Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Says Virus Alert! in Toolbar and AntiSpyware pop-ups [CLOSED]


  • This topic is locked This topic is locked

#1
VTut2734

VTut2734

    Member

  • Member
  • PipPipPip
  • 140 posts
Hello~

My friend borrowed my laptop and I got it back totally ruined. I keep getting pop ups and my clock reads 20:57:00 and Virus Alert! My desktop background is white and I have no all programs button at all. I ran all the steps with ATF Cleaner and ERUNT and Malware bytes which I have been usuing. Here is my HiJack This post:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 20:54: VIRUS ALERT!, on 8/26/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16674)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\digtizer.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Fujitsu\Utils\FjMenu.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\AIM6\aim6.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://softwarerefer...=...6Ojg5&lid=2
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

http://go.microsoft....k/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride =

*.local
O2 - BHO: (no name) - {0A528CF4-7325-4D78-9899-E5E466B7A54C} -

C:\WINDOWS\system32\gebcy.dll (file missing)
O2 - BHO: (no name) - {121B5FA6-1D6D-403A-8D10-C6A68579A1A1} -

C:\WINDOWS\system32\geBqRihI.dll (file missing)
O2 - BHO: QXK Olive - {25F82259-85DE-46B8-AC72-D84F8FC77AC5} - C:\WINDOWS\wnlmdakqoxv.dll

(file missing)
O2 - BHO: (no name) - {2753B591-D1EC-4A00-93E4-CEC5247EB60C} -

C:\WINDOWS\system32\rqRJCRKc.dll (file missing)
O2 - BHO: (no name) - {4F6BCB83-2CB8-4682-8464-6A84A4912ACD} -

C:\WINDOWS\system32\fccaYRlK.dll (file missing)
O2 - BHO: {4fa2e255-744a-0499-5014-7dfaa573e036} - {630e375a-afd7-4105-9940-a447552e2af4}

- C:\WINDOWS\system32\ugjoml.dll
O2 - BHO: (no name) - {69A8D5D8-95C6-42C0-B206-72A0A08A4E11} -

C:\WINDOWS\system32\ddcyw.dll (file missing)
O2 - BHO: (no name) - {75ED82AA-D187-4E5B-9F5D-B088968CFC3B} -

C:\WINDOWS\system32\efcDWOEW.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program

Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: QXK Olive - {883E162E-56D8-4AB3-85BE-F69B9FC89082} - C:\WINDOWS\rodqgpvlndk.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program

files\google\googletoolbar1.dll
O2 - BHO: (no name) - {BD0515AB-280B-4848-B053-DA8D0AE459F4} -

C:\WINDOWS\system32\efcAQKAs.dll (file missing)
O2 - BHO: (no name) - {C6804E59-C975-4B09-BEE7-71C3310101B0} -

C:\WINDOWS\system32\awtqRHaY.dll (file missing)
O2 - BHO: (no name) - {D611E0FB-59AC-45FD-BF3B-A8A983154AA5} -

C:\WINDOWS\system32\xxyxXNeC.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program

files\google\googletoolbar1.dll
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: bgrqfetx - {8A11BBE3-E0B5-40FB-9D86-E08A52B51B47} - C:\WINDOWS\bgrqfetx.dll

(file missing)
O3 - Toolbar: qalkfxor - {47B4B5E7-18D6-47EB-AF00-DFF901A8EFF1} - C:\WINDOWS\qalkfxor.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft

shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey

Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [SSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [FjStrtAp] C:\Program Files\Fujitsu\Utils\FjStrtAp.exe
O4 - HKLM\..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping

Tool\SnippingTool.exe" /i
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf

Intel PROSet/Wireless
O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common

Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program

Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]

C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe"

-osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft

Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader

8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software

Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Active Desktop Calendar] C:\Program Files\XemiComputers\Active Desktop

Calendar\ADC.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKCU\..\Run: [DW6] "C:\Program Files\The Weather Channel

FW\Desktop\DesktopWeather.exe"
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK

SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'Default user')
O4 - Startup: ERUNT AutoBackup.lnk = C:\Program Files\ERUNT\AUTOBACK.EXE
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft

Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital

Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital

Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop

Messenger\8876480\Program\LDMConf.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Add to EverNote - res://C:\Program

Files\EverNote\EverNote\enbar.dll/2000
O8 - Extra context menu item: E&xport to Microsoft Excel -

res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program

Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -

C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} -

C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program

Files\EverNote\EverNote\enbar.dll
O9 - Extra 'Tools' menuitem: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} -

C:\Program Files\EverNote\EverNote\enbar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network

Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583}

- C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program

Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=http://us.fujitsu.com/computers
O15 - Trusted Zone: http://learn.vt.edu
O16 - DPF: RaptisoftGameLoader -

http://www.miniclip....tgameloader.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) -

http://upload.facebo...toUploader5.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) -

http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) -

http://a516.g.akamai...citrix/wficat-n

o-eula.cab
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) -

http://disney.go.com...OnlineGames.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) -

http://www.miniclip....bGameLoader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -

http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) -

http://upload.facebo...otoUploader.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) -

http://launch.gamesp...nch/alaunch.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) -

http://www.otoy.com/.../CAB/OTOYAX.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) -

http://www.shockwave...gwebinstall.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) -

http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} (LSICapture Control) -

http://www.link-syst...aste/lsiw2k.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) -

http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) -

http://www.miniclip....er/igloader.CAB
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) -

http://128.173.201.214/activex/AMC.cab
O18 - Protocol: bw+0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} -

C:\PROGRA~1\MICROS~3\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program

Files\AVG\AVG8\avgpp.dll
O18 - Protocol: offline-8876480 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program

Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: avgrsstx.dll pnrmij.dll ugjoml.dll
O20 - Winlogon Notify: qomjjki - qomjjki.dll (file missing)
O20 - Winlogon Notify: rqRJCRKc - rqRJCRKc.dll (file missing)
O20 - Winlogon Notify: ssqqpnk - ssqqpnk.dll (file missing)
O20 - Winlogon Notify: urqoopo - urqoopo.dll (file missing)
O20 - Winlogon Notify: vtusspq - vtusspq.dll (file missing)
O21 - SSODL: tfnslopk - {56122A64-79D3-4687-BFAC-6C62A772C23C} - C:\WINDOWS\tfnslopk.dll

(file missing)
O21 - SSODL: pdoskegl - {DE27BF91-5310-43FC-9009-AE4A2947224B} - C:\WINDOWS\pdoskegl.dll
O21 - SSODL: rqbmvpso - {E06C4703-05D3-41D7-B7E8-46DC39FE0729} - C:\WINDOWS\rqbmvpso.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common

Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. -

C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program

Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation -

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intel Input Service (IISLvc) - Unknown owner - C:\WINDOWS\system\mgrsvc.exe

(file missing)
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common

files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common

Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: o2flash - O2Micro International - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program

Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation -

C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program

Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program

Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: Privacy Protection -

file:///C:\WINDOWS\privacy_danger\index.htm
O24 - Desktop Component 2: Ink Desktop - {80E95280-2D38-3CB8-A215-FB5F14C4343E}

--
End of file - 30002 bytes
  • 0

Advertisements


#2
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Open notepad, click Format, uncheck wordwrap


Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding.


Download SDFix and save it to your Desktop.

Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Please then reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, the Advanced Options Menu should appear;
  • Select the first option, to run Windows in Safe Mode, then press Enter.
  • Choose your usual account.
  • Open the extracted SDFix folder and double click RunThis.bat to start the script.
  • Type Y to begin the cleanup process.
  • It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
  • Press any Key and it will restart the PC.
  • When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
  • Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
    (Report.txt will also be copied to Clipboard ready for posting back on the forum).
  • Finally paste the contents of the Report.txt back on the forum.



  • Download random's system information tool (RSIT) by random/random from here and save it to your desktop.
  • Double click on RSIT.exe to run RSIT.
  • Click Continue at the disclaimer screen.
  • Once it has finished, two logs will open. Please post the contents of both log.txt (<<will be maximized) and info.txt (<<will be minimized)

  • 0

#3
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
I get an error when I go into safe mode and try to run the runthis.bat file.

It says Starting Repairs

Checking Running Processes and Services

then comes on the screen with: 16 bit MS-DOS Subsystem

SDFix
C:\PROGRA~1\Symantec\S32EVNT1.DLL. An Installable Virtual
Device Driver failed Dll initialization.
Choose 'Close' to terminate application.

Thank you for th help.

Edited by VTut2734, 27 August 2008 - 04:08 PM.

  • 0

#4
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Try this instead

Before we begin, you should save these instructions in Notepad to your desktop, or print them, for easy reference. Much of our fix will be done in Safe mode, and you will be unable to access this thread at that time. If you have questions at any point, or are unsure of the instructions, feel free to post here and ask for clarification before proceeding.


Please download SmitfraudFix (by S!Ri) to your Desktop.

Next, please reboot your computer in Safe Mode by doing the following :
  • Restart your computer
  • After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
  • Instead of Windows loading as normal, a menu with options should appear;
  • Select the first option, to run Windows in Safe Mode, then press "Enter".
  • Choose your usual account.
Once in Safe Mode, double-click on SmitfraudFix.exe
Select option #2 - Clean by typing 2 and press "Enter" to delete infected files.

You will be prompted : "Registry cleaning - Do you want to clean the registry ?"; answer "Yes" by typing Y and press "Enter" in order to remove the Desktop background and clean registry keys associated with the infection.

The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found); answer "Yes" by typing Y and press "Enter".

The tool may need to restart your computer to finish the cleaning process; if it doesn't, please restart it into Normal Windows.
A text file will appear onscreen, with results from the cleaning process; please copy/paste the content of that report into your next reply.
The report can also be found at the root of the system drive, usually at C:\rapport.txt

Warning : running option #2 on a non infected computer will remove your Desktop background.
  • 0

#5
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
I ran that and camp up with the following:

SmitFraudFix v2.340

Scan done at 18:18:29.06, Wed 08/27/2008
Run from C:\Documents and Settings\Administrator\Desktop\SmitfraudFix
OS: Microsoft Windows XP [Version 5.1.2600] - Windows_NT
The filesystem type is NTFS
Fix run in safe mode

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll

»»»»»»»»»»»»»»»»»»»»»»»» Killing process


»»»»»»»»»»»»»»»»»»»»»»»» hosts


127.0.0.1 localhost

»»»»»»»»»»»»»»»»»»»»»»»» VACFix

VACFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri
C:\WINDOWS\rodqgpvlndk.dll deleted.
C:\WINDOWS\qalkfxor.dll deleted.
C:\WINDOWS\pdoskegl.dll deleted.
C:\WINDOWS\rqbmvpso.dll deleted.


»»»»»»»»»»»»»»»»»»»»»»»» Winsock2 Fix

S!Ri's WS2Fix: LSP not Found.


»»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

GenericRenosFix by S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files

C:\WINDOWS\privacy_danger\ Deleted
C:\WINDOWS\rvoelbxt.exe Deleted
C:\DOCUME~1\ADMINI~1\Desktop\Error Cleaner.url Deleted
C:\DOCUME~1\ADMINI~1\Desktop\Privacy Protector.url Deleted
C:\DOCUME~1\ADMINI~1\Desktop\Spyware?Malware Protection.url Deleted
C:\DOCUME~1\ADMINI~1\FAVORI~1\Error Cleaner.url Deleted
C:\DOCUME~1\ADMINI~1\FAVORI~1\Privacy Protector.url Deleted
C:\DOCUME~1\ADMINI~1\FAVORI~1\Spyware?Malware Protection.url Deleted

»»»»»»»»»»»»»»»»»»»»»»»» IEDFix

IEDFix
Credits: Malware Analysis & Diagnostic
Code: S!Ri



»»»»»»»»»»»»»»»»»»»»»»»» 404Fix

404Fix
Credits: Malware Analysis & Diagnostic
Code: S!Ri


»»»»»»»»»»»»»»»»»»»»»»»» AntiXPVSTFix


»»»»»»»»»»»»»»»»»»»»»»»» RK


»»»»»»»»»»»»»»»»»»»»»»»» DNS

HKLM\SYSTEM\CCS\Services\Tcpip\..\{75410726-37EB-4336-B9C0-B96CEA1357CF}: DhcpNameServer=24.92.226.40 24.92.226.41
HKLM\SYSTEM\CS1\Services\Tcpip\..\{75410726-37EB-4336-B9C0-B96CEA1357CF}: DhcpNameServer=24.92.226.40 24.92.226.41
HKLM\SYSTEM\CS3\Services\Tcpip\..\{75410726-37EB-4336-B9C0-B96CEA1357CF}: DhcpNameServer=24.92.226.40 24.92.226.41
HKLM\SYSTEM\CCS\Services\Tcpip\Parameters: DhcpNameServer=24.92.226.40 24.92.226.41
HKLM\SYSTEM\CS1\Services\Tcpip\Parameters: DhcpNameServer=24.92.226.40 24.92.226.41
HKLM\SYSTEM\CS3\Services\Tcpip\Parameters: DhcpNameServer=24.92.226.40 24.92.226.41


»»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


»»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
!!!Attention, following keys are not inevitably infected!!!

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"System"=""


»»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

Registry Cleaning done.

»»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
!!!Attention, following keys are not inevitably infected!!!

SrchSTS.exe by S!Ri
Search SharedTaskScheduler's .dll


»»»»»»»»»»»»»»»»»»»»»»»» End
  • 0

#6
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Ok do this

Please visit this web page for instructions for downloading and running ComboFix

http://www.bleepingc...to-use-combofix

This includes installing the Windows XP Recovery Console in case you have not installed it yet.

For more information on the Windows XP Recovery Console read http://support.microsoft.com/kb/314058.

Once you install the Recovery Console, when you reboot your computer, you'll see the option for the Recovery Console now as well. Don't select Recovery Console as we don't need it. By default, your main OS is selected there. The screen stays for 2 seconds and then it proceeds to load Windows. That is normal.

Post the log from ComboFix when you've accomplished that, along with a new HijackThis log.
  • 0

#7
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
The combo fix program worked but i am having trouble with the windowsXP recovery console. I have a Recovery and Utility Disc unsure if that is the disk that is mentioned.

Edited by VTut2734, 27 August 2008 - 04:53 PM.

  • 0

#8
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Just go and run CF
  • 0

#9
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
ComboFix 08-08-27.01 - Administrator 2008-08-27 19:00:10.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1334 [GMT -4:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\#SharedObjects\9KTAZ578\bin.clearspring.com
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\#SharedObjects\9KTAZ578\bin.clearspring.com\clearspring.sol
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\#SharedObjects\9KTAZ578\bin.clearspring.com\ws\wan\wanLib.swf\466dd521294898ea.sol
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\#SharedObjects\9KTAZ578\interclick.com
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\#SharedObjects\9KTAZ578\interclick.com\ud.sol
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#interclick.com\settings.sol
C:\Documents and Settings\Administrator\Cookies\[email protected][2].txt
C:\WINDOWS\Downloaded Program Files\setup.inf
C:\WINDOWS\pskt.ini
C:\WINDOWS\system32\akxpovnf.ini
C:\WINDOWS\system32\amuxyivk.ini
C:\WINDOWS\system32\axsyxcsd.ini
C:\WINDOWS\system32\bcnuhrks.ini
C:\WINDOWS\system32\brgsbohc.ini
C:\WINDOWS\system32\cbaduppx.ini
C:\WINDOWS\system32\CeNXxyxx.ini
C:\WINDOWS\system32\CeNXxyxx.ini2
C:\WINDOWS\system32\crgrmvny.ini
C:\WINDOWS\system32\cvhwrcmu.ini
C:\WINDOWS\system32\dokkhcat.ini
C:\WINDOWS\system32\drjtaxry.ini
C:\WINDOWS\system32\dvntubyx.ini
C:\WINDOWS\system32\ebjpdskk.ini
C:\WINDOWS\system32\efceyyjo.ini
C:\WINDOWS\system32\ehjuaojy.ini
C:\WINDOWS\system32\fbjdpwqt.ini
C:\WINDOWS\system32\fgdlgdva.ini
C:\WINDOWS\system32\flpmhpyr.ini
C:\WINDOWS\system32\gotycknx.ini
C:\WINDOWS\system32\grtbpqwh.ini
C:\WINDOWS\system32\hnysqarp.ini
C:\WINDOWS\system32\hunidhkx.ini
C:\WINDOWS\system32\hvnxrjtw.ini
C:\WINDOWS\system32\IhiRqBeg.ini
C:\WINDOWS\system32\IhiRqBeg.ini2
C:\WINDOWS\system32\kcbhqtjl.ini
C:\WINDOWS\system32\KlRYaccf.ini
C:\WINDOWS\system32\KlRYaccf.ini2
C:\WINDOWS\system32\lhhefpwj.dll
C:\WINDOWS\system32\llpvhstw.ini
C:\WINDOWS\system32\lndlvyey.ini
C:\WINDOWS\system32\mcrh.tmp
C:\WINDOWS\system32\mjbjsjah.dll
C:\WINDOWS\system32\mrprrmre.dll
C:\WINDOWS\system32\MSINET.oca
C:\WINDOWS\system32\nldgufbm.ini
C:\WINDOWS\system32\noksqmqj.ini
C:\WINDOWS\system32\pkgeqwah.ini
C:\WINDOWS\system32\pmmadulw.ini
C:\WINDOWS\system32\pnagvafc.ini
C:\WINDOWS\system32\qhrvieyc.ini
C:\WINDOWS\system32\rbcnwdte.ini
C:\WINDOWS\system32\rgdxslji.ini
C:\WINDOWS\system32\rkjjdd.dll
C:\WINDOWS\system32\sAKQAcfe.ini
C:\WINDOWS\system32\sAKQAcfe.ini2
C:\WINDOWS\system32\shdldkcf.ini
C:\WINDOWS\system32\ssgpqeet.ini
C:\WINDOWS\system32\swmhmngi.ini
C:\WINDOWS\system32\tfydbewx.dll
C:\WINDOWS\system32\tlhlfspr.ini
C:\WINDOWS\system32\ugjoml.dll
C:\WINDOWS\system32\vehujbge.ini
C:\WINDOWS\system32\wenijrdf.ini
C:\WINDOWS\system32\WEOWDcfe.ini
C:\WINDOWS\system32\WEOWDcfe.ini2
C:\WINDOWS\system32\wycdd.bak1
C:\WINDOWS\system32\wycdd.bak2
C:\WINDOWS\system32\wycdd.ini
C:\WINDOWS\system32\xmoexmij.ini
C:\WINDOWS\system32\xtnnuxsm.ini
C:\WINDOWS\system32\xuagpdic.ini
C:\WINDOWS\system32\YaHRqtwa.ini
C:\WINDOWS\system32\YaHRqtwa.ini2
C:\WINDOWS\system32\ycbeg.bak1
C:\WINDOWS\system32\ycbeg.ini
C:\WINDOWS\system32\ynydacys.ini
C:\WINDOWS\system32\yyhgstav.ini
D:\Autorun.inf

.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.

-------\Legacy_DOMAINSERVICE
-------\Legacy_IISLVC
-------\Service_IISLvc


((((((((((((((((((((((((( Files Created from 2008-07-27 to 2008-08-27 )))))))))))))))))))))))))))))))
.

2008-08-27 18:18 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-08-27 18:18 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-08-27 18:18 . 2008-08-26 20:19 88,576 --a------ C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-08-27 18:18 . 2008-08-27 15:17 87,040 --a------ C:\WINDOWS\system32\VACFix.exe
2008-08-27 18:18 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-08-27 18:18 . 2008-08-14 21:52 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-08-27 18:18 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-08-27 18:18 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-08-27 18:18 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-08-27 18:18 . 2008-08-27 18:18 5,682 --a------ C:\WINDOWS\system32\tmp.reg
2008-08-27 18:15 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-08-27 13:23 . 2008-08-27 13:23 <DIR> d-------- C:\WINDOWS\ERUNT
2008-08-27 12:59 . 2008-08-27 18:05 <DIR> d-------- C:\SDFix
2008-08-26 21:08 . 2008-08-26 21:13 <DIR> d-------- C:\Program Files\vghd
2008-08-26 21:08 . 2008-08-26 21:08 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\vghd
2008-08-26 21:08 . 2008-08-26 21:13 152,920 --a------ C:\WINDOWS\system32\vghd.scr
2008-08-26 20:53 . 2008-08-26 20:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-20 09:29 . 2008-08-20 09:29 <DIR> d-------- C:\WINDOWS\system32\eMaxt02
2008-08-20 09:29 . 2008-08-20 09:29 <DIR> d-------- C:\temp\bbc2
2008-08-19 22:33 . 2008-08-19 22:41 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\MP3Rocket
2008-08-19 22:31 . 2008-08-19 22:41 <DIR> d-------- C:\Program Files\MP3 Rocket
2008-08-19 22:26 . 2008-08-19 22:26 0 --ah----- C:\WINDOWS\SwSys2.bmp
2008-08-19 22:26 . 2008-08-19 22:26 0 --ah----- C:\WINDOWS\SwSys1.bmp
2008-08-13 11:00 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-08-13 11:00 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-08-13 11:00 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-08-13 11:00 . 2003-05-22 16:31 55,808 --a------ C:\WINDOWS\system32\lfpsd13n.dll
2008-08-04 12:18 . 2008-08-04 12:18 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Windows Search
2008-08-04 12:16 . 2008-08-04 12:16 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
2008-08-04 12:16 . 2008-08-04 12:25 <DIR> d-------- C:\Program Files\Windows Desktop Search
2008-08-01 13:11 . 2008-08-01 15:40 <DIR> d-------- C:\WINDOWS\system32\kBin15
2008-08-01 13:11 . 2008-08-01 13:11 <DIR> d-------- C:\temp\epr1

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-27 22:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-08-27 01:58 --------- d-----w C:\Program Files\Shockwave.com
2008-08-20 20:10 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-20 13:31 --------- d-----w C:\Documents and Settings\Administrator\Application Data\LimeWire
2008-08-20 02:57 --------- d-----w C:\Program Files\Real
2008-08-17 02:42 0 ----a-w C:\WINDOWS\system32\drivers\FUJITSU_A1A5J3E617B30000_WXPTPC.MKR
2008-07-24 14:24 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-24 14:24 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-24 14:23 --------- d-----w C:\Program Files\Common Files\Download Manager
2008-07-24 14:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-24 00:09 38,472 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-24 00:09 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-07-01 01:05 --------- d-----w C:\Program Files\Common Files\Java
2008-07-01 00:59 --------- d-----w C:\Program Files\Microsoft Games
2008-06-30 23:50 --------- d-----w C:\Program Files\Java
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-22 18:38 36864]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:54 5674352]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2008-01-03 12:15 50528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATSwpNav"="C:\Program Files\Fingerprint Sensor\ATSwpNav -run" [X]
"TabletWizard"="C:\WINDOWS\help\SplshWrp.exe" [2004-08-04 08:00 16384]
"TabletTip"="C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" [2006-06-02 09:33 271872]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-02-26 14:34 155648]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-02-26 14:33 131072]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-09 01:26 794713]
"IndicatorUtility"="C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2006-07-12 20:43 90112]
"LoadFUJ02E3"="C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2006-11-17 18:38 80688]
"LoadBtnHnd"="C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe" [2003-08-20 21:24 61440]
"SSUtility"="C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe" [2006-07-22 13:10 233472]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-14 01:33 52832]
"FjStrtAp"="C:\Program Files\Fujitsu\Utils\FjStrtAp.exe" [2007-03-13 17:55 20480]
"Snippet"="C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" [2005-02-25 16:20 68296]
"OmniPass"="C:\Program Files\Softex\OmniPass\scureapp.exe" [2006-06-10 20:24 1966080]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-03-06 19:47 819200]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-03-06 19:44 970752]
"FJUPDNV_Chitose"="C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe" [2006-07-21 23:12 303104]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2006-12-22 12:27 497176]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-12-22 12:28 756248]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-12-14 12:07 176128]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-29 18:36 185896]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-27 01:47 31016]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2003-12-01 11:38 892928]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-12 04:05 16125440 C:\WINDOWS\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 16:32 89541 C:\WINDOWS\AGRSMMSG.exe]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 05:50 19968 C:\WINDOWS\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-27 21:17 443968]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 23:24:54 98632]
VirtuaGirl HD.LNK - C:\Program Files\vghd\vghd.exe [2008-08-26 21:09:03 11875648]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-03 00:38:14 2756608]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-08-22 18:38:17 196608]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispSettingPage"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
2004-08-04 08:00 47104 C:\Program Files\Common Files\Microsoft Shared\Ink\LoginKey.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
2006-06-10 20:02 49152 C:\Program Files\Softex\OmniPass\OPXPGina.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
2002-08-29 06:41 11776 C:\WINDOWS\system32\tabbtnwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
2006-10-05 08:45 31744 C:\WINDOWS\system32\tpgwlnot.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=pnrmij.dll,ugjoml.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Java\\jre1.6.0_06\\bin\\javaw.exe"=

R0 FBIOSDRV;FBIOSDRV;C:\WINDOWS\system32\drivers\FBIOSDRV.SYS [2006-08-28 20:56]
R0 FJGPNV;FJGPNV;C:\WINDOWS\system32\drivers\FJGPNV.SYS [2006-01-11 21:21]
R0 FJGSDisk;G-Sensor Application Filter Driver;C:\WINDOWS\system32\DRIVERS\FJGSDisk.sys [2007-04-19 03:05]
R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-10-03 16:23]
R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2006-10-12 14:47]
R2 Viewpoint Manager Service;Viewpoint Manager Service;C:\Program Files\Viewpoint\Common\ViewpointService.exe [2007-01-04 17:38]
R3 Fjbtndrv;Fujitsu Button Driver;C:\WINDOWS\system32\DRIVERS\FjBtnDrv.sys [2006-03-30 00:43]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys [2004-01-17 23:15]
R3 hidpen;Wacom Serial Pen HID MiniDriver;C:\WINDOWS\system32\DRIVERS\hidpen.sys [2006-05-10 01:32]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-09-19 18:58]
R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;C:\WINDOWS\system32\DRIVERS\ozscr.sys [2006-03-08 01:44]
S3 ADVNTDRV;ADVNTDRV;C:\WINDOWS\system32\drivers\ADVNTDRV.SYS [1999-11-18 20:20]
S3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\Drivers\LCcFltr.Sys [2003-11-07 05:50]
S3 WacomPen;Wacom Serial Pen HID Driver;C:\WINDOWS\system32\DRIVERS\wacompen.sys [2004-08-03 19:04]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]
\Shell\AutoRun\command - D:\setupSNK.exe
.
Contents of the 'Scheduled Tasks' folder

2008-08-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57]
.
- - - - ORPHANS REMOVED - - - -

BHO-{0A528CF4-7325-4D78-9899-E5E466B7A54C} - C:\WINDOWS\system32\gebcy.dll
BHO-{121B5FA6-1D6D-403A-8D10-C6A68579A1A1} - C:\WINDOWS\system32\geBqRihI.dll
BHO-{2753B591-D1EC-4A00-93E4-CEC5247EB60C} - C:\WINDOWS\system32\rqRJCRKc.dll
BHO-{4F6BCB83-2CB8-4682-8464-6A84A4912ACD} - C:\WINDOWS\system32\fccaYRlK.dll
BHO-{69A8D5D8-95C6-42C0-B206-72A0A08A4E11} - C:\WINDOWS\system32\ddcyw.dll
BHO-{75ED82AA-D187-4E5B-9F5D-B088968CFC3B} - C:\WINDOWS\system32\efcDWOEW.dll
BHO-{BD0515AB-280B-4848-B053-DA8D0AE459F4} - C:\WINDOWS\system32\efcAQKAs.dll
BHO-{C6804E59-C975-4B09-BEE7-71C3310101B0} - C:\WINDOWS\system32\awtqRHaY.dll
BHO-{D611E0FB-59AC-45FD-BF3B-A8A983154AA5} - C:\WINDOWS\system32\xxyxXNeC.dll
HKCU-Run-Active Desktop Calendar - C:\Program Files\XemiComputers\Active Desktop Calendar\ADC.exe
HKCU-Run-ares - C:\Program Files\Ares\Ares.exe
HKCU-Run-DW6 - C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
ShellExecuteHooks-{2753B591-D1EC-4A00-93E4-CEC5247EB60C} - C:\WINDOWS\system32\rqRJCRKc.dll
Notify-qomjjki - qomjjki.dll
Notify-rqRJCRKc - rqRJCRKc.dll
Notify-ssqqpnk - ssqqpnk.dll
Notify-urqoopo - urqoopo.dll
Notify-vtusspq - vtusspq.dll


.
------- Supplementary Scan -------
.
R1 -: HKCU-Internet Connection Wizard,ShellNext = iexplore
R1 -: HKCU-Internet Settings,ProxyOverride = *.local
O8 -: &Search
O8 -: Add to EverNote - C:\Program Files\EverNote\EverNote\enbar.dll/2000
O8 -: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O18 -: Handler: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll

O16 -: RaptisoftGameLoader - hxxp://www.miniclip.com/games/hamsterball/en/raptisoftgameloader.cab
C:\WINDOWS\Downloaded Program Files\OSD28E7.OSD
C:\WINDOWS\Downloaded Program Files\RSGameLoader.dll

O16 -: {7D731A83-6C80-4EA4-9646-5E06A0513274} - hxxp://www.shockwave.com/content/snailmail/sis/slgwebinstall.cab
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\slgwebinstall.inf
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\slghex.dll
C:\WINDOWS\Downloaded Program Files\CONFLICT.1\slgwebinstall.dll

O16 -: {C228AEDD-FC47-11D3-AF87-D128A9381404} - hxxp://www.link-systems.com/~sdk/SDK/paste/lsiw2k.cab
C:\WINDOWS\Downloaded Program Files\lsiw2k.inf

O16 -: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} - hxxp://www.miniclip.com/igloader/igloader.CAB
C:\WINDOWS\Downloaded Program Files\igloader.inf
C:\WINDOWS\Downloaded Program Files\igloader.dll

O16 -: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://128.173.201.214/activex/AMC.cab
C:\WINDOWS\Downloaded Program Files\setup.inf
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-27 19:27:37
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...


C:\WINDOWS\TEMP\9sn6mv89.TMP

scan completed successfully
hidden files: 1

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Softex\OmniPass\opxpgina.dll
.
------------------------ Other Running Processes ------------------------
.
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
C:\WINDOWS\system32\scardsvr.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\digtizer.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\igfxext.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Softex\OmniPass\OmniServ.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\system32\wisptis.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\tabbtnu.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\tcserver.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\Utils\FjEvents.exe
C:\Program Files\Fujitsu\Utils\FjMenu.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\Common Files\LogiShrd\LQCVFX\COCIManager.exe
C:\Program Files\vghd\VirtuaGirl_Downloader.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHSP.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\AIM6\aolsoftware.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
.
**************************************************************************
.
Completion time: 2008-08-27 19:39:25 - machine was rebooted
ComboFix-quarantined-files.txt 2008-08-27 23:39:22

Pre-Run: 69,023,170,560 bytes free
Post-Run: 70,788,210,688 bytes free

368 --- E O F --- 2008-06-21 04:01:32
  • 0

#10
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

1. Close any open browsers.

2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

3. Open notepad and copy/paste the text in the quotebox below into it:

File::
C:\WINDOWS\SwSys2.bmp
C:\WINDOWS\SwSys1.bmp


Folder::
C:\WINDOWS\system32\kBin15
C:\temp\epr1
C:\WINDOWS\system32\eMaxt02
C:\temp\bbc2

Registry::
[-HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\D]

Driver::


Save this as CFScript.txt, in the same location as ComboFix.exe


Posted Image

Refering to the picture above, drag CFScript into ComboFix.exe

When finished, it shall produce a log for you at C:\ComboFix.txt which I will require in your next reply.



Also post a new HJT log
  • 0

Advertisements


#11
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
ComboFix 08-08-27.01 - Administrator 2008-08-28 14:27:03.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.1354 [GMT -4:00]
Running from: C:\Documents and Settings\Administrator\Desktop\ComboFix.exe
Command switches used :: C:\Documents and Settings\Administrator\Desktop\CFScript.txt
* Created a new restore point

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
C:\WINDOWS\SwSys1.bmp
C:\WINDOWS\SwSys2.bmp
.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.

C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\#SharedObjects\9KTAZ578\bin.clearspring.com
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\#SharedObjects\9KTAZ578\bin.clearspring.com\clearspring.sol
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com
C:\Documents and Settings\Administrator\Application Data\macromedia\Flash Player\macromedia.com\support\flashplayer\sys\#bin.clearspring.com\settings.sol
C:\temp\bbc2
C:\temp\epr1
C:\WINDOWS\SwSys1.bmp
C:\WINDOWS\SwSys2.bmp
C:\WINDOWS\system32\eMaxt02
C:\WINDOWS\system32\eMaxt02\eMaxt022328.exe
C:\WINDOWS\system32\kBin15

.
((((((((((((((((((((((((( Files Created from 2008-07-28 to 2008-08-28 )))))))))))))))))))))))))))))))
.

2008-08-27 18:18 . 2007-09-06 00:22 289,144 --a------ C:\WINDOWS\system32\VCCLSID.exe
2008-08-27 18:18 . 2006-04-27 17:49 288,417 --a------ C:\WINDOWS\system32\SrchSTS.exe
2008-08-27 18:18 . 2008-08-26 20:19 88,576 --a------ C:\WINDOWS\system32\AntiXPVSTFix.exe
2008-08-27 18:18 . 2008-08-27 15:17 87,040 --a------ C:\WINDOWS\system32\VACFix.exe
2008-08-27 18:18 . 2008-05-18 21:40 82,944 --a------ C:\WINDOWS\system32\IEDFix.exe
2008-08-27 18:18 . 2008-08-14 21:52 82,432 --a------ C:\WINDOWS\system32\IEDFix.C.exe
2008-08-27 18:18 . 2008-08-18 12:19 82,432 --a------ C:\WINDOWS\system32\404Fix.exe
2008-08-27 18:18 . 2004-07-31 18:50 51,200 --a------ C:\WINDOWS\system32\dumphive.exe
2008-08-27 18:18 . 2007-10-04 00:36 25,600 --a------ C:\WINDOWS\system32\WS2Fix.exe
2008-08-27 18:18 . 2008-08-27 18:18 5,682 --a------ C:\WINDOWS\system32\tmp.reg
2008-08-27 18:15 . 2003-06-05 21:13 53,248 --a------ C:\WINDOWS\system32\Process.exe
2008-08-27 13:23 . 2008-08-27 13:23 <DIR> d-------- C:\WINDOWS\ERUNT
2008-08-27 12:59 . 2008-08-27 18:05 <DIR> d-------- C:\SDFix
2008-08-26 21:08 . 2008-08-26 21:13 <DIR> d-------- C:\Program Files\vghd
2008-08-26 21:08 . 2008-08-26 21:08 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\vghd
2008-08-26 21:08 . 2008-08-26 21:13 152,920 --a------ C:\WINDOWS\system32\vghd.scr
2008-08-26 20:53 . 2008-08-26 20:53 <DIR> d-------- C:\Program Files\Trend Micro
2008-08-19 22:33 . 2008-08-19 22:41 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\MP3Rocket
2008-08-19 22:31 . 2008-08-19 22:41 <DIR> d-------- C:\Program Files\MP3 Rocket
2008-08-13 11:00 . 2004-05-14 16:53 462,848 --a------ C:\WINDOWS\system32\ltkrn13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 450,560 --a------ C:\WINDOWS\system32\ltimg13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 401,408 --a------ C:\WINDOWS\system32\lfcmp13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 299,008 --a------ C:\WINDOWS\system32\ltdis13n.dll
2008-08-13 11:00 . 2004-01-12 02:09 206,336 --a------ C:\WINDOWS\system32\ltefx13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 163,840 --a------ C:\WINDOWS\system32\ltfil13n.dll
2008-08-13 11:00 . 2003-11-04 15:10 69,632 --a------ C:\WINDOWS\system32\lfgif13n.dll
2008-08-13 11:00 . 2004-05-14 16:53 57,344 --a------ C:\WINDOWS\system32\lfbmp13n.dll
2008-08-13 11:00 . 2003-05-22 16:31 55,808 --a------ C:\WINDOWS\system32\lfpsd13n.dll
2008-08-04 12:18 . 2008-08-04 12:18 <DIR> d-------- C:\Documents and Settings\Administrator\Application Data\Windows Search
2008-08-04 12:16 . 2008-08-04 12:16 <DIR> d-------- C:\WINDOWS\system32\GroupPolicy
2008-08-04 12:16 . 2008-08-04 12:25 <DIR> d-------- C:\Program Files\Windows Desktop Search

.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-08-28 04:08 --------- d-----w C:\Documents and Settings\All Users\Application Data\Microsoft Help
2008-08-27 22:33 --------- d-----w C:\Documents and Settings\All Users\Application Data\avg8
2008-08-27 01:58 --------- d-----w C:\Program Files\Shockwave.com
2008-08-20 20:10 --------- d-----w C:\Program Files\Microsoft Silverlight
2008-08-20 13:31 --------- d-----w C:\Documents and Settings\Administrator\Application Data\LimeWire
2008-08-20 02:57 --------- d-----w C:\Program Files\Real
2008-08-17 02:42 0 ----a-w C:\WINDOWS\system32\drivers\FUJITSU_A1A5J3E617B30000_WXPTPC.MKR
2008-07-24 14:24 --------- d-----w C:\Program Files\Malwarebytes' Anti-Malware
2008-07-24 14:24 --------- d-----w C:\Documents and Settings\Administrator\Application Data\Malwarebytes
2008-07-24 14:23 --------- d-----w C:\Program Files\Common Files\Download Manager
2008-07-24 14:23 --------- d-----w C:\Documents and Settings\All Users\Application Data\Malwarebytes
2008-07-24 00:09 38,472 ----a-w C:\WINDOWS\system32\drivers\mbamswissarmy.sys
2008-07-24 00:09 17,144 ----a-w C:\WINDOWS\system32\drivers\mbam.sys
2008-07-07 20:32 253,952 ----a-w C:\WINDOWS\system32\es.dll
2008-07-01 15:02 1,376,528 ----a-w C:\WINDOWS\system32\msvbvm60.dll
2008-07-01 01:05 --------- d-----w C:\Program Files\Common Files\Java
2008-07-01 00:59 --------- d-----w C:\Program Files\Microsoft Games
2008-06-30 23:50 --------- d-----w C:\Program Files\Java
2008-06-24 16:23 74,240 ----a-w C:\WINDOWS\system32\mscms.dll
2008-06-23 16:57 826,368 ----a-w C:\WINDOWS\system32\wininet.dll
2008-06-20 17:41 245,248 ----a-w C:\WINDOWS\system32\mswsock.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx0c.dll
2008-05-30 23:22 823,296 ----a-w C:\WINDOWS\system32\divx_xx07.dll
2008-05-30 23:22 815,104 ----a-w C:\WINDOWS\system32\divx_xx0a.dll
2008-05-30 23:22 802,816 ----a-w C:\WINDOWS\system32\divx_xx11.dll
2008-05-30 23:22 683,520 ----a-w C:\WINDOWS\system32\DivX.dll
2008-05-30 23:22 593,920 ----a-w C:\WINDOWS\system32\dpuGUI11.dll
2008-05-30 23:22 57,344 ----a-w C:\WINDOWS\system32\dpv11.dll
2008-05-30 23:22 53,248 ----a-w C:\WINDOWS\system32\dpuGUI10.dll
2008-05-30 23:22 344,064 ----a-w C:\WINDOWS\system32\dpus11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu11.dll
2008-05-30 23:22 294,912 ----a-w C:\WINDOWS\system32\dpu10.dll
.

((((((((((((((((((((((((((((( [email protected]_19.39.08.34 )))))))))))))))))))))))))))))))))))))))))
.
+ 2008-07-07 20:06:43 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP2QFE\es.dll
+ 2008-07-07 20:26:58 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3GDR\es.dll
+ 2008-07-07 20:23:18 253,952 ----a-w C:\WINDOWS\$hf_mig$\KB950974\SP3QFE\es.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB950974\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB950974\update\updspapi.dll
+ 2008-07-14 11:03:00 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP2QFE\tzchange.exe
+ 2008-07-11 12:42:28 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3GDR\tzchange.exe
+ 2008-07-11 12:51:51 62,976 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\SP3QFE\tzchange.exe
+ 2007-11-30 11:18:51 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spmsg.dll
+ 2007-11-30 11:18:51 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\spuninst.exe
+ 2007-11-30 11:18:51 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951072-v2\update\updspapi.dll
+ 2006-08-16 12:08:32 100,352 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\6to4svc.dll
+ 2008-06-20 10:44:08 138,368 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\afd.sys
+ 2008-06-20 17:36:11 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\dnsapi.dll
+ 2008-06-20 17:36:11 245,248 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\mswsock.dll
+ 2008-06-20 10:44:42 360,960 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip.sys
+ 2008-06-20 09:32:39 225,920 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP2QFE\tcpip6.sys
+ 2008-06-20 11:40:08 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\afd.sys
+ 2008-06-20 17:46:57 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\dnsapi.dll
+ 2008-06-20 17:46:57 245,248 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\mswsock.dll
+ 2008-06-20 11:51:12 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip.sys
+ 2008-06-20 11:08:27 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3GDR\tcpip6.sys
+ 2008-06-20 11:48:03 138,496 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\afd.sys
+ 2008-06-20 17:43:05 147,968 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\dnsapi.dll
+ 2008-06-20 17:43:05 245,248 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\mswsock.dll
+ 2008-06-20 11:59:02 361,600 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip.sys
+ 2008-06-20 11:16:44 225,856 ----a-w C:\WINDOWS\$hf_mig$\KB951748\SP3QFE\tcpip6.sys
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB951748\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\spcustom.dll
+ 2007-11-30 12:39:18 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\update.exe
+ 2007-11-30 12:39:19 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB951748\update\updspapi.dll
+ 2008-06-24 16:28:00 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP2QFE\mscms.dll
+ 2008-06-24 16:43:16 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3GDR\mscms.dll
+ 2008-06-24 16:53:10 74,240 ----a-w C:\WINDOWS\$hf_mig$\KB952954\SP3QFE\mscms.dll
+ 2007-11-30 12:39:22 17,272 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spmsg.dll
+ 2007-11-30 12:39:22 231,288 ----a-w C:\WINDOWS\$hf_mig$\KB952954\spuninst.exe
+ 2007-11-30 12:39:22 26,488 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\spcustom.dll
+ 2007-11-30 12:39:22 755,576 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\update.exe
+ 2007-11-30 12:39:22 382,840 ----a-w C:\WINDOWS\$hf_mig$\KB952954\update\updspapi.dll
- 2008-02-04 14:18:49 248,632 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
+ 2008-08-28 04:07:45 250,928 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.PowerPoint\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.PowerPoint.dll
- 2008-02-04 14:18:49 781,104 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
+ 2008-08-28 04:03:42 783,744 ----a-w C:\WINDOWS\assembly\GAC\Microsoft.Office.Interop.Word\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Interop.Word.dll
- 2008-02-04 14:19:27 118,112 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
+ 2008-08-28 04:03:59 120,408 ----a-w C:\WINDOWS\assembly\GAC_32\Microsoft.Office.InfoPath.Client.Internal.Host.Interop\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.Interop.dll
- 2008-02-04 14:19:26 609,104 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2008-08-28 04:03:59 611,392 ----a-w C:\WINDOWS\assembly\GAC_MSIL\Microsoft.Office.InfoPath.Client.Internal.Host\12.0.0.0__71e9bce111e9429c\Microsoft.Office.Infopath.Client.Internal.Host.dll
+ 2008-04-23 04:16:28 124,928 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\advpack.dll
+ 2008-04-23 04:16:28 347,136 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtmsft.dll
+ 2008-04-23 04:16:28 214,528 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\dxtrans.dll
+ 2008-04-23 04:16:28 133,120 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\extmgr.dll
+ 2008-04-23 04:16:28 63,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\icardie.dll
+ 2008-04-22 07:39:58 70,656 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ie4uinit.exe
+ 2008-04-23 04:16:28 153,088 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakeng.dll
+ 2008-04-23 04:16:28 230,400 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieaksie.dll
+ 2008-04-20 05:07:51 161,792 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieakui.dll
+ 2008-04-23 04:16:28 383,488 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieapfltr.dll
+ 2008-04-23 04:16:28 384,512 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iedkcs32.dll
+ 2008-04-23 04:16:28 6,066,176 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieframe.dll
+ 2008-04-23 04:16:28 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iernonce.dll
+ 2008-04-23 04:16:28 267,776 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iertutil.dll
+ 2007-08-13 22:39:10 13,312 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\ieudinit.exe
+ 2008-04-22 07:40:18 625,664 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\iexplore.exe
+ 2008-04-23 04:16:28 27,648 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\jsproxy.dll
+ 2008-04-23 04:16:28 459,264 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeeds.dll
+ 2008-04-23 04:16:28 52,224 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msfeedsbs.dll
+ 2008-04-24 02:16:30 3,591,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtml.dll
+ 2008-04-23 04:16:28 478,208 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mshtmled.dll
+ 2008-04-23 04:16:28 193,024 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\msrating.dll
+ 2008-04-23 04:16:28 671,232 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\mstime.dll
+ 2008-04-23 04:16:28 102,912 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\occache.dll
+ 2008-04-23 04:16:28 44,544 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\pngfilt.dll
+ 2007-03-06 01:22:39 213,216 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\spuninst.exe
+ 2007-03-06 01:23:51 371,424 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\spuninst\updspapi.dll
+ 2008-04-23 04:16:28 105,984 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\url.dll
+ 2008-04-23 04:16:29 1,159,680 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\urlmon.dll
+ 2008-04-23 04:16:29 233,472 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\webcheck.dll
+ 2008-04-23 04:16:29 826,368 -c----w C:\WINDOWS\ie7updates\KB953838-IE7\wininet.dll
+ 2006-10-27 02:49:48 1,011,488 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSDAIPP.DLL
+ 2006-10-27 02:49:46 970,528 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109010090400000000000F01FEC\12.0.4518\MSONSEXT.DLL
+ 2006-10-27 01:12:56 396,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MOC.EXE
+ 2007-05-08 16:10:18 16,874,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\MSO.DLL
+ 2007-03-22 05:56:50 8,425,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OARTCONV.DLL
+ 2006-10-27 22:18:36 1,658,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OGL.DLL
+ 2007-05-10 14:04:28 846,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\OICE.EXE
+ 2007-05-10 15:11:42 1,767,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PPCNV.DLL
+ 2007-03-22 00:00:06 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6021\PXBCOM.EXE
+ 2007-08-24 09:00:34 1,767,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\PPCNV.DLL
+ 2007-08-24 09:00:48 72,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002109020090400000000000F01FEC\12.0.6215\PXBCOM.EXE
+ 2006-10-27 20:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACACEDAO.DLL
+ 2006-10-27 02:18:12 162,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACCWIZ.DLL
+ 2006-10-27 22:00:12 1,751,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACECORE.DLL
+ 2006-10-27 22:00:10 576,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEDAO.DLL
+ 2006-10-27 22:00:06 47,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEERR.DLL
+ 2006-10-27 22:00:08 191,360 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEES.DLL
+ 2006-10-27 03:13:34 338,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEEXCH.DLL
+ 2006-10-27 03:13:44 629,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEEXCL.DLL
+ 2006-10-27 03:13:28 207,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACELTS.DLL
+ 2006-10-27 03:13:32 279,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEODBC.DLL
+ 2006-10-27 03:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEODDBS.DLL
+ 2006-10-27 03:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEODEXL.DLL
+ 2006-10-27 03:13:08 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEODPDX.DLL
+ 2006-10-27 03:13:12 15,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEODTXT.DLL
+ 2006-10-27 22:00:06 387,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEOLEDB.DLL
+ 2006-10-27 03:13:38 392,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEPDE.DLL
+ 2006-10-27 03:13:30 260,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACER2X.DLL
+ 2006-10-27 03:13:32 289,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACER3X.DLL
+ 2006-10-27 03:13:20 56,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACERCLR.DLL
+ 2006-10-27 03:13:38 551,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEREP.DLL
+ 2006-10-27 03:13:30 224,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACETXT.DLL
+ 2006-10-27 20:40:34 208,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEWSS.DLL
+ 2006-10-27 03:13:34 371,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ACEXBE.DLL
+ 2006-10-27 22:41:04 399,640 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\CDLMSO.DLL
+ 2006-10-27 02:59:24 205,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\CLVIEW.EXE
+ 2006-10-27 02:30:42 65,312 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\COLLIMP.DLL
+ 2006-10-27 01:12:52 189,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\CONTACTPICKER.DLL
+ 2006-10-27 05:48:08 234,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\DRAT.EXE
+ 2006-10-27 02:48:14 439,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\DWDCW20.DLL
+ 2006-10-26 21:10:08 1,190,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\FM20.DLL
+ 2006-10-26 21:04:58 75,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\FORM.DLL
+ 2006-10-27 02:21:24 1,682,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\FPSRVUTL.DLL
+ 2006-10-27 22:09:36 983,376 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\FPWEC.DLL
+ 2006-10-27 01:02:12 2,526,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GRAPH.EXE
+ 2006-10-27 20:37:44 338,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVE.EXE
+ 2006-10-27 20:38:02 6,191,400 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEACCOUNTMGR.DLL
+ 2006-10-27 20:37:44 284,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEAUDIO.DLL
+ 2006-10-27 05:47:54 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEAUDITSERVICE.EXE
+ 2006-10-27 20:37:40 34,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEAUTOPROXY.DLL
+ 2006-10-27 20:37:44 300,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVECALENDARTOOL.DLL
+ 2006-10-27 05:47:44 33,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVECLEAN.EXE
+ 2006-10-27 20:37:56 2,689,336 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVECOMMONCOMPONENTS.DLL
+ 2006-10-27 20:38:00 3,508,544 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSERVICES.DLL
+ 2006-10-27 20:37:40 117,584 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVECOMMUNICATIONSSTATUSANDCONTROL.DLL
+ 2006-10-27 20:37:50 768,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVECOMPONENTMGR.DLL
+ 2006-10-27 20:37:52 1,359,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVECRYPTO.DLL
+ 2006-10-27 05:48:24 377,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEDATAVIEWERTOOL.DLL
+ 2006-10-27 20:37:58 3,071,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEDOCUMENTSHARETOOL.DLL
+ 2006-10-27 20:37:44 284,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEFETCHSERVICES.DLL
+ 2006-10-27 05:48:00 197,920 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEGAMES.DLL
+ 2006-10-27 05:48:18 317,736 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEMIGRATOR.EXE
+ 2006-10-27 05:48:40 1,555,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEMISC.DLL
+ 2006-10-27 05:47:42 31,016 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEMONITOR.EXE
+ 2006-10-27 05:47:40 22,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVENEW.DLL
+ 2006-10-27 05:48:02 224,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEPROJECTTOOLSET.DLL
+ 2006-10-27 20:38:04 7,053,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVERESOURCE.DLL
+ 2006-10-27 05:48:42 2,210,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVESHELLEXTENSIONS.DLL
+ 2006-10-27 05:48:18 363,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVESKETCHTOOL.DLL
+ 2006-10-27 05:47:40 16,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVESTDURLLAUNCHER.EXE
+ 2006-10-27 20:37:56 2,738,472 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVESTORAGEMGR.DLL
+ 2006-10-27 20:37:38 35,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVESYSTEMMODE.DLL
+ 2006-10-27 05:48:02 222,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVESYSTEMSERVICES.DLL
+ 2006-10-27 20:37:50 1,163,048 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVETEXTTOOLS.DLL
+ 2006-10-27 20:38:00 4,746,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVETRANSCEIVER.DLL
+ 2006-10-27 20:37:54 1,396,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEUIFRAMEWORK.DLL
+ 2006-10-27 05:48:34 955,680 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEUTIL.DLL
+ 2006-10-27 20:37:40 268,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEWEBBROWSERTOOL2.DLL
+ 2006-10-27 05:48:26 572,216 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEWEBPLATFORMSERVICES.DLL
+ 2006-10-27 20:37:48 631,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\GROOVEWEBSERVICES.DLL
+ 2006-10-27 03:12:52 173,328 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\IEAWSDC.DLL
+ 2006-10-27 01:55:38 138,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\IMPMAIL.DLL
+ 2006-10-27 20:10:08 1,439,032 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\INFOPATH.EXE
+ 2006-10-27 20:10:10 5,456,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\IPDESIGN.DLL
+ 2006-10-27 20:10:10 5,281,592 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\IPEDITOR.DLL
+ 2006-10-27 02:42:00 176,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\IPOLK.DLL
+ 2008-02-04 14:19:26 609,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\IPOMHOST.DLL
+ 2008-02-04 14:19:27 118,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\IPOMINT.DLL
+ 2006-10-27 02:55:10 828,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MEDCAT.DLL
+ 2006-10-27 20:01:34 10,371,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSACCESS.EXE
+ 2006-10-27 02:18:06 66,880 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSAEXP30.DLL
+ 2006-10-26 20:58:14 117,552 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSCONV97.DLL
+ 2006-10-27 21:59:06 161,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSOCF.DLL
+ 2006-10-27 02:48:12 14,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSOCFU.DLL
+ 2006-10-27 03:12:58 428,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSODCW.DLL
+ 2006-10-27 04:13:36 26,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSOEURO.DLL
+ 2006-10-27 03:00:08 6,635,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSORES.DLL
+ 2006-10-26 20:56:36 436,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSORUN.DLL
+ 2006-10-27 00:50:04 672,024 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSQRY32.EXE
+ 2006-10-26 20:56:40 505,136 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSSOAP30.DLL
+ 2006-10-27 02:55:12 832,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSTORDB.EXE
+ 2006-10-27 02:55:06 538,904 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\MSTORES.DLL
+ 2006-10-27 03:12:30 65,824 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\NAME.DLL
+ 2006-10-27 22:14:34 14,151,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OART.DLL
+ 2006-10-27 03:06:54 232,816 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ODEPLOY.EXE
+ 2006-10-27 03:14:06 7,033,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OFFOWC.DLL
+ 2006-10-27 03:00:08 274,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OIS.EXE
+ 2006-10-27 03:00:12 998,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OISAPP.DLL
+ 2006-10-27 03:00:10 285,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OISGRAPH.DLL
+ 2006-10-27 03:32:42 604,000 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONBTTNIE.DLL
+ 2006-10-27 22:39:36 687,432 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONBTTNOL.DLL
+ 2006-10-27 22:03:04 1,018,664 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONENOTE.EXE
+ 2006-10-27 03:24:54 98,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONENOTEM.EXE
+ 2006-10-27 03:24:50 72,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONFILTER.DLL
+ 2006-10-27 03:24:58 1,165,112 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONLIBS.DLL
+ 2006-10-27 22:03:06 6,579,512 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONMAIN.DLL
+ 2006-10-27 03:23:00 782,720 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\ONSYNCPC.DLL
+ 2006-10-27 03:07:04 6,536,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OSETUP.DLL
+ 2006-07-27 01:53:56 459,080 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OUTLFLTR.DLL
+ 2006-10-27 20:16:36 46,864 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\OUTLRPC.DLL
+ 2006-10-27 04:30:44 482,088 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\PORTCONN.DLL
+ 2006-10-27 20:04:06 465,200 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\POWERPNT.EXE
+ 2006-10-27 20:04:06 7,980,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\PPCORE.DLL
+ 2008-02-04 14:18:49 248,632 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\PPTPIA.DLL
+ 2006-10-27 00:52:10 2,012,480 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\PPTVIEW.EXE
+ 2006-10-26 21:05:00 77,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\PSOM.DLL
+ 2006-10-27 04:13:38 38,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\REFEDIT.DLL
+ 2006-10-27 02:42:12 744,808 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\REGFORM.EXE
+ 2006-10-26 21:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\REVERSE.DLL
+ 2006-10-27 03:13:00 503,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\SELFCERT.EXE
+ 2006-10-27 03:06:58 439,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\SETUP.EXE
+ 2006-10-27 02:18:16 502,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\SOA.DLL
+ 2006-07-28 20:21:58 277,320 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\SSGEN.DLL
+ 2006-10-27 19:57:08 2,330,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\STSLIST.DLL
+ 2006-10-26 21:04:48 29,976 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\THOCRAPI.DLL
+ 2006-10-26 21:05:04 126,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\TWCUTCHR.DLL
+ 2006-10-26 21:05:02 86,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\TWCUTLIN.DLL
+ 2006-10-26 21:04:56 58,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\TWLAY32.DLL
+ 2006-10-26 21:04:48 27,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\TWORIENT.DLL
+ 2006-10-26 21:04:54 51,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\TWRECE.DLL
+ 2006-10-26 21:04:44 19,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\TWRECS.DLL
+ 2006-10-26 21:04:58 76,624 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\TWSTRUCT.DLL
+ 2006-09-30 07:42:56 2,583,344 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\VBE6.DLL
+ 2006-10-27 03:58:38 3,732,792 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\VVIEWER.DLL
+ 2008-02-04 14:18:49 781,104 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\WORDPIA.DLL
+ 2006-10-26 21:05:08 1,181,520 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\XIMAGE3B.DLL
+ 2006-10-26 21:05:08 530,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.4518\XPAGE3C.DLL
+ 2007-09-15 01:45:58 16,901,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-10-02 23:51:22 8,436,776 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OARTCONV.DLL
+ 2007-08-29 04:19:24 1,654,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-29 03:06:16 467,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\POWERPNT.EXE
+ 2007-08-29 03:06:44 7,990,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\PPCORE.DLL
+ 2008-08-28 04:04:17 251,272 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\00002119030000000000000000F01FEC\12.0.6215\PPTPIA.DLL
+ 2007-08-29 03:22:30 1,754,536 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACECORE.DLL
+ 2007-08-29 03:22:36 579,008 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEDAO.DLL
+ 2007-08-29 03:22:38 50,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEERR.DLL
+ 2007-08-29 03:22:40 193,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEES.DLL
+ 2007-08-24 07:46:10 341,440 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEEXCH.DLL
+ 2007-08-24 07:46:14 632,248 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEEXCL.DLL
+ 2007-08-24 07:46:16 210,368 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACELTS.DLL
+ 2007-08-24 07:46:18 281,992 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEODBC.DLL
+ 2007-08-24 07:46:20 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEODDBS.DLL
+ 2007-08-24 07:46:22 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEODEXL.DLL
+ 2007-08-24 07:46:22 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEODPDX.DLL
+ 2007-08-24 07:46:22 17,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEODTXT.DLL
+ 2007-08-29 03:22:44 390,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEOLEDB.DLL
+ 2007-08-24 07:46:28 394,688 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEPDE.DLL
+ 2007-08-24 07:46:30 263,616 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACER2X.DLL
+ 2007-08-24 07:46:32 292,288 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACER3X.DLL
+ 2007-08-24 07:46:34 58,760 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACERCLR.DLL
+ 2007-08-24 07:46:38 554,440 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEREP.DLL
+ 2007-08-24 07:46:40 226,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACETXT.DLL
+ 2007-08-24 07:46:44 374,200 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ACEXBE.DLL
+ 2007-08-29 04:53:12 402,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\CDLMSO.DLL
+ 2007-08-24 07:45:50 208,256 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\CLVIEW.EXE
+ 2007-08-24 07:18:14 442,208 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\DWDCW20.DLL
+ 2007-08-24 07:18:18 437,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\DWTRIG20.EXE
+ 2007-08-23 05:03:38 1,195,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\FM20.DLL
+ 2007-08-23 05:19:06 78,728 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\FORM.DLL
+ 2007-08-25 23:11:44 1,685,896 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\FPSRVUTL.DLL
+ 2007-08-29 03:45:00 985,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\FPWEC.DLL
+ 2007-08-24 07:36:58 175,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\IEAWSDC.DLL
+ 2007-08-29 04:45:54 831,856 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MEDCAT.DLL
+ 2007-08-29 04:52:02 120,704 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSCONV97.DLL
+ 2007-09-15 01:45:58 16,901,168 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSO.DLL
+ 2007-08-29 03:20:06 163,712 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSOCF.DLL
+ 2007-08-29 03:20:12 17,304 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSOCFU.DLL
+ 2007-09-06 21:55:08 431,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSODCW.DLL
+ 2007-08-24 09:50:10 29,576 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSOEURO.DLL
+ 2007-08-28 00:20:14 6,637,960 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSORES.DLL
+ 2007-08-29 04:18:20 439,160 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSORUN.DLL
+ 2007-08-23 05:12:20 507,768 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSSOAP30.DLL
+ 2007-08-29 04:45:58 835,952 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSTORDB.EXE
+ 2007-08-29 04:46:06 542,568 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\MSTORES.DLL
+ 2007-08-24 07:37:50 68,464 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\NAME.DLL
+ 2007-10-06 00:44:24 14,168,600 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OART.DLL
+ 2007-09-02 05:55:16 235,456 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ODEPLOY.EXE
+ 2007-08-29 04:37:40 7,039,888 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OFFOWC.DLL
+ 2007-08-29 04:19:24 1,654,648 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OGL.DLL
+ 2007-08-24 08:06:28 277,384 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OIS.EXE
+ 2007-08-24 08:06:32 1,000,848 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OISAPP.DLL
+ 2007-08-24 08:06:38 288,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OISGRAPH.DLL
+ 2007-08-29 04:49:28 606,120 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONBTTNIE.DLL
+ 2007-08-29 04:49:34 667,544 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONBTTNOL.DLL
+ 2007-08-29 03:43:30 1,022,840 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONENOTE.EXE
+ 2007-08-24 08:45:42 101,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONENOTEM.EXE
+ 2007-08-24 08:45:42 75,144 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONFILTER.DLL
+ 2007-08-24 08:45:46 1,167,744 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONLIBS.DLL
+ 2007-10-13 01:08:52 6,588,968 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONMAIN.DLL
+ 2007-08-29 04:31:42 785,352 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\ONSYNCPC.DLL
+ 2007-09-02 05:55:54 6,540,656 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OSETUP.DLL
+ 2007-06-07 23:51:00 465,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\OUTLFLTR.DLL
+ 2007-09-06 21:50:34 485,232 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\PORTCONN.DLL
+ 2007-08-23 05:19:06 79,784 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\PSOM.DLL
+ 2007-08-24 09:50:10 41,832 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\REFEDIT.DLL
+ 2007-08-23 05:19:08 22,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\REVERSE.DLL
+ 2007-09-06 21:55:22 505,752 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\SELFCERT.EXE
+ 2007-09-02 05:55:34 442,240 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\SETUP.EXE
+ 2007-08-23 05:19:08 32,608 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\THOCRAPI.DLL
+ 2007-08-23 05:19:08 129,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\TWCUTCHR.DLL
+ 2007-08-23 05:19:10 90,504 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\TWCUTLIN.DLL
+ 2007-08-23 05:19:10 60,800 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\TWLAY32.DLL
+ 2007-08-23 05:19:12 30,096 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\TWORIENT.DLL
+ 2007-08-23 05:19:14 54,152 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\TWRECE.DLL
+ 2007-08-23 05:19:14 22,416 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\TWRECS.DLL
+ 2007-08-23 05:19:16 79,776 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\TWSTRUCT.DLL
+ 2007-06-28 00:58:12 2,585,936 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\VBE6.DLL
+ 2007-08-23 05:19:18 1,198,496 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\XIMAGE3B.DLL
+ 2007-08-23 05:19:20 535,448 ----a-r C:\WINDOWS\Installer\$PatchCache$\Managed\000021191A0000000000000000F01FEC\12.0.6215\XPAGE3C.DLL
- 2008-06-10 04:00:34 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
+ 2008-08-28 04:08:07 38,240 ----a-r C:\WINDOWS\Installer\{90120000-0020-0409-0000-0000000FF1CE}\O12ConvIcon.exe
- 2007-04-21 01:29:14 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
+ 2008-08-28 04:06:37 217,864 ----a-r C:\WINDOWS\Installer\{90120000-006E-0409-0000-0000000FF1CE}\misc.exe
- 2008-06-10 04:01:37 1,165,584 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
+ 2008-08-28 04:08:24 1,165,584 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\accicons.exe
- 2008-06-10 04:01:38 20,240 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-08-28 04:08:24 20,240 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-06-10 04:01:38 159,504 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
+ 2008-08-28 04:08:24 159,504 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\inficon.exe
- 2008-06-10 04:01:38 184,080 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-08-28 04:08:24 184,080 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\joticon.exe
- 2008-06-10 04:01:38 217,864 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
+ 2008-08-28 04:08:24 217,864 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\misc.exe
- 2008-06-10 04:01:38 18,704 ---
  • 0

#12
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
- 2008-06-10 04:01:38 18,704 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-08-28 04:08:24 18,704 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-06-10 04:01:38 35,088 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-08-28 04:08:24 35,088 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-06-10 04:01:38 845,584 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
+ 2008-08-28 04:08:24 845,584 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\outicon.exe
- 2008-06-10 04:01:38 922,384 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
+ 2008-08-28 04:08:24 922,384 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pptico.exe
- 2008-06-10 04:01:38 272,648 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
+ 2008-08-28 04:08:24 272,648 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\pubs.exe
- 2008-06-10 04:01:38 888,080 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
+ 2008-08-28 04:08:24 888,080 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\wordicon.exe
- 2008-06-10 04:01:37 1,172,240 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
+ 2008-08-28 04:08:24 1,172,240 ----a-r C:\WINDOWS\Installer\{91120000-0030-0000-0000-0000000FF1CE}\xlicons.exe
- 2008-04-09 04:03:53 20,240 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\cagicon.exe
+ 2008-08-28 04:05:39 20,240 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\cagicon.exe
- 2008-04-09 04:03:52 184,080 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\joticon.exe
+ 2008-08-28 04:05:39 184,080 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\joticon.exe
- 2008-04-09 04:03:53 217,864 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\misc.exe
+ 2008-08-28 04:05:39 217,864 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\misc.exe
- 2008-04-09 04:03:53 18,704 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\mspicons.exe
+ 2008-08-28 04:05:39 18,704 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\mspicons.exe
- 2008-04-09 04:03:53 35,088 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\oisicon.exe
+ 2008-08-28 04:05:39 35,088 ----a-r C:\WINDOWS\Installer\{91120000-00A1-0000-0000-0000000FF1CE}\oisicon.exe
- 2008-04-23 04:16:28 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
+ 2008-06-23 16:57:27 124,928 ----a-w C:\WINDOWS\system32\advpack.dll
- 2008-08-27 23:26:49 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
+ 2008-08-28 04:15:18 16,384 ----a-w C:\WINDOWS\system32\config\systemprofile\Cookies\index.dat
- 2008-08-27 23:26:49 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
+ 2008-08-28 04:15:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\History\History.IE5\index.dat
- 2008-08-27 23:26:49 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
+ 2008-08-28 04:15:18 32,768 ----a-w C:\WINDOWS\system32\config\systemprofile\Local Settings\Temporary Internet Files\Content.IE5\index.dat
- 2008-04-23 04:16:28 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
+ 2008-06-23 16:57:27 124,928 -c--a-w C:\WINDOWS\system32\dllcache\advpack.dll
- 2004-08-04 12:00:00 138,496 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
+ 2008-06-20 10:44:38 138,368 -c--a-w C:\WINDOWS\system32\dllcache\afd.sys
- 2008-02-20 05:32:43 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 -c--a-w C:\WINDOWS\system32\dllcache\dnsapi.dll
- 2008-04-23 04:16:28 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
+ 2008-06-23 16:57:27 347,136 -c--a-w C:\WINDOWS\system32\dllcache\dxtmsft.dll
- 2008-04-23 04:16:28 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
+ 2008-06-23 16:57:27 214,528 -c--a-w C:\WINDOWS\system32\dllcache\dxtrans.dll
- 2005-07-26 04:39:45 243,200 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
+ 2008-07-07 20:32:22 253,952 -c--a-w C:\WINDOWS\system32\dllcache\es.dll
- 2008-04-23 04:16:28 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
+ 2008-06-23 16:57:27 133,120 -c--a-w C:\WINDOWS\system32\dllcache\extmgr.dll
- 2008-04-23 04:16:28 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
+ 2008-06-23 16:57:28 63,488 -c----w C:\WINDOWS\system32\dllcache\icardie.dll
- 2008-04-22 07:39:58 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
+ 2008-06-23 09:20:25 70,656 -c--a-w C:\WINDOWS\system32\dllcache\ie4uinit.exe
- 2008-04-23 04:16:28 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
+ 2008-06-23 16:57:29 153,088 -c--a-w C:\WINDOWS\system32\dllcache\ieakeng.dll
- 2008-04-23 04:16:28 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
+ 2008-06-23 16:57:29 230,400 -c--a-w C:\WINDOWS\system32\dllcache\ieaksie.dll
- 2008-04-20 05:07:51 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
+ 2008-06-21 05:23:54 161,792 -c--a-w C:\WINDOWS\system32\dllcache\ieakui.dll
- 2008-04-23 04:16:28 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
+ 2008-06-23 16:57:29 383,488 -c----w C:\WINDOWS\system32\dllcache\ieapfltr.dll
- 2008-04-23 04:16:28 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
+ 2008-06-23 16:57:29 384,512 -c--a-w C:\WINDOWS\system32\dllcache\iedkcs32.dll
- 2008-04-23 04:16:28 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
+ 2008-06-23 16:57:33 6,066,176 -c----w C:\WINDOWS\system32\dllcache\ieframe.dll
- 2008-04-23 04:16:28 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
+ 2008-06-23 16:57:33 44,544 -c--a-w C:\WINDOWS\system32\dllcache\iernonce.dll
- 2008-04-23 04:16:28 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
+ 2008-06-23 16:57:34 267,776 -c----w C:\WINDOWS\system32\dllcache\iertutil.dll
- 2008-04-22 07:39:58 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 -c----w C:\WINDOWS\system32\dllcache\ieudinit.exe
- 2008-04-22 07:40:18 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
+ 2008-06-23 09:20:52 625,664 -c--a-w C:\WINDOWS\system32\dllcache\iexplore.exe
- 2007-08-21 06:15:44 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 -c--a-w C:\WINDOWS\system32\dllcache\inetcomm.dll
- 2008-04-23 04:16:28 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
+ 2008-06-23 16:57:35 27,648 -c--a-w C:\WINDOWS\system32\dllcache\jsproxy.dll
- 2004-08-04 12:00:00 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
+ 2008-05-01 14:30:33 331,776 -c--a-w C:\WINDOWS\system32\dllcache\msadce.dll
- 2005-06-29 01:46:00 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
+ 2008-06-24 16:23:05 74,240 -c--a-w C:\WINDOWS\system32\dllcache\mscms.dll
- 2008-04-23 04:16:28 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
+ 2008-06-23 16:57:36 459,264 -c----w C:\WINDOWS\system32\dllcache\msfeeds.dll
- 2008-04-23 04:16:28 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
+ 2008-06-23 16:57:36 52,224 -c----w C:\WINDOWS\system32\dllcache\msfeedsbs.dll
- 2008-04-24 02:16:30 3,591,680 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
+ 2008-06-24 14:57:40 3,592,192 -c--a-w C:\WINDOWS\system32\dllcache\mshtml.dll
- 2008-04-23 04:16:28 478,208 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
+ 2008-06-23 16:57:39 477,696 -c--a-w C:\WINDOWS\system32\dllcache\mshtmled.dll
- 2008-04-23 04:16:28 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
+ 2008-06-23 16:57:39 193,024 -c--a-w C:\WINDOWS\system32\dllcache\msrating.dll
- 2008-04-23 04:16:28 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
+ 2008-06-23 16:57:40 671,232 -c--a-w C:\WINDOWS\system32\dllcache\mstime.dll
- 2004-08-04 12:00:00 245,248 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
+ 2008-06-20 17:41:10 245,248 -c--a-w C:\WINDOWS\system32\dllcache\mswsock.dll
- 2008-04-23 04:16:28 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
+ 2008-06-23 16:57:40 102,912 -c--a-w C:\WINDOWS\system32\dllcache\occache.dll
- 2008-04-23 04:16:28 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
+ 2008-06-23 16:57:40 44,544 -c--a-w C:\WINDOWS\system32\dllcache\pngfilt.dll
- 2007-10-30 17:20:55 360,064 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
+ 2008-06-20 10:45:13 360,320 -c--a-w C:\WINDOWS\system32\dllcache\tcpip.sys
- 2006-08-16 09:37:30 225,664 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 -c--a-w C:\WINDOWS\system32\dllcache\tcpip6.sys
- 2008-04-23 04:16:28 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
+ 2008-06-23 16:57:40 105,984 -c--a-w C:\WINDOWS\system32\dllcache\url.dll
- 2008-04-23 04:16:29 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
+ 2008-06-23 16:57:40 1,159,680 -c--a-w C:\WINDOWS\system32\dllcache\urlmon.dll
- 2008-04-23 04:16:29 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
+ 2008-06-23 16:57:41 233,472 -c--a-w C:\WINDOWS\system32\dllcache\webcheck.dll
- 2008-04-23 04:16:29 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
+ 2008-06-23 16:57:41 826,368 -c--a-w C:\WINDOWS\system32\dllcache\wininet.dll
- 2008-02-20 05:32:43 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
+ 2008-06-20 17:41:10 148,992 ----a-w C:\WINDOWS\system32\dnsapi.dll
- 2004-08-04 12:00:00 138,496 ----a-w C:\WINDOWS\system32\drivers\afd.sys
+ 2008-06-20 10:44:38 138,368 ----a-w C:\WINDOWS\system32\drivers\afd.sys
- 2007-10-30 17:20:55 360,064 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
+ 2008-06-20 10:45:13 360,320 ----a-w C:\WINDOWS\system32\drivers\tcpip.sys
- 2006-08-16 09:37:30 225,664 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
+ 2008-06-20 09:52:06 225,920 ----a-w C:\WINDOWS\system32\drivers\tcpip6.sys
- 2008-04-23 04:16:28 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
+ 2008-06-23 16:57:27 347,136 ----a-w C:\WINDOWS\system32\dxtmsft.dll
- 2008-04-23 04:16:28 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
+ 2008-06-23 16:57:27 214,528 ----a-w C:\WINDOWS\system32\dxtrans.dll
- 2008-04-23 04:16:28 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
+ 2008-06-23 16:57:27 133,120 ----a-w C:\WINDOWS\system32\extmgr.dll
- 2006-10-26 21:10:08 1,190,688 ----a-w C:\WINDOWS\system32\FM20.DLL
+ 2007-08-23 05:03:38 1,195,888 ----a-w C:\WINDOWS\system32\FM20.DLL
- 2008-04-23 04:16:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
+ 2008-06-23 16:57:28 63,488 ----a-w C:\WINDOWS\system32\icardie.dll
- 2008-04-22 07:39:58 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
+ 2008-06-23 09:20:25 70,656 ----a-w C:\WINDOWS\system32\ie4uinit.exe
- 2008-04-23 04:16:28 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
+ 2008-06-23 16:57:29 153,088 ----a-w C:\WINDOWS\system32\ieakeng.dll
- 2008-04-23 04:16:28 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
+ 2008-06-23 16:57:29 230,400 ----a-w C:\WINDOWS\system32\ieaksie.dll
- 2008-04-20 05:07:51 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
+ 2008-06-21 05:23:54 161,792 ----a-w C:\WINDOWS\system32\ieakui.dll
- 2008-04-23 04:16:28 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
+ 2008-06-23 16:57:29 383,488 ----a-w C:\WINDOWS\system32\ieapfltr.dll
- 2008-04-23 04:16:28 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
+ 2008-06-23 16:57:29 384,512 ----a-w C:\WINDOWS\system32\iedkcs32.dll
- 2008-04-23 04:16:28 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
+ 2008-06-23 16:57:33 6,066,176 ----a-w C:\WINDOWS\system32\ieframe.dll
- 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
+ 2008-06-23 16:57:33 44,544 ----a-w C:\WINDOWS\system32\iernonce.dll
- 2008-04-23 04:16:28 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
+ 2008-06-23 16:57:34 267,776 ----a-w C:\WINDOWS\system32\iertutil.dll
- 2007-08-13 22:39:10 13,312 ----a-w C:\WINDOWS\system32\ieudinit.exe
+ 2008-06-23 09:20:26 13,824 ----a-w C:\WINDOWS\system32\ieudinit.exe
- 2007-08-21 06:15:44 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
+ 2008-04-11 18:50:43 683,520 ----a-w C:\WINDOWS\system32\inetcomm.dll
- 2008-04-23 04:16:28 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
+ 2008-06-23 16:57:35 27,648 ----a-w C:\WINDOWS\system32\jsproxy.dll
- 2008-04-23 04:16:28 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
+ 2008-06-23 16:57:36 459,264 ----a-w C:\WINDOWS\system32\msfeeds.dll
- 2008-04-23 04:16:28 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
+ 2008-06-23 16:57:36 52,224 ----a-w C:\WINDOWS\system32\msfeedsbs.dll
- 2008-04-24 02:16:30 3,591,680 ----a-w C:\WINDOWS\system32\mshtml.dll
+ 2008-06-24 14:57:40 3,592,192 ----a-w C:\WINDOWS\system32\mshtml.dll
- 2008-04-23 04:16:28 478,208 ----a-w C:\WINDOWS\system32\mshtmled.dll
+ 2008-06-23 16:57:39 477,696 ----a-w C:\WINDOWS\system32\mshtmled.dll
- 2008-04-23 04:16:28 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
+ 2008-06-23 16:57:39 193,024 ----a-w C:\WINDOWS\system32\msrating.dll
- 2008-04-23 04:16:28 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
+ 2008-06-23 16:57:40 671,232 ----a-w C:\WINDOWS\system32\mstime.dll
- 2008-04-23 04:16:28 102,912 ----a-w C:\WINDOWS\system32\occache.dll
+ 2008-06-23 16:57:40 102,912 ----a-w C:\WINDOWS\system32\occache.dll
- 2008-04-23 04:16:28 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
+ 2008-06-23 16:57:40 44,544 ----a-w C:\WINDOWS\system32\pngfilt.dll
- 2007-11-13 11:31:11 60,416 ----a-w C:\WINDOWS\system32\tzchange.exe
+ 2008-07-14 11:09:18 62,976 ----a-w C:\WINDOWS\system32\tzchange.exe
- 2008-04-23 04:16:28 105,984 ----a-w C:\WINDOWS\system32\url.dll
+ 2008-06-23 16:57:40 105,984 ----a-w C:\WINDOWS\system32\url.dll
- 2008-04-23 04:16:29 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
+ 2008-06-23 16:57:40 1,159,680 ----a-w C:\WINDOWS\system32\urlmon.dll
- 2008-04-23 04:16:29 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
+ 2008-06-23 16:57:41 233,472 ----a-w C:\WINDOWS\system32\webcheck.dll
.
-- Snapshot reset to current date --
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"="C:\WINDOWS\system32\ctfmon.exe" [2004-08-04 08:00 15360]
"LDM"="C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe" [2007-08-22 18:38 36864]
"MsnMsgr"="C:\Program Files\MSN Messenger\MsnMsgr.Exe" [2007-01-19 12:54 5674352]
"MSMSGS"="C:\Program Files\Messenger\msmsgs.exe" [2004-10-13 12:24 1694208]
"Aim6"="C:\Program Files\AIM6\aim6.exe" [2008-01-03 12:15 50528]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"ATSwpNav"="C:\Program Files\Fingerprint Sensor\ATSwpNav -run" [X]
"TabletWizard"="C:\WINDOWS\help\SplshWrp.exe" [2004-08-04 08:00 16384]
"TabletTip"="C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" [2006-06-02 09:33 271872]
"HotKeysCmds"="C:\WINDOWS\system32\hkcmd.exe" [2007-02-26 14:34 155648]
"Persistence"="C:\WINDOWS\system32\igfxpers.exe" [2007-02-26 14:33 131072]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2006-06-09 01:26 794713]
"IndicatorUtility"="C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe" [2006-07-12 20:43 90112]
"LoadFUJ02E3"="C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe" [2006-11-17 18:38 80688]
"LoadBtnHnd"="C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe" [2003-08-20 21:24 61440]
"SSUtility"="C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe" [2006-07-22 13:10 233472]
"RemoteControl"="C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe" [2006-11-14 01:33 52832]
"FjStrtAp"="C:\Program Files\Fujitsu\Utils\FjStrtAp.exe" [2007-03-13 17:55 20480]
"Snippet"="C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" [2005-02-25 16:20 68296]
"OmniPass"="C:\Program Files\Softex\OmniPass\scureapp.exe" [2006-06-10 20:24 1966080]
"IntelZeroConfig"="C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe" [2007-03-06 19:47 819200]
"IntelWireless"="C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" [2007-03-06 19:44 970752]
"FJUPDNV_Chitose"="C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe" [2006-07-21 23:12 303104]
"LogitechCommunicationsManager"="C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe" [2006-12-22 12:27 497176]
"LogitechQuickCamRibbon"="C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" [2006-12-22 12:28 756248]
"HPDJ Taskbar Utility"="C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe" [2004-12-14 12:07 176128]
"TkBellExe"="C:\Program Files\Common Files\Real\Update_OB\realsched.exe" [2008-01-29 18:36 185896]
"GrooveMonitor"="C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" [2007-08-24 07:00 33648]
"Adobe Reader Speed Launcher"="C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-11 23:16 39792]
"iTunesHelper"="C:\Program Files\iTunes\iTunesHelper.exe" [2008-02-19 14:10 267048]
"zBrowser Launcher"="C:\Program Files\Logitech\iTouch\iTouch.exe" [2003-12-01 11:38 892928]
"HP Software Update"="C:\Program Files\HP\HP Software Update\HPWuSchd2.exe" [2004-09-13 15:49 49152]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe" [2008-03-25 04:28 144784]
"RTHDCPL"="RTHDCPL.EXE" [2007-03-12 04:05 16125440 C:\WINDOWS\RTHDCPL.exe]
"AGRSMMSG"="AGRSMMSG.exe" [2006-06-29 16:32 89541 C:\WINDOWS\AGRSMMSG.exe]
"Logitech Utility"="Logi_MwX.Exe" [2003-11-07 05:50 19968 C:\WINDOWS\LOGI_MWX.EXE]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"Picasa Media Detector"="C:\Program Files\Picasa2\PicasaMediaDetector.exe" [2007-09-27 21:17 443968]

C:\Documents and Settings\Administrator\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE [2007-08-24 04:45:42 101784]
VirtuaGirl HD.LNK - C:\Program Files\vghd\vghd.exe [2008-08-26 21:09:03 11875648]

C:\Documents and Settings\All Users\Start Menu\Programs\Startup\
Bluetooth Manager.lnk - C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe [2007-02-03 00:38:14 2756608]
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [2004-11-04 19:28:24 258048]
HP Image Zone Fast Start.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe [2004-11-04 19:50:52 53248]
Logitech Desktop Messenger.lnk - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe [2007-08-22 18:38:17 196608]

[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\system]
"NoDispSettingPage"= 1 (0x1)

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\loginkey]
2004-08-04 08:00 47104 C:\Program Files\Common Files\Microsoft Shared\Ink\LoginKey.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\OPXPGina]
2006-06-10 20:02 49152 C:\Program Files\Softex\OmniPass\OPXPGina.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\TabBtnWL]
2002-08-29 06:41 11776 C:\WINDOWS\system32\tabbtnwl.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\tpgwlnotify]
2006-10-05 08:45 31744 C:\WINDOWS\system32\tpgwlnot.dll

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=pnrmij.dll,ugjoml.dll

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001

[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\system32\\sessmgr.exe"=
"C:\\Program Files\\CyberLink\\PowerDVD\\PowerDVD.exe"=
"C:\\Program Files\\Common Files\\AOL\\Loader\\aolload.exe"=
"C:\\Program Files\\Logitech\\Desktop Messenger\\8876480\\Program\\LogitechDesktopMessenger.exe"=
"C:\\Program Files\\MSN Messenger\\msnmsgr.exe"=
"C:\\Program Files\\MSN Messenger\\livecall.exe"=
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"C:\\Program Files\\AIM6\\aim6.exe"=
"C:\\Program Files\\Bonjour\\mDNSResponder.exe"=
"C:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"=
"C:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\iTunes\\iTunes.exe"=
"C:\\WINDOWS\\system32\\dpvsetup.exe"=
"C:\\Program Files\\Java\\jre1.6.0_06\\bin\\javaw.exe"=

R0 FBIOSDRV;FBIOSDRV;C:\WINDOWS\system32\drivers\FBIOSDRV.SYS [2006-08-28 20:56]
R0 FJGPNV;FJGPNV;C:\WINDOWS\system32\drivers\FJGPNV.SYS [2006-01-11 21:21]
R0 FJGSDisk;G-Sensor Application Filter Driver;C:\WINDOWS\system32\DRIVERS\FJGSDisk.sys [2007-04-19 03:05]
R0 O2MDRDR;O2MDRDR;C:\WINDOWS\system32\DRIVERS\o2media.sys [2006-10-03 16:23]
R0 O2SDRDR;O2SDRDR;C:\WINDOWS\system32\DRIVERS\o2sd.sys [2006-10-12 14:47]
R3 Fjbtndrv;Fujitsu Button Driver;C:\WINDOWS\system32\DRIVERS\FjBtnDrv.sys [2006-03-30 00:43]
R3 FUJ02E3;Fujitsu FUJ02E3 Device Driver;C:\WINDOWS\system32\DRIVERS\FUJ02E3.sys [2004-01-17 23:15]
R3 hidpen;Wacom Serial Pen HID MiniDriver;C:\WINDOWS\system32\DRIVERS\hidpen.sys [2006-05-10 01:32]
R3 IFXTPM;IFXTPM;C:\WINDOWS\system32\DRIVERS\IFXTPM.SYS [2006-09-19 18:58]
R3 OZSCR;O2Micro SmartCardBus Smartcard Reader;C:\WINDOWS\system32\DRIVERS\ozscr.sys [2006-03-08 01:44]
S3 ADVNTDRV;ADVNTDRV;C:\WINDOWS\system32\drivers\ADVNTDRV.SYS [1999-11-18 20:20]
S3 LCcfltr;Logitech USB Filter Driver;C:\WINDOWS\system32\Drivers\LCcFltr.Sys [2003-11-07 05:50]

*Newly Created Service* - CATCHME
.
Contents of the 'Scheduled Tasks' folder

2008-08-26 C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
- C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2007-08-29 15:57]
.

**************************************************************************

catchme 0.3.1361 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-08-28 14:38:56
Windows 5.1.2600 Service Pack 2 NTFS

scanning hidden processes ...

scanning hidden autostart entries ...

scanning hidden files ...

scan completed successfully
hidden files: 0

**************************************************************************
.
--------------------- DLLs Loaded Under Running Processes ---------------------

PROCESS: C:\WINDOWS\system32\winlogon.exe
-> C:\Program Files\Softex\OmniPass\opxpgina.dll
.
Completion time: 2008-08-28 14:47:28
ComboFix-quarantined-files.txt 2008-08-28 18:47:01
ComboFix2.txt 2008-08-27 23:39:26

Pre-Run: 69,817,667,584 bytes free
Post-Run: 69,893,087,232 bytes free

725 --- E O F --- 2008-08-28 04:08:41

HJT Log coming:
  • 0

#13
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
HJT Log
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:22:03, on 8/28/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\KeyboardSurrogate.exe
C:\WINDOWS\system32\spoolsv.exe
c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\System32\digtizer.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\WINDOWS\system32\o2flash.exe
C:\Program Files\Softex\OmniPass\Omniserv.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
C:\Program Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Softex\OmniPass\OPXPApp.exe
C:\WINDOWS\SYSTEM32\WISPTIS.EXE
C:\WINDOWS\System32\tabbtnu.exe
C:\WINDOWS\system32\wscntfy.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TCServer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\TabTip.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\Fingerprint Sensor\ATSwpNav.exe
C:\Program Files\Softex\OmniPass\scureapp.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Fujitsu\Utils\FjDspMon.exe
C:\Program Files\Fujitsu\Utils\fjevents.exe
C:\Program Files\Fujitsu\Utils\FjMenu.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\WINDOWS\Logi_MwX.Exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe
C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Common Files\AOL\Loader\aolload.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
C:\Program Files\vghd\vghd.exe
c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\Program Files\Java\jre1.6.0_06\bin\jucheck.exe
C:\WINDOWS\explorer.exe
C:\Program Files\internet explorer\iexplore.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [TabletWizard] C:\WINDOWS\help\SplshWrp.exe
O4 - HKLM\..\Run: [TabletTip] "C:\Program Files\Common Files\microsoft shared\ink\tabtip.exe" /resume
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [IndicatorUtility] C:\Program Files\Fujitsu\Fujitsu Hotkey Utility\IndicatorUty.exe
O4 - HKLM\..\Run: [LoadFUJ02E3] C:\Program Files\Fujitsu\FUJ02E3\FUJ02E3.exe
O4 - HKLM\..\Run: [LoadBtnHnd] C:\Program Files\Fujitsu\BtnHnd\BtnHnd.exe
O4 - HKLM\..\Run: [SSUtility] C:\Program Files\Fujitsu\SSUtility\FJSSDMN.exe
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [FjStrtAp] C:\Program Files\Fujitsu\Utils\FjStrtAp.exe
O4 - HKLM\..\Run: [Snippet] "C:\Program Files\Microsoft Experience Pack\Snipping Tool\SnippingTool.exe" /i
O4 - HKLM\..\Run: [ATSwpNav] "C:\Program Files\Fingerprint Sensor\ATSwpNav" -run
O4 - HKLM\..\Run: [OmniPass] C:\Program Files\Softex\OmniPass\scureapp.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/Wireless
O4 - HKLM\..\Run: [FJUPDNV_Chitose] C:\Program Files\Fujitsu\fjdvrupd\fjdvrupd.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\QuickCam10\QuickCam10.exe" /hide
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb12.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LogitechDesktopMessenger.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - HKUS\S-1-5-19\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [TabletWizard] %windir%\help\wizard.hta (User 'Default user')
O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Startup: VirtuaGirl HD.LNK = C:\Program Files\vghd\vghd.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 - Extra context menu item: Add to EverNote - res://C:\Program Files\EverNote\EverNote\enbar.dll/2000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL
O9 - Extra button: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll
O9 - Extra 'Tools' menuitem: Add to EverNote - {A5ABA0BB-F195-40d8-A5E9-0801153E6597} - C:\Program Files\EverNote\EverNote\enbar.dll
O14 - IERESET.INF: START_PAGE_URL=http://us.fujitsu.com/computers
O15 - Trusted Zone: http://learn.vt.edu
O16 - DPF: RaptisoftGameLoader - http://www.miniclip....tgameloader.cab
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} (Facebook Photo Uploader 5) - http://upload.facebo...toUploader5.cab
O16 - DPF: {1239CC52-59EF-4DFA-8C61-90FFA846DF7E} (Musicnotes Viewer) - http://www.musicnote...ad/mnviewer.cab
O16 - DPF: {238F6F83-B8B4-11CF-8771-00A024541EE3} (Citrix ICA Client) - http://a516.g.akamai...cat-no-eula.cab
O16 - DPF: {3DCEC959-378A-4922-AD7E-FD5C925D927F} (Disney Online Games ActiveX Control) - http://disney.go.com...OnlineGames.cab
O16 - DPF: {3FE16C08-D6A7-4133-84FC-D5BFB4F7D886} (WebGameLoader Class) - http://www.miniclip....bGameLoader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://gfx1.hotmail....es/MSNPUpld.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC} (Facebook Photo Uploader Control) - http://upload.facebo...otoUploader.cab
O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamesp...nch/alaunch.cab
O16 - DPF: {77E32299-629F-43C6-AB77-6A1E6D7663F6} (Groove Control) - http://www.otoy.com/.../CAB/OTOYAX.cab
O16 - DPF: {7D731A83-6C80-4EA4-9646-5E06A0513274} (Sandlot Loader Control) - http://www.shockwave...gwebinstall.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://cdn2.zone.msn...ro.cab56649.cab
O16 - DPF: {C228AEDD-FC47-11D3-AF87-D128A9381404} (LSICapture Control) - http://www.link-syst...aste/lsiw2k.cab
O16 - DPF: {CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7} (get_atlcom Class) - http://www.adobe.com...obat/nos/gp.cab
O16 - DPF: {D1548A26-B8F6-4E86-AE74-E7062CCC2E2A} (igLoader Content on Demand) - http://www.miniclip....er/igloader.CAB
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://128.173.201.214/activex/AMC.cab
O18 - Protocol: bw+0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll
O18 - Protocol: offline-8876480 - {5C8B151E-247E-4E60-B92A-ACC2135DA51B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll
O20 - AppInit_DLLs: pnrmij.dll,ugjoml.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Digitizer Service (Digitizer) - WACOM - C:\WINDOWS\System32\digtizer.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logishrd\lvmvfm\LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: o2flash - O2Micro International - C:\WINDOWS\system32\o2flash.exe
O23 - Service: Softex OmniPass Service (omniserv) - Softex Inc. - C:\Program Files\Softex\OmniPass\Omniserv.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: TOSHIBA Bluetooth Service - TOSHIBA CORPORATION - c:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtSrv.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C:\Program Files\Viewpoint\Common\ViewpointService.exe
O24 - Desktop Component 0: Ink Desktop - {80E95280-2D38-3CB8-A215-FB5F14C4343E}

--
End of file - 25916 bytes
  • 0

#14
Rorschach112

Rorschach112

    Ralphie

  • Retired Staff
  • 47,710 posts
Hello

1. Please re-open HiJackThis and choose do a system scan only. Check the boxes next to ONLY the entries listed below(if present):

O20 - AppInit_DLLs: pnrmij.dll,ugjoml.dll


2. Now close all windows other than HiJackThis, including browsers, so that nothing other than HijackThis is open, then click Fix Checked. A box will pop up asking you if you wish to fix the selected items. Please choose YES. Once it has fixed them, please exit/close HijackThis.




Please do an online scan with Kaspersky WebScanner

Make sure you are using Internet Explorer for this. Click on Kaspersky Online Scanner and click Accept

You will be prompted to install an ActiveX component from Kaspersky, Click Yes.
  • The program will launch and then begin downloading the latest definition files:
  • Once the files have been downloaded click on NEXT
  • Now click on Scan Settings
  • In the scan settings make that the following are selected:
    • Scan using the following Anti-Virus database:
    Extended (if available otherwise Standard)
    • Scan Options:
    Scan Archives
    Scan Mail Bases
  • Click OK
  • Now under select a target to scan:Select My Computer
  • This will program will start and scan your system.
  • The scan will take a while so be patient and let it run.
  • Once the scan is complete it will display if your system has been infected.
    • Now click on the Save as Text button:
  • Save the file to your desktop.
  • Copy and paste that information in your next post.


Also post a new HJT log
  • 0

#15
VTut2734

VTut2734

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 140 posts
Kaspersky Log:

--------------------------------------------------------------------------------
KASPERSKY ONLINE SCANNER 7 REPORT
Saturday, August 30, 2008
Operating System: Microsoft Windows XP Professional Service Pack 2 (build 2600)
Kaspersky Online Scanner 7 version: 7.0.25.0
Program database last update: Thursday, August 28, 2008 22:34:32
Records in database: 1158372
--------------------------------------------------------------------------------

Scan settings:
Scan using the following database: extended
Scan archives: yes
Scan mail databases: yes

Scan area - My Computer:
C:\
D:\
E:\

Scan statistics:
Files scanned: 169335
Threat name: 6
Infected objects: 57986
Suspicious objects: 0
Duration of the scan: 26:48:47


File name / Threat name / Threats count
C:\Documents and Settings\Administrator\!\All 4 One - A Better Man.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - A41.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - ALL 4 One.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - An All 4 One Christmas.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - And The Music Speaks.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Beautiful As U.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Before U, Without U, After U.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Between Us.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Breathless.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Christmas With My Baby.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Colors Of Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Could This Be Magic.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Down To The Last Drop.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Fear No More.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Friday Night.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Frosty The Snowman.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Giving You My Heart Forever.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Green Light.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Heaven Sent.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Here For You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Here If You're Ready.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - How To Love Again.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - I Am Blessed.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - I Cross My Heart.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - I Just Wanna Be Your Everything.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - I Will Be Right Here.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - I'm Sorry.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - I'm Your Man.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - If You Want Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Keep It Goin' On.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Love Is More Than Just.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Mary's Little Boy Child.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - No Doubt.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Not Ready 4 Goodbye.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - O' Come All Ye Faithful.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Oh Girl.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - On And On.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - One More Summer Night.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - One Summer Night.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Open Up Your Eyes.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Roll Call.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Round & Round.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Santa Claus Is Coming To Town.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Secrets.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - She's Got Skillz.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Silent Night.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Smile Like Mona Lisa.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - So Much In Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Somebody To Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Something About You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - The Bomb.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - The Christmas Song.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - The First Noel.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - These Arms.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Think You're The One For Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - This Christmas.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Time To Come Home.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Until You Go.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - We Dedicate.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - We Wish A Merry Christmas.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Whatever You Want.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - When You Wish Upon A Star.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All 4 One - Without You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - All Hooked Up.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - All Saints.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Alone.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Beg.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Black Coffee.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Bootie Call.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Chick Fit.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Distance.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Dreams.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Flashback.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Fundamental.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Ha Ha.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Headlock.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Heaven.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - [bleep] No.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - I Feel You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - I Know Where It's At.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - If You Want To Party (I Found Lovin').mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - In It To Win It.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Lady Marmalade.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Love Is Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Never Ever.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Not Eazy.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - On And On.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - One Me And U.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Pure Shores.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Ready, Willing & Able.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Rock Steady.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Saints & Sinners.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Scar.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Studio 1.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Surrender.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Take The Key.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Trapped.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Under The Bridge.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\All Saints - Whoppin' Over You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - A Different Someone.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Closer To Habit.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Fake.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Immune.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Lies.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Lost In Your Words.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Misunderstood.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Point Of Origin.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Stitches.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Tightrope.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Allele - Unknown.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Broken Wings.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Burn It Down.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Down To My Last.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Find The Real.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - In Loving Memory.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Metalingus.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - One Day Remains.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Open Your Eyes.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Save Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Shed My Skin.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - The End Is Here.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Alter Bridge - Watch Your Words.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Acoustic Hearts Of Winter.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Chemicals React.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Collapsed.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Deck The Halls.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Do You Believe In Magic.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - God Rest Ye Merry Gentlemen.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Greatest Time Of Year.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - I Am One Of Them.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - I'll Be Home For Christmas.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - In A Second.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Into The Rush.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Jingle Bell Rock.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Joy To The World.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Let It Snow.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Little Drummer Boy.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Never Far Behind.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - No One.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Not This Year.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - On The Ride.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Out Of The Blue.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Potential Break Up Song.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Protecting Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Rush.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Shine.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Silent Night.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Slow Down.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Something More.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Speak For Myself.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Sticks And Stones.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - The First Noel.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Walking On Sunshine.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - We Three Kings.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Aly & Aj - Zip-A-Dee-Doo-Dah.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - Call Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - Can't Stop My Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - Crush On You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - Everybody Doesn't.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - If I Open Up My Heart To You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - No Pressure.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - Not The One (For Me).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - Start It All Over.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - That's Right.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - The Way I Am.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda - You Don't Stand A Chance.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Angel (Remix).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Angel.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Calling You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Candy Kisses.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Dedicate.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Fire.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Get 'Em Hype.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Hoe.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - I Like It.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - I Need You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - I Need Your Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - I Pray.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - I Still Love You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - In My Life.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Love Is Pain.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Make Me Feel.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Never.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - No More.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Run With It.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Where You At.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Whoa.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Perez - Your Body Is Mine.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Chasing The Sky.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Cry.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Getting There.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Homeless Heart.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - House Of Cards.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Lift You Up.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Maybe Tomorrow.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - My Real Life.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Paper Rain.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - She'll Get Over It.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Song On The Radio.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Undeniably Real.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amanda Stott - Waiting For My Star To Fall.mp3
C:\Documents and Settings\Administrator\!\Amel Larrieux - All I Got.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Beyond.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Bravebird.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Dear To Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Down.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Even If.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - For Real.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Get Up.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - I N I.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Infinite Possibilities.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Make Me Whole.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Sacred.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Searchin' For My Soul.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Sweet Misery.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - We Can Be New.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Weather.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amel Larrieux - Your Eyes.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - A Violent Reaction.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - All Wrapped Up.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Ameri[bleep] Evolving Into Useless Psychic Garbage.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Breathe In, Bleed Out.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Cowards.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Desertion.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Different.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Dirty.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Effigy.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Erratic.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Fall.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Feel The Curtain.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Fiend.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Just So You Know.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Leave Me Alone.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Loyalty.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Never Get Caught.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Nothing Gets Nothing.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Pledge Allegiance.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Pretty Face.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Pushing The Envelope.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Reach And Touch.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Ridicule.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Seamless.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Self.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Shutdown.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Song For The Suspect.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Stature.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Take What I've Taken.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - The Feeding.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - To Be Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - To Taste Acid.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Trepanation.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - Walk Away.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - War Of Art.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - We Believe.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - What.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Head Charge - When I Failed.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - American Hi-Fi.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Baby Come Home.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Beautiful Disaster.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Built For Speed.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Happy.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Hearts On Parade.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - [bleep] Yeah.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Highs And Lows.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Maybe Won't Do.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Nothing Left To Lose.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Rise.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Save Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Separation Anxiety.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Something Real.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Teenage Alien Nation.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - The Art Of Losing.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - The Breakup Song.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - The Everlasting Fall.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - The Geeks Get The Girls.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - The Gold Rush.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - This Is The Sound.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - We Can't Be Friends.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Hi-fi - Where Did We Go Wrong.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - ABC.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - American Juniors.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - Emotional.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - Have You Ever.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - No Matta What (Party All Night Long).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - One Step Closer.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - Reach Out I'll Be There.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - True Colors.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\American Juniors - Unstoppable.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - 1 Thing.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - All I Have.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - All I Need.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Can We Go.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Can't Let Go.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Come With Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Falling.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Float.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Got To Be There.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Hatin' On You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - I Just Died.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Just Like Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Like It Used To Be.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Need You Tonight.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Not The Only One.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Nothing Like Loving You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Outro.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Rolling Down My Face.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Show Me.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Take Control.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Talkin' About.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Think Of You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Touch.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Why Don't We Fall in Love (Remix).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amerie - Why Don't We Fall In Love (Richcraft Remix).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Canto Alla Vita.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Nessun Dorma.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Prayer In The Night.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Requiem For A Soldier.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Senza Catene (Unchained Melody).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Soave Sia Il Vento.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Song To The Moon.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - The Opera Band.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - The Pearl Fishers.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Vita Mia.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Whisper Of Angels.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amici Forever - Zadok The Priest.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amiel - Lovesong.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amiel - Obsession (I Love You).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - All My Friends.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Amos Lee.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Arms Of A Woman.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Black River.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Bottom Of The Barrel.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Careless.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Colors.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Dreamin'.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Freedom.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Give It Up.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Keep It Loose, Keep It Tight.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Long Line Of Pain.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Love In The Lies.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Night Train.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Seen It All Before.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Shout Out Loud.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Skipping Stone.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Soul Suckers.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Southern Girl.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Supply And Demand.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Sweet Pea.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amos Lee - Sympathize.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Beautiful Lie.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Carry Me Away.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - False Smiles.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Going Out Of My Mind.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Happy Now.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - If Only.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Just A Little Girl.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Ladder In My Tights.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Misfit.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Nobody.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Seconds Away.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Superior Mind.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Testify.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - Under The Thumb.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Studt - You're Gonna Be Fine.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - (There Is) No Greater Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Addicted.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Amy Amy Amy (Outro).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Back To Black.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Frank.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - [bleep] Me Pumps.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - He Can Only Hold Her.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Help Yourself.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - I Heard Love Is Blind.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - In My Bed.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Just Friends.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Know You Now.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Love Is A Losing Game.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Me And Mr Jones ([bleep]ery).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Moody's Mood For Love (Teo Licks).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - October Song.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Rehab.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Some Unholy War.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Stronger Than Me (Jazz Intro).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Take The Box.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Tears Dry On Their Own.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - Wake Up Alone.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - What It Is About Men.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - You Know I'm No Good.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Amy Winehouse - You Send Me Flying (Cherry).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - 6 Feet Under.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - Coz I Can.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - Crest Of The Way.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - Don't Cry For Pain.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - Here I Go Again.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - I'm Stupid.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - L.A..mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - Life.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - Now It's Gone.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - The Way I Am.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Ana Johnsson - We Are.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Anastacia.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Baptise My Soul.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Black Roses.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Cowboys & Kisses.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Don't Stop (Doin' It).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Don'tcha Wanna.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Freak Of Nature.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Heavy On My Heart.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - How Come The World Won't Stop.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - I Ask Of You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - I Do.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - I Dreamed You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - I'm Outta Love.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Left Outside Alone.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Love Is A Crime.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Love Is Alive.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Made For Lovin' You.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Maybe Today.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Not That Kind.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Nothing At All.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - One Day In Your Life.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - One More Chance.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Overdue Goodbye (Reprise).mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Overdue Goodbye.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Paid My Dues.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Pretty Little Dum Dum.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Rearview.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Same Old Story.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Seasons Change.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Secrets.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Sexy Single.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia - Sick & Tired.mp3 Infected: Trojan-Downloader.WMA.GetCodec.b 1
C:\Documents and Settings\Administrator\!\Anastacia -
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP