Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Trojan Malware Has Taken Over My PC [Solved]


  • This topic is locked This topic is locked

#16
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Rick_F,

How is your system now? Any problems?

Step 1

Please read carefully and follow these steps.

Download TDSSKiller.zip from Kaspersky and save it to your Desktop.
  • Extract the zip file to its own folder.
  • Double click TDSSKiller.exe to run the program (Run as Administrator for Vista/Windows 7).
  • Click Start scan to start scanning.
  • If infection is detected, the default setting for "action" should be Cure
    • (If suspicious file is detected please click on it and change it to Skip).
  • Click Continue button
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
    • If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
Step 2


Download aswMBR.exe ( 511KB ) to your desktop.


  • Double click the aswMBR.exe to run it
  • Click the "Scan" button to start scan
  • On completion of the scan click save log, save it to your desktop and post in your next reply

Step 3


Please don't forget to include these items in your reply:


  • TDSSKiller log
  • aswMBR log
It would be helpful if you could post each log in separate post
  • 0

Advertisements


#17
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi maliprog,

The PC boots OK but apart from desktop customization (desktop setting was lost) and access tp Programs (Start-> All Programs->Program->'(Empty)')). The result is that I cannot access install programs.

The bottom line is taht this is not crital as long as I can access my data so that. if necessary. I can rebuild the PC.

OK, first of the 3 logs.

TDSS Report:

12:54:49.0109 2964 TDSS rootkit removing tool 2.6.21.0 Nov 24 2011 12:32:44
12:54:50.0890 2964 ============================================================
12:54:50.0890 2964 Current date / time: 2011/12/04 12:54:50.0890
12:54:50.0890 2964 SystemInfo:
12:54:50.0890 2964
12:54:50.0890 2964 OS Version: 5.1.2600 ServicePack: 3.0
12:54:50.0890 2964 Product type: Workstation
12:54:50.0890 2964 ComputerName: USER-94BF4B7558
12:54:50.0890 2964 UserName: one10
12:54:50.0890 2964 Windows directory: C:\WINDOWS
12:54:50.0890 2964 System windows directory: C:\WINDOWS
12:54:50.0890 2964 Processor architecture: Intel x86
12:54:50.0890 2964 Number of processors: 2
12:54:50.0890 2964 Page size: 0x1000
12:54:50.0890 2964 Boot type: Normal boot
12:54:50.0890 2964 ============================================================
12:54:53.0734 2964 Initialize success
12:55:13.0968 1720 ============================================================
12:55:13.0968 1720 Scan started
12:55:13.0968 1720 Mode: Manual; SigCheck; TDLFS;
12:55:13.0968 1720 ============================================================
12:55:14.0671 1720 43944992 - ok
12:55:14.0734 1720 Aavmker4 (b6de0336f9f4b687b4ff57939f7b657a) C:\WINDOWS\system32\drivers\Aavmker4.sys
12:55:15.0031 1720 Aavmker4 - ok
12:55:15.0046 1720 Abiosdsk - ok
12:55:15.0062 1720 abp480n5 - ok
12:55:15.0125 1720 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys
12:55:15.0281 1720 ACPI - ok
12:55:15.0343 1720 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys
12:55:15.0515 1720 ACPIEC - ok
12:55:15.0531 1720 adpu160m - ok
12:55:15.0625 1720 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys
12:55:15.0765 1720 aec - ok
12:55:15.0828 1720 AFD (1e44bc1e83d8fd2305f8d452db109cf9) C:\WINDOWS\System32\drivers\afd.sys
12:55:15.0890 1720 AFD - ok
12:55:15.0906 1720 Aha154x - ok
12:55:15.0937 1720 aic78u2 - ok
12:55:15.0953 1720 aic78xx - ok
12:55:16.0000 1720 AliIde - ok
12:55:16.0031 1720 amsint - ok
12:55:16.0062 1720 asc - ok
12:55:16.0093 1720 asc3350p - ok
12:55:16.0109 1720 asc3550 - ok
12:55:16.0187 1720 aswFsBlk (054df24c92b55427e0757cfff160e4f2) C:\WINDOWS\system32\drivers\aswFsBlk.sys
12:55:16.0218 1720 aswFsBlk - ok
12:55:16.0250 1720 aswMon2 (ef0e9ad83380724bd6fbbb51d2d0f5b8) C:\WINDOWS\system32\drivers\aswMon2.sys
12:55:16.0265 1720 aswMon2 - ok
12:55:16.0296 1720 aswRdr (352d5a48ebab35a7693b048679304831) C:\WINDOWS\system32\drivers\aswRdr.sys
12:55:16.0328 1720 aswRdr - ok
12:55:16.0375 1720 aswSnx (8d34d2b24297e27d93e847319abfdec4) C:\WINDOWS\system32\drivers\aswSnx.sys
12:55:16.0406 1720 aswSnx - ok
12:55:16.0468 1720 aswSP (010012597333da1f46c3243f33f8409e) C:\WINDOWS\system32\drivers\aswSP.sys
12:55:16.0484 1720 aswSP - ok
12:55:16.0546 1720 aswTdi (f9f84364416658e9786235904d448d37) C:\WINDOWS\system32\drivers\aswTdi.sys
12:55:16.0578 1720 aswTdi - ok
12:55:16.0609 1720 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys
12:55:16.0796 1720 AsyncMac - ok
12:55:16.0875 1720 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys
12:55:17.0031 1720 atapi - ok
12:55:17.0046 1720 Atdisk - ok
12:55:17.0093 1720 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys
12:55:17.0265 1720 Atmarpc - ok
12:55:17.0343 1720 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys
12:55:17.0500 1720 audstub - ok
12:55:17.0609 1720 bcm4sbxp (e727776a56a51b7e6b7c87c02ea8b405) C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
12:55:17.0640 1720 bcm4sbxp - ok
12:55:17.0718 1720 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys
12:55:17.0843 1720 Beep - ok
12:55:18.0046 1720 catchme - ok
12:55:18.0093 1720 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys
12:55:18.0265 1720 cbidf2k - ok
12:55:18.0328 1720 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys
12:55:18.0468 1720 CCDECODE - ok
12:55:18.0484 1720 cd20xrnt - ok
12:55:18.0546 1720 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys
12:55:18.0687 1720 Cdaudio - ok
12:55:18.0765 1720 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys
12:55:18.0906 1720 Cdfs - ok
12:55:19.0000 1720 Cdrom (1f4260cc5b42272d71f79e570a27a4fe) C:\WINDOWS\system32\DRIVERS\cdrom.sys
12:55:19.0187 1720 Cdrom - ok
12:55:19.0218 1720 cerc6 - ok
12:55:19.0234 1720 Changer - ok
12:55:19.0296 1720 CmdIde - ok
12:55:19.0343 1720 Cpqarray - ok
12:55:19.0546 1720 cpuz132 - ok
12:55:19.0625 1720 ctljystk (71007bd2e1e26927fe3e4eb00c0beedf) C:\WINDOWS\system32\DRIVERS\ctljystk.sys
12:55:19.0796 1720 ctljystk - ok
12:55:19.0812 1720 dac2w2k - ok
12:55:19.0843 1720 dac960nt - ok
12:55:19.0890 1720 Disk (044452051f3e02e7963599fc8f4f3e25) C:\WINDOWS\system32\DRIVERS\disk.sys
12:55:20.0046 1720 Disk - ok
12:55:20.0203 1720 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys
12:55:20.0406 1720 dmboot - ok
12:55:20.0468 1720 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\DRIVERS\dmio.sys
12:55:20.0609 1720 dmio - ok
12:55:20.0671 1720 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys
12:55:20.0843 1720 dmload - ok
12:55:20.0968 1720 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys
12:55:21.0359 1720 DMusic - ok
12:55:21.0625 1720 dpti2o - ok
12:55:21.0703 1720 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys
12:55:21.0859 1720 drmkaud - ok
12:55:21.0937 1720 emu10k (01f83e1b5dce05f5cb7d99113ca9e890) C:\WINDOWS\system32\drivers\emu10k1m.sys
12:55:22.0140 1720 emu10k - ok
12:55:22.0156 1720 emu10k1 (7ffa171cce6a8bfc774862a578ba39a2) C:\WINDOWS\system32\drivers\ctlfacem.sys
12:55:22.0343 1720 emu10k1 - ok
12:55:22.0453 1720 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys
12:55:22.0609 1720 Fastfat - ok
12:55:22.0703 1720 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys
12:55:22.0859 1720 Fdc - ok
12:55:22.0890 1720 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys
12:55:23.0046 1720 Fips - ok
12:55:23.0062 1720 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys
12:55:23.0218 1720 Flpydisk - ok
12:55:23.0250 1720 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys
12:55:23.0421 1720 FltMgr - ok
12:55:23.0468 1720 Fs_Rec (3e1e2bd4f39b0e2b7dc4f4d2bcc2779a) C:\WINDOWS\system32\drivers\Fs_Rec.sys
12:55:23.0656 1720 Fs_Rec - ok
12:55:23.0671 1720 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys
12:55:23.0828 1720 Ftdisk - ok
12:55:23.0843 1720 gameenum (065639773d8b03f33577f6cdaea21063) C:\WINDOWS\system32\DRIVERS\gameenum.sys
12:55:24.0015 1720 gameenum - ok
12:55:24.0062 1720 GEARAspiWDM (8182ff89c65e4d38b2de4bb0fb18564e) C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
12:55:24.0093 1720 GEARAspiWDM - ok
12:55:24.0171 1720 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys
12:55:24.0312 1720 Gpc - ok
12:55:24.0328 1720 GTNDIS5 - ok
12:55:24.0468 1720 hidusb (ccf82c5ec8a7326c3066de870c06daf1) C:\WINDOWS\system32\DRIVERS\hidusb.sys
12:55:24.0625 1720 hidusb - ok
12:55:24.0656 1720 hpn - ok
12:55:24.0750 1720 HTTP (f80a415ef82cd06ffaf0d971528ead38) C:\WINDOWS\system32\Drivers\HTTP.sys
12:55:24.0781 1720 HTTP - ok
12:55:24.0812 1720 i2omgmt - ok
12:55:24.0828 1720 i2omp - ok
12:55:24.0875 1720 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys
12:55:25.0046 1720 Imapi - ok
12:55:25.0078 1720 ini910u - ok
12:55:25.0140 1720 IntelIde (b5466a9250342a7aa0cd1fba13420678) C:\WINDOWS\system32\DRIVERS\intelide.sys
12:55:25.0281 1720 IntelIde - ok
12:55:25.0359 1720 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys
12:55:25.0515 1720 intelppm - ok
12:55:25.0562 1720 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys
12:55:25.0718 1720 Ip6Fw - ok
12:55:25.0781 1720 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
12:55:25.0921 1720 IpFilterDriver - ok
12:55:25.0953 1720 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys
12:55:26.0125 1720 IpInIp - ok
12:55:26.0171 1720 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys
12:55:26.0343 1720 IpNat - ok
12:55:26.0421 1720 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys
12:55:26.0578 1720 IPSec - ok
12:55:26.0640 1720 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys
12:55:26.0718 1720 IRENUM - ok
12:55:26.0781 1720 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys
12:55:26.0937 1720 isapnp - ok
12:55:27.0078 1720 ISWKL (5c7c9ea45700f5187f71eb7b0dab18c5) C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys
12:55:27.0093 1720 ISWKL - ok
12:55:27.0156 1720 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys
12:55:27.0312 1720 Kbdclass - ok
12:55:27.0390 1720 kbdhid (9ef487a186dea361aa06913a75b3fa99) C:\WINDOWS\system32\DRIVERS\kbdhid.sys
12:55:27.0531 1720 kbdhid - ok
12:55:27.0609 1720 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys
12:55:27.0765 1720 kmixer - ok
12:55:27.0843 1720 KSecDD (b467646c54cc746128904e1654c750c1) C:\WINDOWS\system32\drivers\KSecDD.sys
12:55:27.0906 1720 KSecDD - ok
12:55:27.0937 1720 lbrtfdc - ok
12:55:28.0046 1720 MBAMProtector (69a6268d7f81e53d568ab4e7e991caf3) C:\WINDOWS\system32\drivers\mbam.sys
12:55:28.0062 1720 MBAMProtector - ok
12:55:28.0140 1720 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys
12:55:28.0312 1720 mnmdd - ok
12:55:28.0375 1720 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys
12:55:28.0578 1720 Modem - ok
12:55:28.0593 1720 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys
12:55:28.0765 1720 Mouclass - ok
12:55:28.0781 1720 mouhid (b1c303e17fb9d46e87a98e4ba6769685) C:\WINDOWS\system32\DRIVERS\mouhid.sys
12:55:28.0937 1720 mouhid - ok
12:55:28.0968 1720 MountMgr (a80b9a0bad1b73637dbcbba7df72d3fd) C:\WINDOWS\system32\drivers\MountMgr.sys
12:55:29.0500 1720 MountMgr - ok
12:55:29.0734 1720 mraid35x - ok
12:55:29.0812 1720 MRxDAV (11d42bb6206f33fbb3ba0288d3ef81bd) C:\WINDOWS\system32\DRIVERS\mrxdav.sys
12:55:30.0031 1720 MRxDAV - ok
12:55:30.0093 1720 MRxSmb (7d304a5eb4344ebeeab53a2fe3ffb9f0) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
12:55:30.0171 1720 MRxSmb - ok
12:55:30.0218 1720 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys
12:55:30.0390 1720 Msfs - ok
12:55:30.0453 1720 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys
12:55:30.0593 1720 MSKSSRV - ok
12:55:30.0625 1720 msloop (64e8b7c65eb4796939c0f64f8170821b) C:\WINDOWS\system32\DRIVERS\loop.sys
12:55:30.0796 1720 msloop - ok
12:55:30.0843 1720 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys
12:55:31.0015 1720 MSPCLOCK - ok
12:55:31.0046 1720 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys
12:55:31.0218 1720 MSPQM - ok
12:55:31.0250 1720 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys
12:55:31.0390 1720 mssmbios - ok
12:55:31.0437 1720 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys
12:55:31.0593 1720 MSTEE - ok
12:55:31.0625 1720 Mup (de6a75f5c270e756c5508d94b6cf68f5) C:\WINDOWS\system32\drivers\Mup.sys
12:55:31.0687 1720 Mup - ok
12:55:31.0734 1720 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys
12:55:31.0921 1720 NABTSFEC - ok
12:55:32.0000 1720 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys
12:55:32.0125 1720 NDIS - ok
12:55:32.0218 1720 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys
12:55:32.0359 1720 NdisIP - ok
12:55:32.0421 1720 NdisTapi (0109c4f3850dfbab279542515386ae22) C:\WINDOWS\system32\DRIVERS\ndistapi.sys
12:55:32.0468 1720 NdisTapi - ok
12:55:32.0531 1720 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys
12:55:32.0671 1720 Ndisuio - ok
12:55:32.0687 1720 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys
12:55:32.0859 1720 NdisWan - ok
12:55:32.0921 1720 NDProxy (9282bd12dfb069d3889eb3fcc1000a9b) C:\WINDOWS\system32\drivers\NDProxy.sys
12:55:32.0937 1720 NDProxy - ok
12:55:33.0078 1720 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys
12:55:33.0234 1720 NetBIOS - ok
12:55:33.0312 1720 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys
12:55:33.0437 1720 NetBT - ok
12:55:33.0531 1720 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys
12:55:33.0687 1720 Npfs - ok
12:55:33.0781 1720 Ntfs (78a08dd6a8d65e697c18e1db01c5cdca) C:\WINDOWS\system32\drivers\Ntfs.sys
12:55:33.0968 1720 Ntfs - ok
12:55:34.0062 1720 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys
12:55:34.0203 1720 Null - ok
12:55:34.0281 1720 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
12:55:34.0437 1720 NwlnkFlt - ok
12:55:34.0453 1720 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
12:55:34.0609 1720 NwlnkFwd - ok
12:55:34.0640 1720 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\DRIVERS\parport.sys
12:55:34.0796 1720 Parport - ok
12:55:34.0812 1720 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys
12:55:34.0968 1720 PartMgr - ok
12:55:35.0015 1720 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys
12:55:35.0156 1720 ParVdm - ok
12:55:35.0234 1720 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys
12:55:35.0390 1720 PCI - ok
12:55:35.0406 1720 PCIDump - ok
12:55:35.0468 1720 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\drivers\PCIIde.sys
12:55:35.0640 1720 PCIIde - ok
12:55:35.0703 1720 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys
12:55:35.0859 1720 Pcmcia - ok
12:55:35.0875 1720 PDCOMP - ok
12:55:35.0906 1720 PDFRAME - ok
12:55:35.0937 1720 PDRELI - ok
12:55:35.0984 1720 PDRFRAME - ok
12:55:36.0015 1720 perc2 - ok
12:55:36.0046 1720 perc2hib - ok
12:55:36.0203 1720 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys
12:55:36.0375 1720 PptpMiniport - ok
12:55:36.0421 1720 PSched (09298ec810b07e5d582cb3a3f9255424) C:\WINDOWS\system32\DRIVERS\psched.sys
12:55:36.0562 1720 PSched - ok
12:55:36.0593 1720 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys
12:55:36.0750 1720 Ptilink - ok
12:55:36.0765 1720 ql1080 - ok
12:55:36.0796 1720 Ql10wnt - ok
12:55:36.0828 1720 ql12160 - ok
12:55:36.0843 1720 ql1240 - ok
12:55:36.0875 1720 ql1280 - ok
12:55:37.0062 1720 RapportCerberus_32301 (2fccc769cdba34c6ab6183aa4d2f7519) C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\32301\RapportCerberus32_32301.sys
12:55:37.0093 1720 RapportCerberus_32301 - ok
12:55:37.0281 1720 RapportEI (90bc0b9ef6106b8f5f762bdf4f0ad723) C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys
12:55:37.0296 1720 RapportEI - ok
12:55:37.0359 1720 RapportIaso (dd3e4610de9252a957c5bd19bdf47ac4) c:\documents and settings\all users\application data\trusteer\rapport\store\exts\rapportms\28896\rapportiaso.sys
12:55:37.0375 1720 RapportIaso - ok
12:55:37.0468 1720 RapportPG (a16ba67cf3f448bd163246dd725b7ffc) C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys
12:55:37.0484 1720 RapportPG - ok
12:55:37.0765 1720 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys
12:55:37.0906 1720 RasAcd - ok
12:55:37.0968 1720 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
12:55:38.0109 1720 Rasl2tp - ok
12:55:38.0140 1720 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys
12:55:38.0328 1720 RasPppoe - ok
12:55:38.0375 1720 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys
12:55:38.0562 1720 Raspti - ok
12:55:38.0640 1720 Rdbss (7ad224ad1a1437fe28d89cf22b17780a) C:\WINDOWS\system32\DRIVERS\rdbss.sys
12:55:38.0796 1720 Rdbss - ok
12:55:38.0828 1720 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
12:55:39.0000 1720 RDPCDD - ok
12:55:39.0078 1720 rdpdr (15cabd0f7c00c47c70124907916af3f1) C:\WINDOWS\system32\DRIVERS\rdpdr.sys
12:55:39.0250 1720 rdpdr - ok
12:55:39.0312 1720 RDPWD (fc105dd312ed64eb66bff111e8ec6eac) C:\WINDOWS\system32\drivers\RDPWD.sys
12:55:39.0343 1720 RDPWD - ok
12:55:39.0390 1720 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys
12:55:39.0546 1720 redbook - ok
12:55:39.0687 1720 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys
12:55:39.0796 1720 Secdrv - ok
12:55:39.0890 1720 senfilt (b9c7617c1e8ab6fdff75d3c8dafcb4c8) C:\WINDOWS\system32\drivers\senfilt.sys
12:55:39.0937 1720 senfilt - ok
12:55:40.0015 1720 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys
12:55:40.0187 1720 serenum - ok
12:55:40.0218 1720 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys
12:55:40.0359 1720 Serial - ok
12:55:40.0437 1720 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys
12:55:40.0593 1720 Sfloppy - ok
12:55:40.0671 1720 sfman (0b1a5e9cacb5cdd54a2815107bd7c772) C:\WINDOWS\system32\drivers\sfmanm.sys
12:55:40.0828 1720 sfman - ok
12:55:40.0875 1720 Simbad - ok
12:55:40.0937 1720 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys
12:55:41.0125 1720 SLIP - ok
12:55:41.0156 1720 smwdm (c6d9959e493682f872a639b6ec1b4a08) C:\WINDOWS\system32\drivers\smwdm.sys
12:55:41.0203 1720 smwdm - ok
12:55:41.0218 1720 Sparrow - ok
12:55:41.0312 1720 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys
12:55:41.0468 1720 splitter - ok
12:55:41.0578 1720 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys
12:55:41.0640 1720 sr - ok
12:55:41.0734 1720 Srv (47ddfc2f003f7f9f0592c6874962a2e7) C:\WINDOWS\system32\DRIVERS\srv.sys
12:55:41.0765 1720 Srv - ok
12:55:41.0890 1720 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys
12:55:42.0062 1720 streamip - ok
12:55:42.0171 1720 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys
12:55:42.0328 1720 swenum - ok
12:55:42.0406 1720 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys
12:55:42.0562 1720 swmidi - ok
12:55:42.0593 1720 symc810 - ok
12:55:42.0625 1720 symc8xx - ok
12:55:42.0656 1720 sym_hi - ok
12:55:42.0687 1720 sym_u3 - ok
12:55:42.0765 1720 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys
12:55:42.0906 1720 sysaudio - ok
12:55:42.0984 1720 Tcpip (9aefa14bd6b182d61e3119fa5f436d3d) C:\WINDOWS\system32\DRIVERS\tcpip.sys
12:55:43.0062 1720 Tcpip - ok
12:55:43.0140 1720 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys
12:55:43.0296 1720 TDPIPE - ok
12:55:43.0312 1720 TDTCP (c56b6d0402371cf3700eb322ef3aaf61) C:\WINDOWS\system32\drivers\TDTCP.sys
12:55:43.0500 1720 TDTCP - ok
12:55:43.0562 1720 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys
12:55:43.0718 1720 TermDD - ok
12:55:43.0765 1720 TosIde - ok
12:55:43.0875 1720 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys
12:55:44.0031 1720 Udfs - ok
12:55:44.0046 1720 ultra - ok
12:55:44.0125 1720 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys
12:55:44.0328 1720 Update - ok
12:55:44.0437 1720 usbaudio (e919708db44ed8543a7c017953148330) C:\WINDOWS\system32\drivers\usbaudio.sys
12:55:44.0609 1720 usbaudio - ok
12:55:44.0687 1720 usbccgp (173f317ce0db8e21322e71b7e60a27e8) C:\WINDOWS\system32\DRIVERS\usbccgp.sys
12:55:44.0843 1720 usbccgp - ok
12:55:44.0890 1720 usbehci (65dcf09d0e37d4c6b11b5b0b76d470a7) C:\WINDOWS\system32\DRIVERS\usbehci.sys
12:55:45.0046 1720 usbehci - ok
12:55:45.0093 1720 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys
12:55:45.0281 1720 usbhub - ok
12:55:45.0343 1720 usbprint (a717c8721046828520c9edf31288fc00) C:\WINDOWS\system32\DRIVERS\usbprint.sys
12:55:45.0484 1720 usbprint - ok
12:55:45.0546 1720 usbscan (a0b8cf9deb1184fbdd20784a58fa75d4) C:\WINDOWS\system32\DRIVERS\usbscan.sys
12:55:45.0687 1720 usbscan - ok
12:55:45.0750 1720 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
12:55:45.0921 1720 USBSTOR - ok
12:55:45.0968 1720 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys
12:55:46.0140 1720 usbuhci - ok
12:55:46.0203 1720 usbvideo (63bbfca7f390f4c49ed4b96bfb1633e0) C:\WINDOWS\system32\Drivers\usbvideo.sys
12:55:46.0343 1720 usbvideo - ok
12:55:46.0406 1720 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys
12:55:46.0593 1720 VgaSave - ok
12:55:46.0609 1720 ViaIde - ok
12:55:46.0640 1720 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys
12:55:46.0796 1720 VolSnap - ok
12:55:46.0937 1720 vsdatant (050c38ebb22512122e54b47dc278bccd) C:\WINDOWS\system32\vsdatant.sys
12:55:46.0984 1720 vsdatant - ok
12:55:47.0109 1720 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys
12:55:47.0265 1720 Wanarp - ok
12:55:47.0281 1720 WDICA - ok
12:55:47.0359 1720 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys
12:55:47.0515 1720 wdmaud - ok
12:55:47.0750 1720 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS
12:55:47.0890 1720 WSTCODEC - ok
12:55:48.0000 1720 WudfPf (f15feafffbb3644ccc80c5da584e6311) C:\WINDOWS\system32\DRIVERS\WudfPf.sys
12:55:48.0046 1720 WudfPf - ok
12:55:48.0062 1720 WudfRd (28b524262bce6de1f7ef9f510ba3985b) C:\WINDOWS\system32\DRIVERS\wudfrd.sys
12:55:48.0093 1720 WudfRd - ok
12:55:48.0187 1720 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0
12:55:48.0359 1720 \Device\Harddisk0\DR0 - ok
12:55:48.0359 1720 Boot (0x1200) (873a285386fd391fac1c1473eb13ccff) \Device\Harddisk0\DR0\Partition0
12:55:48.0359 1720 \Device\Harddisk0\DR0\Partition0 - ok
12:55:48.0375 1720 ============================================================
12:55:48.0375 1720 Scan finished
12:55:48.0375 1720 ============================================================
12:55:48.0500 1332 Detected object count: 0
12:55:48.0500 1332 Actual detected object count: 0
  • 0

