Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Suspected rootkit - tdsskiller, avg and malwarebytes haven't worke


  • This topic is locked This topic is locked

#1
SG888

SG888

    Member

  • Member
  • PipPip
  • 20 posts
I have been having problems with my computer for the last week and am getting concerned!

Here are the symptoms:

-First noticed that Chrome wouldn't open web pages and would get a window offering to kill pages or wait.
-Then when I started using IE it began to run slowly - as does the whole computer now.
-I also noticed that when the Wireless card was switched on the computer started the 'found new hardware' routine saying 'usb device' 'unable to install' when it is a built in wireless card and the drivers are all installed. I tried to repair the installation using the Dell system utilities disk but the problem persists. Wireless works fine, however.
-I've used Malwarebytes, in safe mode and in normal windows - no results
-I've used AVG 2012 in safe mode and in normal windows - no results
-An AVG rootkit scan revealed some hidden files. I cleaned them using AVG - apologies I don't have the results to say which files they were
-A Kapersky TDSSKiller scan revealed some things, but they all seemed to be normal drivers in system32/drivers
-I've also tried a Spybot search and destroy scan,

The problem persists, my computer continues to be slow and I'm worried there's still something on it.

Below is my OTL scan result

Please help!

OTL logfile created on: 19/10/2011 17:49:26 - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\Sam Ghazaros\My Documents\Downloads
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

3.50 Gb Total Physical Memory | 2.40 Gb Available Physical Memory | 68.59% Memory free
5.34 Gb Paging File | 4.30 Gb Available in Paging File | 80.58% Paging File free
Paging file location(s): C:\pagefile.sys 2046 4092 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 39.06 Gb Total Space | 13.36 Gb Free Space | 34.19% Space Free | Partition Type: NTFS
Drive D: | 72.63 Gb Total Space | 12.33 Gb Free Space | 16.98% Space Free | Partition Type: NTFS
Drive W: | 368.01 Gb Total Space | 297.80 Gb Free Space | 80.92% Space Free | Partition Type: NTFS
Drive Y: | 368.01 Gb Total Space | 297.80 Gb Free Space | 80.92% Space Free | Partition Type: NTFS

Computer Name: THREAD-85B85E0E | User Name: Sam Ghazaros | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/10/19 17:48:49 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Sam Ghazaros\My Documents\Downloads\OTL.exe
PRC - [2011/10/14 13:12:27 | 000,364,544 | ---- | M] (Western Digital Technologies, Inc.) -- C:\WINDOWS\system32\WDBtnMgr.exe
PRC - [2011/10/09 15:23:22 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe
PRC - [2011/10/09 11:54:58 | 000,055,144 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
PRC - [2011/10/07 21:10:19 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
PRC - [2011/10/07 21:10:17 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
PRC - [2011/09/29 08:09:46 | 000,924,632 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
PRC - [2011/09/25 18:59:56 | 001,636,152 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/09/25 18:59:56 | 000,919,352 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/09/23 06:31:50 | 002,404,704 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2011/09/13 06:32:40 | 001,227,616 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe
PRC - [2011/09/08 20:53:26 | 000,743,264 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2011/08/19 06:24:14 | 002,399,560 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgfws.exe
PRC - [2011/08/15 06:21:40 | 000,337,760 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/08/07 20:10:58 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
PRC - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2010/10/21 09:38:32 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe
PRC - [2010/10/21 09:38:32 | 002,953,584 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
PRC - [2010/10/21 09:38:32 | 001,153,392 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
PRC - [2010/10/21 09:38:32 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe
PRC - [2010/03/24 15:42:10 | 000,599,328 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe
PRC - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2009/03/05 16:07:20 | 002,260,480 | RHS- | M] (Safer-Networking Ltd.) -- C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
PRC - [2008/10/14 21:38:56 | 000,623,992 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe
PRC - [2008/04/14 01:12:19 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/04/17 20:48:18 | 000,050,736 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApMsgFwd.exe
PRC - [2007/04/17 19:31:58 | 000,159,744 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\Apoint.exe
PRC - [2007/02/21 11:19:58 | 000,819,200 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\ZCfgSvc.exe
PRC - [2007/02/21 11:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
PRC - [2007/02/21 11:17:42 | 000,970,752 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\iFrmewrk.exe
PRC - [2007/02/21 11:13:26 | 000,487,424 | ---- | M] (Intel Corporation) -- C:\Program Files\Intel\Wireless\Bin\Dot1XCfg.exe
PRC - [2007/02/19 14:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe
PRC - [2007/02/19 14:26:32 | 000,303,104 | ---- | M] (SigmaTel, Inc.) -- C:\WINDOWS\stsystra.exe
PRC - [2007/02/01 09:21:22 | 001,466,368 | ---- | M] () -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe
PRC - [2007/01/30 15:32:42 | 000,102,400 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe
PRC - [2007/01/22 11:53:02 | 000,212,992 | ---- | M] (Wave Systems Corp.) -- C:\Program Files\Wave Systems Corp\SecureUpgrade.exe
PRC - [2006/09/08 15:10:22 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\hidfind.exe
PRC - [2006/09/08 15:06:08 | 000,040,960 | ---- | M] (Alps Electric Co., Ltd.) -- C:\Program Files\DellTPad\ApntEx.exe


========== Modules (No Company Name) ==========

MOD - [2011/10/13 13:24:26 | 008,522,400 | ---- | M] () -- C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
MOD - [2011/10/13 08:06:01 | 011,490,816 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\ca87ba84221991839abbe7d4bc9c6721\mscorlib.ni.dll
MOD - [2011/10/07 21:10:19 | 000,246,600 | ---- | M] () -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe
MOD - [2011/10/07 21:10:17 | 000,218,440 | ---- | M] () -- C:\Program Files\AVG Secure Search\vprot.exe
MOD - [2011/09/29 08:09:46 | 001,833,944 | ---- | M] () -- C:\Program Files\Mozilla Firefox\mozjs.dll
MOD - [2011/09/25 19:01:52 | 000,516,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
MOD - [2011/09/19 20:38:08 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/06/24 22:56:36 | 000,087,328 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/06/24 22:56:14 | 001,241,888 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2010/10/21 09:38:34 | 000,962,416 | ---- | M] () -- C:\Program Files\Tablet\Pen\libxml2.dll
MOD - [2008/04/14 01:11:59 | 000,014,336 | ---- | M] () -- C:\WINDOWS\system32\msdmo.dll
MOD - [2008/04/14 01:11:51 | 000,059,904 | ---- | M] () -- C:\WINDOWS\system32\devenum.dll
MOD - [2007/02/21 11:13:02 | 000,118,784 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\iWMSProv.dll
MOD - [2007/01/31 20:16:50 | 000,237,568 | ---- | M] () -- C:\WINDOWS\system32\AmRes_en.dll
MOD - [2007/01/31 20:11:14 | 000,122,880 | ---- | M] () -- C:\WINDOWS\system32\OEM_Resources.dll
MOD - [2007/01/30 15:31:50 | 000,286,720 | ---- | M] () -- C:\WINDOWS\system32\wxvault.dll
MOD - [2007/01/30 15:30:30 | 000,004,096 | ---- | M] () -- C:\WINDOWS\system32\detoured.dll
MOD - [2006/10/17 16:13:20 | 001,167,360 | ---- | M] () -- C:\Program Files\Intel\Wireless\Bin\acAuth.dll
MOD - [2006/09/25 14:44:32 | 000,073,728 | ---- | M] () -- C:\WINDOWS\system32\pbadrvdll.dll
MOD - [2006/08/18 13:17:36 | 000,056,056 | ---- | M] () -- C:\WINDOWS\system32\DLAAPI_W.DLL
MOD - [2005/10/25 18:57:52 | 000,143,360 | ---- | M] () -- C:\WINDOWS\system32\bioapi_mds300.dll
MOD - [2005/10/25 18:57:52 | 000,106,496 | ---- | M] () -- C:\WINDOWS\system32\bioapi100.dll


========== Win32 Services (SafeList) ==========

SRV - [2011/10/07 21:10:19 | 000,246,600 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\8.0.1\ToolbarUpdater.exe -- (vToolbarUpdater)
SRV - [2011/09/25 18:59:56 | 000,919,352 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/09/12 06:23:46 | 005,265,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\AVGIDSAgent.exe -- (AVGIDSAgent)
SRV - [2011/08/19 06:24:14 | 002,399,560 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgfws.exe -- (avgfws)
SRV - [2011/08/07 20:10:58 | 000,654,848 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Running] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2011/08/07 00:23:45 | 000,079,360 | ---- | M] (SolidWorks) [On_Demand | Stopped] -- C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe -- (SolidWorks Licensing Service)
SRV - [2011/08/02 06:09:08 | 000,192,776 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2010/10/21 09:38:32 | 004,869,488 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV - [2010/10/21 09:38:32 | 000,416,112 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV - [2009/10/24 03:18:54 | 000,360,224 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2007/03/20 16:41:24 | 000,153,792 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3.exe -- (Adobe Version Cue CS3)
SRV - [2007/02/21 11:19:40 | 000,294,912 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe -- (WLANKEEPER) Intel®
SRV - [2007/02/19 14:27:16 | 000,090,112 | ---- | M] (SigmaTel, Inc.) [Auto | Running] -- C:\Program Files\SigmaTel\C-Major Audio\WDM\stacsv.exe -- (STacSV)
SRV - [2007/02/01 09:21:22 | 001,466,368 | ---- | M] () [Auto | Running] -- C:\Program Files\NTRU Cryptosystems\NTRU TCG Software Stack\bin\tcsd_win32.exe -- (tcsd_win32.exe)
SRV - [2007/01/29 21:59:58 | 000,487,424 | ---- | M] (Wave Systems Corp.) [On_Demand | Stopped] -- C:\Program Files\Wave Systems Corp\Secure Storage Manager\SecureStorageService.exe -- (SecureStorageService)


