z49spambot69d.exe [2009/09/10 09:01:18 | 00,010,135 | ---- | C] () -- C:\Windows\31335zack59ol799.ocx [2009/09/07 02:56:04 | 00,006,641 | ---- | C] () -- C:\Windows\6f79ad5wa9e1z18.exe [2009/09/06 16:15:28 | 00,003,250 | ---- | C] () -- C:\Windows\System32\7467sparz95115.cpl [2009/09/04 17:40:00 | 00,015,833 | ---- | C] () -- C:\Windows\System32\56zor975.exe [2009/09/01 13:39:44 | 00,013,890 | ---- | C] () -- C:\Windows\b6ethzeat15697.ocx [2009/09/01 04:06:57 | 00,017,013 | ---- | C] () -- C:\Windows\5z59vir135.bin [2009/08/28 11:36:05 | 00,012,119 | ---- | C] () -- C:\Windows\10az9i5144.bin [2009/08/27 01:39:46 | 00,005,256 | ---- | C] () -- C:\Windows\31954vir9sc5z.bin [2009/08/26 14:59:04 | 00,004,843 | ---- | C] () -- C:\Windows\System32\25952spy7z3.dll [2009/08/26 05:38:26 | 00,003,098 | ---- | C] () -- C:\Windows\96113not-a-virus65z.exe [2009/08/24 23:13:26 | 00,015,310 | ---- | C] () -- C:\Windows\8982hzckto5l31a.cpl [2009/08/24 14:30:35 | 00,010,118 | ---- | C] () -- C:\Windows\52709acktzol4285.bin [2009/08/24 09:57:51 | 00,007,912 | ---- | C] () -- C:\Windows\System32\28950worz53d5.cpl [2009/08/24 04:46:02 | 00,006,939 | ---- | C] () -- C:\Windows\System32\4707zhreat15591.dll [2009/08/18 18:14:48 | 00,013,637 | ---- | C] () -- C:\Windows\System32\47ffdo5nl9aderz587.exe [2009/08/13 23:18:22 | 00,009,215 | ---- | C] () -- C:\Windows\System32\2169stez52927.cpl [2009/08/12 14:10:02 | 00,011,936 | ---- | C] () -- C:\Windows\System32\10209wor51zf9.bin [2009/08/11 12:08:09 | 00,007,099 | ---- | C] () -- C:\Windows\12970hacktz9l5b7.cpl [2009/08/10 23:03:08 | 00,018,430 | ---- | C] () -- C:\Windows\System32\1z85spyware879.dll [2009/08/10 07:41:37 | 00,012,367 | ---- | C] () -- C:\Windows\System32\6z54sp9war51531.bin [2009/08/09 01:10:27 | 00,004,755 | ---- | C] () -- C:\Windows\26109wor57z49.cpl [2009/08/08 22:14:26 | 00,016,564 | ---- | C] () -- C:\Windows\System32\255629roj3fz.exe [2009/08/08 14:56:55 | 00,006,276 | ---- | C] () -- C:\Windows\55steal3099z.bin [2009/08/07 22:51:16 | 00,016,547 | ---- | C] () -- C:\Windows\z8396hackt59l49e.bin [2009/08/07 13:30:04 | 00,010,100 | ---- | C] () -- C:\Windows\7dddzhre9t54645.cpl [2009/08/07 11:05:13 | 00,003,452 | ---- | C] () -- C:\Windows\System32\26399s592zb.dll [2009/08/06 10:52:41 | 00,014,789 | ---- | C] () -- C:\Windows\System32\55579worz559.ocx [2009/08/05 05:08:05 | 00,007,230 | ---- | C] () -- C:\Windows\715059z4aa.dll [2009/08/04 15:33:45 | 00,007,669 | ---- | C] () -- C:\Windows\1d9zspy59re1306.ocx [2009/08/03 16:27:00 | 00,015,946 | ---- | C] () -- C:\Windows\System32\1989thzef3546.dll [2009/08/03 06:01:44 | 00,005,083 | ---- | C] () -- C:\Windows\System32\2z589hreat7973.exe [2009/08/01 10:07:17 | 00,016,179 | ---- | C] () -- C:\Windows\System32\1905ztr59479.dll [2009/08/01 08:45:35 | 00,008,951 | ---- | C] () -- C:\Windows\System32\5ade9hief579z.exe [2009/07/27 05:36:14 | 00,016,606 | ---- | C] () -- C:\Windows\295thzef1533.ocx [2009/07/27 00:50:22 | 00,007,200 | ---- | C] () -- C:\Windows\System32\1c49downloadzr5968.exe [2009/07/26 06:04:00 | 00,016,970 | ---- | C] () -- C:\Windows\System32\171215acktozl4149.exe [2009/07/26 03:27:07 | 00,016,633 | ---- | C] () -- C:\Windows\12159ownloadzr11815.dll [2009/07/25 20:04:39 | 00,002,721 | ---- | C] () -- C:\Windows\System32\2d5bst9alz56.exe [2009/07/24 09:56:23 | 00,010,432 | ---- | C] () -- C:\Windows\System32\7559sp573z.bin [2009/07/22 18:04:50 | 00,011,052 | ---- | C] () -- C:\Windows\System32\f5zaddw9re2365.exe [2009/07/22 08:26:39 | 00,010,664 | ---- | C] () -- C:\Windows\fz1vir5924.bin [2009/07/22 06:35:50 | 00,004,965 | ---- | C] () -- C:\Windows\System32\195zaddware1132.dll [2009/07/20 12:50:32 | 00,015,915 | ---- | C] () -- C:\Windows\10a9dow5lza9er2069.cpl [2009/07/18 19:17:04 | 00,006,363 | ---- | C] () -- C:\Windows\14261not-a-virus95ez.bin [2009/07/18 11:32:22 | 00,010,469 | ---- | C] () -- C:\Windows\System32\798dzpar5e148.bin [2009/07/17 22:00:27 | 00,013,086 | ---- | C] () -- C:\Windows\System32\50899troj37z.bin [2009/07/14 10:19:57 | 00,017,477 | ---- | C] () -- C:\Windows\System32\129esparsez55.exe [2009/07/14 02:14:04 | 00,004,940 | ---- | C] () -- C:\Windows\System32\5762ad5war92z41.cpl [2009/07/12 21:10:11 | 00,013,219 | ---- | C] () -- C:\Windows\52z69h5ef2970.bin [2009/07/12 17:19:31 | 00,007,420 | ---- | C] () -- C:\Windows\27105s5y9z3.bin [2009/07/10 22:39:32 | 00,010,717 | ---- | C] () -- C:\Windows\System32\z536vir590.ocx [2009/07/10 20:22:28 | 00,010,997 | ---- | C] () -- C:\Windows\System32\6284vir930z5.exe [2009/07/08 17:55:09 | 00,011,652 | ---- | C] () -- C:\Windows\29859virus581z.ocx [2009/07/08 10:31:30 | 00,005,232 | ---- | C] () -- C:\Windows\System32\265zs5ea9541.bin [2009/07/07 01:12:03 | 00,003,794 | ---- | C] () -- C:\Windows\System32\2244h5zktool7a79.dll [2009/07/06 12:44:03 | 00,014,899 | ---- | C] () -- C:\Windows\232979ackto5z494.bin [2009/07/06 05:43:26 | 00,014,278 | ---- | C] () -- C:\Windows\285z1virus319.exe [2009/07/05 17:50:19 | 00,016,131 | ---- | C] () -- C:\Windows\System32\1989zspa9bo5721.exe [2009/07/03 07:51:10 | 00,005,800 | ---- | C] () -- C:\Windows\2908zvirus359.dll [2009/07/03 03:47:07 | 00,017,001 | ---- | C] () -- C:\Windows\System32\5e15th5eat296z0.exe [2009/07/02 11:28:01 | 00,004,608 | ---- | C] () -- C:\Windows\5a59backdzor3143.cpl [2009/07/01 02:55:20 | 00,010,861 | ---- | C] () -- C:\Windows\z558virus592.cpl [2009/06/27 20:09:54 | 00,006,734 | ---- | C] () -- C:\Windows\100639ot-a-virus5z3.ocx [2009/06/27 03:08:31 | 00,008,651 | ---- | C] () -- C:\Windows\System32\5564not-a9zirus118.cpl [2009/06/26 22:31:10 | 00,013,356 | ---- | C] () -- C:\Windows\44fbthre5t729z.bin [2009/06/26 12:26:19 | 00,005,122 | ---- | C] () -- C:\Windows\System32\323z9ha5ktool3e19.exe [2009/06/23 17:49:03 | 00,012,307 | ---- | C] () -- C:\Windows\System32\91ezp9ware5809.dll [2009/06/23 03:00:36 | 00,014,376 | ---- | C] () -- C:\Windows\26369s5y2z7.bin [2009/06/22 02:53:17 | 00,017,599 | ---- | C] () -- C:\Windows\2f93thief1563z.dll [2009/06/18 08:51:28 | 00,004,465 | ---- | C] () -- C:\Windows\5f01backdooz926.ocx [2009/06/17 18:08:03 | 00,011,598 | ---- | C] () -- C:\Windows\224et5ief955z.bin [2009/06/15 16:23:41 | 00,015,725 | ---- | C] () -- C:\Windows\590ds5zal3049.dll [2009/06/15 11:33:34 | 00,002,823 | ---- | C] () -- C:\Windows\9532zirus5c35.ocx [2009/06/15 06:40:34 | 00,011,406 | ---- | C] () -- C:\Windows\20sparze19145.bin [2009/06/13 14:06:57 | 00,014,994 | ---- | C] () -- C:\Windows\System32\4983s5az9ot37c.bin [2009/06/13 02:00:26 | 00,003,179 | ---- | C] () -- C:\Windows\369zworm5789.exe [2009/06/10 23:24:14 | 00,007,204 | ---- | C] () -- C:\Windows\56z0download5r15929.bin [2009/06/10 08:41:52 | 00,003,899 | ---- | C] () -- C:\Windows\System32\15704not-a-v95us7e9z.bin [2009/06/08 17:07:24 | 00,011,265 | ---- | C] () -- C:\Windows\2ef4doznloa9er5524.exe [2009/06/07 06:45:45 | 00,004,077 | ---- | C] () -- C:\Windows\2046tzr5at79.cpl [2009/06/04 07:16:16 | 00,007,091 | ---- | C] () -- C:\Windows\System32\50985pyware22z7.bin [2009/06/03 16:19:30 | 00,013,971 | ---- | C] () -- C:\Windows\941zr5j139.exe [2009/06/03 15:58:52 | 00,012,764 | ---- | C] () -- C:\Windows\5d65addzare3049.ocx [2009/06/03 13:51:51 | 00,005,952 | ---- | C] () -- C:\Windows\System32\93ff5ir21z2.cpl [2009/06/03 04:12:56 | 00,005,670 | ---- | C] () -- C:\Windows\System32\79a0st59l17z4.bin [2009/06/01 13:21:17 | 00,002,813 | ---- | C] () -- C:\Windows\System32\2157backdoo9670z.ocx [2009/05/28 19:50:28 | 00,007,720 | ---- | C] () -- C:\Windows\5099th9ef19z0.cpl [2009/05/28 07:39:43 | 00,009,157 | ---- | C] () -- C:\Windows\33z9pyware552.ocx [2009/05/27 00:58:42 | 00,006,994 | ---- | C] () -- C:\Windows\System32\5126viz9675.exe [2009/05/24 14:40:01 | 00,008,905 | ---- | C] () -- C:\Windows\326b5zr593.exe [2009/05/23 05:06:01 | 00,003,887 | ---- | C] () -- C:\Windows\za8ste5l2519.exe [2009/05/22 21:05:05 | 00,002,628 | ---- | C] () -- C:\Windows\27dfaddwa9e265z.ocx [2009/05/21 23:42:06 | 00,005,558 | ---- | C] () -- C:\Windows\System32\15921z5y7ce9.bin [2009/05/20 14:14:46 | 00,011,260 | ---- | C] () -- C:\Windows\45e7downlozder54049.exe [2009/05/18 01:03:41 | 00,008,701 | ---- | C] () -- C:\Windows\System32\5a399ownzo5der3255.bin [2009/05/17 17:05:21 | 00,007,738 | ---- | C] () -- C:\Windows\z12475py329.dll [2009/05/16 18:50:22 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Users\Neeraj Tohan\Desktop\OTListIt2.exe [2009/05/16 15:50:08 | 14,039,440 | ---- | C] (Doctor Web, Ltd.) -- C:\Users\Neeraj Tohan\Desktop\drweb-cureit.exe [2009/05/15 17:48:19 | 00,017,316 | ---- | C] () -- C:\Windows\31275notz5-vir9s787.ocx [2009/05/15 11:48:55 | 00,008,941 | ---- | C] () -- C:\Windows\1z5449ot-a5virus382.bin [2009/05/14 09:08:58 | 00,009,053 | ---- | C] () -- C:\Windows\1z587troj955.dll [2009/05/13 13:53:23 | 00,012,091 | ---- | C] () -- C:\Windows\System32\505zrus954.exe [2009/05/11 01:19:14 | 00,011,968 | ---- | C] () -- C:\Windows\System32\68d2zte9l1507.ocx [2009/05/10 00:03:47 | 00,000,000 | ---D | C] -- C:\Avenger [2009/05/09 23:14:09 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/05/09 23:14:08 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/05/09 23:14:06 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/05/09 23:14:04 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/05/09 23:14:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/05/09 23:03:38 | 00,000,000 | ---D | C] -- C:\Users\Neeraj Tohan\AppData\Roaming\GetRightToGo [2009/05/09 17:53:15 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/05/09 04:56:49 | 00,014,848 | ---- | C] () -- C:\Windows\59z9spambot352.dll [2009/05/08 00:30:58 | 00,130,104 | ---- | C] (Sophos Plc) -- C:\Windows\System32\sdccoinstaller.dll [2009/05/08 00:27:46 | 00,020,288 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\SophosBootDriver.sys [2009/05/08 00:27:40 | 00,000,000 | ---D | C] -- C:\savwsa [2009/05/08 00:08:49 | 40,153,280 | ---- | C] () -- C:\Users\Neeraj Tohan\Desktop\savw76sasfx.exe [2009/05/07 23:37:32 | 00,009,404 | ---- | C] () -- C:\Windows\System32\70z9threat255875.bin [2009/05/07 23:37:32 | 00,009,325 | ---- | C] () -- C:\Windows\158daddware2z98.cpl [2009/05/07 23:37:32 | 00,003,728 | ---- | C] () -- C:\Windows\System32\z9b9s5yw9re1317.ocx [2009/05/07 23:37:32 | 00,003,102 | ---- | C] () -- C:\Windows\System32\2348195zktool386.bin [2009/05/07 23:37:31 | 00,018,195 | ---- | C] () -- C:\Windows\c1za5dware30419.cpl [2009/05/07 23:37:31 | 00,011,681 | ---- | C] () -- C:\Windows\System32\26543worz99.exe [2009/05/07 23:37:31 | 00,011,307 | ---- | C] () -- C:\Windows\System32\524down9ozd5r48.bin [2009/05/07 23:37:31 | 00,010,599 | ---- | C] () -- C:\Windows\System32\22512s9yz5f.ocx [2009/05/07 23:37:31 | 00,008,053 | ---- | C] () -- C:\Windows\90016z5y409.dll [2009/05/07 23:37:31 | 00,006,791 | ---- | C] () -- C:\Windows\System32\2005tzreat23659.cpl [2009/05/07 23:37:31 | 00,004,865 | ---- | C] () -- C:\Windows\23949wor56e5z.exe [2009/05/07 23:37:31 | 00,004,345 | ---- | C] () -- C:\Windows\3839worm515z.cpl [2009/05/07 23:37:31 | 00,004,064 | ---- | C] () -- C:\Windows\4ce5addwar92852z.ocx [2009/05/07 23:37:30 | 00,012,279 | ---- | C] () -- C:\Windows\91609sp5mbot188z.ocx [2009/05/07 23:37:30 | 00,008,456 | ---- | C] () -- C:\Windows\System32\95z2troj92.ocx [2009/05/07 23:37:30 | 00,007,171 | ---- | C] () -- C:\Windows\2a74szyware945.exe [2009/05/07 23:37:30 | 00,006,297 | ---- | C] () -- C:\Windows\69a9thi5f194z.cpl [2009/05/07 23:37:30 | 00,005,654 | ---- | C] () -- C:\Windows\5c57vi91z88.cpl [2009/05/07 23:37:30 | 00,003,376 | ---- | C] () -- C:\Windows\System32\3945spzrs928195.ocx [2009/05/07 23:37:30 | 00,002,886 | ---- | C] () -- C:\Windows\58133vizu915a.exe [2009/05/07 23:37:29 | 00,016,402 | ---- | C] () -- C:\Windows\59e9bazkdoor1651.exe [2009/05/07 23:37:29 | 00,016,095 | ---- | C] () -- C:\Windows\System32\3458addwarez3195.dll [2009/05/07 23:37:29 | 00,015,043 | ---- | C] () -- C:\Windows\System32\z515hief698.ocx [2009/05/07 23:37:29 | 00,013,966 | ---- | C] () -- C:\Windows\System32\291369rzj588.bin [2009/05/07 23:37:29 | 00,012,724 | ---- | C] () -- C:\Windows\9689z5pambot205.bin [2009/05/07 23:37:29 | 00,012,584 | ---- | C] () -- C:\Windows\150evir19z4.bin [2009/05/07 23:37:29 | 00,010,162 | ---- | C] () -- C:\Windows\System32\22521zorm39e.dll [2009/05/07 23:37:29 | 00,008,982 | ---- | C] () -- C:\Windows\System32\32541sp9mbot3z3.bin [2009/05/07 23:37:29 | 00,008,850 | ---- | C] () -- C:\Windows\8714n9t-a-viruz45f.bin [2009/05/07 23:37:29 | 00,007,814 | ---- | C] () -- C:\Windows\System32\5fzavir9166.dll [2009/05/07 23:37:29 | 00,007,463 | ---- | C] () -- C:\Windows\17091not-azvi9us855.cpl [2009/05/07 23:37:28 | 00,016,198 | ---- | C] () -- C:\Windows\2d45stza92504.bin [2009/05/07 23:37:28 | 00,010,781 | ---- | C] () -- C:\Windows\21850spzmbot269.cpl [2009/05/07 23:37:28 | 00,008,275 | ---- | C] () -- C:\Windows\972zspy576.ocx [2009/05/07 23:37:28 | 00,004,198 | ---- | C] () -- C:\Windows\System32\73ebspyware9z765.cpl [2009/05/07 23:37:28 | 00,003,602 | ---- | C] () -- C:\Windows\System32\24893spz33b5.ocx [2009/05/07 23:37:27 | 00,016,962 | ---- | C] () -- C:\Windows\5a73addwarez989.ocx [2009/05/07 23:37:27 | 00,014,844 | ---- | C] () -- C:\Windows\System32\zc739pars52346.cpl [2009/05/07 23:37:27 | 00,012,142 | ---- | C] () -- C:\Windows\zdb5ba59door1676.exe [2009/05/07 23:37:27 | 00,011,749 | ---- | C] () -- C:\Windows\System32\556bthreat116z59.ocx [2009/05/07 23:37:27 | 00,011,574 | ---- | C] () -- C:\Windows\b92backdoor25z.cpl [2009/05/07 23:37:27 | 00,011,321 | ---- | C] () -- C:\Windows\z189vir55.exe [2009/05/07 23:37:27 | 00,010,084 | ---- | C] () -- C:\Windows\System32\66d5downloaderz7789.bin [2009/05/07 23:37:27 | 00,009,982 | ---- | C] () -- C:\Windows\System32\23f1bazk9oor9815.ocx [2009/05/07 23:37:27 | 00,009,889 | ---- | C] () -- C:\Windows\2425zwo9533c.dll [2009/05/07 23:37:27 | 00,008,990 | ---- | C] () -- C:\Windows\6135tzoj2209.cpl [2009/05/07 23:37:27 | 00,008,594 | ---- | C] () -- C:\Windows\31z90tro53ae9.ocx [2009/05/07 23:37:27 | 00,003,633 | ---- | C] () -- C:\Windows\9694z5irus5c7.ocx [2009/05/07 23:37:27 | 00,003,015 | ---- | C] () -- C:\Windows\28662ha5k9ooz728.bin [2009/05/07 23:37:26 | 00,014,143 | ---- | C] () -- C:\Windows\System32\5903zteal2125.exe [2009/05/07 23:37:26 | 00,010,585 | ---- | C] () -- C:\Windows\System32\15689tr9j2bz.dll [2009/05/07 23:37:26 | 00,003,892 | ---- | C] () -- C:\Windows\z607not-9-vir5s1ff.exe [2009/05/07 23:37:25 | 00,011,749 | ---- | C] () -- C:\Windows\System32\16695spz5559.exe [2009/05/07 23:37:25 | 00,011,001 | ---- | C] () -- C:\Windows\95121v5rus18az.ocx [2009/05/07 23:37:25 | 00,008,858 | ---- | C] () -- C:\Windows\System32\17990t5oj6z.bin [2009/05/07 23:37:25 | 00,008,420 | ---- | C] () -- C:\Windows\4967thre5t310z1.bin [2009/05/07 23:37:25 | 00,007,315 | ---- | C] () -- C:\Windows\System32\2z819w9rm385.dll [2009/05/07 23:37:25 | 00,002,537 | ---- | C] () -- C:\Windows\95c5sparz5585.cpl [2009/05/07 23:37:24 | 00,017,810 | ---- | C] () -- C:\Windows\System32\789ebaczdo5r824.ocx [2009/05/07 23:37:24 | 00,016,240 | ---- | C] () -- C:\Windows\System32\25194hack9ool2z5.cpl [2009/05/07 23:37:24 | 00,015,894 | ---- | C] () -- C:\Windows\System32\28692s5z2b59.exe [2009/05/07 23:37:24 | 00,014,075 | ---- | C] () -- C:\Windows\459zworm769.cpl [2009/05/07 23:37:24 | 00,013,149 | ---- | C] () -- C:\Windows\System32\z7ee9pyware1445.exe [2009/05/07 23:37:24 | 00,012,031 | ---- | C] () -- C:\Windows\System32\4bez9i5f84.bin [2009/05/07 23:37:24 | 00,010,650 | ---- | C] () -- C:\Windows\System32\z916vir24455.exe [2009/05/07 23:37:24 | 00,010,458 | ---- | C] () -- C:\Windows\4279th5ef1z70.ocx [2009/05/07 23:37:24 | 00,007,775 | ---- | C] () -- C:\Windows\System32\75f4threa9z8144.exe [2009/05/07 23:37:24 | 00,004,374 | ---- | C] () -- C:\Windows\133559orz481.exe [2009/05/07 23:37:24 | 00,003,969 | ---- | C] () -- C:\Windows\11325not-a-9irus7ez5.bin [2009/05/07 23:37:23 | 00,017,415 | ---- | C] () -- C:\Windows\System32\5175thizf2950.bin [2009/05/07 23:37:23 | 00,017,396 | ---- | C] () -- C:\Windows\System32\5b58download9r2044z.exe [2009/05/07 23:37:23 | 00,016,197 | ---- | C] () -- C:\Windows\System32\339zthrea5314.ocx [2009/05/07 23:37:23 | 00,015,753 | ---- | C] () -- C:\Windows\System32\195irz998.exe [2009/05/07 23:37:23 | 00,015,079 | ---- | C] () -- C:\Windows\System32\349f5hrzat4925.exe [2009/05/07 23:37:23 | 00,014,113 | ---- | C] () -- C:\Windows\System32\555v9z1225.exe [2009/05/07 23:37:23 | 00,012,247 | ---- | C] () -- C:\Windows\147869rzj495.cpl [2009/05/07 23:37:23 | 00,012,061 | ---- | C] () -- C:\Windows\System32\5522t9iefz079.dll [2009/05/07 23:37:23 | 00,011,975 | ---- | C] () -- C:\Windows\System32\258z5wo9m61b.ocx [2009/05/07 23:37:23 | 00,011,702 | ---- | C] () -- C:\Windows\System32\50f4thrza513943.dll [2009/05/07 23:37:23 | 00,011,617 | ---- | C] () -- C:\Windows\1459t9izf38.exe [2009/05/07 23:37:23 | 00,011,102 | ---- | C] () -- C:\Windows\System32\219z4hackt9o5519.dll [2009/05/07 23:37:23 | 00,009,225 | ---- | C] () -- C:\Windows\System32\16044ha9kzoo55bc.dll [2009/05/07 23:37:23 | 00,008,898 | ---- | C] () -- C:\Windows\59382not-azvirus2b9.bin [2009/05/07 23:37:23 | 00,008,686 | ---- | C] () -- C:\Windows\System32\49fespywaze3542.bin [2009/05/07 23:37:23 | 00,008,582 | ---- | C] () -- C:\Windows\z2555tr9jdd.dll [2009/05/07 23:37:23 | 00,008,321 | ---- | C] () -- C:\Windows\2738no5-a-9izus302.dll [2009/05/07 23:37:23 | 00,007,941 | ---- | C] () -- C:\Windows\System32\251z5worm957.exe [2009/05/07 23:37:23 | 00,007,908 | ---- | C] () -- C:\Windows\z5096vi9us578.cpl [2009/05/07 23:37:23 | 00,007,600 | ---- | C] () -- C:\Windows\2ac0t95ef766z.cpl [2009/05/07 23:37:23 | 00,005,170 | ---- | C] () -- C:\Windows\System32\3891stzal12615.cpl [2009/05/07 23:37:23 | 00,003,379 | ---- | C] () -- C:\Windows\System32\7d79d5wnloazer2592.ocx [2009/05/07 23:37:23 | 00,003,300 | ---- | C] () -- C:\Windows\18925not-a-virzs9b4.exe [2009/05/07 23:37:23 | 00,003,235 | ---- | C] () -- C:\Windows\System32\1f5atzi5f9809.ocx [2009/05/07 23:37:23 | 00,002,860 | ---- | C] () -- C:\Windows\System32\19646not-9-vir5s3bez.cpl [2009/05/07 23:37:23 | 00,002,725 | ---- | C] () -- C:\Windows\System32\109cdow5loaze9868.cpl [2009/05/07 23:37:22 | 00,018,282 | ---- | C] () -- C:\Windows\System32\5692steal2z9.bin [2009/05/07 23:37:22 | 00,017,516 | ---- | C] () -- C:\Windows\System32\696s5ywarez4899.exe [2009/05/07 23:37:22 | 00,015,483 | ---- | C] () -- C:\Windows\29999vi5uszb5.cpl [2009/05/07 23:37:22 | 00,015,247 | ---- | C] () -- C:\Windows\a65vir232z9.exe [2009/05/07 23:37:22 | 00,014,645 | ---- | C] () -- C:\Windows\20767not-a9virzs54f.bin [2009/05/07 23:37:22 | 00,014,333 | ---- | C] () -- C:\Windows\55809aczdoor1163.ocx [2009/05/07 23:37:22 | 00,012,626 | ---- | C] () -- C:\Windows\215z49py7b5.ocx [2009/05/07 23:37:22 | 00,010,620 | ---- | C] () -- C:\Windows\System32\z95evir9569.ocx [2009/05/07 23:37:22 | 00,006,304 | ---- | C] () -- C:\Windows\5699not-a-vzrus35.exe [2009/05/07 23:37:22 | 00,006,247 | ---- | C] () -- C:\Windows\3aa9sp5waze1735.bin [2009/05/07 23:37:22 | 00,005,066 | ---- | C] () -- C:\Windows\24z48spa9b5t519.exe [2009/05/07 23:37:21 | 00,018,139 | ---- | C] () -- C:\Windows\System32\3985s9yware88z.bin [2009/05/07 23:37:21 | 00,017,603 | ---- | C] () -- C:\Windows\6bzcdownlo95er1626.ocx [2009/05/07 23:37:21 | 00,016,771 | ---- | C] () -- C:\Windows\z7375not9a-virusb.cpl [2009/05/07 23:37:21 | 00,014,903 | ---- | C] () -- C:\Windows\System32\3z54downloader3199.cpl [2009/05/07 23:37:21 | 00,013,618 | ---- | C] () -- C:\Windows\System32\z50dvir9033.cpl [2009/05/07 23:37:21 | 00,009,426 | ---- | C] () -- C:\Windows\2de8stealz9955.ocx [2009/05/07 23:37:21 | 00,007,927 | ---- | C] () -- C:\Windows\System32\3950sparsz2967.bin [2009/05/07 23:37:21 | 00,007,669 | ---- | C] () -- C:\Windows\1563downloazer9895.cpl [2009/05/07 23:37:21 | 00,007,599 | ---- | C] () -- C:\Windows\8179teal1553z.exe [2009/05/07 23:37:21 | 00,005,731 | ---- | C] () -- C:\Windows\System32\1b95backdozr1965.exe [2009/05/07 23:37:21 | 00,005,404 | ---- | C] () -- C:\Windows\389th5zf967.exe [2009/05/07 23:37:21 | 00,005,043 | ---- | C] () -- C:\Windows\System32\z25dt9ief2585.dll [2009/05/07 23:37:21 | 00,004,875 | ---- | C] () -- C:\Windows\System32\33235o9z26f.dll [2009/05/07 23:37:21 | 00,003,605 | ---- | C] () -- C:\Windows\System32\24957h59ktzol3ca.dll [2009/05/07 23:37:21 | 00,002,972 | ---- | C] () -- C:\Windows\System32\5065spzrse119.ocx [2009/05/07 23:37:20 | 00,009,187 | ---- | C] () -- C:\Windows\7395viz998.bin [2009/05/07 23:37:20 | 00,008,700 | ---- | C] () -- C:\Windows\System32\1810bzckdo5r2093.ocx [2009/05/07 23:37:20 | 00,006,241 | ---- | C] () -- C:\Windows\System32\307049pzmbo569b.bin [2009/05/07 23:37:19 | 01,097,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\setup2.exe [2009/05/04 20:53:36 | 00,003,243 | ---- | C] () -- C:\Windows\System32\2493steal24z05.bin [2009/05/03 22:30:59 | 00,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2009/05/03 22:28:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Cisco Systems [2009/05/03 22:28:37 | 00,023,552 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SophosBootTasks.exe [2009/05/03 21:04:29 | 00,000,000 | ---D | C] -- C:\Program Files\Sophos [2009/05/03 13:25:56 | 00,010,834 | ---- | C] () -- C:\Windows\8523wormz97.dll [2009/05/03 02:51:19 | 00,008,905 | ---- | C] () -- C:\Windows\54cabackd5or79z.ocx [2009/04/28 07:10:31 | 00,006,795 | ---- | C] () -- C:\Windows\25559n9t-a-vizus11f.cpl [2009/04/27 23:42:08 | 11,939,6807 | ---- | C] () -- C:\Windows\MEMORY.DMP [2009/04/27 23:07:22 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2009/04/26 11:27:06 | 00,014,299 | ---- | C] () -- C:\Windows\z9523hackt9ol565.cpl [2009/04/24 23:43:47 | 00,015,623 | ---- | C] () -- C:\Windows\System32\47e8sp9zse2537.dll [2009/04/24 08:46:00 | 00,003,841 | ---- | C] () -- C:\Windows\53416hackto9l29cz.cpl [2009/04/23 18:47:25 | 00,005,828 | ---- | C] () -- C:\Windows\5129vir222z.exe [2009/04/22 22:58:42 | 00,000,004 | ---- | C] () -- C:\Windows\System32\gxvxccounter [2009/04/22 16:00:07 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/04/22 01:04:50 | 00,015,514 | ---- | C] () -- C:\Windows\System32\155z9orm543.bin [2009/04/21 02:59:17 | 00,012,879 | ---- | C] () -- C:\Windows\System32\2570ad9ware3015z.cpl [2009/04/20 17:59:24 | 00,093,192 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\savonaccess.sys [2009/04/20 17:59:14 | 00,000,000 | ---D | C] -- C:\escwsa [2009/04/19 23:36:23 | 00,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2009/04/19 23:34:54 | 00,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job [2009/04/19 23:34:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2009/04/19 23:34:18 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/04/19 23:34:17 | 00,001,401 | ---- | C] () -- C:\Users\Neeraj Tohan\Desktop\DivX Movies.lnk [2009/04/19 23:34:17 | 00,000,000 | ---D | C] -- C:\Program Files\DivX [2009/04/19 22:55:20 | 00,017,903 | ---- | C] () -- C:\Windows\System32\59z25not-a9virus606.cpl [2009/04/18 03:37:02 | 00,003,704 | ---- | C] () -- C:\Windows\17835viz59155.dll [2009/04/17 21:55:55 | 00,008,598 | ---- | C] () -- C:\Windows\System32\9456szamb5t24b9.ocx [2009/04/16 20:31:05 | 00,015,365 | ---- | C] () -- C:\Windows\System32\517d9hief225z.cpl [2009/04/16 19:07:07 | 00,376,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\winhttp.dll [2009/04/16 19:07:03 | 00,562,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msdtcprx.dll [2009/04/16 19:07:03 | 00,038,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\xolehlp.dll [2009/04/16 19:06:51 | 03,599,328 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntkrnlpa.exe [2009/04/16 19:06:51 | 00,551,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\rpcss.dll [2009/04/16 19:06:50 | 03,547,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ntoskrnl.exe [2009/04/16 19:06:49 | 00,666,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelinesvc.exe [2009/04/16 19:06:49 | 00,183,296 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\sdohlp.dll [2009/04/16 19:06:49 | 00,098,304 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasrecst.dll [2009/04/16 19:06:49 | 00,054,784 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasads.dll [2009/04/16 19:06:49 | 00,044,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iasdatastore.dll [2009/04/16 19:06:49 | 00,026,112 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\printfilterpipelineprxy.dll [2009/04/16 19:06:48 | 00,017,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iashost.exe [2009/04/16 19:06:41 | 01,255,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\lsasrv.dll [2009/04/16 19:06:40 | 00,888,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\kernel32.dll [2009/04/16 19:06:40 | 00,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\secur32.dll [2009/04/16 19:06:39 | 00,024,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\amxread.dll [2009/04/16 19:06:39 | 00,013,824 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\apilogen.dll [2009/04/16 19:06:16 | 03,580,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.dll [2009/04/16 19:06:13 | 06,068,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieframe.dll [2009/04/16 19:06:11 | 01,166,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\urlmon.dll [2009/04/16 19:06:10 | 00,270,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iertutil.dll [2009/04/16 19:06:09 | 00,827,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\wininet.dll [2009/04/16 19:06:09 | 00,458,240 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll [2009/04/16 19:06:09 | 00,389,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll [2009/04/16 19:06:08 | 00,389,632 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec [2009/04/16 19:06:08 | 00,230,400 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieaksie.dll [2009/04/16 19:06:08 | 00,102,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\occache.dll [2009/04/16 19:06:08 | 00,078,336 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieencode.dll [2009/04/16 19:06:08 | 00,026,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieUnatt.exe [2009/04/16 19:06:07 | 00,671,232 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll [2009/04/16 19:06:05 | 00,028,160 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll [2009/04/16 19:06:04 | 01,383,424 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb [2009/04/12 07:42:07 | 00,017,247 | ---- | C] () -- C:\Windows\System32\7946thiez1952.dll [2009/04/02 20:41:39 | 00,002,781 | ---- | C] () -- C:\Windows\25z58hacktoo9203.dll [2009/03/22 03:15:35 | 00,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2009/03/17 21:25:08 | 00,010,920 | ---- | C] () -- C:\Windows\System32\25261zpamb9t267.dll [2009/03/14 21:30:57 | 00,006,568 | ---- | C] () -- C:\Windows\208235o9-a-virusz83.dll [2009/03/14 11:53:55 | 00,012,698 | ---- | C] () -- C:\Windows\System32\dc5tzi9f461.dll [2009/03/11 06:05:21 | 00,007,734 | ---- | C] () -- C:\Windows\System32\14253hzckt5ole9.dll [2009/03/09 23:49:33 | 00,011,008 | ---- | C] () -- C:\Windows\System32\25d7threat1z3849.dll [2009/03/08 19:30:54 | 00,014,471 | ---- | C] () -- C:\Windows\System32\57d9a5dware16z9.dll [2009/02/28 18:13:47 | 00,017,233 | ---- | C] () -- C:\Windows\System32\41a4do5nzoa9er1890.dll [2009/02/21 05:43:51 | 00,016,854 | ---- | C] () -- C:\Windows\8z4dow5loader9589.dll [2009/01/25 20:31:52 | 00,009,318 | ---- | C] () -- C:\Windows\System32\6191threat2z855.dll [2009/01/22 18:32:43 | 00,002,850 | ---- | C] () -- C:\Windows\System32\6227down9oaze52754.dll [2009/01/07 16:11:58 | 00,011,806 | ---- | C] () -- C:\Windows\79b7b5ckdoor1922z.dll [2009/01/01 15:55:16 | 00,007,882 | ---- | C] () -- C:\Windows\System32\4a8c9dzw5re2718.dll [2008/12/24 12:52:14 | 00,016,635 | ---- | C] () -- C:\Windows\System32\564edowzloade93555.dll [2008/12/09 02:57:47 | 00,004,937 | ---- | C] () -- C:\Windows\45ddown9oaderz278.dll [2008/12/07 23:07:06 | 00,003,348 | ---- | C] () -- C:\Windows\71zv5r9023.dll [2008/11/10 12:57:40 | 00,008,809 | ---- | C] () -- C:\Windows\System32\741995rz155.dll [2008/10/26 11:45:55 | 00,015,034 | ---- | C] () -- C:\Windows\System32\62ccdownlo9dez265.dll [2008/10/21 03:39:06 | 00,016,337 | ---- | C] () -- C:\Windows\1994addwzr51653.dll [2008/10/19 03:15:44 | 00,010,709 | ---- | C] () -- C:\Windows\22649spz457.dll [2008/10/18 10:43:17 | 00,004,693 | ---- | C] () -- C:\Windows\System32\a7fvi92561z.dll [2008/10/13 01:54:12 | 00,003,308 | ---- | C] () -- C:\Windows\System32\76b4t95ezt12471.dll [2008/10/11 07:54:31 | 00,007,788 | ---- | C] () -- C:\Windows\11982no5-a-virzs11d.dll [2008/10/08 16:55:58 | 00,014,926 | ---- | C] () -- C:\Windows\53f9downloader129z5.dll [2008/09/22 22:10:13 | 00,013,242 | ---- | C] () -- C:\Windows\2b9cz9ea5944.dll [2008/09/22 06:26:08 | 00,008,331 | ---- | C] () -- C:\Windows\4035hzcktoo945f.dll [2008/09/20 20:30:18 | 00,004,617 | ---- | C] () -- C:\Windows\System32\z0951w9rm78c.dll [2008/09/20 07:22:40 | 00,008,517 | ---- | C] () -- C:\Windows\29955noz-a-vir9s2b2.dll [2008/09/18 06:16:40 | 00,013,154 | ---- | C] () -- C:\Windows\System32\19151zpambot4729.dll [2008/09/12 17:06:23 | 00,009,520 | ---- | C] () -- C:\Windows\System32\1696spywaze3051.dll [2008/09/11 20:43:52 | 00,004,514 | ---- | C] () -- C:\Windows\System32\27z59trojf9.dll [2008/09/10 09:38:09 | 00,017,242 | ---- | C] () -- C:\Windows\System32\755azackdoor1097.dll [2008/09/08 23:39:48 | 00,007,463 | ---- | C] () -- C:\Windows\System32\29486v5rus6ez.dll [2008/09/08 14:48:28 | 00,017,471 | ---- | C] () -- C:\Windows\2734thze5t14519.dll [2008/09/07 18:42:31 | 00,004,620 | ---- | C] () -- C:\Windows\System32\25250w9rm46z.dll [2008/09/06 16:18:39 | 00,004,952 | ---- | C] () -- C:\Windows\System32\9999vizus54.dll [2008/08/20 07:16:56 | 00,004,578 | ---- | C] () -- C:\Windows\System32\e21dow5loade9240z.dll [2008/08/14 01:10:38 | 00,010,946 | ---- | C] () -- C:\Windows\20z08wo951a4.dll [2008/08/13 22:33:54 | 00,010,820 | ---- | C] () -- C:\Windows\13057w9rz120.dll [2008/08/07 16:19:29 | 00,005,803 | ---- | C] () -- C:\Windows\System32\2z529troj1ad.dll [2008/08/06 14:42:17 | 00,008,296 | ---- | C] () -- C:\Windows\2zc0back59or1254.dll [2008/07/20 14:28:07 | 00,016,784 | ---- | C] () -- C:\Windows\1304zviru59db.dll [2008/07/15 06:06:41 | 00,007,780 | ---- | C] () -- C:\Windows\9668hacztool505.dll [2008/07/12 03:55:03 | 00,012,066 | ---- | C] () -- C:\Windows\14589hacktzol5a6.dll [2008/07/09 16:01:13 | 00,014,650 | ---- | C] () -- C:\Windows\System32\263z3s5yd29.dll [2008/07/03 04:46:34 | 00,017,736 | ---- | C] () -- C:\Windows\System32\7c94st5alz186.dll [2008/06/28 14:52:39 | 00,015,441 | ---- | C] () -- C:\Windows\280959zo585.dll [2008/06/20 19:32:26 | 00,008,723 | ---- | C] () -- C:\Windows\466espzr5e13279.dll [2008/06/17 17:26:08 | 00,014,339 | ---- | C] () -- C:\Windows\2554ztr59250.dll [2008/06/10 18:42:58 | 00,000,142 | ---- | C] () -- C:\Windows\ODBC.INI [2008/06/08 12:55:01 | 00,003,089 | ---- | C] () -- C:\Windows\System32\16z575pambot159.dll [2008/06/03 17:36:07 | 00,010,600 | ---- | C] () -- C:\Windows\System32\4159thze92820.dll [2008/06/02 06:09:17 | 00,013,408 | ---- | C] () -- C:\Windows\6df9thie5916z.dll [2008/05/03 19:54:47 | 00,007,243 | ---- | C] () -- C:\Windows\System32\915noz-a-vir5s479.dll [2008/04/20 20:33:41 | 00,009,950 | ---- | C] () -- C:\Windows\System32\124eszars91574.dll [2008/04/15 00:15:35 | 00,008,744 | ---- | C] () -- C:\Windows\System32\3378sparse5z729.dll [2008/04/05 23:41:40 | 00,008,438 | ---- | C] () -- C:\Windows\z9957troj785.dll [2008/04/04 22:16:29 | 00,003,125 | ---- | C] () -- C:\Windows\System32\20250sp5mbot94z.dll [2008/03/27 14:55:40 | 00,003,147 | ---- | C] () -- C:\Windows\575dtzre9t4627.dll [2008/03/21 17:12:22 | 00,017,238 | ---- | C] () -- C:\Windows\System32\26494vir5z399.dll [2008/03/19 07:50:17 | 00,008,011 | ---- | C] () -- C:\Windows\System32\15efspa5s92869z.dll [2008/03/16 08:06:30 | 00,012,590 | ---- | C] () -- C:\Windows\System32\12190virzs591.dll [2008/03/11 07:36:14 | 00,017,474 | ---- | C] () -- C:\Windows\1a9zstea926165.dll [2008/03/09 14:02:06 | 00,009,324 | ---- | C] () -- C:\Windows\System32\982zpy5e4.dll [2008/03/08 05:09:28 | 00,005,818 | ---- | C] () -- C:\Windows\System32\6ff9steal32z5.dll [2008/03/05 11:33:47 | 00,011,494 | ---- | C] () -- C:\Windows\System32\6927zp55f5.dll [2008/03/02 04:29:12 | 00,009,777 | ---- | C] () -- C:\Windows\9546ba5kdoorz319.dll [2008/03/01 11:12:59 | 00,011,717 | ---- | C] () -- C:\Windows\1694th5e9tz889.dll [2008/02/24 12:56:18 | 00,077,824 | ---- | C] () -- C:\Windows\System32\hccutils.dll [2008/02/24 12:56:18 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2008/02/24 12:56:18 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll [2008/02/24 12:56:17 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1151.dll [2008/02/15 12:18:20 | 00,003,846 | ---- | C] () -- C:\Windows\System32\7769zackdoor5579.dll [2008/02/07 07:18:28 | 00,013,176 | ---- | C] () -- C:\Windows\System32\13925zre9t19707.dll [2008/02/01 22:45:26 | 00,016,639 | ---- | C] () -- C:\Windows\System32\1264zhackt9ol35.dll [2008/01/26 19:50:23 | 00,003,447 | ---- | C] () -- C:\Windows\78459zreat6312.dll [2008/01/26 10:32:38 | 00,005,004 | ---- | C] () -- C:\Windows\System32\1f9zad9ware1656.dll [2008/01/25 23:56:02 | 00,018,312 | ---- | C] () -- C:\Windows\System32\15c3s5arse5z59.dll [2008/01/25 16:25:28 | 00,006,199 | ---- | C] () -- C:\Windows\55b39h5ef15z6.dll [2008/01/23 03:44:57 | 00,003,082 | ---- | C] () -- C:\Windows\System32\26f1b5c9dzor505.dll [2008/01/18 17:14:46 | 00,017,524 | ---- | C] () -- C:\Windows\524fzac95oor2976.dll [2008/01/18 05:40:45 | 00,000,203 | ---- | C] () -- C:\Windows\SpssLM.ini [2008/01/14 16:54:57 | 00,006,277 | ---- | C] () -- C:\Windows\System32\3502zspy5669.dll [2008/01/13 14:31:17 | 00,012,553 | ---- | C] () -- C:\Windows\System32\70d7t9zef1851.dll [2008/01/04 02:38:43 | 00,007,307 | ---- | C] () -- C:\Windows\System32\4z2tro94e5.dll [2007/12/31 12:34:21 | 00,299,008 | ---- | C] () -- C:\Windows\System32\LAME_MP3.dll [2007/11/23 05:01:31 | 00,000,099 | ---- | C] () -- C:\Windows\MXDebug2.ini [2007/11/22 04:24:41 | 00,000,032 | ---- | C] () -- C:\Windows\MS Office 2007 Pro Plus & Expression Web.INI [2007/10/08 09:21:46 | 00,958,464 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2007/05/10 02:02:08 | 00,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll [2007/05/10 02:00:26 | 00,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll [2007/02/24 14:59:14 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2007/02/08 20:02:54 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2007/02/08 20:02:52 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2007/02/08 20:00:44 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini [2006/11/02 06:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2004/12/20 06:08:28 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004/12/20 06:03:26 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll ========== Files - Modified Within 30 Days ========== [1 C:\Users\Neeraj Tohan\Documents\*.tmp files] [2009/12/28 15:58:31 | 00,014,347 | ---- | M] () -- C:\Windows\System32\4c5zbackdoo92804.bin [2009/12/27 21:20:35 | 00,003,442 | ---- | M] () -- C:\Windows\System32\353czpy59re2933.dll [2009/12/26 14:49:18 | 00,004,758 | ---- | M] () -- C:\Windows\System32\6037not-a-viru945z.bin [2009/12/24 17:39:03 | 00,004,245 | ---- | M] () -- C:\Windows\29215spzmbot3bb.bin [2009/12/23 14:04:39 | 00,006,955 | ---- | M] () -- C:\Windows\55z0worm3d9.cpl [2009/12/23 10:37:03 | 00,014,839 | ---- | M] () -- C:\Windows\System32\7z6e5hief1917.bin [2009/12/22 19:38:28 | 00,009,924 | ---- | M] () -- C:\Windows\System32\90878tr5j8z.ocx [2009/12/22 19:10:17 | 00,005,187 | ---- | M] () -- C:\Windows\5919v5r1396z.dll [2009/12/19 18:20:32 | 00,008,618 | ---- | M] () -- C:\Windows\23761vz9u5b7.ocx [2009/12/19 00:30:11 | 00,008,526 | ---- | M] () -- C:\Windows\System32\7963sparse5z9.cpl [2009/12/18 09:02:34 | 00,009,972 | ---- | M] () -- C:\Windows\24054h59ktozl3db.bin [2009/12/18 05:21:59 | 00,010,415 | ---- | M] () -- C:\Windows\1225do5nl9ader287z.exe [2009/12/18 04:52:51 | 00,010,867 | ---- | M] () -- C:\Windows\System32\75z3t5re9t2847.cpl [2009/12/16 07:17:06 | 00,017,324 | ---- | M] () -- C:\Windows\System32\1569zspy152.bin [2009/12/16 05:18:45 | 00,009,084 | ---- | M] () -- C:\Windows\System32\a9fdownzoad592262.cpl [2009/12/16 01:25:44 | 00,008,283 | ---- | M] () -- C:\Windows\45e09z5eat9856.exe [2009/12/15 00:32:23 | 00,005,441 | ---- | M] () -- C:\Windows\2f93thzeat56625.dll [2009/12/13 07:47:51 | 00,007,720 | ---- | M] () -- C:\Windows\7951downloader19z95.exe [2009/12/12 09:34:43 | 00,004,857 | ---- | M] () -- C:\Windows\System32\15047not-5-9iruz33a.exe [2009/12/10 15:04:54 | 00,011,611 | ---- | M] () -- C:\Windows\System32\25292spz5fb9.bin [2009/12/09 11:11:19 | 00,013,956 | ---- | M] () -- C:\Windows\System32\4053threat98047z.dll [2009/12/08 20:10:19 | 00,003,424 | ---- | M] () -- C:\Windows\39599irzs43d.exe [2009/12/08 15:23:35 | 00,008,098 | ---- | M] () -- C:\Windows\System32\422zs5yware2195.bin [2009/12/05 06:21:46 | 00,008,808 | ---- | M] () -- C:\Windows\5a25steaz936.cpl [2009/12/02 03:51:10 | 00,007,986 | ---- | M] () -- C:\Windows\256fspyw9re960z.cpl [2009/12/01 23:00:25 | 00,012,576 | ---- | M] () -- C:\Windows\55bzs5arse2917.ocx [2009/12/01 03:51:16 | 00,013,780 | ---- | M] () -- C:\Windows\System32\9497zviru5453.ocx [2009/11/28 17:27:21 | 00,010,061 | ---- | M] () -- C:\Windows\System32\194aszeal9545.ocx [2009/11/28 05:21:18 | 00,002,918 | ---- | M] () -- C:\Windows\System32\5868z9dware475.bin [2009/11/24 06:22:51 | 00,010,388 | ---- | M] () -- C:\Windows\System32\z0377w5r972c.cpl [2009/11/24 01:55:47 | 00,013,851 | ---- | M] () -- C:\Windows\System32\ze01downl5ader93.dll [2009/11/22 07:29:38 | 00,017,644 | ---- | M] () -- C:\Windows\6142ha5ktooz697.cpl [2009/11/21 22:32:57 | 00,008,612 | ---- | M] () -- C:\Windows\System32\zeecsparse5129.exe [2009/11/21 02:31:53 | 00,004,537 | ---- | M] () -- C:\Windows\System32\26922tro53z89.exe [2009/11/19 18:28:09 | 00,002,697 | ---- | M] () -- C:\Windows\System32\7029z5rus99.ocx [2009/11/19 08:14:31 | 00,014,778 | ---- | M] () -- C:\Windows\System32\3592th5ef2239z.exe [2009/11/19 05:59:54 | 00,004,018 | ---- | M] () -- C:\Windows\9a9z95ware1744.cpl [2009/11/17 23:09:06 | 00,009,502 | ---- | M] () -- C:\Windows\31195nzt-5-virus9fc.bin [2009/11/16 11:27:56 | 00,010,792 | ---- | M] () -- C:\Windows\4fe1stzal56029.ocx [2009/11/16 00:15:45 | 00,013,748 | ---- | M] () -- C:\Windows\System32\1f795zyware2644.dll [2009/11/15 16:11:38 | 00,010,807 | ---- | M] () -- C:\Windows\8810s5am9ot4dz.exe [2009/11/14 15:36:34 | 00,016,051 | ---- | M] () -- C:\Windows\System32\59cthief26z7.bin [2009/11/13 19:14:43 | 00,016,880 | ---- | M] () -- C:\Windows\1cfz5a9kdoor1867.ocx [2009/11/10 21:12:14 | 00,015,842 | ---- | M] () -- C:\Windows\System32\12507tr9z1ce.ocx [2009/11/09 10:17:37 | 00,008,134 | ---- | M] () -- C:\Windows\System32\3dbbs5eaz1669.cpl [2009/11/08 00:58:24 | 00,013,072 | ---- | M] () -- C:\Windows\25d3download5910z7.ocx [2009/11/07 15:33:05 | 00,003,947 | ---- | M] () -- C:\Windows\4f4159dwzre1800.cpl [2009/11/07 13:58:24 | 00,004,933 | ---- | M] () -- C:\Windows\System32\3054z5irus9c2.exe [2009/11/06 20:42:36 | 00,007,190 | ---- | M] () -- C:\Windows\51z69spy59b.cpl [2009/11/06 03:39:03 | 00,013,481 | ---- | M] () -- C:\Windows\System32\3aa7zddw5re9730.bin [2009/11/05 17:53:26 | 00,016,020 | ---- | M] () -- C:\Windows\acftzre5t94699.exe [2009/11/04 05:17:52 | 00,003,432 | ---- | M] () -- C:\Windows\55945troj7c5z.bin [2009/11/03 01:45:28 | 00,013,431 | ---- | M] () -- C:\Windows\System32\599athiefz119.exe [2009/11/02 19:51:29 | 00,008,630 | ---- | M] () -- C:\Windows\2781659zj619.dll [2009/11/02 11:07:51 | 00,015,564 | ---- | M] () -- C:\Windows\10891virzs17f5.ocx [2009/10/28 00:43:02 | 00,012,049 | ---- | M] () -- C:\Windows\System32\6z039pam5ot6d3.bin [2009/10/23 19:09:54 | 00,005,133 | ---- | M] () -- C:\Windows\2c02sp5zse2929.dll [2009/10/23 17:44:52 | 00,016,484 | ---- | M] () -- C:\Windows\z3659virus758.ocx [2009/10/20 23:55:23 | 00,008,975 | ---- | M] () -- C:\Windows\9950troj6fz.exe [2009/10/19 21:27:07 | 00,015,131 | ---- | M] () -- C:\Windows\System32\2d66downloa59rz225.ocx [2009/10/17 09:31:19 | 00,008,639 | ---- | M] () -- C:\Windows\System32\7d27vir23z95.cpl [2009/10/16 07:51:04 | 00,006,691 | ---- | M] () -- C:\Windows\System32\6z4t9oj3bf5.dll [2009/10/14 21:05:39 | 00,008,146 | ---- | M] () -- C:\Windows\35559ddwaze2512.dll [2009/10/11 10:15:16 | 00,018,063 | ---- | M] () -- C:\Windows\System32\4395spazbot7d05.exe [2009/10/11 01:18:28 | 00,008,114 | ---- | M] () -- C:\Windows\System32\301509ot-a-v5rus292z.cpl [2009/10/09 16:54:10 | 00,006,667 | ---- | M] () -- C:\Windows\System32\5zccspy9are389.exe [2009/10/07 19:42:51 | 00,004,426 | ---- | M] () -- C:\Windows\24519not-a59irzs4de.ocx [2009/10/04 03:25:57 | 00,013,056 | ---- | M] () -- C:\Windows\19610wo954zf.exe [2009/10/03 21:08:41 | 00,010,355 | ---- | M] () -- C:\Windows\System32\b9dth5eat122z.cpl [2009/10/02 01:23:14 | 00,011,203 | ---- | M] () -- C:\Windows\System32\355zspywar92442.cpl [2009/10/01 20:24:56 | 00,016,334 | ---- | M] () -- C:\Windows\System32\43a1zh9ef5949.ocx [2009/09/27 22:30:00 | 00,005,063 | ---- | M] () -- C:\Windows\53eebacz9oor2951.exe [2009/09/24 18:47:32 | 00,005,019 | ---- | M] () -- C:\Windows\System32\10157worz839.exe [2009/09/23 08:40:55 | 00,015,350 | ---- | M] () -- C:\Windows\System32\9161not-a-9iru59z.dll [2009/09/18 14:16:38 | 00,008,308 | ---- | M] () -- C:\Windows\558cst9zl16.dll [2009/09/18 01:02:38 | 00,003,611 | ---- | M] () -- C:\Windows\System32\z50995acktoolc3.bin [2009/09/17 16:37:12 | 00,004,796 | ---- | M] () -- C:\Windows\System32\15898notza-virus4d2.exe [2009/09/17 16:18:37 | 00,008,149 | ---- | M] () -- C:\Windows\b5aba5kzo9r492.exe [2009/09/17 08:43:17 | 00,017,464 | ---- | M] () -- C:\Windows\5591vir277z9.bin [2009/09/17 04:04:39 | 00,016,453 | ---- | M] () -- C:\Windows\328v9r9z5.dll [2009/09/15 18:26:09 | 00,010,872 | ---- | M] () -- C:\Windows\315629pambot1z2.bin [2009/09/14 16:08:19 | 00,005,751 | ---- | M] () -- C:\Windows\System32\5859sparse123z.exe [2009/09/13 16:18:48 | 00,014,657 | ---- | M] () -- C:\Windows\7zc59pyware163.cpl [2009/09/12 22:16:25 | 00,005,229 | ---- | M] () -- C:\Windows\System32\3296downl5aderz103.ocx [2009/09/12 10:03:07 | 00,011,554 | ---- | M] () -- C:\Windows\27616spzmbo59d2.dll [2009/09/12 04:32:44 | 00,011,733 | ---- | M] () -- C:\Windows\System32\589astza51150.cpl [2009/09/11 19:47:32 | 00,008,773 | ---- | M] () -- C:\Windows\15z49spambot69d.exe [2009/09/10 09:01:18 | 00,010,135 | ---- | M] () -- C:\Windows\31335zack59ol799.ocx [2009/09/07 02:56:04 | 00,006,641 | ---- | M] () -- C:\Windows\6f79ad5wa9e1z18.exe [2009/09/06 16:15:28 | 00,003,250 | ---- | M] () -- C:\Windows\System32\7467sparz95115.cpl [2009/09/04 17:40:00 | 00,015,833 | ---- | M] () -- C:\Windows\System32\56zor975.exe [2009/09/01 13:39:44 | 00,013,890 | ---- | M] () -- C:\Windows\b6ethzeat15697.ocx [2009/09/01 04:06:57 | 00,017,013 | ---- | M] () -- C:\Windows\5z59vir135.bin [2009/08/28 11:36:05 | 00,012,119 | ---- | M] () -- C:\Windows\10az9i5144.bin [2009/08/27 01:39:46 | 00,005,256 | ---- | M] () -- C:\Windows\31954vir9sc5z.bin [2009/08/26 14:59:04 | 00,004,843 | ---- | M] () -- C:\Windows\System32\25952spy7z3.dll [2009/08/26 05:38:26 | 00,003,098 | ---- | M] () -- C:\Windows\96113not-a-virus65z.exe [2009/08/24 23:13:26 | 00,015,310 | ---- | M] () -- C:\Windows\8982hzckto5l31a.cpl [2009/08/24 14:30:35 | 00,010,118 | ---- | M] () -- C:\Windows\52709acktzol4285.bin [2009/08/24 09:57:51 | 00,007,912 | ---- | M] () -- C:\Windows\System32\28950worz53d5.cpl [2009/08/24 04:46:02 | 00,006,939 | ---- | M] () -- C:\Windows\System32\4707zhreat15591.dll [2009/08/18 18:14:48 | 00,013,637 | ---- | M] () -- C:\Windows\System32\47ffdo5nl9aderz587.exe [2009/08/13 23:18:22 | 00,009,215 | ---- | M] () -- C:\Windows\System32\2169stez52927.cpl [2009/08/12 14:10:02 | 00,011,936 | ---- | M] () -- C:\Windows\System32\10209wor51zf9.bin [2009/08/11 12:08:09 | 00,007,099 | ---- | M] () -- C:\Windows\12970hacktz9l5b7.cpl [2009/08/10 23:03:08 | 00,018,430 | ---- | M] () -- C:\Windows\System32\1z85spyware879.dll [2009/08/10 07:41:37 | 00,012,367 | ---- | M] () -- C:\Windows\System32\6z54sp9war51531.bin [2009/08/09 01:10:27 | 00,004,755 | ---- | M] () -- C:\Windows\26109wor57z49.cpl [2009/08/08 22:14:26 | 00,016,564 | ---- | M] () -- C:\Windows\System32\255629roj3fz.exe [2009/08/08 14:56:55 | 00,006,276 | ---- | M] () -- C:\Windows\55steal3099z.bin [2009/08/07 22:51:16 | 00,016,547 | ---- | M] () -- C:\Windows\z8396hackt59l49e.bin [2009/08/07 13:30:04 | 00,010,100 | ---- | M] () -- C:\Windows\7dddzhre9t54645.cpl [2009/08/07 11:05:13 | 00,003,452 | ---- | M] () -- C:\Windows\System32\26399s592zb.dll [2009/08/06 10:52:41 | 00,014,789 | ---- | M] () -- C:\Windows\System32\55579worz559.ocx [2009/08/05 05:08:05 | 00,007,230 | ---- | M] () -- C:\Windows\715059z4aa.dll [2009/08/04 15:33:45 | 00,007,669 | ---- | M] () -- C:\Windows\1d9zspy59re1306.ocx [2009/08/03 16:27:00 | 00,015,946 | ---- | M] () -- C:\Windows\System32\1989thzef3546.dll [2009/08/03 06:01:44 | 00,005,083 | ---- | M] () -- C:\Windows\System32\2z589hreat7973.exe [2009/08/01 10:07:17 | 00,016,179 | ---- | M] () -- C:\Windows\System32\1905ztr59479.dll [2009/08/01 08:45:35 | 00,008,951 | ---- | M] () -- C:\Windows\System32\5ade9hief579z.exe [2009/07/27 05:36:14 | 00,016,606 | ---- | M] () -- C:\Windows\295thzef1533.ocx [2009/07/27 00:50:22 | 00,007,200 | ---- | M] () -- C:\Windows\System32\1c49downloadzr5968.exe [2009/07/26 06:04:00 | 00,016,970 | ---- | M] () -- C:\Windows\System32\171215acktozl4149.exe [2009/07/26 03:27:07 | 00,016,633 | ---- | M] () -- C:\Windows\12159ownloadzr11815.dll [2009/07/25 20:04:39 | 00,002,721 | ---- | M] () -- C:\Windows\System32\2d5bst9alz56.exe [2009/07/24 09:56:23 | 00,010,432 | ---- | M] () -- C:\Windows\System32\7559sp573z.bin [2009/07/22 18:04:50 | 00,011,052 | ---- | M] () -- C:\Windows\System32\f5zaddw9re2365.exe [2009/07/22 08:26:39 | 00,010,664 | ---- | M] () -- C:\Windows\fz1vir5924.bin [2009/07/22 06:35:50 | 00,004,965 | ---- | M] () -- C:\Windows\System32\195zaddware1132.dll [2009/07/20 12:50:32 | 00,015,915 | ---- | M] () -- C:\Windows\10a9dow5lza9er2069.cpl [2009/07/18 19:17:04 | 00,006,363 | ---- | M] () -- C:\Windows\14261not-a-virus95ez.bin [2009/07/18 11:32:22 | 00,010,469 | ---- | M] () -- C:\Windows\System32\798dzpar5e148.bin [2009/07/17 22:00:27 | 00,013,086 | ---- | M] () -- C:\Windows\System32\50899troj37z.bin [2009/07/14 10:19:57 | 00,017,477 | ---- | M] () -- C:\Windows\System32\129esparsez55.exe [2009/07/14 02:14:04 | 00,004,940 | ---- | M] () -- C:\Windows\System32\5762ad5war92z41.cpl [2009/07/12 21:10:11 | 00,013,219 | ---- | M] () -- C:\Windows\52z69h5ef2970.bin [2009/07/12 17:19:31 | 00,007,420 | ---- | M] () -- C:\Windows\27105s5y9z3.bin [2009/07/10 22:39:32 | 00,010,717 | ---- | M] () -- C:\Windows\System32\z536vir590.ocx [2009/07/10 20:22:28 | 00,010,997 | ---- | M] () -- C:\Windows\System32\6284vir930z5.exe [2009/07/08 17:55:09 | 00,011,652 | ---- | M] () -- C:\Windows\29859virus581z.ocx [2009/07/08 10:31:30 | 00,005,232 | ---- | M] () -- C:\Windows\System32\265zs5ea9541.bin [2009/07/07 01:12:03 | 00,003,794 | ---- | M] () -- C:\Windows\System32\2244h5zktool7a79.dll [2009/07/06 12:44:03 | 00,014,899 | ---- | M] () -- C:\Windows\232979ackto5z494.bin [2009/07/06 05:43:26 | 00,014,278 | ---- | M] () -- C:\Windows\285z1virus319.exe [2009/07/05 17:50:19 | 00,016,131 | ---- | M] () -- C:\Windows\System32\1989zspa9bo5721.exe [2009/07/03 07:51:10 | 00,005,800 | ---- | M] () -- C:\Windows\2908zvirus359.dll [2009/07/03 03:47:07 | 00,017,001 | ---- | M] () -- C:\Windows\System32\5e15th5eat296z0.exe [2009/07/02 11:28:01 | 00,004,608 | ---- | M] () -- C:\Windows\5a59backdzor3143.cpl [2009/07/01 02:55:20 | 00,010,861 | ---- | M] () -- C:\Windows\z558virus592.cpl [2009/06/27 20:09:54 | 00,006,734 | ---- | M] () -- C:\Windows\100639ot-a-virus5z3.ocx [2009/06/27 03:08:31 | 00,008,651 | ---- | M] () -- C:\Windows\System32\5564not-a9zirus118.cpl [2009/06/26 22:31:10 | 00,013,356 | ---- | M] () -- C:\Windows\44fbthre5t729z.bin [2009/06/26 12:26:19 | 00,005,122 | ---- | M] () -- C:\Windows\System32\323z9ha5ktool3e19.exe [2009/06/23 17:49:03 | 00,012,307 | ---- | M] () -- C:\Windows\System32\91ezp9ware5809.dll [2009/06/23 03:00:36 | 00,014,376 | ---- | M] () -- C:\Windows\26369s5y2z7.bin [2009/06/22 02:53:17 | 00,017,599 | ---- | M] () -- C:\Windows\2f93thief1563z.dll [2009/06/18 08:51:28 | 00,004,465 | ---- | M] () -- C:\Windows\5f01backdooz926.ocx [2009/06/17 18:08:03 | 00,011,598 | ---- | M] () -- C:\Windows\224et5ief955z.bin [2009/06/15 16:23:41 | 00,015,725 | ---- | M] () -- C:\Windows\590ds5zal3049.dll [2009/06/15 11:33:34 | 00,002,823 | ---- | M] () -- C:\Windows\9532zirus5c35.ocx [2009/06/15 06:40:34 | 00,011,406 | ---- | M] () -- C:\Windows\20sparze19145.bin [2009/06/13 14:06:57 | 00,014,994 | ---- | M] () -- C:\Windows\System32\4983s5az9ot37c.bin [2009/06/13 02:00:26 | 00,003,179 | ---- | M] () -- C:\Windows\369zworm5789.exe [2009/06/10 23:24:14 | 00,007,204 | ---- | M] () -- C:\Windows\56z0download5r15929.bin [2009/06/10 08:41:52 | 00,003,899 | ---- | M] () -- C:\Windows\System32\15704not-a-v95us7e9z.bin [2009/06/08 17:07:24 | 00,011,265 | ---- | M] () -- C:\Windows\2ef4doznloa9er5524.exe [2009/06/07 06:45:45 | 00,004,077 | ---- | M] () -- C:\Windows\2046tzr5at79.cpl [2009/06/04 07:16:16 | 00,007,091 | ---- | M] () -- C:\Windows\System32\50985pyware22z7.bin [2009/06/03 16:19:30 | 00,013,971 | ---- | M] () -- C:\Windows\941zr5j139.exe [2009/06/03 15:58:52 | 00,012,764 | ---- | M] () -- C:\Windows\5d65addzare3049.ocx [2009/06/03 13:51:51 | 00,005,952 | ---- | M] () -- C:\Windows\System32\93ff5ir21z2.cpl [2009/06/03 04:12:56 | 00,005,670 | ---- | M] () -- C:\Windows\System32\79a0st59l17z4.bin [2009/06/01 13:21:17 | 00,002,813 | ---- | M] () -- C:\Windows\System32\2157backdoo9670z.ocx [2009/05/28 19:50:28 | 00,007,720 | ---- | M] () -- C:\Windows\5099th9ef19z0.cpl [2009/05/28 07:39:43 | 00,009,157 | ---- | M] () -- C:\Windows\33z9pyware552.ocx [2009/05/27 00:58:42 | 00,006,994 | ---- | M] () -- C:\Windows\System32\5126viz9675.exe [2009/05/24 14:40:01 | 00,008,905 | ---- | M] () -- C:\Windows\326b5zr593.exe [2009/05/23 05:06:01 | 00,003,887 | ---- | M] () -- C:\Windows\za8ste5l2519.exe [2009/05/22 21:05:05 | 00,002,628 | ---- | M] () -- C:\Windows\27dfaddwa9e265z.ocx [2009/05/21 23:42:06 | 00,005,558 | ---- | M] () -- C:\Windows\System32\15921z5y7ce9.bin [2009/05/20 14:14:46 | 00,011,260 | ---- | M] () -- C:\Windows\45e7downlozder54049.exe [2009/05/18 01:03:41 | 00,008,701 | ---- | M] () -- C:\Windows\System32\5a399ownzo5der3255.bin [2009/05/17 17:05:21 | 00,007,738 | ---- | M] () -- C:\Windows\z12475py329.dll [2009/05/16 18:50:32 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Neeraj Tohan\Desktop\OTListIt2.exe [2009/05/16 18:15:23 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job [2009/05/16 18:13:13 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/05/16 18:12:59 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/05/16 18:12:59 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/05/16 18:12:47 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/05/16 18:12:41 | 11,939,6807 | ---- | M] () -- C:\Windows\MEMORY.DMP [2009/05/16 16:04:21 | 00,000,004 | ---- | M] () -- C:\Windows\System32\gxvxccounter [2009/05/16 15:50:17 | 14,039,440 | ---- | M] (Doctor Web, Ltd.) -- C:\Users\Neeraj Tohan\Desktop\drweb-cureit.exe [2009/05/15 17:48:19 | 00,017,316 | ---- | M] () -- C:\Windows\31275notz5-vir9s787.ocx [2009/05/15 11:48:55 | 00,008,941 | ---- | M] () -- C:\Windows\1z5449ot-a5virus382.bin [2009/05/14 09:08:58 | 00,009,053 | ---- | M] () -- C:\Windows\1z587troj955.dll [2009/05/13 13:53:23 | 00,012,091 | ---- | M] () -- C:\Windows\System32\505zrus954.exe [2009/05/11 01:19:14 | 00,011,968 | ---- | M] () -- C:\Windows\System32\68d2zte9l1507.ocx [2009/05/09 23:14:09 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/05/09 22:49:16 | 00,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2009/05/09 04:56:49 | 00,014,848 | ---- | M] () -- C:\Windows\59z9spambot352.dll [2009/05/08 07:58:46 | 00,000,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2009/05/08 00:09:26 | 40,153,280 | ---- | M] () -- C:\Users\Neeraj Tohan\Desktop\savw76sasfx.exe [2009/05/07 23:37:32 | 00,009,404 | ---- | M] () -- C:\Windows\System32\70z9threat255875.bin [2009/05/07 23:37:32 | 00,009,325 | ---- | M] () -- C:\Windows\158daddware2z98.cpl [2009/05/07 23:37:32 | 00,003,728 | ---- | M] () -- C:\Windows\System32\z9b9s5yw9re1317.ocx [2009/05/07 23:37:32 | 00,003,102 | ---- | M] () -- C:\Windows\System32\2348195zktool386.bin [2009/05/07 23:37:31 | 00,018,195 | ---- | M] () -- C:\Windows\c1za5dware30419.cpl [2009/05/07 23:37:31 | 00,011,681 | ---- | M] () -- C:\Windows\System32\26543worz99.exe [2009/05/07 23:37:31 | 00,011,307 | ---- | M] () -- C:\Windows\System32\524down9ozd5r48.bin [2009/05/07 23:37:31 | 00,010,599 | ---- | M] () -- C:\Windows\System32\22512s9yz5f.ocx [2009/05/07 23:37:31 | 00,008,053 | ---- | M] () -- C:\Windows\90016z5y409.dll [2009/05/07 23:37:31 | 00,006,791 | ---- | M] () -- C:\Windows\System32\2005tzreat23659.cpl [2009/05/07 23:37:31 | 00,004,865 | ---- | M] () -- C:\Windows\23949wor56e5z.exe [2009/05/07 23:37:31 | 00,004,345 | ---- | M] () -- C:\Windows\3839worm515z.cpl [2009/05/07 23:37:31 | 00,004,064 | ---- | M] () -- C:\Windows\4ce5addwar92852z.ocx [2009/05/07 23:37:30 | 00,012,279 | ---- | M] () -- C:\Windows\91609sp5mbot188z.ocx [2009/05/07 23:37:30 | 00,008,456 | ---- | M] () -- C:\Windows\System32\95z2troj92.ocx [2009/05/07 23:37:30 | 00,007,171 | ---- | M] () -- C:\Windows\2a74szyware945.exe [2009/05/07 23:37:30 | 00,006,297 | ---- | M] () -- C:\Windows\69a9thi5f194z.cpl [2009/05/07 23:37:30 | 00,005,654 | ---- | M] () -- C:\Windows\5c57vi91z88.cpl [2009/05/07 23:37:30 | 00,003,376 | ---- | M] () -- C:\Windows\System32\3945spzrs928195.ocx [2009/05/07 23:37:30 | 00,002,886 | ---- | M] () -- C:\Windows\58133vizu915a.exe [2009/05/07 23:37:29 | 00,016,402 | ---- | M] () -- C:\Windows\59e9bazkdoor1651.exe [2009/05/07 23:37:29 | 00,016,095 | ---- | M] () -- C:\Windows\System32\3458addwarez3195.dll [2009/05/07 23:37:29 | 00,015,043 | ---- | M] () -- C:\Windows\System32\z515hief698.ocx [2009/05/07 23:37:29 | 00,013,966 | ---- | M] () -- C:\Windows\System32\291369rzj588.bin [2009/05/07 23:37:29 | 00,012,724 | ---- | M] () -- C:\Windows\9689z5pambot205.bin [2009/05/07 23:37:29 | 00,012,584 | ---- | M] () -- C:\Windows\150evir19z4.bin [2009/05/07 23:37:29 | 00,010,162 | ---- | M] () -- C:\Windows\System32\22521zorm39e.dll [2009/05/07 23:37:29 | 00,008,982 | ---- | M] () -- C:\Windows\System32\32541sp9mbot3z3.bin [2009/05/07 23:37:29 | 00,008,850 | ---- | M] () -- C:\Windows\8714n9t-a-viruz45f.bin [2009/05/07 23:37:29 | 00,007,814 | ---- | M] () -- C:\Windows\System32\5fzavir9166.dll [2009/05/07 23:37:29 | 00,007,463 | ---- | M] () -- C:\Windows\17091not-azvi9us855.cpl [2009/05/07 23:37:28 | 00,016,198 | ---- | M] () -- C:\Windows\2d45stza92504.bin [2009/05/07 23:37:28 | 00,010,781 | ---- | M] () -- C:\Windows\21850spzmbot269.cpl [2009/05/07 23:37:28 | 00,008,275 | ---- | M] () -- C:\Windows\972zspy576.ocx [2009/05/07 23:37:28 | 00,004,198 | ---- | M] () -- C:\Windows\System32\73ebspyware9z765.cpl [2009/05/07 23:37:28 | 00,003,602 | ---- | M] () -- C:\Windows\System32\24893spz33b5.ocx [2009/05/07 23:37:27 | 00,016,962 | ---- | M] () -- C:\Windows\5a73addwarez989.ocx [2009/05/07 23:37:27 | 00,014,844 | ---- | M] () -- C:\Windows\System32\zc739pars52346.cpl [2009/05/07 23:37:27 | 00,012,142 | ---- | M] () -- C:\Windows\zdb5ba59door1676.exe [2009/05/07 23:37:27 | 00,011,749 | ---- | M] () -- C:\Windows\System32\556bthreat116z59.ocx [2009/05/07 23:37:27 | 00,011,574 | ---- | M] () -- C:\Windows\b92backdoor25z.cpl [2009/05/07 23:37:27 | 00,011,321 | ---- | M] () -- C:\Windows\z189vir55.exe [2009/05/07 23:37:27 | 00,010,084 | ---- | M] () -- C:\Windows\System32\66d5downloaderz7789.bin [2009/05/07 23:37:27 | 00,009,982 | ---- | M] () -- C:\Windows\System32\23f1bazk9oor9815.ocx [2009/05/07 23:37:27 | 00,009,889 | ---- | M] () -- C:\Windows\2425zwo9533c.dll [2009/05/07 23:37:27 | 00,008,990 | ---- | M] () -- C:\Windows\6135tzoj2209.cpl [2009/05/07 23:37:27 | 00,008,594 | ---- | M] () -- C:\Windows\31z90tro53ae9.ocx [2009/05/07 23:37:27 | 00,003,633 | ---- | M] () -- C:\Windows\9694z5irus5c7.ocx [2009/05/07 23:37:27 | 00,003,015 | ---- | M] () -- C:\Windows\28662ha5k9ooz728.bin [2009/05/07 23:37:26 | 00,014,143 | ---- | M] () -- C:\Windows\System32\5903zteal2125.exe [2009/05/07 23:37:26 | 00,010,585 | ---- | M] () -- C:\Windows\System32\15689tr9j2bz.dll [2009/05/07 23:37:26 | 00,003,892 | ---- | M] () -- C:\Windows\z607not-9-vir5s1ff.exe [2009/05/07 23:37:25 | 00,011,749 | ---- | M] () -- C:\Windows\System32\16695spz5559.exe [2009/05/07 23:37:25 | 00,011,001 | ---- | M] () -- C:\Windows\95121v5rus18az.ocx [2009/05/07 23:37:25 | 00,008,858 | ---- | M] () -- C:\Windows\System32\17990t5oj6z.bin [2009/05/07 23:37:25 | 00,008,420 | ---- | M] () -- C:\Windows\4967thre5t310z1.bin [2009/05/07 23:37:25 | 00,007,315 | ---- | M] () -- C:\Windows\System32\2z819w9rm385.dll [2009/05/07 23:37:25 | 00,002,537 | ---- | M] () -- C:\Windows\95c5sparz5585.cpl [2009/05/07 23:37:24 | 00,017,810 | ---- | M] () -- C:\Windows\System32\789ebaczdo5r824.ocx [2009/05/07 23:37:24 | 00,016,240 | ---- | M] () -- C:\Windows\System32\25194hack9ool2z5.cpl [2009/05/07 23:37:24 | 00,015,894 | ---- | M] () -- C:\Windows\System32\28692s5z2b59.exe [2009/05/07 23:37:24 | 00,014,075 | ---- | M] () -- C:\Windows\459zworm769.cpl [2009/05/07 23:37:24 | 00,013,149 | ---- | M] () -- C:\Windows\System32\z7ee9pyware1445.exe [2009/05/07 23:37:24 | 00,012,031 | ---- | M] () -- C:\Windows\System32\4bez9i5f84.bin [2009/05/07 23:37:24 | 00,010,650 | ---- | M] () -- C:\Windows\System32\z916vir24455.exe [2009/05/07 23:37:24 | 00,010,458 | ---- | M] () -- C:\Windows\4279th5ef1z70.ocx [2009/05/07 23:37:24 | 00,007,775 | ---- | M] () -- C:\Windows\System32\75f4threa9z8144.exe [2009/05/07 23:37:24 | 00,004,374 | ---- | M] () -- C:\Windows\133559orz481.exe [2009/05/07 23:37:24 | 00,003,969 | ---- | M] () -- C:\Windows\11325not-a-9irus7ez5.bin [2009/05/07 23:37:23 | 00,017,415 | ---- | M] () -- C:\Windows\System32\5175thizf2950.bin [2009/05/07 23:37:23 | 00,017,396 | ---- | M] () -- C:\Windows\System32\5b58download9r2044z.exe [2009/05/07 23:37:23 | 00,016,197 | ---- | M] () -- C:\Windows\System32\339zthrea5314.ocx [2009/05/07 23:37:23 | 00,015,753 | ---- | M] () -- C:\Windows\System32\195irz998.exe [2009/05/07 23:37:23 | 00,015,079 | ---- | M] () -- C:\Windows\System32\349f5hrzat4925.exe [2009/05/07 23:37:23 | 00,014,113 | ---- | M] () -- C:\Windows\System32\555v9z1225.exe [2009/05/07 23:37:23 | 00,012,247 | ---- | M] () -- C:\Windows\147869rzj495.cpl [2009/05/07 23:37:23 | 00,012,061 | ---- | M] () -- C:\Windows\System32\5522t9iefz079.dll [2009/05/07 23:37:23 | 00,011,975 | ---- | M] () -- C:\Windows\System32\258z5wo9m61b.ocx [2009/05/07 23:37:23 | 00,011,702 | ---- | M] () -- C:\Windows\System32\50f4thrza513943.dll [2009/05/07 23:37:23 | 00,011,617 | ---- | M] () -- C:\Windows\1459t9izf38.exe [2009/05/07 23:37:23 | 00,011,102 | ---- | M] () -- C:\Windows\System32\219z4hackt9o5519.dll [2009/05/07 23:37:23 | 00,009,225 | ---- | M] () -- C:\Windows\System32\16044ha9kzoo55bc.dll [2009/05/07 23:37:23 | 00,008,898 | ---- | M] () -- C:\Windows\59382not-azvirus2b9.bin [2009/05/07 23:37:23 | 00,008,686 | ---- | M] () -- C:\Windows\System32\49fespywaze3542.bin [2009/05/07 23:37:23 | 00,008,582 | ---- | M] () -- C:\Windows\z2555tr9jdd.dll [2009/05/07 23:37:23 | 00,008,321 | ---- | M] () -- C:\Windows\2738no5-a-9izus302.dll [2009/05/07 23:37:23 | 00,007,941 | ---- | M] () -- C:\Windows\System32\251z5worm957.exe [2009/05/07 23:37:23 | 00,007,908 | ---- | M] () -- C:\Windows\z5096vi9us578.cpl [2009/05/07 23:37:23 | 00,007,600 | ---- | M] () -- C:\Windows\2ac0t95ef766z.cpl [2009/05/07 23:37:23 | 00,005,170 | ---- | M] () -- C:\Windows\System32\3891stzal12615.cpl [2009/05/07 23:37:23 | 00,003,379 | ---- | M] () -- C:\Windows\System32\7d79d5wnloazer2592.ocx [2009/05/07 23:37:23 | 00,003,300 | ---- | M] () -- C:\Windows\18925not-a-virzs9b4.exe [2009/05/07 23:37:23 | 00,003,235 | ---- | M] () -- C:\Windows\System32\1f5atzi5f9809.ocx [2009/05/07 23:37:23 | 00,002,860 | ---- | M] () -- C:\Windows\System32\19646not-9-vir5s3bez.cpl [2009/05/07 23:37:23 | 00,002,725 | ---- | M] () -- C:\Windows\System32\109cdow5loaze9868.cpl [2009/05/07 23:37:22 | 00,018,282 | ---- | M] () -- C:\Windows\System32\5692steal2z9.bin [2009/05/07 23:37:22 | 00,017,516 | ---- | M] () -- C:\Windows\System32\696s5ywarez4899.exe [2009/05/07 23:37:22 | 00,015,483 | ---- | M] () -- C:\Windows\29999vi5uszb5.cpl [2009/05/07 23:37:22 | 00,015,247 | ---- | M] () -- C:\Windows\a65vir232z9.exe [2009/05/07 23:37:22 | 00,014,645 | ---- | M] () -- C:\Windows\20767not-a9virzs54f.bin [2009/05/07 23:37:22 | 00,014,333 | ---- | M] () -- C:\Windows\55809aczdoor1163.ocx [2009/05/07 23:37:22 | 00,012,626 | ---- | M] () -- C:\Windows\215z49py7b5.ocx [2009/05/07 23:37:22 | 00,010,620 | ---- | M] () -- C:\Windows\System32\z95evir9569.ocx [2009/05/07 23:37:22 | 00,006,304 | ---- | M] () -- C:\Windows\5699not-a-vzrus35.exe [2009/05/07 23:37:22 | 00,006,247 | ---- | M] () -- C:\Windows\3aa9sp5waze1735.bin [2009/05/07 23:37:22 | 00,005,066 | ---- | M] () -- C:\Windows\24z48spa9b5t519.exe [2009/05/07 23:37:21 | 00,018,139 | ---- | M] () -- C:\Windows\System32\3985s9yware88z.bin [2009/05/07 23:37:21 | 00,017,603 | ---- | M] () -- C:\Windows\6bzcdownlo95er1626.ocx [2009/05/07 23:37:21 | 00,016,771 | ---- | M] () -- C:\Windows\z7375not9a-virusb.cpl [2009/05/07 23:37:21 | 00,014,903 | ---- | M] () -- C:\Windows\System32\3z54downloader3199.cpl [2009/05/07 23:37:21 | 00,013,618 | ---- | M] () -- C:\Windows\System32\z50dvir9033.cpl [2009/05/07 23:37:21 | 00,009,426 | ---- | M] () -- C:\Windows\2de8stealz9955.ocx [2009/05/07 23:37:21 | 00,007,927 | ---- | M] () -- C:\Windows\System32\3950sparsz2967.bin [2009/05/07 23:37:21 | 00,007,669 | ---- | M] () -- C:\Windows\1563downloazer9895.cpl [2009/05/07 23:37:21 | 00,007,599 | ---- | M] () -- C:\Windows\8179teal1553z.exe [2009/05/07 23:37:21 | 00,005,731 | ---- | M] () -- C:\Windows\System32\1b95backdozr1965.exe [2009/05/07 23:37:21 | 00,005,404 | ---- | M] () -- C:\Windows\389th5zf967.exe [2009/05/07 23:37:21 | 00,005,043 | ---- | M] () -- C:\Windows\System32\z25dt9ief2585.dll [2009/05/07 23:37:21 | 00,004,875 | ---- | M] () -- C:\Windows\System32\33235o9z26f.dll [2009/05/07 23:37:21 | 00,003,605 | ---- | M] () -- C:\Windows\System32\24957h59ktzol3ca.dll [2009/05/07 23:37:21 | 00,002,972 | ---- | M] () -- C:\Windows\System32\5065spzrse119.ocx [2009/05/07 23:37:20 | 00,009,187 | ---- | M] () -- C:\Windows\7395viz998.bin [2009/05/07 23:37:20 | 00,008,700 | ---- | M] () -- C:\Windows\System32\1810bzckdo5r2093.ocx [2009/05/07 23:37:20 | 00,006,241 | ---- | M] () -- C:\Windows\System32\307049pzmbo569b.bin [2009/05/07 23:37:11 | 01,097,216 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\setup2.exe [2009/05/05 00:28:24 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2009/05/04 20:53:36 | 00,003,243 | ---- | M] () -- C:\Windows\System32\2493steal24z05.bin [2009/05/03 13:25:56 | 00,010,834 | ---- | M] () -- C:\Windows\8523wormz97.dll [2009/05/03 02:51:19 | 00,008,905 | ---- | M] () -- C:\Windows\54cabackd5or79z.ocx [2009/05/01 01:22:47 | 00,000,142 | ---- | M] () -- C:\Windows\ODBC.INI [2009/04/28 07:10:31 | 00,006,795 | ---- | M] () -- C:\Windows\25559n9t-a-vizus11f.cpl [2009/04/26 11:27:06 | 00,014,299 | ---- | M] () -- C:\Windows\z9523hackt9ol565.cpl [2009/04/24 23:43:47 | 00,015,623 | ---- | M] () -- C:\Windows\System32\47e8sp9zse2537.dll [2009/04/24 08:46:00 | 00,003,841 | ---- | M] () -- C:\Windows\53416hackto9l29cz.cpl [2009/04/23 18:47:25 | 00,005,828 | ---- | M] () -- C:\Windows\5129vir222z.exe [2009/04/22 16:57:01 | 00,000,472 | ---- | M] () -- C:\Windows\tasks\Ad-Aware Update (Weekly).job [2009/04/22 01:04:50 | 00,015,514 | ---- | M] () -- C:\Windows\System32\155z9orm543.bin [2009/04/21 02:59:17 | 00,012,879 | ---- | M] () -- C:\Windows\System32\2570ad9ware3015z.cpl [2009/04/21 00:27:11 | 00,409,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2009/04/19 23:34:17 | 00,001,401 | ---- | M] () -- C:\Users\Neeraj Tohan\Desktop\DivX Movies.lnk [2009/04/19 22:55:20 | 00,017,903 | ---- | M] () -- C:\Windows\System32\59z25not-a9virus606.cpl [2009/04/18 03:37:02 | 00,003,704 | ---- | M] () -- C:\Windows\17835viz59155.dll [2009/04/17 21:55:55 | 00,008,598 | ---- | M] () -- C:\Windows\System32\9456szamb5t24b9.ocx [2009/04/16 20:31:05 | 00,015,365 | ---- | M] () -- C:\Windows\System32\517d9hief225z.cpl < End of report > |