#18
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
aswMBR (before fix) log:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-04 12:57:14
-----------------------------
12:57:14.421 OS Version: Windows 5.1.2600 Service Pack 3
12:57:14.421 Number of processors: 2 586 0x304
12:57:14.421 ComputerName: USER-94BF4B7558 UserName: one10
12:57:16.296 Initialize success
12:57:16.531 AVAST engine defs: 11120400
12:57:42.250 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
12:57:42.250 Disk 0 Vendor: WDC_WD1600JD-75HBB0 08.02D08 Size: 152587MB BusType: 3
12:57:44.296 Disk 0 MBR read successfully
12:57:44.296 Disk 0 MBR scan
12:57:44.312 Disk 0 Windows XP default MBR code
12:57:44.328 Disk 0 scanning sectors +268414020
12:57:44.421 Disk 0 scanning C:\WINDOWS\system32\drivers
12:57:53.281 Service scanning
12:57:53.968 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
12:57:54.515 Modules scanning
12:58:00.125 Disk 0 trace - called modules:
12:58:00.171 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
12:58:00.187 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b185ab8]
12:58:00.203 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8b19cd98]
12:58:00.515 AVAST engine scan C:\
14:42:29.375 Scan finished successfully
14:49:56.796 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\one10\Desktop\MBR.dat"
14:49:56.812 The log file has been saved successfully to "C:\Documents and Settings\one10\Desktop\aswMBR_pre_fix.txt"
  • 0

#19
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
aswMBR (post-fix) log:

aswMBR version 0.9.8.986 Copyright© 2011 AVAST Software
Run date: 2011-12-04 14:50:27
-----------------------------
14:50:27.968 OS Version: Windows 5.1.2600 Service Pack 3
14:50:27.968 Number of processors: 2 586 0x304
14:50:27.968 ComputerName: USER-94BF4B7558 UserName: one10
14:50:29.312 Initialize success
14:50:29.671 AVAST engine defs: 11120400
14:50:40.187 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-17
14:50:40.203 Disk 0 Vendor: WDC_WD1600JD-75HBB0 08.02D08 Size: 152587MB BusType: 3
14:50:42.281 Disk 0 MBR read successfully
14:50:42.281 Disk 0 MBR scan
14:50:42.296 Disk 0 Windows XP default MBR code
14:50:42.312 Disk 0 scanning sectors +268414020
14:50:42.562 Disk 0 scanning C:\WINDOWS\system32\drivers
14:51:00.125 Service scanning
14:51:00.921 Service vsdatant C:\WINDOWS\System32\vsdatant.sys **LOCKED** 32
14:51:01.453 Modules scanning
14:51:48.640 Disk 0 trace - called modules:
14:51:48.718 ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll intelide.sys PCIIDEX.SYS
14:51:48.734 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8b185ab8]
14:51:48.750 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-17[0x8b19cd98]
14:51:50.156 AVAST engine scan C:\
17:50:15.906 Scan finished successfully
18:30:16.609 Verifying
18:30:26.656 Disk 0 Windows 501 MBR fixed successfully
18:30:44.015 Verifying
18:30:54.109 Disk 0 Windows 501 MBR fixed successfully
18:31:24.156 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\one10\Desktop\MBR.dat"
18:31:24.171 The log file has been saved successfully to "C:\Documents and Settings\one10\Desktop\aswMBRpost_fix.txt"
  • 0

#20
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Hi Rick_F,

Step 1

Download Unhide.exe from here to your desktop and run ti. It should unhide all your files.

Do you see/access your installed programs now in Start menu?

Step 2

  • Run OTL.
  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open notepad window. OTL.Txt. These are saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file, and post it with your next reply.
Step 3


Please don't forget to include these items in your reply:


  • OTL log
It would be helpful if you could post each log in separate post
  • 0

#21
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi maliprog,

I ran unhide (anti-virus turned off) and checked the installed programs but they were as before (i.e. Start->AllPrograms->Program name->(Empty).

I have also checked for access via the Programs folder (I tried to run Mozilla Firefox but it returned an error message recommending program re-installation).

OTL log will be on the next post,
  • 0

#22
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
OTL log:

OTL logfile created on: 12/5/2011 12:01:53 - Run 3
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\one10\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.49 Gb Available Physical Memory | 83.23% Memory free
6.84 Gb Paging File | 6.44 Gb Available in Paging File | 94.25% Paging File free
Paging file location(s): c:\pagefile.sys 4093 4093 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 75.22 Gb Free Space | 58.77% Space Free | Partition Type: NTFS

Computer Name: USER-94BF4B7558 | User Name: one10 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/29 11:09:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\one10\Desktop\OTL.exe
PRC - [2011/11/28 18:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/09/25 18:59:56 | 001,636,152 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/09/25 18:59:56 | 000,919,352 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010/11/16 17:46:04 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/11/05 11:41:52 | 000,488,952 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010/11/05 11:41:48 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009/03/04 14:52:58 | 000,202,016 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\O2\bin\sprtsvc.exe
PRC - [2008/07/25 12:34:50 | 000,018,944 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Printer\Center\KodakSvc.exe
PRC - [2008/07/18 12:08:22 | 001,306,624 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/10 14:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\Pixart\PAP7501\GUCI_AVS.exe
PRC - [2001/08/17 21:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/04 16:46:48 | 001,642,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120401\algo.dll
MOD - [2011/11/29 15:40:55 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120401\aswRep.dll
MOD - [2011/09/19 20:38:08 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/07/12 08:26:28 | 000,516,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/25 18:59:56 | 000,919,352 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Magnum\mbamservice.exe -- (MBAMService)
SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/11/05 11:41:52 | 000,488,952 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010/09/24 16:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/03/04 14:52:58 | 000,202,016 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\O2\bin\sprtsvc.exe -- (sprtsvc_O2) SupportSoft Sprocket Service (O2)
SRV - [2008/07/25 12:34:50 | 000,018,944 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\printer\center\KodakSvc.exe -- (KodakSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 17:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 17:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 17:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 17:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 17:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 17:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 17:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/10/19 08:03:43 | 000,227,312 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\32301\RapportCerberus32_32301.sys -- (RapportCerberus_32301)
DRV - [2011/09/25 19:00:08 | 000,161,936 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/09/25 19:00:08 | 000,070,416 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/12 08:26:26 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2010/11/05 11:41:44 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008/04/14 07:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/14 07:00:00 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/09/26 09:41:10 | 000,044,032 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2001/08/17 11:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 11:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 11:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 11:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm

IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 07:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/01 23:50:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/12/02 14:12:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/23 11:31:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/10 09:08:14 | 000,000,000 | ---D | M]