========== Driver Services (SafeList) ==========

DRV - [2011/10/02 16:17:09 | 000,227,312 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\32029\RapportCerberus32_32029.sys -- (RapportCerberus_32029)
DRV - [2011/09/25 19:00:08 | 000,161,936 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/09/25 19:00:08 | 000,070,416 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/09/13 06:30:10 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/08/08 06:08:58 | 000,040,016 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/07/11 01:14:38 | 000,295,248 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2011/07/11 01:14:30 | 000,016,720 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
DRV - [2011/07/11 01:14:28 | 000,024,272 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
DRV - [2011/07/11 01:14:28 | 000,023,120 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
DRV - [2011/07/11 01:14:26 | 000,134,608 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
DRV - [2011/07/11 01:13:46 | 000,229,840 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2011/05/23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwfd)
DRV - [2011/05/23 01:03:20 | 000,030,944 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\avgfwdx.sys -- (Avgfwdx)
DRV - [2010/10/05 13:26:02 | 000,011,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV - [2010/10/05 13:26:00 | 000,014,120 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\wacomvhid.sys -- (wacomvhid)
DRV - [2007/04/19 20:15:20 | 000,132,608 | ---- | M] (Alps Electric Co., Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\Apfiltr.sys -- (ApfiltrService)
DRV - [2007/02/25 06:05:24 | 002,203,520 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\NETw4x32.sys -- (NETw4x32) Intel®
DRV - [2007/02/21 11:16:12 | 000,012,416 | ---- | M] (Intel Corporation) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\s24trans.sys -- (s24trans)
DRV - [2007/02/19 14:27:34 | 001,228,296 | ---- | M] (SigmaTel, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sthda.sys -- (STHDA)
DRV - [2007/02/16 15:46:00 | 000,160,256 | R--- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\b57xp32.sys -- (b57w2k)
DRV - [2007/01/30 17:37:18 | 000,056,320 | ---- | M] (O2Micro) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\oz776.sys -- (guardian2)
DRV - [2006/11/03 00:47:36 | 000,989,696 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_DPV.sys -- (HSF_DPV)
DRV - [2006/11/03 00:47:00 | 000,209,152 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys -- (HSFHWAZL)
DRV - [2006/11/03 00:46:56 | 000,730,112 | R--- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys -- (winachsf)
DRV - [2006/08/28 15:00:44 | 000,019,968 | ---- | M] (Dell Inc) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\PBADRV.sys -- (PBADRV)
DRV - [2006/08/18 13:18:08 | 000,009,400 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLADResM.SYS -- (DLADResM)
DRV - [2006/08/18 13:17:46 | 000,035,096 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABMFSM.SYS -- (DLABMFSM)
DRV - [2006/08/18 13:17:44 | 000,097,848 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDF_M.SYS -- (DLAUDF_M)
DRV - [2006/08/18 13:17:44 | 000,094,648 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAUDFAM.SYS -- (DLAUDFAM)
DRV - [2006/08/18 13:17:42 | 000,026,008 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAOPIOM.SYS -- (DLAOPIOM)
DRV - [2006/08/18 13:17:40 | 000,032,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLABOIOM.SYS -- (DLABOIOM)
DRV - [2006/08/18 13:17:38 | 000,104,472 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAIFS_M.SYS -- (DLAIFS_M)
DRV - [2006/08/18 13:17:38 | 000,014,520 | ---- | M] (Roxio) [File_System | Auto | Running] -- C:\WINDOWS\system32\DLA\DLAPoolM.SYS -- (DLAPoolM)
DRV - [2006/08/11 10:35:18 | 000,012,920 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLACDBHM.SYS -- (DLACDBHM)
DRV - [2006/08/11 10:35:16 | 000,028,184 | ---- | M] (Roxio) [File_System | System | Running] -- C:\WINDOWS\system32\drivers\DLARTL_M.SYS -- (DLARTL_M)
DRV - [2005/10/14 06:54:16 | 000,017,290 | ---- | M] (Broadcom Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\btpmw32.sys -- (BCMTPM)
DRV - [2004/11/05 11:08:06 | 000,670,208 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\hardlock.sys -- (Hardlock)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files\TabletPlugins\npwacom.dll (Wacom, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2011/10/07 21:11:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/10/14 16:06:00 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 7.0.1\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins

[2011/10/13 13:02:28 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Sam Ghazaros\Application Data\Mozilla\Extensions
[2011/10/13 13:02:08 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/10/07 21:11:08 | 000,000,000 | ---D | M] (AVG Safe Search) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX4
[2011/08/18 10:08:41 | 000,000,000 | ---D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/08/07 18:30:12 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\WINDOWS\MICROSOFT.NET\FRAMEWORK\V3.5\WINDOWS PRESENTATION FOUNDATION\DOTNETASSISTANTEXTENSION
[2011/09/29 08:09:46 | 000,134,104 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2011/09/29 02:30:22 | 000,001,538 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\amazon-en-GB.xml
[2011/09/29 02:16:42 | 000,002,252 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\bing.xml
[2011/09/29 02:30:22 | 000,000,947 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\chambers-en-GB.xml
[2011/09/29 02:30:22 | 000,001,180 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\eBay-en-GB.xml
[2011/09/29 02:30:22 | 000,001,135 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-en-GB.xml