|
|
|
|
May 17 2009, 02:16 AM
Post
#5
|
|
|
Trusted Helper Posts: 1,861 From: The Netherlands OS: Windows XP/Vista Dualboot |
Hello lucky-g,
We will begin with ComboFix.exe. Please visit this webpage for download links, and instructions for running the tool: http://www.bleepingcomputer.com/combofix/how-to-use-combofix * Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix. Please include the C:\ComboFix.txt in your next reply for further review. Thunderbird1988 |
|
|
|
|
May 17 2009, 02:23 PM
Post
#6
|
|
|
Member Posts: 76 From: Toronto OS: xp sp3, vista sp1 |
Hi Thunderbird1988, here's the combofix log you requested:
ComboFix 09-05-17.01 - Neeraj Tohan 17/05/2009 16:13.3 - NTFSx86 Microsoft® Windows Vista™ Home Premium 6.0.6001.1.1252.2.1033.18.1013.373 [GMT -4:00] Running from: c:\users\Neeraj Tohan\Desktop\ComboFix.exe AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE} AV: Sophos Anti-Virus *On-access scanning disabled* (Updated) {3F13C776-3CBE-4DE9-8BF6-09E5183CA2BD} SP: Avira AntiVir PersonalEdition *enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE} SP: Avira AntiVir PersonalEdition *enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} SP: Sophos Anti-Virus *disabled* (Updated) {A8CA403D-C4B1-4BBA-9FA7-B73C144CBC5C} SP: Spybot - Search and Destroy *disabled* (Updated) {ED588FAF-1B8F-43B4-ACA8-8E3C85DADBE9} SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\$recycle.bin\S-1-5-21-4090779657-3465151440-4142318205-1005\$RCVPLZQ.sav c:\$recycle.bin\S-1-5-21-4090779657-3465151440-4142318205-1005\$RNN7JF2.BAK c:\windows\system32\gxvxccounter c:\windows\system32\mfc70.dll . ((((((((((((((((((((((((( Files Created from 2009-04-17 to 2009-05-17 ))))))))))))))))))))))))))))))) . 2009-12-28 19:58 . 2009-12-28 19:58 14347 ----a-w c:\windows\system32\4c5zbackdoo92804.bin 2009-12-28 01:20 . 2009-12-28 01:20 3442 ----a-w c:\windows\system32\353czpy59re2933.dll 2009-12-26 18:49 . 2009-12-26 18:49 4758 ----a-w c:\windows\system32\6037not-a-viru945z.bin 2009-12-24 21:39 . 2009-12-24 21:39 4245 ----a-w c:\windows\29215spzmbot3bb.bin 2009-12-23 14:37 . 2009-12-23 14:37 14839 ----a-w c:\windows\system32\7z6e5hief1917.bin 2009-12-22 23:10 . 2009-12-22 23:10 5187 ----a-w c:\windows\5919v5r1396z.dll 2009-12-18 13:02 . 2009-12-18 13:02 9972 ----a-w c:\windows\24054h59ktozl3db.bin 2009-12-18 09:21 . 2009-12-18 09:21 10415 ----a-w c:\windows\1225do5nl9ader287z.exe 2009-12-16 11:17 . 2009-12-16 11:17 17324 ----a-w c:\windows\system32\1569zspy152.bin 2009-12-16 05:25 . 2009-12-16 05:25 8283 ----a-w c:\windows\45e09z5eat9856.exe 2009-12-15 04:32 . 2009-12-15 04:32 5441 ----a-w c:\windows\2f93thzeat56625.dll 2009-12-13 11:47 . 2009-12-13 11:47 7720 ----a-w c:\windows\7951downloader19z95.exe 2009-12-12 13:34 . 2009-12-12 13:34 4857 ----a-w c:\windows\system32\15047not-5-9iruz33a.exe 2009-12-10 19:04 . 2009-12-10 19:04 11611 ----a-w c:\windows\system32\25292spz5fb9.bin 2009-12-09 15:11 . 2009-12-09 15:11 13956 ----a-w c:\windows\system32\4053threat98047z.dll 2009-12-09 00:10 . 2009-12-09 00:10 3424 ----a-w c:\windows\39599irzs43d.exe 2009-12-08 19:23 . 2009-12-08 19:23 8098 ----a-w c:\windows\system32\422zs5yware2195.bin 2009-11-28 09:21 . 2009-11-28 09:21 2918 ----a-w c:\windows\system32\5868z9dware475.bin 2009-11-24 05:55 . 2009-11-24 05:55 13851 ----a-w c:\windows\system32\ze01downl5ader93.dll 2009-11-22 02:32 . 2009-11-22 02:32 8612 ----a-w c:\windows\system32\zeecsparse5129.exe 2009-11-21 06:31 . 2009-11-21 06:31 4537 ----a-w c:\windows\system32\26922tro53z89.exe 2009-11-19 12:14 . 2009-11-19 12:14 14778 ----a-w c:\windows\system32\3592th5ef2239z.exe 2009-11-18 03:09 . 2009-11-18 03:09 9502 ----a-w c:\windows\31195nzt-5-virus9fc.bin 2009-11-16 04:15 . 2009-11-16 04:15 13748 ----a-w c:\windows\system32\1f795zyware2644.dll 2009-11-15 20:11 . 2009-11-15 20:11 10807 ----a-w c:\windows\8810s5am9ot4dz.exe 2009-11-14 19:36 . 2009-11-14 19:36 16051 ----a-w c:\windows\system32\59cthief26z7.bin 2009-11-07 17:58 . 2009-11-07 17:58 4933 ----a-w c:\windows\system32\3054z5irus9c2.exe 2009-11-06 07:39 . 2009-11-06 07:39 13481 ----a-w c:\windows\system32\3aa7zddw5re9730.bin 2009-11-05 21:53 . 2009-11-05 21:53 16020 ----a-w c:\windows\acftzre5t94699.exe 2009-11-04 09:17 . 2009-11-04 09:17 3432 ----a-w c:\windows\55945troj7c5z.bin 2009-11-03 05:45 . 2009-11-03 05:45 13431 ----a-w c:\windows\system32\599athiefz119.exe 2009-11-02 23:51 . 2009-11-02 23:51 8630 ----a-w c:\windows\2781659zj619.dll 2009-10-28 04:43 . 2009-10-28 04:43 12049 ----a-w c:\windows\system32\6z039pam5ot6d3.bin 2009-10-23 23:09 . 2009-10-23 23:09 5133 ----a-w c:\windows\2c02sp5zse2929.dll 2009-10-21 03:55 . 2009-10-21 03:55 8975 ----a-w c:\windows\9950troj6fz.exe 2009-10-16 11:51 . 2009-10-16 11:51 6691 ----a-w c:\windows\system32\6z4t9oj3bf5.dll 2009-10-15 01:05 . 2009-10-15 01:05 8146 ----a-w c:\windows\35559ddwaze2512.dll 2009-10-11 14:15 . 2009-10-11 14:15 18063 ----a-w c:\windows\system32\4395spazbot7d05.exe 2009-10-09 20:54 . 2009-10-09 20:54 6667 ----a-w c:\windows\system32\5zccspy9are389.exe 2009-10-04 07:25 . 2009-10-04 07:25 13056 ----a-w c:\windows\19610wo954zf.exe 2009-09-28 02:30 . 2009-09-28 02:30 5063 ----a-w c:\windows\53eebacz9oor2951.exe 2009-09-24 22:47 . 2009-09-24 22:47 5019 ----a-w c:\windows\system32\10157worz839.exe 2009-09-23 12:40 . 2009-09-23 12:40 15350 ----a-w c:\windows\system32\9161not-a-9iru59z.dll 2009-09-18 18:16 . 2009-09-18 18:16 8308 ----a-w c:\windows\558cst9zl16.dll 2009-09-18 05:02 . 2009-09-18 05:02 3611 ----a-w c:\windows\system32\z50995acktoolc3.bin 2009-09-17 20:37 . 2009-09-17 20:37 4796 ----a-w c:\windows\system32\15898notza-virus4d2.exe 2009-09-17 20:18 . 2009-09-17 20:18 8149 ----a-w c:\windows\b5aba5kzo9r492.exe 2009-09-17 12:43 . 2009-09-17 12:43 17464 ----a-w c:\windows\5591vir277z9.bin 2009-09-17 08:04 . 2009-09-17 08:04 16453 ----a-w c:\windows\328v9r9z5.dll 2009-09-15 22:26 . 2009-09-15 22:26 10872 ----a-w c:\windows\315629pambot1z2.bin 2009-09-14 20:08 . 2009-09-14 20:08 5751 ----a-w c:\windows\system32\5859sparse123z.exe 2009-09-12 14:03 . 2009-09-12 14:03 11554 ----a-w c:\windows\27616spzmbo59d2.dll 2009-09-11 23:47 . 2009-09-11 23:47 8773 ----a-w c:\windows\15z49spambot69d.exe 2009-09-07 06:56 . 2009-09-07 06:56 6641 ----a-w c:\windows\6f79ad5wa9e1z18.exe 2009-09-04 21:40 . 2009-09-04 21:40 15833 ----a-w c:\windows\system32\56zor975.exe 2009-09-01 08:06 . 2009-09-01 08:06 17013 ----a-w c:\windows\5z59vir135.bin 2009-08-28 15:36 . 2009-08-28 15:36 12119 ----a-w c:\windows\10az9i5144.bin 2009-08-27 05:39 . 2009-08-27 05:39 5256 ----a-w c:\windows\31954vir9sc5z.bin 2009-08-26 18:59 . 2009-08-26 18:59 4843 ----a-w c:\windows\system32\25952spy7z3.dll 2009-08-26 09:38 . 2009-08-26 09:38 3098 ----a-w c:\windows\96113not-a-virus65z.exe 2009-08-24 18:30 . 2009-08-24 18:30 10118 ----a-w c:\windows\52709acktzol4285.bin 2009-08-24 08:46 . 2009-08-24 08:46 6939 ----a-w c:\windows\system32\4707zhreat15591.dll 2009-08-18 22:14 . 2009-08-18 22:14 13637 ----a-w c:\windows\system32\47ffdo5nl9aderz587.exe 2009-08-12 18:10 . 2009-08-12 18:10 11936 ----a-w c:\windows\system32\10209wor51zf9.bin 2009-08-11 03:03 . 2009-08-11 03:03 18430 ----a-w c:\windows\system32\1z85spyware879.dll 2009-08-10 11:41 . 2009-08-10 11:41 12367 ----a-w c:\windows\system32\6z54sp9war51531.bin 2009-08-09 02:14 . 2009-08-09 02:14 16564 ----a-w c:\windows\system32\255629roj3fz.exe 2009-08-08 18:56 . 2009-08-08 18:56 6276 ----a-w c:\windows\55steal3099z.bin 2009-08-08 02:51 . 2009-08-08 02:51 16547 ----a-w c:\windows\z8396hackt59l49e.bin 2009-08-07 15:05 . 2009-08-07 15:05 3452 ----a-w c:\windows\system32\26399s592zb.dll 2009-08-05 09:08 . 2009-08-05 09:08 7230 ----a-w c:\windows\715059z4aa.dll 2009-08-03 20:27 . 2009-08-03 20:27 15946 ----a-w c:\windows\system32\1989thzef3546.dll 2009-08-03 10:01 . 2009-08-03 10:01 5083 ----a-w c:\windows\system32\2z589hreat7973.exe 2009-08-01 14:07 . 2009-08-01 14:07 16179 ----a-w c:\windows\system32\1905ztr59479.dll 2009-08-01 12:45 . 2009-08-01 12:45 8951 ----a-w c:\windows\system32\5ade9hief579z.exe 2009-07-27 04:50 . 2009-07-27 04:50 7200 ----a-w c:\windows\system32\1c49downloadzr5968.exe 2009-07-26 10:04 . 2009-07-26 10:04 16970 ----a-w c:\windows\system32\171215acktozl4149.exe 2009-07-26 07:27 . 2009-07-26 07:27 16633 ----a-w c:\windows\12159ownloadzr11815.dll 2009-07-26 00:04 . 2009-07-26 00:04 2721 ----a-w c:\windows\system32\2d5bst9alz56.exe 2009-07-24 13:56 . 2009-07-24 13:56 10432 ----a-w c:\windows\system32\7559sp573z.bin 2009-07-22 22:04 . 2009-07-22 22:04 11052 ----a-w c:\windows\system32\f5zaddw9re2365.exe 2009-07-22 12:26 . 2009-07-22 12:26 10664 ----a-w c:\windows\fz1vir5924.bin 2009-07-22 10:35 . 2009-07-22 10:35 4965 ----a-w c:\windows\system32\195zaddware1132.dll 2009-07-18 23:17 . 2009-07-18 23:17 6363 ----a-w c:\windows\14261not-a-virus95ez.bin 2009-07-18 15:32 . 2009-07-18 15:32 10469 ----a-w c:\windows\system32\798dzpar5e148.bin 2009-07-18 02:00 . 2009-07-18 02:00 13086 ----a-w c:\windows\system32\50899troj37z.bin 2009-07-14 14:19 . 2009-07-14 14:19 17477 ----a-w c:\windows\system32\129esparsez55.exe 2009-07-13 01:10 . 2009-07-13 01:10 13219 ----a-w c:\windows\52z69h5ef2970.bin 2009-07-12 21:19 . 2009-07-12 21:19 7420 ----a-w c:\windows\27105s5y9z3.bin 2009-07-11 00:22 . 2009-07-11 00:22 10997 ----a-w c:\windows\system32\6284vir930z5.exe 2009-07-08 14:31 . 2009-07-08 14:31 5232 ----a-w c:\windows\system32\265zs5ea9541.bin 2009-07-07 05:12 . 2009-07-07 05:12 3794 ----a-w c:\windows\system32\2244h5zktool7a79.dll 2009-07-06 16:44 . 2009-07-06 16:44 14899 ----a-w c:\windows\232979ackto5z494.bin 2009-07-06 09:43 . 2009-07-06 09:43 14278 ----a-w c:\windows\285z1virus319.exe 2009-07-05 21:50 . 2009-07-05 21:50 16131 ----a-w c:\windows\system32\1989zspa9bo5721.exe 2009-07-03 11:51 . 2009-07-03 11:51 5800 ----a-w c:\windows\2908zvirus359.dll 2009-07-03 07:47 . 2009-07-03 07:47 17001 ----a-w c:\windows\system32\5e15th5eat296z0.exe 2009-06-27 02:31 . 2009-06-27 02:31 13356 ----a-w c:\windows\44fbthre5t729z.bin 2009-06-26 16:26 . 2009-06-26 16:26 5122 ----a-w c:\windows\system32\323z9ha5ktool3e19.exe 2009-06-23 21:49 . 2009-06-23 21:49 12307 ----a-w c:\windows\system32\91ezp9ware5809.dll 2009-06-23 07:00 . 2009-06-23 07:00 14376 ----a-w c:\windows\26369s5y2z7.bin 2009-06-22 06:53 . 2009-06-22 06:53 17599 ----a-w c:\windows\2f93thief1563z.dll 2009-06-17 22:08 . 2009-06-17 22:08 11598 ----a-w c:\windows\224et5ief955z.bin 2009-06-15 20:23 . 2009-06-15 20:23 15725 ----a-w c:\windows\590ds5zal3049.dll 2009-06-15 10:40 . 2009-06-15 10:40 11406 ----a-w c:\windows\20sparze19145.bin 2009-06-13 18:06 . 2009-06-13 18:06 14994 ----a-w c:\windows\system32\4983s5az9ot37c.bin 2009-06-13 06:00 . 2009-06-13 06:00 3179 ----a-w c:\windows\369zworm5789.exe 2009-06-11 03:24 . 2009-06-11 03:24 7204 ----a-w c:\windows\56z0download5r15929.bin 2009-06-10 12:41 . 2009-06-10 12:41 3899 ----a-w c:\windows\system32\15704not-a-v95us7e9z.bin 2009-06-08 21:07 . 2009-06-08 21:07 11265 ----a-w c:\windows\2ef4doznloa9er5524.exe 2009-06-04 11:16 . 2009-06-04 11:16 7091 ----a-w c:\windows\system32\50985pyware22z7.bin 2009-06-03 20:19 . 2009-06-03 20:19 13971 ----a-w c:\windows\941zr5j139.exe 2009-06-03 08:12 . 2009-06-03 08:12 5670 ----a-w c:\windows\system32\79a0st59l17z4.bin 2009-05-27 04:58 . 2009-05-27 04:58 6994 ----a-w c:\windows\system32\5126viz9675.exe 2009-05-24 18:40 . 2009-05-24 18:40 8905 ----a-w c:\windows\326b5zr593.exe 2009-05-23 09:06 . 2009-05-23 09:06 3887 ----a-w c:\windows\za8ste5l2519.exe 2009-05-22 03:42 . 2009-05-22 03:42 5558 ----a-w c:\windows\system32\15921z5y7ce9.bin 2009-05-20 18:14 . 2009-05-20 18:14 11260 ----a-w c:\windows\45e7downlozder54049.exe 2009-05-18 05:03 . 2009-05-18 05:03 8701 ----a-w c:\windows\system32\5a399ownzo5der3255.bin 2009-05-17 21:05 . 2009-05-17 21:05 7738 ----a-w c:\windows\z12475py329.dll 2009-05-16 06:44 . 2009-05-16 20:14 -------- d-----w c:\users\Neeraj Tohan\DoctorWeb 2009-05-15 15:48 . 2009-05-15 15:48 8941 ----a-w c:\windows\1z5449ot-a5virus382.bin 2009-05-14 13:08 . 2009-05-14 13:08 9053 ----a-w c:\windows\1z587troj955.dll 2009-05-13 17:53 . 2009-05-13 17:53 12091 ----a-w c:\windows\system32\505zrus954.exe 2009-05-10 03:14 . 2009-04-06 19:32 15504 ----a-w c:\windows\system32\drivers\mbam.sys . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-04-17 01:06 . 2006-11-02 11:18 -------- d-----w c:\program files\Windows Mail 2009-04-15 05:25 . 2009-04-15 05:25 15043 ----a-w c:\windows\system32\49435o9m7z9.exe 2009-04-13 14:15 . 2009-04-13 14:15 17675 ----a-w c:\windows\system32\7151spyzare11449.bin 2009-04-12 11:42 . 2009-04-12 11:42 17247 ----a-w c:\windows\system32\7946thiez1952.dll 2009-04-12 03:12 . 2009-04-12 03:12 15691 ----a-w c:\windows\z5b9ir424.bin 2009-04-11 19:42 . 2009-04-11 19:42 8937 ----a-w c:\windows\19555not-z-vir5s62c.bin 2009-04-09 17:33 . 2009-04-09 17:33 13041 ----a-w c:\windows\system32\zcefdo9nloader1556.exe 2009-04-09 17:30 . 2009-04-09 17:30 13724 ----a-w c:\windows\system32\e5f9hief890z.bin 2009-04-05 15:19 . 2009-04-05 15:19 12732 ----a-w c:\windows\65dvi985z.bin 2009-04-03 00:41 . 2009-04-03 00:41 2781 ----a-w c:\windows\25z58hacktoo9203.dll 2009-03-31 00:48 . 2009-03-31 00:48 607640 ----a-w c:\users\Neeraj Tohan\jre-6u13-windows-i586-p-iftw.exe 2009-03-31 00:48 . 2009-03-31 00:48 227224 ----a-w c:\users\Neeraj Tohan\jre-6u13-windows-i586-p-iftw-k.exe 2009-03-31 00:48 . 2009-03-31 00:47 16283032 ----a-w c:\users\Neeraj Tohan\jre-6u13-windows-i586-p.exe 2009-03-31 00:29 . 2009-03-31 00:29 -------- d-----w c:\program files\Common Files\Adobe AIR 2009-03-31 00:29 . 2007-02-24 18:37 -------- d-----w c:\program files\Common Files\Adobe 2009-03-30 23:12 . 2009-03-30 23:12 -------- d-----w c:\program files\NOS 2009-03-26 04:15 . 2007-10-06 17:30 110320 ----a-w c:\users\Neeraj Tohan\AppData\Local\GDIPFONTCACHEV1.DAT 2009-03-22 07:08 . 2007-02-24 18:47 -------- d-----w c:\program files\Microsoft SQL Server 2009-03-21 22:35 . 2009-03-21 22:35 11532 ----a-w c:\windows\system32\z9915spy51c.bin 2009-03-19 23:25 . 2009-03-19 23:25 15663 ----a-w c:\windows\5b9fzir9600.exe 2009-03-19 11:30 . 2009-03-19 11:30 4617 ----a-w c:\windows\system32\790d5pzware19.exe 2009-03-19 02:48 . 2009-03-19 02:48 11207 ----a-w c:\windows\30602v5rus9fz.bin 2009-03-19 01:43 . 2009-03-19 01:43 -------- d-----w c:\program files\ERUNT 2009-03-18 01:25 . 2009-03-18 01:25 10920 ----a-w c:\windows\system32\25261zpamb9t267.dll 2009-03-17 03:38 . 2009-04-16 23:06 13824 ----a-w c:\windows\system32\apilogen.dll 2009-03-17 03:38 . 2009-04-16 23:06 24064 ----a-w c:\windows\system32\amxread.dll 2009-03-15 01:30 . 2009-03-15 01:30 6568 ----a-w c:\windows\208235o9-a-virusz83.dll 2009-03-14 15:53 . 2009-03-14 15:53 12698 ----a-w c:\windows\system32\dc5tzi9f461.dll 2009-03-14 10:30 . 2009-03-14 10:30 10331 ----a-w c:\windows\18957not-a-vzr596c9.bin 2009-03-14 03:08 . 2009-03-14 03:08 12120 ----a-w c:\windows\e005hreaz9782.exe 2009-03-12 04:52 . 2009-03-12 04:52 10310 ----a-w c:\windows\4ec7spywar5998z.exe 2009-03-11 10:05 . 2009-03-11 10:05 7734 ----a-w c:\windows\system32\14253hzckt5ole9.dll 2009-03-10 12:19 . 2009-03-10 12:19 12081 ----a-w c:\windows\9501szy19f.exe 2009-03-10 03:49 . 2009-03-10 03:49 11008 ----a-w c:\windows\system32\25d7threat1z3849.dll 2009-03-08 23:30 . 2009-03-08 23:30 14471 ----a-w c:\windows\system32\57d9a5dware16z9.dll 2009-03-07 21:49 . 2009-03-07 21:49 9062 ----a-w c:\windows\292z5hacktoo57b9.exe 2009-03-04 10:06 . 2009-03-04 10:06 8002 ----a-w c:\windows\system32\117035pz879.bin 2009-03-03 04:46 . 2009-04-16 23:06 3599328 ----a-w c:\windows\system32\ntkrnlpa.exe 2009-03-03 04:46 . 2009-04-16 23:06 3547632 ----a-w c:\windows\system32\ntoskrnl.exe 2009-03-03 04:40 . 2009-04-16 23:06 827392 ----a-w c:\windows\system32\wininet.dll 2009-03-03 04:39 . 2009-04-16 23:06 183296 ----a-w c:\windows\system32\sdohlp.dll 2009-03-03 04:39 . 2009-04-16 23:06 551424 ----a-w c:\windows\system32\rpcss.dll 2009-03-03 04:39 . 2009-04-16 23:06 26112 ----a-w c:\windows\system32\printfilterpipelineprxy.dll 2009-03-03 04:37 . 2009-04-16 23:06 78336 ----a-w c:\windows\system32\ieencode.dll 2009-03-03 04:37 . 2009-04-16 23:06 98304 ----a-w c:\windows\system32\iasrecst.dll 2009-03-03 04:37 . 2009-04-16 23:06 54784 ----a-w c:\windows\system32\iasads.dll 2009-03-03 04:37 . 2009-04-16 23:06 44032 ----a-w c:\windows\system32\iasdatastore.dll 2009-03-03 03:04 . 2009-04-16 23:06 666624 ----a-w c:\windows\system32\printfilterpipelinesvc.exe 2009-03-03 02:38 . 2009-04-16 23:06 17408 ----a-w c:\windows\system32\iashost.exe 2009-03-03 02:28 . 2009-04-16 23:06 26624 ----a-w c:\windows\system32\ieUnatt.exe 2009-03-01 08:42 . 2009-03-01 08:42 12914 ----a-w c:\windows\530eadd9ar5330z.bin 2009-02-28 22:13 . 2009-02-28 22:13 17233 ----a-w c:\windows\system32\41a4do5nzoa9er1890.dll 2009-02-23 12:19 . 2009-02-23 12:19 8689 ----a-w c:\windows\system32\4692addw95ez21.bin 2009-02-23 10:38 . 2009-02-23 10:38 15082 ----a-w c:\windows\265599roz8d.bin 2009-02-21 09:43 . 2009-02-21 09:43 16854 ----a-w c:\windows\8z4dow5loader9589.dll 2009-02-19 14:46 . 2009-02-19 14:46 7263 ----a-w c:\windows\19z51tr9jf6.exe 2009-02-17 19:54 . 2009-02-17 19:54 17066 ----a-w c:\windows\system32\73309o5-a-virus300z.bin 2008-04-23 11:10 . 2006-11-02 12:50 174 --sha-w c:\program files\desktop.ini . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2008-01-19 1233920] "WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240] "setup2.exe"="c:\windows\system32\setup2.exe" [2009-05-08 1097216] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ISBMgr.exe"="c:\program files\Sony\ISB Utility\ISBMgr.exe" [2007-01-23 321656] "VAIOSecurity"="c:\program files\Sony\VAIO Security Center\VSC.exe" [2006-11-28 2150400] "VAIOSurvey"="c:\program files\Sony\VAIO Survey\Vista VAIO Survey.exe" [2006-12-07 577536] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2007-01-23 98304] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2007-01-23 106496] "Persistence"="c:\windows\system32\igfxpers.exe" [2007-01-23 81920] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696] "RtHDVCpl"="RtHDVCpl.exe" - c:\windows\RtHDVCpl.exe [2007-02-05 4317184] c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ AutoUpdate Monitor.lnk - c:\program files\Sophos\AutoUpdate\ALMon.exe [2008-12-23 245760] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\VESWinlogon] 2007-02-13 23:19 98304 ----a-w c:\windows\System32\VESWinlogon.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SAVService] @="service" [HKEY_LOCAL_MACHINE\software\microsoft\security center] "UacDisableNotify"=dword:00000001 "InternetSettingsDisableNotify"=dword:00000001 "AutoUpdateDisableNotify"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules] "{0D908A6A-8B59-413C-96A3-A6178B37FEEC}"= Disabled:UDP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{150E4815-F35A-4ABA-B4D4-2DAD1AB0607B}"= Disabled:TCP:c:\program files\Sony\VAIO Media 6.0\Vc.exe:[VAIO Media] VAIO Media "{EF47C772-EB79-4628-BF74-EF25FA0E7763}"= UDP:c:\program files\BitTorrent_DNA\dna.exe:BitTorrent DNA "{7FFFC259-F1E4-4584-9771-D8DE90D704E5}"= TCP:c:\program files\BitTorrent_DNA\dna.exe:BitTorrent DNA "{16F970F0-D9C8-4647-B120-5613E95C13F2}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{3F2E88E8-0EDD-4C17-BA79-2404FE68527E}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent "{7C52B0D6-1C49-4C58-AE4A-E46C1A57747F}"= TCP:6004|c:\program files\Microsoft Office\Office12\outlook.exe:Microsoft Office Outlook "{8FF6D178-32C6-46AB-86A8-B89762ADFDEE}"= UDP:c:\program files\Sophos\Sophos Anti-Virus\SavMain.exe:Sophos Anti-Virus "{C751740B-4342-464D-B307-C8F9AD99F5A2}"= TCP:c:\program files\Sophos\Sophos Anti-Virus\SavMain.exe:Sophos Anti-Virus "TCP Query User{036E6A2B-C8D3-4035-B004-692449F1200E}c:\\users\\neeraj tohan\\program files\\bittorrent_dna\\dna.exe"= UDP:c:\users\neeraj tohan\program files\bittorrent_dna\dna.exe:dna.exe "UDP Query User{3B612F29-2098-42B5-875E-CC53CF997984}c:\\users\\neeraj tohan\\program files\\bittorrent_dna\\dna.exe"= TCP:c:\users\neeraj tohan\program files\bittorrent_dna\dna.exe:dna.exe "{48B72195-4F69-4CB1-AA9F-F4542E60F888}"= UDP:c:\program files\Windows Mail\WinMail.exe:Windows Mail "{B0AD0909-BA9C-4177-81B4-BA84A8023C3E}"= TCP:c:\program files\Windows Mail\WinMail.exe:Windows Mail "TCP Query User{C3716EEE-B444-4308-AF4C-32B8112E004B}c:\\program files\\skype\\phone\\skype.exe"= UDP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "UDP Query User{CCCF05DF-4B94-4F9C-AE22-A126BDE24085}c:\\program files\\skype\\phone\\skype.exe"= TCP:c:\program files\skype\phone\skype.exe:Skype. Take a deep breath "{84769E51-85C1-43A8-92D5-C4841314F1A1}"= UDP:c:\windows\System32\muzapp.exe:MUZ AOD APP player "{E2823AA4-FB8A-4AEA-B1F3-A3EACFFD581C}"= TCP:c:\windows\System32\muzapp.exe:MUZ AOD APP player "TCP Query User{4D3C69B4-E22F-455D-9B41-163DFEF8C10E}c:\\program files\\sopcast\\adv\\sopadver.exe"= UDP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver "UDP Query User{1D14BCEE-C21C-4227-A617-A8587A5AE690}c:\\program files\\sopcast\\adv\\sopadver.exe"= TCP:c:\program files\sopcast\adv\sopadver.exe:SopCast Adver "{78EBB253-8529-4C2A-9C74-46BDB6FB4DDD}"= UDP:c:\program files\VideoLAN\VLC\vlc.exe:VLC media player "{EA8EAD51-922F-4E0A-B045-8FE54CD7139B}"= TCP:c:\program files\VideoLAN\VLC\vlc.exe:VLC media player "TCP Query User{734D3D8E-1EEA-46D1-AA12-65D639FBD9B3}c:\\program files\\sopcast\\sopcast.exe"= UDP:c:\program files\sopcast\sopcast.exe:SopCast Main Application "UDP Query User{4069FFFF-7C42-4893-9031-181E424459F6}c:\\program files\\sopcast\\sopcast.exe"= TCP:c:\program files\sopcast\sopcast.exe:SopCast Main Application "TCP Query User{0105C381-8E43-4049-A768-B555303FF55D}c:\\program files\\tvuplayer\\tvuplayer.exe"= UDP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component "UDP Query User{BB48F1FE-B94F-4D86-9777-C5449E9CD349}c:\\program files\\tvuplayer\\tvuplayer.exe"= TCP:c:\program files\tvuplayer\tvuplayer.exe:TVUPlayer Component "{515034EF-8338-4776-8EBE-3E42E98EB920}"= UDP:990:LocalSubnet:LocalSubnet|IF={4A5D6528-09CA-4108-8A20-C1BEEC001259}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdSync.exe,-4001 "{2264913D-4588-4585-8BE0-DA20FDF7732C}"= UDP:5721:LocalSubnet:LocalSubnet|IF={4A5D6528-09CA-4108-8A20-C1BEEC001259}:@%systemroot%\WindowsMobile\wmdc.exe,-4002 "{51D9348C-4922-44E8-B978-B01A2A274D83}"= UDP:1034:LocalSubnet:LocalSubnet|IF={4A5D6528-09CA-4108-8A20-C1BEEC001259}:@%systemroot%\WindowsMobile\wmdc.exe,-4003 "{9E58903A-FD2B-416C-A62F-B3E76AD8D169}"= UDP:5678:LocalSubnet:LocalSubnet|IF={4A5D6528-09CA-4108-8A20-C1BEEC001259}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4004 "{395F1634-96E3-4918-BB3B-52C1E51876CC}"= UDP:999:LocalSubnet:LocalSubnet|IF={4A5D6528-09CA-4108-8A20-C1BEEC001259}|%systemroot%\WindowsMobile\wmdHost.exe:@%systemroot%\WindowsMobile\wmdc.exe,-4005 "{2DD01A86-B1DF-4DBF-9B17-8B0122651936}"= UDP:26675:LocalSubnet:LocalSubnet|IF={4A5D6528-09CA-4108-8A20-C1BEEC001259}:@%systemroot%\WindowsMobile\wmdc.exe,-4006 "{0DBFBE16-E2AD-42D5-A160-79ED5ED103A8}"= UDP:990:LocalSubnet:LocalSubnet|IF={4A5D6528-09CA-4108-8A20-C1BEEC001259}|%SystemRoot%\system32\svchost.exe|Svc=rapimgr:@%systemroot%\WindowsMobile\wmdc.exe,-4001 "TCP Query User{B86C6D73-9453-4B53-8022-373D5B52EA6B}c:\\program files\\bittorrent\\bittorrent.exe"= UDP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "UDP Query User{7C242A2E-6C6C-4C13-BB6F-F2A6C5677FAF}c:\\program files\\bittorrent\\bittorrent.exe"= TCP:c:\program files\bittorrent\bittorrent.exe:BitTorrent "{702CF430-B6B7-4FAF-AD68-FC11EA8679E5}"= UDP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (TCP-In) "{17AA34D6-9D8D-4154-8A82-FA20743DACD8}"= TCP:c:\program files\BitTorrent\bittorrent.exe:BitTorrent (UDP-In) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\StandardProfile\AuthorizedApplications\List] "c:\\Program Files\\BitTorrent\\bittorrent.exe"= c:\program files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent R1 SAVOnAccess;SAVOnAccess;c:\windows\System32\drivers\savonaccess.sys [20/04/2009 17:59 93192] R2 MSSQL$VAIO_VEDB;SQL Server (VAIO_VEDB);c:\program files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [24/11/2008 22:31 29263712] R2 SAVAdminService;Sophos Anti-Virus status reporter;c:\program files\Sophos\Sophos Anti-Virus\SAVAdminService.exe [22/09/2008 12:18 69632] R3 ti21sony;ti21sony;c:\windows\System32\drivers\ti21sony.sys [23/04/2007 08:29 812544] S2 gupdate1c9c168f65895d0;Google Update Service (gupdate1c9c168f65895d0);c:\program files\Google\Update\GoogleUpdate.exe [19/04/2009 23:34 133104] S2 SAVService;Sophos Anti-Virus;c:\program files\Sophos\Sophos Anti-Virus\SavService.exe [21/08/2008 13:04 98304] S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:\program files\Sony\VAIO Media Integrated Server\UCLS.exe [10/05/2007 02:05 745472] S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:\program files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe [10/05/2007 02:05 397312] S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:\program files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe [10/05/2007 02:05 1089536] S4 SophosBootDriver;SophosBootDriver;c:\windows\System32\drivers\SophosBootDriver.sys [08/05/2009 00:27 20288] --- Other Services/Drivers In Memory --- *Deregistered* - DwShield0000530B [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] WindowsMobile REG_MULTI_SZ wcescomm rapimgr LocalServiceRestricted REG_MULTI_SZ WcesComm RapiMgr bthsvcs REG_MULTI_SZ BthServ . Contents of the 'Scheduled Tasks' folder 2009-05-17 c:\windows\Tasks\GoogleUpdateTaskMachine.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-04-20 03:34] 2009-01-01 c:\windows\Tasks\Vaio Service Utility.job - c:\program files\Sony\Vaio Service Utility\VAIO-SU.exe [2007-02-16 12:34] . - - - - ORPHANS REMOVED - - - - HKLM-Run-WiniBlueSoft - c:\program files\WiniBlueSoft Software\WiniBlueSoft\WiniBlueSoft.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.ca/ IE: Append to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert link target to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert link target to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert selected links to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html IE: Convert selected links to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html IE: Convert selection to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html IE: Convert selection to existing PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html IE: Convert to Adobe PDF - c:\program files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-17 16:17 Windows 6.0.6001 Service Pack 1 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . Completion time: 2009-05-17 16:19 ComboFix-quarantined-files.txt 2009-05-17 20:19 Pre-Run: 13,556,875,264 bytes free Post-Run: 13,452,910,592 bytes free 345 --- E O F --- 2009-04-21 05:19 |
|
|
|
|
May 18 2009, 02:34 AM
Post
#7
|
|
|
Trusted Helper Posts: 1,861 From: The Netherlands OS: Windows XP/Vista Dualboot |
Hello lucky-g,
You have installed two antivirus programs. The problem is that two virusscanners will interfere with each other resulting in a less stable system and less protection. I recommand you to uninstall Sophos Antivirus or Antivir Personal Edition. Download OTScanIt2.exe to your Desktop and double-click on it to extract the files. It will create a folder named OTScanIt2 on your desktop.
Use the Add Reply button and post the information back here in an attachment. I will review it when it comes in. The last line is < End of Report >, so make sure that is the last line in the attached report. Make sure you attach the report in your reply. If it is too big to upload, then zip the text file and upload it that way Thunderbird1988 This post has been edited by Thunderbird1988: May 18 2009, 02:36 AM |
|
|
|
|
May 18 2009, 11:42 AM
Post
#8
|
|
|
Member Posts: 76 From: Toronto OS: xp sp3, vista sp1 |
Hi Thunderbird1988, hope you are doing well!
It's starting to look and respond a lot better, thanks! Okay, about the AV's, I uninstalled Antivir Personal Edition and Spybot Search and Destroy approximately a year ago. I ran searches including hidden files and cannot find them. The Sophos I am running will be coming to an end in a couple of months. Which AV do you recommend and are currently using?
Attached File(s)
|
|
|
|
|
May 18 2009, 12:54 PM
Post
#9
|
|
|
Trusted Helper Posts: 1,861 From: The Netherlands OS: Windows XP/Vista Dualboot |
Start OTScanIt2. Copy/Paste the information in the quotebox below into the panel where it says "Paste fix here" and then click the Run Fix button.
QUOTE [Kill Explorer] [Unregister Dlls] [Registry - Safe List] < Run [HKEY_CURRENT_USER\] > -> HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run YY -> "setup2.exe" -> %SystemRoot%\system32\setup2.exe [C:\Windows\system32\setup2.exe] [Files/Folders - Created Within 30 Days] NY -> 4c5zbackdoo92804.bin -> %SystemRoot%\System32\4c5zbackdoo92804.bin NY -> 353czpy59re2933.dll -> %SystemRoot%\System32\353czpy59re2933.dll NY -> 6037not-a-viru945z.bin -> %SystemRoot%\System32\6037not-a-viru945z.bin NY -> 29215spzmbot3bb.bin -> %SystemRoot%\29215spzmbot3bb.bin NY -> 55z0worm3d9.cpl -> %SystemRoot%\55z0worm3d9.cpl NY -> 7z6e5hief1917.bin -> %SystemRoot%\System32\7z6e5hief1917.bin NY -> 90878tr5j8z.ocx -> %SystemRoot%\System32\90878tr5j8z.ocx NY -> 5919v5r1396z.dll -> %SystemRoot%\5919v5r1396z.dll NY -> 23761vz9u5b7.ocx -> %SystemRoot%\23761vz9u5b7.ocx NY -> 7963sparse5z9.cpl -> %SystemRoot%\System32\7963sparse5z9.cpl NY -> 24054h59ktozl3db.bin -> %SystemRoot%\24054h59ktozl3db.bin NY -> 1225do5nl9ader287z.exe -> %SystemRoot%\1225do5nl9ader287z.exe NY -> 75z3t5re9t2847.cpl -> %SystemRoot%\System32\75z3t5re9t2847.cpl NY -> 1569zspy152.bin -> %SystemRoot%\System32\1569zspy152.bin NY -> a9fdownzoad592262.cpl -> %SystemRoot%\System32\a9fdownzoad592262.cpl NY -> 45e09z5eat9856.exe -> %SystemRoot%\45e09z5eat9856.exe NY -> 2f93thzeat56625.dll -> %SystemRoot%\2f93thzeat56625.dll NY -> 7951downloader19z95.exe -> %SystemRoot%\7951downloader19z95.exe NY -> 15047not-5-9iruz33a.exe -> %SystemRoot%\System32\15047not-5-9iruz33a.exe NY -> 25292spz5fb9.bin -> %SystemRoot%\System32\25292spz5fb9.bin NY -> 4053threat98047z.dll -> %SystemRoot%\System32\4053threat98047z.dll NY -> 39599irzs43d.exe -> %SystemRoot%\39599irzs43d.exe NY -> 422zs5yware2195.bin -> %SystemRoot%\System32\422zs5yware2195.bin NY -> 5a25steaz936.cpl -> %SystemRoot%\5a25steaz936.cpl NY -> 256fspyw9re960z.cpl -> %SystemRoot%\256fspyw9re960z.cpl NY -> 55bzs5arse2917.ocx -> %SystemRoot%\55bzs5arse2917.ocx NY -> 9497zviru5453.ocx -> %SystemRoot%\System32\9497zviru5453.ocx NY -> 194aszeal9545.ocx -> %SystemRoot%\System32\194aszeal9545.ocx NY -> 5868z9dware475.bin -> %SystemRoot%\System32\5868z9dware475.bin NY -> z0377w5r972c.cpl -> %SystemRoot%\System32\z0377w5r972c.cpl NY -> ze01downl5ader93.dll -> %SystemRoot%\System32\ze01downl5ader93.dll NY -> 6142ha5ktooz697.cpl -> %SystemRoot%\6142ha5ktooz697.cpl NY -> zeecsparse5129.exe -> %SystemRoot%\System32\zeecsparse5129.exe NY -> 26922tro53z89.exe -> %SystemRoot%\System32\26922tro53z89.exe NY -> 7029z5rus99.ocx -> %SystemRoot%\System32\7029z5rus99.ocx NY -> 3592th5ef2239z.exe -> %SystemRoot%\System32\3592th5ef2239z.exe NY -> 9a9z95ware1744.cpl -> %SystemRoot%\9a9z95ware1744.cpl NY -> 31195nzt-5-virus9fc.bin -> %SystemRoot%\31195nzt-5-virus9fc.bin NY -> 4fe1stzal56029.ocx -> %SystemRoot%\4fe1stzal56029.ocx NY -> 1f795zyware2644.dll -> %SystemRoot%\System32\1f795zyware2644.dll NY -> 8810s5am9ot4dz.exe -> %SystemRoot%\8810s5am9ot4dz.exe NY -> 59cthief26z7.bin -> %SystemRoot%\System32\59cthief26z7.bin NY -> 1cfz5a9kdoor1867.ocx -> %SystemRoot%\1cfz5a9kdoor1867.ocx NY -> 12507tr9z1ce.ocx -> %SystemRoot%\System32\12507tr9z1ce.ocx NY -> 3dbbs5eaz1669.cpl -> %SystemRoot%\System32\3dbbs5eaz1669.cpl NY -> 25d3download5910z7.ocx -> %SystemRoot%\25d3download5910z7.ocx NY -> 4f4159dwzre1800.cpl -> %SystemRoot%\4f4159dwzre1800.cpl NY -> 3054z5irus9c2.exe -> %SystemRoot%\System32\3054z5irus9c2.exe NY -> 51z69spy59b.cpl -> %SystemRoot%\51z69spy59b.cpl NY -> 3aa7zddw5re9730.bin -> %SystemRoot%\System32\3aa7zddw5re9730.bin NY -> acftzre5t94699.exe -> %SystemRoot%\acftzre5t94699.exe NY -> 55945troj7c5z.bin -> %SystemRoot%\55945troj7c5z.bin NY -> 599athiefz119.exe -> %SystemRoot%\System32\599athiefz119.exe NY -> 2781659zj619.dll -> %SystemRoot%\2781659zj619.dll NY -> 10891virzs17f5.ocx -> %SystemRoot%\10891virzs17f5.ocx NY -> 6z039pam5ot6d3.bin -> %SystemRoot%\System32\6z039pam5ot6d3.bin NY -> 2c02sp5zse2929.dll -> %SystemRoot%\2c02sp5zse2929.dll NY -> z3659virus758.ocx -> %SystemRoot%\z3659virus758.ocx NY -> 9950troj6fz.exe -> %SystemRoot%\9950troj6fz.exe NY -> 2d66downloa59rz225.ocx -> %SystemRoot%\System32\2d66downloa59rz225.ocx NY -> 7d27vir23z95.cpl -> %SystemRoot%\System32\7d27vir23z95.cpl NY -> 6z4t9oj3bf5.dll -> %SystemRoot%\System32\6z4t9oj3bf5.dll NY -> 35559ddwaze2512.dll -> %SystemRoot%\35559ddwaze2512.dll NY -> 4395spazbot7d05.exe -> %SystemRoot%\System32\4395spazbot7d05.exe NY -> 301509ot-a-v5rus292z.cpl -> %SystemRoot%\System32\301509ot-a-v5rus292z.cpl NY -> 5zccspy9are389.exe -> %SystemRoot%\System32\5zccspy9are389.exe NY -> 24519not-a59irzs4de.ocx -> %SystemRoot%\24519not-a59irzs4de.ocx NY -> 19610wo954zf.exe -> %SystemRoot%\19610wo954zf.exe NY -> b9dth5eat122z.cpl -> %SystemRoot%\System32\b9dth5eat122z.cpl NY -> 355zspywar92442.cpl -> %SystemRoot%\System32\355zspywar92442.cpl NY -> 43a1zh9ef5949.ocx -> %SystemRoot%\System32\43a1zh9ef5949.ocx NY -> 53eebacz9oor2951.exe -> %SystemRoot%\53eebacz9oor2951.exe NY -> 10157worz839.exe -> %SystemRoot%\System32\10157worz839.exe NY -> 9161not-a-9iru59z.dll -> %SystemRoot%\System32\9161not-a-9iru59z.dll NY -> 558cst9zl16.dll -> %SystemRoot%\558cst9zl16.dll NY -> z50995acktoolc3.bin -> %SystemRoot%\System32\z50995acktoolc3.bin NY -> 15898notza-virus4d2.exe -> %SystemRoot%\System32\15898notza-virus4d2.exe NY -> b5aba5kzo9r492.exe -> %SystemRoot%\b5aba5kzo9r492.exe NY -> 5591vir277z9.bin -> %SystemRoot%\5591vir277z9.bin NY -> 328v9r9z5.dll -> %SystemRoot%\328v9r9z5.dll NY -> 315629pambot1z2.bin -> %SystemRoot%\315629pambot1z2.bin NY -> 5859sparse123z.exe -> %SystemRoot%\System32\5859sparse123z.exe NY -> 7zc59pyware163.cpl -> %SystemRoot%\7zc59pyware163.cpl NY -> 3296downl5aderz103.ocx -> %SystemRoot%\System32\3296downl5aderz103.ocx NY -> 27616spzmbo59d2.dll -> %SystemRoot%\27616spzmbo59d2.dll NY -> 589astza51150.cpl -> %SystemRoot%\System32\589astza51150.cpl NY -> 15z49spambot69d.exe -> %SystemRoot%\15z49spambot69d.exe NY -> 31335zack59ol799.ocx -> %SystemRoot%\31335zack59ol799.ocx NY -> 6f79ad5wa9e1z18.exe -> %SystemRoot%\6f79ad5wa9e1z18.exe NY -> 7467sparz95115.cpl -> %SystemRoot%\System32\7467sparz95115.cpl NY -> 56zor975.exe -> %SystemRoot%\System32\56zor975.exe NY -> b6ethzeat15697.ocx -> %SystemRoot%\b6ethzeat15697.ocx NY -> 5z59vir135.bin -> %SystemRoot%\5z59vir135.bin NY -> 10az9i5144.bin -> %SystemRoot%\10az9i5144.bin NY -> 31954vir9sc5z.bin -> %SystemRoot%\31954vir9sc5z.bin NY -> 25952spy7z3.dll -> %SystemRoot%\System32\25952spy7z3.dll NY -> 96113not-a-virus65z.exe -> %SystemRoot%\96113not-a-virus65z.exe NY -> 8982hzckto5l31a.cpl -> %SystemRoot%\8982hzckto5l31a.cpl NY -> 52709acktzol4285.bin -> %SystemRoot%\52709acktzol4285.bin NY -> 28950worz53d5.cpl -> %SystemRoot%\System32\28950worz53d5.cpl NY -> 4707zhreat15591.dll -> %SystemRoot%\System32\4707zhreat15591.dll NY -> 47ffdo5nl9aderz587.exe -> %SystemRoot%\System32\47ffdo5nl9aderz587.exe NY -> 2169stez52927.cpl -> %SystemRoot%\System32\2169stez52927.cpl NY -> 10209wor51zf9.bin -> %SystemRoot%\System32\10209wor51zf9.bin NY -> 12970hacktz9l5b7.cpl -> %SystemRoot%\12970hacktz9l5b7.cpl NY -> 1z85spyware879.dll -> %SystemRoot%\System32\1z85spyware879.dll NY -> 6z54sp9war51531.bin -> %SystemRoot%\System32\6z54sp9war51531.bin NY -> 26109wor57z49.cpl -> %SystemRoot%\26109wor57z49.cpl NY -> 255629roj3fz.exe -> %SystemRoot%\System32\255629roj3fz.exe NY -> 55steal3099z.bin -> %SystemRoot%\55steal3099z.bin NY -> z8396hackt59l49e.bin -> %SystemRoot%\z8396hackt59l49e.bin NY -> 7dddzhre9t54645.cpl -> %SystemRoot%\7dddzhre9t54645.cpl NY -> 26399s592zb.dll -> %SystemRoot%\System32\26399s592zb.dll NY -> 55579worz559.ocx -> %SystemRoot%\System32\55579worz559.ocx NY -> 715059z4aa.dll -> %SystemRoot%\715059z4aa.dll NY -> 1d9zspy59re1306.ocx -> %SystemRoot%\1d9zspy59re1306.ocx NY -> 1989thzef3546.dll -> %SystemRoot%\System32\1989thzef3546.dll NY -> 2z589hreat7973.exe -> %SystemRoot%\System32\2z589hreat7973.exe NY -> 1905ztr59479.dll -> %SystemRoot%\System32\1905ztr59479.dll NY -> 5ade9hief579z.exe -> %SystemRoot%\System32\5ade9hief579z.exe NY -> 295thzef1533.ocx -> %SystemRoot%\295thzef1533.ocx NY -> 1c49downloadzr5968.exe -> %SystemRoot%\System32\1c49downloadzr5968.exe NY -> 171215acktozl4149.exe -> %SystemRoot%\System32\171215acktozl4149.exe NY -> 12159ownloadzr11815.dll -> %SystemRoot%\12159ownloadzr11815.dll NY -> 2d5bst9alz56.exe -> %SystemRoot%\System32\2d5bst9alz56.exe NY -> 7559sp573z.bin -> %SystemRoot%\System32\7559sp573z.bin NY -> f5zaddw9re2365.exe -> %SystemRoot%\System32\f5zaddw9re2365.exe NY -> fz1vir5924.bin -> %SystemRoot%\fz1vir5924.bin NY -> 195zaddware1132.dll -> %SystemRoot%\System32\195zaddware1132.dll NY -> 10a9dow5lza9er2069.cpl -> %SystemRoot%\10a9dow5lza9er2069.cpl NY -> 14261not-a-virus95ez.bin -> %SystemRoot%\14261not-a-virus95ez.bin NY -> 798dzpar5e148.bin -> %SystemRoot%\System32\798dzpar5e148.bin NY -> 50899troj37z.bin -> %SystemRoot%\System32\50899troj37z.bin NY -> 129esparsez55.exe -> %SystemRoot%\System32\129esparsez55.exe NY -> 5762ad5war92z41.cpl -> %SystemRoot%\System32\5762ad5war92z41.cpl NY -> 52z69h5ef2970.bin -> %SystemRoot%\52z69h5ef2970.bin NY -> 27105s5y9z3.bin -> %SystemRoot%\27105s5y9z3.bin NY -> z536vir590.ocx -> %SystemRoot%\System32\z536vir590.ocx NY -> 6284vir930z5.exe -> %SystemRoot%\System32\6284vir930z5.exe NY -> 29859virus581z.ocx -> %SystemRoot%\29859virus581z.ocx NY -> 265zs5ea9541.bin -> %SystemRoot%\System32\265zs5ea9541.bin NY -> 2244h5zktool7a79.dll -> %SystemRoot%\System32\2244h5zktool7a79.dll NY -> 232979ackto5z494.bin -> %SystemRoot%\232979ackto5z494.bin NY -> 285z1virus319.exe -> %SystemRoot%\285z1virus319.exe NY -> 1989zspa9bo5721.exe -> %SystemRoot%\System32\1989zspa9bo5721.exe NY -> 2908zvirus359.dll -> %SystemRoot%\2908zvirus359.dll NY -> 5e15th5eat296z0.exe -> %SystemRoot%\System32\5e15th5eat296z0.exe NY -> 5a59backdzor3143.cpl -> %SystemRoot%\5a59backdzor3143.cpl NY -> z558virus592.cpl -> %SystemRoot%\z558virus592.cpl NY -> 100639ot-a-virus5z3.ocx -> %SystemRoot%\100639ot-a-virus5z3.ocx NY -> 5564not-a9zirus118.cpl -> %SystemRoot%\System32\5564not-a9zirus118.cpl NY -> 44fbthre5t729z.bin -> %SystemRoot%\44fbthre5t729z.bin NY -> 323z9ha5ktool3e19.exe -> %SystemRoot%\System32\323z9ha5ktool3e19.exe NY -> 91ezp9ware5809.dll -> %SystemRoot%\System32\91ezp9ware5809.dll NY -> 26369s5y2z7.bin -> %SystemRoot%\26369s5y2z7.bin NY -> 2f93thief1563z.dll -> %SystemRoot%\2f93thief1563z.dll NY -> 5f01backdooz926.ocx -> %SystemRoot%\5f01backdooz926.ocx NY -> 224et5ief955z.bin -> %SystemRoot%\224et5ief955z.bin NY -> 590ds5zal3049.dll -> %SystemRoot%\590ds5zal3049.dll NY -> 9532zirus5c35.ocx -> %SystemRoot%\9532zirus5c35.ocx NY -> 20sparze19145.bin -> %SystemRoot%\20sparze19145.bin NY -> 4983s5az9ot37c.bin -> %SystemRoot%\System32\4983s5az9ot37c.bin NY -> 369zworm5789.exe -> %SystemRoot%\369zworm5789.exe NY -> 56z0download5r15929.bin -> %SystemRoot%\56z0download5r15929.bin NY -> 15704not-a-v95us7e9z.bin -> %SystemRoot%\System32\15704not-a-v95us7e9z.bin NY -> 2ef4doznloa9er5524.exe -> %SystemRoot%\2ef4doznloa9er5524.exe NY -> 2046tzr5at79.cpl -> %SystemRoot%\2046tzr5at79.cpl NY -> 50985pyware22z7.bin -> %SystemRoot%\System32\50985pyware22z7.bin NY -> 941zr5j139.exe -> %SystemRoot%\941zr5j139.exe NY -> 5d65addzare3049.ocx -> %SystemRoot%\5d65addzare3049.ocx NY -> 93ff5ir21z2.cpl -> %SystemRoot%\System32\93ff5ir21z2.cpl NY -> 79a0st59l17z4.bin -> %SystemRoot%\System32\79a0st59l17z4.bin NY -> 2157backdoo9670z.ocx -> %SystemRoot%\System32\2157backdoo9670z.ocx NY -> 5099th9ef19z0.cpl -> %SystemRoot%\5099th9ef19z0.cpl NY -> 33z9pyware552.ocx -> %SystemRoot%\33z9pyware552.ocx NY -> 5126viz9675.exe -> %SystemRoot%\System32\5126viz9675.exe NY -> 326b5zr593.exe -> %SystemRoot%\326b5zr593.exe NY -> za8ste5l2519.exe -> %SystemRoot%\za8ste5l2519.exe NY -> 27dfaddwa9e265z.ocx -> %SystemRoot%\27dfaddwa9e265z.ocx NY -> 15921z5y7ce9.bin -> %SystemRoot%\System32\15921z5y7ce9.bin NY -> 45e7downlozder54049.exe -> %SystemRoot%\45e7downlozder54049.exe NY -> OTScanIt2 -> %UserProfile%\Desktop\OTScanIt2 NY -> OTScanIt2.exe -> %UserProfile%\Desktop\OTScanIt2.exe NY -> 5a399ownzo5der3255.bin -> %SystemRoot%\System32\5a399ownzo5der3255.bin NY -> z12475py329.dll -> %SystemRoot%\z12475py329.dll NY -> 31275notz5-vir9s787.ocx -> %SystemRoot%\31275notz5-vir9s787.ocx NY -> 1z5449ot-a5virus382.bin -> %SystemRoot%\1z5449ot-a5virus382.bin NY -> 1z587troj955.dll -> %SystemRoot%\1z587troj955.dll NY -> 505zrus954.exe -> %SystemRoot%\System32\505zrus954.exe NY -> 68d2zte9l1507.ocx -> %SystemRoot%\System32\68d2zte9l1507.ocx NY -> 59z9spambot352.dll -> %SystemRoot%\59z9spambot352.dll NY -> savw76sasfx.exe -> %UserProfile%\Desktop\savw76sasfx.exe NY -> 70z9threat255875.bin -> %SystemRoot%\System32\70z9threat255875.bin NY -> 158daddware2z98.cpl -> %SystemRoot%\158daddware2z98.cpl NY -> z9b9s5yw9re1317.ocx -> %SystemRoot%\System32\z9b9s5yw9re1317.ocx NY -> 2348195zktool386.bin -> %SystemRoot%\System32\2348195zktool386.bin NY -> c1za5dware30419.cpl -> %SystemRoot%\c1za5dware30419.cpl NY -> 26543worz99.exe -> %SystemRoot%\System32\26543worz99.exe NY -> 524down9ozd5r48.bin -> %SystemRoot%\System32\524down9ozd5r48.bin NY -> 22512s9yz5f.ocx -> %SystemRoot%\System32\22512s9yz5f.ocx NY -> 90016z5y409.dll -> %SystemRoot%\90016z5y409.dll NY -> 2005tzreat23659.cpl -> %SystemRoot%\System32\2005tzreat23659.cpl NY -> 23949wor56e5z.exe -> %SystemRoot%\23949wor56e5z.exe NY -> 3839worm515z.cpl -> %SystemRoot%\3839worm515z.cpl NY -> 4ce5addwar92852z.ocx -> %SystemRoot%\4ce5addwar92852z.ocx NY -> 91609sp5mbot188z.ocx -> %SystemRoot%\91609sp5mbot188z.ocx NY -> 95z2troj92.ocx -> %SystemRoot%\System32\95z2troj92.ocx NY -> 2a74szyware945.exe -> %SystemRoot%\2a74szyware945.exe NY -> 69a9thi5f194z.cpl -> %SystemRoot%\69a9thi5f194z.cpl NY -> 5c57vi91z88.cpl -> %SystemRoot%\5c57vi91z88.cpl NY -> 3945spzrs928195.ocx -> %SystemRoot%\System32\3945spzrs928195.ocx NY -> 58133vizu915a.exe -> %SystemRoot%\58133vizu915a.exe NY -> 59e9bazkdoor1651.exe -> %SystemRoot%\59e9bazkdoor1651.exe NY -> 3458addwarez3195.dll -> %SystemRoot%\System32\3458addwarez3195.dll NY -> z515hief698.ocx -> %SystemRoot%\System32\z515hief698.ocx NY -> 291369rzj588.bin -> %SystemRoot%\System32\291369rzj588.bin NY -> 9689z5pambot205.bin -> %SystemRoot%\9689z5pambot205.bin NY -> 150evir19z4.bin -> %SystemRoot%\150evir19z4.bin NY -> 22521zorm39e.dll -> %SystemRoot%\System32\22521zorm39e.dll NY -> 32541sp9mbot3z3.bin -> %SystemRoot%\System32\32541sp9mbot3z3.bin NY -> 8714n9t-a-viruz45f.bin -> %SystemRoot%\8714n9t-a-viruz45f.bin NY -> 5fzavir9166.dll -> %SystemRoot%\System32\5fzavir9166.dll NY -> 17091not-azvi9us855.cpl -> %SystemRoot%\17091not-azvi9us855.cpl NY -> 2d45stza92504.bin -> %SystemRoot%\2d45stza92504.bin NY -> 21850spzmbot269.cpl -> %SystemRoot%\21850spzmbot269.cpl NY -> 972zspy576.ocx -> %SystemRoot%\972zspy576.ocx NY -> 73ebspyware9z765.cpl -> %SystemRoot%\System32\73ebspyware9z765.cpl NY -> 24893spz33b5.ocx -> %SystemRoot%\System32\24893spz33b5.ocx NY -> 5a73addwarez989.ocx -> %SystemRoot%\5a73addwarez989.ocx NY -> zc739pars52346.cpl -> %SystemRoot%\System32\zc739pars52346.cpl NY -> zdb5ba59door1676.exe -> %SystemRoot%\zdb5ba59door1676.exe NY -> 556bthreat116z59.ocx -> %SystemRoot%\System32\556bthreat116z59.ocx NY -> b92backdoor25z.cpl -> %SystemRoot%\b92backdoor25z.cpl NY -> z189vir55.exe -> %SystemRoot%\z189vir55.exe NY -> 66d5downloaderz7789.bin -> %SystemRoot%\System32\66d5downloaderz7789.bin NY -> 23f1bazk9oor9815.ocx -> %SystemRoot%\System32\23f1bazk9oor9815.ocx NY -> 2425zwo9533c.dll -> %SystemRoot%\2425zwo9533c.dll NY -> 6135tzoj2209.cpl -> %SystemRoot%\6135tzoj2209.cpl NY -> 31z90tro53ae9.ocx -> %SystemRoot%\31z90tro53ae9.ocx NY -> 9694z5irus5c7.ocx -> %SystemRoot%\9694z5irus5c7.ocx NY -> 28662ha5k9ooz728.bin -> %SystemRoot%\28662ha5k9ooz728.bin NY -> 5903zteal2125.exe -> %SystemRoot%\System32\5903zteal2125.exe NY -> 15689tr9j2bz.dll -> %SystemRoot%\System32\15689tr9j2bz.dll NY -> z607not-9-vir5s1ff.exe -> %SystemRoot%\z607not-9-vir5s1ff.exe NY -> 16695spz5559.exe -> %SystemRoot%\System32\16695spz5559.exe NY -> 95121v5rus18az.ocx -> %SystemRoot%\95121v5rus18az.ocx NY -> 17990t5oj6z.bin -> %SystemRoot%\System32\17990t5oj6z.bin NY -> 4967thre5t310z1.bin -> %SystemRoot%\4967thre5t310z1.bin NY -> 2z819w9rm385.dll -> %SystemRoot%\System32\2z819w9rm385.dll NY -> 95c5sparz5585.cpl -> %SystemRoot%\95c5sparz5585.cpl NY -> 789ebaczdo5r824.ocx -> %SystemRoot%\System32\789ebaczdo5r824.ocx NY -> 25194hack9ool2z5.cpl -> %SystemRoot%\System32\25194hack9ool2z5.cpl NY -> 28692s5z2b59.exe -> %SystemRoot%\System32\28692s5z2b59.exe NY -> 459zworm769.cpl -> %SystemRoot%\459zworm769.cpl NY -> z7ee9pyware1445.exe -> %SystemRoot%\System32\z7ee9pyware1445.exe NY -> 4bez9i5f84.bin -> %SystemRoot%\System32\4bez9i5f84.bin NY -> z916vir24455.exe -> %SystemRoot%\System32\z916vir24455.exe NY -> 4279th5ef1z70.ocx -> %SystemRoot%\4279th5ef1z70.ocx NY -> 75f4threa9z8144.exe -> %SystemRoot%\System32\75f4threa9z8144.exe NY -> 133559orz481.exe -> %SystemRoot%\133559orz481.exe NY -> 11325not-a-9irus7ez5.bin -> %SystemRoot%\11325not-a-9irus7ez5.bin NY -> 5175thizf2950.bin -> %SystemRoot%\System32\5175thizf2950.bin NY -> 5b58download9r2044z.exe -> %SystemRoot%\System32\5b58download9r2044z.exe NY -> 339zthrea5314.ocx -> %SystemRoot%\System32\339zthrea5314.ocx NY -> 195irz998.exe -> %SystemRoot%\System32\195irz998.exe NY -> 349f5hrzat4925.exe -> %SystemRoot%\System32\349f5hrzat4925.exe NY -> 555v9z1225.exe -> %SystemRoot%\System32\555v9z1225.exe NY -> 147869rzj495.cpl -> %SystemRoot%\147869rzj495.cpl NY -> 5522t9iefz079.dll -> %SystemRoot%\System32\5522t9iefz079.dll NY -> 258z5wo9m61b.ocx -> %SystemRoot%\System32\258z5wo9m61b.ocx NY -> 50f4thrza513943.dll -> %SystemRoot%\System32\50f4thrza513943.dll NY -> 1459t9izf38.exe -> %SystemRoot%\1459t9izf38.exe NY -> 219z4hackt9o5519.dll -> %SystemRoot%\System32\219z4hackt9o5519.dll NY -> 16044ha9kzoo55bc.dll -> %SystemRoot%\System32\16044ha9kzoo55bc.dll NY -> 59382not-azvirus2b9.bin -> %SystemRoot%\59382not-azvirus2b9.bin NY -> 49fespywaze3542.bin -> %SystemRoot%\System32\49fespywaze3542.bin NY -> z2555tr9jdd.dll -> %SystemRoot%\z2555tr9jdd.dll NY -> 2738no5-a-9izus302.dll -> %SystemRoot%\2738no5-a-9izus302.dll NY -> 251z5worm957.exe -> %SystemRoot%\System32\251z5worm957.exe NY -> z5096vi9us578.cpl -> %SystemRoot%\z5096vi9us578.cpl NY -> 2ac0t95ef766z.cpl -> %SystemRoot%\2ac0t95ef766z.cpl NY -> 3891stzal12615.cpl -> %SystemRoot%\System32\3891stzal12615.cpl NY -> 7d79d5wnloazer2592.ocx -> %SystemRoot%\System32\7d79d5wnloazer2592.ocx NY -> 18925not-a-virzs9b4.exe -> %SystemRoot%\18925not-a-virzs9b4.exe NY -> 1f5atzi5f9809.ocx -> %SystemRoot%\System32\1f5atzi5f9809.ocx NY -> 19646not-9-vir5s3bez.cpl -> %SystemRoot%\System32\19646not-9-vir5s3bez.cpl NY -> 109cdow5loaze9868.cpl -> %SystemRoot%\System32\109cdow5loaze9868.cpl NY -> 5692steal2z9.bin -> %SystemRoot%\System32\5692steal2z9.bin NY -> 696s5ywarez4899.exe -> %SystemRoot%\System32\696s5ywarez4899.exe NY -> 29999vi5uszb5.cpl -> %SystemRoot%\29999vi5uszb5.cpl NY -> a65vir232z9.exe -> %SystemRoot%\a65vir232z9.exe NY -> 20767not-a9virzs54f.bin -> %SystemRoot%\20767not-a9virzs54f.bin NY -> 55809aczdoor1163.ocx -> %SystemRoot%\55809aczdoor1163.ocx NY -> 215z49py7b5.ocx -> %SystemRoot%\215z49py7b5.ocx NY -> z95evir9569.ocx -> %SystemRoot%\System32\z95evir9569.ocx NY -> 5699not-a-vzrus35.exe -> %SystemRoot%\5699not-a-vzrus35.exe NY -> 3aa9sp5waze1735.bin -> %SystemRoot%\3aa9sp5waze1735.bin NY -> 24z48spa9b5t519.exe -> %SystemRoot%\24z48spa9b5t519.exe NY -> 3985s9yware88z.bin -> %SystemRoot%\System32\3985s9yware88z.bin NY -> 6bzcdownlo95er1626.ocx -> %SystemRoot%\6bzcdownlo95er1626.ocx NY -> z7375not9a-virusb.cpl -> %SystemRoot%\z7375not9a-virusb.cpl NY -> 3z54downloader3199.cpl -> %SystemRoot%\System32\3z54downloader3199.cpl NY -> z50dvir9033.cpl -> %SystemRoot%\System32\z50dvir9033.cpl NY -> 2de8stealz9955.ocx -> %SystemRoot%\2de8stealz9955.ocx NY -> 3950sparsz2967.bin -> %SystemRoot%\System32\3950sparsz2967.bin NY -> 1563downloazer9895.cpl -> %SystemRoot%\1563downloazer9895.cpl NY -> 8179teal1553z.exe -> %SystemRoot%\8179teal1553z.exe NY -> 1b95backdozr1965.exe -> %SystemRoot%\System32\1b95backdozr1965.exe NY -> 389th5zf967.exe -> %SystemRoot%\389th5zf967.exe NY -> z25dt9ief2585.dll -> %SystemRoot%\System32\z25dt9ief2585.dll NY -> 33235o9z26f.dll -> %SystemRoot%\System32\33235o9z26f.dll NY -> 24957h59ktzol3ca.dll -> %SystemRoot%\System32\24957h59ktzol3ca.dll NY -> 5065spzrse119.ocx -> %SystemRoot%\System32\5065spzrse119.ocx NY -> 7395viz998.bin -> %SystemRoot%\7395viz998.bin NY -> 1810bzckdo5r2093.ocx -> %SystemRoot%\System32\1810bzckdo5r2093.ocx NY -> 307049pzmbo569b.bin -> %SystemRoot%\System32\307049pzmbo569b.bin NY -> setup2.exe -> %SystemRoot%\System32\setup2.exe NY -> 2493steal24z05.bin -> %SystemRoot%\System32\2493steal24z05.bin NY -> 8523wormz97.dll -> %SystemRoot%\8523wormz97.dll NY -> 54cabackd5or79z.ocx -> %SystemRoot%\54cabackd5or79z.ocx NY -> 25559n9t-a-vizus11f.cpl -> %SystemRoot%\25559n9t-a-vizus11f.cpl NY -> z9523hackt9ol565.cpl -> %SystemRoot%\z9523hackt9ol565.cpl NY -> 47e8sp9zse2537.dll -> %SystemRoot%\System32\47e8sp9zse2537.dll NY -> 53416hackto9l29cz.cpl -> %SystemRoot%\53416hackto9l29cz.cpl NY -> 5129vir222z.exe -> %SystemRoot%\5129vir222z.exe NY -> 155z9orm543.bin -> %SystemRoot%\System32\155z9orm543.bin NY -> 2570ad9ware3015z.cpl -> %SystemRoot%\System32\2570ad9ware3015z.cpl NY -> 59z25not-a9virus606.cpl -> %SystemRoot%\System32\59z25not-a9virus606.cpl NY -> 17835viz59155.dll -> %SystemRoot%\17835viz59155.dll NY -> 7946thiez1952.dll -> %SystemRoot%\System32\7946thiez1952.dll NY -> 25z58hacktoo9203.dll -> %SystemRoot%\25z58hacktoo9203.dll NY -> 25261zpamb9t267.dll -> %SystemRoot%\System32\25261zpamb9t267.dll NY -> 208235o9-a-virusz83.dll -> %SystemRoot%\208235o9-a-virusz83.dll NY -> dc5tzi9f461.dll -> %SystemRoot%\System32\dc5tzi9f461.dll NY -> 14253hzckt5ole9.dll -> %SystemRoot%\System32\14253hzckt5ole9.dll NY -> 25d7threat1z3849.dll -> %SystemRoot%\System32\25d7threat1z3849.dll NY -> 57d9a5dware16z9.dll -> %SystemRoot%\System32\57d9a5dware16z9.dll NY -> 41a4do5nzoa9er1890.dll -> %SystemRoot%\System32\41a4do5nzoa9er1890.dll NY -> 8z4dow5loader9589.dll -> %SystemRoot%\8z4dow5loader9589.dll NY -> 6191threat2z855.dll -> %SystemRoot%\System32\6191threat2z855.dll NY -> 6227down9oaze52754.dll -> %SystemRoot%\System32\6227down9oaze52754.dll NY -> 79b7b5ckdoor1922z.dll -> %SystemRoot%\79b7b5ckdoor1922z.dll NY -> 4a8c9dzw5re2718.dll -> %SystemRoot%\System32\4a8c9dzw5re2718.dll NY -> 564edowzloade93555.dll -> %SystemRoot%\System32\564edowzloade93555.dll NY -> 45ddown9oaderz278.dll -> %SystemRoot%\45ddown9oaderz278.dll NY -> 71zv5r9023.dll -> %SystemRoot%\71zv5r9023.dll NY -> 741995rz155.dll -> %SystemRoot%\System32\741995rz155.dll NY -> 62ccdownlo9dez265.dll -> %SystemRoot%\System32\62ccdownlo9dez265.dll NY -> 1994addwzr51653.dll -> %SystemRoot%\1994addwzr51653.dll NY -> 22649spz457.dll -> %SystemRoot%\22649spz457.dll NY -> a7fvi92561z.dll -> %SystemRoot%\System32\a7fvi92561z.dll NY -> 76b4t95ezt12471.dll -> %SystemRoot%\System32\76b4t95ezt12471.dll NY -> 11982no5-a-virzs11d.dll -> %SystemRoot%\11982no5-a-virzs11d.dll NY -> 53f9downloader129z5.dll -> %SystemRoot%\53f9downloader129z5.dll NY -> 2b9cz9ea5944.dll -> %SystemRoot%\2b9cz9ea5944.dll NY -> 4035hzcktoo945f.dll -> %SystemRoot%\4035hzcktoo945f.dll NY -> z0951w9rm78c.dll -> %SystemRoot%\System32\z0951w9rm78c.dll NY -> 29955noz-a-vir9s2b2.dll -> %SystemRoot%\29955noz-a-vir9s2b2.dll NY -> 19151zpambot4729.dll -> %SystemRoot%\System32\19151zpambot4729.dll NY -> 1696spywaze3051.dll -> %SystemRoot%\System32\1696spywaze3051.dll NY -> 27z59trojf9.dll -> %SystemRoot%\System32\27z59trojf9.dll NY -> 755azackdoor1097.dll -> %SystemRoot%\System32\755azackdoor1097.dll NY -> 29486v5rus6ez.dll -> %SystemRoot%\System32\29486v5rus6ez.dll NY -> 2734thze5t14519.dll -> %SystemRoot%\2734thze5t14519.dll NY -> 25250w9rm46z.dll -> %SystemRoot%\System32\25250w9rm46z.dll NY -> 9999vizus54.dll -> %SystemRoot%\System32\9999vizus54.dll NY -> e21dow5loade9240z.dll -> %SystemRoot%\System32\e21dow5loade9240z.dll NY -> 20z08wo951a4.dll -> %SystemRoot%\20z08wo951a4.dll NY -> 13057w9rz120.dll -> %SystemRoot%\13057w9rz120.dll NY -> 2z529troj1ad.dll -> %SystemRoot%\System32\2z529troj1ad.dll NY -> 2zc0back59or1254.dll -> %SystemRoot%\2zc0back59or1254.dll NY -> 1304zviru59db.dll -> %SystemRoot%\1304zviru59db.dll NY -> 9668hacztool505.dll -> %SystemRoot%\9668hacztool505.dll NY -> 14589hacktzol5a6.dll -> %SystemRoot%\14589hacktzol5a6.dll NY -> 263z3s5yd29.dll -> %SystemRoot%\System32\263z3s5yd29.dll NY -> 7c94st5alz186.dll -> %SystemRoot%\System32\7c94st5alz186.dll NY -> 280959zo585.dll -> %SystemRoot%\280959zo585.dll NY -> 466espzr5e13279.dll -> %SystemRoot%\466espzr5e13279.dll NY -> 2554ztr59250.dll -> %SystemRoot%\2554ztr59250.dll NY -> 16z575pambot159.dll -> %SystemRoot%\System32\16z575pambot159.dll NY -> 4159thze92820.dll -> %SystemRoot%\System32\4159thze92820.dll NY -> 6df9thie5916z.dll -> %SystemRoot%\6df9thie5916z.dll NY -> 915noz-a-vir5s479.dll -> %SystemRoot%\System32\915noz-a-vir5s479.dll NY -> 124eszars91574.dll -> %SystemRoot%\System32\124eszars91574.dll NY -> 3378sparse5z729.dll -> %SystemRoot%\System32\3378sparse5z729.dll NY -> z9957troj785.dll -> %SystemRoot%\z9957troj785.dll NY -> 20250sp5mbot94z.dll -> %SystemRoot%\System32\20250sp5mbot94z.dll NY -> 575dtzre9t4627.dll -> %SystemRoot%\575dtzre9t4627.dll NY -> 26494vir5z399.dll -> %SystemRoot%\System32\26494vir5z399.dll NY -> 15efspa5s92869z.dll -> %SystemRoot%\System32\15efspa5s92869z.dll NY -> 12190virzs591.dll -> %SystemRoot%\System32\12190virzs591.dll NY -> 1a9zstea926165.dll -> %SystemRoot%\1a9zstea926165.dll NY -> 982zpy5e4.dll -> %SystemRoot%\System32\982zpy5e4.dll NY -> 6ff9steal32z5.dll -> %SystemRoot%\System32\6ff9steal32z5.dll NY -> 6927zp55f5.dll -> %SystemRoot%\System32\6927zp55f5.dll NY -> 9546ba5kdoorz319.dll -> %SystemRoot%\9546ba5kdoorz319.dll NY -> 1694th5e9tz889.dll -> %SystemRoot%\1694th5e9tz889.dll NY -> hccutils.dll -> %SystemRoot%\System32\hccutils.dll NY -> 7769zackdoor5579.dll -> %SystemRoot%\System32\7769zackdoor5579.dll NY -> 13925zre9t19707.dll -> %SystemRoot%\System32\13925zre9t19707.dll NY -> 1264zhackt9ol35.dll -> %SystemRoot%\System32\1264zhackt9ol35.dll NY -> 78459zreat6312.dll -> %SystemRoot%\78459zreat6312.dll NY -> 1f9zad9ware1656.dll -> %SystemRoot%\System32\1f9zad9ware1656.dll NY -> 15c3s5arse5z59.dll -> %SystemRoot%\System32\15c3s5arse5z59.dll NY -> 55b39h5ef15z6.dll -> %SystemRoot%\55b39h5ef15z6.dll NY -> 26f1b5c9dzor505.dll -> %SystemRoot%\System32\26f1b5c9dzor505.dll NY -> 524fzac95oor2976.dll -> %SystemRoot%\524fzac95oor2976.dll NY -> 3502zspy5669.dll -> %SystemRoot%\System32\3502zspy5669.dll NY -> 70d7t9zef1851.dll -> %SystemRoot%\System32\70d7t9zef1851.dll NY -> 4z2tro94e5.dll -> %SystemRoot%\System32\4z2tro94e5.dll [Files/Folders - Modified Within 30 Days] NY -> 1 C:\Users\Neeraj Tohan\Documents\*.tmp files -> C:\Users\Neeraj Tohan\Documents\*.tmp NY -> 4c5zbackdoo92804.bin -> %SystemRoot%\System32\4c5zbackdoo92804.bin NY -> 353czpy59re2933.dll -> %SystemRoot%\System32\353czpy59re2933.dll NY -> 6037not-a-viru945z.bin -> %SystemRoot%\System32\6037not-a-viru945z.bin NY -> 29215spzmbot3bb.bin -> %SystemRoot%\29215spzmbot3bb.bin NY -> 55z0worm3d9.cpl -> %SystemRoot%\55z0worm3d9.cpl NY -> 7z6e5hief1917.bin -> %SystemRoot%\System32\7z6e5hief1917.bin NY -> 90878tr5j8z.ocx -> %SystemRoot%\System32\90878tr5j8z.ocx NY -> 5919v5r1396z.dll -> %SystemRoot%\5919v5r1396z.dll NY -> 23761vz9u5b7.ocx -> %SystemRoot%\23761vz9u5b7.ocx NY -> 7963sparse5z9.cpl -> %SystemRoot%\System32\7963sparse5z9.cpl NY -> 24054h59ktozl3db.bin -> %SystemRoot%\24054h59ktozl3db.bin NY -> 1225do5nl9ader287z.exe -> %SystemRoot%\1225do5nl9ader287z.exe NY -> 75z3t5re9t2847.cpl -> %SystemRoot%\System32\75z3t5re9t2847.cpl NY -> 1569zspy152.bin -> %SystemRoot%\System32\1569zspy152.bin NY -> a9fdownzoad592262.cpl -> %SystemRoot%\System32\a9fdownzoad592262.cpl NY -> 45e09z5eat9856.exe -> %SystemRoot%\45e09z5eat9856.exe NY -> 2f93thzeat56625.dll -> %SystemRoot%\2f93thzeat56625.dll NY -> 7951downloader19z95.exe -> %SystemRoot%\7951downloader19z95.exe NY -> 15047not-5-9iruz33a.exe -> %SystemRoot%\System32\15047not-5-9iruz33a.exe NY -> 25292spz5fb9.bin -> %SystemRoot%\System32\25292spz5fb9.bin NY -> 4053threat98047z.dll -> %SystemRoot%\System32\4053threat98047z.dll NY -> 39599irzs43d.exe -> %SystemRoot%\39599irzs43d.exe NY -> 422zs5yware2195.bin -> %SystemRoot%\System32\422zs5yware2195.bin NY -> 5a25steaz936.cpl -> %SystemRoot%\5a25steaz936.cpl NY -> 256fspyw9re960z.cpl -> %SystemRoot%\256fspyw9re960z.cpl NY -> 55bzs5arse2917.ocx -> %SystemRoot%\55bzs5arse2917.ocx NY -> 9497zviru5453.ocx -> %SystemRoot%\System32\9497zviru5453.ocx NY -> 194aszeal9545.ocx -> %SystemRoot%\System32\194aszeal9545.ocx NY -> 5868z9dware475.bin -> %SystemRoot%\System32\5868z9dware475.bin NY -> z0377w5r972c.cpl -> %SystemRoot%\System32\z0377w5r972c.cpl NY -> ze01downl5ader93.dll -> %SystemRoot%\System32\ze01downl5ader93.dll NY -> 6142ha5ktooz697.cpl -> %SystemRoot%\6142ha5ktooz697.cpl NY -> zeecsparse5129.exe -> %SystemRoot%\System32\zeecsparse5129.exe NY -> 26922tro53z89.exe -> %SystemRoot%\System32\26922tro53z89.exe NY -> 7029z5rus99.ocx -> %SystemRoot%\System32\7029z5rus99.ocx NY -> 3592th5ef2239z.exe -> %SystemRoot%\System32\3592th5ef2239z.exe NY -> 9a9z95ware1744.cpl -> %SystemRoot%\9a9z95ware1744.cpl NY -> 31195nzt-5-virus9fc.bin -> %SystemRoot%\31195nzt-5-virus9fc.bin NY -> 4fe1stzal56029.ocx -> %SystemRoot%\4fe1stzal56029.ocx NY -> 1f795zyware2644.dll -> %SystemRoot%\System32\1f795zyware2644.dll NY -> 8810s5am9ot4dz.exe -> %SystemRoot%\8810s5am9ot4dz.exe NY -> 59cthief26z7.bin -> %SystemRoot%\System32\59cthief26z7.bin NY -> 1cfz5a9kdoor1867.ocx -> %SystemRoot%\1cfz5a9kdoor1867.ocx NY -> 12507tr9z1ce.ocx -> %SystemRoot%\System32\12507tr9z1ce.ocx NY -> 3dbbs5eaz1669.cpl -> %SystemRoot%\System32\3dbbs5eaz1669.cpl NY -> 25d3download5910z7.ocx -> %SystemRoot%\25d3download5910z7.ocx NY -> 4f4159dwzre1800.cpl -> %SystemRoot%\4f4159dwzre1800.cpl NY -> 3054z5irus9c2.exe -> %SystemRoot%\System32\3054z5irus9c2.exe NY -> 51z69spy59b.cpl -> %SystemRoot%\51z69spy59b.cpl NY -> 3aa7zddw5re9730.bin -> %SystemRoot%\System32\3aa7zddw5re9730.bin NY -> acftzre5t94699.exe -> %SystemRoot%\acftzre5t94699.exe NY -> 55945troj7c5z.bin -> %SystemRoot%\55945troj7c5z.bin NY -> 599athiefz119.exe -> %SystemRoot%\System32\599athiefz119.exe NY -> 2781659zj619.dll -> %SystemRoot%\2781659zj619.dll NY -> 10891virzs17f5.ocx -> %SystemRoot%\10891virzs17f5.ocx NY -> 6z039pam5ot6d3.bin -> %SystemRoot%\System32\6z039pam5ot6d3.bin NY -> 2c02sp5zse2929.dll -> %SystemRoot%\2c02sp5zse2929.dll NY -> z3659virus758.ocx -> %SystemRoot%\z3659virus758.ocx NY -> 9950troj6fz.exe -> %SystemRoot%\9950troj6fz.exe NY -> 2d66downloa59rz225.ocx -> %SystemRoot%\System32\2d66downloa59rz225.ocx NY -> 7d27vir23z95.cpl -> %SystemRoot%\System32\7d27vir23z95.cpl NY -> 6z4t9oj3bf5.dll -> %SystemRoot%\System32\6z4t9oj3bf5.dll NY -> 35559ddwaze2512.dll -> %SystemRoot%\35559ddwaze2512.dll NY -> 4395spazbot7d05.exe -> %SystemRoot%\System32\4395spazbot7d05.exe NY -> 301509ot-a-v5rus292z.cpl -> %SystemRoot%\System32\301509ot-a-v5rus292z.cpl NY -> 5zccspy9are389.exe -> %SystemRoot%\System32\5zccspy9are389.exe NY -> 24519not-a59irzs4de.ocx -> %SystemRoot%\24519not-a59irzs4de.ocx NY -> 19610wo954zf.exe -> %SystemRoot%\19610wo954zf.exe NY -> b9dth5eat122z.cpl -> %SystemRoot%\System32\b9dth5eat122z.cpl NY -> 355zspywar92442.cpl -> %SystemRoot%\System32\355zspywar92442.cpl NY -> 43a1zh9ef5949.ocx -> %SystemRoot%\System32\43a1zh9ef5949.ocx NY -> 53eebacz9oor2951.exe -> %SystemRoot%\53eebacz9oor2951.exe NY -> 10157worz839.exe -> %SystemRoot%\System32\10157worz839.exe NY -> 9161not-a-9iru59z.dll -> %SystemRoot%\System32\9161not-a-9iru59z.dll NY -> 558cst9zl16.dll -> %SystemRoot%\558cst9zl16.dll NY -> z50995acktoolc3.bin -> %SystemRoot%\System32\z50995acktoolc3.bin NY -> 15898notza-virus4d2.exe -> %SystemRoot%\System32\15898notza-virus4d2.exe NY -> b5aba5kzo9r492.exe -> %SystemRoot%\b5aba5kzo9r492.exe NY -> 5591vir277z9.bin -> %SystemRoot%\5591vir277z9.bin NY -> 328v9r9z5.dll -> %SystemRoot%\328v9r9z5.dll NY -> 315629pambot1z2.bin -> %SystemRoot%\315629pambot1z2.bin NY -> 5859sparse123z.exe -> %SystemRoot%\System32\5859sparse123z.exe NY -> 7zc59pyware163.cpl -> %SystemRoot%\7zc59pyware163.cpl NY -> 3296downl5aderz103.ocx -> %SystemRoot%\System32\3296downl5aderz103.ocx NY -> 27616spzmbo59d2.dll -> %SystemRoot%\27616spzmbo59d2.dll NY -> 589astza51150.cpl -> %SystemRoot%\System32\589astza51150.cpl NY -> 15z49spambot69d.exe -> %SystemRoot%\15z49spambot69d.exe NY -> 31335zack59ol799.ocx -> %SystemRoot%\31335zack59ol799.ocx NY -> 6f79ad5wa9e1z18.exe -> %SystemRoot%\6f79ad5wa9e1z18.exe NY -> 7467sparz95115.cpl -> %SystemRoot%\System32\7467sparz95115.cpl NY -> 56zor975.exe -> %SystemRoot%\System32\56zor975.exe NY -> b6ethzeat15697.ocx -> %SystemRoot%\b6ethzeat15697.ocx NY -> 5z59vir135.bin -> %SystemRoot%\5z59vir135.bin NY -> 10az9i5144.bin -> %SystemRoot%\10az9i5144.bin NY -> 31954vir9sc5z.bin -> %SystemRoot%\31954vir9sc5z.bin NY -> 25952spy7z3.dll -> %SystemRoot%\System32\25952spy7z3.dll NY -> 96113not-a-virus65z.exe -> %SystemRoot%\96113not-a-virus65z.exe NY -> 8982hzckto5l31a.cpl -> %SystemRoot%\8982hzckto5l31a.cpl NY -> 52709acktzol4285.bin -> %SystemRoot%\52709acktzol4285.bin NY -> 28950worz53d5.cpl -> %SystemRoot%\System32\28950worz53d5.cpl NY -> 4707zhreat15591.dll -> %SystemRoot%\System32\4707zhreat15591.dll NY -> 47ffdo5nl9aderz587.exe -> %SystemRoot%\System32\47ffdo5nl9aderz587.exe NY -> 2169stez52927.cpl -> %SystemRoot%\System32\2169stez52927.cpl NY -> 10209wor51zf9.bin -> %SystemRoot%\System32\10209wor51zf9.bin NY -> 12970hacktz9l5b7.cpl -> %SystemRoot%\12970hacktz9l5b7.cpl NY -> 1z85spyware879.dll -> %SystemRoot%\System32\1z85spyware879.dll NY -> 6z54sp9war51531.bin -> %SystemRoot%\System32\6z54sp9war51531.bin NY -> 26109wor57z49.cpl -> %SystemRoot%\26109wor57z49.cpl NY -> 255629roj3fz.exe -> %SystemRoot%\System32\255629roj3fz.exe NY -> 55steal3099z.bin -> %SystemRoot%\55steal3099z.bin NY -> z8396hackt59l49e.bin -> %SystemRoot%\z8396hackt59l49e.bin NY -> 7dddzhre9t54645.cpl -> %SystemRoot%\7dddzhre9t54645.cpl NY -> 26399s592zb.dll -> %SystemRoot%\System32\26399s592zb.dll NY -> 55579worz559.ocx -> %SystemRoot%\System32\55579worz559.ocx NY -> 715059z4aa.dll -> %SystemRoot%\715059z4aa.dll NY -> 1d9zspy59re1306.ocx -> %SystemRoot%\1d9zspy59re1306.ocx NY -> 1989thzef3546.dll -> %SystemRoot%\System32\1989thzef3546.dll NY -> 2z589hreat7973.exe -> %SystemRoot%\System32\2z589hreat7973.exe NY -> 1905ztr59479.dll -> %SystemRoot%\System32\1905ztr59479.dll NY -> 5ade9hief579z.exe -> %SystemRoot%\System32\5ade9hief579z.exe NY -> 295thzef1533.ocx -> %SystemRoot%\295thzef1533.ocx NY -> 1c49downloadzr5968.exe -> %SystemRoot%\System32\1c49downloadzr5968.exe NY -> 171215acktozl4149.exe -> %SystemRoot%\System32\171215acktozl4149.exe NY -> 12159ownloadzr11815.dll -> %SystemRoot%\12159ownloadzr11815.dll NY -> 2d5bst9alz56.exe -> %SystemRoot%\System32\2d5bst9alz56.exe NY -> 7559sp573z.bin -> %SystemRoot%\System32\7559sp573z.bin NY -> f5zaddw9re2365.exe -> %SystemRoot%\System32\f5zaddw9re2365.exe NY -> fz1vir5924.bin -> %SystemRoot%\fz1vir5924.bin NY -> 195zaddware1132.dll -> %SystemRoot%\System32\195zaddware1132.dll NY -> 10a9dow5lza9er2069.cpl -> %SystemRoot%\10a9dow5lza9er2069.cpl NY -> 14261not-a-virus95ez.bin -> %SystemRoot%\14261not-a-virus95ez.bin NY -> 798dzpar5e148.bin -> %SystemRoot%\System32\798dzpar5e148.bin NY -> 50899troj37z.bin -> %SystemRoot%\System32\50899troj37z.bin NY -> 129esparsez55.exe -> %SystemRoot%\System32\129esparsez55.exe NY -> 5762ad5war92z41.cpl -> %SystemRoot%\System32\5762ad5war92z41.cpl NY -> 52z69h5ef2970.bin -> %SystemRoot%\52z69h5ef2970.bin NY -> 27105s5y9z3.bin -> %SystemRoot%\27105s5y9z3.bin NY -> z536vir590.ocx -> %SystemRoot%\System32\z536vir590.ocx NY -> 6284vir930z5.exe -> %SystemRoot%\System32\6284vir930z5.exe NY -> 29859virus581z.ocx -> %SystemRoot%\29859virus581z.ocx NY -> 265zs5ea9541.bin -> %SystemRoot%\System32\265zs5ea9541.bin NY -> 2244h5zktool7a79.dll -> %SystemRoot%\System32\2244h5zktool7a79.dll NY -> 232979ackto5z494.bin -> %SystemRoot%\232979ackto5z494.bin NY -> 285z1virus319.exe -> %SystemRoot%\285z1virus319.exe NY -> 1989zspa9bo5721.exe -> %SystemRoot%\System32\1989zspa9bo5721.exe NY -> 2908zvirus359.dll -> %SystemRoot%\2908zvirus359.dll NY -> 5e15th5eat296z0.exe -> %SystemRoot%\System32\5e15th5eat296z0.exe NY -> 5a59backdzor3143.cpl -> %SystemRoot%\5a59backdzor3143.cpl NY -> z558virus592.cpl -> %SystemRoot%\z558virus592.cpl NY -> 100639ot-a-virus5z3.ocx -> %SystemRoot%\100639ot-a-virus5z3.ocx NY -> 5564not-a9zirus118.cpl -> %SystemRoot%\System32\5564not-a9zirus118.cpl NY -> 44fbthre5t729z.bin -> %SystemRoot%\44fbthre5t729z.bin NY -> 323z9ha5ktool3e19.exe -> %SystemRoot%\System32\323z9ha5ktool3e19.exe NY -> 91ezp9ware5809.dll -> %SystemRoot%\System32\91ezp9ware5809.dll NY -> 26369s5y2z7.bin -> %SystemRoot%\26369s5y2z7.bin NY -> 2f93thief1563z.dll -> %SystemRoot%\2f93thief1563z.dll NY -> 5f01backdooz926.ocx -> %SystemRoot%\5f01backdooz926.ocx NY -> 224et5ief955z.bin -> %SystemRoot%\224et5ief955z.bin NY -> 590ds5zal3049.dll -> %SystemRoot%\590ds5zal3049.dll NY -> 9532zirus5c35.ocx -> %SystemRoot%\9532zirus5c35.ocx NY -> 20sparze19145.bin -> %SystemRoot%\20sparze19145.bin NY -> 4983s5az9ot37c.bin -> %SystemRoot%\System32\4983s5az9ot37c.bin NY -> 369zworm5789.exe -> %SystemRoot%\369zworm5789.exe NY -> 56z0download5r15929.bin -> %SystemRoot%\56z0download5r15929.bin NY -> 15704not-a-v95us7e9z.bin -> %SystemRoot%\System32\15704not-a-v95us7e9z.bin NY -> 2ef4doznloa9er5524.exe -> %SystemRoot%\2ef4doznloa9er5524.exe NY -> 2046tzr5at79.cpl -> %SystemRoot%\2046tzr5at79.cpl NY -> 50985pyware22z7.bin -> %SystemRoot%\System32\50985pyware22z7.bin NY -> 941zr5j139.exe -> %SystemRoot%\941zr5j139.exe NY -> 5d65addzare3049.ocx -> %SystemRoot%\5d65addzare3049.ocx NY -> 93ff5ir21z2.cpl -> %SystemRoot%\System32\93ff5ir21z2.cpl NY -> 79a0st59l17z4.bin -> %SystemRoot%\System32\79a0st59l17z4.bin NY -> 2157backdoo9670z.ocx -> %SystemRoot%\System32\2157backdoo9670z.ocx NY -> 5099th9ef19z0.cpl -> %SystemRoot%\5099th9ef19z0.cpl NY -> 33z9pyware552.ocx -> %SystemRoot%\33z9pyware552.ocx NY -> 5126viz9675.exe -> %SystemRoot%\System32\5126viz9675.exe NY -> 326b5zr593.exe -> %SystemRoot%\326b5zr593.exe NY -> za8ste5l2519.exe -> %SystemRoot%\za8ste5l2519.exe NY -> 27dfaddwa9e265z.ocx -> %SystemRoot%\27dfaddwa9e265z.ocx NY -> 15921z5y7ce9.bin -> %SystemRoot%\System32\15921z5y7ce9.bin NY -> 45e7downlozder54049.exe -> %SystemRoot%\45e7downlozder54049.exe NY -> ntuser.dat -> %UserProfile%\ntuser.dat NY -> qmgr1.dat -> %AllUsersProfile%\Microsoft\Network\Downloader\qmgr1.dat NY -> qmgr0.dat -> %AllUsersProfile%\Microsoft\Network\Downloader\qmgr0.dat NY -> 5a399ownzo5der3255.bin -> %SystemRoot%\System32\5a399ownzo5der3255.bin NY -> z12475py329.dll -> %SystemRoot%\z12475py329.dll NY -> 31275notz5-vir9s787.ocx -> %SystemRoot%\31275notz5-vir9s787.ocx NY -> 1z5449ot-a5virus382.bin -> %SystemRoot%\1z5449ot-a5virus382.bin NY -> 1z587troj955.dll -> %SystemRoot%\1z587troj955.dll NY -> 505zrus954.exe -> %SystemRoot%\System32\505zrus954.exe NY -> 68d2zte9l1507.ocx -> %SystemRoot%\System32\68d2zte9l1507.ocx NY -> 59z9spambot352.dll -> %SystemRoot%\59z9spambot352.dll NY -> savw76sasfx.exe -> %UserProfile%\Desktop\savw76sasfx.exe NY -> 70z9threat255875.bin -> %SystemRoot%\System32\70z9threat255875.bin NY -> 158daddware2z98.cpl -> %SystemRoot%\158daddware2z98.cpl NY -> z9b9s5yw9re1317.ocx -> %SystemRoot%\System32\z9b9s5yw9re1317.ocx NY -> 2348195zktool386.bin -> %SystemRoot%\System32\2348195zktool386.bin NY -> c1za5dware30419.cpl -> %SystemRoot%\c1za5dware30419.cpl NY -> 26543worz99.exe -> %SystemRoot%\System32\26543worz99.exe NY -> 524down9ozd5r48.bin -> %SystemRoot%\System32\524down9ozd5r48.bin NY -> 22512s9yz5f.ocx -> %SystemRoot%\System32\22512s9yz5f.ocx NY -> 90016z5y409.dll -> %SystemRoot%\90016z5y409.dll NY -> 2005tzreat23659.cpl -> %SystemRoot%\System32\2005tzreat23659.cpl NY -> 23949wor56e5z.exe -> %SystemRoot%\23949wor56e5z.exe NY -> 3839worm515z.cpl -> %SystemRoot%\3839worm515z.cpl NY -> 4ce5addwar92852z.ocx -> %SystemRoot%\4ce5addwar92852z.ocx NY -> 91609sp5mbot188z.ocx -> %SystemRoot%\91609sp5mbot188z.ocx NY -> 95z2troj92.ocx -> %SystemRoot%\System32\95z2troj92.ocx NY -> 2a74szyware945.exe -> %SystemRoot%\2a74szyware945.exe NY -> 69a9thi5f194z.cpl -> %SystemRoot%\69a9thi5f194z.cpl NY -> 5c57vi91z88.cpl -> %SystemRoot%\5c57vi91z88.cpl NY -> 3945spzrs928195.ocx -> %SystemRoot%\System32\3945spzrs928195.ocx NY -> 58133vizu915a.exe -> %SystemRoot%\58133vizu915a.exe NY -> 59e9bazkdoor1651.exe -> %SystemRoot%\59e9bazkdoor1651.exe NY -> 3458addwarez3195.dll -> %SystemRoot%\System32\3458addwarez3195.dll NY -> z515hief698.ocx -> %SystemRoot%\System32\z515hief698.ocx NY -> 291369rzj588.bin -> %SystemRoot%\System32\291369rzj588.bin NY -> 9689z5pambot205.bin -> %SystemRoot%\9689z5pambot205.bin NY -> 150evir19z4.bin -> %SystemRoot%\150evir19z4.bin NY -> 22521zorm39e.dll -> %SystemRoot%\System32\22521zorm39e.dll NY -> 32541sp9mbot3z3.bin -> %SystemRoot%\System32\32541sp9mbot3z3.bin NY -> 8714n9t-a-viruz45f.bin -> %SystemRoot%\8714n9t-a-viruz45f.bin NY -> 5fzavir9166.dll -> %SystemRoot%\System32\5fzavir9166.dll NY -> 17091not-azvi9us855.cpl -> %SystemRoot%\17091not-azvi9us855.cpl NY -> 2d45stza92504.bin -> %SystemRoot%\2d45stza92504.bin NY -> 21850spzmbot269.cpl -> %SystemRoot%\21850spzmbot269.cpl NY -> 972zspy576.ocx -> %SystemRoot%\972zspy576.ocx NY -> 73ebspyware9z765.cpl -> %SystemRoot%\System32\73ebspyware9z765.cpl NY -> 24893spz33b5.ocx -> %SystemRoot%\System32\24893spz33b5.ocx NY -> 5a73addwarez989.ocx -> %SystemRoot%\5a73addwarez989.ocx NY -> zc739pars52346.cpl -> %SystemRoot%\System32\zc739pars52346.cpl NY -> zdb5ba59door1676.exe -> %SystemRoot%\zdb5ba59door1676.exe NY -> 556bthreat116z59.ocx -> %SystemRoot%\System32\556bthreat116z59.ocx NY -> b92backdoor25z.cpl -> %SystemRoot%\b92backdoor25z.cpl NY -> z189vir55.exe -> %SystemRoot%\z189vir55.exe NY -> 66d5downloaderz7789.bin -> %SystemRoot%\System32\66d5downloaderz7789.bin NY -> 23f1bazk9oor9815.ocx -> %SystemRoot%\System32\23f1bazk9oor9815.ocx NY -> 2425zwo9533c.dll -> %SystemRoot%\2425zwo9533c.dll NY -> 6135tzoj2209.cpl -> %SystemRoot%\6135tzoj2209.cpl NY -> 31z90tro53ae9.ocx -> %SystemRoot%\31z90tro53ae9.ocx NY -> 9694z5irus5c7.ocx -> %SystemRoot%\9694z5irus5c7.ocx NY -> 28662ha5k9ooz728.bin -> %SystemRoot%\28662ha5k9ooz728.bin NY -> 5903zteal2125.exe -> %SystemRoot%\System32\5903zteal2125.exe NY -> 15689tr9j2bz.dll -> %SystemRoot%\System32\15689tr9j2bz.dll NY -> z607not-9-vir5s1ff.exe -> %SystemRoot%\z607not-9-vir5s1ff.exe NY -> 16695spz5559.exe -> %SystemRoot%\System32\16695spz5559.exe NY -> 95121v5rus18az.ocx -> %SystemRoot%\95121v5rus18az.ocx NY -> 17990t5oj6z.bin -> %SystemRoot%\System32\17990t5oj6z.bin NY -> 4967thre5t310z1.bin -> %SystemRoot%\4967thre5t310z1.bin NY -> 2z819w9rm385.dll -> %SystemRoot%\System32\2z819w9rm385.dll NY -> 95c5sparz5585.cpl -> %SystemRoot%\95c5sparz5585.cpl NY -> 789ebaczdo5r824.ocx -> %SystemRoot%\System32\789ebaczdo5r824.ocx NY -> 25194hack9ool2z5.cpl -> %SystemRoot%\System32\25194hack9ool2z5.cpl NY -> 28692s5z2b59.exe -> %SystemRoot%\System32\28692s5z2b59.exe NY -> 459zworm769.cpl -> %SystemRoot%\459zworm769.cpl NY -> z7ee9pyware1445.exe -> %SystemRoot%\System32\z7ee9pyware1445.exe NY -> 4bez9i5f84.bin -> %SystemRoot%\System32\4bez9i5f84.bin NY -> z916vir24455.exe -> %SystemRoot%\System32\z916vir24455.exe NY -> 4279th5ef1z70.ocx -> %SystemRoot%\4279th5ef1z70.ocx NY -> 75f4threa9z8144.exe -> %SystemRoot%\System32\75f4threa9z8144.exe NY -> 133559orz481.exe -> %SystemRoot%\133559orz481.exe NY -> 11325not-a-9irus7ez5.bin -> %SystemRoot%\11325not-a-9irus7ez5.bin NY -> 5175thizf2950.bin -> %SystemRoot%\System32\5175thizf2950.bin NY -> 5b58download9r2044z.exe -> %SystemRoot%\System32\5b58download9r2044z.exe NY -> 339zthrea5314.ocx -> %SystemRoot%\System32\339zthrea5314.ocx NY -> 195irz998.exe -> %SystemRoot%\System32\195irz998.exe NY -> 349f5hrzat4925.exe -> %SystemRoot%\System32\349f5hrzat4925.exe NY -> 555v9z1225.exe -> %SystemRoot%\System32\555v9z1225.exe NY -> 147869rzj495.cpl -> %SystemRoot%\147869rzj495.cpl NY -> 5522t9iefz079.dll -> %SystemRoot%\System32\5522t9iefz079.dll NY -> 258z5wo9m61b.ocx -> %SystemRoot%\System32\258z5wo9m61b.ocx NY -> 50f4thrza513943.dll -> %SystemRoot%\System32\50f4thrza513943.dll NY -> 1459t9izf38.exe -> %SystemRoot%\1459t9izf38.exe NY -> 219z4hackt9o5519.dll -> %SystemRoot%\System32\219z4hackt9o5519.dll NY -> 16044ha9kzoo55bc.dll -> %SystemRoot%\System32\16044ha9kzoo55bc.dll NY -> 59382not-azvirus2b9.bin -> %SystemRoot%\59382not-azvirus2b9.bin NY -> 49fespywaze3542.bin -> %SystemRoot%\System32\49fespywaze3542.bin NY -> z2555tr9jdd.dll -> %SystemRoot%\z2555tr9jdd.dll NY -> 2738no5-a-9izus302.dll -> %SystemRoot%\2738no5-a-9izus302.dll NY -> 251z5worm957.exe -> %SystemRoot%\System32\251z5worm957.exe NY -> z5096vi9us578.cpl -> %SystemRoot%\z5096vi9us578.cpl NY -> 2ac0t95ef766z.cpl -> %SystemRoot%\2ac0t95ef766z.cpl NY -> 3891stzal12615.cpl -> %SystemRoot%\System32\3891stzal12615.cpl NY -> 7d79d5wnloazer2592.ocx -> %SystemRoot%\System32\7d79d5wnloazer2592.ocx NY -> 18925not-a-virzs9b4.exe -> %SystemRoot%\18925not-a-virzs9b4.exe NY -> 1f5atzi5f9809.ocx -> %SystemRoot%\System32\1f5atzi5f9809.ocx NY -> 19646not-9-vir5s3bez.cpl -> %SystemRoot%\System32\19646not-9-vir5s3bez.cpl NY -> 109cdow5loaze9868.cpl -> %SystemRoot%\System32\109cdow5loaze9868.cpl NY -> 5692steal2z9.bin -> %SystemRoot%\System32\5692steal2z9.bin NY -> 696s5ywarez4899.exe -> %SystemRoot%\System32\696s5ywarez4899.exe NY -> 29999vi5uszb5.cpl -> %SystemRoot%\29999vi5uszb5.cpl NY -> a65vir232z9.exe -> %SystemRoot%\a65vir232z9.exe NY -> 20767not-a9virzs54f.bin -> %SystemRoot%\20767not-a9virzs54f.bin NY -> 55809aczdoor1163.ocx -> %SystemRoot%\55809aczdoor1163.ocx NY -> 215z49py7b5.ocx -> %SystemRoot%\215z49py7b5.ocx NY -> z95evir9569.ocx -> %SystemRoot%\System32\z95evir9569.ocx NY -> 5699not-a-vzrus35.exe -> %SystemRoot%\5699not-a-vzrus35.exe NY -> 3aa9sp5waze1735.bin -> %SystemRoot%\3aa9sp5waze1735.bin NY -> 24z48spa9b5t519.exe -> %SystemRoot%\24z48spa9b5t519.exe NY -> 3985s9yware88z.bin -> %SystemRoot%\System32\3985s9yware88z.bin NY -> 6bzcdownlo95er1626.ocx -> %SystemRoot%\6bzcdownlo95er1626.ocx NY -> z7375not9a-virusb.cpl -> %SystemRoot%\z7375not9a-virusb.cpl NY -> 3z54downloader3199.cpl -> %SystemRoot%\System32\3z54downloader3199.cpl NY -> z50dvir9033.cpl -> %SystemRoot%\System32\z50dvir9033.cpl NY -> 2de8stealz9955.ocx -> %SystemRoot%\2de8stealz9955.ocx NY -> 3950sparsz2967.bin -> %SystemRoot%\System32\3950sparsz2967.bin NY -> 1563downloazer9895.cpl -> %SystemRoot%\1563downloazer9895.cpl NY -> 8179teal1553z.exe -> %SystemRoot%\8179teal1553z.exe NY -> 1b95backdozr1965.exe -> %SystemRoot%\System32\1b95backdozr1965.exe NY -> 389th5zf967.exe -> %SystemRoot%\389th5zf967.exe NY -> z25dt9ief2585.dll -> %SystemRoot%\System32\z25dt9ief2585.dll NY -> 33235o9z26f.dll -> %SystemRoot%\System32\33235o9z26f.dll NY -> 24957h59ktzol3ca.dll -> %SystemRoot%\System32\24957h59ktzol3ca.dll NY -> 5065spzrse119.ocx -> %SystemRoot%\System32\5065spzrse119.ocx NY -> 7395viz998.bin -> %SystemRoot%\7395viz998.bin NY -> 1810bzckdo5r2093.ocx -> %SystemRoot%\System32\1810bzckdo5r2093.ocx NY -> 307049pzmbo569b.bin -> %SystemRoot%\System32\307049pzmbo569b.bin NY -> setup2.exe -> %SystemRoot%\System32\setup2.exe NY -> 2493steal24z05.bin -> %SystemRoot%\System32\2493steal24z05.bin NY -> 8523wormz97.dll -> %SystemRoot%\8523wormz97.dll NY -> 54cabackd5or79z.ocx -> %SystemRoot%\54cabackd5or79z.ocx NY -> 25559n9t-a-vizus11f.cpl -> %SystemRoot%\25559n9t-a-vizus11f.cpl NY -> z9523hackt9ol565.cpl -> %SystemRoot%\z9523hackt9ol565.cpl NY -> 47e8sp9zse2537.dll -> %SystemRoot%\System32\47e8sp9zse2537.dll NY -> 53416hackto9l29cz.cpl -> %SystemRoot%\53416hackto9l29cz.cpl NY -> 5129vir222z.exe -> %SystemRoot%\5129vir222z.exe NY -> 155z9orm543.bin -> %SystemRoot%\System32\155z9orm543.bin NY -> 2570ad9ware3015z.cpl -> %SystemRoot%\System32\2570ad9ware3015z.cpl NY -> 59z25not-a9virus606.cpl -> %SystemRoot%\System32\59z25not-a9virus606.cpl [Purity] [Empty Temp Folders] [Start Explorer] [Reboot] The fix should only take a very short time. When the fix is completed a message box will popup telling you that it is finished. Click the Ok button and Notepad will open with a log of actions taken during the fix. Post that information back here I will review the information when it comes back in. Please post also a new log of OTListIt2 Thunderbird1988 |
|
|
|
|
May 18 2009, 01:43 PM
Post
#10
|
|
|
Member Posts: 76 From: Toronto OS: xp sp3, vista sp1 |
Hi Thunderbird1988, here are the two logs you requested:
Process Explorer.EXE killed successfully! [Registry - Safe List] Registry value HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\setup2.exe deleted successfully. C:\Windows\system32\setup2.exe moved successfully. [Files/Folders - Created Within 30 Days] C:\Windows\System32\4c5zbackdoo92804.bin moved successfully. LoadLibrary failed for C:\Windows\System32\353czpy59re2933.dll C:\Windows\System32\353czpy59re2933.dll NOT unregistered. C:\Windows\System32\353czpy59re2933.dll moved successfully. C:\Windows\System32\6037not-a-viru945z.bin moved successfully. C:\Windows\29215spzmbot3bb.bin moved successfully. C:\Windows\55z0worm3d9.cpl moved successfully. C:\Windows\System32\7z6e5hief1917.bin moved successfully. LoadLibrary failed for C:\Windows\System32\90878tr5j8z.ocx C:\Windows\System32\90878tr5j8z.ocx NOT unregistered. C:\Windows\System32\90878tr5j8z.ocx moved successfully. LoadLibrary failed for C:\Windows\5919v5r1396z.dll C:\Windows\5919v5r1396z.dll NOT unregistered. C:\Windows\5919v5r1396z.dll moved successfully. LoadLibrary failed for C:\Windows\23761vz9u5b7.ocx C:\Windows\23761vz9u5b7.ocx NOT unregistered. C:\Windows\23761vz9u5b7.ocx moved successfully. C:\Windows\System32\7963sparse5z9.cpl moved successfully. C:\Windows\24054h59ktozl3db.bin moved successfully. C:\Windows\1225do5nl9ader287z.exe moved successfully. C:\Windows\System32\75z3t5re9t2847.cpl moved successfully. C:\Windows\System32\1569zspy152.bin moved successfully. C:\Windows\System32\a9fdownzoad592262.cpl moved successfully. C:\Windows\45e09z5eat9856.exe moved successfully. LoadLibrary failed for C:\Windows\2f93thzeat56625.dll C:\Windows\2f93thzeat56625.dll NOT unregistered. C:\Windows\2f93thzeat56625.dll moved successfully. C:\Windows\7951downloader19z95.exe moved successfully. C:\Windows\System32\15047not-5-9iruz33a.exe moved successfully. C:\Windows\System32\25292spz5fb9.bin moved successfully. LoadLibrary failed for C:\Windows\System32\4053threat98047z.dll C:\Windows\System32\4053threat98047z.dll NOT unregistered. C:\Windows\System32\4053threat98047z.dll moved successfully. C:\Windows\39599irzs43d.exe moved successfully. C:\Windows\System32\422zs5yware2195.bin moved successfully. C:\Windows\5a25steaz936.cpl moved successfully. C:\Windows\256fspyw9re960z.cpl moved successfully. LoadLibrary failed for C:\Windows\55bzs5arse2917.ocx C:\Windows\55bzs5arse2917.ocx NOT unregistered. C:\Windows\55bzs5arse2917.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\9497zviru5453.ocx C:\Windows\System32\9497zviru5453.ocx NOT unregistered. C:\Windows\System32\9497zviru5453.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\194aszeal9545.ocx C:\Windows\System32\194aszeal9545.ocx NOT unregistered. C:\Windows\System32\194aszeal9545.ocx moved successfully. C:\Windows\System32\5868z9dware475.bin moved successfully. C:\Windows\System32\z0377w5r972c.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\ze01downl5ader93.dll C:\Windows\System32\ze01downl5ader93.dll NOT unregistered. C:\Windows\System32\ze01downl5ader93.dll moved successfully. C:\Windows\6142ha5ktooz697.cpl moved successfully. C:\Windows\System32\zeecsparse5129.exe moved successfully. C:\Windows\System32\26922tro53z89.exe moved successfully. LoadLibrary failed for C:\Windows\System32\7029z5rus99.ocx C:\Windows\System32\7029z5rus99.ocx NOT unregistered. C:\Windows\System32\7029z5rus99.ocx moved successfully. C:\Windows\System32\3592th5ef2239z.exe moved successfully. C:\Windows\9a9z95ware1744.cpl moved successfully. C:\Windows\31195nzt-5-virus9fc.bin moved successfully. LoadLibrary failed for C:\Windows\4fe1stzal56029.ocx C:\Windows\4fe1stzal56029.ocx NOT unregistered. C:\Windows\4fe1stzal56029.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\1f795zyware2644.dll C:\Windows\System32\1f795zyware2644.dll NOT unregistered. C:\Windows\System32\1f795zyware2644.dll moved successfully. C:\Windows\8810s5am9ot4dz.exe moved successfully. C:\Windows\System32\59cthief26z7.bin moved successfully. LoadLibrary failed for C:\Windows\1cfz5a9kdoor1867.ocx C:\Windows\1cfz5a9kdoor1867.ocx NOT unregistered. C:\Windows\1cfz5a9kdoor1867.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\12507tr9z1ce.ocx C:\Windows\System32\12507tr9z1ce.ocx NOT unregistered. C:\Windows\System32\12507tr9z1ce.ocx moved successfully. C:\Windows\System32\3dbbs5eaz1669.cpl moved successfully. LoadLibrary failed for C:\Windows\25d3download5910z7.ocx C:\Windows\25d3download5910z7.ocx NOT unregistered. C:\Windows\25d3download5910z7.ocx moved successfully. C:\Windows\4f4159dwzre1800.cpl moved successfully. C:\Windows\System32\3054z5irus9c2.exe moved successfully. C:\Windows\51z69spy59b.cpl moved successfully. C:\Windows\System32\3aa7zddw5re9730.bin moved successfully. C:\Windows\acftzre5t94699.exe moved successfully. C:\Windows\55945troj7c5z.bin moved successfully. C:\Windows\System32\599athiefz119.exe moved successfully. LoadLibrary failed for C:\Windows\2781659zj619.dll C:\Windows\2781659zj619.dll NOT unregistered. C:\Windows\2781659zj619.dll moved successfully. LoadLibrary failed for C:\Windows\10891virzs17f5.ocx C:\Windows\10891virzs17f5.ocx NOT unregistered. C:\Windows\10891virzs17f5.ocx moved successfully. C:\Windows\System32\6z039pam5ot6d3.bin moved successfully. LoadLibrary failed for C:\Windows\2c02sp5zse2929.dll C:\Windows\2c02sp5zse2929.dll NOT unregistered. C:\Windows\2c02sp5zse2929.dll moved successfully. LoadLibrary failed for C:\Windows\z3659virus758.ocx C:\Windows\z3659virus758.ocx NOT unregistered. C:\Windows\z3659virus758.ocx moved successfully. C:\Windows\9950troj6fz.exe moved successfully. LoadLibrary failed for C:\Windows\System32\2d66downloa59rz225.ocx C:\Windows\System32\2d66downloa59rz225.ocx NOT unregistered. C:\Windows\System32\2d66downloa59rz225.ocx moved successfully. C:\Windows\System32\7d27vir23z95.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\6z4t9oj3bf5.dll C:\Windows\System32\6z4t9oj3bf5.dll NOT unregistered. C:\Windows\System32\6z4t9oj3bf5.dll moved successfully. LoadLibrary failed for C:\Windows\35559ddwaze2512.dll C:\Windows\35559ddwaze2512.dll NOT unregistered. C:\Windows\35559ddwaze2512.dll moved successfully. C:\Windows\System32\4395spazbot7d05.exe moved successfully. C:\Windows\System32\301509ot-a-v5rus292z.cpl moved successfully. C:\Windows\System32\5zccspy9are389.exe moved successfully. LoadLibrary failed for C:\Windows\24519not-a59irzs4de.ocx C:\Windows\24519not-a59irzs4de.ocx NOT unregistered. C:\Windows\24519not-a59irzs4de.ocx moved successfully. C:\Windows\19610wo954zf.exe moved successfully. C:\Windows\System32\b9dth5eat122z.cpl moved successfully. C:\Windows\System32\355zspywar92442.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\43a1zh9ef5949.ocx C:\Windows\System32\43a1zh9ef5949.ocx NOT unregistered. C:\Windows\System32\43a1zh9ef5949.ocx moved successfully. C:\Windows\53eebacz9oor2951.exe moved successfully. C:\Windows\System32\10157worz839.exe moved successfully. LoadLibrary failed for C:\Windows\System32\9161not-a-9iru59z.dll C:\Windows\System32\9161not-a-9iru59z.dll NOT unregistered. C:\Windows\System32\9161not-a-9iru59z.dll moved successfully. LoadLibrary failed for C:\Windows\558cst9zl16.dll C:\Windows\558cst9zl16.dll NOT unregistered. C:\Windows\558cst9zl16.dll moved successfully. C:\Windows\System32\z50995acktoolc3.bin moved successfully. C:\Windows\System32\15898notza-virus4d2.exe moved successfully. C:\Windows\b5aba5kzo9r492.exe moved successfully. C:\Windows\5591vir277z9.bin moved successfully. LoadLibrary failed for C:\Windows\328v9r9z5.dll C:\Windows\328v9r9z5.dll NOT unregistered. C:\Windows\328v9r9z5.dll moved successfully. C:\Windows\315629pambot1z2.bin moved successfully. C:\Windows\System32\5859sparse123z.exe moved successfully. C:\Windows\7zc59pyware163.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\3296downl5aderz103.ocx C:\Windows\System32\3296downl5aderz103.ocx NOT unregistered. C:\Windows\System32\3296downl5aderz103.ocx moved successfully. LoadLibrary failed for C:\Windows\27616spzmbo59d2.dll C:\Windows\27616spzmbo59d2.dll NOT unregistered. C:\Windows\27616spzmbo59d2.dll moved successfully. C:\Windows\System32\589astza51150.cpl moved successfully. C:\Windows\15z49spambot69d.exe moved successfully. LoadLibrary failed for C:\Windows\31335zack59ol799.ocx C:\Windows\31335zack59ol799.ocx NOT unregistered. C:\Windows\31335zack59ol799.ocx moved successfully. C:\Windows\6f79ad5wa9e1z18.exe moved successfully. C:\Windows\System32\7467sparz95115.cpl moved successfully. C:\Windows\System32\56zor975.exe moved successfully. LoadLibrary failed for C:\Windows\b6ethzeat15697.ocx C:\Windows\b6ethzeat15697.ocx NOT unregistered. C:\Windows\b6ethzeat15697.ocx moved successfully. C:\Windows\5z59vir135.bin moved successfully. C:\Windows\10az9i5144.bin moved successfully. C:\Windows\31954vir9sc5z.bin moved successfully. LoadLibrary failed for C:\Windows\System32\25952spy7z3.dll C:\Windows\System32\25952spy7z3.dll NOT unregistered. C:\Windows\System32\25952spy7z3.dll moved successfully. C:\Windows\96113not-a-virus65z.exe moved successfully. C:\Windows\8982hzckto5l31a.cpl moved successfully. C:\Windows\52709acktzol4285.bin moved successfully. C:\Windows\System32\28950worz53d5.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\4707zhreat15591.dll C:\Windows\System32\4707zhreat15591.dll NOT unregistered. C:\Windows\System32\4707zhreat15591.dll moved successfully. C:\Windows\System32\47ffdo5nl9aderz587.exe moved successfully. C:\Windows\System32\2169stez52927.cpl moved successfully. C:\Windows\System32\10209wor51zf9.bin moved successfully. C:\Windows\12970hacktz9l5b7.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\1z85spyware879.dll C:\Windows\System32\1z85spyware879.dll NOT unregistered. C:\Windows\System32\1z85spyware879.dll moved successfully. C:\Windows\System32\6z54sp9war51531.bin moved successfully. C:\Windows\26109wor57z49.cpl moved successfully. C:\Windows\System32\255629roj3fz.exe moved successfully. C:\Windows\55steal3099z.bin moved successfully. C:\Windows\z8396hackt59l49e.bin moved successfully. C:\Windows\7dddzhre9t54645.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\26399s592zb.dll C:\Windows\System32\26399s592zb.dll NOT unregistered. C:\Windows\System32\26399s592zb.dll moved successfully. LoadLibrary failed for C:\Windows\System32\55579worz559.ocx C:\Windows\System32\55579worz559.ocx NOT unregistered. C:\Windows\System32\55579worz559.ocx moved successfully. LoadLibrary failed for C:\Windows\715059z4aa.dll C:\Windows\715059z4aa.dll NOT unregistered. C:\Windows\715059z4aa.dll moved successfully. LoadLibrary failed for C:\Windows\1d9zspy59re1306.ocx C:\Windows\1d9zspy59re1306.ocx NOT unregistered. C:\Windows\1d9zspy59re1306.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\1989thzef3546.dll C:\Windows\System32\1989thzef3546.dll NOT unregistered. C:\Windows\System32\1989thzef3546.dll moved successfully. C:\Windows\System32\2z589hreat7973.exe moved successfully. LoadLibrary failed for C:\Windows\System32\1905ztr59479.dll C:\Windows\System32\1905ztr59479.dll NOT unregistered. C:\Windows\System32\1905ztr59479.dll moved successfully. C:\Windows\System32\5ade9hief579z.exe moved successfully. LoadLibrary failed for C:\Windows\295thzef1533.ocx C:\Windows\295thzef1533.ocx NOT unregistered. C:\Windows\295thzef1533.ocx moved successfully. C:\Windows\System32\1c49downloadzr5968.exe moved successfully. C:\Windows\System32\171215acktozl4149.exe moved successfully. LoadLibrary failed for C:\Windows\12159ownloadzr11815.dll C:\Windows\12159ownloadzr11815.dll NOT unregistered. C:\Windows\12159ownloadzr11815.dll moved successfully. C:\Windows\System32\2d5bst9alz56.exe moved successfully. C:\Windows\System32\7559sp573z.bin moved successfully. C:\Windows\System32\f5zaddw9re2365.exe moved successfully. C:\Windows\fz1vir5924.bin moved successfully. LoadLibrary failed for C:\Windows\System32\195zaddware1132.dll C:\Windows\System32\195zaddware1132.dll NOT unregistered. C:\Windows\System32\195zaddware1132.dll moved successfully. C:\Windows\10a9dow5lza9er2069.cpl moved successfully. C:\Windows\14261not-a-virus95ez.bin moved successfully. C:\Windows\System32\798dzpar5e148.bin moved successfully. C:\Windows\System32\50899troj37z.bin moved successfully. C:\Windows\System32\129esparsez55.exe moved successfully. C:\Windows\System32\5762ad5war92z41.cpl moved successfully. C:\Windows\52z69h5ef2970.bin moved successfully. C:\Windows\27105s5y9z3.bin moved successfully. LoadLibrary failed for C:\Windows\System32\z536vir590.ocx C:\Windows\System32\z536vir590.ocx NOT unregistered. C:\Windows\System32\z536vir590.ocx moved successfully. C:\Windows\System32\6284vir930z5.exe moved successfully. LoadLibrary failed for C:\Windows\29859virus581z.ocx C:\Windows\29859virus581z.ocx NOT unregistered. C:\Windows\29859virus581z.ocx moved successfully. C:\Windows\System32\265zs5ea9541.bin moved successfully. LoadLibrary failed for C:\Windows\System32\2244h5zktool7a79.dll C:\Windows\System32\2244h5zktool7a79.dll NOT unregistered. C:\Windows\System32\2244h5zktool7a79.dll moved successfully. C:\Windows\232979ackto5z494.bin moved successfully. C:\Windows\285z1virus319.exe moved successfully. C:\Windows\System32\1989zspa9bo5721.exe moved successfully. LoadLibrary failed for C:\Windows\2908zvirus359.dll C:\Windows\2908zvirus359.dll NOT unregistered. C:\Windows\2908zvirus359.dll moved successfully. C:\Windows\System32\5e15th5eat296z0.exe moved successfully. C:\Windows\5a59backdzor3143.cpl moved successfully. C:\Windows\z558virus592.cpl moved successfully. LoadLibrary failed for C:\Windows\100639ot-a-virus5z3.ocx C:\Windows\100639ot-a-virus5z3.ocx NOT unregistered. C:\Windows\100639ot-a-virus5z3.ocx moved successfully. C:\Windows\System32\5564not-a9zirus118.cpl moved successfully. C:\Windows\44fbthre5t729z.bin moved successfully. C:\Windows\System32\323z9ha5ktool3e19.exe moved successfully. LoadLibrary failed for C:\Windows\System32\91ezp9ware5809.dll C:\Windows\System32\91ezp9ware5809.dll NOT unregistered. C:\Windows\System32\91ezp9ware5809.dll moved successfully. C:\Windows\26369s5y2z7.bin moved successfully. LoadLibrary failed for C:\Windows\2f93thief1563z.dll C:\Windows\2f93thief1563z.dll NOT unregistered. C:\Windows\2f93thief1563z.dll moved successfully. LoadLibrary failed for C:\Windows\5f01backdooz926.ocx C:\Windows\5f01backdooz926.ocx NOT unregistered. C:\Windows\5f01backdooz926.ocx moved successfully. C:\Windows\224et5ief955z.bin moved successfully. LoadLibrary failed for C:\Windows\590ds5zal3049.dll C:\Windows\590ds5zal3049.dll NOT unregistered. C:\Windows\590ds5zal3049.dll moved successfully. LoadLibrary failed for C:\Windows\9532zirus5c35.ocx C:\Windows\9532zirus5c35.ocx NOT unregistered. C:\Windows\9532zirus5c35.ocx moved successfully. C:\Windows\20sparze19145.bin moved successfully. C:\Windows\System32\4983s5az9ot37c.bin moved successfully. C:\Windows\369zworm5789.exe moved successfully. C:\Windows\56z0download5r15929.bin moved successfully. C:\Windows\System32\15704not-a-v95us7e9z.bin moved successfully. C:\Windows\2ef4doznloa9er5524.exe moved successfully. C:\Windows\2046tzr5at79.cpl moved successfully. C:\Windows\System32\50985pyware22z7.bin moved successfully. C:\Windows\941zr5j139.exe moved successfully. LoadLibrary failed for C:\Windows\5d65addzare3049.ocx C:\Windows\5d65addzare3049.ocx NOT unregistered. C:\Windows\5d65addzare3049.ocx moved successfully. C:\Windows\System32\93ff5ir21z2.cpl moved successfully. C:\Windows\System32\79a0st59l17z4.bin moved successfully. LoadLibrary failed for C:\Windows\System32\2157backdoo9670z.ocx C:\Windows\System32\2157backdoo9670z.ocx NOT unregistered. C:\Windows\System32\2157backdoo9670z.ocx moved successfully. C:\Windows\5099th9ef19z0.cpl moved successfully. LoadLibrary failed for C:\Windows\33z9pyware552.ocx C:\Windows\33z9pyware552.ocx NOT unregistered. C:\Windows\33z9pyware552.ocx moved successfully. C:\Windows\System32\5126viz9675.exe moved successfully. C:\Windows\326b5zr593.exe moved successfully. C:\Windows\za8ste5l2519.exe moved successfully. LoadLibrary failed for C:\Windows\27dfaddwa9e265z.ocx C:\Windows\27dfaddwa9e265z.ocx NOT unregistered. C:\Windows\27dfaddwa9e265z.ocx moved successfully. C:\Windows\System32\15921z5y7ce9.bin moved successfully. C:\Windows\45e7downlozder54049.exe moved successfully. C:\Users\Neeraj Tohan\Desktop\OTScanIt2 folder moved successfully. C:\Users\Neeraj Tohan\Desktop\OTScanIt2.exe moved successfully. C:\Windows\System32\5a399ownzo5der3255.bin moved successfully. LoadLibrary failed for C:\Windows\z12475py329.dll C:\Windows\z12475py329.dll NOT unregistered. C:\Windows\z12475py329.dll moved successfully. LoadLibrary failed for C:\Windows\31275notz5-vir9s787.ocx C:\Windows\31275notz5-vir9s787.ocx NOT unregistered. C:\Windows\31275notz5-vir9s787.ocx moved successfully. C:\Windows\1z5449ot-a5virus382.bin moved successfully. LoadLibrary failed for C:\Windows\1z587troj955.dll C:\Windows\1z587troj955.dll NOT unregistered. C:\Windows\1z587troj955.dll moved successfully. C:\Windows\System32\505zrus954.exe moved successfully. LoadLibrary failed for C:\Windows\System32\68d2zte9l1507.ocx C:\Windows\System32\68d2zte9l1507.ocx NOT unregistered. C:\Windows\System32\68d2zte9l1507.ocx moved successfully. LoadLibrary failed for C:\Windows\59z9spambot352.dll C:\Windows\59z9spambot352.dll NOT unregistered. C:\Windows\59z9spambot352.dll moved successfully. C:\Users\Neeraj Tohan\Desktop\savw76sasfx.exe moved successfully. C:\Windows\System32\70z9threat255875.bin moved successfully. C:\Windows\158daddware2z98.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\z9b9s5yw9re1317.ocx C:\Windows\System32\z9b9s5yw9re1317.ocx NOT unregistered. C:\Windows\System32\z9b9s5yw9re1317.ocx moved successfully. C:\Windows\System32\2348195zktool386.bin moved successfully. C:\Windows\c1za5dware30419.cpl moved successfully. C:\Windows\System32\26543worz99.exe moved successfully. C:\Windows\System32\524down9ozd5r48.bin moved successfully. LoadLibrary failed for C:\Windows\System32\22512s9yz5f.ocx C:\Windows\System32\22512s9yz5f.ocx NOT unregistered. C:\Windows\System32\22512s9yz5f.ocx moved successfully. LoadLibrary failed for C:\Windows\90016z5y409.dll C:\Windows\90016z5y409.dll NOT unregistered. C:\Windows\90016z5y409.dll moved successfully. C:\Windows\System32\2005tzreat23659.cpl moved successfully. C:\Windows\23949wor56e5z.exe moved successfully. C:\Windows\3839worm515z.cpl moved successfully. LoadLibrary failed for C:\Windows\4ce5addwar92852z.ocx C:\Windows\4ce5addwar92852z.ocx NOT unregistered. C:\Windows\4ce5addwar92852z.ocx moved successfully. LoadLibrary failed for C:\Windows\91609sp5mbot188z.ocx C:\Windows\91609sp5mbot188z.ocx NOT unregistered. C:\Windows\91609sp5mbot188z.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\95z2troj92.ocx C:\Windows\System32\95z2troj92.ocx NOT unregistered. C:\Windows\System32\95z2troj92.ocx moved successfully. C:\Windows\2a74szyware945.exe moved successfully. C:\Windows\69a9thi5f194z.cpl moved successfully. C:\Windows\5c57vi91z88.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\3945spzrs928195.ocx C:\Windows\System32\3945spzrs928195.ocx NOT unregistered. C:\Windows\System32\3945spzrs928195.ocx moved successfully. C:\Windows\58133vizu915a.exe moved successfully. C:\Windows\59e9bazkdoor1651.exe moved successfully. LoadLibrary failed for C:\Windows\System32\3458addwarez3195.dll C:\Windows\System32\3458addwarez3195.dll NOT unregistered. C:\Windows\System32\3458addwarez3195.dll moved successfully. LoadLibrary failed for C:\Windows\System32\z515hief698.ocx C:\Windows\System32\z515hief698.ocx NOT unregistered. C:\Windows\System32\z515hief698.ocx moved successfully. C:\Windows\System32\291369rzj588.bin moved successfully. C:\Windows\9689z5pambot205.bin moved successfully. C:\Windows\150evir19z4.bin moved successfully. LoadLibrary failed for C:\Windows\System32\22521zorm39e.dll C:\Windows\System32\22521zorm39e.dll NOT unregistered. C:\Windows\System32\22521zorm39e.dll moved successfully. C:\Windows\System32\32541sp9mbot3z3.bin moved successfully. C:\Windows\8714n9t-a-viruz45f.bin moved successfully. LoadLibrary failed for C:\Windows\System32\5fzavir9166.dll C:\Windows\System32\5fzavir9166.dll NOT unregistered. C:\Windows\System32\5fzavir9166.dll moved successfully. C:\Windows\17091not-azvi9us855.cpl moved successfully. C:\Windows\2d45stza92504.bin moved successfully. C:\Windows\21850spzmbot269.cpl moved successfully. LoadLibrary failed for C:\Windows\972zspy576.ocx C:\Windows\972zspy576.ocx NOT unregistered. C:\Windows\972zspy576.ocx moved successfully. C:\Windows\System32\73ebspyware9z765.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\24893spz33b5.ocx C:\Windows\System32\24893spz33b5.ocx NOT unregistered. C:\Windows\System32\24893spz33b5.ocx moved successfully. LoadLibrary failed for C:\Windows\5a73addwarez989.ocx C:\Windows\5a73addwarez989.ocx NOT unregistered. C:\Windows\5a73addwarez989.ocx moved successfully. C:\Windows\System32\zc739pars52346.cpl moved successfully. C:\Windows\zdb5ba59door1676.exe moved successfully. LoadLibrary failed for C:\Windows\System32\556bthreat116z59.ocx C:\Windows\System32\556bthreat116z59.ocx NOT unregistered. C:\Windows\System32\556bthreat116z59.ocx moved successfully. C:\Windows\b92backdoor25z.cpl moved successfully. C:\Windows\z189vir55.exe moved successfully. C:\Windows\System32\66d5downloaderz7789.bin moved successfully. LoadLibrary failed for C:\Windows\System32\23f1bazk9oor9815.ocx C:\Windows\System32\23f1bazk9oor9815.ocx NOT unregistered. C:\Windows\System32\23f1bazk9oor9815.ocx moved successfully. LoadLibrary failed for C:\Windows\2425zwo9533c.dll C:\Windows\2425zwo9533c.dll NOT unregistered. C:\Windows\2425zwo9533c.dll moved successfully. C:\Windows\6135tzoj2209.cpl moved successfully. LoadLibrary failed for C:\Windows\31z90tro53ae9.ocx C:\Windows\31z90tro53ae9.ocx NOT unregistered. C:\Windows\31z90tro53ae9.ocx moved successfully. LoadLibrary failed for C:\Windows\9694z5irus5c7.ocx C:\Windows\9694z5irus5c7.ocx NOT unregistered. C:\Windows\9694z5irus5c7.ocx moved successfully. C:\Windows\28662ha5k9ooz728.bin moved successfully. C:\Windows\System32\5903zteal2125.exe moved successfully. LoadLibrary failed for C:\Windows\System32\15689tr9j2bz.dll C:\Windows\System32\15689tr9j2bz.dll NOT unregistered. C:\Windows\System32\15689tr9j2bz.dll moved successfully. C:\Windows\z607not-9-vir5s1ff.exe moved successfully. C:\Windows\System32\16695spz5559.exe moved successfully. LoadLibrary failed for C:\Windows\95121v5rus18az.ocx C:\Windows\95121v5rus18az.ocx NOT unregistered. C:\Windows\95121v5rus18az.ocx moved successfully. C:\Windows\System32\17990t5oj6z.bin moved successfully. C:\Windows\4967thre5t310z1.bin moved successfully. LoadLibrary failed for C:\Windows\System32\2z819w9rm385.dll C:\Windows\System32\2z819w9rm385.dll NOT unregistered. C:\Windows\System32\2z819w9rm385.dll moved successfully. C:\Windows\95c5sparz5585.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\789ebaczdo5r824.ocx C:\Windows\System32\789ebaczdo5r824.ocx NOT unregistered. C:\Windows\System32\789ebaczdo5r824.ocx moved successfully. C:\Windows\System32\25194hack9ool2z5.cpl moved successfully. C:\Windows\System32\28692s5z2b59.exe moved successfully. C:\Windows\459zworm769.cpl moved successfully. C:\Windows\System32\z7ee9pyware1445.exe moved successfully. C:\Windows\System32\4bez9i5f84.bin moved successfully. C:\Windows\System32\z916vir24455.exe moved successfully. LoadLibrary failed for C:\Windows\4279th5ef1z70.ocx C:\Windows\4279th5ef1z70.ocx NOT unregistered. C:\Windows\4279th5ef1z70.ocx moved successfully. C:\Windows\System32\75f4threa9z8144.exe moved successfully. C:\Windows\133559orz481.exe moved successfully. C:\Windows\11325not-a-9irus7ez5.bin moved successfully. C:\Windows\System32\5175thizf2950.bin moved successfully. C:\Windows\System32\5b58download9r2044z.exe moved successfully. LoadLibrary failed for C:\Windows\System32\339zthrea5314.ocx C:\Windows\System32\339zthrea5314.ocx NOT unregistered. C:\Windows\System32\339zthrea5314.ocx moved successfully. C:\Windows\System32\195irz998.exe moved successfully. C:\Windows\System32\349f5hrzat4925.exe moved successfully. C:\Windows\System32\555v9z1225.exe moved successfully. C:\Windows\147869rzj495.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\5522t9iefz079.dll C:\Windows\System32\5522t9iefz079.dll NOT unregistered. C:\Windows\System32\5522t9iefz079.dll moved successfully. LoadLibrary failed for C:\Windows\System32\258z5wo9m61b.ocx C:\Windows\System32\258z5wo9m61b.ocx NOT unregistered. C:\Windows\System32\258z5wo9m61b.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\50f4thrza513943.dll C:\Windows\System32\50f4thrza513943.dll NOT unregistered. C:\Windows\System32\50f4thrza513943.dll moved successfully. C:\Windows\1459t9izf38.exe moved successfully. LoadLibrary failed for C:\Windows\System32\219z4hackt9o5519.dll C:\Windows\System32\219z4hackt9o5519.dll NOT unregistered. C:\Windows\System32\219z4hackt9o5519.dll moved successfully. LoadLibrary failed for C:\Windows\System32\16044ha9kzoo55bc.dll C:\Windows\System32\16044ha9kzoo55bc.dll NOT unregistered. C:\Windows\System32\16044ha9kzoo55bc.dll moved successfully. C:\Windows\59382not-azvirus2b9.bin moved successfully. C:\Windows\System32\49fespywaze3542.bin moved successfully. LoadLibrary failed for C:\Windows\z2555tr9jdd.dll C:\Windows\z2555tr9jdd.dll NOT unregistered. C:\Windows\z2555tr9jdd.dll moved successfully. LoadLibrary failed for C:\Windows\2738no5-a-9izus302.dll C:\Windows\2738no5-a-9izus302.dll NOT unregistered. C:\Windows\2738no5-a-9izus302.dll moved successfully. C:\Windows\System32\251z5worm957.exe moved successfully. C:\Windows\z5096vi9us578.cpl moved successfully. C:\Windows\2ac0t95ef766z.cpl moved successfully. C:\Windows\System32\3891stzal12615.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\7d79d5wnloazer2592.ocx C:\Windows\System32\7d79d5wnloazer2592.ocx NOT unregistered. C:\Windows\System32\7d79d5wnloazer2592.ocx moved successfully. C:\Windows\18925not-a-virzs9b4.exe moved successfully. LoadLibrary failed for C:\Windows\System32\1f5atzi5f9809.ocx C:\Windows\System32\1f5atzi5f9809.ocx NOT unregistered. C:\Windows\System32\1f5atzi5f9809.ocx moved successfully. C:\Windows\System32\19646not-9-vir5s3bez.cpl moved successfully. C:\Windows\System32\109cdow5loaze9868.cpl moved successfully. C:\Windows\System32\5692steal2z9.bin moved successfully. C:\Windows\System32\696s5ywarez4899.exe moved successfully. C:\Windows\29999vi5uszb5.cpl moved successfully. C:\Windows\a65vir232z9.exe moved successfully. C:\Windows\20767not-a9virzs54f.bin moved successfully. LoadLibrary failed for C:\Windows\55809aczdoor1163.ocx C:\Windows\55809aczdoor1163.ocx NOT unregistered. C:\Windows\55809aczdoor1163.ocx moved successfully. LoadLibrary failed for C:\Windows\215z49py7b5.ocx C:\Windows\215z49py7b5.ocx NOT unregistered. C:\Windows\215z49py7b5.ocx moved successfully. LoadLibrary failed for C:\Windows\System32\z95evir9569.ocx C:\Windows\System32\z95evir9569.ocx NOT unregistered. C:\Windows\System32\z95evir9569.ocx moved successfully. C:\Windows\5699not-a-vzrus35.exe moved successfully. C:\Windows\3aa9sp5waze1735.bin moved successfully. C:\Windows\24z48spa9b5t519.exe moved successfully. C:\Windows\System32\3985s9yware88z.bin moved successfully. LoadLibrary failed for C:\Windows\6bzcdownlo95er1626.ocx C:\Windows\6bzcdownlo95er1626.ocx NOT unregistered. C:\Windows\6bzcdownlo95er1626.ocx moved successfully. C:\Windows\z7375not9a-virusb.cpl moved successfully. C:\Windows\System32\3z54downloader3199.cpl moved successfully. C:\Windows\System32\z50dvir9033.cpl moved successfully. LoadLibrary failed for C:\Windows\2de8stealz9955.ocx C:\Windows\2de8stealz9955.ocx NOT unregistered. C:\Windows\2de8stealz9955.ocx moved successfully. C:\Windows\System32\3950sparsz2967.bin moved successfully. C:\Windows\1563downloazer9895.cpl moved successfully. C:\Windows\8179teal1553z.exe moved successfully. C:\Windows\System32\1b95backdozr1965.exe moved successfully. C:\Windows\389th5zf967.exe moved successfully. LoadLibrary failed for C:\Windows\System32\z25dt9ief2585.dll C:\Windows\System32\z25dt9ief2585.dll NOT unregistered. C:\Windows\System32\z25dt9ief2585.dll moved successfully. LoadLibrary failed for C:\Windows\System32\33235o9z26f.dll C:\Windows\System32\33235o9z26f.dll NOT unregistered. C:\Windows\System32\33235o9z26f.dll moved successfully. LoadLibrary failed for C:\Windows\System32\24957h59ktzol3ca.dll C:\Windows\System32\24957h59ktzol3ca.dll NOT unregistered. C:\Windows\System32\24957h59ktzol3ca.dll moved successfully. LoadLibrary failed for C:\Windows\System32\5065spzrse119.ocx C:\Windows\System32\5065spzrse119.ocx NOT unregistered. C:\Windows\System32\5065spzrse119.ocx moved successfully. C:\Windows\7395viz998.bin moved successfully. LoadLibrary failed for C:\Windows\System32\1810bzckdo5r2093.ocx C:\Windows\System32\1810bzckdo5r2093.ocx NOT unregistered. C:\Windows\System32\1810bzckdo5r2093.ocx moved successfully. C:\Windows\System32\307049pzmbo569b.bin moved successfully. File C:\Windows\System32\setup2.exe not found! C:\Windows\System32\2493steal24z05.bin moved successfully. LoadLibrary failed for C:\Windows\8523wormz97.dll C:\Windows\8523wormz97.dll NOT unregistered. C:\Windows\8523wormz97.dll moved successfully. LoadLibrary failed for C:\Windows\54cabackd5or79z.ocx C:\Windows\54cabackd5or79z.ocx NOT unregistered. C:\Windows\54cabackd5or79z.ocx moved successfully. C:\Windows\25559n9t-a-vizus11f.cpl moved successfully. C:\Windows\z9523hackt9ol565.cpl moved successfully. LoadLibrary failed for C:\Windows\System32\47e8sp9zse2537.dll C:\Windows\System32\47e8sp9zse2537.dll NOT unregistered. C:\Windows\System32\47e8sp9zse2537.dll moved successfully. C:\Windows\53416hackto9l29cz.cpl moved successfully. C:\Windows\5129vir222z.exe moved successfully. C:\Windows\System32\155z9orm543.bin moved successfully. C:\Windows\System32\2570ad9ware3015z.cpl moved successfully. C:\Windows\System32\59z25not-a9virus606.cpl moved successfully. LoadLibrary failed for C:\Windows\17835viz59155.dll C:\Windows\17835viz59155.dll NOT unregistered. C:\Windows\17835viz59155.dll moved successfully. LoadLibrary failed for C:\Windows\System32\7946thiez1952.dll C:\Windows\System32\7946thiez1952.dll NOT unregistered. C:\Windows\System32\7946thiez1952.dll moved successfully. LoadLibrary failed for C:\Windows\25z58hacktoo9203.dll C:\Windows\25z58hacktoo9203.dll NOT unregistered. C:\Windows\25z58hacktoo9203.dll moved successfully. LoadLibrary failed for C:\Windows\System32\25261zpamb9t267.dll C:\Windows\System32\25261zpamb9t267.dll NOT unregistered. C:\Windows\System32\25261zpamb9t267.dll moved successfully. LoadLibrary failed for C:\Windows\208235o9-a-virusz83.dll C:\Windows\208235o9-a-virusz83.dll NOT unregistered. C:\Windows\208235o9-a-virusz83.dll moved successfully. LoadLibrary failed for C:\Windows\System32\dc5tzi9f461.dll C:\Windows\System32\dc5tzi9f461.dll NOT unregistered. C:\Windows\System32\dc5tzi9f461.dll moved successfully. LoadLibrary failed for C:\Windows\System32\14253hzckt5ole9.dll C:\Windows\System32\14253hzckt5ole9.dll NOT unregistered. C:\Windows\System32\14253hzckt5ole9.dll moved successfully. LoadLibrary failed for C:\Windows\System32\25d7threat1z3849.dll C:\Windows\System32\25d7threat1z3849.dll NOT unregistered. C:\Windows\System32\25d7threat1z3849.dll moved successfully. LoadLibrary failed for C:\Windows\System32\57d9a5dware16z9.dll C:\Windows\System32\57d9a5dware16z9.dll NOT unregistered. C:\Windows\System32\57d9a5dware16z9.dll moved successfully. LoadLibrary failed for C:\Windows\System32\41a4do5nzoa9er1890.dll C:\Windows\System32\41a4do5nzoa9er1890.dll NOT unregistered. C:\Windows\System32\41a4do5nzoa9er1890.dll moved successfully. LoadLibrary failed for C:\Windows\8z4dow5loader9589.dll C:\Windows\8z4dow5loader9589.dll NOT unregistered. C:\Windows\8z4dow5loader9589.dll moved successfully. LoadLibrary failed for C:\Windows\System32\6191threat2z855.dll C:\Windows\System32\6191threat2z855.dll NOT unregistered. C:\Windows\System32\6191threat2z855.dll moved successfully. LoadLibrary failed for C:\Windows\System32\6227down9oaze52754.dll C:\Windows\System32\6227down9oaze52754.dll NOT unregistered. C:\Windows\System32\6227down9oaze52754.dll moved successfully. LoadLibrary failed for C:\Windows\79b7b5ckdoor1922z.dll C:\Windows\79b7b5ckdoor1922z.dll NOT unregistered. C:\Windows\79b7b5ckdoor1922z.dll moved successfully. LoadLibrary failed for C:\Windows\System32\4a8c9dzw5re2718.dll C:\Windows\System32\4a8c9dzw5re2718.dll NOT unregistered. C:\Windows\System32\4a8c9dzw5re2718.dll moved successfully. LoadLibrary failed for C:\Windows\System32\564edowzloade93555.dll C:\Windows\System32\564edowzloade93555.dll NOT unregistered. C:\Windows\System32\564edowzloade93555.dll moved successfully. LoadLibrary failed for C:\Windows\45ddown9oaderz278.dll C:\Windows\45ddown9oaderz278.dll NOT unregistered. C:\Windows\45ddown9oaderz278.dll moved successfully. LoadLibrary failed for C:\Windows\71zv5r9023.dll C:\Windows\71zv5r9023.dll NOT unregistered. C:\Windows\71zv5r9023.dll moved successfully. LoadLibrary failed for C:\Windows\System32\741995rz155.dll C:\Windows\System32\741995rz155.dll NOT unregistered. C:\Windows\System32\741995rz155.dll moved successfully. LoadLibrary failed for C:\Windows\System32\62ccdownlo9dez265.dll C:\Windows\System32\62ccdownlo9dez265.dll NOT unregistered. C:\Windows\System32\62ccdownlo9dez265.dll moved successfully. LoadLibrary failed for C:\Windows\1994addwzr51653.dll C:\Windows\1994addwzr51653.dll NOT unregistered. C:\Windows\1994addwzr51653.dll moved successfully. LoadLibrary failed for C:\Windows\22649spz457.dll C:\Windows\22649spz457.dll NOT unregistered. C:\Windows\22649spz457.dll moved successfully. LoadLibrary failed for C:\Windows\System32\a7fvi92561z.dll C:\Windows\System32\a7fvi92561z.dll NOT unregistered. C:\Windows\System32\a7fvi92561z.dll moved successfully. LoadLibrary failed for C:\Windows\System32\76b4t95ezt12471.dll C:\Windows\System32\76b4t95ezt12471.dll NOT unregistered. C:\Windows\System32\76b4t95ezt12471.dll moved successfully. LoadLibrary failed for C:\Windows\11982no5-a-virzs11d.dll C:\Windows\11982no5-a-virzs11d.dll NOT unregistered. C:\Windows\11982no5-a-virzs11d.dll moved successfully. LoadLibrary failed for C:\Windows\53f9downloader129z5.dll C:\Windows\53f9downloader129z5.dll NOT unregistered. C:\Windows\53f9downloader129z5.dll moved successfully. LoadLibrary failed for C:\Windows\2b9cz9ea5944.dll C:\Windows\2b9cz9ea5944.dll NOT unregistered. C:\Windows\2b9cz9ea5944.dll moved successfully. LoadLibrary failed for C:\Windows\4035hzcktoo945f.dll C:\Windows\4035hzcktoo945f.dll NOT unregistered. C:\Windows\4035hzcktoo945f.dll moved successfully. LoadLibrary failed for C:\Windows\System32\z0951w9rm78c.dll C:\Windows\System32\z0951w9rm78c.dll NOT unregistered. C:\Windows\System32\z0951w9rm78c.dll moved successfully. LoadLibrary failed for C:\Windows\29955noz-a-vir9s2b2.dll C:\Windows\29955noz-a-vir9s2b2.dll NOT unregistered. C:\Windows\29955noz-a-vir9s2b2.dll moved successfully. LoadLibrary failed for C:\Windows\System32\19151zpambot4729.dll C:\Windows\System32\19151zpambot4729.dll NOT unregistered. C:\Windows\System32\19151zpambot4729.dll moved successfully. LoadLibrary failed for C:\Windows\System32\1696spywaze3051.dll C:\Windows\System32\1696spywaze3051.dll NOT unregistered. C:\Windows\System32\1696spywaze3051.dll moved successfully. LoadLibrary failed for C:\Windows\System32\27z59trojf9.dll C:\Windows\System32\27z59trojf9.dll NOT unregistered. C:\Windows\System32\27z59trojf9.dll moved successfully. LoadLibrary failed for C:\Windows\System32\755azackdoor1097.dll C:\Windows\System32\755azackdoor1097.dll NOT unregistered. C:\Windows\System32\755azackdoor1097.dll moved successfully. LoadLibrary failed for C:\Windows\System32\29486v5rus6ez.dll C:\Windows\System32\29486v5rus6ez.dll NOT unregistered. C:\Windows\System32\29486v5rus6ez.dll moved successfully. LoadLibrary failed for C:\Windows\2734thze5t14519.dll C:\Windows\2734thze5t14519.dll NOT unregistered. C:\Windows\2734thze5t14519.dll moved successfully. LoadLibrary failed for C:\Windows\System32\25250w9rm46z.dll C:\Windows\System32\25250w9rm46z.dll NOT unregistered. C:\Windows\System32\25250w9rm46z.dll moved successfully. LoadLibrary failed for C:\Windows\System32\9999vizus54.dll C:\Windows\System32\9999vizus54.dll NOT unregistered. C:\Windows\System32\9999vizus54.dll moved successfully. LoadLibrary failed for C:\Windows\System32\e21dow5loade9240z.dll C:\Windows\System32\e21dow5loade9240z.dll NOT unregistered. C:\Windows\System32\e21dow5loade9240z.dll moved successfully. LoadLibrary failed for C:\Windows\20z08wo951a4.dll C:\Windows\20z08wo951a4.dll NOT unregistered. C:\Windows\20z08wo951a4.dll moved successfully. LoadLibrary failed for C:\Windows\13057w9rz120.dll C:\Windows\13057w9rz120.dll NOT unregistered. C:\Windows\13057w9rz120.dll moved successfully. LoadLibrary failed for C:\Windows\System32\2z529troj1ad.dll C:\Windows\System32\2z529troj1ad.dll NOT unregistered. C:\Windows\System32\2z529troj1ad.dll moved successfully. LoadLibrary failed for C:\Windows\2zc0back59or1254.dll C:\Windows\2zc0back59or1254.dll NOT unregistered. C:\Windows\2zc0back59or1254.dll moved successfully. LoadLibrary failed for C:\Windows\1304zviru59db.dll C:\Windows\1304zviru59db.dll NOT unregistered. C:\Windows\1304zviru59db.dll moved successfully. LoadLibrary failed for C:\Windows\9668hacztool505.dll C:\Windows\9668hacztool505.dll NOT unregistered. C:\Windows\9668hacztool505.dll moved successfully. LoadLibrary failed for C:\Windows\14589hacktzol5a6.dll C:\Windows\14589hacktzol5a6.dll NOT unregistered. C:\Windows\14589hacktzol5a6.dll moved successfully. LoadLibrary failed for C:\Windows\System32\263z3s5yd29.dll C:\Windows\System32\263z3s5yd29.dll NOT unregistered. C:\Windows\System32\263z3s5yd29.dll moved successfully. LoadLibrary failed for C:\Windows\System32\7c94st5alz186.dll C:\Windows\System32\7c94st5alz186.dll NOT unregistered. C:\Windows\System32\7c94st5alz186.dll moved successfully. LoadLibrary failed for C:\Windows\280959zo585.dll C:\Windows\280959zo585.dll NOT unregistered. C:\Windows\280959zo585.dll moved successfully. LoadLibrary failed for C:\Windows\466espzr5e13279.dll C:\Windows\466espzr5e13279.dll NOT unregistered. C:\Windows\466espzr5e13279.dll moved successfully. LoadLibrary failed for C:\Windows\2554ztr59250.dll C:\Windows\2554ztr59250.dll NOT unregistered. C:\Windows\2554ztr59250.dll moved successfully. LoadLibrary failed for C:\Windows\System32\16z575pambot159.dll C:\Windows\System32\16z575pambot159.dll NOT unregistered. C:\Windows\System32\16z575pambot159.dll moved successfully. LoadLibrary failed for C:\Windows\System32\4159thze92820.dll C:\Windows\System32\4159thze92820.dll NOT unregistered. C:\Windows\System32\4159thze92820.dll moved successfully. LoadLibrary failed for C:\Windows\6df9thie5916z.dll C:\Windows\6df9thie5916z.dll NOT unregistered. C:\Windows\6df9thie5916z.dll moved successfully. LoadLibrary failed for C:\Windows\System32\915noz-a-vir5s479.dll C:\Windows\System32\915noz-a-vir5s479.dll NOT unregistered. C:\Windows\System32\915noz-a-vir5s479.dll moved successfully. LoadLibrary failed for C:\Windows\System32\124eszars91574.dll C:\Windows\System32\124eszars91574.dll NOT unregistered. C:\Windows\System32\124eszars91574.dll moved successfully. LoadLibrary failed for C:\Windows\System32\3378sparse5z729.dll C:\Windows\System32\3378sparse5z729.dll NOT unregistered. C:\Windows\System32\3378sparse5z729.dll moved successfully. LoadLibrary failed for C:\Windows\z9957troj785.dll C:\Windows\z9957troj785.dll NOT unregistered. C:\Windows\z9957troj785.dll moved successfully. LoadLibrary failed for C:\Windows\System32\20250sp5mbot94z.dll C:\Windows\System32\20250sp5mbot94z.dll NOT unregistered. C:\Windows\System32\20250sp5mbot94z.dll moved successfully. LoadLibrary failed for C:\Windows\575dtzre9t4627.dll C:\Windows\575dtzre9t4627.dll NOT unregistered. C:\Windows\575dtzre9t4627.dll moved successfully. LoadLibrary failed for C:\Windows\System32\26494vir5z399.dll C:\Windows\System32\26494vir5z399.dll NOT unregistered. C:\Windows\System32\26494vir5z399.dll moved successfully. LoadLibrary failed for C:\Windows\System32\15efspa5s92869z.dll C:\Windows\System32\15efspa5s92869z.dll NOT unregistered. C:\Windows\System32\15efspa5s92869z.dll moved successfully. LoadLibrary failed for C:\Windows\System32\12190virzs591.dll C:\Windows\System32\12190virzs591.dll NOT unregistered. C:\Windows\System32\12190virzs591.dll moved successfully. LoadLibrary failed for C:\Windows\1a9zstea926165.dll C:\Windows\1a9zstea926165.dll NOT unregistered. C:\Windows\1a9zstea926165.dll moved successfully. LoadLibrary failed for C:\Windows\System32\982zpy5e4.dll C:\Windows\System32\982zpy5e4.dll NOT unregistered. C:\Windows\System32\982zpy5e4.dll moved successfully. LoadLibrary failed for C:\Windows\System32\6ff9steal32z5.dll C:\Windows\System32\6ff9steal32z5.dll NOT unregistered. C:\Windows\System32\6ff9steal32z5.dll moved successfully. LoadLibrary failed for C:\Windows\System32\6927zp55f5.dll C:\Windows\System32\6927zp55f5.dll NOT unregistered. C:\Windows\System32\6927zp55f5.dll moved successfully. LoadLibrary failed for C:\Windows\9546ba5kdoorz319.dll C:\Windows\9546ba5kdoorz319.dll NOT unregistered. C:\Windows\9546ba5kdoorz319.dll moved successfully. LoadLibrary failed for C:\Windows\1694th5e9tz889.dll C:\Windows\1694th5e9tz889.dll NOT unregistered. C:\Windows\1694th5e9tz889.dll moved successfully. C:\Windows\System32\hccutils.dll unregistered successfully. C:\Windows\System32\hccutils.dll moved successfully. LoadLibrary failed for C:\Windows\System32\7769zackdoor5579.dll C:\Windows\System32\7769zackdoor5579.dll NOT unregistered. C:\Windows\System32\7769zackdoor5579.dll moved successfully. LoadLibrary failed for C:\Windows\System32\13925zre9t19707.dll C:\Windows\System32\13925zre9t19707.dll NOT unregistered. C:\Windows\System32\13925zre9t19707.dll moved successfully. LoadLibrary failed for C:\Windows\System32\1264zhackt9ol35.dll C:\Windows\System32\1264zhackt9ol35.dll NOT unregistered. C:\Windows\System32\1264zhackt9ol35.dll moved successfully. LoadLibrary failed for C:\Windows\78459zreat6312.dll C:\Windows\78459zreat6312.dll NOT unregistered. C:\Windows\78459zreat6312.dll moved successfully. LoadLibrary failed for C:\Windows\System32\1f9zad9ware1656.dll C:\Windows\System32\1f9zad9ware1656.dll NOT unregistered. C:\Windows\System32\1f9zad9ware1656.dll moved successfully. LoadLibrary failed for C:\Windows\System32\15c3s5arse5z59.dll C:\Windows\System32\15c3s5arse5z59.dll NOT unregistered. C:\Windows\System32\15c3s5arse5z59.dll moved successfully. LoadLibrary failed for C:\Windows\55b39h5ef15z6.dll C:\Windows\55b39h5ef15z6.dll NOT unregistered. C:\Windows\55b39h5ef15z6.dll moved successfully. LoadLibrary failed for C:\Windows\System32\26f1b5c9dzor505.dll C:\Windows\System32\26f1b5c9dzor505.dll NOT unregistered. C:\Windows\System32\26f1b5c9dzor505.dll moved successfully. LoadLibrary failed for C:\Windows\524fzac95oor2976.dll C:\Windows\524fzac95oor2976.dll NOT unregistered. C:\Windows\524fzac95oor2976.dll moved successfully. LoadLibrary failed for C:\Windows\System32\3502zspy5669.dll C:\Windows\System32\3502zspy5669.dll NOT unregistered. C:\Windows\System32\3502zspy5669.dll moved successfully. LoadLibrary failed for C:\Windows\System32\70d7t9zef1851.dll C:\Windows\System32\70d7t9zef1851.dll NOT unregistered. C:\Windows\System32\70d7t9zef1851.dll moved successfully. LoadLibrary failed for C:\Windows\System32\4z2tro94e5.dll C:\Windows\System32\4z2tro94e5.dll NOT unregistered. C:\Windows\System32\4z2tro94e5.dll moved successfully. [Files/Folders - Modified Within 30 Days] File C:\Windows\System32\4c5zbackdoo92804.bin not found! File C:\Windows\System32\353czpy59re2933.dll not found! File C:\Windows\System32\6037not-a-viru945z.bin not found! File C:\Windows\29215spzmbot3bb.bin not found! File C:\Windows\55z0worm3d9.cpl not found! File C:\Windows\System32\7z6e5hief1917.bin not found! File C:\Windows\System32\90878tr5j8z.ocx not found! File C:\Windows\5919v5r1396z.dll not found! File C:\Windows\23761vz9u5b7.ocx not found! File C:\Windows\System32\7963sparse5z9.cpl not found! File C:\Windows\24054h59ktozl3db.bin not found! File C:\Windows\1225do5nl9ader287z.exe not found! File C:\Windows\System32\75z3t5re9t2847.cpl not found! File C:\Windows\System32\1569zspy152.bin not found! File C:\Windows\System32\a9fdownzoad592262.cpl not found! File C:\Windows\45e09z5eat9856.exe not found! File C:\Windows\2f93thzeat56625.dll not found! File C:\Windows\7951downloader19z95.exe not found! File C:\Windows\System32\15047not-5-9iruz33a.exe not found! File C:\Windows\System32\25292spz5fb9.bin not found! File C:\Windows\System32\4053threat98047z.dll not found! File C:\Windows\39599irzs43d.exe not found! File C:\Windows\System32\422zs5yware2195.bin not found! File C:\Windows\5a25steaz936.cpl not found! File C:\Windows\256fspyw9re960z.cpl not found! File C:\Windows\55bzs5arse2917.ocx not found! File C:\Windows\System32\9497zviru5453.ocx not found! File C:\Windows\System32\194aszeal9545.ocx not found! File C:\Windows\System32\5868z9dware475.bin not found! File C:\Windows\System32\z0377w5r972c.cpl not found! File C:\Windows\System32\ze01downl5ader93.dll not found! File C:\Windows\6142ha5ktooz697.cpl not found! File C:\Windows\System32\zeecsparse5129.exe not found! File C:\Windows\System32\26922tro53z89.exe not found! File C:\Windows\System32\7029z5rus99.ocx not found! File C:\Windows\System32\3592th5ef2239z.exe not found! File C:\Windows\9a9z95ware1744.cpl not found! File C:\Windows\31195nzt-5-virus9fc.bin not found! File C:\Windows\4fe1stzal56029.ocx not found! File C:\Windows\System32\1f795zyware2644.dll not found! File C:\Windows\8810s5am9ot4dz.exe not found! File C:\Windows\System32\59cthief26z7.bin not found! File C:\Windows\1cfz5a9kdoor1867.ocx not found! File C:\Windows\System32\12507tr9z1ce.ocx not found! File C:\Windows\System32\3dbbs5eaz1669.cpl not found! File C:\Windows\25d3download5910z7.ocx not found! File C:\Windows\4f4159dwzre1800.cpl not found! File C:\Windows\System32\3054z5irus9c2.exe not found! File C:\Windows\51z69spy59b.cpl not found! File C:\Windows\System32\3aa7zddw5re9730.bin not found! File C:\Windows\acftzre5t94699.exe not found! File C:\Windows\55945troj7c5z.bin not found! File C:\Windows\System32\599athiefz119.exe not found! File C:\Windows\2781659zj619.dll not found! File C:\Windows\10891virzs17f5.ocx not found! File C:\Windows\System32\6z039pam5ot6d3.bin not found! File C:\Windows\2c02sp5zse2929.dll not found! File C:\Windows\z3659virus758.ocx not found! File C:\Windows\9950troj6fz.exe not found! File C:\Windows\System32\2d66downloa59rz225.ocx not found! File C:\Windows\System32\7d27vir23z95.cpl not found! File C:\Windows\System32\6z4t9oj3bf5.dll not found! File C:\Windows\35559ddwaze2512.dll not found! File C:\Windows\System32\4395spazbot7d05.exe not found! File C:\Windows\System32\301509ot-a-v5rus292z.cpl not found! File C:\Windows\System32\5zccspy9are389.exe not found! File C:\Windows\24519not-a59irzs4de.ocx not found! File C:\Windows\19610wo954zf.exe not found! File C:\Windows\System32\b9dth5eat122z.cpl not found! File C:\Windows\System32\355zspywar92442.cpl not found! File C:\Windows\System32\43a1zh9ef5949.ocx not found! File C:\Windows\53eebacz9oor2951.exe not found! File C:\Windows\System32\10157worz839.exe not found! File C:\Windows\System32\9161not-a-9iru59z.dll not found! File C:\Windows\558cst9zl16.dll not found! File C:\Windows\System32\z50995acktoolc3.bin not found! File C:\Windows\System32\15898notza-virus4d2.exe not found! File C:\Windows\b5aba5kzo9r492.exe not found! File C:\Windows\5591vir277z9.bin not found! File C:\Windows\328v9r9z5.dll not found! File C:\Windows\315629pambot1z2.bin not found! File C:\Windows\System32\5859sparse123z.exe not found! File C:\Windows\7zc59pyware163.cpl not found! File C:\Windows\System32\3296downl5aderz103.ocx not found! File C:\Windows\27616spzmbo59d2.dll not found! File C:\Windows\System32\589astza51150.cpl not found! File C:\Windows\15z49spambot69d.exe not found! File C:\Windows\31335zack59ol799.ocx not found! File C:\Windows\6f79ad5wa9e1z18.exe not found! File C:\Windows\System32\7467sparz95115.cpl not found! File C:\Windows\System32\56zor975.exe not found! File C:\Windows\b6ethzeat15697.ocx not found! File C:\Windows\5z59vir135.bin not found! File C:\Windows\10az9i5144.bin not found! File C:\Windows\31954vir9sc5z.bin not found! File C:\Windows\System32\25952spy7z3.dll not found! File C:\Windows\96113not-a-virus65z.exe not found! File C:\Windows\8982hzckto5l31a.cpl not found! File C:\Windows\52709acktzol4285.bin not found! File C:\Windows\System32\28950worz53d5.cpl not found! File C:\Windows\System32\4707zhreat15591.dll not found! File C:\Windows\System32\47ffdo5nl9aderz587.exe not found! File C:\Windows\System32\2169stez52927.cpl not found! File C:\Windows\System32\10209wor51zf9.bin not found! File C:\Windows\12970hacktz9l5b7.cpl not found! File C:\Windows\System32\1z85spyware879.dll not found! File C:\Windows\System32\6z54sp9war51531.bin not found! File C:\Windows\26109wor57z49.cpl not found! File C:\Windows\System32\255629roj3fz.exe not found! File C:\Windows\55steal3099z.bin not found! File C:\Windows\z8396hackt59l49e.bin not found! File C:\Windows\7dddzhre9t54645.cpl not found! File C:\Windows\System32\26399s592zb.dll not found! File C:\Windows\System32\55579worz559.ocx not found! File C:\Windows\715059z4aa.dll not found! File C:\Windows\1d9zspy59re1306.ocx not found! File C:\Windows\System32\1989thzef3546.dll not found! File C:\Windows\System32\2z589hreat7973.exe not found! File C:\Windows\System32\1905ztr59479.dll not found! File C:\Windows\System32\5ade9hief579z.exe not found! File C:\Windows\295thzef1533.ocx not found! File C:\Windows\System32\1c49downloadzr5968.exe not found! File C:\Windows\System32\171215acktozl4149.exe not found! File C:\Windows\12159ownloadzr11815.dll not found! File C:\Windows\System32\2d5bst9alz56.exe not found! File C:\Windows\System32\7559sp573z.bin not found! File C:\Windows\System32\f5zaddw9re2365.exe not found! File C:\Windows\fz1vir5924.bin not found! File C:\Windows\System32\195zaddware1132.dll not found! File C:\Windows\10a9dow5lza9er2069.cpl not found! File C:\Windows\14261not-a-virus95ez.bin not found! File C:\Windows\System32\798dzpar5e148.bin not found! File C:\Windows\System32\50899troj37z.bin not found! File C:\Windows\System32\129esparsez55.exe not found! File C:\Windows\System32\5762ad5war92z41.cpl not found! File C:\Windows\52z69h5ef2970.bin not found! File C:\Windows\27105s5y9z3.bin not found! File C:\Windows\System32\z536vir590.ocx not found! File C:\Windows\System32\6284vir930z5.exe not found! File C:\Windows\29859virus581z.ocx not found! File C:\Windows\System32\265zs5ea9541.bin not found! File C:\Windows\System32\2244h5zktool7a79.dll not found! File C:\Windows\232979ackto5z494.bin not found! File C:\Windows\285z1virus319.exe not found! File C:\Windows\System32\1989zspa9bo5721.exe not found! File C:\Windows\2908zvirus359.dll not found! File C:\Windows\System32\5e15th5eat296z0.exe not found! File C:\Windows\5a59backdzor3143.cpl not found! File C:\Windows\z558virus592.cpl not found! File C:\Windows\100639ot-a-virus5z3.ocx not found! File C:\Windows\System32\5564not-a9zirus118.cpl not found! File C:\Windows\44fbthre5t729z.bin not found! File C:\Windows\System32\323z9ha5ktool3e19.exe not found! File C:\Windows\System32\91ezp9ware5809.dll not found! File C:\Windows\26369s5y2z7.bin not found! File C:\Windows\2f93thief1563z.dll not found! File C:\Windows\5f01backdooz926.ocx not found! File C:\Windows\224et5ief955z.bin not found! File C:\Windows\590ds5zal3049.dll not found! File C:\Windows\9532zirus5c35.ocx not found! File C:\Windows\20sparze19145.bin not found! File C:\Windows\System32\4983s5az9ot37c.bin not found! File C:\Windows\369zworm5789.exe not found! File C:\Windows\56z0download5r15929.bin not found! File C:\Windows\System32\15704not-a-v95us7e9z.bin not found! File C:\Windows\2ef4doznloa9er5524.exe not found! File C:\Windows\2046tzr5at79.cpl not found! File C:\Windows\System32\50985pyware22z7.bin not found! File C:\Windows\941zr5j139.exe not found! File C:\Windows\5d65addzare3049.ocx not found! File C:\Windows\System32\93ff5ir21z2.cpl not found! File C:\Windows\System32\79a0st59l17z4.bin not found! File C:\Windows\System32\2157backdoo9670z.ocx not found! File C:\Windows\5099th9ef19z0.cpl not found! File C:\Windows\33z9pyware552.ocx not found! File C:\Windows\System32\5126viz9675.exe not found! File C:\Windows\326b5zr593.exe not found! File C:\Windows\za8ste5l2519.exe not found! File C:\Windows\27dfaddwa9e265z.ocx not found! File C:\Windows\System32\15921z5y7ce9.bin not found! File C:\Windows\45e7downlozder54049.exe not found! File move failed. C:\Users\Neeraj Tohan\ntuser.dat scheduled to be moved on reboot. File move failed. C:\ProgramData\Microsoft\Network\Downloader\qmgr1.dat scheduled to be moved on reboot. File move failed. C:\ProgramData\Microsoft\Network\Downloader\qmgr0.dat scheduled to be moved on reboot. File C:\Windows\System32\5a399ownzo5der3255.bin not found! File C:\Windows\z12475py329.dll not found! File C:\Windows\31275notz5-vir9s787.ocx not found! File C:\Windows\1z5449ot-a5virus382.bin not found! File C:\Windows\1z587troj955.dll not found! File C:\Windows\System32\505zrus954.exe not found! File C:\Windows\System32\68d2zte9l1507.ocx not found! File C:\Windows\59z9spambot352.dll not found! File C:\Users\Neeraj Tohan\Desktop\savw76sasfx.exe not found! File C:\Windows\System32\70z9threat255875.bin not found! File C:\Windows\158daddware2z98.cpl not found! File C:\Windows\System32\z9b9s5yw9re1317.ocx not found! File C:\Windows\System32\2348195zktool386.bin not found! File C:\Windows\c1za5dware30419.cpl not found! File C:\Windows\System32\26543worz99.exe not found! File C:\Windows\System32\524down9ozd5r48.bin not found! File C:\Windows\System32\22512s9yz5f.ocx not found! File C:\Windows\90016z5y409.dll not found! File C:\Windows\System32\2005tzreat23659.cpl not found! File C:\Windows\23949wor56e5z.exe not found! File C:\Windows\3839worm515z.cpl not found! File C:\Windows\4ce5addwar92852z.ocx not found! File C:\Windows\91609sp5mbot188z.ocx not found! File C:\Windows\System32\95z2troj92.ocx not found! File C:\Windows\2a74szyware945.exe not found! File C:\Windows\69a9thi5f194z.cpl not found! File C:\Windows\5c57vi91z88.cpl not found! File C:\Windows\System32\3945spzrs928195.ocx not found! File C:\Windows\58133vizu915a.exe not found! File C:\Windows\59e9bazkdoor1651.exe not found! File C:\Windows\System32\3458addwarez3195.dll not found! File C:\Windows\System32\z515hief698.ocx not found! File C:\Windows\System32\291369rzj588.bin not found! File C:\Windows\9689z5pambot205.bin not found! File C:\Windows\150evir19z4.bin not found! File C:\Windows\System32\22521zorm39e.dll not found! File C:\Windows\System32\32541sp9mbot3z3.bin not found! File C:\Windows\8714n9t-a-viruz45f.bin not found! File C:\Windows\System32\5fzavir9166.dll not found! File C:\Windows\17091not-azvi9us855.cpl not found! File C:\Windows\2d45stza92504.bin not found! File C:\Windows\21850spzmbot269.cpl not found! File C:\Windows\972zspy576.ocx not found! File C:\Windows\System32\73ebspyware9z765.cpl not found! File C:\Windows\System32\24893spz33b5.ocx not found! File C:\Windows\5a73addwarez989.ocx not found! File C:\Windows\System32\zc739pars52346.cpl not found! File C:\Windows\zdb5ba59door1676.exe not found! File C:\Windows\System32\556bthreat116z59.ocx not found! File C:\Windows\b92backdoor25z.cpl not found! File C:\Windows\z189vir55.exe not found! File C:\Windows\System32\66d5downloaderz7789.bin not found! File C:\Windows\System32\23f1bazk9oor9815.ocx not found! File C:\Windows\2425zwo9533c.dll not found! File C:\Windows\6135tzoj2209.cpl not found! File C:\Windows\31z90tro53ae9.ocx not found! File C:\Windows\9694z5irus5c7.ocx not found! File C:\Windows\28662ha5k9ooz728.bin not found! File C:\Windows\System32\5903zteal2125.exe not found! File C:\Windows\System32\15689tr9j2bz.dll not found! File C:\Windows\z607not-9-vir5s1ff.exe not found! File C:\Windows\System32\16695spz5559.exe not found! File C:\Windows\95121v5rus18az.ocx not found! File C:\Windows\System32\17990t5oj6z.bin not found! File C:\Windows\4967thre5t310z1.bin not found! File C:\Windows\System32\2z819w9rm385.dll not found! File C:\Windows\95c5sparz5585.cpl not found! File C:\Windows\System32\789ebaczdo5r824.ocx not found! File C:\Windows\System32\25194hack9ool2z5.cpl not found! File C:\Windows\System32\28692s5z2b59.exe not found! File C:\Windows\459zworm769.cpl not found! File C:\Windows\System32\z7ee9pyware1445.exe not found! File C:\Windows\System32\4bez9i5f84.bin not found! File C:\Windows\System32\z916vir24455.exe not found! File C:\Windows\4279th5ef1z70.ocx not found! File C:\Windows\System32\75f4threa9z8144.exe not found! File C:\Windows\133559orz481.exe not found! File C:\Windows\11325not-a-9irus7ez5.bin not found! File C:\Windows\System32\5175thizf2950.bin not found! File C:\Windows\System32\5b58download9r2044z.exe not found! File C:\Windows\System32\339zthrea5314.ocx not found! File C:\Windows\System32\195irz998.exe not found! File C:\Windows\System32\349f5hrzat4925.exe not found! File C:\Windows\System32\555v9z1225.exe not found! File C:\Windows\147869rzj495.cpl not found! File C:\Windows\System32\5522t9iefz079.dll not found! File C:\Windows\System32\258z5wo9m61b.ocx not found! File C:\Windows\System32\50f4thrza513943.dll not found! File C:\Windows\1459t9izf38.exe not found! File C:\Windows\System32\219z4hackt9o5519.dll not found! File C:\Windows\System32\16044ha9kzoo55bc.dll not found! File C:\Windows\59382not-azvirus2b9.bin not found! File C:\Windows\System32\49fespywaze3542.bin not found! File C:\Windows\z2555tr9jdd.dll not found! File C:\Windows\2738no5-a-9izus302.dll not found! File C:\Windows\System32\251z5worm957.exe not found! File C:\Windows\z5096vi9us578.cpl not found! File C:\Windows\2ac0t95ef766z.cpl not found! File C:\Windows\System32\3891stzal12615.cpl not found! File C:\Windows\System32\7d79d5wnloazer2592.ocx not found! File C:\Windows\18925not-a-virzs9b4.exe not found! File C:\Windows\System32\1f5atzi5f9809.ocx not found! File C:\Windows\System32\19646not-9-vir5s3bez.cpl not found! File C:\Windows\System32\109cdow5loaze9868.cpl not found! File C:\Windows\System32\5692steal2z9.bin not found! File C:\Windows\System32\696s5ywarez4899.exe not found! File C:\Windows\29999vi5uszb5.cpl not found! File C:\Windows\a65vir232z9.exe not found! File C:\Windows\20767not-a9virzs54f.bin not found! File C:\Windows\55809aczdoor1163.ocx not found! File C:\Windows\215z49py7b5.ocx not found! File C:\Windows\System32\z95evir9569.ocx not found! File C:\Windows\5699not-a-vzrus35.exe not found! File C:\Windows\3aa9sp5waze1735.bin not found! File C:\Windows\24z48spa9b5t519.exe not found! File C:\Windows\System32\3985s9yware88z.bin not found! File C:\Windows\6bzcdownlo95er1626.ocx not found! File C:\Windows\z7375not9a-virusb.cpl not found! File C:\Windows\System32\3z54downloader3199.cpl not found! File C:\Windows\System32\z50dvir9033.cpl not found! File C:\Windows\2de8stealz9955.ocx not found! File C:\Windows\System32\3950sparsz2967.bin not found! File C:\Windows\1563downloazer9895.cpl not found! File C:\Windows\8179teal1553z.exe not found! File C:\Windows\System32\1b95backdozr1965.exe not found! File C:\Windows\389th5zf967.exe not found! File C:\Windows\System32\z25dt9ief2585.dll not found! File C:\Windows\System32\33235o9z26f.dll not found! File C:\Windows\System32\24957h59ktzol3ca.dll not found! File C:\Windows\System32\5065spzrse119.ocx not found! File C:\Windows\7395viz998.bin not found! File C:\Windows\System32\1810bzckdo5r2093.ocx not found! File C:\Windows\System32\307049pzmbo569b.bin not found! File C:\Windows\System32\setup2.exe not found! File C:\Windows\System32\2493steal24z05.bin not found! File C:\Windows\8523wormz97.dll not found! File C:\Windows\54cabackd5or79z.ocx not found! File C:\Windows\25559n9t-a-vizus11f.cpl not found! File C:\Windows\z9523hackt9ol565.cpl not found! File C:\Windows\System32\47e8sp9zse2537.dll not found! File C:\Windows\53416hackto9l29cz.cpl not found! File C:\Windows\5129vir222z.exe not found! File C:\Windows\System32\155z9orm543.bin not found! File C:\Windows\System32\2570ad9ware3015z.cpl not found! File C:\Windows\System32\59z25not-a9virus606.cpl not found! [Purity] Purity scan complete. [Empty Temp Folders] User's Temp folder emptied. User's Internet Explorer cache folder emptied. File delete failed. C:\Windows\temp\JETD1A0.tmp scheduled to be deleted on reboot. Windows Temp folder emptied. FireFox cache emptied. RecycleBin -> emptied. Explorer started successfully < End of fix log > OTScanIt2 by OldTimer - Version 1.0.14.0 fix logfile created on 05182009_151902 OTListIt logfile created on: 18/05/2009 15:32:44 - Run 7 OTListIt2 by OldTimer - Version 2.0.15.8 Folder = C:\Users\Neeraj Tohan\Desktop Windows Vista Home Premium Edition Service Pack 1 (Version = 6.0.6001) - Type = NTWorkstation Internet Explorer (Version = 7.0.6001.18000) Locale: 00001009 | Country: Canada | Language: ENC | Date Format: dd/MM/yyyy 1013.45 Mb Total Physical Memory | 365.95 Mb Available Physical Memory | 36.11% Memory free 2.24 Gb Paging File | 1.45 Gb Available in Paging File | 64.83% Paging File free Paging file location(s): ?:\pagefile.sys %SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files Drive C: | 105.18 Gb Total Space | 12.01 Gb Free Space | 11.42% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: NEERAJTOHAN-PC Current User Name: Neeraj Tohan Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Output = Minimal File Age = 30 Days Company Name Whitelist: On ========== Processes (SafeList) ========== PRC - C:\Windows\Explorer.EXE (Microsoft Corporation) PRC - C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) PRC - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) PRC - C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) PRC - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) PRC - C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) PRC - C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) PRC - C:\Program Files\Sony\VAIO Update 3\VAIOUpdt.exe (Sony Corporation) PRC - C:\Program Files\Sony\Wireless Switch Setting Utility\Switcher.exe (Sony Corporation) PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) PRC - C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Event Service\VESMgrSub.exe (Sony Corporation) PRC - C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) PRC - C:\Windows\system32\igfxext.exe (Intel Corporation) PRC - C:\Windows\system32\igfxsrvc.exe (Intel Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) PRC - C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) PRC - C:\Program Files\Sony\VAIO Power Management\SPMgr.exe (Sony Corporation) PRC - C:\Program Files\Sony\ISB Utility\ISBMgr.exe (Sony Corporation) PRC - C:\Windows\System32\igfxpers.exe (Intel Corporation) PRC - C:\Windows\ehome\ehtray.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Sidebar\sidebar.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnscfg.exe (Microsoft Corporation) PRC - C:\Windows\system32\wbem\unsecapp.exe (Microsoft Corporation) PRC - C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc) PRC - C:\Windows\ehome\ehmsas.exe (Microsoft Corporation) PRC - C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) PRC - C:\Windows\system32\wbem\wmiprvse.exe (Microsoft Corporation) PRC - C:\Users\Neeraj Tohan\Desktop\OTListIt2.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation) SRV - (ehRecvr [On_Demand | Stopped]) -- C:\Windows\ehome\ehRecvr.exe (Microsoft Corporation) SRV - (ehSched [On_Demand | Stopped]) -- C:\Windows\ehome\ehsched.exe (Microsoft Corporation) SRV - (ehstart [Auto | Stopped]) -- C:\Windows\ehome\ehstart.dll (Microsoft Corporation) SRV - (EvtEng [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe (Intel Corporation) SRV - (FLEXnet Licensing Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Macrovision Europe Ltd.) SRV - (FontCache3.0.0.0 [On_Demand | Stopped]) -- C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe (Microsoft Corporation) SRV - (gupdate1c9c168f65895d0 [Auto | Stopped]) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (IDriverT [On_Demand | Stopped]) -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe (Macrovision Corporation) SRV - (idsvc [Unknown | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe (Microsoft Corporation) SRV - (MSCSPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (Sony Corporation) SRV - (MSSQL$VAIO_VEDB [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe (Microsoft Corporation) SRV - (MSSQLServerADHelper [Disabled | Stopped]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe (Microsoft Corporation) SRV - (NetTcpPortSharing [Disabled | Stopped]) -- C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe (Microsoft Corporation) SRV - (odserv [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE (Microsoft Corporation) SRV - (ose [On_Demand | Stopped]) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) SRV - (PACSPTISVR [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe () SRV - (QBCFMonitorService [Auto | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\QBCFMonitorService.exe ( ) SRV - (QBFCService [On_Demand | Stopped]) -- C:\Program Files\Common Files\Intuit\QuickBooks\FCS\Intuit.QuickBooks.FCS.exe (Intuit Inc.) SRV - (RapiMgr [Auto | Running]) -- C:\Windows\WindowsMobile\rapimgr.dll (Microsoft Corporation) SRV - (RegSrvc [Auto | Running]) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe (Intel Corporation) SRV - (SAVAdminService [Unknown | Running]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SAVAdminService.exe (Sophos Plc) SRV - (SAVService [Unknown | Stopped]) -- C:\Program Files\Sophos\Sophos Anti-Virus\SavService.exe (Sophos Plc) SRV - (SonicStage Back-End Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SsBeSvc.exe (Sony Corporation) SRV - (Sophos AutoUpdate Service [Auto | Running]) -- C:\Program Files\Sophos\AutoUpdate\ALsvc.exe (Sophos Plc) SRV - (SPTISRV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (Sony Corporation) SRV - (SQLBrowser [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe (Microsoft Corporation) SRV - (SQLWriter [Auto | Running]) -- C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe (Microsoft Corporation) SRV - (SSScsiSV [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe (Sony Corporation) SRV - (VAIO Entertainment TV Device Arbitration Service [On_Demand | Stopped]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCs\VzHardwareResourceManager\VzHardwareResourceManager.exe (Sony Corporation) SRV - (VAIO Event Service [Auto | Running]) -- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\VMISrv.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-IntegratedServer-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (VAIOMediaPlatform-Mobile-Gateway [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\VmGateway.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-AppServer [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\UCLS.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-HTTP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\SV_Httpd.exe (Sony Corporation) SRV - (VAIOMediaPlatform-UCLS-UPnP [On_Demand | Stopped]) -- C:\Program Files\Sony\VAIO Media Integrated Server\Platform\UPnPFramework.exe (Sony Corporation) SRV - (Vcsw [On_Demand | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VCSW\VCSW.exe (Sony Corporation) SRV - (VzCdbSvc [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzCdbSvc.exe (Sony Corporation) SRV - (VzFw [Auto | Running]) -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\VzCdb\VzFw.exe (Sony Corporation) SRV - (WcesComm [Auto | Running]) -- C:\Windows\WindowsMobile\wcescomm.dll (Microsoft Corporation) SRV - (WinDefend [Auto | Running]) -- C:\Program Files\Windows Defender\mpsvc.dll (Microsoft Corporation) SRV - (WMPNetworkSvc [On_Demand | Running]) -- C:\Program Files\Windows Media Player\wmpnetwk.exe (Microsoft Corporation) SRV - (XAudioService [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.exe (Conexant Systems, Inc.) ========== Driver Services (SafeList) ========== DRV - (adp94xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\adp94xx.sys (Adaptec, Inc.) DRV - (adpahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpahci.sys (Adaptec, Inc.) DRV - (adpu160m [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu160m.sys (Adaptec, Inc.) DRV - (adpu320 [Disabled | Stopped]) -- C:\Windows\system32\drivers\adpu320.sys (Adaptec, Inc.) DRV - (aic78xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\djsvs.sys (Adaptec, Inc.) DRV - (aliide [Disabled | Stopped]) -- C:\Windows\system32\drivers\aliide.sys (Acer Laboratories Inc.) DRV - (ApfiltrService [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\Apfiltr.sys (Alps Electric Co., Ltd.) DRV - (arc [Disabled | Stopped]) -- C:\Windows\system32\drivers\arc.sys (Adaptec, Inc.) DRV - (arcsas [Disabled | Stopped]) -- C:\Windows\system32\drivers\arcsas.sys (Adaptec, Inc.) DRV - (athr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\athr.sys (Atheros Communications, Inc.) DRV - (BrFiltLo [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltlo.sys (Brother Industries, Ltd.) DRV - (BrFiltUp [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brfiltup.sys (Brother Industries, Ltd.) DRV - (Brserid [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserid.sys (Brother Industries Ltd.) DRV - (BrSerWdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brserwdm.sys (Brother Industries Ltd.) DRV - (BrUsbMdm [Disabled | Stopped]) -- C:\Windows\system32\drivers\brusbmdm.sys (Brother Industries Ltd.) DRV - (BrUsbSer [On_Demand | Stopped]) -- C:\Windows\system32\drivers\brusbser.sys (Brother Industries Ltd.) DRV - (Cdr4_xp [System | Running]) -- C:\Windows\System32\drivers\cdr4_xp.sys (Sonic Solutions) DRV - (Cdralw2k [System | Running]) -- C:\Windows\System32\drivers\cdralw2k.sys (Sonic Solutions) DRV - (cmdide [Disabled | Stopped]) -- C:\Windows\system32\drivers\cmdide.sys (CMD Technology, Inc.) DRV - (DMICall [System | Running]) -- C:\Windows\system32\DRIVERS\DMICall.sys (Sony Corporation) DRV - (E1G60 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\E1G60I32.sys (Intel Corporation) DRV - (elxstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\elxstor.sys (Emulex) DRV - (HpCISSs [Disabled | Stopped]) -- C:\Windows\system32\drivers\hpcisss.sys (Hewlett-Packard Company) DRV - (HSFHWAZL [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\VSTAZL3.SYS (Conexant Systems, Inc.) DRV - (HSF_DPV [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_DPV.sys (Conexant Systems, Inc.) DRV - (HSXHWAZL [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSXHWAZL.sys (Conexant Systems, Inc.) DRV - (ialm [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iaStorV [Disabled | Stopped]) -- C:\Windows\system32\drivers\iastorv.sys (Intel Corporation) DRV - (igfx [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\igdkmd32.sys (Intel Corporation) DRV - (iirsp [Disabled | Stopped]) -- C:\Windows\system32\drivers\iirsp.sys (Intel Corp./ICP vortex GmbH) DRV - (IntcAzAudAddService [On_Demand | Running]) -- C:\Windows\system32\drivers\RTKVHDA.sys (Realtek Semiconductor Corp.) DRV - (iteatapi [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteatapi.sys (Integrated Technology Express, Inc.) DRV - (iteraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\iteraid.sys (Integrated Technology Express, Inc.) DRV - (LSI_FC [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_fc.sys (LSI Logic) DRV - (LSI_SAS [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_sas.sys (LSI Logic) DRV - (LSI_SCSI [Disabled | Stopped]) -- C:\Windows\system32\drivers\lsi_scsi.sys (LSI Logic) DRV - (mdmxsdk [Auto | Running]) -- C:\Windows\system32\DRIVERS\mdmxsdk.sys (Conexant) DRV - (megasas [Disabled | Stopped]) -- C:\Windows\system32\drivers\megasas.sys (LSI Logic Corporation) DRV - (Mraid35x [Disabled | Stopped]) -- C:\Windows\system32\drivers\mraid35x.sys (LSI Logic Corporation) DRV - (NETw3v32 [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\NETw3v32.sys (Intel® Corporation) DRV - (NETw4v32 [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\NETw4v32.sys (Intel Corporation) DRV - (nfrd960 [Disabled | Stopped]) -- C:\Windows\system32\drivers\nfrd960.sys (IBM Corporation) DRV - (ntrigdigi [Disabled | Stopped]) -- C:\Windows\system32\drivers\ntrigdigi.sys (N-trig Innovative Technologies) DRV - (nvraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvraid.sys (NVIDIA Corporation) DRV - (nvstor [Disabled | Stopped]) -- C:\Windows\system32\drivers\nvstor.sys (NVIDIA Corporation) DRV - (PxHelp20 [Boot | Running]) -- C:\Windows\System32\Drivers\PxHelp20.sys (Sonic Solutions) DRV - (ql2300 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql2300.sys (QLogic Corporation) DRV - (ql40xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\ql40xx.sys (QLogic Corporation) DRV - (SAVOnAccess [System | Running]) -- C:\Windows\system32\DRIVERS\savonaccess.sys (Sophos Plc) DRV - (secdrv [Auto | Running]) -- C:\Windows\System32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (SiSRaid2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid2.sys (Silicon Integrated Systems Corp.) DRV - (SiSRaid4 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sisraid4.sys (Silicon Integrated Systems) DRV - (SNC [On_Demand | Running]) -- C:\Windows\System32\Drivers\SonyNC.sys (Sony Corporation) DRV - (SophosBootDriver [Disabled | Stopped]) -- C:\Windows\system32\DRIVERS\SophosBootDriver.sys (Sophos Plc) DRV - (Symc8xx [Disabled | Stopped]) -- C:\Windows\system32\drivers\symc8xx.sys (LSI Logic) DRV - (Sym_hi [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_hi.sys (LSI Logic) DRV - (Sym_u3 [Disabled | Stopped]) -- C:\Windows\system32\drivers\sym_u3.sys (LSI Logic) DRV - (ti21sony [On_Demand | Running]) -- C:\Windows\system32\drivers\ti21sony.sys (Texas Instruments) DRV - (uliahci [Disabled | Stopped]) -- C:\Windows\system32\drivers\uliahci.sys (ULi Electronics Inc.) DRV - (UlSata [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata.sys (Promise Technology, Inc.) DRV - (ulsata2 [Disabled | Stopped]) -- C:\Windows\system32\drivers\ulsata2.sys (Promise Technology, Inc.) DRV - (usbaudio [On_Demand | Stopped]) -- C:\Windows\system32\drivers\usbaudio.sys (Microsoft Corporation) DRV - (usb_rndisx [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\usb8023x.sys (Microsoft Corporation) DRV - (viaide [Disabled | Stopped]) -- C:\Windows\system32\drivers\viaide.sys (VIA Technologies, Inc.) DRV - (vsmraid [Disabled | Stopped]) -- C:\Windows\system32\drivers\vsmraid.sys (VIA Technologies Inc.,Ltd) DRV - (WimFltr [On_Demand | Stopped]) -- C:\Windows\system32\DRIVERS\wimfltr.sys (Microsoft Corporation) DRV - (winachsf [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\HSX_CNXT.sys (Conexant Systems, Inc.) DRV - (XAudio [Auto | Running]) -- C:\Windows\system32\DRIVERS\xaudio.sys (Conexant Systems, Inc.) DRV - (yukonwlh [On_Demand | Running]) -- C:\Windows\system32\DRIVERS\yk60x86.sys (Marvell) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [Binary data over 100 bytes] IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.ca/ IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,StartPageCache = 2 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - HKLM\software\mozilla\Firefox\Extensions\\{3112ca9c-de6d-4884-a869-9855de68056c}: C:\PROGRAMDATA\MOZILLA\FIREFOX EXTENSIONS\{3112CA9C-DE6D-4884-A869-9855DE68056C} [2007/10/30 20:49:37 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION\ [2009/03/25 00:34:10 | 00,000,000 | ---D | M] [2007/10/31 04:49:44 | 00,000,000 | ---D | M] -- C:\Users\Neeraj Tohan\AppData\Roaming\mozilla\Firefox\Profiles\xr4qj960.default\extensions [2007/10/31 04:49:44 | 00,000,000 | ---D | M] -- C:\Users\Neeraj Tohan\AppData\Roaming\mozilla\Firefox\Profiles\xr4qj960.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c} O1 HOSTS File: (213378 bytes) - C:\Windows\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O1 - Hosts: ::1 localhost O1 - Hosts: 127.0.0.1 007guard.com O1 - Hosts: 127.0.0.1 www.007guard.com O1 - Hosts: 127.0.0.1 008i.com O1 - Hosts: 127.0.0.1 008k.com O1 - Hosts: 127.0.0.1 www.008k.com O1 - Hosts: 127.0.0.1 00hq.com O1 - Hosts: 127.0.0.1 www.00hq.com O1 - Hosts: 127.0.0.1 010402.com O1 - Hosts: 127.0.0.1 032439.com O1 - Hosts: 127.0.0.1 www.032439.com O1 - Hosts: 127.0.0.1 1001-search.info O1 - Hosts: 127.0.0.1 www.1001-search.info O1 - Hosts: 127.0.0.1 100888290cs.com O1 - Hosts: 127.0.0.1 www.100888290cs.com O1 - Hosts: 127.0.0.1 100sexlinks.com O1 - Hosts: 127.0.0.1 www.100sexlinks.com O1 - Hosts: 127.0.0.1 10sek.com O1 - Hosts: 127.0.0.1 www.10sek.com O1 - Hosts: 127.0.0.1 123topsearch.com O1 - Hosts: 127.0.0.1 www.123topsearch.com O1 - Hosts: 127.0.0.1 132.com O1 - Hosts: 127.0.0.1 www.132.com O1 - Hosts: 127.0.0.1 136136.net O1 - Hosts: 7504 more lines... O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (Sophos Web Content Scanner) - {39EA7695-B3F2-4C44-A4BC-297ADA8FD235} - C:\Program Files\Sophos\Sophos Anti-Virus\SophosBHO.dll (Sophos Plc) O2 - BHO: (SSVHelper Class) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" (Adobe Systems Incorporated) O4 - HKLM..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd.exe (Intel Corporation) O4 - HKLM..\Run: [IgfxTray] C:\Windows\system32\igfxtray.exe (Intel Corporation) O4 - HKLM..\Run: [ISBMgr.exe] "C:\Program Files\Sony\ISB Utility\ISBMgr.exe" (Sony Corporation) O4 - HKLM..\Run: [Persistence] C:\Windows\system32\igfxpers.exe (Intel Corporation) O4 - HKLM..\Run: [RtHDVCpl] RtHDVCpl.exe (Realtek Semiconductor) O4 - HKLM..\Run: [VAIOSecurity] "C:\Program Files\Sony\VAIO Security Center\VSC.exe" 1 () O4 - HKLM..\Run: [VAIOSurvey] C:\Program Files\Sony\VAIO Survey\Vista VAIO Survey.exe () O4 - HKCU..\Run: [ehTray.exe] C:\Windows\ehome\ehTray.exe (Microsoft Corporation) O4 - HKCU..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (Microsoft Corporation) O4 - HKCU..\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe (Microsoft Corporation) O4 - Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk = C:\Program Files\Sophos\AutoUpdate\ALMon.exe (Sophos Plc) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O8 - Extra context menu item: Append to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert link target to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selected links to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert selection to existing PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html (Adobe Systems Incorporated) O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html (Adobe Systems Incorporated) O9 - Extra 'Tools' menuitem : Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\npjpi160_07.dll (Sun Microsystems, Inc.) O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Expression\Office12\REFIEBAR.DLL (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [@%SystemRoot%\system32\nlasvc.dll,-1000] - C:\Windows\system32\NLAapi.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [@%SystemRoot%\system32\napinsp.dll,-1000] - C:\Windows\system32\napinsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [@%SystemRoot%\system32\pnrpnsp.dll,-1000] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [@%SystemRoot%\system32\pnrpnsp.dll,-1001] - C:\Windows\system32\pnrpnsp.dll (Microsoft Corporation) O13 - gopher Prefix: missing O15 - HKLM\..Trusted Domains: 32 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {3860DD98-0549-4D50-AA72-5D17D200EE10} http://cdn.scan.onecare.live.com/resource/...s/wlscctrl2.cab (Windows Live OneCare safety scanner control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_07) O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} http://wwwimages.adobe.com/www.adobe.com/p...obat/nos/gp.cab (get_atlcom Class) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\igfxcui: DllName - igfxdev.dll - C:\Windows\system32\igfxdev.dll (Intel Corporation) O20 - Winlogon\Notify\VESWinlogon: DllName - VESWinlogon.dll - C:\Windows\system32\VESWinlogon.dll (Sony Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2006/09/18 17:43:36 | 00,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\Windows\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - * [2009/05/18 15:20:39 | 00,000,000 | R--D | M] ========== Files/Folders - Created Within 30 Days ========== [2009/05/18 15:19:02 | 00,000,000 | ---D | C] -- C:\_OTScanIt [2009/05/17 16:19:39 | 00,000,000 | -HSD | C] -- C:\$RECYCLE.BIN [2009/05/17 16:10:24 | 00,212,480 | ---- | C] (SteelWerX) -- C:\Windows\SWXCACLS.exe [2009/05/17 16:10:24 | 00,161,792 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe [2009/05/17 16:10:24 | 00,136,704 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe [2009/05/17 16:10:24 | 00,117,248 | ---- | C] () -- C:\Windows\vFind.exe [2009/05/17 16:10:24 | 00,098,816 | ---- | C] () -- C:\Windows\sed.exe [2009/05/17 16:10:24 | 00,080,412 | ---- | C] () -- C:\Windows\grep.exe [2009/05/17 16:10:24 | 00,068,096 | ---- | C] () -- C:\Windows\zip.exe [2009/05/17 16:10:24 | 00,031,232 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe [2009/05/17 16:10:06 | 00,000,000 | ---D | C] -- C:\ComboFix [2009/05/17 16:02:30 | 00,000,000 | ---D | C] -- C:\Qoobox [2009/05/17 16:00:53 | 02,988,799 | R--- | C] () -- C:\Users\Neeraj Tohan\Desktop\ComboFix.exe [2009/05/16 18:50:22 | 00,501,248 | ---- | C] (OldTimer Tools) -- C:\Users\Neeraj Tohan\Desktop\OTListIt2.exe [2009/05/16 15:50:08 | 14,039,440 | ---- | C] (Doctor Web, Ltd.) -- C:\Users\Neeraj Tohan\Desktop\drweb-cureit.exe [2009/05/09 23:14:09 | 00,000,818 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/05/09 23:14:08 | 00,015,504 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbam.sys [2009/05/09 23:14:06 | 00,038,496 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\System32\drivers\mbamswissarmy.sys [2009/05/09 23:14:04 | 00,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes [2009/05/09 23:14:04 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2009/05/09 23:03:38 | 00,000,000 | ---D | C] -- C:\Users\Neeraj Tohan\AppData\Roaming\GetRightToGo [2009/05/09 17:53:15 | 00,000,000 | ---D | C] -- C:\Rooter$ [2009/05/08 00:30:58 | 00,130,104 | ---- | C] (Sophos Plc) -- C:\Windows\System32\sdccoinstaller.dll [2009/05/08 00:27:46 | 00,020,288 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\SophosBootDriver.sys [2009/05/08 00:27:40 | 00,000,000 | ---D | C] -- C:\savwsa [2009/05/03 22:30:59 | 00,000,858 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2009/05/03 22:28:39 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Cisco Systems [2009/05/03 22:28:37 | 00,023,552 | ---- | C] (Sophos Plc) -- C:\Windows\System32\SophosBootTasks.exe [2009/05/03 21:04:29 | 00,000,000 | ---D | C] -- C:\Program Files\Sophos [2009/04/27 23:42:08 | 11,939,6807 | ---- | C] () -- C:\Windows\MEMORY.DMP [2009/04/27 23:07:22 | 00,000,000 | ---D | C] -- C:\Program Files\Windows Live Safety Center [2009/04/22 16:00:07 | 00,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol [2009/04/20 17:59:24 | 00,093,192 | ---- | C] (Sophos Plc) -- C:\Windows\System32\drivers\savonaccess.sys [2009/04/20 17:59:14 | 00,000,000 | ---D | C] -- C:\escwsa [2009/04/19 23:36:23 | 00,001,931 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2009/04/19 23:34:54 | 00,000,882 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job [2009/04/19 23:34:21 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\DivX Shared [2009/04/19 23:34:18 | 00,000,000 | ---D | C] -- C:\Program Files\Google [2009/04/19 23:34:17 | 00,001,401 | ---- | C] () -- C:\Users\Neeraj Tohan\Desktop\DivX Movies.lnk [2009/04/19 23:34:17 | 00,000,000 | ---D | C] -- C:\Program Files\DivX [2009/03/22 03:15:35 | 00,000,118 | ---- | C] () -- C:\Windows\System32\MRT.INI [2008/06/10 18:42:58 | 00,000,142 | ---- | C] () -- C:\Windows\ODBC.INI [2008/02/24 12:56:18 | 00,061,440 | ---- | C] () -- C:\Windows\System32\igfxTMM.dll [2008/02/24 12:56:18 | 00,053,248 | ---- | C] () -- C:\Windows\System32\oemdspif.dll [2008/02/24 12:56:17 | 00,204,800 | ---- | C] () -- C:\Windows\System32\igfxCoIn_v1151.dll [2008/01/18 05:40:45 | 00,000,203 | ---- | C] () -- C:\Windows\SpssLM.ini [2007/12/31 12:34:21 | 00,299,008 | ---- | C] () -- C:\Windows\System32\LAME_MP3.dll [2007/11/23 05:01:31 | 00,000,099 | ---- | C] () -- C:\Windows\MXDebug2.ini [2007/11/22 04:24:41 | 00,000,032 | ---- | C] () -- C:\Windows\MS Office 2007 Pro Plus & Expression Web.INI [2007/10/08 09:21:46 | 00,958,464 | ---- | C] () -- C:\Windows\System32\WLIHVUI.dll [2007/05/10 02:02:08 | 00,019,968 | ---- | C] () -- C:\Windows\System32\Cpuinf32.dll [2007/05/10 02:00:26 | 00,532,480 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Sony.dll [2007/02/24 14:59:14 | 00,000,000 | ---- | C] () -- C:\Windows\VAIOUpdt.INI [2007/02/08 20:02:54 | 00,520,192 | ---- | C] () -- C:\Windows\System32\CddbPlaylist2Roxio.dll [2007/02/08 20:02:52 | 00,204,800 | ---- | C] () -- C:\Windows\System32\CddbFileTaggerRoxio.dll [2007/02/08 20:00:44 | 00,000,000 | ---- | C] () -- C:\Windows\System32\px.ini [2006/11/02 08:35:32 | 00,005,632 | ---- | C] () -- C:\Windows\System32\sysprepMCE.dll [2006/11/02 06:23:31 | 00,000,219 | ---- | C] () -- C:\Windows\win.ini [2006/11/02 06:23:31 | 00,000,215 | ---- | C] () -- C:\Windows\system.ini [2006/11/02 03:40:29 | 00,013,750 | ---- | C] () -- C:\Windows\System32\pacerprf.ini [2004/12/20 06:08:28 | 00,180,224 | ---- | C] () -- C:\Windows\System32\xvidvfw.dll [2004/12/20 06:03:26 | 00,765,952 | ---- | C] () -- C:\Windows\System32\xvidcore.dll ========== Files - Modified Within 30 Days ========== [2009/05/18 15:25:13 | 00,000,882 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachine.job [2009/05/18 15:25:12 | 00,000,006 | -H-- | M] () -- C:\Windows\tasks\SA.DAT [2009/05/18 15:24:55 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0 [2009/05/18 15:24:55 | 00,003,696 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0 [2009/05/18 15:24:49 | 00,067,584 | --S- | M] () -- C:\Windows\bootstat.dat [2009/05/17 16:17:50 | 00,000,215 | ---- | M] () -- C:\Windows\system.ini [2009/05/17 16:00:57 | 02,988,799 | R--- | M] () -- C:\Users\Neeraj Tohan\Desktop\ComboFix.exe [2009/05/16 18:50:32 | 00,501,248 | ---- | M] (OldTimer Tools) -- C:\Users\Neeraj Tohan\Desktop\OTListIt2.exe [2009/05/16 18:12:41 | 11,939,6807 | ---- | M] () -- C:\Windows\MEMORY.DMP [2009/05/16 15:50:17 | 14,039,440 | ---- | M] (Doctor Web, Ltd.) -- C:\Users\Neeraj Tohan\Desktop\drweb-cureit.exe [2009/05/14 17:50:08 | 00,117,248 | ---- | M] () -- C:\Windows\vFind.exe [2009/05/09 23:14:09 | 00,000,818 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes' Anti-Malware.lnk [2009/05/09 22:49:16 | 00,001,931 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk [2009/05/08 07:58:46 | 00,000,858 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoUpdate Monitor.lnk [2009/05/05 00:28:24 | 00,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol [2009/05/01 01:22:47 | 00,000,142 | ---- | M] () -- C:\Windows\ODBC.INI [2009/04/21 00:27:11 | 00,409,520 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT [2009/04/20 12:56:28 | 00,031,232 | ---- | M] (NirSoft) -- C:\Windows\NIRCMD.exe [2009/04/19 23:34:17 | 00,001,401 | ---- | M] () -- C:\Users\Neeraj Tohan\Desktop\DivX Movies.lnk < End of report > |
|
|
|
|
May 18 2009, 01:57 PM
Post
#11
|
|
|
Trusted Helper Posts: 1,861 From: The Netherlands OS: Windows XP/Vista Dualboot |
Hello lucky-g,
QUOTE Which AV do you recommend and are currently using? I use and recomman Kaspersky Antivirus (www.kaspersky.com)  Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version of Java components and upgrade the application. Beware it is NOT supported for use in 9x or ME and probably will not install in those systemsUpgrading Java:
Beside that your log looks clean. How is your computer running? Thunderbird1988 This post has been edited by Thunderbird1988: May 18 2009, 02:17 PM |
|
|
|
|
May 18 2009, 08:16 PM
Post
#12
|
|
|
Member Posts: 76 From: Toronto OS: xp sp3, vista sp1 |
Hi Thunderbird1988,
It's running better, thanks to you! Something new has developed. When I reboot, I get an error message for files: "igfxtray.exe" & "hkcmd.exe" which says: "unable to locate component. This application has failed to start because hccutils.DLL was not found. Re-installing the application may fix this problem." After I click on the okay button, microsoft windows message pops up that says: "igfxtray module has stopped working." same message for hkcmd. I get two options to choose from: check online for a solution or close the program. The other thing I wanted to ask is why are spybot search and destroy and antivir personal edition enabled and active on my system when I uninstalled them nearly a year ago? Can we clear these from the system? |
|
|
|
|
May 19 2009, 11:10 AM
Post
#13
|
|
|
Trusted Helper Posts: 1,861 From: The Netherlands OS: Windows XP/Vista Dualboot |
Hello Lucky-g,
Please download SystemLook from one of the links below and save it to your Desktop. Download Mirror #1 Download Mirror #2
Please download hccutils.dll from here Unzip it, and put it in the C:\Windows\System32 foler. Please let me know if that works. Thunderbird1988 |
|
|
|
|
May 19 2009, 04:26 PM
Post
#14
|
|
|
Member Posts: 76 From: Toronto OS: xp sp3, vista sp1 |
Hi Thunderbird1988,
I followed the steps and rebooted. I got this message: "hkcmd.exe entry point not found The procedure entry point LoadSTRINGFromHKCU could not be located in the dynamic link library hccutils.DLL." Here is the log from systemlook.txt: (i also uninstalled symantec from this machine too) SystemLook v1.0 by jpshortstuff (18.05.09) Log created at 18:08 on 19/05/2009 by Neeraj Tohan (Administrator - Elevation successful) ========== reg ========== [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AutoUpdateDisableNotify"= 0x0000000001 (1) "cval"= 0x0000000001 (1) "FirewallDisableNotify"= 0000000000 (0) "InternetSettingsDisableNotify"= 0x0000000001 (1) "UacDisableNotify"= 0x0000000001 (1) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"= 0x0000000001 (1) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SophosAntiVirus] "DisableMonitoring"= 0x0000000001 (1) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"= 0x0000000001 (1) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"= 0x0000000001 (1) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiSpywareOverride"= 0000000000 (0) "AntiVirusOverride"= 0000000000 (0) "FirewallOverride"= 0000000000 (0) "VistaSp1"=02 05 3e 36 32 a5 c8 01 (REG_QWORD) [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc\Vol] (No values found) -=End Of File=- |
|
|
|
|
May 21 2009, 09:21 AM
Post
#15
|
|
|
Trusted Helper Posts: 1,861 From: The Netherlands OS: Windows XP/Vista Dualboot |
The scan can take a few minutes. |
|
|
|
|
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:
Similar Topics
| Topic Title | Replies / Views | Topic Information | |||||
|---|---|---|---|---|---|---|---|
 |
12 / 1,049 | 13th December 2005 - 09:14 PM brocksolid17 started - last by OwNt |
|||||
|
6 / 585 | 20th May 2006 - 10:59 PM mycool started - last by RiP |
|||||
|
 |
1 / 586 | 16th May 2006 - 09:32 AM jen147 started - last by dsenette |
||||
|
2 / 623 | 3rd November 2007 - 07:48 PM sadboy started - last by greyknight17 |
|||||
|
Time is now: 24th November 2009 - 03:12 PM |
Advertisements do not imply our endorsement of that product or service. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks mentioned on this page are the property of their respective owners.
© Geeks to Go, Inc. | All Rights Reserved | Privacy Policy | Advertising