[2011/11/21 16:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/13 14:34:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/13 14:34:02 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/12/01 21:16:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (no name) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [PAP7501_Monitor] C:\WINDOWS\Pixart\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O18 - Protocol\Filter\application/octet-stream - No CLSID value found
O18 - Protocol\Filter\application/x-complus - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - No CLSID value found.
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/04 22:09:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/05 11:00:21 | 000,000,000 | ---D | C] -- C:\WINDOWS\LastGood
[2011/12/05 09:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Desktop\Fix
[2011/12/04 18:35:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Identities
[2011/12/03 21:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Desktop\tdsskiller(1)
[2011/12/03 21:21:36 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\one10\Desktop\aswMBR.exe
[2011/12/03 20:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Rapport
[2011/12/03 20:34:29 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/12/03 20:34:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/12/03 20:34:28 | 006,076,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/12/03 20:34:28 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2011/12/03 20:34:28 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2011/12/03 20:34:28 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2011/12/03 20:34:28 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/12/03 20:34:28 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2011/12/03 20:34:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2011/12/02 15:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Sun
[2011/12/02 14:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Temp
[2011/12/02 14:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Adobe
[2011/12/02 13:59:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\OpenOffice.org
[2011/12/02 13:50:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\PCHealth
[2011/12/02 10:08:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2011/12/02 10:02:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/01 23:52:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/12/01 23:52:43 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/12/01 23:52:43 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/12/01 23:52:41 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/12/01 23:52:40 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/12/01 23:52:39 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/12/01 23:52:39 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/12/01 23:52:39 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/12/01 23:52:38 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/12/01 23:50:11 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/12/01 23:50:10 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/12/01 23:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm_Security
[2011/12/01 23:48:19 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/12/01 23:47:59 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/12/01 23:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/12/01 23:47:46 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2011/12/01 23:47:44 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2011/12/01 23:47:44 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2011/12/01 23:47:36 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2011/12/01 23:47:35 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2011/12/01 23:47:35 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2011/12/01 23:47:35 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2011/12/01 23:47:35 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2011/12/01 23:47:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/12/01 23:47:33 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2011/12/01 23:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/12/01 23:46:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/12/01 23:46:47 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2011/12/01 23:46:47 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2011/12/01 23:46:47 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2011/12/01 21:13:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/12/01 20:12:47 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/01 20:07:54 | 004,608,744 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\one10\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[2011/12/01 17:56:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\WinRAR
[2011/12/01 15:39:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/01 15:39:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/01 15:39:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/01 15:39:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/01 15:39:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/01 15:32:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/01 15:32:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents\My Videos
[2011/12/01 15:32:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu\Programs\Administrative Tools
[2011/12/01 14:29:30 | 000,080,896 | ---- | C] (maliprog) -- C:\Documents and Settings\one10\Desktop\getpartitions.exe
[2011/12/01 13:58:16 | 004,323,152 | R--- | C] (Swearware) -- C:\Documents and Settings\one10\Desktop\ComboFix.exe
[2011/12/01 11:29:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/29 12:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\vlc
[2011/11/29 11:15:56 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\one10\Desktop\OTL.exe
[2011/11/23 13:59:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Recent
[2011/11/23 13:27:43 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\one10\Desktop\blank.exe
[2011/11/23 12:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Malwarebytes
[2011/11/23 12:11:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\SupportSoft
[2011/11/23 12:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Trusteer
[2011/11/23 12:10:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\My Documents\ForceField Shared Files
[2011/11/23 12:10:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Identities
[2011/11/23 12:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Mozilla
[2011/11/23 12:09:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Mozilla
[2011/11/23 12:09:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents\My Music
[2011/11/23 12:09:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents\My Pictures
[2011/11/23 12:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\CheckPoint
[2011/11/23 12:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Macromedia
[2011/11/23 12:08:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\one10\Application Data\Microsoft
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu\Programs\Startup
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\SendTo
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Favorites
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Application Data
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu\Programs\Accessories
[2011/11/23 12:08:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\one10\Cookies
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\My Documents\Updater5
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Trusteer
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Templates
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\PrintHood
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\NetHood
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Microsoft
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Desktop
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Adobe
[2011/11/23 11:55:43 | 000,000,000 | ---D | C] -- C:\4d24a32d91b14f87583aab5d0b1b
[2011/11/23 10:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Magnum
[2011/11/23 10:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Magnum
[2011/11/22 23:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/11/22 23:13:53 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/11/22 23:13:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/11/22 23:13:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/11/22 23:13:52 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/11/22 23:13:51 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/11/22 23:13:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/11/22 23:13:50 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/11/22 23:13:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/11/22 23:13:49 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2011/11/22 23:13:49 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2011/11/22 23:13:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2011/11/22 23:13:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2011/11/22 23:13:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/11/22 23:13:48 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/11/22 23:13:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2011/11/22 23:13:48 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/11/22 23:13:48 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/11/22 23:13:47 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/11/22 23:13:44 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2011/11/22 23:13:44 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/11/22 23:13:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/11/22 23:13:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/11/22 23:13:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2011/11/22 23:13:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/11/22 23:13:41 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/11/22 23:13:41 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/11/22 23:13:41 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/11/22 23:13:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/11/22 23:13:40 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/11/22 23:13:40 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/11/22 23:13:40 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/11/22 23:13:38 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2011/11/22 23:13:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2011/11/22 23:13:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2011/11/22 23:13:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2011/11/22 23:13:36 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/11/22 23:13:35 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/11/22 23:13:34 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/11/22 23:13:34 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/11/22 23:13:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/11/22 23:13:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/11/22 23:13:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/11/22 23:13:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/11/22 23:13:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/11/22 23:13:33 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/11/22 23:13:33 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/11/22 23:13:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2011/11/22 23:13:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/11/22 23:13:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2011/11/22 23:13:32 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/11/22 23:13:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/11/22 23:13:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/11/22 23:13:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/11/22 23:13:32 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/11/22 23:13:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/11/22 23:13:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/11/22 23:13:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/11/22 23:13:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/11/22 23:13:31 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/11/22 23:13:31 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/11/22 23:13:31 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/11/22 23:13:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/11/22 23:13:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/11/22 23:13:27 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2011/11/22 23:13:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/11/22 23:13:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/11/22 23:13:26 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/11/22 23:13:26 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/11/22 23:13:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2011/11/22 23:13:25 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/11/22 23:13:25 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/11/22 23:13:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/11/22 23:13:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2011/11/22 23:13:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/11/22 23:13:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/11/22 23:13:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/11/22 23:13:21 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/11/22 23:13:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/11/22 23:13:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/11/22 23:13:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2011/11/22 23:13:18 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/11/22 23:13:18 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/11/22 23:13:18 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/11/22 23:13:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/11/22 23:13:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/11/22 23:13:17 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/11/22 23:13:17 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/11/22 23:13:17 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/11/22 23:13:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2011/11/22 23:13:15 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/11/22 23:13:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2011/11/22 23:13:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/11/22 23:13:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/11/22 23:13:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/11/22 23:13:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/11/22 23:13:11 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2011/11/22 23:13:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2011/11/22 23:13:08 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/11/22 23:13:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/11/22 23:13:04 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/11/22 23:13:03 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/11/22 23:12:57 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/11/22 23:12:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2011/11/22 23:12:56 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/11/22 23:12:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2011/11/22 23:12:56 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2011/11/22 23:12:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2011/11/22 23:12:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/11/22 23:12:54 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/11/22 23:12:54 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2011/11/22 23:12:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2011/11/22 23:12:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2011/11/22 23:12:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/11/22 23:12:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/11/22 23:12:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/11/22 23:12:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/11/22 23:12:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/11/22 23:12:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/11/22 23:12:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/11/22 23:12:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/11/22 23:12:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/11/22 23:12:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/11/22 23:12:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/11/22 23:12:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/11/22 23:12:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/11/22 23:12:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/11/22 23:12:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/11/22 23:12:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/11/22 23:12:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/11/22 23:12:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/11/22 23:12:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/11/22 23:12:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/11/22 23:12:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2011/11/22 23:12:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/11/22 23:12:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/11/22 23:12:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/11/22 23:12:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/11/22 23:12:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/11/22 23:12:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2011/11/22 23:12:45 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2011/11/22 23:12:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2011/11/22 23:12:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2011/11/22 23:12:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2011/11/22 23:12:43 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2011/11/22 23:12:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2011/11/22 23:12:42 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/11/22 23:12:42 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/11/22 23:12:42 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/11/22 23:12:42 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/11/22 23:12:42 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/11/22 23:12:41 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/11/22 23:12:41 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/11/22 23:12:41 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/11/22 23:12:41 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/11/22 23:12:41 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/11/22 23:12:41 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/11/22 23:12:41 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/11/22 23:12:40 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/11/22 23:12:40 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/11/22 23:12:40 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/11/22 23:12:40 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/11/22 23:12:40 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/11/22 23:12:40 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/11/22 23:12:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/11/22 23:12:39 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/11/22 23:12:39 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/11/22 23:12:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/11/22 23:12:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/11/22 23:12:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2011/11/22 23:12:38 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2011/11/22 23:12:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2011/11/22 23:12:38 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2011/11/22 23:12:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2011/11/22 23:12:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2011/11/22 23:12:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2011/11/22 23:12:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2011/11/22 23:12:33 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/11/22 23:12:26 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/11/22 23:12:26 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2011/11/22 23:12:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2011/11/22 23:12:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2011/11/22 23:12:25 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2011/11/22 23:12:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/11/22 23:12:24 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2011/11/22 23:12:23 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2011/11/22 23:12:23 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2011/11/22 23:12:23 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2011/11/22 23:12:22 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2011/11/22 23:12:22 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2011/11/22 23:12:22 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2011/11/22 23:12:22 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2011/11/22 23:12:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/11/22 23:12:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2011/11/22 23:12:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/11/22 23:12:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2011/11/22 23:12:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2011/11/22 23:12:21 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2011/11/22 23:12:21 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2011/11/22 23:12:21 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2011/11/22 23:12:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2011/11/22 23:12:21 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/11/22 23:12:21 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/11/22 23:12:21 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2011/11/22 23:12:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2011/11/22 23:12:21 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2011/11/22 23:12:21 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2011/11/22 23:12:20 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2011/11/22 23:12:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2011/11/22 23:12:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2011/11/22 23:12:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/11/22 23:12:19 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/11/22 23:12:19 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/11/22 23:12:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/11/22 23:12:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/11/22 23:12:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2011/11/22 23:12:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/11/22 23:12:17 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/11/22 23:12:17 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2011/11/22 23:12:17 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/11/22 23:12:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/11/22 23:12:16 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/11/22 23:12:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/11/22 23:12:16 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/11/22 23:12:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/11/22 23:12:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2011/11/22 23:12:06 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/11/22 23:12:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/11/22 23:12:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2011/11/22 23:12:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2011/11/22 23:12:05 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2011/11/22 23:12:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2011/11/22 23:12:03 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/11/22 23:12:03 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/11/22 23:12:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/11/22 23:12:02 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/11/22 23:12:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/11/22 23:12:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/11/22 23:12:01 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/11/22 23:12:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/11/22 23:12:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/11/22 23:12:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/11/22 23:12:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/11/22 23:12:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/11/22 23:11:59 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/11/22 23:11:59 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/11/22 23:11:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/11/22 23:11:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/11/22 23:11:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2011/11/22 23:11:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2011/11/22 23:11:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2011/11/22 23:11:48 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2011/11/22 23:11:48 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2011/11/22 23:11:48 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/11/22 23:11:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2011/11/22 23:11:47 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/11/22 23:11:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2011/11/22 23:11:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/11/22 23:11:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2011/11/22 23:11:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/11/22 23:11:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2011/11/22 23:11:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2011/11/22 23:11:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2011/11/22 23:11:39 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/11/22 23:11:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/11/22 23:11:39 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2011/11/22 23:11:38 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2011/11/22 23:11:38 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2011/11/22 23:11:38 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/11/22 23:11:38 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/11/22 23:11:34 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2011/11/22 23:11:33 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2011/11/22 23:11:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2011/11/22 23:11:33 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2011/11/22 23:11:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2011/11/22 23:11:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2011/11/22 23:11:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2011/11/22 23:11:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2011/11/22 23:11:32 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2011/11/22 23:11:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2011/11/22 23:11:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2011/11/22 23:11:32 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/11/22 23:11:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2011/11/22 23:11:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2011/11/22 23:11:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2011/11/22 23:11:31 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/11/22 23:11:31 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/11/22 23:11:31 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/11/22 23:11:31 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/11/22 23:11:31 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/11/22 23:11:30 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/11/22 23:11:30 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/11/22 23:11:30 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/11/22 23:11:30 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/11/22 23:11:30 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/11/22 23:11:30 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/11/22 23:11:30 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/11/22 23:11:29 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/11/22 23:11:29 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/11/22 23:11:29 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/11/22 23:11:28 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2011/11/22 23:11:28 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/11/22 23:11:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2011/11/22 23:11:28 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2011/11/22 23:11:28 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2011/11/22 23:11:27 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2011/11/22 23:11:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2011/11/22 23:11:27 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/11/22 23:11:27 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/11/22 23:11:26 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/11/22 23:11:26 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/11/22 23:09:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/11/22 22:57:44 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/11/22 22:57:44 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/11/22 22:57:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/11/22 22:57:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/11/22 22:16:13 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\21883758.sys
[2011/11/22 21:58:19 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\25163123.sys
[2011/11/22 21:49:09 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\41318304.sys
[2011/11/22 19:16:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/22 19:16:49 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/22 19:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/22 19:13:29 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/11/21 14:24:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\im
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/05 12:01:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/12/05 11:55:01 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/05 11:39:13 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/05 11:38:59 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\Free File Viewer Update Checker.job
[2011/12/05 11:38:59 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/12/05 10:40:47 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/05 10:16:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/05 09:39:56 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\unhide.exe
[2011/12/04 18:31:24 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\MBR.dat
[2011/12/03 21:20:11 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\one10\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/03 20:58:14 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/12/03 20:22:39 | 000,432,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/03 20:22:39 | 000,067,544 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/03 20:19:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/03 14:03:14 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\one10\Desktop\aswMBR.exe
[2011/12/03 14:02:30 | 001,547,774 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\tdsskiller(1).zip
[2011/12/02 22:12:39 | 000,002,952 | -HS- | M] () -- C:\WINDOWS\0298114drv.spi
[2011/12/02 13:59:39 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/12/02 13:54:56 | 104,379,584 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\setup_11.0.0.1245.x01_2011_12_02_16_18.exe
[2011/12/02 09:46:24 | 000,421,443 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/12/02 09:45:07 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/01 23:52:44 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/01 23:52:39 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/01 23:47:48 | 000,004,212 | ---- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/12/01 21:16:27 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/01 20:12:58 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/12/01 20:05:30 | 004,608,744 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\one10\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[2011/12/01 14:26:48 | 000,080,896 | ---- | M] (maliprog) -- C:\Documents and Settings\one10\Desktop\getpartitions.exe
[2011/12/01 13:41:52 | 004,323,152 | R--- | M] (Swearware) -- C:\Documents and Settings\one10\Desktop\ComboFix.exe
[2011/11/29 11:09:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\one10\Desktop\OTL.exe
[2011/11/28 18:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 18:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 17:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 17:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 17:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 17:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 17:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 17:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 17:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 17:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/27 19:40:21 | 633,213,029 | ---- | M] () -- C:\Documents and Settings.zip
[2011/11/23 13:07:10 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\iExplore.exe
[2011/11/23 11:01:30 | 007,413,448 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\rules.ref
[2011/11/22 23:34:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2011/11/22 23:15:45 | 000,000,655 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/11/22 23:11:08 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/11/22 23:11:06 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/11/22 23:11:06 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/11/22 23:10:47 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/11/22 23:07:46 | 000,022,748 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/11/22 23:06:09 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/11/22 22:16:13 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\21883758.sys
[2011/11/22 21:58:19 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\25163123.sys
[2011/11/22 21:49:09 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\41318304.sys
[2011/11/22 18:51:26 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\one10\Desktop\blank.exe
[2011/11/22 15:51:30 | 000,000,685 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/05 09:49:46 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\unhide.exe
[2011/12/03 21:29:13 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\MBR.dat
[2011/12/03 21:21:36 | 001,547,774 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\tdsskiller(1).zip
[2011/12/03 21:20:11 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\one10\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/03 20:58:14 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/12/02 14:26:12 | 000,002,952 | -HS- | C] () -- C:\WINDOWS\0298114drv.spi
[2011/12/02 14:08:39 | 104,379,584 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\setup_11.0.0.1245.x01_2011_12_02_16_18.exe
[2011/12/01 23:52:44 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/01 23:47:48 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/12/01 23:47:33 | 000,421,443 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/12/01 20:12:58 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/12/01 20:12:52 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/01 15:39:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/01 15:39:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/01 15:39:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/01 15:39:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/01 15:39:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/27 19:42:55 | 633,213,029 | ---- | C] () -- C:\Documents and Settings.zip
[2011/11/23 13:54:55 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\iExplore.exe
[2011/11/23 13:27:53 | 007,413,448 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\rules.ref
[2011/11/23 12:10:07 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Outlook Express.lnk
[2011/11/23 12:09:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Internet Explorer.lnk
[2011/11/23 12:08:21 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Remote Assistance.lnk
[2011/11/23 12:08:21 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Windows Media Player.lnk
[2011/11/22 23:34:05 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2011/11/22 23:13:17 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/11/22 23:12:52 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/11/22 23:12:42 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/11/22 23:12:41 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/11/22 23:12:39 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/11/22 23:12:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/11/22 23:12:24 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/11/22 23:12:20 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/11/22 23:12:02 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/11/22 22:57:33 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011/11/22 22:57:33 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/11/22 22:57:33 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/11/22 22:57:32 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2011/11/22 22:57:32 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/11/22 22:57:32 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/11/22 22:57:32 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011/11/22 22:57:32 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/11/22 22:57:32 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011/11/22 22:57:32 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/11/22 22:57:32 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/11/22 22:57:32 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/11/22 22:57:32 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/11/22 22:57:32 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/11/22 22:57:32 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/11/22 22:57:32 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/11/22 22:57:31 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/11/22 22:57:31 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/05/19 22:30:27 | 000,080,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/19 10:08:20 | 000,022,816 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/22 08:52:18 | 000,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2010/11/22 08:52:18 | 000,000,020 | ---- | C] () -- C:\WINDOWS\akebook.ini
[2010/11/22 08:52:18 | 000,000,004 | ---- | C] () -- C:\WINDOWS\a3kebook.ini
[2010/07/20 18:55:02 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/19 11:54:51 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/06 14:08:50 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\EKDeviceServices.dll
[2010/06/06 13:35:57 | 000,002,007 | ---- | C] () -- C:\WINDOWS\System32\GUCI_AVS.ini
[2010/06/06 13:32:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/06/05 10:52:31 | 000,000,728 | ---- | C] () -- C:\WINDOWS\{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}_WiseFW.ini
[2010/06/05 09:12:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/06/04 22:54:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/04 22:52:50 | 000,136,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/04 22:12:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 22:06:49 | 000,022,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/14 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 07:00:00 | 000,432,972 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 07:00:00 | 000,067,544 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/04/15 11:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 11:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