O1 HOSTS File: ([2004/08/04 11:00:00 | 000,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
O2 - BHO: (ContributeBHO Class) - {074C1DC5-9320-4A9A-947D-C042949C6216} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O2 - BHO: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Contribute Toolbar) - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files\Adobe\/Adobe Contribute CS3/contributeieplugin.dll ()
O3 - HKLM\..\Toolbar: (AVG Security Toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\8.0.0.34\AVG Secure Search_toolbar.dll ()
O3 - HKCU\..\Toolbar\WebBrowser: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O4 - HKLM..\Run: [] File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files\Adobe\Acrobat 8.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [Adobe_ID0EYTHM] C:\Program Files\Common Files\Adobe\Adobe Version Cue CS3\Server\bin\VersionCueCS3Tray.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe (Alps Electric Co., Ltd.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [Document Manager] C:\Program Files\Wave Systems Corp\Services Manager\DocMgr\bin\docmgr.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [EmbassySecurityCheck] C:\Program Files\Wave Systems Corp\EMBASSY Security Setup\EMBASSYSecurityCheck.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [IntelWireless] C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe (Intel Corporation)
O4 - HKLM..\Run: [IntelZeroConfig] C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe (Intel Corporation)
O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NVHotkey] C:\WINDOWS\System32\nvhotkey.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.dll (NVIDIA Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [PMBVolumeWatcher] C:\Program Files\Sony\PMB\PMBVolumeWatcher.exe (Sony Corporation)
O4 - HKLM..\Run: [SecureUpgrade] C:\Program Files\Wave Systems Corp\SecureUpgrade.exe (Wave Systems Corp.)
O4 - HKLM..\Run: [SigmatelSysTrayApp] C:\WINDOWS\stsystra.exe (SigmaTel, Inc.)
O4 - HKLM..\Run: [vProt] C:\Program Files\AVG Secure Search\vprot.exe ()
O4 - HKLM..\Run: [WD Button Manager] C:\WINDOWS\System32\WDBtnMgr.exe (Western Digital Technologies, Inc.)
O4 - HKCU..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: Append to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert link target to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selected links to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert selection to existing PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O8 - Extra context menu item: Convert to Adobe PDF - C:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll (Adobe Systems Incorporated)
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\System32\biolsp.dll (Wave Systems Corp.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.5.0_06)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_26)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0C941AD2-6DA3-46D1-9C51-4D6D4EE61883}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{402931C4-A519-4BB2-A0D5-8BA9E8D8EB2A}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\8.0.1\ViProtocol.dll ()
O20 - AppInit_DLLs: (wxvault.dll) -C:\WINDOWS\System32\wxvault.dll ()
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: GinaDLL - (waveGina.dll) -C:\WINDOWS\System32\waveGina.dll (Wave Systems Corp)
O30 - LSA: Authentication Packages - (wvauth) -C:\WINDOWS\System32\wvauth.dll (Wave Systems Corp.)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2011/08/06 23:38:27 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O32 - AutoRun File - [2011/08/06 20:27:42 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2011/02/01 15:52:13 | 150,542,356 | ---- | M] () - W:\Autodesk_Sketchbook_Pro_2011_Multilingual_WIN_32bit.exe -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/10/18 14:06:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2011/10/18 08:37:31 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/10/14 16:45:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\iTunes
[2011/10/14 16:43:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/14 16:43:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/14 16:29:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\NetworkService\Application Data\Apple Computer
[2011/10/14 16:04:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\QuickTime
[2011/10/14 13:10:55 | 000,364,544 | ---- | C] (Western Digital Technologies, Inc.) -- C:\WINDOWS\System32\WDBtnMgr.exe
[2011/10/13 13:02:19 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Local Settings\Application Data\Mozilla
[2011/10/13 13:02:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\Mozilla
[2011/10/13 13:02:06 | 000,000,000 | ---D | C] -- C:\Program Files\Mozilla Firefox
[2011/10/13 11:42:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Spybot - Search & Destroy
[2011/10/13 11:42:28 | 000,000,000 | ---D | C] -- C:\Program Files\Spybot - Search & Destroy
[2011/10/13 11:42:28 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy
[2011/10/12 20:31:40 | 000,000,000 | ---D | C] -- C:\tdsskiller
[2011/10/12 17:30:42 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Desktop\cache
[2011/10/12 17:21:06 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\Malwarebytes
[2011/10/12 17:20:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes' Anti-Malware
[2011/10/12 17:20:37 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/10/12 17:20:34 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/10/12 17:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/10/12 17:20:34 | 000,000,000 | ---D | C] -- C:\Program Files\MALWAREBYTES ANTI-MALWARE
[2011/10/12 12:34:03 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\EDrawings
[2011/10/12 12:00:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\SolidWorks 2012
[2011/10/12 12:00:25 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\eDrawings2012
[2011/10/12 11:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Local Settings\Application Data\DassaultSystemes
[2011/10/12 11:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\DassaultSystemes
[2011/10/12 11:55:41 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2011/10/09 12:14:59 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\AVG
[2011/10/09 12:13:56 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/10/07 21:42:42 | 000,000,000 | -H-D | C] -- C:\$AVG
[2011/10/07 21:23:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\AVG Secure Search
[2011/10/07 21:11:58 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\AVG2012
[2011/10/07 21:11:39 | 000,000,000 | ---D | C] -- C:\AVG2012
[2011/10/07 21:11:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\AVG 2012
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-tw
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-cn
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\tr
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sr
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sk
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ru
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt-br
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pl
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\nl
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ms
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\locale
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ko
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ja
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\it
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\id
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\hu
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\fr
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\FF4
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es-es
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\locale\en-US
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\en
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\de
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\da
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\cs
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]\chrome
[2011/10/07 21:10:43 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\extensions\[email protected]
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-tw
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-cn
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\tr
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sr
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sk
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ru
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt-br
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pl
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\nl
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ms
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\locale
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ko
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ja
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\it
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\id
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\hu
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\fr
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\FF4
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es-es
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\locale\en-US
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\en
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\de
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\da
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\cs
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\chrome
[2011/10/07 21:10:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\dllcache\extensions\[email protected]
[2011/10/07 21:10:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\cache
[2011/10/07 21:10:18 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVG Secure Search
[2011/10/07 21:10:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVG Secure Search
[2011/10/07 21:09:31 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/10/07 21:09:31 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\AVG
[2011/10/07 21:08:57 | 000,000,000 | ---D | C] -- C:\Program Files\AVG
[2011/10/07 21:04:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/10/07 21:00:28 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/10/07 20:57:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/10/07 11:38:18 | 000,064,512 | ---- | C] (Lavasoft AB) -- C:\WINDOWS\System32\drivers\Lbd.sys
[2011/10/07 09:25:03 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\Sam Ghazaros\IECompatCache
[2011/10/06 15:57:02 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Sam Ghazaros\Application Data\AVS4YOU
[2011/10/06 15:50:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\AVSMedia
[2011/10/06 15:50:42 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\umdf
[2011/10/06 15:49:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\SxsCaPendDel
[2011/10/06 15:48:17 | 000,000,000 | ---D | C] -- C:\Program Files\AVS4YOU
[2011/10/06 15:48:17 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\AVS4YOU
[2011/10/03 15:27:07 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\nView_Profiles
[2011/10/02 14:30:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\pss
[2011/09/25 19:00:08 | 000,056,336 | ---- | C] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/10/19 13:03:39 | 000,024,804 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/10/19 09:23:02 | 106,837,329 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/10/19 09:21:29 | 000,057,094 | ---- | M] () -- C:\WINDOWS\System32\nvModes.001
[2011/10/19 09:21:21 | 000,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/10/19 09:17:53 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/10/18 17:05:20 | 000,662,734 | ---- | M] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/10/18 14:06:05 | 000,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.tgz
[2011/10/18 14:06:05 | 000,001,025 | ---- | M] () -- C:\WINDOWS\System32\clauth2.dll
[2011/10/18 14:06:05 | 000,001,025 | ---- | M] () -- C:\WINDOWS\System32\clauth1.dll
[2011/10/18 14:06:05 | 000,000,219 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.tgz
[2011/10/18 14:06:05 | 000,000,205 | ---- | M] () -- C:\WINDOWS\System32\lsprst7.dll
[2011/10/18 14:06:05 | 000,000,087 | ---- | M] () -- C:\WINDOWS\System32\ssprs.tgz
[2011/10/18 14:06:05 | 000,000,073 | ---- | M] () -- C:\WINDOWS\System32\ssprs.dll
[2011/10/18 14:06:04 | 000,001,025 | ---- | M] () -- C:\WINDOWS\System32\sysprs7.dll
[2011/10/17 13:32:42 | 000,019,456 | ---- | M] () -- C:\Documents and Settings\Sam Ghazaros\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/10/14 17:12:20 | 000,002,243 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SolidWorks 2007 SP4.0.lnk
[2011/10/14 16:45:10 | 000,001,542 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/14 16:04:39 | 000,001,604 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/10/14 13:12:27 | 000,364,544 | ---- | M] (Western Digital Technologies, Inc.) -- C:\WINDOWS\System32\WDBtnMgr.exe
[2011/10/13 13:02:12 | 000,000,742 | ---- | M] () -- C:\Documents and Settings\Sam Ghazaros\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/13 13:02:11 | 000,000,724 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/10/13 11:42:41 | 000,000,951 | ---- | M] () -- C:\Documents and Settings\Sam Ghazaros\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/10/13 11:42:41 | 000,000,933 | ---- | M] () -- C:\Documents and Settings\Sam Ghazaros\Desktop\Spybot - Search & Destroy.lnk
[2011/10/13 11:09:01 | 000,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2011/10/13 08:09:58 | 001,464,520 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/10/13 08:05:27 | 000,436,014 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/10/13 08:05:27 | 000,068,910 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/10/13 08:01:04 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/10/12 20:30:44 | 001,541,309 | ---- | M] () -- C:\tdsskiller.zip
[2011/10/12 17:30:29 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\Sam Ghazaros\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/10/12 17:20:38 | 000,000,784 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/12 12:00:41 | 000,001,802 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2012.lnk
[2011/10/12 11:53:20 | 002,844,003 | ---- | M] () -- C:\Documents and Settings\Sam Ghazaros\Desktop\stage3v2.easm
[2011/10/12 10:15:00 | 000,057,094 | ---- | M] () -- C:\WINDOWS\System32\nvModes.dat
[2011/10/07 21:11:08 | 000,000,702 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/10/07 21:10:27 | 000,001,073 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\WMPLogo.png
[2011/10/07 21:10:27 | 000,001,073 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\WMPLogo.png
[2011/10/07 21:10:27 | 000,000,818 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\windows.png
[2011/10/07 21:10:27 | 000,000,818 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\windows.png
[2011/10/07 21:10:26 | 000,058,700 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\chrome\avg.jar
[2011/10/07 21:10:26 | 000,058,700 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\chrome\avg.jar
[2011/10/07 21:10:26 | 000,014,336 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\toolbarhomewmp.dll
[2011/10/07 21:10:26 | 000,014,336 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\toolbarhomewmp.dll
[2011/10/07 21:10:26 | 000,011,776 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\FF4\toolbarhomewmp.dll
[2011/10/07 21:10:26 | 000,011,776 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\FF4\toolbarhomewmp.dll
[2011/10/07 21:10:26 | 000,009,125 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\toolbarhomeApi.js
[2011/10/07 21:10:26 | 000,009,125 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\toolbarhomeApi.js
[2011/10/07 21:10:26 | 000,007,719 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioVolBg.png
[2011/10/07 21:10:26 | 000,007,719 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioVolBg.png
[2011/10/07 21:10:26 | 000,007,341 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\configuration_0.xul
[2011/10/07 21:10:26 | 000,007,341 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\configuration_0.xul
[2011/10/07 21:10:26 | 000,006,616 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\EmailNotifier.js
[2011/10/07 21:10:26 | 000,006,616 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\EmailNotifier.js
[2011/10/07 21:10:26 | 000,006,596 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\Preferences.js
[2011/10/07 21:10:26 | 000,006,596 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\Preferences.js
[2011/10/07 21:10:26 | 000,006,494 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\ajax-loader.gif
[2011/10/07 21:10:26 | 000,006,494 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\ajax-loader.gif
[2011/10/07 21:10:26 | 000,004,420 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ru\global.dtd
[2011/10/07 21:10:26 | 000,004,420 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ru\global.dtd
[2011/10/07 21:10:26 | 000,003,856 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ru\global.properties
[2011/10/07 21:10:26 | 000,003,856 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ru\global.properties
[2011/10/07 21:10:26 | 000,003,789 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ja\global.dtd
[2011/10/07 21:10:26 | 000,003,789 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ja\global.dtd
[2011/10/07 21:10:26 | 000,003,752 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt\global.dtd
[2011/10/07 21:10:26 | 000,003,752 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt\global.dtd
[2011/10/07 21:10:26 | 000,003,691 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es-es\global.dtd
[2011/10/07 21:10:26 | 000,003,691 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es-es\global.dtd
[2011/10/07 21:10:26 | 000,003,690 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\fr\global.dtd
[2011/10/07 21:10:26 | 000,003,690 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\fr\global.dtd
[2011/10/07 21:10:26 | 000,003,679 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioBg.png
[2011/10/07 21:10:26 | 000,003,679 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioBg.png
[2011/10/07 21:10:26 | 000,003,675 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es\global.dtd
[2011/10/07 21:10:26 | 000,003,675 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es\global.dtd
[2011/10/07 21:10:26 | 000,003,660 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sr\global.dtd
[2011/10/07 21:10:26 | 000,003,660 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sr\global.dtd
[2011/10/07 21:10:26 | 000,003,636 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\avg.xml
[2011/10/07 21:10:26 | 000,003,636 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\avg.xml
[2011/10/07 21:10:26 | 000,003,614 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sk\global.dtd
[2011/10/07 21:10:26 | 000,003,614 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\cs\global.dtd
[2011/10/07 21:10:26 | 000,003,614 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sk\global.dtd
[2011/10/07 21:10:26 | 000,003,614 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\cs\global.dtd
[2011/10/07 21:10:26 | 000,003,589 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]olbar\modules\locale\hu\global.dtd
[2011/10/07 21:10:26 | 000,003,589 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\hu\global.dtd
[2011/10/07 21:10:26 | 000,003,563 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pl\global.dtd
[2011/10/07 21:10:26 | 000,003,563 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pl\global.dtd
[2011/10/07 21:10:26 | 000,003,562 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ko\global.dtd
[2011/10/07 21:10:26 | 000,003,562 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ko\global.dtd
[2011/10/07 21:10:26 | 000,003,532 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt-br\global.dtd
[2011/10/07 21:10:26 | 000,003,532 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt-br\global.dtd
[2011/10/07 21:10:26 | 000,003,519 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\it\global.dtd
[2011/10/07 21:10:26 | 000,003,519 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\it\global.dtd
[2011/10/07 21:10:26 | 000,003,508 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\tr\global.dtd
[2011/10/07 21:10:26 | 000,003,508 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\tr\global.dtd
[2011/10/07 21:10:26 | 000,003,432 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\nl\global.dtd
[2011/10/07 21:10:26 | 000,003,432 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\nl\global.dtd
[2011/10/07 21:10:26 | 000,003,417 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\id\global.dtd
[2011/10/07 21:10:26 | 000,003,417 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\id\global.dtd
[2011/10/07 21:10:26 | 000,003,377 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\da\global.dtd
[2011/10/07 21:10:26 | 000,003,377 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\da\global.dtd
[2011/10/07 21:10:26 | 000,003,370 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\de\global.dtd
[2011/10/07 21:10:26 | 000,003,370 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\de\global.dtd
[2011/10/07 21:10:26 | 000,003,365 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ms\global.dtd
[2011/10/07 21:10:26 | 000,003,365 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ms\global.dtd
[2011/10/07 21:10:26 | 000,003,344 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-cn\global.dtd
[2011/10/07 21:10:26 | 000,003,344 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-cn\global.dtd
[2011/10/07 21:10:26 | 000,003,299 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\en\global.dtd
[2011/10/07 21:10:26 | 000,003,299 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\locale\en-US\global.dtd
[2011/10/07 21:10:26 | 000,003,299 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\en\global.dtd
[2011/10/07 21:10:26 | 000,003,299 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\locale\en-US\global.dtd
[2011/10/07 21:10:26 | 000,003,233 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-tw\global.dtd
[2011/10/07 21:10:26 | 000,003,233 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-tw\global.dtd
[2011/10/07 21:10:26 | 000,003,225 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ja\global.properties
[2011/10/07 21:10:26 | 000,003,225 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ja\global.properties
[2011/10/07 21:10:26 | 000,003,188 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt\global.properties
[2011/10/07 21:10:26 | 000,003,188 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt\global.properties
[2011/10/07 21:10:26 | 000,003,127 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es-es\global.properties
[2011/10/07 21:10:26 | 000,003,127 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es-es\global.properties
[2011/10/07 21:10:26 | 000,003,126 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\fr\global.properties
[2011/10/07 21:10:26 | 000,003,126 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\fr\global.properties
[2011/10/07 21:10:26 | 000,003,111 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es\global.properties
[2011/10/07 21:10:26 | 000,003,111 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es\global.properties
[2011/10/07 21:10:26 | 000,003,096 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sr\global.properties
[2011/10/07 21:10:26 | 000,003,096 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sr\global.properties
[2011/10/07 21:10:26 | 000,003,050 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sk\global.properties
[2011/10/07 21:10:26 | 000,003,050 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\cs\global.properties
[2011/10/07 21:10:26 | 000,003,050 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sk\global.properties
[2011/10/07 21:10:26 | 000,003,050 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\cs\global.properties
[2011/10/07 21:10:26 | 000,003,025 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\hu\global.properties
[2011/10/07 21:10:26 | 000,003,025 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\hu\global.properties
[2011/10/07 21:10:26 | 000,002,999 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pl\global.properties
[2011/10/07 21:10:26 | 000,002,999 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pl\global.properties
[2011/10/07 21:10:26 | 000,002,998 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ko\global.properties
[2011/10/07 21:10:26 | 000,002,998 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ko\global.properties
[2011/10/07 21:10:26 | 000,002,968 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt-br\global.properties
[2011/10/07 21:10:26 | 000,002,968 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt-br\global.properties
[2011/10/07 21:10:26 | 000,002,955 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\it\global.properties
[2011/10/07 21:10:26 | 000,002,955 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\it\global.properties
[2011/10/07 21:10:26 | 000,002,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\tr\global.properties
[2011/10/07 21:10:26 | 000,002,944 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\tr\global.properties
[2011/10/07 21:10:26 | 000,002,909 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\icon.png
[2011/10/07 21:10:26 | 000,002,909 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\icon.png
[2011/10/07 21:10:26 | 000,002,868 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\nl\global.properties
[2011/10/07 21:10:26 | 000,002,868 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\nl\global.properties
[2011/10/07 21:10:26 | 000,002,853 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\id\global.properties
[2011/10/07 21:10:26 | 000,002,853 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\id\global.properties
[2011/10/07 21:10:26 | 000,002,849 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\questionmarkIcon.png
[2011/10/07 21:10:26 | 000,002,849 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\questionmarkIcon.png
[2011/10/07 21:10:26 | 000,002,813 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\da\global.properties
[2011/10/07 21:10:26 | 000,002,813 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\da\global.properties
[2011/10/07 21:10:26 | 000,002,806 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\de\global.properties
[2011/10/07 21:10:26 | 000,002,806 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\de\global.properties
[2011/10/07 21:10:26 | 000,002,801 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ms\global.properties
[2011/10/07 21:10:26 | 000,002,801 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ms\global.properties
[2011/10/07 21:10:26 | 000,002,780 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-cn\global.properties
[2011/10/07 21:10:26 | 000,002,780 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-cn\global.properties
[2011/10/07 21:10:26 | 000,002,735 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\en\global.properties
[2011/10/07 21:10:26 | 000,002,735 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\locale\en-US\global.properties
[2011/10/07 21:10:26 | 000,002,735 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\en\global.properties
[2011/10/07 21:10:26 | 000,002,735 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\locale\en-US\global.properties
[2011/10/07 21:10:26 | 000,002,669 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-tw\global.properties
[2011/10/07 21:10:26 | 000,002,669 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-tw\global.properties
[2011/10/07 21:10:26 | 000,002,458 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\icon18.png
[2011/10/07 21:10:26 | 000,002,458 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\icon18.png
[2011/10/07 21:10:26 | 000,002,254 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\HistoryCleaner.js
[2011/10/07 21:10:26 | 000,002,254 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\HistoryCleaner.js
[2011/10/07 21:10:26 | 000,001,530 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\install.rdf
[2011/10/07 21:10:26 | 000,001,530 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\install.rdf
[2011/10/07 21:10:26 | 000,001,452 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\avgJsm.js
[2011/10/07 21:10:26 | 000,001,452 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\avgJsm.js
[2011/10/07 21:10:26 | 000,001,377 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\close.png
[2011/10/07 21:10:26 | 000,001,377 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\close.png
[2011/10/07 21:10:26 | 000,001,244 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\information-24.png
[2011/10/07 21:10:26 | 000,001,244 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\information-24.png
[2011/10/07 21:10:26 | 000,001,134 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RealLogo.png
[2011/10/07 21:10:26 | 000,001,134 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RealLogo.png
[2011/10/07 21:10:26 | 000,001,045 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\weather.gif
[2011/10/07 21:10:26 | 000,001,045 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\weather.gif
[2011/10/07 21:10:26 | 000,000,944 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\icon_search.png
[2011/10/07 21:10:26 | 000,000,944 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\icon_search.png
[2011/10/07 21:10:26 | 000,000,902 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\SecuredSearch.png
[2011/10/07 21:10:26 | 000,000,902 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\SecuredSearch.png
[2011/10/07 21:10:26 | 000,000,876 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\help.png
[2011/10/07 21:10:26 | 000,000,876 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\help.png
[2011/10/07 21:10:26 | 000,000,851 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\configuration.js
[2011/10/07 21:10:26 | 000,000,851 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\configuration.js
[2011/10/07 21:10:26 | 000,000,837 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\about.png
[2011/10/07 21:10:26 | 000,000,837 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\about.png
[2011/10/07 21:10:26 | 000,000,816 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\current.png
[2011/10/07 21:10:26 | 000,000,816 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\current.png
[2011/10/07 21:10:26 | 000,000,745 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\note.png
[2011/10/07 21:10:26 | 000,000,745 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\note.png
[2011/10/07 21:10:26 | 000,000,729 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\loader.gif
[2011/10/07 21:10:26 | 000,000,729 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\loader.gif
[2011/10/07 21:10:26 | 000,000,687 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\search.png
[2011/10/07 21:10:26 | 000,000,687 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\search.png
[2011/10/07 21:10:26 | 000,000,685 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\feedback.png
[2011/10/07 21:10:26 | 000,000,685 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\feedback.png
[2011/10/07 21:10:26 | 000,000,672 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\labs.png
[2011/10/07 21:10:26 | 000,000,672 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\labs.png
[2011/10/07 21:10:26 | 000,000,627 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\Facebook.gif
[2011/10/07 21:10:26 | 000,000,627 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\Facebook.gif
[2011/10/07 21:10:26 | 000,000,559 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\propertiesJsm.js
[2011/10/07 21:10:26 | 000,000,559 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\propertiesJsm.js
[2011/10/07 21:10:26 | 000,000,506 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\calc.png
[2011/10/07 21:10:26 | 000,000,506 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\calc.png
[2011/10/07 21:10:26 | 000,000,500 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\feedicon.png
[2011/10/07 21:10:26 | 000,000,500 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\feedicon.png
[2011/10/07 21:10:26 | 000,000,493 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioHandle.png
[2011/10/07 21:10:26 | 000,000,493 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioHandle.png
[2011/10/07 21:10:26 | 000,000,347 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\window-close.png
[2011/10/07 21:10:26 | 000,000,347 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\window-close.png
[2011/10/07 21:10:26 | 000,000,342 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioEqu_on.gif
[2011/10/07 21:10:26 | 000,000,342 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioEqu_on.gif
[2011/10/07 21:10:26 | 000,000,331 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\configuration_0.css
[2011/10/07 21:10:26 | 000,000,331 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\configuration_0.css
[2011/10/07 21:10:26 | 000,000,244 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioPlay_on.png
[2011/10/07 21:10:26 | 000,000,244 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioPlay_on.png
[2011/10/07 21:10:26 | 000,000,241 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioPlay_off.png
[2011/10/07 21:10:26 | 000,000,241 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioPlay_off.png
[2011/10/07 21:10:26 | 000,000,225 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioMenuArrow_off.png
[2011/10/07 21:10:26 | 000,000,225 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioMenuArrow_off.png
[2011/10/07 21:10:26 | 000,000,222 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioStop_on.png
[2011/10/07 21:10:26 | 000,000,222 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioStop_on.png
[2011/10/07 21:10:26 | 000,000,221 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioStop_off.png
[2011/10/07 21:10:26 | 000,000,221 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioStop_off.png
[2011/10/07 21:10:26 | 000,000,216 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioVol.png
[2011/10/07 21:10:26 | 000,000,216 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioVol.png
[2011/10/07 21:10:26 | 000,000,216 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioMenuArrow_on.png
[2011/10/07 21:10:26 | 000,000,216 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioMenuArrow_on.png
[2011/10/07 21:10:26 | 000,000,207 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\IToolbarhomewmp.xpt
[2011/10/07 21:10:26 | 000,000,207 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\FF4\IToolbarhomewmp.xpt
[2011/10/07 21:10:26 | 000,000,207 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\IToolbarhomewmp.xpt
[2011/10/07 21:10:26 | 000,000,207 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\FF4\IToolbarhomewmp.xpt
[2011/10/07 21:10:26 | 000,000,156 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioEqu.png
[2011/10/07 21:10:26 | 000,000,156 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioEqu.png
[2011/10/07 21:10:26 | 000,000,128 | ---- | M] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\sliderWhite.png
[2011/10/07 21:10:26 | 000,000,128 | ---- | M] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\sliderWhite.png
[2011/10/02 14:31:58 | 000,000,211 | -HS- | M] () -- C:\boot.ini
[2011/10/02 13:18:30 | 000,000,064 | ---- | M] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/10/02 13:18:30 | 000,000,044 | ---- | M] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/09/25 19:00:08 | 000,056,336 | ---- | M] (Trusteer Ltd.) -- C:\WINDOWS\System32\drivers\RapportKELL.sys
[7 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
[1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/10/19 13:03:39 | 000,024,804 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavichjg.avm
[2011/10/19 09:23:02 | 106,837,329 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\incavi.avm
[2011/10/18 17:05:20 | 000,662,734 | ---- | C] () -- C:\WINDOWS\System32\drivers\AVG\iavifw.avm
[2011/10/18 14:06:05 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.tgz
[2011/10/18 14:06:05 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth2.dll
[2011/10/18 14:06:05 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\clauth1.dll
[2011/10/18 14:06:05 | 000,000,219 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.tgz
[2011/10/18 14:06:05 | 000,000,087 | ---- | C] () -- C:\WINDOWS\System32\ssprs.tgz
[2011/10/18 14:06:05 | 000,000,073 | ---- | C] () -- C:\WINDOWS\System32\ssprs.dll
[2011/10/18 14:06:04 | 000,001,025 | ---- | C] () -- C:\WINDOWS\System32\sysprs7.dll
[2011/10/18 14:06:04 | 000,000,205 | ---- | C] () -- C:\WINDOWS\System32\lsprst7.dll
[2011/10/14 16:45:10 | 000,001,542 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\iTunes.lnk
[2011/10/14 16:04:39 | 000,001,604 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\QuickTime Player.lnk
[2011/10/13 13:02:12 | 000,000,742 | ---- | C] () -- C:\Documents and Settings\Sam Ghazaros\Application Data\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
[2011/10/13 13:02:11 | 000,000,730 | ---- | C] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
[2011/10/13 13:02:11 | 000,000,724 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk
[2011/10/13 11:42:41 | 000,000,951 | ---- | C] () -- C:\Documents and Settings\Sam Ghazaros\Application Data\Microsoft\Internet Explorer\Quick Launch\Spybot - Search & Destroy.lnk
[2011/10/13 11:42:41 | 000,000,933 | ---- | C] () -- C:\Documents and Settings\Sam Ghazaros\Desktop\Spybot - Search & Destroy.lnk
[2011/10/12 20:30:40 | 001,541,309 | ---- | C] () -- C:\tdsskiller.zip
[2011/10/12 17:20:38 | 000,000,784 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk
[2011/10/12 12:59:50 | 002,844,003 | ---- | C] () -- C:\Documents and Settings\Sam Ghazaros\Desktop\stage3v2.easm
[2011/10/12 12:00:40 | 000,001,802 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\SolidWorks eDrawings 2012.lnk
[2011/10/07 21:11:08 | 000,000,702 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\AVG 2012.lnk
[2011/10/07 21:10:43 | 000,058,700 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\chrome\avg.jar
[2011/10/07 21:10:43 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\toolbarhomewmp.dll
[2011/10/07 21:10:43 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\FF4\toolbarhomewmp.dll
[2011/10/07 21:10:43 | 000,009,125 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\toolbarhomeApi.js
[2011/10/07 21:10:43 | 000,007,719 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioVolBg.png
[2011/10/07 21:10:43 | 000,007,719 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioVolBg.png
[2011/10/07 21:10:43 | 000,007,341 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\configuration_0.xul
[2011/10/07 21:10:43 | 000,006,616 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\EmailNotifier.js
[2011/10/07 21:10:43 | 000,006,596 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\Preferences.js
[2011/10/07 21:10:43 | 000,006,494 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\ajax-loader.gif
[2011/10/07 21:10:43 | 000,004,420 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ru\global.dtd
[2011/10/07 21:10:43 | 000,003,856 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ru\global.properties
[2011/10/07 21:10:43 | 000,003,789 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ja\global.dtd
[2011/10/07 21:10:43 | 000,003,752 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt\global.dtd
[2011/10/07 21:10:43 | 000,003,691 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es-es\global.dtd
[2011/10/07 21:10:43 | 000,003,690 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\fr\global.dtd
[2011/10/07 21:10:43 | 000,003,679 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioBg.png
[2011/10/07 21:10:43 | 000,003,679 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioBg.png
[2011/10/07 21:10:43 | 000,003,675 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es\global.dtd
[2011/10/07 21:10:43 | 000,003,660 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sr\global.dtd
[2011/10/07 21:10:43 | 000,003,636 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\avg.xml
[2011/10/07 21:10:43 | 000,003,614 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sk\global.dtd
[2011/10/07 21:10:43 | 000,003,614 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\cs\global.dtd
[2011/10/07 21:10:43 | 000,003,589 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\hu\global.dtd
[2011/10/07 21:10:43 | 000,003,563 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pl\global.dtd
[2011/10/07 21:10:43 | 000,003,562 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ko\global.dtd
[2011/10/07 21:10:43 | 000,003,532 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt-br\global.dtd
[2011/10/07 21:10:43 | 000,003,519 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\it\global.dtd
[2011/10/07 21:10:43 | 000,003,508 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\tr\global.dtd
[2011/10/07 21:10:43 | 000,003,432 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\nl\global.dtd
[2011/10/07 21:10:43 | 000,003,417 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\id\global.dtd
[2011/10/07 21:10:43 | 000,003,377 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\da\global.dtd
[2011/10/07 21:10:43 | 000,003,370 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\de\global.dtd
[2011/10/07 21:10:43 | 000,003,365 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ms\global.dtd
[2011/10/07 21:10:43 | 000,003,344 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-cn\global.dtd
[2011/10/07 21:10:43 | 000,003,299 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\en\global.dtd
[2011/10/07 21:10:43 | 000,003,299 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\locale\en-US\global.dtd
[2011/10/07 21:10:43 | 000,003,233 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-tw\global.dtd
[2011/10/07 21:10:43 | 000,003,225 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ja\global.properties
[2011/10/07 21:10:43 | 000,003,188 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt\global.properties
[2011/10/07 21:10:43 | 000,003,127 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es-es\global.properties
[2011/10/07 21:10:43 | 000,003,126 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\fr\global.properties
[2011/10/07 21:10:43 | 000,003,111 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\es\global.properties
[2011/10/07 21:10:43 | 000,003,096 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sr\global.properties
[2011/10/07 21:10:43 | 000,003,050 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\sk\global.properties
[2011/10/07 21:10:43 | 000,003,050 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\cs\global.properties
[2011/10/07 21:10:43 | 000,003,025 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\hu\global.properties
[2011/10/07 21:10:43 | 000,002,999 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pl\global.properties
[2011/10/07 21:10:43 | 000,002,998 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ko\global.properties
[2011/10/07 21:10:43 | 000,002,968 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\pt-br\global.properties
[2011/10/07 21:10:43 | 000,002,955 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\it\global.properties
[2011/10/07 21:10:43 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\tr\global.properties
[2011/10/07 21:10:43 | 000,002,909 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\icon.png
[2011/10/07 21:10:43 | 000,002,868 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\nl\global.properties
[2011/10/07 21:10:43 | 000,002,853 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\id\global.properties
[2011/10/07 21:10:43 | 000,002,849 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\questionmarkIcon.png
[2011/10/07 21:10:43 | 000,002,849 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\questionmarkIcon.png
[2011/10/07 21:10:43 | 000,002,813 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\da\global.properties
[2011/10/07 21:10:43 | 000,002,806 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\de\global.properties
[2011/10/07 21:10:43 | 000,002,801 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\ms\global.properties
[2011/10/07 21:10:43 | 000,002,780 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-cn\global.properties
[2011/10/07 21:10:43 | 000,002,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\en\global.properties
[2011/10/07 21:10:43 | 000,002,735 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\locale\en-US\global.properties
[2011/10/07 21:10:43 | 000,002,669 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\locale\zh-tw\global.properties
[2011/10/07 21:10:43 | 000,002,458 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\icon18.png
[2011/10/07 21:10:43 | 000,002,458 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\icon18.png
[2011/10/07 21:10:43 | 000,002,254 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\HistoryCleaner.js
[2011/10/07 21:10:43 | 000,001,530 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\install.rdf
[2011/10/07 21:10:43 | 000,001,452 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\avgJsm.js
[2011/10/07 21:10:43 | 000,001,377 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\close.png
[2011/10/07 21:10:43 | 000,001,244 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\information-24.png
[2011/10/07 21:10:43 | 000,001,244 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\information-24.png
[2011/10/07 21:10:43 | 000,001,134 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RealLogo.png
[2011/10/07 21:10:43 | 000,001,134 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RealLogo.png
[2011/10/07 21:10:43 | 000,001,073 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\WMPLogo.png
[2011/10/07 21:10:43 | 000,001,073 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\WMPLogo.png
[2011/10/07 21:10:43 | 000,001,045 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\weather.gif
[2011/10/07 21:10:43 | 000,001,045 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\weather.gif
[2011/10/07 21:10:43 | 000,000,944 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\icon_search.png
[2011/10/07 21:10:43 | 000,000,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\icon_search.png
[2011/10/07 21:10:43 | 000,000,902 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\SecuredSearch.png
[2011/10/07 21:10:43 | 000,000,902 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\SecuredSearch.png
[2011/10/07 21:10:43 | 000,000,876 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\help.png
[2011/10/07 21:10:43 | 000,000,876 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\help.png
[2011/10/07 21:10:43 | 000,000,851 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\configuration.js
[2011/10/07 21:10:43 | 000,000,837 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\about.png
[2011/10/07 21:10:43 | 000,000,818 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\windows.png
[2011/10/07 21:10:43 | 000,000,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\windows.png
[2011/10/07 21:10:43 | 000,000,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\current.png
[2011/10/07 21:10:43 | 000,000,745 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\note.png
[2011/10/07 21:10:43 | 000,000,745 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\note.png
[2011/10/07 21:10:43 | 000,000,729 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\loader.gif
[2011/10/07 21:10:43 | 000,000,729 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\loader.gif
[2011/10/07 21:10:43 | 000,000,687 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\search.png
[2011/10/07 21:10:43 | 000,000,687 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\search.png
[2011/10/07 21:10:43 | 000,000,685 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\feedback.png
[2011/10/07 21:10:43 | 000,000,685 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\feedback.png
[2011/10/07 21:10:43 | 000,000,672 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\labs.png
[2011/10/07 21:10:43 | 000,000,672 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\labs.png
[2011/10/07 21:10:43 | 000,000,627 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\Facebook.gif
[2011/10/07 21:10:43 | 000,000,559 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\propertiesJsm.js
[2011/10/07 21:10:43 | 000,000,506 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\calc.png
[2011/10/07 21:10:43 | 000,000,500 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\feedicon.png
[2011/10/07 21:10:43 | 000,000,500 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\feedicon.png
[2011/10/07 21:10:43 | 000,000,493 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioHandle.png
[2011/10/07 21:10:43 | 000,000,493 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioHandle.png
[2011/10/07 21:10:43 | 000,000,347 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\window-close.png
[2011/10/07 21:10:43 | 000,000,347 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\window-close.png
[2011/10/07 21:10:43 | 000,000,342 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioEqu_on.gif
[2011/10/07 21:10:43 | 000,000,342 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioEqu_on.gif
[2011/10/07 21:10:43 | 000,000,331 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\configuration_0.css
[2011/10/07 21:10:43 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioPlay_on.png
[2011/10/07 21:10:43 | 000,000,244 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioPlay_on.png
[2011/10/07 21:10:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioPlay_off.png
[2011/10/07 21:10:43 | 000,000,241 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioPlay_off.png
[2011/10/07 21:10:43 | 000,000,225 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioMenuArrow_off.png
[2011/10/07 21:10:43 | 000,000,225 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioMenuArrow_off.png
[2011/10/07 21:10:43 | 000,000,222 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioStop_on.png
[2011/10/07 21:10:43 | 000,000,222 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioStop_on.png
[2011/10/07 21:10:43 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioStop_off.png
[2011/10/07 21:10:43 | 000,000,221 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioStop_off.png
[2011/10/07 21:10:43 | 000,000,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioVol.png
[2011/10/07 21:10:43 | 000,000,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioVol.png
[2011/10/07 21:10:43 | 000,000,216 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioMenuArrow_on.png
[2011/10/07 21:10:43 | 000,000,216 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioMenuArrow_on.png
[2011/10/07 21:10:43 | 000,000,207 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\IToolbarhomewmp.xpt
[2011/10/07 21:10:43 | 000,000,207 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\components\FF4\IToolbarhomewmp.xpt
[2011/10/07 21:10:43 | 000,000,156 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\RadioEqu.png
[2011/10/07 21:10:43 | 000,000,156 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\RadioEqu.png
[2011/10/07 21:10:43 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\drivers\extensions\[email protected]\modules\skin\sliderWhite.png
[2011/10/07 21:10:43 | 000,000,128 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\sliderWhite.png
[2011/10/07 21:10:42 | 000,058,700 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\chrome\avg.jar
[2011/10/07 21:10:42 | 000,014,336 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\toolbarhomewmp.dll
[2011/10/07 21:10:42 | 000,011,776 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\FF4\toolbarhomewmp.dll
[2011/10/07 21:10:42 | 000,009,125 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\toolbarhomeApi.js
[2011/10/07 21:10:42 | 000,007,341 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\configuration_0.xul
[2011/10/07 21:10:42 | 000,006,616 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\EmailNotifier.js
[2011/10/07 21:10:42 | 000,006,596 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\Preferences.js
[2011/10/07 21:10:42 | 000,006,494 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\ajax-loader.gif
[2011/10/07 21:10:42 | 000,004,420 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ru\global.dtd
[2011/10/07 21:10:42 | 000,003,856 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ru\global.properties
[2011/10/07 21:10:42 | 000,003,789 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ja\global.dtd
[2011/10/07 21:10:42 | 000,003,752 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt\global.dtd
[2011/10/07 21:10:42 | 000,003,691 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es-es\global.dtd
[2011/10/07 21:10:42 | 000,003,690 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\fr\global.dtd
[2011/10/07 21:10:42 | 000,003,675 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es\global.dtd
[2011/10/07 21:10:42 | 000,003,660 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sr\global.dtd
[2011/10/07 21:10:42 | 000,003,636 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\avg.xml
[2011/10/07 21:10:42 | 000,003,614 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sk\global.dtd
[2011/10/07 21:10:42 | 000,003,614 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\cs\global.dtd
[2011/10/07 21:10:42 | 000,003,589 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\hu\global.dtd
[2011/10/07 21:10:42 | 000,003,563 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pl\global.dtd
[2011/10/07 21:10:42 | 000,003,562 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ko\global.dtd
[2011/10/07 21:10:42 | 000,003,532 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt-br\global.dtd
[2011/10/07 21:10:42 | 000,003,519 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\it\global.dtd
[2011/10/07 21:10:42 | 000,003,508 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\tr\global.dtd
[2011/10/07 21:10:42 | 000,003,432 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\nl\global.dtd
[2011/10/07 21:10:42 | 000,003,417 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\id\global.dtd
[2011/10/07 21:10:42 | 000,003,377 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\da\global.dtd
[2011/10/07 21:10:42 | 000,003,370 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\de\global.dtd
[2011/10/07 21:10:42 | 000,003,365 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ms\global.dtd
[2011/10/07 21:10:42 | 000,003,344 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-cn\global.dtd
[2011/10/07 21:10:42 | 000,003,299 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\en\global.dtd
[2011/10/07 21:10:42 | 000,003,299 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\locale\en-US\global.dtd
[2011/10/07 21:10:42 | 000,003,233 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-tw\global.dtd
[2011/10/07 21:10:42 | 000,003,225 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ja\global.properties
[2011/10/07 21:10:42 | 000,003,188 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt\global.properties
[2011/10/07 21:10:42 | 000,003,127 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es-es\global.properties
[2011/10/07 21:10:42 | 000,003,126 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\fr\global.properties
[2011/10/07 21:10:42 | 000,003,111 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\es\global.properties
[2011/10/07 21:10:42 | 000,003,096 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sr\global.properties
[2011/10/07 21:10:42 | 000,003,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\sk\global.properties
[2011/10/07 21:10:42 | 000,003,050 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\cs\global.properties
[2011/10/07 21:10:42 | 000,003,025 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\hu\global.properties
[2011/10/07 21:10:42 | 000,002,999 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pl\global.properties
[2011/10/07 21:10:42 | 000,002,998 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ko\global.properties
[2011/10/07 21:10:42 | 000,002,968 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\pt-br\global.properties
[2011/10/07 21:10:42 | 000,002,955 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\it\global.properties
[2011/10/07 21:10:42 | 000,002,944 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\tr\global.properties
[2011/10/07 21:10:42 | 000,002,909 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\icon.png
[2011/10/07 21:10:42 | 000,002,868 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\nl\global.properties
[2011/10/07 21:10:42 | 000,002,853 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\id\global.properties
[2011/10/07 21:10:42 | 000,002,813 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\da\global.properties
[2011/10/07 21:10:42 | 000,002,806 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\de\global.properties
[2011/10/07 21:10:42 | 000,002,801 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\ms\global.properties
[2011/10/07 21:10:42 | 000,002,780 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-cn\global.properties
[2011/10/07 21:10:42 | 000,002,735 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\en\global.properties
[2011/10/07 21:10:42 | 000,002,735 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\locale\en-US\global.properties
[2011/10/07 21:10:42 | 000,002,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\locale\zh-tw\global.properties
[2011/10/07 21:10:42 | 000,002,254 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\HistoryCleaner.js
[2011/10/07 21:10:42 | 000,001,530 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\install.rdf
[2011/10/07 21:10:42 | 000,001,452 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\avgJsm.js
[2011/10/07 21:10:42 | 000,001,377 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\close.png
[2011/10/07 21:10:42 | 000,000,851 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\configuration.js
[2011/10/07 21:10:42 | 000,000,837 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\about.png
[2011/10/07 21:10:42 | 000,000,816 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\current.png
[2011/10/07 21:10:42 | 000,000,627 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\Facebook.gif
[2011/10/07 21:10:42 | 000,000,559 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\propertiesJsm.js
[2011/10/07 21:10:42 | 000,000,506 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\skin\calc.png
[2011/10/07 21:10:42 | 000,000,331 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\modules\configuration_0.css
[2011/10/07 21:10:42 | 000,000,207 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\IToolbarhomewmp.xpt
[2011/10/07 21:10:42 | 000,000,207 | ---- | C] () -- C:\WINDOWS\System32\dllcache\extensions\[email protected]\components\FF4\IToolbarhomewmp.xpt
[2011/08/19 09:27:07 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\getpntid.exe
[2011/08/17 20:15:03 | 000,175,616 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2011/08/10 09:08:50 | 000,000,064 | ---- | C] () -- C:\WINDOWS\System32\rp_stats.dat
[2011/08/10 09:08:50 | 000,000,044 | ---- | C] () -- C:\WINDOWS\System32\rp_rules.dat
[2011/08/08 12:35:06 | 000,019,456 | ---- | C] () -- C:\Documents and Settings\Sam Ghazaros\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/08/07 21:02:34 | 000,056,056 | ---- | C] () -- C:\WINDOWS\System32\DLAAPI_W.DLL
[2011/08/07 21:02:34 | 000,000,169 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2011/08/07 20:52:44 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2011/08/07 20:21:10 | 002,463,976 | ---- | C] () -- C:\WINDOWS\System32\NPSWF32.dll
[2011/08/06 23:03:04 | 000,000,000 | ---- | C] () -- C:\WINDOWS\eDrawingOfficeAutomator.INI
[2011/08/06 22:13:46 | 000,004,212 | -H-- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/08/06 21:13:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\pbadrvdll.dll
[2011/08/06 21:12:38 | 001,736,704 | ---- | C] () -- C:\WINDOWS\System32\Tsp1.dll
[2011/08/06 21:10:57 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\bioapi_mds300.dll
[2011/08/06 21:10:57 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\bioapi100.dll
[2011/08/06 20:55:39 | 000,057,094 | ---- | C] () -- C:\WINDOWS\System32\nvModes.dat
[2011/08/06 20:55:04 | 001,626,112 | ---- | C] () -- C:\WINDOWS\System32\nwiz.exe
[2011/08/06 20:55:04 | 001,019,904 | ---- | C] () -- C:\WINDOWS\System32\nvwimg.dll
[2011/08/06 20:55:03 | 001,703,936 | ---- | C] () -- C:\WINDOWS\System32\nvwdmcpl.dll
[2011/08/06 20:55:01 | 001,018,748 | ---- | C] () -- C:\WINDOWS\System32\nvucode.bin
[2011/08/06 20:55:01 | 000,466,944 | ---- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2011/08/06 20:54:59 | 001,474,560 | ---- | C] () -- C:\WINDOWS\System32\nview.dll
[2011/08/06 20:54:58 | 001,339,392 | ---- | C] () -- C:\WINDOWS\System32\nvdspsch.exe
[2011/08/06 20:54:53 | 000,442,368 | ---- | C] () -- C:\WINDOWS\System32\nvappbar.exe
[2011/08/06 20:54:50 | 000,425,984 | ---- | C] () -- C:\WINDOWS\System32\keystone.exe
[2011/08/06 20:48:29 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2011/08/06 20:45:59 | 001,464,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/08/06 20:33:41 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2011/08/06 20:22:34 | 000,021,640 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2007/01/31 20:16:50 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_en.dll
[2007/01/31 20:11:14 | 000,122,880 | ---- | C] () -- C:\WINDOWS\System32\OEM_Resources.dll
[2007/01/31 20:08:44 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_es.dll
[2007/01/31 20:08:36 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ko.dll
[2007/01/31 20:08:26 | 000,253,952 | ---- | C] () -- C:\WINDOWS\System32\AmRes_de.dll
[2007/01/31 20:08:18 | 000,237,568 | ---- | C] () -- C:\WINDOWS\System32\AmRes_pt-BR.dll
[2007/01/31 20:08:08 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_fr.dll
[2007/01/31 20:08:00 | 000,233,472 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ja.dll
[2007/01/31 20:07:50 | 000,266,240 | ---- | C] () -- C:\WINDOWS\System32\AmRes_ru.dll
[2007/01/31 20:07:42 | 000,249,856 | ---- | C] () -- C:\WINDOWS\System32\AmRes_it.dll
[2007/01/31 20:07:34 | 000,217,088 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHS.dll
[2007/01/31 20:07:24 | 000,212,992 | ---- | C] () -- C:\WINDOWS\System32\AmRes_zh-CHT.dll
[2007/01/31 13:09:46 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_pt.dll
[2007/01/31 13:09:26 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHT.dll
[2007/01/31 13:09:06 | 000,077,824 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ko.dll
[2007/01/31 13:08:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_es.dll
[2007/01/31 13:08:26 | 000,090,112 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ru.dll
[2007/01/31 13:08:06 | 000,081,920 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_ja.dll
[2007/01/31 13:07:46 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_it.dll
[2007/01/31 13:07:26 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_de.dll
[2007/01/31 13:07:04 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_fr.dll
[2007/01/31 13:06:46 | 000,073,728 | ---- | C] () -- C:\WINDOWS\System32\Internationalization_zh-CHS.dll
[2007/01/30 15:31:50 | 000,286,720 | ---- | C] () -- C:\WINDOWS\System32\wxvault.dll
[2007/01/30 15:30:30 | 000,004,096 | ---- | C] () -- C:\WINDOWS\System32\detoured.dll
[2007/01/02 09:14:20 | 000,835,584 | ---- | C] () -- C:\WINDOWS\System32\DemoLicense.dll
[2006/11/09 22:07:44 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\px.ini
[2006/09/16 23:36:50 | 000,520,192 | ---- | C] () -- C:\WINDOWS\System32\CddbPlaylist2Roxio.dll
[2006/09/16 23:36:50 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\CddbFileTaggerRoxio.dll
[2006/08/14 11:02:10 | 000,072,192 | ---- | C] () -- C:\WINDOWS\System32\xltZlib.dll
[2006/06/13 16:35:32 | 000,053,760 | ---- | C] () -- C:\WINDOWS\System32\zlib.dll
[2005/03/22 00:48:05 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/03/22 00:48:05 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/09/10 12:34:00 | 000,917,504 | ---- | C] () -- C:\WINDOWS\System32\lmgr10.dll
[2004/09/10 12:34:00 | 000,057,344 | ---- | C] () -- C:\WINDOWS\System32\ADsSecurity.dll
[2004/08/04 11:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/08/04 11:00:00 | 000,436,014 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/08/04 11:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/08/04 11:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/08/04 11:00:00 | 000,068,910 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/08/04 11:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/04 11:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/08/04 11:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/08/04 11:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/08/04 11:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2003/01/07 15:05:08 | 000,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI

========== LOP Check ==========

[2011/08/06 23:41:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alias
[2011/10/18 10:00:31 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVG2012
[2011/10/07 21:00:28 | 000,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\Common Files
[2011/10/12 11:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DassaultSystemes
[2011/10/19 09:23:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\MFAData
[2011/10/18 14:06:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Minnetonka Audio Software
[2011/08/06 21:10:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\NTRU Cryptosystems
[2011/10/16 21:48:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2011/08/25 09:41:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Trusteer
[2011/08/06 21:16:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Wave Systems Corp
[2011/08/07 21:28:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521}
[2011/08/06 23:40:40 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\Autodesk
[2011/10/09 12:17:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\AVG
[2011/10/07 21:23:21 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\AVG Secure Search
[2011/10/07 21:11:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\AVG2012
[2011/10/12 11:55:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\DassaultSystemes
[2011/08/06 23:03:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\DWGeditor
[2011/10/12 12:34:03 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\EDrawings
[2011/08/18 22:04:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\Pegasys Inc
[2011/08/25 09:43:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\Trusteer
[2011/10/19 09:35:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Sam Ghazaros\Application Data\Wave Systems Corp

========== Purity Check ==========



========== Alternate Data Streams ==========

@Alternate Data Stream - 137 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:0B4227B4

< End of report >
  • 1

Advertisements


#2
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Hi not a great deal showing there, so I would like to recheck the MBR before I decide on my next approach

Download aswMBR.exe ( 1.8mb ) to your desktop.
Double click the aswMBR.exe to run it Click the "Scan" button to start scan

Posted Image

On completion of the scan click save log, save it to your desktop and post in your next reply

Posted Image
  • 0

#3
SG888

SG888

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Thanks Essexboy,

Here is the log file I got from MBR (I think that the avast definitions didn't download) but I'll run it again with the avast definitions and post it if its much different.

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-10-19 21:14:21
-----------------------------
21:14:21.031 OS Version: Windows 5.1.2600 Service Pack 3
21:14:21.031 Number of processors: 2 586 0xF0A
21:14:21.031 ComputerName: THREAD-85B85E0E UserName: Sam Ghazaros
21:14:24.203 Initialize success
21:14:43.875 AVAST engine download error: 0
21:14:53.640 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-e
21:14:53.640 Disk 0 Vendor: ST9120823ASG 3.ADD Size: 114473MB BusType: 3
21:14:55.671 Disk 0 MBR read successfully
21:14:55.671 Disk 0 MBR scan
21:14:55.671 Disk 0 Windows XP default MBR code
21:14:55.687 Disk 0 scanning sectors +234436545
21:14:55.859 Disk 0 scanning C:\WINDOWS\system32\drivers
21:15:18.312 Service scanning
21:15:19.890 Modules scanning
21:15:34.984 Disk 0 trace - called modules:
21:15:35.000 ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
21:15:35.000 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b0e1698]
21:15:35.000 3 CLASSPNP.SYS[ba108fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-e[0x8b10bd98]
21:15:35.500 Scan finished successfully
21:16:22.843 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Sam Ghazaros\Desktop\MBR.dat"
21:16:22.843 The log file has been saved successfully to "C:\Documents and Settings\Sam Ghazaros\Desktop\aswMBR.txt"
  • 0

#4
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Not a problem as the MBR shows clear. If this programme finds nothing - as I believe - we will then look at trying to speed up the system

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

* IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here
  • Double click on ComboFix.exe & follow the prompts.

  • Double click on ComboFix.exe & follow the prompts.
  • Accept the disclaimer and allow to update if it asks

    Posted Image

    Posted Image
  • When finished, it shall produce a log for you.
  • Please include the C:\ComboFix.txt in your next reply.

Notes:
1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.


Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now
  • 0

#5
SG888

SG888

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
I ran combofix and it took quite a while. It finished by deleting a load of files (to my slight concern!) then it restarted the computer. This morning I logged in:
It gives an option to start recovery console or start windows xp prof
If I leave it it starts automatically
It beeps and says A specified authentification package is unknown
Sometimes I start to logbin normally
Then I get blue screen saying:
Stop: c000021a fatal system error
The windows login process system process terminated unexpectedly with a status of 0x0000005 (0x00000000 0x00000000).
The system has been shut down

What now?!

I click ok
It appears to start up
  • 0

#6
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
Does the computer boot normally after this ?

Could you post the combofix log please (it will be at C:\combofix.txt)
  • 0

#7
SG888

SG888

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
No, sorry the end of that post was jumbled up. The computer won't boot up at all - just blue screen of death. I tried safe modebut the same thing happens unfortunately.
  • 0

#8
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK you will need to burn a CD I am afraid as I will need to get into windows sideways as it were

OK next we will work outside of windows then Please print these instruction out so that you know what you are doing
  • Download OTLPENet.exe to your desktop
  • Download this scan.txt to a usb drive [attachment=53072:scan.txt]
  • Ensure that you have a blank CD in the drive
  • Double click OTLPENet.exe and this will then open imgburn to burn the file to CD
  • Reboot your system using the boot CD you just created.Note : If you do not know how to set your computer to boot from CD follow the steps here
  • As the CD needs to detect your hardware and load the operating system, I would recommend a nice cup of tea whilst it loads :)
  • Your system should now display a Reatogo desktop.Note : as you are running from CD it is not exactly speedy
  • Double-click on the OTLPE icon.
  • Select the Windows folder of the infected drive if it asks for a location
  • When asked "Do you wish to load the remote registry", select Yes
  • When asked "Do you wish to load remote user profile(s) for scanning", select Yes
  • Ensure the box "Automatically Load All Remaining Users" is checked and press OK
  • OTL should now start
  • Drag and drop this attached scan.txt into the Custom scans and fixes box, or double click the scan box
  • Press Run Scan to start the scan.
  • When finished, the file will be saved in drive C:\OTL.txt
  • Copy this file to your USB drive if you do not have internet connection on this system
  • Right click the file and select send to : select the USB drive.
  • Confirm that it has copied to the USB drive by selecting it
  • You can backup any files that you wish from this OS
  • Please post the contents of the C:\OTL.txt file in your reply.

  • 0

#9
SG888

SG888

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Ok thanks! I might have to do that tomorrow... Unless there's an alternative. This is my work computer and I do have the windows disk from Dell with me... I don't suppose that would help?
  • 0

#10
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts

A specified authentification package is unknown

This indicates to me where the problem probably resides and OTL should be able to clear it, although why Combofix didn't I need to determine

If you have access to the recovery console we could try that could you reboot to the safe mode menu and let me know if there is a recovery console option
  • 0

Advertisements


#11
SG888

SG888

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
There Does seem to be a recovery console. I've selected it from the menu and it's saying:

Microsoft windows recovery console.
The recovery console provides system repair and recovery functionality.
Type exit to quit the recovery console and restart computer.



1: c:\windows

Which windows installation would you like to log onto
(to cancel, press enter)
  • 0

#12
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK lets try this method first

1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter:

cd erdnt\subs


6. At the next prompt, type the following bolded text, and press Enter:

batch erdnt.con

7. The erunt backups will begin copying.
8. At the next prompt, type the following bolded text, and press Enter:

exit

Windows will now begin loading.
  • 0

#13
SG888

SG888

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
Ok thanks. Done thatand windows began loading but did the same thing with the blue screen and the same message...
  • 0

#14
Essexboy

Essexboy

    GeekU Moderator

  • Retired Staff
  • 69,964 posts
OK earlier set

1. Restart your computer
2. Before Windows loads, you will be prompted to choose which Operating System to start
3. Use the up and down arrow key to select Microsoft Windows Recovery Console
4. You must enter which Windows installation to log onto. Type 1 and press enter.
5. At the C:\Windows prompt, type the following bolded text, and press Enter:

C:\WINDOWS\ERDNT\Hiv-backup\erdnt.exe

Follow the prompts
  • 0

#15
SG888

SG888

    Member

  • Topic Starter
  • Member
  • PipPip
  • 20 posts
I've. Tried that and it says tgat the command is not recognized.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP