This topic is locked
I have the same problems as norsecode, wuauclt.exe file is infected. I was following this topic but it was terminated before it was concluded.
I have contacted mitch8 and he told me to post my scan results on a new topic.
So far I have run OTL and Scan.txt, in safe mode, and I am now logging the results on my work PC.
I hope this is what is required.
OTL logfile created on: 08/11/2010 10:46:15 - Run 1
OTL by OldTimer - Version 3.2.17.3 Folder = C:\Documents and Settings\Hiromi\Desktop
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.11)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy
503.00 Mb Total Physical Memory | 362.00 Mb Available Physical Memory | 72.00% Memory free
1.00 Gb Paging File | 1.00 Gb Available in Paging File | 94.00% Paging File free
Paging file location(s): C:\pagefile.sys 756 1512 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 34.31 Gb Total Space | 14.99 Gb Free Space | 43.68% Space Free | Partition Type: NTFS
Computer Name: HENRY | User Name: Hiromi | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - [2010/11/07 21:51:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hiromi\Desktop\OTL.scr
PRC - [2010/11/07 21:50:55 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hiromi\Desktop\OTH.scr
========== Modules (SafeList) ==========
MOD - [2010/11/07 21:51:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hiromi\Desktop\OTL.scr
MOD - [2010/08/23 16:12:02 | 001,054,208 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\WinSxS\x86_Microsoft.Windows.Common-Controls_6595b64144ccf1df_6.0.2600.6028_x-ww_61e65202\comctl32.dll
========== Win32 Services (SafeList) ==========
SRV - File not found [On_Demand | Stopped] -- C:\WINDOWS\System32\appmgmts.dll -- (AppMgmt)
SRV - [2010/11/02 20:18:50 | 000,251,216 | ---- | M] (CA, Inc.) [On_Demand | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\ccprovsp.exe -- (CaCCProvSP)
SRV - [2010/11/02 20:18:48 | 000,206,160 | ---- | M] (Computer Associates International, Inc.) [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\ccschedulersvc.exe -- (ccSchedulerSVC)
SRV - [2010/11/02 20:18:41 | 000,212,992 | ---- | M] (Computer Associates International, Inc.) [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\isafe.exe -- (CAISafe)
SRV - [2010/11/02 20:18:32 | 000,206,152 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus Plus\CAAMSvc.exe -- (CAAMSvc)
SRV - [2010/09/17 12:21:00 | 000,301,648 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxPol.exe -- (UmxPol)
SRV - [2010/08/24 12:07:34 | 000,740,160 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxCfg.exe -- (UmxCfg)
SRV - [2010/08/13 11:58:56 | 000,144,672 | ---- | M] (Apple Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe -- (Apple Mobile Device)
SRV - [2009/12/14 10:26:02 | 000,668,912 | ---- | M] (Radialpoint Inc.) [Auto | Stopped] -- C:\Program Files\Virgin Media\HUB\ServicepointService.exe -- (ServicepointService)
SRV - [2009/08/04 09:42:18 | 000,887,288 | ---- | M] (CA) [Auto | Stopped] -- C:\Program Files\CA\SharedComponents\HIPSEngine\UmxAgent.exe -- (UmxAgent)
SRV - [2007/03/07 14:47:46 | 000,076,848 | ---- | M] () [On_Demand | Stopped] -- C:\Program Files\DellSupport\brkrsvc.exe -- (DSBrokerService)
SRV - [2005/11/14 00:06:04 | 000,069,632 | ---- | M] (Macrovision Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe -- (IDriverT)
SRV - [2004/09/07 15:12:32 | 000,225,353 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER)
SRV - [2004/09/07 15:05:10 | 000,360,521 | ---- | M] (Intel Corporation ) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe -- (S24EventMonitor)
SRV - [2004/09/07 15:02:40 | 000,086,016 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe -- (EvtEng)
SRV - [2004/09/07 15:02:04 | 000,139,264 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe -- (RegSrvc)
========== Driver Services (SafeList) ==========
DRV - File not found [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\DRIVERS\wanatw4.sys -- (wanatw) WAN Miniport (ATW)
DRV - File not found [Kernel | Disabled | Stopped] -- C:\WINDOWS\System32\DRIVERS\agp440.sys -- (agp440)
DRV - [2010/09/17 12:21:00 | 000,135,248 | ---- | M] (CA) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\KmxAMRT.sys -- (KmxAMRT)
DRV - [2010/06/09 06:54:38 | 000,244,304 | ---- | M] (CA) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KmxCfg.sys -- (KmxCfg)
DRV - [2010/05/10 18:41:30 | 000,067,656 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Documents and Settings\Hiromi\Local Settings\Temp\SAS_SelfExtract\saskutil.sys -- (SASKUTIL)
DRV - [2010/05/03 02:12:02 | 000,108,112 | ---- | M] (CA) [Kernel | Boot | Stopped] -- C:\WINDOWS\System32\DRIVERS\kmxstart.sys -- (KmxStart)
DRV - [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys -- (MBAMSwissArmy)
DRV - [2010/03/22 13:58:42 | 000,079,864 | ---- | M] (CA) [File_System | System | Stopped] -- C:\WINDOWS\system32\drivers\KmxAgent.sys -- (KmxAgent)
DRV - [2010/02/17 18:25:48 | 000,012,872 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Stopped] -- C:\Documents and Settings\Hiromi\Local Settings\Temp\SAS_SelfExtract\sasdifsv.sys -- (SASDIFSV)
DRV - [2009/03/27 14:27:04 | 000,598,656 | ---- | M] (Computer Associates International, Inc.) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\KmxAMVet.sys -- (KmxAMVet)
DRV - [2008/04/13 18:36:39 | 000,043,008 | ---- | M] (Advanced Micro Devices, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\amdagp.sys -- (amdagp)
DRV - [2008/04/13 18:36:39 | 000,040,960 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sisagp.sys -- (sisagp)
DRV - [2007/02/25 11:10:48 | 000,005,376 | --S- | M] (Gteko Ltd.) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\dsunidrv.sys -- (dsunidrv)
DRV - [2007/01/04 11:01:08 | 000,061,536 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sea1bus.sys -- (sea1bus) Sony Ericsson Device 0A1 driver (WDM)
DRV - [2006/10/05 15:07:28 | 000,004,736 | ---- | M] (Gteko Ltd.) [Kernel | On_Demand | Stopped] -- C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys -- (DSproct)
DRV - [2006/07/15 23:25:52 | 000,094,064 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdm.sys -- (k510mdm)
DRV - [2006/07/15 23:25:52 | 000,085,408 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mgmt.sys -- (k510mgmt) Sony Ericsson K510 USB WMC Device Management Drivers (WDM)
DRV - [2006/07/15 23:25:52 | 000,083,344 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510obex.sys -- (k510obex)
DRV - [2006/07/15 23:25:52 | 000,008,336 | ---- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510mdfl.sys -- (k510mdfl)
DRV - [2006/02/17 19:34:10 | 000,058,288 | R--- | M] (MCCI) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\k510bus.sys -- (k510bus) Sony Ericsson K510 Driver driver (WDM)
DRV - [2005/05/31 04:33:00 | 000,100,605 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudfa.sys -- (tfsnudfa)
DRV - [2005/05/31 04:33:00 | 000,098,716 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnudf.sys -- (tfsnudf)
DRV - [2005/05/31 04:33:00 | 000,086,876 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnifs.sys -- (tfsnifs)
DRV - [2005/05/31 04:33:00 | 000,034,845 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsncofs.sys -- (tfsncofs)
DRV - [2005/05/31 04:33:00 | 000,025,725 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnboio.sys -- (tfsnboio)
DRV - [2005/05/31 04:33:00 | 000,015,069 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnopio.sys -- (tfsnopio)
DRV - [2005/05/31 04:33:00 | 000,006,365 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsnpool.sys -- (tfsnpool)
DRV - [2005/05/31 04:33:00 | 000,004,125 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndrct.sys -- (tfsndrct)
DRV - [2005/05/31 04:33:00 | 000,002,241 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\dla\tfsndres.sys -- (tfsndres)
DRV - [2005/05/13 09:37:28 | 000,005,627 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\sscdbhk5.sys -- (sscdbhk5)
DRV - [2005/05/13 09:37:20 | 000,023,545 | ---- | M] (Sonic Solutions) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\ssrtln.sys -- (ssrtln)
DRV - [2005/04/22 02:22:00 | 000,088,352 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\WINDOWS\system32\drivers\drvmcdb.sys -- (drvmcdb)
DRV - [2005/04/21 01:56:00 | 000,040,544 | ---- | M] (Sonic Solutions) [File_System | Auto | Stopped] -- C:\WINDOWS\system32\drivers\drvnddm.sys -- (drvnddm)
DRV - [2004/11/16 15:03:52 | 000,108,791 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2004/10/21 19:56:04 | 003,210,496 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\w29n51.sys -- (w29n51) Intel®
DRV - [2004/09/15 23:53:12 | 000,271,704 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\STAC97.sys -- (STAC97)
DRV - [2004/08/31 07:53:04 | 000,011,354 | ---- | M] (Intel Corporation) [Kernel | Auto | Stopped] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2004/08/18 13:53:54 | 000,016,128 | ---- | M] (Dell Inc) [Kernel | System | Stopped] -- C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS -- (APPDRV)
DRV - [2004/08/12 07:44:04 | 000,234,496 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\iwca.sys -- (IWCA)
DRV - [2004/08/04 04:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/08/03 21:29:56 | 001,897,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\nv4_mini.sys -- (nv)
DRV - [2004/06/17 19:57:02 | 000,200,064 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSFHWICH.sys -- (HSFHWICH)
DRV - [2004/06/17 19:55:38 | 000,685,056 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2004/06/17 19:55:04 | 001,041,536 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\HSF_DP.sys -- (HSF_DP)
DRV - [2004/05/26 19:18:18 | 000,044,928 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2004/02/13 15:46:00 | 000,017,153 | ---- | M] (Dell Inc) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\omci.sys -- (omci)
DRV - [2001/08/17 13:07:44 | 000,019,072 | ---- | M] (Adaptec, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sparrow.sys -- (Sparrow)
DRV - [2001/08/17 13:07:42 | 000,030,688 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_u3.sys -- (sym_u3)
DRV - [2001/08/17 13:07:40 | 000,028,384 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\sym_hi.sys -- (sym_hi)