< End of report >
  • 0

#23
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Some malware tends to hide your icons. Let's try to find them if they are still on your system.

Run OTL again

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
    . Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in
    %temp%\*.lnk /s
    
  • Click button named None first
  • Now click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt. This file is also saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it here to me

  • 0

#24
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi maliprog,

I have run the OTL scan and the log will be on the next post.

Desktop icons have are present and those which are program shortcuts do open when chosen. However, most of the programs I use are accessed via Start->All Programs and most of these programs appear empty when I try to access them (see screen prints below). I hope this helps.

Edit: Screen prints attached

Scrprint.png

Scrprint_2.png

Edited by Rick_F, 06 December 2011 - 04:43 AM.

  • 0

#25
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
OTL Scan Log:

OTL logfile created on: 12/6/2011 09:55:00 - Run 4
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\one10\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.55 Gb Available Physical Memory | 85.36% Memory free
6.84 Gb Paging File | 6.49 Gb Available in Paging File | 94.99% Paging File free
Paging file location(s): c:\pagefile.sys 4093 4093 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 75.20 Gb Free Space | 58.75% Space Free | Partition Type: NTFS
Drive F: | 955.70 Mb Total Space | 634.56 Mb Free Space | 66.40% Space Free | Partition Type: FAT

Computer Name: USER-94BF4B7558 | User Name: one10 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/29 11:09:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\one10\Desktop\OTL.exe
PRC - [2011/11/28 18:01:24 | 003,744,552 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastUI.exe
PRC - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe
PRC - [2011/09/25 18:59:56 | 001,636,152 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
PRC - [2011/09/25 18:59:56 | 000,919,352 | ---- | M] (Trusteer Ltd.) -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
PRC - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
PRC - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) -- C:\WINDOWS\system32\ZoneLabs\vsmon.exe
PRC - [2010/11/16 17:46:04 | 001,043,968 | ---- | M] (Check Point Software Technologies LTD) -- C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
PRC - [2010/11/05 11:41:52 | 000,488,952 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
PRC - [2010/11/05 11:41:48 | 000,738,808 | ---- | M] (Check Point Software Technologies) -- C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
PRC - [2009/03/04 14:52:58 | 000,202,016 | R--- | M] (SupportSoft, Inc.) -- C:\Program Files\O2\bin\sprtsvc.exe
PRC - [2008/07/25 12:34:50 | 000,018,944 | ---- | M] (Eastman Kodak Company) -- C:\Program Files\Kodak\Printer\Center\KodakSvc.exe
PRC - [2008/07/18 12:08:22 | 001,306,624 | ---- | M] (Eastman Kodak Company) -- C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
PRC - [2008/04/14 07:00:00 | 001,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2007/12/10 14:55:26 | 000,323,584 | ---- | M] (PixArt Imaging Incorporation) -- C:\WINDOWS\Pixart\PAP7501\GUCI_AVS.exe
PRC - [2001/08/17 21:36:42 | 000,024,064 | ---- | M] (Creative Technology Ltd.) -- C:\WINDOWS\system32\devldr32.exe


========== Modules (No Company Name) ==========

MOD - [2011/12/04 16:46:48 | 001,642,496 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120401\algo.dll
MOD - [2011/11/29 15:40:55 | 000,241,528 | ---- | M] () -- C:\Program Files\AVAST Software\Avast\defs\11120401\aswRep.dll
MOD - [2011/09/19 20:38:08 | 000,557,056 | ---- | M] () -- C:\Program Files\Trusteer\Rapport\bin\js32.dll
MOD - [2011/07/12 08:26:28 | 000,516,368 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportMS.dll


========== Win32 Services (SafeList) ==========

SRV - File not found [On_Demand | Stopped] -- -- (getPlusHelper) getPlus®
SRV - [2011/11/28 18:01:23 | 000,044,768 | ---- | M] (AVAST Software) [Auto | Running] -- C:\Program Files\AVAST Software\Avast\AvastSvc.exe -- (avast! Antivirus)
SRV - [2011/09/25 18:59:56 | 000,919,352 | ---- | M] (Trusteer Ltd.) [Auto | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe -- (RapportMgmtService)
SRV - [2011/08/31 17:00:48 | 000,366,152 | ---- | M] (Malwarebytes Corporation) [Disabled | Stopped] -- C:\Program Files\Magnum\mbamservice.exe -- (MBAMService)
SRV - [2011/08/09 16:38:38 | 000,328,536 | ---- | M] (IObit) [Auto | Running] -- C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe -- (AdvancedSystemCareService)
SRV - [2010/11/16 17:47:56 | 002,435,592 | ---- | M] (Check Point Software Technologies LTD) [Auto | Running] -- C:\WINDOWS\System32\ZoneLabs\vsmon.exe -- (vsmon)
SRV - [2010/11/05 11:41:52 | 000,488,952 | ---- | M] (Check Point Software Technologies) [Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe -- (IswSvc)
SRV - [2010/09/24 16:07:18 | 000,329,080 | ---- | M] (SupportSoft, Inc.) [Auto | Stopped] -- C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe -- (SupportSoft RemoteAssist)
SRV - [2009/03/04 14:52:58 | 000,202,016 | R--- | M] (SupportSoft, Inc.) [Auto | Running] -- C:\Program Files\O2\bin\sprtsvc.exe -- (sprtsvc_O2) SupportSoft Sprocket Service (O2)
SRV - [2008/07/25 12:34:50 | 000,018,944 | ---- | M] (Eastman Kodak Company) [Auto | Running] -- C:\Program Files\Kodak\printer\center\KodakSvc.exe -- (KodakSvc)


========== Driver Services (SafeList) ==========

DRV - [2011/11/28 17:53:53 | 000,435,032 | ---- | M] (AVAST Software) [File_System | System | Running] -- C:\WINDOWS\System32\drivers\aswSnx.sys -- (aswSnx)
DRV - [2011/11/28 17:53:35 | 000,314,456 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswSP.sys -- (aswSP)
DRV - [2011/11/28 17:52:19 | 000,034,392 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswRdr.sys -- (aswRdr)
DRV - [2011/11/28 17:52:16 | 000,052,952 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aswTdi.sys -- (aswTdi)
DRV - [2011/11/28 17:52:02 | 000,111,320 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswmon2.sys -- (aswMon2)
DRV - [2011/11/28 17:51:50 | 000,020,568 | ---- | M] (AVAST Software) [File_System | Auto | Running] -- C:\WINDOWS\System32\drivers\aswFsBlk.sys -- (aswFsBlk)
DRV - [2011/11/28 17:48:49 | 000,030,808 | ---- | M] (AVAST Software) [Kernel | System | Running] -- C:\WINDOWS\System32\drivers\aavmker4.sys -- (Aavmker4)
DRV - [2011/10/19 08:03:43 | 000,227,312 | ---- | M] () [Kernel | System | Running] -- C:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportCerberus\32301\RapportCerberus32_32301.sys -- (RapportCerberus_32301)
DRV - [2011/09/25 19:00:08 | 000,161,936 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportPG.sys -- (RapportPG)
DRV - [2011/09/25 19:00:08 | 000,070,416 | ---- | M] (Trusteer Ltd.) [Kernel | System | Running] -- C:\Program Files\Trusteer\Rapport\bin\RapportEI.sys -- (RapportEI)
DRV - [2011/08/31 17:00:50 | 000,022,216 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\mbam.sys -- (MBAMProtector)
DRV - [2011/07/12 08:26:26 | 000,021,520 | ---- | M] (Trusteer Ltd.) [Kernel | On_Demand | Running] -- c:\Documents and Settings\All Users\Application Data\Trusteer\Rapport\store\exts\RapportMS\28896\RapportIaso.sys -- (RapportIaso)
DRV - [2010/11/05 11:41:44 | 000,026,872 | ---- | M] (Check Point Software Technologies) [Kernel | Auto | Running] -- C:\Program Files\CheckPoint\ZAForceField\ISWKL.sys -- (ISWKL)
DRV - [2010/05/13 10:02:32 | 000,532,224 | ---- | M] (Check Point Software Technologies LTD) [Kernel | System | Running] -- C:\WINDOWS\system32\vsdatant.sys -- (vsdatant)
DRV - [2008/04/14 07:00:00 | 000,010,624 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\gameenum.sys -- (gameenum)
DRV - [2008/04/14 07:00:00 | 000,004,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\loop.sys -- (msloop)
DRV - [2004/09/17 08:02:54 | 000,732,928 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\senfilt.sys -- (senfilt)
DRV - [2003/09/26 09:41:10 | 000,044,032 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys -- (bcm4sbxp)
DRV - [2001/08/17 11:19:34 | 000,036,480 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\sfmanm.sys -- (sfman) Creative SoundFont Manager Driver (WDM)
DRV - [2001/08/17 11:19:28 | 000,006,912 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctlfacem.sys -- (emu10k1) Creative Interface Manager Driver (WDM)
DRV - [2001/08/17 11:19:26 | 000,283,904 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\emu10k1m.sys -- (emu10k) Creative SB Live! (WDM)
DRV - [2001/08/17 11:19:20 | 000,003,712 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\ctljystk.sys -- (ctljystk)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-1343024091-113007714-1606980848-1006\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========


FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@checkpoint.com/FFApi: C:\Program Files\CheckPoint\ZAForceField\TrustChecker\bin\npFFApi.dll ()
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=1.1.4: C:\Program Files\VideoLAN\VLC\npvlc.dll File not found

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{3f963a5b-e555-4543-90e2-c3908898db71}: C:\Program Files\AVG\AVG10\Firefox\
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG10\Firefox4\ [2011/06/24 07:55:39 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files\AVAST Software\Avast\WebRep\FF [2011/12/01 23:50:20 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}: C:\Program Files\CheckPoint\ZAForceField\TrustChecker [2011/12/02 14:12:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/11/23 11:31:28 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.6.24\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/10 09:08:14 | 000,000,000 | ---D | M]

[2011/11/21 16:18:25 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2010/10/13 14:34:19 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
[2010/10/13 14:34:02 | 000,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll

O1 HOSTS File: ([2011/12/01 21:16:27 | 000,000,027 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - No CLSID value found.
O2 - BHO: (no name) - {66f2e20d-0da8-4c11-a9c8-dd8477b88acd} - No CLSID value found.
O2 - BHO: (ZoneAlarm Security Engine Registrar) - {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O2 - BHO: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
O2 - BHO: (no name) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No CLSID value found.
O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Toolbar) - {91da5e8a-3318-4f8c-b67e-5964de3ab546} - C:\Program Files\ZoneAlarm_Security\prxtbZone.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (ZoneAlarm Security Engine) - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - C:\Program Files\CheckPoint\ZAForceField\Trustchecker\bin\TrustCheckerIEPlugin.dll (Check Point Software Technologies)
O4 - HKLM..\Run: [avast] C:\Program Files\AVAST Software\Avast\avastUI.exe (AVAST Software)
O4 - HKLM..\Run: [EKIJ5000StatusMonitor] C:\WINDOWS\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe (Eastman Kodak Company)
O4 - HKLM..\Run: [ISW] C:\Program Files\CheckPoint\ZAForceField\ForceField.exe (Check Point Software Technologies)
O4 - HKLM..\Run: [PAP7501_Monitor] C:\WINDOWS\Pixart\PAP7501\GUCI_AVS.exe (PixArt Imaging Incorporation)
O4 - HKLM..\Run: [ZoneAlarm Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe (Check Point Software Technologies LTD)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Infodelivery present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-1343024091-113007714-1606980848-1006\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-1343024091-113007714-1606980848-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKU\S-1-5-21-1343024091-113007714-1606980848-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKU\S-1-5-21-1343024091-113007714-1606980848-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9 - Extra Button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - Reg Error: Key error. File not found
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Reg Error: Key error.)
O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.ad...Plus/1.6/gp.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B46EAF61-E292-48B4-85FD-F37CF90DBEFA}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Filter\application/octet-stream - No CLSID value found
O18 - Protocol\Filter\application/x-complus - No CLSID value found
O18 - Protocol\Filter\application/x-msdownload - No CLSID value found
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - No CLSID value found.
O24 - Desktop WallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O24 - Desktop BackupWallPaper: C:\WINDOWS\Web\Wallpaper\Bliss.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/06/04 22:09:49 | 000,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

========== Files/Folders - Created Within 30 Days ==========

[2011/12/05 09:46:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Desktop\Fix
[2011/12/04 18:35:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Identities
[2011/12/03 21:22:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Desktop\tdsskiller(1)
[2011/12/03 21:21:36 | 001,916,416 | ---- | C] (AVAST Software) -- C:\Documents and Settings\one10\Desktop\aswMBR.exe
[2011/12/03 20:42:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Rapport
[2011/12/03 20:34:29 | 000,468,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll
[2011/12/03 20:34:29 | 000,052,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll
[2011/12/03 20:34:28 | 006,076,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll
[2011/12/03 20:34:28 | 002,452,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dat
[2011/12/03 20:34:28 | 000,991,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieframe.dll.mui
[2011/12/03 20:34:28 | 000,380,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieapfltr.dll
[2011/12/03 20:34:28 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll
[2011/12/03 20:34:28 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ieudinit.exe
[2011/12/03 20:34:27 | 000,063,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\icardie.dll
[2011/12/02 15:24:26 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Sun
[2011/12/02 14:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Temp
[2011/12/02 14:01:00 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Adobe
[2011/12/02 13:59:04 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\OpenOffice.org
[2011/12/02 13:50:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\PCHealth
[2011/12/02 10:08:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\setupupd
[2011/12/02 10:02:40 | 000,000,000 | -HSD | C] -- C:\RECYCLER
[2011/12/01 23:52:44 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus
[2011/12/01 23:52:43 | 000,314,456 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/12/01 23:52:43 | 000,020,568 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/12/01 23:52:41 | 000,034,392 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/12/01 23:52:40 | 000,052,952 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/12/01 23:52:39 | 000,435,032 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/12/01 23:52:39 | 000,111,320 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/12/01 23:52:39 | 000,105,176 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/12/01 23:52:38 | 000,030,808 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/12/01 23:50:11 | 000,041,184 | ---- | C] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/12/01 23:50:10 | 000,199,816 | ---- | C] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/12/01 23:48:55 | 000,000,000 | ---D | C] -- C:\Program Files\ZoneAlarm_Security
[2011/12/01 23:48:19 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys
[2011/12/01 23:47:59 | 000,456,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys
[2011/12/01 23:47:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm
[2011/12/01 23:47:46 | 000,058,368 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsregexp.dll
[2011/12/01 23:47:44 | 000,104,448 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcommdb.dll
[2011/12/01 23:47:44 | 000,069,120 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zlcomm.dll
[2011/12/01 23:47:36 | 000,043,008 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vswmi.dll
[2011/12/01 23:47:35 | 001,238,528 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\zpeng25.dll
[2011/12/01 23:47:35 | 000,302,592 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vspubapi.dll
[2011/12/01 23:47:35 | 000,110,080 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsxml.dll
[2011/12/01 23:47:35 | 000,108,032 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsmonapi.dll
[2011/12/01 23:47:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\ZoneLabs
[2011/12/01 23:47:33 | 000,532,224 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdatant.sys
[2011/12/01 23:47:33 | 000,000,000 | ---D | C] -- C:\Program Files\Zone Labs
[2011/12/01 23:46:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\Internet Logs
[2011/12/01 23:46:47 | 000,715,264 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsutil.dll
[2011/12/01 23:46:47 | 000,228,864 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsinit.dll
[2011/12/01 23:46:47 | 000,112,128 | ---- | C] (Check Point Software Technologies LTD) -- C:\WINDOWS\System32\vsdata.dll
[2011/12/01 21:13:07 | 000,000,000 | ---D | C] -- C:\WINDOWS\temp
[2011/12/01 20:12:47 | 000,000,000 | RHSD | C] -- C:\cmdcons
[2011/12/01 20:07:54 | 004,608,744 | ---- | C] (Microsoft Corporation) -- C:\Documents and Settings\one10\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[2011/12/01 17:56:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\WinRAR
[2011/12/01 15:39:35 | 000,518,144 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2011/12/01 15:39:35 | 000,406,528 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2011/12/01 15:39:35 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2011/12/01 15:39:35 | 000,060,416 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2011/12/01 15:39:29 | 000,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2011/12/01 15:32:07 | 000,000,000 | ---D | C] -- C:\Qoobox
[2011/12/01 15:32:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents\My Videos
[2011/12/01 15:32:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu\Programs\Administrative Tools
[2011/12/01 14:29:30 | 000,080,896 | ---- | C] (maliprog) -- C:\Documents and Settings\one10\Desktop\getpartitions.exe
[2011/12/01 13:58:16 | 004,323,152 | R--- | C] (Swearware) -- C:\Documents and Settings\one10\Desktop\ComboFix.exe
[2011/12/01 11:29:31 | 000,000,000 | ---D | C] -- C:\_OTL
[2011/11/29 12:20:27 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\vlc
[2011/11/29 11:15:56 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\one10\Desktop\OTL.exe
[2011/11/23 13:59:34 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Recent
[2011/11/23 13:27:43 | 009,852,544 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\one10\Desktop\blank.exe
[2011/11/23 12:14:01 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Malwarebytes
[2011/11/23 12:11:48 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\SupportSoft
[2011/11/23 12:11:38 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Trusteer
[2011/11/23 12:10:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\My Documents\ForceField Shared Files
[2011/11/23 12:10:05 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Identities
[2011/11/23 12:09:16 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Mozilla
[2011/11/23 12:09:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Mozilla
[2011/11/23 12:09:09 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents\My Music
[2011/11/23 12:09:08 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents\My Pictures
[2011/11/23 12:08:50 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\CheckPoint
[2011/11/23 12:08:21 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Macromedia
[2011/11/23 12:08:20 | 000,000,000 | --SD | C] -- C:\Documents and Settings\one10\Application Data\Microsoft
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu\Programs\Startup
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\SendTo
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\My Documents
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Favorites
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Application Data
[2011/11/23 12:08:20 | 000,000,000 | R--D | C] -- C:\Documents and Settings\one10\Start Menu\Programs\Accessories
[2011/11/23 12:08:20 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\one10\Cookies
[2011/11/23 12:08:20 | 000,000,000 | -H-D | C] -- C:\Documents and Settings\one10\Local Settings
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\My Documents\Updater5
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Application Data\Trusteer
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Templates
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\PrintHood
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\NetHood
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Microsoft
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Desktop
[2011/11/23 12:08:20 | 000,000,000 | ---D | C] -- C:\Documents and Settings\one10\Local Settings\Application Data\Adobe
[2011/11/23 11:55:43 | 000,000,000 | ---D | C] -- C:\4d24a32d91b14f87583aab5d0b1b
[2011/11/23 10:17:39 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Start Menu\Programs\Magnum
[2011/11/23 10:17:35 | 000,000,000 | ---D | C] -- C:\Program Files\Magnum
[2011/11/22 23:17:19 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2011/11/22 23:13:53 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime
[2011/11/22 23:13:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime
[2011/11/22 23:13:52 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime
[2011/11/22 23:13:52 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime
[2011/11/22 23:13:51 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime
[2011/11/22 23:13:51 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime
[2011/11/22 23:13:50 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll
[2011/11/22 23:13:50 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys
[2011/11/22 23:13:49 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll
[2011/11/22 23:13:49 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll
[2011/11/22 23:13:49 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll
[2011/11/22 23:13:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll
[2011/11/22 23:13:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll
[2011/11/22 23:13:48 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll
[2011/11/22 23:13:48 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll
[2011/11/22 23:13:48 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll
[2011/11/22 23:13:48 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll
[2011/11/22 23:13:47 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll
[2011/11/22 23:13:44 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll
[2011/11/22 23:13:44 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll
[2011/11/22 23:13:44 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime
[2011/11/22 23:13:43 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe
[2011/11/22 23:13:42 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll
[2011/11/22 23:13:42 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll
[2011/11/22 23:13:41 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime
[2011/11/22 23:13:41 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe
[2011/11/22 23:13:41 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll
[2011/11/22 23:13:41 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe
[2011/11/22 23:13:40 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys
[2011/11/22 23:13:40 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys
[2011/11/22 23:13:40 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys
[2011/11/22 23:13:38 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll
[2011/11/22 23:13:37 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll
[2011/11/22 23:13:37 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll
[2011/11/22 23:13:37 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll
[2011/11/22 23:13:36 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll
[2011/11/22 23:13:35 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll
[2011/11/22 23:13:34 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll
[2011/11/22 23:13:34 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll
[2011/11/22 23:13:34 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll
[2011/11/22 23:13:34 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll
[2011/11/22 23:13:34 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe
[2011/11/22 23:13:34 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll
[2011/11/22 23:13:34 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll
[2011/11/22 23:13:33 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll
[2011/11/22 23:13:33 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll
[2011/11/22 23:13:33 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe
[2011/11/22 23:13:33 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll
[2011/11/22 23:13:33 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll
[2011/11/22 23:13:32 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe
[2011/11/22 23:13:32 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll
[2011/11/22 23:13:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll
[2011/11/22 23:13:32 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll
[2011/11/22 23:13:32 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll
[2011/11/22 23:13:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll
[2011/11/22 23:13:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll
[2011/11/22 23:13:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll
[2011/11/22 23:13:31 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll
[2011/11/22 23:13:31 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll
[2011/11/22 23:13:31 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll
[2011/11/22 23:13:31 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll
[2011/11/22 23:13:31 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll
[2011/11/22 23:13:31 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll
[2011/11/22 23:13:30 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll
[2011/11/22 23:13:27 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll
[2011/11/22 23:13:27 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll
[2011/11/22 23:13:27 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll
[2011/11/22 23:13:26 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll
[2011/11/22 23:13:26 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll
[2011/11/22 23:13:26 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll
[2011/11/22 23:13:25 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll
[2011/11/22 23:13:25 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll
[2011/11/22 23:13:24 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime
[2011/11/22 23:13:24 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll
[2011/11/22 23:13:23 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe
[2011/11/22 23:13:23 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe
[2011/11/22 23:13:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime
[2011/11/22 23:13:21 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys
[2011/11/22 23:13:21 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe
[2011/11/22 23:13:20 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe
[2011/11/22 23:13:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll
[2011/11/22 23:13:18 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll
[2011/11/22 23:13:18 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe
[2011/11/22 23:13:18 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll
[2011/11/22 23:13:18 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll
[2011/11/22 23:13:18 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll
[2011/11/22 23:13:17 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime
[2011/11/22 23:13:17 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime
[2011/11/22 23:13:17 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll
[2011/11/22 23:13:16 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll
[2011/11/22 23:13:15 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll
[2011/11/22 23:13:15 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll
[2011/11/22 23:13:15 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll
[2011/11/22 23:13:15 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll
[2011/11/22 23:13:15 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll
[2011/11/22 23:13:12 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll
[2011/11/22 23:13:11 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll
[2011/11/22 23:13:11 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll
[2011/11/22 23:13:08 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll
[2011/11/22 23:13:08 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe
[2011/11/22 23:13:04 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex
[2011/11/22 23:13:03 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll
[2011/11/22 23:12:57 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys
[2011/11/22 23:12:57 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe
[2011/11/22 23:12:56 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll
[2011/11/22 23:12:56 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll
[2011/11/22 23:12:56 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll
[2011/11/22 23:12:56 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll
[2011/11/22 23:12:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll
[2011/11/22 23:12:54 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll
[2011/11/22 23:12:54 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll
[2011/11/22 23:12:54 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll
[2011/11/22 23:12:54 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll
[2011/11/22 23:12:53 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll
[2011/11/22 23:12:52 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll
[2011/11/22 23:12:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll
[2011/11/22 23:12:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll
[2011/11/22 23:12:51 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll
[2011/11/22 23:12:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll
[2011/11/22 23:12:50 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll
[2011/11/22 23:12:50 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll
[2011/11/22 23:12:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll
[2011/11/22 23:12:49 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll
[2011/11/22 23:12:49 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll
[2011/11/22 23:12:49 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll
[2011/11/22 23:12:49 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll
[2011/11/22 23:12:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll
[2011/11/22 23:12:49 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll
[2011/11/22 23:12:48 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll
[2011/11/22 23:12:48 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll
[2011/11/22 23:12:48 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll
[2011/11/22 23:12:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll
[2011/11/22 23:12:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll
[2011/11/22 23:12:47 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll
[2011/11/22 23:12:47 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll
[2011/11/22 23:12:46 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll
[2011/11/22 23:12:46 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll
[2011/11/22 23:12:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll
[2011/11/22 23:12:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll
[2011/11/22 23:12:46 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll
[2011/11/22 23:12:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll
[2011/11/22 23:12:46 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll
[2011/11/22 23:12:45 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll
[2011/11/22 23:12:45 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll
[2011/11/22 23:12:45 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll
[2011/11/22 23:12:44 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll
[2011/11/22 23:12:43 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll
[2011/11/22 23:12:43 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetin51.exe
[2011/11/22 23:12:43 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll
[2011/11/22 23:12:42 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll
[2011/11/22 23:12:42 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll
[2011/11/22 23:12:42 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll
[2011/11/22 23:12:42 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll
[2011/11/22 23:12:42 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe
[2011/11/22 23:12:41 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe
[2011/11/22 23:12:41 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe
[2011/11/22 23:12:41 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe
[2011/11/22 23:12:41 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe
[2011/11/22 23:12:41 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe
[2011/11/22 23:12:41 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll
[2011/11/22 23:12:41 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe
[2011/11/22 23:12:40 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll
[2011/11/22 23:12:40 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll
[2011/11/22 23:12:40 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll
[2011/11/22 23:12:40 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime
[2011/11/22 23:12:40 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe
[2011/11/22 23:12:40 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe
[2011/11/22 23:12:39 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll
[2011/11/22 23:12:39 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll
[2011/11/22 23:12:39 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime
[2011/11/22 23:12:39 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll
[2011/11/22 23:12:39 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe
[2011/11/22 23:12:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe
[2011/11/22 23:12:38 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll
[2011/11/22 23:12:38 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll
[2011/11/22 23:12:38 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll
[2011/11/22 23:12:38 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll
[2011/11/22 23:12:38 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll
[2011/11/22 23:12:38 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll
[2011/11/22 23:12:38 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll
[2011/11/22 23:12:33 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll
[2011/11/22 23:12:26 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll
[2011/11/22 23:12:26 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll
[2011/11/22 23:12:26 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll
[2011/11/22 23:12:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll
[2011/11/22 23:12:25 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll
[2011/11/22 23:12:24 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll
[2011/11/22 23:12:24 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll
[2011/11/22 23:12:23 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll
[2011/11/22 23:12:23 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll
[2011/11/22 23:12:23 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll
[2011/11/22 23:12:22 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll
[2011/11/22 23:12:22 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll
[2011/11/22 23:12:22 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe
[2011/11/22 23:12:22 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll
[2011/11/22 23:12:22 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll
[2011/11/22 23:12:22 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll
[2011/11/22 23:12:22 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe
[2011/11/22 23:12:22 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll
[2011/11/22 23:12:22 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll
[2011/11/22 23:12:21 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll
[2011/11/22 23:12:21 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll
[2011/11/22 23:12:21 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe
[2011/11/22 23:12:21 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe
[2011/11/22 23:12:21 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll
[2011/11/22 23:12:21 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll
[2011/11/22 23:12:21 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll
[2011/11/22 23:12:21 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll
[2011/11/22 23:12:21 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll
[2011/11/22 23:12:21 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll
[2011/11/22 23:12:20 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll
[2011/11/22 23:12:20 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll
[2011/11/22 23:12:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll
[2011/11/22 23:12:20 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll
[2011/11/22 23:12:19 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe
[2011/11/22 23:12:19 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll
[2011/11/22 23:12:19 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe
[2011/11/22 23:12:18 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll
[2011/11/22 23:12:18 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll
[2011/11/22 23:12:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll
[2011/11/22 23:12:17 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll
[2011/11/22 23:12:17 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe
[2011/11/22 23:12:17 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys
[2011/11/22 23:12:17 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe
[2011/11/22 23:12:16 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll
[2011/11/22 23:12:16 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll
[2011/11/22 23:12:16 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll
[2011/11/22 23:12:08 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime
[2011/11/22 23:12:08 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe
[2011/11/22 23:12:06 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe
[2011/11/22 23:12:06 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe
[2011/11/22 23:12:05 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe
[2011/11/22 23:12:05 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll
[2011/11/22 23:12:05 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll
[2011/11/22 23:12:04 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll
[2011/11/22 23:12:03 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe
[2011/11/22 23:12:03 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll
[2011/11/22 23:12:03 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime
[2011/11/22 23:12:02 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll
[2011/11/22 23:12:02 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll
[2011/11/22 23:12:02 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll
[2011/11/22 23:12:01 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll
[2011/11/22 23:12:01 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe
[2011/11/22 23:12:01 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe
[2011/11/22 23:12:01 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe
[2011/11/22 23:12:01 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe
[2011/11/22 23:12:00 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime
[2011/11/22 23:11:59 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll
[2011/11/22 23:11:59 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys
[2011/11/22 23:11:59 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll
[2011/11/22 23:11:59 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll
[2011/11/22 23:11:51 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll
[2011/11/22 23:11:49 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll
[2011/11/22 23:11:49 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll
[2011/11/22 23:11:48 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll
[2011/11/22 23:11:48 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll
[2011/11/22 23:11:48 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll
[2011/11/22 23:11:48 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll
[2011/11/22 23:11:47 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll
[2011/11/22 23:11:47 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll
[2011/11/22 23:11:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll
[2011/11/22 23:11:46 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll
[2011/11/22 23:11:45 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll
[2011/11/22 23:11:45 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll
[2011/11/22 23:11:44 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll
[2011/11/22 23:11:44 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll
[2011/11/22 23:11:40 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll
[2011/11/22 23:11:39 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe
[2011/11/22 23:11:39 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll
[2011/11/22 23:11:39 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll
[2011/11/22 23:11:38 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll
[2011/11/22 23:11:38 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll
[2011/11/22 23:11:38 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll
[2011/11/22 23:11:38 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe
[2011/11/22 23:11:34 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx
[2011/11/22 23:11:33 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll
[2011/11/22 23:11:33 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll
[2011/11/22 23:11:33 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll
[2011/11/22 23:11:33 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll
[2011/11/22 23:11:33 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll
[2011/11/22 23:11:33 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe
[2011/11/22 23:11:32 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll
[2011/11/22 23:11:32 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll
[2011/11/22 23:11:32 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll
[2011/11/22 23:11:32 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe
[2011/11/22 23:11:32 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe
[2011/11/22 23:11:32 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe
[2011/11/22 23:11:32 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll
[2011/11/22 23:11:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll
[2011/11/22 23:11:31 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll
[2011/11/22 23:11:31 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll
[2011/11/22 23:11:31 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe
[2011/11/22 23:11:31 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe
[2011/11/22 23:11:31 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll
[2011/11/22 23:11:30 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll
[2011/11/22 23:11:30 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll
[2011/11/22 23:11:30 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll
[2011/11/22 23:11:30 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll
[2011/11/22 23:11:30 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll
[2011/11/22 23:11:30 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll
[2011/11/22 23:11:30 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe
[2011/11/22 23:11:29 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll
[2011/11/22 23:11:29 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll
[2011/11/22 23:11:29 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll
[2011/11/22 23:11:28 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx
[2011/11/22 23:11:28 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe
[2011/11/22 23:11:28 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx
[2011/11/22 23:11:28 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx
[2011/11/22 23:11:28 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll
[2011/11/22 23:11:27 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll
[2011/11/22 23:11:27 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll
[2011/11/22 23:11:27 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll
[2011/11/22 23:11:27 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe
[2011/11/22 23:11:26 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll
[2011/11/22 23:11:26 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe
[2011/11/22 23:09:01 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isignup.exe
[2011/11/22 22:57:44 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll
[2011/11/22 22:57:44 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll
[2011/11/22 22:57:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll
[2011/11/22 22:57:44 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll
[2011/11/22 22:16:13 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\21883758.sys
[2011/11/22 21:58:19 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\25163123.sys
[2011/11/22 21:49:09 | 000,094,896 | ---- | C] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\41318304.sys
[2011/11/22 19:16:54 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2011/11/22 19:16:49 | 000,022,216 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2011/11/22 19:16:49 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2011/11/22 19:13:29 | 000,000,000 | ---D | C] -- C:\TDSSKiller_Quarantine
[2011/11/21 14:24:27 | 000,000,000 | ---D | C] -- C:\WINDOWS\im
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/12/06 09:55:11 | 000,000,882 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/12/06 09:41:54 | 000,000,878 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/12/06 09:41:48 | 000,000,376 | ---- | M] () -- C:\WINDOWS\tasks\Free File Viewer Update Checker.job
[2011/12/06 09:41:48 | 000,000,268 | ---- | M] () -- C:\WINDOWS\tasks\ASC4_PerformanceMonitor.job
[2011/12/06 09:37:32 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/12/05 18:01:00 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2011/12/05 12:45:12 | 000,005,120 | ---- | M] () -- C:\Documents and Settings\one10\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/05 10:16:57 | 000,000,664 | ---- | M] () -- C:\WINDOWS\System32\d3d9caps.dat
[2011/12/05 09:39:56 | 000,684,297 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\unhide.exe
[2011/12/04 18:31:24 | 000,000,512 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\MBR.dat
[2011/12/03 21:20:11 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\one10\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/03 20:58:14 | 000,001,915 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/12/03 20:22:39 | 000,432,972 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2011/12/03 20:22:39 | 000,067,544 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2011/12/03 20:19:58 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/12/03 14:03:14 | 001,916,416 | ---- | M] (AVAST Software) -- C:\Documents and Settings\one10\Desktop\aswMBR.exe
[2011/12/03 14:02:30 | 001,547,774 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\tdsskiller(1).zip
[2011/12/02 22:12:39 | 000,002,952 | -HS- | M] () -- C:\WINDOWS\0298114drv.spi
[2011/12/02 13:59:39 | 000,000,376 | ---- | M] () -- C:\WINDOWS\ODBC.INI
[2011/12/02 13:54:56 | 104,379,584 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\setup_11.0.0.1245.x01_2011_12_02_16_18.exe
[2011/12/02 09:46:24 | 000,421,443 | ---- | M] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/12/02 09:45:07 | 000,136,464 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2011/12/01 23:52:44 | 000,001,689 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/01 23:52:39 | 000,002,625 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT
[2011/12/01 23:47:48 | 000,004,212 | ---- | M] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/12/01 21:16:27 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts
[2011/12/01 20:12:58 | 000,000,327 | RHS- | M] () -- C:\boot.ini
[2011/12/01 20:05:30 | 004,608,744 | ---- | M] (Microsoft Corporation) -- C:\Documents and Settings\one10\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe
[2011/12/01 14:26:48 | 000,080,896 | ---- | M] (maliprog) -- C:\Documents and Settings\one10\Desktop\getpartitions.exe
[2011/12/01 13:41:52 | 004,323,152 | R--- | M] (Swearware) -- C:\Documents and Settings\one10\Desktop\ComboFix.exe
[2011/11/29 11:09:40 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\one10\Desktop\OTL.exe
[2011/11/28 18:01:25 | 000,041,184 | ---- | M] (AVAST Software) -- C:\WINDOWS\avastSS.scr
[2011/11/28 18:01:23 | 000,199,816 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\aswBoot.exe
[2011/11/28 17:53:53 | 000,435,032 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSnx.sys
[2011/11/28 17:53:35 | 000,314,456 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswSP.sys
[2011/11/28 17:52:19 | 000,034,392 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswRdr.sys
[2011/11/28 17:52:16 | 000,052,952 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswTdi.sys
[2011/11/28 17:52:02 | 000,111,320 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon2.sys
[2011/11/28 17:51:59 | 000,105,176 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswmon.sys
[2011/11/28 17:51:50 | 000,020,568 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aswFsBlk.sys
[2011/11/28 17:48:49 | 000,030,808 | ---- | M] (AVAST Software) -- C:\WINDOWS\System32\drivers\aavmker4.sys
[2011/11/27 19:40:21 | 633,213,029 | ---- | M] () -- C:\Documents and Settings.zip
[2011/11/23 13:07:10 | 001,008,092 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\iExplore.exe
[2011/11/23 11:01:30 | 007,413,448 | ---- | M] () -- C:\Documents and Settings\one10\Desktop\rules.ref
[2011/11/22 23:34:04 | 000,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.bak
[2011/11/22 23:15:45 | 000,000,655 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf
[2011/11/22 23:11:08 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx
[2011/11/22 23:11:06 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb
[2011/11/22 23:11:06 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb
[2011/11/22 23:10:47 | 000,004,161 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI
[2011/11/22 23:07:46 | 000,022,748 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat
[2011/11/22 23:06:09 | 000,000,211 | ---- | M] () -- C:\Boot.bak
[2011/11/22 22:16:13 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\21883758.sys
[2011/11/22 21:58:19 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\25163123.sys
[2011/11/22 21:49:09 | 000,094,896 | ---- | M] (Kaspersky Lab, GERT) -- C:\WINDOWS\System32\drivers\41318304.sys
[2011/11/22 18:51:26 | 009,852,544 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\one10\Desktop\blank.exe
[2011/11/22 15:51:30 | 000,000,685 | ---- | M] () -- C:\WINDOWS\setupapi.old
[2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[10 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/12/05 12:35:56 | 000,005,120 | ---- | C] () -- C:\Documents and Settings\one10\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2011/12/05 09:49:46 | 000,684,297 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\unhide.exe
[2011/12/03 21:29:13 | 000,000,512 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\MBR.dat
[2011/12/03 21:21:36 | 001,547,774 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\tdsskiller(1).zip
[2011/12/03 21:20:11 | 000,000,815 | ---- | C] () -- C:\Documents and Settings\one10\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/12/03 20:58:14 | 000,001,915 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Earth.lnk
[2011/12/02 14:26:12 | 000,002,952 | -HS- | C] () -- C:\WINDOWS\0298114drv.spi
[2011/12/02 14:08:39 | 104,379,584 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\setup_11.0.0.1245.x01_2011_12_02_16_18.exe
[2011/12/01 23:52:44 | 000,001,689 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\avast! Free Antivirus.lnk
[2011/12/01 23:47:48 | 000,004,212 | ---- | C] () -- C:\WINDOWS\System32\zllictbl.dat
[2011/12/01 23:47:33 | 000,421,443 | ---- | C] () -- C:\WINDOWS\System32\vsconfig.xml
[2011/12/01 20:12:58 | 000,000,211 | ---- | C] () -- C:\Boot.bak
[2011/12/01 20:12:52 | 000,260,272 | RHS- | C] () -- C:\cmldr
[2011/12/01 15:39:35 | 000,256,000 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2011/12/01 15:39:35 | 000,208,896 | ---- | C] () -- C:\WINDOWS\MBR.exe
[2011/12/01 15:39:35 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2011/12/01 15:39:35 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2011/12/01 15:39:35 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2011/11/27 19:42:55 | 633,213,029 | ---- | C] () -- C:\Documents and Settings.zip
[2011/11/23 13:54:55 | 001,008,092 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\iExplore.exe
[2011/11/23 13:27:53 | 007,413,448 | ---- | C] () -- C:\Documents and Settings\one10\Desktop\rules.ref
[2011/11/23 12:10:07 | 000,000,738 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Outlook Express.lnk
[2011/11/23 12:09:25 | 000,000,803 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Internet Explorer.lnk
[2011/11/23 12:08:21 | 000,001,599 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Remote Assistance.lnk
[2011/11/23 12:08:21 | 000,000,792 | ---- | C] () -- C:\Documents and Settings\one10\Start Menu\Programs\Windows Media Player.lnk
[2011/11/22 23:34:05 | 000,013,646 | ---- | C] () -- C:\WINDOWS\System32\wpa.bak
[2011/11/22 23:13:17 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll
[2011/11/22 23:12:52 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex
[2011/11/22 23:12:42 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe
[2011/11/22 23:12:41 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe
[2011/11/22 23:12:39 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex
[2011/11/22 23:12:29 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll
[2011/11/22 23:12:24 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex
[2011/11/22 23:12:20 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll
[2011/11/22 23:12:02 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll
[2011/11/22 22:57:33 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat
[2011/11/22 22:57:33 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat
[2011/11/22 22:57:33 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat
[2011/11/22 22:57:32 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT
[2011/11/22 22:57:32 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT
[2011/11/22 22:57:32 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT
[2011/11/22 22:57:32 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat
[2011/11/22 22:57:32 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT
[2011/11/22 22:57:32 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat
[2011/11/22 22:57:32 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT
[2011/11/22 22:57:32 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT
[2011/11/22 22:57:32 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT
[2011/11/22 22:57:32 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT
[2011/11/22 22:57:32 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT
[2011/11/22 22:57:32 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT
[2011/11/22 22:57:32 | 000,007,710 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT
[2011/11/22 22:57:31 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT
[2011/11/22 22:57:31 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT
[2011/05/19 22:30:27 | 000,080,528 | ---- | C] () -- C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
[2011/04/19 10:08:20 | 000,022,816 | ---- | C] () -- C:\WINDOWS\System32\mlfcache.dat
[2010/11/22 08:52:18 | 000,000,059 | ---- | C] () -- C:\WINDOWS\ANS2000.INI
[2010/11/22 08:52:18 | 000,000,020 | ---- | C] () -- C:\WINDOWS\akebook.ini
[2010/11/22 08:52:18 | 000,000,004 | ---- | C] () -- C:\WINDOWS\a3kebook.ini
[2010/07/20 18:55:02 | 000,000,056 | ---- | C] () -- C:\WINDOWS\System32\ezsidmv.dat
[2010/06/19 11:54:51 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/06 14:08:50 | 000,012,800 | ---- | C] () -- C:\WINDOWS\System32\EKDeviceServices.dll
[2010/06/06 13:35:57 | 000,002,007 | ---- | C] () -- C:\WINDOWS\System32\GUCI_AVS.ini
[2010/06/06 13:32:24 | 000,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI
[2010/06/05 10:52:31 | 000,000,728 | ---- | C] () -- C:\WINDOWS\{4507868A-A9CD-4ECC-BD54-0EAB6EE81D42}_WiseFW.ini
[2010/06/05 09:12:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2010/06/04 22:54:02 | 000,004,161 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2010/06/04 22:52:50 | 000,136,464 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2010/06/04 22:12:01 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2010/06/04 22:06:49 | 000,022,748 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2008/04/14 07:00:00 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2008/04/14 07:00:00 | 000,432,972 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2008/04/14 07:00:00 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2008/04/14 07:00:00 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2008/04/14 07:00:00 | 000,067,544 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2008/04/14 07:00:00 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2008/04/14 07:00:00 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2008/04/14 07:00:00 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2008/04/14 07:00:00 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\Dcache.bin
[2008/04/14 07:00:00 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2005/04/15 11:52:33 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2005/04/15 11:52:33 | 000,004,627 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat

========== Custom Scans ==========


< %temp%\*.lnk /s >

< End of report >
  • 0

Advertisements


#26
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Thank you for screen shots. Let's try to find them and restore manually.

Step 1

  • Download

    Attached File  restore.zip   899bytes   25 downloads to your desktop
  • UnZIP it and double click restore.vbs to run it
  • When you see Enter folder name box write temprestore and press OK button
  • Wait until program finishes and it will create Report.txt
  • Post Report.txt here for me.

Step 2

Run OTL again

  • Double click on the icon to run it (If running Vista or Windows 7, right click on it and select "Run as an Administrator")
    . Make sure all other windows are closed and to let it run uninterrupted.
  • Under the Custom Scan box paste this in

    %AllUsersProfile%\Start Menu\*.* /s
    %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\*.* /s
    %AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*.* /s
    

  • Click button named None first
  • Now click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • When the scan completes, it will open OTL.Txt. This file is also saved in the same location as OTL.
  • Please copy (Edit->Select All, Edit->Copy) the contents of this file and post it here to me

Step 3

Please don't forget to include these items in your reply:

  • Report.txt log
  • New OTL log
It would be helpful if you could post each log in separate post
  • 0

#27
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi maliprog,

I have done steps 1 and 2. The Report file is below and the OLT report will follow in the next post.

C:\Program Files\Adobe\Acrobat_com\Acrobat_com.exe
C:\Program Files\Adobe\Flash Player\AddIns\airappinstaller\airappinstaller.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroBroker.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroRd32Info.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AcroTextExtractor.exe
C:\Program Files\Adobe\Reader 10.0\Reader\AdobeCollabSync.exe
C:\Program Files\Adobe\Reader 10.0\Reader\Eula.exe
C:\Program Files\Adobe\Reader 10.0\Reader\LogTransport2.exe
C:\Program Files\Adobe\Reader 10.0\Reader\PDFPrevHndlrShim.exe
C:\Program Files\Adobe\Reader 10.0\Reader\reader_sl.exe
C:\Program Files\Adobe\Reader 9.0\Reader\A3DUtility.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroBroker.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroRd32Info.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AcroTextExtractor.exe
C:\Program Files\Adobe\Reader 9.0\Reader\AdobeCollabSync.exe
C:\Program Files\Adobe\Reader 9.0\Reader\Eula.exe
C:\Program Files\Adobe\Reader 9.0\Reader\LogTransport2.exe
C:\Program Files\Adobe\Reader 9.0\Reader\PDFPrevHndlrShim.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Adobe\Reader 9.0\Setup Files\{AC76BA86-7AD7-1033-7B44-A93000000001}\Setup.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\AEEnable.exe
C:\Program Files\Apple Software Update\SoftwareUpdate.exe
C:\Program Files\Ask.com\SaUpdate.exe
C:\Program Files\Ask.com\UpdateTask.exe
C:\Program Files\AVAST Software\Avast\ashQuick.exe
C:\Program Files\AVAST Software\Avast\ashUpd.exe
C:\Program Files\AVAST Software\Avast\aswChLic.exe
C:\Program Files\AVAST Software\Avast\aswRegSvr.exe
C:\Program Files\AVAST Software\Avast\aswRegSvr64.exe
C:\Program Files\AVAST Software\Avast\aswRunDll.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\AVAST Software\Avast\sched.exe
C:\Program Files\AVAST Software\Avast\VisthAux.exe
C:\Program Files\AVG\AVG10\avgcfgex.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgcmgr.exe
C:\Program Files\AVG\AVG10\avgcremx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Program Files\AVG\AVG10\avgdiagex.exe
C:\Program Files\AVG\AVG10\avgdumpx.exe
C:\Program Files\AVG\AVG10\avglscanx.exe
C:\Program Files\AVG\AVG10\avgmfapx.exe
C:\Program Files\AVG\AVG10\avgntdumpx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgscanx.exe
C:\Program Files\AVG\AVG10\avgsrmax.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\AVG\AVG10\avgui.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\AVG\AVG10\avgwsc.exe
C:\Program Files\AVG\AVG10\fixcfg.exe
C:\Program Files\AVG\AVG10\SearchProvider.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Broadcom\DrvInst\bdrvinst.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\CCleaner\uninst.exe
C:\Program Files\CheckPoint\Install\Clean_tool.exe
C:\Program Files\CheckPoint\Install\Clean_tool64.exe
C:\Program Files\CheckPoint\Install\CUninstaller.exe
C:\Program Files\CheckPoint\Install\handlecmsg.exe
C:\Program Files\CheckPoint\Install\Install.exe
C:\Program Files\CheckPoint\Install\Launcher.exe
C:\Program Files\CheckPoint\Install\vsdrinst.exe
C:\Program Files\CheckPoint\Install\vsdrinst64.exe
C:\Program Files\CheckPoint\ZAForceField\Clean_tool.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Program Files\CheckPoint\ZAForceField\ISWSVC.exe
C:\Program Files\CheckPoint\ZAForceField\TBI.exe
C:\Program Files\CheckPoint\ZAForceField\Uninstall.exe
C:\Program Files\CheckPoint\ZAForceField\ZAFFDiag.exe
C:\Program Files\CheckPoint\ZAForceField\Plugins\ISWUPDE.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mchat.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mcomm.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mfeedback.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mhost.exe
C:\Program Files\Citrix\GoToMeeting\723\G2MInstaller.exe
C:\Program Files\Citrix\GoToMeeting\723\G2MInstHigh.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mlauncher.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mmatchmaking.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mmaterials.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mpolling.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mQandA.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mrecorder.exe
C:\Program Files\Citrix\GoToMeeting\723\g2msessioncontrol.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mstart.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mtesting.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mtranscoder.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mui.exe
C:\Program Files\Citrix\GoToMeeting\723\G2MUninstall.exe
C:\Program Files\Citrix\GoToMeeting\723\g2mview.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AcrobatUpdater.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
C:\Program Files\Common Files\Adobe\ARM\1.0\ReaderUpdater.exe
C:\Program Files\Common Files\Adobe\Updater6\AdobeUpdaterInstallMgr.exe
C:\Program Files\Common Files\Adobe\Updater6\Adobe_Updater.exe
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR Application Installer.exe
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\airappinstaller.exe
C:\Program Files\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe
C:\Program Files\Common Files\Apple\Apple Application Support\defaults.exe
C:\Program Files\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files\Common Files\Apple\Apple Application Support\plutil.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileBackup.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileSync.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.IE.client.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Outlook.client.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.Safari.client.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.WindowsContacts.client.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.apple.WindowsMail.client.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.google.ContactSync.client.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\MDCrashReportTool.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\Mingler.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncDiagnostics.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\syncli.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncPlanObserver.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\SyncUIHandler.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\upgradedb.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\com.yahoo.go.sync.client.resources\Formatter.bundle\Contents\Windows\Formatter.exe
C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver.exe
C:\Program Files\Common Files\InstallShield\Driver\8\Intel 32\IDriver2.exe
C:\Program Files\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
C:\Program Files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\DotNetInstaller.exe
C:\Program Files\Common Files\Java\Java Update\jaucheck.exe
C:\Program Files\Common Files\Java\Java Update\jaureg.exe
C:\Program Files\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\Microsoft Shared\DW\DW20.EXE
C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE
C:\Program Files\Common Files\Microsoft Shared\MSInfo\msinfo32.exe
C:\Program Files\Common Files\Microsoft Shared\MSInfo\OFFPRV10.EXE
C:\Program Files\Common Files\Microsoft Shared\MSSearch\Bin\SrchAdmStp.exe
C:\Program Files\Common Files\Microsoft Shared\Office10\DW.EXE
C:\Program Files\Common Files\Microsoft Shared\Office10\MSO7FTP.EXE
C:\Program Files\Common Files\Microsoft Shared\Office10\MSO7FTPA.EXE
C:\Program Files\Common Files\Microsoft Shared\Office10\MSO7FTPS.EXE
C:\Program Files\Common Files\Microsoft Shared\Office10\MSOICONS.EXE
C:\Program Files\Common Files\Microsoft Shared\Speech\sapisvr.exe
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\CFGWIZ.EXE
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\OWSADM.EXE
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\OWSRMADM.EXE
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\bin\TCPTEST.EXE
C:\Program Files\Common Files\Microsoft Shared\web server extensions\50\isapi\FPCOUNT.EXE
C:\Program Files\Common Files\SupportSoft\bin\sprtlisten.exe
C:\Program Files\Common Files\SupportSoft\bin\ssrc.exe
C:\Program Files\Common Files\System\Mapi\1033\CNFNOT32.EXE
C:\Program Files\Common Files\System\Mapi\1033\ML3XEC16.EXE
C:\Program Files\Common Files\System\Mapi\1033\SCANOST.EXE
C:\Program Files\Common Files\System\Mapi\1033\SCANPST.EXE
C:\Program Files\Defraggler\Defraggler.exe
C:\Program Files\Defraggler\df.exe
C:\Program Files\Defraggler\uninst.exe
C:\Program Files\Easy CD-DA Extractor 15\ezcddax.exe
C:\Program Files\Easy CD-DA Extractor 15\register32.exe
C:\Program Files\Easy CD-DA Extractor 15\register64.exe
C:\Program Files\Easy CD-DA Extractor 15\uninstall.exe
C:\Program Files\eCalc Scientific (Trial)\eCalc.exe
C:\Program Files\eCalc Scientific (Trial)\unins000.exe
C:\Program Files\File Type Assistant\tsassist.exe
C:\Program Files\File Type Assistant\unins000.exe
C:\Program Files\FileZilla FTP Client\filezilla.exe
C:\Program Files\FileZilla FTP Client\fzputtygen.exe
C:\Program Files\FileZilla FTP Client\fzsftp.exe
C:\Program Files\FileZilla FTP Client\uninstall.exe
C:\Program Files\FreeFileViewer\FFVCheckForUpdates.exe
C:\Program Files\FreeFileViewer\FFVSetupFileAssociations.exe
C:\Program Files\FreeFileViewer\FreeFileViewer.exe
C:\Program Files\FreeFileViewer\tsasetup.exe
C:\Program Files\FreeFileViewer\unins000.exe
C:\Program Files\FxClub\ExpressFX\ExpressFX.exe
C:\Program Files\FxClub\ExpressFX\uninstall.exe
C:\Program Files\FXDD Malta - MetaTrader 4\LiveUpdate.exe
C:\Program Files\FXDD Malta - MetaTrader 4\MetaEditor.exe
C:\Program Files\FXDD Malta - MetaTrader 4\MetaLang.exe
C:\Program Files\FXDD Malta - MetaTrader 4\terminal.exe
C:\Program Files\FXDD Malta - MetaTrader 4\Uninstall.exe
C:\Program Files\Google\ChromeStandaloneSetup_M12_742_100.exe
C:\Program Files\Google\GoogleUpdateSetup_1.2.183.13.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\Program Files\Google\Google Earth\client\earthflashsol.exe
C:\Program Files\Google\Google Earth\client\googleearth.exe
C:\Program Files\Google\Google Earth\client\gpsbabel.exe
C:\Program Files\Google\Google Earth\plugin\geplugin.exe
C:\Program Files\Google\Picasa3\moviethumb.exe
C:\Program Files\Google\Picasa3\Picasa3.exe
C:\Program Files\Google\Picasa3\PicasaPhotoViewer.exe
C:\Program Files\Google\Picasa3\PicasaUpdater.exe
C:\Program Files\Google\Picasa3\setup.exe
C:\Program Files\Google\Picasa3\Uninstall.exe
C:\Program Files\Google\Picasa3\cdautorun\PicasaCD.exe
C:\Program Files\Google\Picasa3\cdautorun\PicasaRestore.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleCrashHandler.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleUpdate.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleUpdateBroker.exe
C:\Program Files\Google\Update\1.3.21.79\GoogleUpdateOnDemand.exe
C:\Program Files\Google\Update\Download\{1CD1B1DA-5EB4-4CE9-8220-CA911B6A6CF7}\GoogleUpdateSetup.exe
C:\Program Files\Google\Update\Download\{430FD4D0-B729-4F61-AA34-91526481799D}\1.3.21.79\GoogleUpdateSetup.exe
C:\Program Files\Google\Update\Download\{74AF07D8-FB8F-4D51-8AC7-927721D56EBB}\0.0.0.0\GoogleEarth-Win-Bundle-6.1.0.5001.exe
C:\Program Files\Google\Update\Download\{8A69D345-D564-463C-AFF1-A69D9E530F96}\12.0.742.100\chrome_installer.exe
C:\Program Files\InstallShield Installation Information\{952AB4DF-7318-4293-8575-D723C35DE117}\setup.exe
C:\Program Files\InstallShield Installation Information\{9FD81537-F8EC-41DB-BBEB-3FCFD70BB186}\setup.exe
C:\Program Files\InstallShield Installation Information\{F0A37341-D692-11D4-A984-009027EC0A9C}\setup.exe
C:\Program Files\Internet Explorer\iedw.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\Connection Wizard\icwconn1.exe
C:\Program Files\Internet Explorer\Connection Wizard\icwconn2.exe
C:\Program Files\Internet Explorer\Connection Wizard\icwrmind.exe
C:\Program Files\Internet Explorer\Connection Wizard\icwtutor.exe
C:\Program Files\Internet Explorer\Connection Wizard\inetwiz.exe
C:\Program Files\Internet Explorer\Connection Wizard\isignup.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASC.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCInit.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Program Files\IObit\Advanced SystemCare 4\AutoCare.exe
C:\Program Files\IObit\Advanced SystemCare 4\AutoSweep.exe
C:\Program Files\IObit\Advanced SystemCare 4\AutoUpdate.exe
C:\Program Files\IObit\Advanced SystemCare 4\ChangeType.exe
C:\Program Files\IObit\Advanced SystemCare 4\DiskScan.exe
C:\Program Files\IObit\Advanced SystemCare 4\IObitCommunities.exe
C:\Program Files\IObit\Advanced SystemCare 4\LicenseConverter.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\IObit\Advanced SystemCare 4\Register.exe
C:\Program Files\IObit\Advanced SystemCare 4\RescueCenter.exe
C:\Program Files\IObit\Advanced SystemCare 4\StartMenu.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suc10_RegistryCleaner.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suc11_PrivacySweeper.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suc12_Uninstal.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suc13_DiskCleaner.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suc14_FileShredder.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sun10_ClonedFilesScanner.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sun11_DiskExplorer.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sun12_SystemInformation.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sun13_EmptyFoldersScanner.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sun14_SystemControl.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suo10_SmartRAM.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suo11_InternetBooster.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suo12_StartupManager.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suo13_RegistryDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suo14_SmartDefrag.exe
C:\Program Files\IObit\Advanced SystemCare 4\Suo15_GameBooster.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sur10_Undelete.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sur11_ShortcutFixer.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sur12_DiskDoctor.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sur13_WinFix.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sur14_IEHelper.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sus10_SecurityHolesScanner.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sus11_ProcessManager.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sus12_DriverManager.exe
C:\Program Files\IObit\Advanced SystemCare 4\Sus13_IMF.exe
C:\Program Files\IObit\Advanced SystemCare 4\TaskSchedule.exe
C:\Program Files\IObit\Advanced SystemCare 4\ToolBox.exe
C:\Program Files\IObit\Advanced SystemCare 4\TurboBoost.exe
C:\Program Files\IObit\Advanced SystemCare 4\unins000.exe
C:\Program Files\IObit\Advanced SystemCare 4\Wizard.exe
C:\Program Files\IObit\Advanced SystemCare 4\Freeware\ASC_FreeSoftwareDownloader.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\iTunes\iTunes.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\iTunes\iTunesPhotoProcessor.exe
C:\Program Files\Java\jre6\bin\java-rmi.exe
C:\Program Files\Java\jre6\bin\java.exe
C:\Program Files\Java\jre6\bin\javacpl.exe
C:\Program Files\Java\jre6\bin\javaw.exe
C:\Program Files\Java\jre6\bin\javaws.exe
C:\Program Files\Java\jre6\bin\jbroker.exe
C:\Program Files\Java\jre6\bin\jp2launcher.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Java\jre6\bin\jqsnotify.exe
C:\Program Files\Java\jre6\bin\keytool.exe
C:\Program Files\Java\jre6\bin\kinit.exe
C:\Program Files\Java\jre6\bin\klist.exe
C:\Program Files\Java\jre6\bin\ktab.exe
C:\Program Files\Java\jre6\bin\orbd.exe
C:\Program Files\Java\jre6\bin\pack200.exe
C:\Program Files\Java\jre6\bin\policytool.exe
C:\Program Files\Java\jre6\bin\rmid.exe
C:\Program Files\Java\jre6\bin\rmiregistry.exe
C:\Program Files\Java\jre6\bin\servertool.exe
C:\Program Files\Java\jre6\bin\ssvagent.exe
C:\Program Files\Java\jre6\bin\tnameserv.exe
C:\Program Files\Java\jre6\bin\unpack200.exe
C:\Program Files\[email protected] Puzzle Promo Creator\example.exe
C:\Program Files\[email protected] Puzzle Promo Creator\jppc.exe
C:\Program Files\[email protected] Puzzle Promo Creator\unins000.exe
C:\Program Files\JRE\jre-windows-i586.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\certmgr.exe
C:\Program Files\Kodak\Printer\Center\AiOHomeCenter.exe
C:\Program Files\Kodak\Printer\Center\EKDiscovery.exe
C:\Program Files\Kodak\Printer\Center\gacutil.exe
C:\Program Files\Kodak\Printer\Center\gacutil64.exe
C:\Program Files\Kodak\Printer\Center\InstallUtil.exe
C:\Program Files\Kodak\Printer\Center\Kodak.Statistics.exe
C:\Program Files\Kodak\Printer\Center\KodakAiOHelper.exe
C:\Program Files\Kodak\Printer\Center\KodakAiOVistaTransfer.exe
C:\Program Files\Kodak\Printer\Center\KodakSvc.exe
C:\Program Files\Kodak\Printer\Firmware\KodakAiOUpdater.exe
C:\Program Files\Kodak\Printer\PrinterDriver\DPInst.exe
C:\Program Files\Kodak\Printer\PrinterDriver\i386\EKIJ5000MUI.exe
C:\Program Files\Kodak\Printer\PrinterDriver\i386\EKIJ5000PRE.exe
C:\Program Files\Kodak\Printer\Scanner\DPInst.exe
C:\Program Files\Link Partner Analyzer\LinkPartnerAnalyzer.exe
C:\Program Files\Magnum\mbam.exe
C:\Program Files\Magnum\mbamgui.exe
C:\Program Files\Magnum\mbamservice.exe
C:\Program Files\Magnum\unins000.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files\Microsoft Office\Office10\FINDER.EXE
C:\Program Files\Microsoft Office\Office10\FRONTPG.EXE
C:\Program Files\Microsoft Office\Office10\GRAPH.EXE
C:\Program Files\Microsoft Office\Office10\MCDLC.EXE
C:\Program Files\Microsoft Office\Office10\MSACCESS.EXE
C:\Program Files\Microsoft Office\Office10\MSACNV30.EXE
C:\Program Files\Microsoft Office\Office10\MSIMPORT.EXE
C:\Program Files\Microsoft Office\Office10\MSOHTMED.EXE
C:\Program Files\Microsoft Office\Office10\MSTORDB.EXE
C:\Program Files\Microsoft Office\Office10\MSTORE.EXE
C:\Program Files\Microsoft Office\Office10\OSA.EXE
C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Microsoft Office\Office10\POWERPNT.EXE
C:\Program Files\Microsoft Office\Office10\PROFLWIZ.EXE
C:\Program Files\Microsoft Office\Office10\VTIDB.EXE
C:\Program Files\Microsoft Office\Office10\VTIDISC.EXE
C:\Program Files\Microsoft Office\Office10\VTIFORM.EXE
C:\Program Files\Microsoft Office\Office10\VTIPRES.EXE
C:\Program Files\Microsoft Office\Office10\WAVTOASF.EXE
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Microsoft Office\Office10\1033\MSOHELP.EXE
C:\Program Files\Movie Maker\moviemk.exe
C:\Program Files\Mozilla Firefox\crashreporter.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\Mozilla Firefox\updater.exe
C:\Program Files\Mozilla Firefox\uninstall\helper.exe
C:\Program Files\MSN\MSNCoreFiles\Install\msnsusii.exe
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Digcore.exe
C:\Program Files\MSN\MSNCoreFiles\Install\MSN9Components\Msncli.exe
C:\Program Files\MSN Gaming Zone\Windows\bckgzm.exe
C:\Program Files\MSN Gaming Zone\Windows\chkrzm.exe
C:\Program Files\MSN Gaming Zone\Windows\hrtzzm.exe
C:\Program Files\MSN Gaming Zone\Windows\Rvsezm.exe
C:\Program Files\MSN Gaming Zone\Windows\shvlzm.exe
C:\Program Files\MSN Gaming Zone\Windows\zClientm.exe
C:\Program Files\NetMeeting\cb32.exe
C:\Program Files\NetMeeting\conf.exe
C:\Program Files\NetMeeting\wb32.exe
C:\Program Files\O2\agent\bin\bcont.exe
C:\Program Files\O2\agent\bin\bcont_nm.exe
C:\Program Files\O2\bin\sdckillw.exe
C:\Program Files\O2\bin\sprtcmd.exe
C:\Program Files\O2\bin\sprthelper.exe
C:\Program Files\O2\bin\sprtsvc.exe
C:\Program Files\O2\bin\ssClearCache.exe
C:\Program Files\O2\bin\tgshell.exe
C:\Program Files\O2\bin\wificfg.exe
C:\Program Files\O2\Utilities\RT-585n_82L0AH.exe
C:\Program Files\O2\Utilities\RT-585v7_74K4EJ.exe
C:\Program Files\O2\Utilities\McAfee\MCPR.exe
C:\Program Files\O2\Utilities\O2 Static IP Tool\StaticIPtool.exe
C:\Program Files\OpenOffice.org 3\Basis\program\gengal.exe
C:\Program Files\OpenOffice.org 3\Basis\program\nsplugin.exe
C:\Program Files\OpenOffice.org 3\Basis\program\odbcconfig.exe
C:\Program Files\OpenOffice.org 3\Basis\program\senddoc.exe
C:\Program Files\OpenOffice.org 3\Basis\program\stclient_wrapper.exe
C:\Program Files\OpenOffice.org 3\Basis\program\testtool.exe
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\bin\python.exe
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-6.0.exe
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-7.1.exe
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-8.0.exe
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0-amd64.exe
C:\Program Files\OpenOffice.org 3\Basis\program\python-core-2.6.1\lib\distutils\command\wininst-9.0.exe
C:\Program Files\OpenOffice.org 3\program\crashrep.exe
C:\Program Files\OpenOffice.org 3\program\python.exe
C:\Program Files\OpenOffice.org 3\program\quickstart.exe
C:\Program Files\OpenOffice.org 3\program\rebasegui.exe
C:\Program Files\OpenOffice.org 3\program\rebaseoo.exe
C:\Program Files\OpenOffice.org 3\program\sbase.exe
C:\Program Files\OpenOffice.org 3\program\scalc.exe
C:\Program Files\OpenOffice.org 3\program\sdraw.exe
C:\Program Files\OpenOffice.org 3\program\simpress.exe
C:\Program Files\OpenOffice.org 3\program\smath.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\sweb.exe
C:\Program Files\OpenOffice.org 3\program\swriter.exe
C:\Program Files\OpenOffice.org 3\program\unoinfo.exe
C:\Program Files\OpenOffice.org 3\program\unopkg.exe
C:\Program Files\OpenOffice.org 3\URE\bin\regcomp.exe
C:\Program Files\OpenOffice.org 3\URE\bin\regmerge.exe
C:\Program Files\OpenOffice.org 3\URE\bin\regview.exe
C:\Program Files\OpenOffice.org 3\URE\bin\uno.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Outlook Express\oemig50.exe
C:\Program Files\Outlook Express\setup50.exe
C:\Program Files\Outlook Express\wab.exe
C:\Program Files\Outlook Express\wabmig.exe
C:\Program Files\SEO PowerSuite\Uninstall.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\bin\linkassistant.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\crashreporter.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\updater.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\xpcshell.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\xpicleanup.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\xpidl.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\xpt_dump.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\xpt_link.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\xulrunner-stub.exe
C:\Program Files\SEO PowerSuite\LinkAssistant\libs\mozswing\xulrunner\xulrunner.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\bin\ranktracker.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\crashreporter.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\updater.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\xpcshell.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\xpicleanup.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\xpidl.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\xpt_dump.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\xpt_link.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\xulrunner-stub.exe
C:\Program Files\SEO PowerSuite\Rank Tracker\libs\mozswing\xulrunner\xulrunner.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\bin\seospyglass.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\crashreporter.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\js.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\plugin-container.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\redit.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\updater.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\xpcshell.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\xpidl.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\xpt_dump.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\xpt_link.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\xulrunner-stub.exe
C:\Program Files\SEO PowerSuite\SEO SpyGlass\libs\mozswing\xulrunner\xulrunner.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\bin\websiteauditor.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\crashreporter.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\updater.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\xpcshell.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\xpicleanup.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\xpidl.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\xpt_dump.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\xpt_link.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\xulrunner-stub.exe
C:\Program Files\SEO PowerSuite\WebSite Auditor\libs\mozswing\xulrunner\xulrunner.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPluginBroker.exe
C:\Program Files\Skype\Toolbars\Shared\SkypeNames2.exe
C:\Program Files\Smart Live Spread Bet MT4\LiveUpdate.exe
C:\Program Files\Smart Live Spread Bet MT4\MetaEditor.exe
C:\Program Files\Smart Live Spread Bet MT4\MetaLang.exe
C:\Program Files\Smart Live Spread Bet MT4\terminal.exe
C:\Program Files\Smart Live Spread Bet MT4\Uninstall.exe
C:\Program Files\Sports Interactive\Football Manager 2008\data editor.exe
C:\Program Files\Sports Interactive\Football Manager 2008\fm.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\java.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\javacpl.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\javaw.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\javaws.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\jucheck.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\jusched.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\keytool.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\kinit.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\klist.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\ktab.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\orbd.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\pack200.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\policytool.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\rmid.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\rmiregistry.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\servertool.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\tnameserv.exe
C:\Program Files\Sports Interactive\Football Manager 2008\jre\bin\unpack200.exe
C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\Uninstall Football Manager 2008.exe
C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\resource\remove.exe
C:\Program Files\Sports Interactive\Football Manager 2008\Uninstall_Football Manager 2008\resource\ZGWin32LaunchHelper.exe
C:\Program Files\Spybot - Search & Destroy\blindman.exe
C:\Program Files\Spybot - Search & Destroy\SDFiles.exe
C:\Program Files\Spybot - Search & Destroy\SDMain.exe
C:\Program Files\Spybot - Search & Destroy\SDShred.exe
C:\Program Files\Spybot - Search & Destroy\SDUpdate.exe
C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Spybot - Search & Destroy\unins000.exe
C:\Program Files\Spybot - Search & Destroy\Update.exe
C:\Program Files\Spybot - Search & Destroy\Updates\advcheck165.exe
C:\Program Files\Spybot - Search & Destroy\Updates\teatimer166.exe
C:\Program Files\Stealth Keyword Competition Analyzer\StealthKeywordCompetitionAnalyzer.exe
C:\Program Files\Stealth Keyword Competition Analyzer\unins000.exe
C:\Program Files\Traffic Travis v3\DBBackupRestore.exe
C:\Program Files\Traffic Travis v3\DbUpdater.exe
C:\Program Files\Traffic Travis v3\TrafficTravis.exe
C:\Program Files\Traffic Travis v3\unins000.exe
C:\Program Files\Trusteer\Rapport\bin\RapportMgmtService.exe
C:\Program Files\Trusteer\Rapport\bin\RapportService.exe
C:\Program Files\USB2.0 UVC VGA\AMCap.exe
C:\Program Files\USB2.0 UVC VGA\DeINF.exe
C:\Program Files\USB2.0 UVC VGA\GUCI_AVS.exe
C:\Program Files\USB2.0 UVC VGA\KillTray.exe
C:\Program Files\USB2.0 UVC VGA\SNAPSHOT.exe
C:\Program Files\VideoLAN\VLC\uninstall.exe
C:\Program Files\VideoLAN\VLC\vlc-cache-gen.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Windows Media Connect 2\wmccds.exe
C:\Program Files\Windows Media Connect 2\WMCCFG.exe
C:\Program Files\Windows Media Player\migrate.exe
C:\Program Files\Windows Media Player\mplayer2.exe
C:\Program Files\Windows Media Player\setup_wm.exe
C:\Program Files\Windows Media Player\wmdbexport.exe
C:\Program Files\Windows Media Player\wmlaunch.exe
C:\Program Files\Windows Media Player\wmpenc.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\Windows Media Player\wmpshare.exe
C:\Program Files\Windows Media Player\wmsetsdk.exe
C:\Program Files\Windows NT\dialer.exe
C:\Program Files\Windows NT\hypertrm.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Program Files\Windows NT\Pinball\PINBALL.EXE
C:\Program Files\WinRAR\Rar.exe
C:\Program Files\WinRAR\Uninstall.exe
C:\Program Files\WinRAR\UnRAR.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\Program Files\Zone Labs\ZoneAlarm\cpes_clean.exe
C:\Program Files\Zone Labs\ZoneAlarm\multifix.exe
C:\Program Files\Zone Labs\ZoneAlarm\zauninst.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\cpinfo.exe
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\DiagnosticsCaptureTool.exe
C:\Program Files\Zone Labs\ZoneAlarm\Diagnostics\osrbang.exe
C:\Program Files\Zone Labs\ZoneAlarm\repair\vsmon.exe
C:\Program Files\ZoneAlarm_Security\uninstall.exe
C:\Program Files\ZoneAlarm_Security\ZoneAlarm_SecurityToolbarHelper.exe
  • 0