DRV - [2001/08/17 13:07:36 | 000,032,640 | ---- | M] (LSI Logic) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc8xx.sys -- (symc8xx)
DRV - [2001/08/17 13:07:34 | 000,016,256 | ---- | M] (Symbios Logic Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\symc810.sys -- (symc810)
DRV - [2001/08/17 12:52:22 | 000,036,736 | ---- | M] (Promise Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ultra.sys -- (ultra)
DRV - [2001/08/17 12:52:20 | 000,045,312 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql12160.sys -- (ql12160)
DRV - [2001/08/17 12:52:20 | 000,040,320 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1080.sys -- (ql1080)
DRV - [2001/08/17 12:52:18 | 000,049,024 | ---- | M] (QLogic Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\ql1280.sys -- (ql1280)
DRV - [2001/08/17 12:52:16 | 000,179,584 | ---- | M] (Mylex Corporation) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\dac2w2k.sys -- (dac2w2k)
DRV - [2001/08/17 12:52:12 | 000,017,280 | ---- | M] (American Megatrends Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\mraid35x.sys -- (mraid35x)
DRV - [2001/08/17 12:52:00 | 000,026,496 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc.sys -- (asc)
DRV - [2001/08/17 12:51:58 | 000,014,848 | ---- | M] (Advanced System Products, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\asc3550.sys -- (asc3550)
DRV - [2001/08/17 12:51:56 | 000,005,248 | ---- | M] (Acer Laboratories Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\aliide.sys -- (AliIde)
DRV - [2001/08/17 12:51:54 | 000,006,656 | ---- | M] (CMD Technology, Inc.) [Kernel | Disabled | Stopped] -- C:\WINDOWS\system32\DRIVERS\cmdide.sys -- (CmdIde)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.dell.co.uk/myway
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKCU\..\URLSearchHook: - Reg Error: Key error. File not found
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local>
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:10293
========== FireFox ==========
FF - prefs.js..browser.search.defaultenginename: "Google"
FF - prefs.js..browser.search.defaulturl: "http://www.google.co...-8&oe=UTF-8&q="
FF - prefs.js..browser.search.selectedEngine: "Google"
FF - prefs.js..browser.startup.homepage: "http://en-GB.start.m...en-GB:official"
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\Program Files\Real\RealPlayer\browserrecord [2008/06/27 21:00:28 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{86CE05E1-F2EC-4321-A426-60D1261ED34B}: C:\Documents and Settings\Hiromi\Local Settings\Application Data\{86CE05E1-F2EC-4321-A426-60D1261ED34B} [2009/08/27 20:42:05 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/09/15 21:32:20 | 000,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 2.0.0.20\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010/09/15 21:32:20 | 000,000,000 | ---D | M]
[2006/12/07 00:51:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Mozilla\Firefox\Profiles\mw246t0a.default\extensions
[2010/11/03 11:28:18 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions
[2006/12/07 00:48:13 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2010/05/02 22:23:21 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/05 21:03:13 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
[2007/02/11 17:22:42 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/10/31 11:55:27 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions\[email protected]
[2009/10/31 11:55:06 | 000,067,688 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jar50.dll
[2009/10/31 11:55:06 | 000,054,368 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\jsd3250.dll
[2009/10/31 11:55:06 | 000,034,944 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\myspell.dll
[2009/10/31 11:55:08 | 000,046,712 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\spellchk.dll
[2009/10/31 11:55:09 | 000,172,136 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\components\xpinstal.dll
[2010/07/17 04:00:04 | 000,423,656 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Mozilla Firefox\plugins\npdeployJava1.dll
[2009/10/31 11:55:23 | 000,001,538 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\amazon-en-GB.xml
[2009/10/31 11:55:24 | 000,000,947 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\chambers-en-GB.xml
[2009/10/31 11:55:24 | 000,001,077 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\eBay-en-GB.xml
[2009/10/31 11:55:24 | 000,000,831 | ---- | M] () -- C:\Program Files\Mozilla Firefox\searchplugins\yahoo-en-GB.xml
O1 HOSTS File: ([2004/08/04 04:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {10134636-E7AF-4AC5-A1DC-C7C44BB97D81} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\Apoint\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [cctray] C:\Program Files\CA\CA Internet Security Suite\casc.exe (CA, Inc.)
O4 - HKLM..\Run: [Dell QuickSet] C:\Program Files\Dell\QuickSet\quickset.exe ()
O4 - HKLM..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe ()
O4 - HKLM..\Run: [dscactivate] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe ( )
O4 - HKLM..\Run: [Etovuheqico] C:\WINDOWS\uwecaguhim.DLL (eEye Digital Security)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [ISUSPM Startup] C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [ISUSScheduler] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe (InstallShield Software Corporation)
O4 - HKLM..\Run: [KernelFaultCheck] File not found
O4 - HKLM..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe (ScanSoft, Inc)
O4 - HKLM..\Run: [UserFaultCheck] File not found
O4 - HKLM..\Run: [VirginMediaHUB.exe] C:\Program Files\Virgin Media\HUB\VirginMediaHUB.exe (Virgin Media)
O4 - HKCU..\Run: [accacei] c:\documents and settings\hiromi\local settings\application data\accacei.exe (imprenable)
O4 - HKCU..\Run: [DellSupport] C:\Program Files\DellSupport\DSAgnt.exe (Gteko Ltd.)
O4 - HKCU..\Run: [wojiptda] C:\Documents and Settings\Hiromi\Local Settings\Temp\rpjycltqb\traowabdlta.exe ()
O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk = C:\Program Files\Digital Line Detect\DLG.exe (BVRP Software)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoCDBurning = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ClassicShell = 0
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O12 - Plugin for: .spop - C:\Program Files\Internet Explorer\PLUGINS\NPDocBox.dll (Intertrust Technologies, Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {A9CF3378-D60E-40A8-927D-7EA0D5B0AA98} http://webalbum.bonu...geUploader6.cab (Bonusprint Image Uploader Version 6.x Control)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_21)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - igfxsrvc.dll - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O20 - Winlogon\Notify\IntelWireless: DllName - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll - C:\Program Files\Intel\Wireless\Bin\LgNotify.dll (Intel Corporation)
O20 - Winlogon\Notify\PFW: DllName - UmxWnp.Dll - C:\WINDOWS\System32\UmxWNP.dll (CA)
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O29 - HKLM SecurityProviders - (xlibgfl254.dll) - File not found
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/08/10 12:04:08 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O33 - MountPoints2\{d2d38625-bdf1-11df-9563-00123fd6aaef}\Shell\AutoRun\command - "" = E:\Launcher.exe -- File not found
O34 - HKLM BootExecute: (autocheck autochk *) - File not found
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
NetSvcs: 6to4 - File not found
NetSvcs: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
NetSvcs: Ias - File not found
NetSvcs: Iprip - File not found
NetSvcs: Irmon - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: WmdmPmSp - File not found
Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation)
Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.)
Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.)
Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll ()
Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation)
Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation)
SafeBootMin: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: sermouse.sys - Driver
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vds - Service
SafeBootMin: vga.sys - Driver
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: AppMgmt - C:\WINDOWS\System32\appmgmts.dll File not found
SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: sermouse.sys - Driver
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vga.sys - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
ActiveX: {03F998B2-0E00-11D3-A498-00104B6EB52E} - Viewpoint Media Player
ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML)
ActiveX: {1B00725B-C455-4DE6-BFB6-AD540AD427CD} - Viewpoint Media Player
ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4
ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation
ActiveX: {2A3320D6-C805-4280-B423-B665BDE33D8F} - Microsoft .NET Framework 1.1 Security Update (KB979906)
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {2F6EFCE6-10DF-49F9-9E64-9AE3775B2588} - Microsoft .NET Framework 1.1 Security Update (KB2416447)
ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe
ActiveX: {411EDCF7-755D-414E-A74B-3DCD6583F589} - Microsoft .NET Framework 1.1 Service Pack 1 (KB867460)
ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install
ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT
ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7
ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser
ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install
ActiveX: {8b15971b-5355-4c82-8c07-7e181ea07608} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\fxsocm.inf,Fax.Install.PerUser
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {94de52c8-2d59-4f1b-883e-79663d2d9a8c} - Fax Provider
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} - .NET Framework
ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1
ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigIE
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP
ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE
CREATERESTOREPOINT
Error starting restore point: The function was called in safe mode.
Error closing restore point: The sequence number is invalid.
========== Files/Folders - Created Within 30 Days ==========
[2010/11/07 22:12:35 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hiromi\Application Data\Malwarebytes
[2010/11/07 22:10:52 | 006,153,352 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hiromi\Desktop\mbam-setup-1.46.exe
[2010/11/07 21:51:11 | 000,575,488 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hiromi\Desktop\OTL.scr
[2010/11/07 21:50:52 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Hiromi\Desktop\OTH.scr
[2010/11/05 08:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hiromi\Application Data\SUPERAntiSpyware.com
[2010/11/05 08:19:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com
[2010/11/05 08:18:30 | 000,000,000 | ---D | C] -- C:\stdtsa
[2010/11/03 22:11:45 | 000,000,000 | ---D | C] -- C:\Program Files\ESET
[2010/11/03 21:51:14 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2010/11/03 21:51:13 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2010/11/03 21:51:12 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2010/11/03 21:51:12 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2010/11/03 21:49:31 | 006,153,384 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hiromi\Desktop\mbam-setup.exe
[2010/11/03 15:12:08 | 000,000,000 | ---D | C] -- C:\1e0e14bc753929262bb0e66ca33db2
[2010/11/03 10:42:47 | 000,628,224 | ---- | C] (SBqmc6jpJRS) -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\syssvc.exe
[2010/10/12 20:22:32 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\PackageAware
[2010/07/28 21:15:04 | 014,646,912 | ---- | C] (CA ) -- C:\Program Files\uk_pct_ca_en_UKDef2010_trial.exe
[2010/07/28 20:54:03 | 001,341,176 | ---- | C] (CA) -- C:\Program Files\am_ca_en.exe
[2010/05/02 20:52:14 | 003,382,520 | ---- | C] (Piriform Ltd) -- C:\Program Files\ccsetup231.exe
[2010/04/22 21:13:32 | 003,249,328 | ---- | C] (Virgin Media) -- C:\Program Files\VirginMediaHUB-S.exe
[2009/06/11 12:03:16 | 000,281,600 | ---- | C] (imprenable) -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\accacei.exe
[2009/06/02 21:26:15 | 004,909,440 | ---- | C] (Microsoft Corporation) -- C:\Program Files\Silverlight.2.0.exe
[2008/07/27 14:45:00 | 103,893,576 | ---- | C] (CA, Inc. ) -- C:\Program Files\issdm_en_32.exe
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files - Modified Within 30 Days ==========
[2010/11/08 10:37:09 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2010/11/08 10:36:21 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2010/11/08 10:32:23 | 000,007,501 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2010/11/08 10:32:23 | 000,000,293 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2010/11/08 10:32:23 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2010/11/08 10:32:23 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2010/11/08 10:32:23 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2010/11/08 10:32:23 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2010/11/08 10:32:23 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2010/11/08 10:32:23 | 000,000,085 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2010/11/08 10:32:23 | 000,000,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2010/11/08 10:31:33 | 000,002,205 | ---- | M] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\accacei.dat
[2010/11/08 10:28:44 | 000,000,868 | ---- | M] () -- C:\WINDOWS\tasks\Google Software Updater.job
[2010/11/08 10:28:31 | 000,000,292 | ---- | M] () -- C:\WINDOWS\tasks\iMeshNAG.job
[2010/11/08 09:14:03 | 000,003,176 | ---- | M] () -- C:\WINDOWS\Iletucejalafoqi.dat
[2010/11/07 22:10:48 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hiromi\Desktop\mbam-setup-1.46.exe
[2010/11/07 21:51:17 | 000,575,488 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hiromi\Desktop\OTL.scr
[2010/11/07 21:50:55 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Hiromi\Desktop\OTH.scr
[2010/11/07 21:08:40 | 000,242,328 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/11/03 22:10:12 | 002,672,312 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\esetsmartinstaller_enu.exe
[2010/11/03 22:06:41 | 011,802,408 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\SAS_16832.COM
[2010/11/03 21:58:01 | 011,802,408 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\SAS_631F528.COM
[2010/11/03 21:52:42 | 000,364,032 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\rkill.com
[2010/11/03 21:51:18 | 000,000,696 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/03 21:50:15 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hiromi\Desktop\mbam-setup.exe
[2010/11/03 20:38:43 | 076,859,232 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\std20sasfx.exe
[2010/11/03 10:42:50 | 000,628,224 | ---- | M] (SBqmc6jpJRS) -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\syssvc.exe
[2010/11/02 20:18:41 | 000,128,336 | ---- | M] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\isafeif.dll
[2010/11/02 20:18:41 | 000,095,568 | ---- | M] (Computer Associates International, Inc.) -- C:\WINDOWS\System32\vetredir.dll
[2010/11/01 21:38:30 | 000,384,930 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2010/11/01 21:38:30 | 000,054,614 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2010/11/01 21:27:36 | 000,191,586 | ---- | M] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\accacei_nav.dat
[2010/10/21 19:09:02 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2010/10/15 02:15:16 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2010/10/12 20:26:24 | 000,000,143 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\Continue iMesh installation.url
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
========== Files Created - No Company Name ==========
[2010/11/03 22:08:53 | 002,672,312 | ---- | C] () -- C:\Documents and Settings\Hiromi\Desktop\esetsmartinstaller_enu.exe
[2010/11/03 22:02:39 | 011,802,408 | ---- | C] () -- C:\Documents and Settings\Hiromi\Desktop\SAS_16832.COM
[2010/11/03 21:53:55 | 011,802,408 | ---- | C] () -- C:\Documents and Settings\Hiromi\Desktop\SAS_631F528.COM
[2010/11/03 21:52:52 | 000,364,032 | ---- | C] () -- C:\Documents and Settings\Hiromi\Desktop\rkill.com
[2010/11/03 21:51:18 | 000,000,696 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2010/11/03 20:36:51 | 076,859,232 | ---- | C] () -- C:\Documents and Settings\Hiromi\Desktop\std20sasfx.exe
[2010/11/02 22:08:23 | 000,007,501 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k0
[2010/11/02 22:08:23 | 000,000,293 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k1
[2010/11/02 22:08:23 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k7
[2010/11/02 22:08:23 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k6
[2010/11/02 22:08:23 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k5
[2010/11/02 22:08:23 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k4
[2010/11/02 22:08:23 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k3
[2010/11/02 22:08:23 | 000,000,085 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxcfg.u2k2
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k7
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k6
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k5
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k4
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k3
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k2
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k1
[2010/11/02 22:08:23 | 000,000,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\kmxzone.u2k0
[2010/10/12 20:26:24 | 000,000,143 | ---- | C] () -- C:\Documents and Settings\Hiromi\Desktop\Continue iMesh installation.url
[2010/10/12 20:26:23 | 000,000,292 | ---- | C] () -- C:\WINDOWS\tasks\iMeshNAG.job
[2009/10/01 20:33:43 | 000,019,413 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\tidib.dll
[2009/10/01 20:33:43 | 000,019,400 | ---- | C] () -- C:\Program Files\Common Files\onoxa.reg
[2009/10/01 20:33:43 | 000,016,147 | ---- | C] () -- C:\Program Files\Common Files\ofyviq.bin
[2009/10/01 20:33:43 | 000,014,259 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\apyl.bat
[2009/10/01 20:33:43 | 000,013,390 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\emoki.exe
[2009/10/01 20:33:43 | 000,012,422 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\tejiqipi.db
[2009/10/01 20:33:43 | 000,011,858 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\gehaw.lib
[2009/10/01 20:33:42 | 000,016,866 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\lojokyr.lib
[2009/10/01 20:33:42 | 000,016,389 | ---- | C] () -- C:\Program Files\Common Files\lotasav.lib
[2009/10/01 20:33:42 | 000,012,920 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\juqapynozi.scr
[2009/10/01 20:33:42 | 000,010,803 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\qubamu.sys
[2009/10/01 20:33:41 | 000,016,221 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\veqybyqy._sy
[2009/10/01 20:33:41 | 000,010,475 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ulev.reg
[2009/09/30 08:19:33 | 000,017,942 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\equxijylu.reg
[2009/09/30 08:19:31 | 000,017,049 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\rubexazuj.sys
[2009/09/30 08:19:31 | 000,014,333 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ovid._sy
[2009/09/30 08:19:30 | 000,019,185 | ---- | C] () -- C:\Program Files\Common Files\ahyz.dll
[2009/09/30 08:19:30 | 000,018,695 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\hifomyso.bat
[2009/09/30 08:19:30 | 000,012,940 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\ahylymog.com
[2009/09/30 08:19:29 | 000,019,096 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\ijecapak.ban
[2009/09/30 08:19:29 | 000,015,012 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\waqe.lib
[2009/09/30 08:19:29 | 000,013,724 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\likevobobo.reg
[2009/09/30 08:19:28 | 000,016,136 | ---- | C] () -- C:\Program Files\Common Files\vumykup.bin
[2009/09/30 08:19:28 | 000,015,302 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\xegabafaxa.lib
[2009/09/30 08:19:28 | 000,010,166 | ---- | C] () -- C:\Program Files\Common Files\etesejycu.ban
[2009/09/30 08:19:26 | 000,016,517 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\ahemukoxo.dat
[2009/09/30 08:19:26 | 000,013,578 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\vucolomuf.reg
[2009/09/30 08:19:26 | 000,010,867 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\riboledeky.dl
[2009/09/30 08:08:32 | 000,018,271 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\inynizy.dat
[2009/09/30 08:08:32 | 000,014,091 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\rygakelil.dat
[2009/09/30 08:08:32 | 000,012,076 | ---- | C] () -- C:\Program Files\Common Files\upibok.sys
[2009/09/30 08:08:31 | 000,019,723 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\uzocozugir.com
[2009/09/30 08:08:31 | 000,016,678 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mowez.bin
[2009/09/30 08:08:31 | 000,014,389 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\zuwede.ban
[2009/09/30 08:08:31 | 000,013,320 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\acesixu.db
[2009/09/30 08:08:31 | 000,012,240 | ---- | C] () -- C:\Program Files\Common Files\izegy.ban
[2009/09/30 08:08:30 | 000,012,245 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\irocif.dl
[2009/09/30 08:08:28 | 000,019,280 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ucefyjuwa.dl
[2009/09/30 08:08:28 | 000,018,983 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\cijisyq._dl
[2009/09/30 08:08:28 | 000,016,623 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\onukeje.dll
[2009/09/30 08:08:28 | 000,012,733 | ---- | C] () -- C:\Program Files\Common Files\soboke.db
[2009/09/30 08:08:28 | 000,011,699 | ---- | C] () -- C:\Program Files\Common Files\toxaf.pif
[2009/09/30 08:08:28 | 000,010,805 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\xukavipu.lib
[2009/09/30 08:08:27 | 000,012,473 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\pokulumak.bin
[2009/09/30 07:55:12 | 000,018,953 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\vahymora.reg
[2009/09/30 07:55:11 | 000,017,715 | ---- | C] () -- C:\WINDOWS\okura.dll
[2009/09/30 07:55:11 | 000,012,161 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ibicohut.dll
[2009/09/30 07:55:11 | 000,012,130 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\komecolez._sy
[2009/09/30 07:55:11 | 000,012,094 | ---- | C] () -- C:\Program Files\Common Files\furetowupe._sy
[2009/09/30 07:55:10 | 000,013,352 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\cupyf.bin
[2009/09/30 07:55:10 | 000,010,275 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\utevylon.dl
[2009/09/30 07:55:08 | 000,015,536 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\tatitivi.reg
[2009/09/30 07:55:07 | 000,011,983 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\sylijyq.lib
[2009/09/30 07:55:06 | 000,010,867 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\irigo.sys
[2009/09/30 07:55:05 | 000,017,379 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\fafimecod.reg
[2009/09/18 20:02:34 | 000,012,343 | ---- | C] () -- C:\Program Files\Common Files\zecybihehe.sys
[2009/09/18 20:02:31 | 000,014,663 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\usomec.dll
[2009/09/18 20:02:31 | 000,011,843 | ---- | C] () -- C:\Documents and Settings\Hiromi\Application Data\agazucibu.lib
[2009/09/18 20:02:26 | 000,014,260 | ---- | C] () -- C:\Program Files\Common Files\qiwuh.dl
[2009/09/18 20:02:20 | 000,012,940 | ---- | C] () -- C:\Documents and Settings\Hiromi\Application Data\axym.ban
[2009/09/18 20:02:19 | 000,018,967 | ---- | C] () -- C:\Documents and Settings\Hiromi\Application Data\afamic._sy
[2009/09/18 20:02:17 | 000,015,517 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\ewemarus._sy
[2009/09/18 20:02:15 | 000,014,188 | ---- | C] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\redax.dll
[2009/09/18 20:02:14 | 000,012,780 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\giho.bin
[2009/09/18 20:02:01 | 000,011,004 | ---- | C] () -- C:\Documents and Settings\Hiromi\Application Data\rahyg.com
[2009/09/18 19:57:13 | 000,017,437 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\muwejiwa.bat
[2009/09/18 19:57:13 | 000,017,271 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\tazicymy._dl
[2009/09/18 19:57:13 | 000,017,223 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\nefepylugy.pif
[2009/09/18 19:57:13 | 000,015,340 | ---- | C] () -- C:\Program Files\Common Files\ifyqicozy.dl
[2009/09/18 19:57:13 | 000,015,245 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\amynetyfu.exe
[2009/09/18 19:57:13 | 000,012,255 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\ysiq.dl
[2009/09/18 19:57:13 | 000,010,128 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\fypazah.dl
[2009/09/18 19:57:12 | 000,018,745 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\mogyzof.lib
[2009/09/18 19:57:12 | 000,017,261 | ---- | C] () -- C:\Program Files\Common Files\tapunihame.lib
[2009/09/18 19:57:12 | 000,016,389 | ---- | C] () -- C:\Program Files\Common Files\ezoki.bat
[2009/09/18 19:57:12 | 000,015,320 | ---- | C] () -- C:\Program Files\Common Files\oxiwi.sys
[2009/09/18 19:57:12 | 000,013,757 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\enugoku.db
[2009/09/18 19:57:12 | 000,012,873 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\qygusun._dl
[2009/09/18 19:57:11 | 000,017,145 | ---- | C] () -- C:\Program Files\Common Files\pyhyjamypu.lib
[2009/09/18 19:57:11 | 000,014,694 | ---- | C] () -- C:\Program Files\Common Files\hixowucaj.scr
[2009/09/18 19:57:11 | 000,014,571 | ---- | C] () -- C:\Program Files\Common Files\notyva.dl
[2009/09/17 20:04:03 | 000,015,043 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\apuwemygic.dll
[2009/09/17 20:04:03 | 000,010,606 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\yvabag.bin
[2009/09/17 20:04:01 | 000,018,077 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\gaqowudod.scr
[2009/09/17 20:04:00 | 000,017,764 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\gyhy.sys
[2009/09/17 20:04:00 | 000,010,252 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\voqoqepu.vbs
[2009/09/17 20:04:00 | 000,010,247 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\pyfob.scr
[2009/08/22 21:04:53 | 000,003,387 | ---- | C] () -- C:\WINDOWS\DNAPrinters.ini
[2009/08/20 20:46:08 | 000,019,469 | ---- | C] () -- C:\Program Files\Common Files\ewodon.scr
[2009/08/20 20:46:08 | 000,017,599 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\erekonu.bat
[2009/08/20 20:46:08 | 000,017,387 | ---- | C] () -- C:\Program Files\Common Files\akiguhy.db
[2009/08/20 20:46:08 | 000,017,353 | ---- | C] () -- C:\WINDOWS\System32\ulojut.sys
[2009/08/20 20:46:08 | 000,017,080 | ---- | C] () -- C:\Program Files\Common Files\dimenasek.dat
[2009/08/20 20:46:08 | 000,016,243 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\onodivu._dl
[2009/08/20 20:46:08 | 000,016,239 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\bequrymux.dl
[2009/08/20 20:46:08 | 000,015,962 | ---- | C] () -- C:\Program Files\Common Files\ojehip.lib
[2009/08/20 20:46:08 | 000,015,388 | ---- | C] () -- C:\Program Files\Common Files\hiqunamo._dl
[2009/08/20 20:46:08 | 000,015,018 | ---- | C] () -- C:\Program Files\Common Files\amutubiju.com
[2009/08/20 20:46:08 | 000,012,044 | ---- | C] () -- C:\WINDOWS\lygar.sys
[2009/08/20 20:46:08 | 000,011,826 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\asep.reg
[2009/08/20 20:46:08 | 000,011,622 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\qicoqi.db
[2009/08/20 20:46:08 | 000,010,863 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\wejizegeq.reg
[2009/08/20 20:46:08 | 000,010,809 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\omydajuq.scr
[2009/08/20 20:46:08 | 000,010,438 | ---- | C] () -- C:\Documents and Settings\LocalService\Application Data\ulamixak.reg
[2009/08/17 20:14:17 | 000,000,024 | ---- | C] () -- C:\Documents and Settings\Hiromi\Application Data\wiaserva.log
[2009/06/11 12:03:50 | 000,191,586 | ---- | C] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\accacei_nav.dat
[2009/06/11 12:03:50 | 000,000,687 | ---- | C] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\accacei_navps.dat
[2009/06/11 12:03:49 | 000,002,205 | ---- | C] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\accacei.dat
[2008/07/27 21:27:58 | 000,000,393 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2008/07/20 20:58:40 | 019,153,264 | ---- | C] () -- C:\Program Files\aaw2008.exe
[2007/12/17 14:46:36 | 000,001,751 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\QTSBandwidthCache
[2007/01/30 19:34:40 | 000,000,000 | ---- | C] () -- C:\Documents and Settings\Hiromi\Application Data\Install.dat
[2006/12/10 02:18:00 | 000,000,129 | ---- | C] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\fusioncache.dat
[2006/11/26 10:55:20 | 000,000,002 | ---- | C] () -- C:\WINDOWS\msoffice.ini
[2006/07/15 23:46:02 | 000,000,000 | ---- | C] () -- C:\WINDOWS\mngui.INI
[2005/08/20 14:47:03 | 000,000,525 | ---- | C] () -- C:\WINDOWS\MAXLINK.INI
[2005/07/03 11:01:21 | 000,000,432 | ---- | C] () -- C:\WINDOWS\dellstat.ini
[2005/07/03 11:00:48 | 000,040,960 | ---- | C] () -- C:\WINDOWS\System32\dlbcvs.dll
[2005/07/03 11:00:44 | 000,000,373 | ---- | C] () -- C:\WINDOWS\System32\dlbccoin.ini
[2005/06/14 21:30:02 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2005/06/10 20:46:52 | 000,037,888 | ---- | C] () -- C:\Documents and Settings\Hiromi\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/06/07 19:06:19 | 000,000,061 | ---- | C] () -- C:\WINDOWS\smscfg.ini
[2005/06/07 18:56:38 | 000,000,405 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2005/06/07 18:43:59 | 000,000,004 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare
[2005/06/07 18:17:30 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\stac97co.dll
[2005/06/07 18:16:46 | 000,000,372 | ---- | C] () -- C:\WINDOWS\System32\OEMINFO.INI
[2005/05/12 08:25:24 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2004/08/12 07:44:10 | 000,016,384 | ---- | C] () -- C:\WINDOWS\System32\iwca.dll
[2004/08/10 12:12:05 | 000,000,831 | ---- | C] () -- C:\WINDOWS\orun32.ini
[2004/08/10 12:01:18 | 000,001,793 | ---- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/08/10 11:57:52 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2003/01/07 14:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI
========== LOP Check ==========
[2010/07/28 21:35:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CA
[2010/09/14 20:15:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Radialpoint
[2005/08/20 14:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanAppDataDir
[2005/08/20 14:47:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SSScanWizard
[2007/12/31 17:09:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SupportSoft
[2005/06/07 18:50:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Viewpoint
[2010/04/22 21:19:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Virgin Media
[2010/09/15 21:39:25 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2010/07/28 21:11:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\CallingID
[2005/08/24 22:09:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Canon
[2005/08/20 14:43:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\InterTrust
[2009/06/23 21:30:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Leadertech
[2005/08/20 14:47:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\ScanSoft
[2006/07/15 23:35:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Teleca
[2005/06/10 20:36:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Template
[2005/10/12 17:48:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\unew
[2009/12/31 10:56:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Uniblue
[2009/06/11 20:15:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Viewpoint
[2010/04/22 21:19:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Hiromi\Application Data\Virgin Media
[2010/11/08 10:28:31 | 000,000,292 | ---- | M] () -- C:\WINDOWS\Tasks\iMeshNAG.job
[2005/06/10 16:09:57 | 000,000,258 | ---- | M] () -- C:\WINDOWS\Tasks\ISP signup reminder 1.job
========== Purity Check ==========
========== Custom Scans ==========
< %SYSTEMDRIVE%\*.* >
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT
[2005/06/10 16:09:59 | 000,000,211 | RHS- | M] () -- C:\boot.ini
[2008/07/27 16:09:45 | 000,033,366 | ---- | M] () -- C:\caavsetupLog.txt
[2010/07/28 21:57:04 | 002,430,522 | ---- | M] () -- C:\caisslog.txt
[2010/05/02 21:09:33 | 000,284,862 | ---- | M] () -- C:\cc_20100502_220616.reg
[2010/05/02 21:18:18 | 000,010,800 | ---- | M] () -- C:\cc_20100502_221741.reg
[2004/08/10 12:04:08 | 000,000,000 | ---- | M] () -- C:\CONFIG.SYS
[2007/10/16 19:54:40 | 000,000,081 | ---- | M] () -- C:\CTX.DAT
[2005/06/07 18:21:48 | 000,004,611 | RH-- | M] () -- C:\dell.sdr
[2005/06/10 19:58:17 | 000,004,128 | ---- | M] () -- C:\INFCACHE.1
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\IO.SYS
[2005/06/07 18:50:18 | 000,000,880 | -H-- | M] () -- C:\IPH.PH
[2004/08/10 12:04:08 | 000,000,000 | -H-- | M] () -- C:\MSDOS.SYS
[2004/08/04 04:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM
[2008/09/23 08:45:42 | 000,250,048 | RHS- | M] () -- C:\ntldr
[2010/11/08 10:36:11 | 792,723,456 | -HS- | M] () -- C:\pagefile.sys
< %systemroot%\Fonts\*.com >
< %systemroot%\Fonts\*.dll >
< %systemroot%\Fonts\*.ini >
[2004/08/10 12:03:42 | 000,000,067 | -HS- | M] () -- C:\WINDOWS\Fonts\desktop.ini
< %systemroot%\Fonts\*.ini2 >
< %systemroot%\Fonts\*.exe >
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
[2003/07/29 13:27:40 | 000,078,336 | ---- | M] () -- C:\WINDOWS\system32\spool\prtprocs\w32x86\DLBCPP5C.DLL
[2007/04/09 12:23:54 | 000,028,552 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\spool\prtprocs\w32x86\mdippr.dll
< %systemroot%\REPAIR\*.bak1 >
< %systemroot%\REPAIR\*.ini >
< %systemroot%\system32\*.jpg >
< %systemroot%\*.jpg >
< %systemroot%\*.png >
< %systemroot%\*.scr >
[2009/09/30 08:19:31 | 000,019,689 | ---- | M] () -- C:\WINDOWS\alyjaj.scr
[2009/09/30 08:19:30 | 000,011,165 | ---- | M] () -- C:\WINDOWS\ecuxym.scr
[2009/10/01 20:33:42 | 000,019,212 | ---- | M] () -- C:\WINDOWS\esyd.scr
[2009/09/30 08:08:32 | 000,013,994 | ---- | M] () -- C:\WINDOWS\mamel.scr
[2009/09/30 07:55:11 | 000,012,812 | ---- | M] () -- C:\WINDOWS\mepogi.scr
[2009/10/01 20:33:42 | 000,018,147 | ---- | M] () -- C:\WINDOWS\unyrowygo.scr
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< %systemroot%\*._sy >
[2009/10/01 20:33:43 | 000,014,299 | ---- | M] () -- C:\WINDOWS\iwybytop._sy
[2009/09/30 08:19:27 | 000,017,846 | ---- | M] () -- C:\WINDOWS\odejudines._sy
[2009/09/17 20:04:02 | 000,010,133 | ---- | M] () -- C:\WINDOWS\paciko._sy
[2009/09/18 19:57:12 | 000,018,699 | ---- | M] () -- C:\WINDOWS\tinece._sy
[2009/09/17 20:04:02 | 000,019,710 | ---- | M] () -- C:\WINDOWS\zekomepij._sy
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< %APPDATA%\Adobe\Update\*.* >
< %ALLUSERSPROFILE%\Favorites\*.* >
< %APPDATA%\Microsoft\*.* >
< %PROGRAMFILES%\*.* >
[2008/07/20 21:03:05 | 019,153,264 | ---- | M] () -- C:\Program Files\aaw2008.exe
[2010/07/28 20:54:17 | 001,341,176 | ---- | M] (CA) -- C:\Program Files\am_ca_en.exe
[2010/05/02 20:53:04 | 003,382,520 | ---- | M] (Piriform Ltd) -- C:\Program Files\ccsetup231.exe
[2008/07/27 14:58:48 | 103,893,576 | ---- | M] (CA, Inc. ) -- C:\Program Files\issdm_en_32.exe
[2009/06/02 21:26:50 | 004,909,440 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Silverlight.2.0.exe
[2010/07/28 21:15:04 | 014,646,912 | ---- | M] (CA ) -- C:\Program Files\uk_pct_ca_en_UKDef2010_trial.exe
[2010/04/22 21:15:30 | 003,249,328 | ---- | M] (Virgin Media) -- C:\Program Files\VirginMediaHUB-S.exe
< %APPDATA%\Update\*.* >
< %systemroot%\*. /mp /s >
< %systemroot%\System32\config\*.sav >
[2004/08/10 11:56:48 | 000,094,208 | ---- | M] () -- C:\WINDOWS\system32\config\default.sav
[2004/08/10 11:56:46 | 000,634,880 | ---- | M] () -- C:\WINDOWS\system32\config\software.sav
[2004/08/10 11:56:46 | 000,872,448 | ---- | M] () -- C:\WINDOWS\system32\config\system.sav
< %PROGRAMFILES%\bak. /s >
< %systemroot%\system32\bak. /s >
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
[2008/09/23 08:59:18 | 000,000,272 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\desktop.ini
< %systemroot%\system32\config\systemprofile\*.dat /x >
< %systemroot%\*.config >
< %systemroot%\system32\*.db >
[2009/09/30 07:55:11 | 000,012,053 | ---- | M] () -- C:\WINDOWS\system32\iwenepal.db
[2009/09/18 19:57:13 | 000,016,079 | ---- | M] () -- C:\WINDOWS\system32\kizolaguh.db
[2006/11/28 22:04:13 | 000,000,121 | ---- | M] () -- C:\WINDOWS\system32\SDMonRemoveDB.db
[2006/11/28 22:05:07 | 000,000,139 | ---- | M] () -- C:\WINDOWS\system32\SDRemoveDB.db
[2009/09/18 20:02:23 | 000,016,364 | ---- | M] () -- C:\WINDOWS\system32\usemytox.db
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2005/06/10 16:12:03 | 000,000,119 | -HS- | M] () -- C:\Documents and Settings\Hiromi\Application Data\Microsoft\Internet Explorer\Quick Launch\desktop.ini
[2004/08/10 12:08:38 | 000,000,079 | ---- | M] () -- C:\Documents and Settings\Hiromi\Application Data\Microsoft\Internet Explorer\Quick Launch\Show Desktop.scf
< %USERPROFILE%\Desktop\*.exe >
[2010/11/03 22:10:12 | 002,672,312 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\esetsmartinstaller_enu.exe
[2010/11/07 22:10:48 | 006,153,352 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hiromi\Desktop\mbam-setup-1.46.exe
[2010/11/03 21:50:15 | 006,153,384 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\Hiromi\Desktop\mbam-setup.exe
[2010/11/03 15:10:59 | 013,063,352 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\Hiromi\Desktop\mssefullinstall-x86fre-en-us-xp.exe
[2010/11/03 20:38:43 | 076,859,232 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\std20sasfx.exe
[2005/09/15 22:26:59 | 004,077,184 | ---- | M] () -- C:\Documents and Settings\Hiromi\Desktop\winzip90.exe
< %PROGRAMFILES%\Common Files\*.* >
[2009/09/30 08:19:30 | 000,019,185 | ---- | M] () -- C:\Program Files\Common Files\ahyz.dll
[2009/08/20 20:46:08 | 000,017,387 | ---- | M] () -- C:\Program Files\Common Files\akiguhy.db
[2009/08/20 20:46:08 | 000,015,018 | ---- | M] () -- C:\Program Files\Common Files\amutubiju.com
[2009/08/20 20:46:08 | 000,017,080 | ---- | M] () -- C:\Program Files\Common Files\dimenasek.dat
[2009/09/30 08:19:28 | 000,010,166 | ---- | M] () -- C:\Program Files\Common Files\etesejycu.ban
[2009/08/20 20:46:08 | 000,019,469 | ---- | M] () -- C:\Program Files\Common Files\ewodon.scr
[2009/09/18 19:57:12 | 000,016,389 | ---- | M] () -- C:\Program Files\Common Files\ezoki.bat
[2009/09/30 07:55:11 | 000,012,094 | ---- | M] () -- C:\Program Files\Common Files\furetowupe._sy
[2009/08/20 20:46:08 | 000,015,388 | ---- | M] () -- C:\Program Files\Common Files\hiqunamo._dl
[2009/09/18 19:57:11 | 000,014,694 | ---- | M] () -- C:\Program Files\Common Files\hixowucaj.scr
[2009/09/18 19:57:13 | 000,015,340 | ---- | M] () -- C:\Program Files\Common Files\ifyqicozy.dl
[2009/09/30 08:08:31 | 000,012,240 | ---- | M] () -- C:\Program Files\Common Files\izegy.ban
[2009/10/01 20:33:42 | 000,016,389 | ---- | M] () -- C:\Program Files\Common Files\lotasav.lib
[2009/09/18 19:57:11 | 000,014,571 | ---- | M] () -- C:\Program Files\Common Files\notyva.dl
[2009/10/01 20:33:43 | 000,016,147 | ---- | M] () -- C:\Program Files\Common Files\ofyviq.bin
[2009/08/20 20:46:08 | 000,015,962 | ---- | M] () -- C:\Program Files\Common Files\ojehip.lib
[2009/10/01 20:33:43 | 000,019,400 | ---- | M] () -- C:\Program Files\Common Files\onoxa.reg
[2009/09/18 19:57:12 | 000,015,320 | ---- | M] () -- C:\Program Files\Common Files\oxiwi.sys
[2009/09/18 19:57:11 | 000,017,145 | ---- | M] () -- C:\Program Files\Common Files\pyhyjamypu.lib
[2009/09/18 20:02:26 | 000,014,260 | ---- | M] () -- C:\Program Files\Common Files\qiwuh.dl
[2009/09/30 08:08:28 | 000,012,733 | ---- | M] () -- C:\Program Files\Common Files\soboke.db
[2009/09/18 19:57:12 | 000,017,261 | ---- | M] () -- C:\Program Files\Common Files\tapunihame.lib
[2009/09/30 08:08:28 | 000,011,699 | ---- | M] () -- C:\Program Files\Common Files\toxaf.pif
[2009/09/30 08:08:32 | 000,012,076 | ---- | M] () -- C:\Program Files\Common Files\upibok.sys
[2009/09/30 08:19:28 | 000,016,136 | ---- | M] () -- C:\Program Files\Common Files\vumykup.bin
[2009/09/18 20:02:34 | 000,012,343 | ---- | M] () -- C:\Program Files\Common Files\zecybihehe.sys
< %systemroot%\*.src >
< %systemroot%\install\*.* >
< %systemroot%\system32\DLL\*.* >
< %systemroot%\system32\HelpFiles\*.* >
< %systemroot%\system32\rundll\*.* >
< %systemroot%\winn32\*.* >
< %systemroot%\Java\*.* >
< %systemroot%\system32\test\*.* >
< %systemroot%\system32\Rundll32\*.* >
< %systemroot%\AppPatch\Custom\*.* >
< %APPDATA%\Roaming\Microsoft\Windows\Recent\*.lnk /x >
< %PROGRAMFILES%\PC-Doctor\Downloads\*.* >
< %PROGRAMFILES%\Internet Explorer\*.tmp >
< %PROGRAMFILES%\Internet Explorer\*.dat >
< %USERPROFILE%\My Documents\*.exe >
< %USERPROFILE%\*.exe >
< %systemroot%\ADDINS\*.* >
[2004/08/04 04:00:00 | 000,000,791 | ---- | M] () -- C:\WINDOWS\addins\fxsext.ecf
< %systemroot%\assembly\*.bak2 >
< %systemroot%\Config\*.* >
< %systemroot%\REPAIR\*.bak2 >
< %systemroot%\SECURITY\Database\*.sdb /x >
< %systemroot%\SYSTEM\*.bak2 >
< %systemroot%\Web\*.bak2 >
< %systemroot%\Driver Cache\*.* >
< %PROGRAMFILES%\Mozilla Firefox\0*.exe >
< %ProgramFiles%\Microsoft Common\*.* >
< %ProgramFiles%\TinyProxy. >
< %USERPROFILE%\Favorites\*.url /x >
[2005/06/10 16:12:01 | 000,000,122 | -HS- | M] () -- C:\Documents and Settings\Hiromi\Favorites\Desktop.ini
< %systemroot%\system32\*.bk >
< %systemroot%\*.te >
< %systemroot%\system32\system32\*.* >
< %ALLUSERSPROFILE%\*.dat /x >
< %systemroot%\system32\drivers\*.rmv >
< dir /b "%systemroot%\system32\*.exe" | find /i " " /c >
< dir /b "%systemroot%\*.exe" | find /i " " /c >
< %PROGRAMFILES%\Microsoft\*.* >
< %systemroot%\System32\Wbem\proquota.exe >
< %PROGRAMFILES%\Mozilla Firefox\*.dat >
< %USERPROFILE%\Cookies\*.txt /x >
[2010/08/21 21:50:09 | 000,000,067 | -HS- | M] () -- C:\Documents and Settings\Hiromi\Cookies\desktop.ini
[2010/11/08 10:37:07 | 000,180,224 | -HS- | M] () -- C:\Documents and Settings\Hiromi\Cookies\index.dat
< %SystemRoot%\system32\fonts\*.* >
< %systemroot%\system32\winlog\*.* >
< %systemroot%\system32\Language\*.* >
< %systemroot%\system32\Settings\*.* >
< %systemroot%\system32\*.quo >
< %SYSTEMROOT%\AppPatch\*.exe >
< %SYSTEMROOT%\inf\*.exe >
[2007/06/26 21:10:26 | 000,317,440 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\inf\unregmp2.exe
< %SYSTEMROOT%\Installer\*.exe >
[2004/10/29 20:56:50 | 000,466,944 | ---- | M] (Intel Corporation) -- C:\WINDOWS\Installer\iProInst.exe
[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
< %systemroot%\system32\config\*.bak2 >
< %systemroot%\system32\Computers\*.* >
< %SystemRoot%\system32\Sound\*.* >
< %SystemRoot%\system32\SpecialImg\*.* >
< %SystemRoot%\system32\code\*.* >
< %SystemRoot%\system32\draft\*.* >
< %SystemRoot%\system32\MSSSys\*.* >
< %ProgramFiles%\Javascript\*.* >
< %systemroot%\pchealth\helpctr\System\*.exe /s >
< %systemroot%\Web\*.exe >
< %systemroot%\system32\msn\*.* >
< %systemroot%\system32\*.tro >
< %AppData%\Microsoft\Installer\msupdates\*.* >
< %ProgramFiles%\Messenger\*.exe >
[2008/04/14 00:12:28 | 001,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
< %systemroot%\system32\systhem32\*.* >
< %systemroot%\system\*.exe >
< %USERPROFILE%\Templates\*.tmp >
< %SYSTEMDRIVE%\explorexxx.exe\*.* >
< %Windir%\Installer\*.tmp >
[8 C:\WINDOWS\Installer\*.tmp files -> C:\WINDOWS\Installer\*.tmp -> ]
< %systemroot%\System32\*.xco >
< %ProgramFiles%\system32\*.* >
< %systemroot%\System32\windos\*.* >
< %SystemRoot%\system32\sandbox\*.* >
< %SystemRoot%\system32\*.amo >
< %SystemRoot%\system32\Windows Live\*.* >
< %ProgramFiles%\logs\*.* >
< %ProgramFiles%\Bifrost\*.* >
< %SystemRoot%\system32\*.goo >
< %systemroot%\system32\IME\*.* >
< %systemroot%\BackUp\*.* >
< %systemroot%\system32\*.ico >
[2004/08/10 09:11:00 | 000,022,486 | ---- | M] () -- C:\WINDOWS\system32\lrnxp.ico
[1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ]
< %systemroot%\system\*.dat >
< %systemroot%\system\*.exe >
< %AppData%\Macromedia\Common\*.* >
< %SYSTEMDRIVE%\dir\*.* /s >
< %systemroot%\system32\ras\*.exe >
< %SYSTEMDRIVE%\MFILES\*.* >
< %SYSTEMDRIVE%\mDNSRespon.exe\*.* >
< %systemroot%\system32\services\*.* >
< %systemroot%\Spooler\*.* >
< %ProgramFiles%\system32\*.* >
< %systemroot%\system32\Setup\*.dll /x >
< %systemroot%\system32\*.mine >
< %SYSTEMDRIVE%\cleansweep.exe\*.* >
< %systemroot%\system32\ras\*.dll >
< %systemroot%\system32\ras\*.drv >
< %systemroot%\*.iq >
< %systemroot%\system32\XP\*.* >
< %SYSTEMDRIVE%\Extracted\*.* >
< %systemroot%\system32\windows\*.* >
< %systemroot%\logs\*.* >
< %SYSTEMDRIVE%\Win.Msi\*.* >
< %systemroot%\regedit\*.* >
< %systemroot%\system32\skype\*.* >
< %AppData%\Adobe\dlluplwin25\*.* >
< %UserProfile%\*.dat >
[2010/11/08 10:31:58 | 007,340,032 | -H-- | M] () -- C:\Documents and Settings\Hiromi\NTUSER.DAT
< %UserProfile%\*.dll >
< %systemroot%\system32\*.sxo >
< %SYSTEMDRIVE%\Gazma\*.* /s >
< %systemroot%\system32\spynet\*.* >
< %systemroot%\system32\System\*.* >
< %appdata%\Microsoft\Windows\*.* >
< %systemroot%\system32\WinDir\*.* >
< %systemroot%\_\*.* >
< %systemroot%\system32\windows32\*.* >
< %ProgramFiles%\win\*.* >
< %AppData%\Microsoft\CD Burning\*.* >
< %systemroot%\*.cab >
< %systemroot%\K.Backup\*.* >
< %ProgramFiles%\Massenger\*.* >
< %systemroot%\System32\*.doc >
< %systemroot%\Office12\*.* >
< %systemroot%\System32\Rundl32.exe\*.* >
< %ProgramFiles%\yahoo.net\*.* >
< %systemroot%\system32\*.igo >
< %systemroot%\*.rew >
< %systemroot%\System32\spool\DRIVERS\W32X86\3\*.exe >
[2003/04/30 19:35:14 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBCJSWX.EXE
[2004/04/01 14:30:36 | 000,118,784 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBCPSWX.EXE
[2004/05/27 09:24:38 | 000,100,352 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\DLBCUN5C.EXE
[2001/01/19 19:50:20 | 000,040,960 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\INSTMON.EXE
[2004/03/04 15:30:48 | 000,311,296 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\LEXBCES.EXE
[2000/02/09 12:35:42 | 000,170,496 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lexdrvin.exe
[2002/05/09 18:25:40 | 000,024,576 | ---- | M] () -- C:\WINDOWS\system32\spool\drivers\w32x86\3\lexgo.EXE
[2004/03/04 15:26:20 | 000,174,592 | ---- | M] (Lexmark International, Inc.) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\LEXPPS.EXE
< %USERPROFILE%\.COMMgr\*.* >
< %USERPROFILE%\Desktop\*.bat >
< %PROGRAMFILES%\Common Files\Real\visualizations\*.rpv /x >
< %PROGRAMFILES%\Internet Explorer\*.Jmp >
< %PROGRAMFILES%\Windows NT\system\*.dll >
< %systemroot%\system32\*.ext >
< %systemroot%\system32\Com\*.cfg >
< %systemroot%\system32\btz\*.* >
< %systemroot%\system32\EMP\*.* >
< %systemroot%\system32\expo\*.* >
< %systemroot%\system32\inet2\*.* >
< %systemroot%\system32\xrem\*.* >
< %ProgramFiles%\Microsoft\*.* >
< %systemroot%\usgwmt\*.* >
< %ProgramFiles%\B\*.* >
< %SYSTEMDRIVE%\lspp\*.* >
< %systemroot%\Kral\*.* >
< %SYSTEMDRIVE%\windowsdvd.exe\*.* >
< %systemroot%\system32\*.ipo >
< %SYSTEMDRIVE%\usxxxxxxxx.exe\*.* >
< %systemroot%\system32\*.mof >
< %systemroot%\*.atm >
< %systemroot%\system32\svhost\*.* >
< %ProgramFiles%\system32\*.* >
< %ProgramFiles%\Docmentt\*.* >
< %systemroot%\Help\*.vbs >
< %ProgramFiles%\Windows WinSxs\*.* /s >
< %ProgramFiles%\Outlook Express\IDT\*.* /s >
< %ProgramFiles%\Microsoft Office\365\*.* /s >
< %ProgramFiles%\Windows Live\*.* >
< %systemroot%\system32\win32\*.* >
< %SYSTEMDRIVE%\RECYCLER\*.* >
< %systemroot%\Fresh1\*.* >
< %ProgramFiles%\Kekj\*.* /s >
< %systemroot%\GDU\*.* >
< %systemroot%\KA\*.* >
< %systemroot%\R\*.* >
< %systemroot%\system32\*.fyo >
< %USERPROFILE%\System\*.* >
< %systemroot%\Source\*.* >
< %systemroot%\system32\ac\*.* >
< %ProgramFiles%\MSDN\*.* >
< %AppData%\AdobeUM\winvcldll54\*.* /s >
< %ProgramFiles%\Internet Explorer\*.ico >
< %systemroot%\system32\*.ojo >
< %systemroot%\system32\d323s\*.* >
< %systemroot%\system32\re\*.* >
< %UserProfile%\Microsoft\*.dll >
< %UserProfile%\Microsoft\*.log >
< %systemroot%\Bios\*.* >
< %ProgramFiles%\Spool\*.* >
< %ProgramFiles%\promp3\*.* >
< %SYSTEMDRIVE%\Driver\*.* /s >
< %SYSTEMDRIVE%\inetserver.exe\*.* >
< %systemroot%\java\trustlib\*.* >
< %ProgramFiles%\Common Files\designer\*.exe >
< %ProgramFiles%\*. >
[2009/07/09 21:29:58 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2005/06/07 18:25:14 | 000,000,000 | ---D | M] -- C:\Program Files\Apoint
[2010/09/15 21:28:30 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2005/08/20 14:45:18 | 000,000,000 | ---D | M] -- C:\Program Files\ArcSoft
[2010/09/15 21:24:30 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2005/06/07 18:44:42 | 000,000,000 | ---D | M] -- C:\Program Files\Broadcom
[2010/07/28 21:51:10 | 000,000,000 | ---D | M] -- C:\Program Files\CA
[2005/08/20 14:48:05 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/05/02 20:54:46 | 000,000,000 | ---D | M] -- C:\Program Files\CCleaner
[2010/07/28 21:10:36 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2006/11/26 11:04:56 | 000,000,000 | ---D | M] -- C:\Program Files\CONEXANT
[2005/06/07 18:44:56 | 000,000,000 | ---D | M] -- C:\Program Files\CyberLink
[2005/06/07 18:55:30 | 000,000,000 | ---D | M] -- C:\Program Files\Dell
[2005/07/03 11:00:36 | 000,000,000 | ---D | M] -- C:\Program Files\Dell 720
[2005/06/07 18:48:08 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Computer
[2007/12/31 17:08:55 | 000,000,000 | ---D | M] -- C:\Program Files\Dell Support Center
[2007/04/15 21:17:18 | 000,000,000 | ---D | M] -- C:\Program Files\DellSupport
[2005/06/07 18:43:39 | 000,000,000 | ---D | M] -- C:\Program Files\Digital Line Detect
[2010/11/03 22:11:45 | 000,000,000 | ---D | M] -- C:\Program Files\ESET
[2010/05/02 16:12:03 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2010/07/28 21:12:32 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2005/06/07 18:43:16 | 000,000,000 | ---D | M] -- C:\Program Files\Intel
[2010/10/16 07:03:37 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2010/09/15 21:37:57 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/09/15 21:39:25 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2005/07/03 11:03:45 | 000,000,000 | ---D | M] -- C:\Program Files\Jasc Software Inc
[2010/10/05 21:02:58 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2008/05/03 10:52:07 | 000,000,000 | ---D | M] -- C:\Program Files\Kontiki
[2008/07/27 21:49:53 | 000,000,000 | ---D | M] -- C:\Program Files\Lavasoft
[2010/11/07 22:12:31 | 000,000,000 | ---D | M] -- C:\Program Files\Malwarebytes' Anti-Malware
[2008/09/23 09:31:11 | 000,000,000 | ---D | M] -- C:\Program Files\Messenger
[2005/06/14 21:28:27 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync
[2009/06/10 14:43:44 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft CAPICOM 2.1.0.2
[2004/08/10 12:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage
[2009/08/27 21:03:46 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2010/09/30 21:11:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2005/06/07 18:46:39 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2005/06/14 21:26:05 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2006/11/26 10:55:57 | 000,000,000 | ---D | M] -- C:\Program Files\Modem Helper
[2010/08/11 21:11:31 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker
[2010/11/07 22:43:48 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/08/27 21:03:13 | 000,000,000 | ---D | M] -- C:\Program Files\MSECache
[2004/08/10 12:01:16 | 000,000,000 | ---D | M] -- C:\Program Files\MSN
[2004/08/10 12:01:24 | 000,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone
[2007/09/04 21:59:20 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2005/06/07 19:02:31 | 000,000,000 | ---D | M] -- C:\Program Files\MyWaySA
[2008/09/23 08:50:48 | 000,000,000 | ---D | M] -- C:\Program Files\NetMeeting
[2005/06/07 18:43:32 | 000,000,000 | ---D | M] -- C:\Program Files\NetWaiting
[2004/08/10 12:01:34 | 000,000,000 | ---D | M] -- C:\Program Files\Online Services
[2010/05/13 20:20:06 | 000,000,000 | ---D | M] -- C:\Program Files\Outlook Express
[2010/09/15 21:32:19 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2005/06/07 18:49:27 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2005/08/20 14:46:41 | 000,000,000 | ---D | M] -- C:\Program Files\ScanSoft
[2005/06/07 18:26:52 | 000,000,000 | ---D | M] -- C:\Program Files\Sigmatel
[2005/09/11 17:19:34 | 000,000,000 | ---D | M] -- C:\Program Files\Sonic
[2006/12/06 23:32:45 | 000,000,000 | ---D | M] -- C:\Program Files\SpywareDetector
[2008/07/27 15:37:43 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2008/10/07 21:00:06 | 000,000,000 | ---D | M] -- C:\Program Files\Tiscali
[2006/12/10 02:00:07 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2005/06/07 18:50:07 | 000,000,000 | ---D | M] -- C:\Program Files\Viewpoint
[2010/04/22 21:19:00 | 000,000,000 | ---D | M] -- C:\Program Files\Virgin Media
[2010/09/11 22:06:47 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Connect 2
[2010/09/11 22:12:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2008/09/23 08:50:39 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2005/09/15 22:28:32 | 000,000,000 | ---D | M] -- C:\Program Files\WinZip
[2004/08/10 12:04:18 | 000,000,000 | ---D | M] -- C:\Program Files\xerox
< %systemroot%\system32\*.tso >
< %ALLUSERSPROFILE%\Documents\Server\*.* >
< %systemroot%\*.pif >
[2009/09/30 08:08:29 | 000,019,122 | ---- | M] () -- C:\WINDOWS\ibyxufixu.pif
[2009/09/30 08:08:30 | 000,015,808 | ---- | M] () -- C:\WINDOWS\norejyrez.pif
[2009/09/18 20:02:31 | 000,010,076 | ---- | M] () -- C:\WINDOWS\owidarim.pif
[2009/09/30 08:19:28 | 000,019,454 | ---- | M] () -- C:\WINDOWS\pugimahim.pif
[2009/09/18 20:02:24 | 000,012,842 | ---- | M] () -- C:\WINDOWS\rabe.pif
[2009/08/20 20:46:08 | 000,017,717 | ---- | M] () -- C:\WINDOWS\tedonanac.pif
[2009/09/18 20:02:23 | 000,011,586 | ---- | M] () -- C:\WINDOWS\ytaz.pif
[2004/08/04 04:00:00 | 000,000,707 | ---- | M] () -- C:\WINDOWS\_default.pif
[1 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
< %systemroot%\system32\n7533\*.* >
< %systemroot%\Us18336\*.* >
< %systemroot%\system32\*.zip >
< %systemroot%\system32\*.wgo >
< %systemroot%\system32\dllcache\*.com >
< %systemroot%\system32\dllchache\*.* >
< %systemroot%\system32\038840\*.* >
< %systemroot%\system32\13E92A\*.* >
< %systemroot%\system32\1CB5AD\*.* >
< %systemroot%\system32\52682A\*.* >
< %USERPROFILE%\My Documents\*.htm >
< %SYSTEMDRIVE%\Mr_CF\*.* >
< %USERPROFILE%\My Documents\*.dll >
< %USERPROFILE%\My Documents\*.ccc >
< %systemroot%\system32\Sis\*.* >
< %systemroot%\Microsft\*.* >
< %SYSTEMDRIVE%\driverwinx.exe\*.* >
< %systemroot%\BifroXx\*.* >
< %SYSTEMDRIVE%\TSTP\*.* >
< %systemroot%\winsn\*.* >
< %ProgramFiles%\windata\*.* >
< %SYSTEMDRIVE%\msixxxxxxx.exe\*.* >
< %systemroot%\system32\*.sao >
< %systemroot%\system32\*.iem >
< %systemroot%\system32\*.mdd >
< %systemroot%\system32\*.wlo >
< %systemroot%\system32\*.skn >
< %SYSTEMDRIVE%\Winup\*.* >
< %SYSTEMDRIVE%\test\*.* >
< %systemroot%\system32\med\*.* >
< %systemroot%\Bifrost\*.* >
< %systemroot%\system32\explorer.exe\*.* >
< %UserProfile%\UserData\*.dat /x >
< %SYSTEMDRIVE%\Arquivo de programas\*.* >
< %ProgramFiles%\tcpview\*.* >
< %systemroot%\system32\*.lyo >
< %ProgramFiles%\huanbang2\*.* >
< %systemroot%\winhuanbang\*.* >
< %systemroot%\minrsv.ini\*.* >
< %systemroot%\assembly\GAC\*.* >
< %AppData%\Adobe\crtmswin91\*.* >
< %ProgramFiles%\Windows NT\Accessories\*.exe >
[2010/07/12 12:55:03 | 000,218,112 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows NT\Accessories\wordpad.exe
< %systemroot%\system32\*.pdo >
< %SYSTEMDRIVE%\APPDATASH\*.* >
< %SYSTEMDRIVE%\sy\*.* >
< %systemroot%\*.cot >
< %systemroot%\system32\*.html >
< %systemroot%\system32\win32.exe\*.* >
< %systemroot%\System32\9283\*.* >
< %systemroot%\System32\hardpol\*.* /s >
< %systemroot%\Fonts\*.dat >
< %ProgramFiles%\WinNTsystem operation\*.* >
< %SYSTEMDRIVE%\moneyxmexx.exe\*.* >
< %USERPROFILE%\Templates\*.exe >
< %SYSTEMDRIVE%\MSOCache\*.* >
< %systemroot%\inf\win\*.* >
< %SYSTEMDRIVE%\users\*.ini /x >
< %systemroot%\Media\*.exe >
< %systemroot%\Media\*.dll >
< %AppData%\AdobeUM\upldrvdrv2\*.* >
< %ProgramFiles%\wiselink\*.* >
< %systemroot%\*.wd >
< %systemroot%\boot\*.* >
< %systemroot%\ime\*.dll /x >
< %systemroot%\system32\GroupPolicy\User\Scripts\*.* /s >
< %systemroot%\system32\*.INS >
< %SYSTEMDRIVE%\Temporary\*.* >
< %AppData%\AdobeUM\vclvclupl66\*.* >
< %SYSTEMDRIVE%\KEY\*.* /s >
< %SYSTEMDRIVE%\INVRSO\*.* >
< %systemroot%\Config\Audit\*.* /s >
< %ProgramFiles%\facebook\*.* >
< %SystemRoot%\system32\___hptmp\*.* >
< %SystemRoot%\system32\Macromedia\*.* >
< %SystemRoot%\system32\Macrocmp\*.* >
< %systemroot%\ap0calypse_00CD1A40\*.* /s >
< %SYSTEMDRIVE%\bbotxxxxxx.exe\*.* >
< %systemroot%\cacher\*.* >
< %systemroot%\down\*.* >
< %systemroot%\up\*.* >
< %SYSTEMDRIVE%\bootstartx.exe\*.* >
< %systemroot%\system32\wbem\grpconv.exe >
< %SYSTEMDRIVE%\Zolander\*.* /s >
< %systemroot%\Media_\*.* >
< HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download >
"CheckExeSignatures" = no
"RunInvalidSignatures" = 1
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Telephony\Providers|ProviderFileName6 /rs >
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-10-15 02:15:33
< End of report >
Regards
Rob
Sign In
Create Account