#28
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
OTL Report:

OTL logfile created on: 12/6/2011 20:09:40 - Run 5
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Documents and Settings\one10\Desktop
Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 7.0.5730.13)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: M/d/yyyy

2.99 Gb Total Physical Memory | 2.52 Gb Available Physical Memory | 84.12% Memory free
6.84 Gb Paging File | 6.49 Gb Available in Paging File | 94.89% Paging File free
Paging file location(s): c:\pagefile.sys 4093 4093 [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 127.99 Gb Total Space | 75.17 Gb Free Space | 58.73% Space Free | Partition Type: NTFS
Drive F: | 955.70 Mb Total Space | 633.19 Mb Free Space | 66.25% Space Free | Partition Type: FAT

Computer Name: USER-94BF4B7558 | User Name: one10 | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Custom Scans ==========


< %AllUsersProfile%\Start Menu\*.* /s >
[2011/12/02 09:04:19 | 000,000,089 | -HS- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\desktop.ini
[2011/12/02 09:04:19 | 000,000,710 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Accessories\Scanner and Camera Wizard.lnk
[2011/12/01 23:52:44 | 000,001,701 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\avast! Free Antivirus\avast! Free Antivirus.lnk
[2011/12/03 20:58:13 | 000,001,925 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth\Google Earth.lnk
[2011/12/03 20:58:13 | 000,001,853 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth\Start Google Earth in DirectX mode.lnk
[2011/12/03 20:58:14 | 000,001,857 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth\Start Google Earth in OpenGL mode.lnk
[2011/12/03 20:58:14 | 000,001,707 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Google Earth\Uninstall Google Earth.lnk
[2011/12/03 20:44:04 | 000,001,808 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Rapport\Rapport Console.lnk
[2011/12/03 20:44:04 | 000,000,129 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Rapport\Rapport Support Page.url
[2011/12/03 20:44:04 | 000,001,810 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Rapport\Start Rapport.lnk
[2011/12/03 20:44:04 | 000,001,806 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\Trusteer Rapport\Stop Rapport.lnk
[2011/12/01 23:47:48 | 000,000,738 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm\Readme.lnk
[2011/12/01 23:47:48 | 000,001,671 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm\Uninstall ZoneAlarm Security.lnk
[2011/12/01 23:47:48 | 000,000,973 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm\ZoneAlarm Diagnostics Tool.lnk
[2011/12/01 23:47:48 | 000,000,743 | ---- | M] () -- C:\Documents and Settings\All Users\Start Menu\Programs\ZoneAlarm\ZoneAlarm Security.lnk

< %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\*.* /s >
[2011/12/03 21:20:11 | 000,000,815 | ---- | M] () -- C:\Documents and Settings\one10\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk

< %AppData%\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*.* /s >

< End of report >
  • 0

#29
maliprog

maliprog

    Trusted Helper

  • Malware Removal
  • 6,172 posts
Good news is that system is clean. There are no trace of malware. Looks like your software is still installed but you only lost your shortcuts. The easiest way is to reinstall applications.

You can also restore some shortcuts manually. For example Microsoft Office:

1. Click Start, click Control Panel, and then click Add or Remove Programs.
2. In Add or Remove Programs, click Microsoft Office 2010, and then click Change.
3. Click Add or Remove Features, and then click Continue.
4. Click Microsoft Office, and then click Continue.
5. When the update is complete, click OK, and then close Add or Remove Programs.

The Microsoft Office folder should now be showing in your start menu.



For other software you must copy and past shortcuts manually. You have all shortcuts now in temprestore folder that you created by running restore.vbs.

For example to restore Picasa shortcut you must:
Copy \temprestore\Google\Picasa3\Picasa3.lnk shortcut to C:\Documents and Settings\one10\Start Menu\Programs\Picasa 3\ folder
After that you will see shortcut in Start menu.

You can do that for all missing shortcuts otherwise you must reinstall them. Please report progress to me.
  • 0

#30
Rick_F

Rick_F

    Member

  • Topic Starter
  • Member
  • PipPip
  • 23 posts
Hi maliprog,

That worked a treat. My shortcuts have been restored.

Thanks very much for helping me to rescue my PC. I really appreciated your help. Total respect to you because not many people would have been able to help in the same way - I used to work in IT for a large corporate and none of the so-called experts there could have done a fraction of what you did to help me.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP