Jump to content

DarkStorm490

Members
  • Posts

    10
  • Joined

  • Last visited

Reputation

0 Neutral
  1. It all seems great! Thank you so much for your help!
  2. OTL.txt OTL logfile created on: 21/05/2010 11:46:50 PM - Run 2 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 54.00% Memory free 3.00 Gb Paging File | 2.00 Gb Available in Paging File | 75.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 296.09 Gb Total Space | 150.70 Gb Free Space | 50.90% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LITTLE_JILLYS Current User Name: jilly Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) PRC - C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) PRC - C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe () PRC - C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) PRC - C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\SYSTEM32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (DAUpdaterSvc) -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) ========== Driver Services (SafeList) ========== DRV - (AvgTdiX) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (atksgt) -- C:\WINDOWS\SYSTEM32\DRIVERS\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\SYSTEM32\DRIVERS\lirsgt.sys () DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (cpuz132) -- C:\WINDOWS\SYSTEM32\DRIVERS\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider) DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys (Microsoft Corporation) DRV - (SISNIC) -- C:\WINDOWS\SYSTEM32\DRIVERS\sisnic.sys (SiS Corporation) DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\alcxwdm.sys (Realtek Semiconductor Corp.) DRV - (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335) -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311v3XP.sys (Marvell Semiconductor, Inc) DRV - (VIAudio) VIA AC'97 Enhanced Audio Controller (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\viaudio.sys (VIA Technologies, Inc.) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/ IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SYSTEM32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/05/19 21:04:03 | 000,000,000 | ---D | M] [2009/05/19 21:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Mozilla\Extensions [2009/05/19 21:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2010/05/18 11:13:58 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\SYSTEM32\ieframe.dll (Microsoft Corporation) O4 - HKLM..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.) O4 - HKLM..\Run: [type32] C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation) O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.) O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SYSTEM32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0...heckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1273659687031 (WUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} Reg Error: Key error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Blue_Mountains O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell®) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\SYSTEM32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\RegCompact: DllName - RegCompact.dll - C:\WINDOWS\System32\RegCompact.dll (AMUST Software) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll () O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\SYSTEM32\wpdshserviceobj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\My Documents\My Pictures\desktop2.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\My Documents\My Pictures\desktop2.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/12/17 06:07:06 | 000,000,455 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2002/08/19 03:12:02 | 000,000,171 | ---- | M] () - C:\AUTOEXEC.PSS -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = ComFile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* ========== Files/Folders - Created Within 30 Days ========== [2020/02/19 22:06:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe [2020/02/19 22:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2020/02/19 19:44:41 | 000,000,000 | ---D | C] -- C:\Bin [2020/02/19 19:26:38 | 000,000,000 | ---D | C] -- C:\Program Files\PowerArchiver [2020/02/19 19:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2020/02/19 19:19:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\forms [2020/02/19 19:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Messaging [2020/02/19 19:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2020/02/19 18:20:21 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2020/02/19 13:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2020/02/19 13:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis [2020/02/19 13:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bullfrog [2020/02/19 11:32:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2020/02/19 11:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2020/02/19 11:29:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PrintHood [2020/02/19 11:29:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Local Settings [2020/02/19 11:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\NetHood [2020/02/19 11:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\CatRoot [2020/02/19 11:20:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\Temporary Internet Files [2020/02/19 11:20:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\History [2020/02/19 11:20:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\Cookies [2020/02/19 11:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\DirectX [2020/02/19 11:19:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Favorites [2020/02/19 11:19:15 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2020/02/19 11:19:14 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2020/02/19 11:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information [2020/02/19 11:18:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Recent [2020/02/19 11:18:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\SendTo [2020/02/19 11:18:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Start Menu [2020/02/19 11:17:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\All Users [2019/02/20 11:11:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\spool [2019/02/20 11:11:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\SYSBCKUP [2019/02/20 11:11:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\APPLOG [2019/02/20 11:10:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SAMPLES [2019/02/20 11:09:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\PIF [2019/02/20 11:09:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\IOSUBSYS [2019/02/20 11:09:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ShellNew [2019/02/20 11:08:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\MACROMED [2019/02/20 11:07:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Application Data [2019/02/20 11:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SERVICES [2019/02/20 11:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services [2019/02/20 11:07:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\CATROOT [2019/02/20 11:06:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\VMM32 [2019/02/20 11:06:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\MEDIA [2019/02/20 11:06:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2019/02/20 11:06:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\CONFIG [2019/02/20 11:05:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\DRWATSON [2019/02/20 11:05:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\WEB [2019/02/20 11:05:44 | 000,000,000 | R-SD | C] -- C:\WINDOWS\FONTS [2019/02/20 11:03:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\SHELLEXT [2019/02/20 11:03:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\OOBE [2019/02/20 11:03:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\JAVA [2019/02/20 11:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SYSTEM [2019/02/20 11:03:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\CURSORS [2019/02/20 11:03:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SYSTEM32 [2019/02/20 11:03:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRIVERS [2019/02/20 11:02:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\HELP [2019/02/20 11:02:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\INF [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Windows Media Player [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Outlook Express [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\NetMeeting [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Common Files\Microsoft Shared [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Accessories [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SYSTEM [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\PLUS! [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\CHAT [2019/02/20 10:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS [2010/05/21 09:39:02 | 000,000,000 | -HSD | C] -- C:\RECYCLER [2010/05/19 10:04:56 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\IECompatCache [2010/05/18 08:26:18 | 000,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe [2010/05/18 08:26:18 | 000,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe [2010/05/18 08:26:18 | 000,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe [2010/05/18 08:26:18 | 000,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe [2010/05/18 08:25:26 | 000,000,000 | ---D | C] -- C:\Qoobox [2010/05/17 10:05:20 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe [2010/05/17 10:04:53 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTH.scr [2010/05/15 10:52:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/05/15 10:52:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/05/15 09:47:53 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\mbam-setup-1.46.exe [2010/05/12 23:12:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmpcopy [2010/05/12 20:52:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010/05/12 20:44:20 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010/05/12 20:44:12 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010/05/12 20:44:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010/05/12 20:44:10 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010/05/12 20:42:02 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll [2010/05/12 20:42:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll [2010/05/12 20:41:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll [2010/05/12 20:32:21 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010/05/12 20:32:20 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2010/05/12 20:32:20 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010/05/12 20:28:49 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010/05/12 20:22:09 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2010/05/12 20:22:08 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2010/05/12 20:10:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\PrivacIE [2010/05/12 20:08:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\IETldCache [2010/05/12 19:43:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/05/12 19:31:06 | 000,000,000 | ---D | C] -- C:\$AVG [2010/05/12 19:20:48 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010/05/12 19:20:48 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010/05/12 19:20:41 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010/05/12 19:20:39 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010/05/12 19:20:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg [2010/05/12 19:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9 [2010/05/12 19:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010/05/12 18:48:52 | 000,000,000 | ---D | C] -- C:\RRTVAULT [2010/05/12 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010/05/12 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2010/05/12 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2010/05/12 18:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010/05/12 16:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun [2010/05/12 16:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/05/12 16:40:16 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010/05/12 16:40:16 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010/05/12 16:40:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010/05/12 16:40:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010/05/12 16:22:21 | 000,000,000 | ---D | C] -- C:\Config.msi [2010/05/12 14:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/05/12 14:02:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime [2010/05/12 14:02:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime [2010/05/12 14:02:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime [2010/05/12 14:02:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime [2010/05/12 14:02:31 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime [2010/05/12 14:02:30 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime [2010/05/12 14:02:30 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll [2010/05/12 14:02:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2010/05/12 14:02:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll [2010/05/12 14:02:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll [2010/05/12 14:02:28 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll [2010/05/12 14:02:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll [2010/05/12 14:02:28 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll [2010/05/12 14:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll [2010/05/12 14:02:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll [2010/05/12 14:02:27 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll [2010/05/12 14:02:27 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll [2010/05/12 14:02:27 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2010/05/12 14:02:24 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll [2010/05/12 14:02:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll [2010/05/12 14:02:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime [2010/05/12 14:02:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2010/05/12 14:02:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll [2010/05/12 14:02:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll [2010/05/12 14:02:21 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime [2010/05/12 14:02:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe [2010/05/12 14:02:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2010/05/12 14:02:21 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe [2010/05/12 14:02:20 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2010/05/12 14:02:20 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2010/05/12 14:02:20 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2010/05/12 14:02:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll [2010/05/12 14:02:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll [2010/05/12 14:02:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll [2010/05/12 14:02:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll [2010/05/12 14:02:16 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2010/05/12 14:02:15 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll [2010/05/12 14:02:14 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll [2010/05/12 14:02:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll [2010/05/12 14:02:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2010/05/12 14:02:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe [2010/05/12 14:02:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2010/05/12 14:02:13 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll [2010/05/12 14:02:13 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll [2010/05/12 14:02:13 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll [2010/05/12 14:02:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe [2010/05/12 14:02:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll [2010/05/12 14:02:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2010/05/12 14:02:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll [2010/05/12 14:02:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2010/05/12 14:02:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2010/05/12 14:02:11 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe [2010/05/12 14:02:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2010/05/12 14:02:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2010/05/12 14:02:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2010/05/12 14:02:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2010/05/12 14:02:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2010/05/12 14:02:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2010/05/12 14:02:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2010/05/12 14:02:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2010/05/12 14:02:10 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2010/05/12 14:02:10 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2010/05/12 14:02:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2010/05/12 14:02:06 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll [2010/05/12 14:02:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2010/05/12 14:02:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2010/05/12 14:02:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010/05/12 14:02:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010/05/12 14:02:05 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll [2010/05/12 14:02:04 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2010/05/12 14:02:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll [2010/05/12 14:02:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime [2010/05/12 14:02:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll [2010/05/12 14:02:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2010/05/12 14:02:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2010/05/12 14:02:01 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys [2010/05/12 14:02:00 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime [2010/05/12 14:02:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2010/05/12 14:02:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2010/05/12 14:01:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll [2010/05/12 14:01:58 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/05/12 14:01:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/05/12 14:01:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/05/12 14:01:57 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/05/12 14:01:57 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/05/12 14:01:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/05/12 14:01:57 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010/05/12 14:01:56 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010/05/12 14:01:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll [2010/05/12 14:01:55 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010/05/12 14:01:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll [2010/05/12 14:01:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010/05/12 14:01:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010/05/12 14:01:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010/05/12 14:01:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/05/12 14:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll [2010/05/12 14:01:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll [2010/05/12 14:01:48 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010/05/12 14:01:48 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe [2010/05/12 14:01:44 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010/05/12 14:01:44 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010/05/12 14:01:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe [2010/05/12 14:01:37 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/05/12 14:01:37 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/05/12 14:01:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll [2010/05/12 14:01:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll [2010/05/12 14:01:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/05/12 14:01:36 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll [2010/05/12 14:01:35 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll [2010/05/12 14:01:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll [2010/05/12 14:01:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll [2010/05/12 14:01:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll [2010/05/12 14:01:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll [2010/05/12 14:01:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010/05/12 14:01:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/05/12 14:01:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/05/12 14:01:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/05/12 14:01:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010/05/12 14:01:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/05/12 14:01:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/05/12 14:01:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010/05/12 14:01:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010/05/12 14:01:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll [2010/05/12 14:01:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll [2010/05/12 14:01:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/05/12 14:01:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/05/12 14:01:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll [2010/05/12 14:01:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/05/12 14:01:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll [2010/05/12 14:01:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/05/12 14:01:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/05/12 14:01:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/05/12 14:01:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/05/12 14:01:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll [2010/05/12 14:01:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010/05/12 14:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/05/12 14:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/05/12 14:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/05/12 14:01:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/05/12 14:01:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/05/12 14:01:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll [2010/05/12 14:01:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/05/12 14:01:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll [2010/05/12 14:01:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll [2010/05/12 14:01:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll [2010/05/12 14:01:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll [2010/05/12 14:01:24 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010/05/12 14:01:24 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll [2010/05/12 14:01:24 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll [2010/05/12 14:01:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010/05/12 14:01:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010/05/12 14:01:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010/05/12 14:01:22 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010/05/12 14:01:22 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010/05/12 14:01:22 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010/05/12 14:01:22 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010/05/12 14:01:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010/05/12 14:01:21 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010/05/12 14:01:21 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010/05/12 14:01:21 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010/05/12 14:01:21 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010/05/12 14:01:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010/05/12 14:01:20 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010/05/12 14:01:20 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010/05/12 14:01:20 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010/05/12 14:01:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010/05/12 14:01:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010/05/12 14:01:19 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010/05/12 14:01:19 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010/05/12 14:01:19 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010/05/12 14:01:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010/05/12 14:01:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe [2010/05/12 14:01:18 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll [2010/05/12 14:01:18 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll [2010/05/12 14:01:18 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll [2010/05/12 14:01:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll [2010/05/12 14:01:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll [2010/05/12 14:01:18 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll [2010/05/12 14:01:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll [2010/05/12 14:01:14 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010/05/12 14:01:07 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/05/12 14:01:06 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll [2010/05/12 14:01:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll [2010/05/12 14:01:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll [2010/05/12 14:01:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll [2010/05/12 14:01:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010/05/12 14:01:04 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll [2010/05/12 14:01:03 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll [2010/05/12 14:01:03 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll [2010/05/12 14:01:03 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll [2010/05/12 14:01:03 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll [2010/05/12 14:01:03 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll [2010/05/12 14:01:02 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll [2010/05/12 14:01:02 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe [2010/05/12 14:01:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/05/12 14:01:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll [2010/05/12 14:01:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/05/12 14:01:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll [2010/05/12 14:01:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll [2010/05/12 14:01:01 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll [2010/05/12 14:01:01 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe [2010/05/12 14:01:01 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/05/12 14:01:01 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll [2010/05/12 14:01:01 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll [2010/05/12 14:01:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll [2010/05/12 14:01:01 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll [2010/05/12 14:01:00 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll [2010/05/12 14:01:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe [2010/05/12 14:01:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll [2010/05/12 14:01:00 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/05/12 14:00:59 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll [2010/05/12 14:00:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll [2010/05/12 14:00:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll [2010/05/12 14:00:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/05/12 14:00:58 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe [2010/05/12 14:00:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/05/12 14:00:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/05/12 14:00:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll [2010/05/12 14:00:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll [2010/05/12 14:00:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe [2010/05/12 14:00:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe [2010/05/12 14:00:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll [2010/05/12 14:00:55 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/05/12 14:00:55 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/05/12 14:00:55 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/05/12 14:00:55 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/05/12 14:00:49 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010/05/12 14:00:49 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe [2010/05/12 14:00:47 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010/05/12 14:00:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe [2010/05/12 14:00:47 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll [2010/05/12 14:00:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/05/12 14:00:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll [2010/05/12 14:00:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll [2010/05/12 14:00:45 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/05/12 14:00:44 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/05/12 14:00:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/05/12 14:00:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/05/12 14:00:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/05/12 14:00:43 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010/05/12 14:00:43 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010/05/12 14:00:42 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010/05/12 14:00:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/05/12 14:00:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/05/12 14:00:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/05/12 14:00:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/05/12 14:00:41 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/05/12 14:00:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/05/12 14:00:40 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll [2010/05/12 14:00:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010/05/12 14:00:31 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll [2010/05/12 14:00:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll [2010/05/12 14:00:27 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll [2010/05/12 14:00:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll [2010/05/12 14:00:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll [2010/05/12 14:00:26 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll [2010/05/12 14:00:26 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll [2010/05/12 14:00:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll [2010/05/12 14:00:23 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll [2010/05/12 14:00:23 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll [2010/05/12 14:00:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll [2010/05/12 14:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/05/12 14:00:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2010/05/12 14:00:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll [2010/05/12 14:00:18 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe [2010/05/12 14:00:18 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll [2010/05/12 14:00:17 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll [2010/05/12 14:00:17 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll [2010/05/12 14:00:17 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe [2010/05/12 14:00:16 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll [2010/05/12 14:00:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx [2010/05/12 14:00:12 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll [2010/05/12 14:00:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll [2010/05/12 14:00:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll [2010/05/12 14:00:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe [2010/05/12 14:00:11 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll [2010/05/12 14:00:11 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll [2010/05/12 14:00:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll [2010/05/12 14:00:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe [2010/05/12 14:00:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll [2010/05/12 14:00:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll [2010/05/12 14:00:10 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll [2010/05/12 14:00:10 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe [2010/05/12 14:00:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe [2010/05/12 14:00:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll [2010/05/12 14:00:09 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll [2010/05/12 14:00:09 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2010/05/12 14:00:09 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll [2010/05/12 14:00:08 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll [2010/05/12 14:00:08 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe [2010/05/12 14:00:08 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe [2010/05/12 14:00:08 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll [2010/05/12 14:00:08 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe [2010/05/12 14:00:07 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll [2010/05/12 14:00:07 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll [2010/05/12 14:00:07 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll [2010/05/12 14:00:07 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll [2010/05/12 14:00:07 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll [2010/05/12 14:00:06 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll [2010/05/12 14:00:06 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll [2010/05/12 14:00:05 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx [2010/05/12 14:00:05 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe [2010/05/12 14:00:05 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx [2010/05/12 14:00:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll [2010/05/12 14:00:04 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx [2010/05/12 14:00:04 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll [2010/05/12 14:00:04 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe [2010/05/12 14:00:03 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll [2010/05/12 14:00:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll [2010/05/12 14:00:03 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe [2010/05/12 14:00:02 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll [2010/05/12 13:35:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/05/12 13:35:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2010/05/12 13:35:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/05/12 13:35:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010/05/12 11:56:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\dllcache [2010/05/12 11:55:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot2 [2010/05/10 21:48:30 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2010/05/08 23:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/05/05 09:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Local Settings\Application Data\nlfofeppu [2010/05/05 09:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Local Settings\Application Data\mbwlfsffy [2010/04/27 16:49:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Brother [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2020/02/19 19:36:44 | 000,000,030 | ---- | M] () -- C:\CONFIG.SYS [2020/02/19 18:01:40 | 000,006,792 | ---- | M] () -- C:\SPIN_LOG.C [2020/02/19 18:01:40 | 000,000,572 | -HS- | M] () -- C:\SPINRITE.FIF [2020/02/19 12:16:16 | 000,272,054 | -HS- | M] () -- C:\SCDOS.BAK [2020/02/19 11:19:24 | 000,011,079 | -H-- | M] () -- C:\Program Files\folder.htt [2019/02/20 11:16:56 | 000,001,676 | ---- | M] () -- C:\MSDOS.SYS [2019/02/20 11:10:50 | 000,005,166 | -HS- | M] () -- C:\SUHDLOG.DAT [2019/02/20 10:54:02 | 000,000,022 | -HS- | M] () -- C:\MSDOS.--- [2010/05/21 23:31:09 | 000,000,160 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\webct_upload_applet.properties [2010/05/21 18:25:23 | 000,438,918 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/21 18:25:23 | 000,378,264 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/21 18:25:23 | 000,054,096 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/21 09:38:50 | 000,003,333 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\Kaspersky Online Scanner.html [2010/05/21 09:01:21 | 060,218,969 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/05/20 13:02:32 | 000,000,648 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/20 12:27:58 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/20 12:27:21 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/20 12:27:16 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/19 20:25:35 | 011,796,480 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\ntuser.dat [2010/05/19 20:25:35 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\ntuser.ini [2010/05/19 10:18:48 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\Word 2003.lnk [2010/05/18 11:14:12 | 000,000,292 | ---- | M] () -- C:\WINDOWS\system.ini [2010/05/18 11:13:58 | 000,000,027 | ---- | M] () -- C:\WINDOWS\System32\drivers\etc\hosts [2010/05/18 08:24:53 | 003,690,041 | R--- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\ComboFix.exe [2010/05/17 11:39:35 | 1610,170,368 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP [2010/05/17 10:16:25 | 000,293,376 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\5j8yovhi.exe [2010/05/17 10:05:25 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe [2010/05/17 10:04:53 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTH.scr [2010/05/15 10:53:01 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/15 09:47:53 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\mbam-setup-1.46.exe [2010/05/15 09:41:20 | 000,001,697 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2010/05/13 21:52:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/05/13 08:58:41 | 000,000,269 | ---- | M] () -- C:\Fold.reg [2010/05/13 08:58:41 | 000,000,115 | ---- | M] () -- C:\Reg.bat [2010/05/12 21:05:07 | 000,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/12 20:57:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/05/12 19:20:48 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010/05/12 19:20:48 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010/05/12 19:20:48 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG Free 9.0.lnk [2010/05/12 19:20:41 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010/05/12 19:20:39 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010/05/12 19:20:39 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010/05/12 18:25:36 | 000,016,244 | ---- | M] () -- C:\WINDOWS\System32\rrt_is.wav [2010/05/12 18:25:36 | 000,007,302 | ---- | M] () -- C:\WINDOWS\System32\rrt_vf.wav [2010/05/12 18:25:36 | 000,007,148 | ---- | M] () -- C:\WINDOWS\System32\rrt_tv.wav [2010/05/12 18:25:36 | 000,006,282 | ---- | M] () -- C:\WINDOWS\System32\rrt_tn.wav [2010/05/12 18:24:04 | 000,000,737 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010/05/12 16:25:41 | 000,001,555 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\CCleaner.lnk [2010/05/12 16:13:32 | 000,070,008 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/05/12 16:12:10 | 000,000,292 | ---- | M] () -- C:\WINDOWS\SYSTEM.UNV [2010/05/12 16:12:10 | 000,000,282 | -HS- | M] () -- C:\boot.ini [2010/05/12 14:03:39 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/05/12 13:59:20 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/05/12 13:59:19 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/05/12 13:59:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/05/12 13:59:06 | 000,004,346 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/05/12 13:58:00 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/05/12 13:58:00 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/05/12 13:56:35 | 000,022,748 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/05/12 13:53:59 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2010/04/30 14:39:36 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/04/26 15:58:12 | 000,256,512 | ---- | M] () -- C:\WINDOWS\PEV.exe [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2020/02/19 19:36:44 | 000,000,030 | ---- | C] () -- C:\CONFIG.SYS [2020/02/19 19:36:26 | 000,272,054 | -HS- | C] () -- C:\SCDOS.BAK [2020/02/19 18:01:40 | 000,006,792 | ---- | C] () -- C:\SPIN_LOG.C [2020/02/19 18:01:40 | 000,000,572 | -HS- | C] () -- C:\SPINRITE.FIF [2020/02/19 12:16:14 | 000,272,054 | -HS- | C] () -- C:\SCDOS.SYS [2020/02/19 12:16:03 | 000,032,768 | -HS- | C] () -- C:\SYSIOMGR.SYS [2020/02/19 11:19:22 | 000,011,079 | -H-- | C] () -- C:\Program Files\folder.htt [2019/02/20 11:16:56 | 000,001,676 | ---- | C] () -- C:\MSDOS.SYS [2019/02/20 11:10:50 | 000,005,166 | -HS- | C] () -- C:\SUHDLOG.DAT [2019/02/20 10:54:02 | 000,000,022 | -HS- | C] () -- C:\MSDOS.--- [2010/05/21 09:38:50 | 000,003,333 | ---- | C] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\Kaspersky Online Scanner.html [2010/05/18 08:26:18 | 000,256,512 | ---- | C] () -- C:\WINDOWS\PEV.exe [2010/05/18 08:26:18 | 000,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe [2010/05/18 08:26:18 | 000,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe [2010/05/18 08:26:18 | 000,077,312 | ---- | C] () -- C:\WINDOWS\MBR.exe [2010/05/18 08:26:18 | 000,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe [2010/05/18 08:24:53 | 003,690,041 | R--- | C] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\ComboFix.exe [2010/05/17 10:16:25 | 000,293,376 | ---- | C] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\5j8yovhi.exe [2010/05/15 10:53:01 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/13 21:52:51 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010/05/13 08:58:41 | 000,000,269 | ---- | C] () -- C:\Fold.reg [2010/05/13 08:58:41 | 000,000,115 | ---- | C] () -- C:\Reg.bat [2010/05/12 19:20:48 | 000,001,514 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG Free 9.0.lnk [2010/05/12 19:20:39 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010/05/12 19:20:35 | 060,218,969 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/05/12 18:25:36 | 000,016,244 | ---- | C] () -- C:\WINDOWS\System32\rrt_is.wav [2010/05/12 18:25:36 | 000,007,302 | ---- | C] () -- C:\WINDOWS\System32\rrt_vf.wav [2010/05/12 18:25:36 | 000,007,148 | ---- | C] () -- C:\WINDOWS\System32\rrt_tv.wav [2010/05/12 18:25:36 | 000,006,282 | ---- | C] () -- C:\WINDOWS\System32\rrt_tn.wav [2010/05/12 16:25:41 | 000,001,555 | ---- | C] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\CCleaner.lnk [2010/05/12 14:02:38 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/05/12 14:01:58 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/05/12 14:01:58 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/05/12 14:01:56 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/05/12 14:01:34 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/05/12 14:01:33 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/05/12 14:01:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/05/12 14:01:22 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/05/12 14:01:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/05/12 14:01:10 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/05/12 14:01:05 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/05/12 14:00:59 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2010/05/12 14:00:44 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/05/12 14:00:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/05/12 14:00:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/05/12 14:00:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/05/12 14:00:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/05/12 14:00:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/05/12 14:00:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/05/12 14:00:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/05/12 14:00:38 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/05/12 14:00:38 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/05/12 14:00:38 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/05/12 14:00:35 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/05/12 14:00:35 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/05/12 14:00:35 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/05/12 14:00:35 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/05/12 14:00:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/05/12 14:00:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/05/12 14:00:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/05/12 14:00:34 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/05/12 14:00:34 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/05/12 14:00:34 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/05/12 14:00:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/05/12 14:00:32 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/05/12 14:00:32 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/05/12 14:00:31 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/05/12 14:00:31 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/05/12 14:00:31 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/05/12 14:00:30 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/05/12 13:58:00 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/12 13:35:02 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2010/05/12 13:35:02 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2010/05/12 13:35:02 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2010/05/12 13:35:02 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat [2010/05/12 13:35:02 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat [2010/05/12 13:35:02 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2010/05/12 13:35:02 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/05/12 13:35:02 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/05/12 13:35:02 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2010/05/12 13:35:01 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2010/05/12 13:35:01 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/05/12 13:35:01 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/05/12 13:35:01 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/05/12 13:35:01 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2010/05/12 13:35:01 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2010/05/12 13:35:01 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/05/12 13:35:01 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2010/05/12 13:35:00 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2010/05/12 13:35:00 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2010/04/13 19:18:16 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010/04/13 19:18:16 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2010/04/13 19:17:51 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2010/04/13 19:17:51 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2010/04/13 19:16:28 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2010/04/13 19:12:29 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2010/04/05 13:23:56 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010/04/05 13:23:55 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009/05/11 20:47:52 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2009/05/11 20:47:45 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009/05/04 02:37:22 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/02/12 07:30:02 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll [2009/01/06 17:50:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2008/12/07 14:08:04 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/09/12 16:21:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008/09/11 10:50:56 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008/04/27 10:33:36 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008/01/19 12:41:56 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2007/10/15 12:59:15 | 000,001,697 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2007/09/04 12:56:10 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2006/01/13 15:41:33 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2006/01/13 15:41:33 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2006/01/13 15:41:33 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2006/01/05 18:47:37 | 000,000,643 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2005/12/30 15:20:54 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2005/12/30 15:20:54 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2005/05/20 20:36:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll [2005/04/15 08:44:23 | 000,000,073 | ---- | C] () -- C:\WINDOWS\entpack.ini [2005/03/04 15:09:34 | 000,000,512 | ---- | C] () -- C:\WINDOWS\System32\st41t4jj.dll [2005/03/02 18:08:18 | 000,000,882 | ---- | C] () -- C:\WINDOWS\DC.ini [2004/12/31 13:22:51 | 000,000,737 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2003/02/19 01:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2002/03/04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [1996/11/20 23:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL < End of report >
  3. Hello, Things seem to have been running normal, which is great. Anti-virus isn't picking anything up like it used to. As for Outlook Express. I cannot remember the last time it was used (would have been years ago). I opened it and checked for a folder titled "copy of inbox" but could not find anything. There were was one email from microsoft welcoming me to outlook express in the inbox folder. I deleted that. There was also an email in the drafts or sent box (forgive me, I just forgot where it was) that seemed a bit weird, but I deleted that as well. I will run OTL right now and post the results. Thanks for your help!
  4. Hello, Here is the scan results. Thanks. KASPERSKY ONLINE SCANNER 7.0: scan report Friday, May 21, 2010 Operating system: Microsoft Windows XP Professional Service Pack 3 (build 2600) Kaspersky Online Scanner version: 7.0.26.13 Last database update: Wednesday, May 19, 2010 22:30:03 Records in database: 4139978 Scan settings scan using the following database extended Scan archives yes Scan e-mail databases yes Scan area My Computer A:\ C:\ D:\ F:\ Scan statistics Objects scanned 196417 Threats found 2 Infected objects found 1 Suspicious objects found 1 Scan duration 07:10:25 File name Threat Threats count C:\Documents and Settings\jilly\Local Settings\Application Data\Identities\{B076055B-E877-4EDF-95F0-7E8268D06877}\Microsoft\Outlook Express\Copy of Inbox.db Suspicious: Exploit.HTML.Iframe.FileDownload 1 C:\Documents and Settings\jilly\Local Settings\Application Data\Identities\{B076055B-E877-4EDF-95F0-7E8268D06877}\Microsoft\Outlook Express\Copy of Inbox.db Infected: Email-Worm.Win32.Klez.h 1 Selected area has been scanned.
  5. Hi, I was not able to successfully run the online scanner from ESET. I could tick "Yes" to accept the conditions and clicked the start button. The window would then load, but nothing would appear (perhaps i'm missing something?). After a while of waiting the window and internet explorer browser closes. I did complete the MBAM scan after updating. Here is the results: MBAM Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4111 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 18/05/2010 11:04:40 PM mbam-log-2010-05-18 (23-04-40).txt Scan type: Quick scan Objects scanned: 172826 Time elapsed: 6 minute(s), 38 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected)
  6. I was able to run GMER completely and successfully in safe mode. I have the ark.txt file posted below. I also downloaded and ran combofix and the log.txt file will also be posted below. Thanks for your responses!!! GMER GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-05-18 08:10:44 Windows 5.1.2600 Service Pack 3 Running: 5j8yovhi.exe; Driver: C:\DOCUME~1\JILLYB~1.000\LOCALS~1\Temp\fwldyuow.sys ---- User code sections - GMER 1.0.15 ---- .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!DialogBoxParamW 7E4247AB 5 Bytes JMP 3E215505 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!CreateWindowExW 7E42D0A3 5 Bytes JMP 3E2EDAC4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!DialogBoxIndirectParamW 7E432072 5 Bytes JMP 3E3E473F C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!MessageBoxIndirectA 7E43A082 5 Bytes JMP 3E3E4671 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!DialogBoxParamA 7E43B144 5 Bytes JMP 3E3E46DC C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!MessageBoxExW 7E450838 5 Bytes JMP 3E3E4542 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!MessageBoxExA 7E45085C 5 Bytes JMP 3E3E45A4 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!DialogBoxIndirectParamA 7E456D7D 5 Bytes JMP 3E3E47A2 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] USER32.dll!MessageBoxIndirectW 7E4664D5 5 Bytes JMP 3E3E4606 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) .text C:\Program Files\Internet Explorer\iexplore.exe[1180] ole32.dll!OleLoadFromStream 77529C85 5 Bytes JMP 3E3E4AA7 C:\WINDOWS\system32\IEFRAME.dll (Internet Explorer/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\Tcpip \Device\Ip avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\Tcp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\Udp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) AttachedDevice \Driver\Tcpip \Device\RawIp avgtdix.sys (AVG Network connection watcher/AVG Technologies CZ, s.r.o.) ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2B 0xB5 0x0B 0x74 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x73 0x2B 0x08 0xB6 ... Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet001\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x35 0x96 0x11 0x8D ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2B 0xB5 0x0B 0x74 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x73 0x2B 0x08 0xB6 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x35 0x96 0x11 0x8D ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2B 0xB5 0x0B 0x74 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x73 0x2B 0x08 0xB6 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0x11 0x13 0x37 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2B 0xB5 0x0B 0x74 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x73 0x2B 0x08 0xB6 ... Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet004\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0x11 0x13 0x37 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2B 0xB5 0x0B 0x74 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x73 0x2B 0x08 0xB6 ... Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet005\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0x11 0x13 0x37 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x2B 0xB5 0x0B 0x74 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x73 0x2B 0x08 0xB6 ... Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet006\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0xBD 0x11 0x13 0x37 ... ---- EOF - GMER 1.0.15 ---- ComboFix ComboFix 10-05-16.02 - jilly 18/05/2010 8:30.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1535.928 [GMT 10:00] Running from: c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Desktop\ComboFix.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users.WINDOWS\Favorites\_favdata.dat c:\program files\Digital Protection c:\windows\command c:\windows\desktop c:\windows\Fonts\acrsec.fon c:\windows\PRAGMAvrpvccimuw c:\windows\PRAGMAvrpvccimuw\PRAGMAcfg.ini c:\windows\system\Color c:\windows\system\Drivers c:\windows\system32\driVERs\qzanlkzy.sys c:\windows\system32\system.dat c:\windows\system32\Vb40032.dll . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_PRAGMAVRPVCCIMUW -------\Service_PRAGMAvrpvccimuw -------\Legacy_qzanlkzy -------\Service_qzanlkzy ((((((((((((((((((((((((( Files Created from 2010-04-18 to 2010-05-18 ))))))))))))))))))))))))))))))) . 2020-02-19 12:06 . 2009-01-19 00:15 -------- d-----w- c:\windows\system32\Adobe 2020-02-19 12:06 . 2007-10-14 20:18 -------- d-----w- c:\program files\Common Files\Adobe 2020-02-19 09:44 . 2006-12-06 01:49 -------- d-----w- C:\Bin 2020-02-19 09:26 . 2004-12-27 05:52 -------- d-----w- c:\program files\PowerArchiver 2020-02-19 09:19 . 2004-12-31 13:08 -------- d-----w- c:\windows\forms 2020-02-19 09:19 . 2007-06-15 01:50 -------- d-----w- c:\program files\Windows Messaging 2020-02-19 08:20 . 2010-04-13 09:16 -------- d--h--w- c:\program files\InstallShield Installation Information 2020-02-19 03:57 . 2009-06-30 00:10 -------- d-----w- c:\program files\Electronic Arts 2020-02-19 03:52 . 2008-11-26 12:10 -------- d-----w- c:\program files\Maxis 2020-02-19 03:05 . 2020-02-19 03:05 -------- d-----w- c:\program files\Bullfrog 2020-02-19 02:16 . 2001-10-30 07:01 272054 --sha-w- C:\SCDOS.SYS 2020-02-19 02:16 . 2001-08-28 10:51 32768 --sha-w- C:\SYSIOMGR.SYS 2020-02-19 01:32 . 2010-05-12 11:01 -------- d-sh--w- c:\windows\Installer 2020-02-19 01:31 . 2010-04-13 09:16 -------- d-----w- c:\program files\Common Files\InstallShield 2020-02-19 01:29 . 2020-02-19 01:29 -------- d--h--w- c:\windows\PrintHood 2020-02-19 01:29 . 2020-02-19 01:29 -------- d-----w- c:\windows\Local Settings 2020-02-19 01:21 . 2020-02-19 01:21 -------- d--h--w- c:\windows\NetHood 2020-02-19 01:20 . 2020-02-19 01:20 -------- d-----w- c:\windows\system\CatRoot 2020-02-19 01:20 . 2020-02-19 01:20 -------- d-s---w- c:\windows\Cookies 2020-02-19 01:20 . 2020-02-19 01:20 -------- d-----w- c:\program files\DirectX 2020-02-19 01:19 . 2020-02-19 01:19 -------- d-s---w- c:\windows\Favorites 2020-02-19 01:19 . 2010-05-12 10:21 -------- d-s---w- c:\windows\Downloaded Program Files 2020-02-19 01:18 . 2020-02-19 01:18 -------- d--h--w- c:\windows\Recent 2020-02-19 01:18 . 2004-12-31 13:08 -------- d-----w- c:\windows\SendTo 2020-02-19 01:18 . 2020-02-19 01:18 -------- d-----w- c:\windows\Start Menu 2020-02-19 01:17 . 2020-02-19 01:17 -------- d-----w- c:\windows\All Users . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2020-02-19 01:19 . 2020-02-19 01:19 11079 ---ha-w- c:\program files\folder.htt 2019-02-20 01:10 . 2019-02-20 01:10 5166 --sh--w- C:\SUHDLOG.DAT 2019-02-20 00:54 . 2019-02-20 00:54 -------- d-----w- c:\program files\PLUS! 2019-02-20 00:54 . 2019-02-20 00:54 -------- d-----w- c:\program files\CHAT 2019-02-20 00:54 . 2019-02-20 00:54 -------- d-----r- c:\program files\Accessories 2010-05-15 00:53 . 2010-05-08 13:11 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-12 22:58 . 2010-05-12 22:58 269 ----a-w- C:\Fold.reg 2010-05-12 22:58 . 2010-05-12 22:58 115 ----a-w- C:\Reg.bat 2010-05-12 11:14 . 2008-01-03 04:21 -------- d-----w- c:\program files\ImgBurn 2010-05-12 09:20 . 2010-05-12 09:20 242896 ----a-w- c:\windows\system32\drivers\avgtdix.sys 2010-05-12 09:20 . 2010-05-12 09:20 12464 ----a-w- c:\windows\system32\avgrsstx.dll 2010-05-12 09:20 . 2010-05-12 09:20 216200 ----a-w- c:\windows\system32\drivers\avgldx86.sys 2010-05-12 09:20 . 2010-05-12 09:20 29512 ----a-w- c:\windows\system32\drivers\avgmfx86.sys 2010-05-12 09:20 . 2010-05-12 09:20 -------- d-----w- c:\program files\AVG 2010-05-12 09:20 . 2010-05-12 09:20 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\avg9 2010-05-12 08:24 . 2010-05-12 08:24 -------- d-----w- c:\program files\Microsoft Works 2010-05-12 08:24 . 2010-05-12 08:24 -------- d-----w- c:\program files\Microsoft ActiveSync 2010-05-12 08:23 . 2010-05-12 08:23 -------- d-----w- c:\program files\Microsoft.NET 2010-05-12 06:40 . 2010-05-12 06:40 -------- d-----w- c:\program files\Common Files\Java 2010-05-12 06:40 . 2010-05-12 06:40 503808 ----a-w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3638c153-n\msvcp71.dll 2010-05-12 06:40 . 2010-05-12 06:40 499712 ----a-w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3638c153-n\jmc.dll 2010-05-12 06:40 . 2010-05-12 06:40 348160 ----a-w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-3638c153-n\msvcr71.dll 2010-05-12 06:40 . 2010-05-12 06:40 61440 ----a-w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1f9f565f-n\decora-sse.dll 2010-05-12 06:40 . 2010-05-12 06:40 12800 ----a-w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-1f9f565f-n\decora-d3d.dll 2010-05-12 06:39 . 2005-07-23 07:14 -------- d-----w- c:\program files\Java 2010-05-12 06:30 . 2009-05-15 01:04 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-05-12 06:25 . 2008-06-06 08:18 -------- d-----w- c:\program files\CCleaner 2010-05-12 06:13 . 2006-11-12 08:46 70008 ----a-w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-12 06:08 . 2006-08-04 09:01 -------- d-----w- c:\program files\Steam 2010-05-12 06:08 . 2006-07-23 03:18 -------- d-----w- c:\program files\Google 2010-05-12 03:56 . 2004-12-31 02:48 22748 ----a-w- c:\windows\system32\emptyregdb.dat 2010-05-10 21:18 . 2006-04-21 00:37 -------- d-----w- c:\program files\MyEmoticons 2010-04-29 05:39 . 2010-05-15 00:52 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-04-29 05:39 . 2010-05-15 00:52 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-04-27 06:49 . 2010-04-27 06:49 -------- d-----r- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\Brother 2010-04-14 21:08 . 2010-02-08 01:36 79488 ----a-w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-04-13 09:26 . 2010-04-13 09:11 57 ----a-w- c:\documents and settings\All Users.WINDOWS\Application Data\Brother\BrLog\BrCollectDir\BR_cat.bat 2010-04-13 09:17 . 2010-04-13 09:17 50 ----a-w- c:\windows\system32\bridf06a.dat 2010-04-13 09:16 . 2010-04-13 09:16 -------- d-----w- c:\program files\Brother 2010-04-13 09:12 . 2010-04-13 09:12 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\InstallShield 2010-04-13 09:12 . 2010-04-13 09:12 -------- d-----w- c:\program files\Common Files\ScanSoft Shared 2010-04-13 09:12 . 2010-04-13 09:12 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\ScanSoft 2010-04-13 09:12 . 2010-04-13 09:12 -------- d-----w- c:\program files\ScanSoft 2010-04-13 09:10 . 2010-04-13 09:10 -------- d-----w- c:\documents and settings\All Users.WINDOWS\Application Data\Brother 2010-04-12 07:29 . 2010-05-12 06:40 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-05 08:19 . 2010-04-05 08:19 -------- d-----w- c:\program files\GameHouse 2010-04-05 03:23 . 2010-04-05 02:39 -------- d-----w- c:\program files\The Witcher Enhanced Edition 2010-04-05 03:23 . 2010-04-05 03:23 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys 2010-04-05 03:23 . 2010-04-05 03:23 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2010-03-29 11:07 . 2006-11-14 07:42 -------- d-----w- c:\documents and settings\jilly.BLUE_MOUNTAINS.000\Application Data\LimeWire 2010-03-27 23:48 . 2008-11-27 02:37 -------- d-----w- c:\program files\Razor 2010-03-10 06:15 . 2008-04-14 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-02-25 06:24 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-24 13:11 . 2008-04-14 12:00 455680 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2005-04-05 09:27 . 2005-04-05 09:27 10493 ------w- c:\program files\Chefs . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "MsnMsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2009-07-26 3883856] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe" [2007-09-04 95536] "SpybotSD TeaTimer"="c:\program files\Spybot - Search & Destroy\TeaTimer.exe" [2009-03-05 2260480] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "type32"="c:\program files\Microsoft IntelliType Pro\type32.exe" [2004-06-03 172032] "OM2_Monitor"="c:\program files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe" [2007-09-04 54576] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2009-09-04 417792] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2009-09-21 305440] "SSBkgdUpdate"="c:\program files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2003-10-14 155648] "PaperPort PTD"="c:\program files\ScanSoft\PaperPort\pptd40nt.exe" [2005-03-17 57393] "IndexSearch"="c:\program files\ScanSoft\PaperPort\IndexSearch.exe" [2005-03-17 40960] "SoundMan"="SOUNDMAN.EXE" [2006-08-02 577536] "Malwarebytes Anti-Malware (rootkit-scan)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2010-04-29 1090952] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] "tscuninstall"="c:\windows\system32\tscupgrd.exe" [2004-08-04 44544] c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\ NETGEAR WG311v3 Smart Wizard.lnk - c:\program files\NETGEAR\WG311v3\wlancfg5.exe [2006-1-26 1486848] [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\explorer] "NoSetActiveDesktop"= 1 (0x1) [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\avgrsstarter] 2010-05-12 09:20 12464 ----a-w- c:\windows\SYSTEM32\avgrsstx.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\RegCompact] 2008-04-16 04:24 165368 ----a-w- c:\windows\SYSTEM32\RegCompact.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PSEXESVC] @="" [HKLM\~\startupfolder\C:^Documents and Settings^All Users.WINDOWS^Start Menu^Programs^Startup^MyWebSearch Email Plugin.lnk] path=c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\MyWebSearch Email Plugin.lnk backup=c:\windows\pss\MyWebSearch Email Plugin.lnkCommon Startup [HKLM\~\startupfolder\C:^Documents and Settings^jilly.BLUE_MOUNTAINS^Start Menu^Programs^Startup^Microsoft Find Fast.lnk] path=c:\documents and settings\jilly.BLUE_MOUNTAINS\Start Menu\Programs\Startup\Microsoft Find Fast.lnk backup=c:\windows\pss\Microsoft Find Fast.lnkStartup [HKLM\~\startupfolder\C:^Documents and Settings^jilly.BLUE_MOUNTAINS^Start Menu^Programs^Startup^Office Startup.lnk] path=c:\documents and settings\jilly.BLUE_MOUNTAINS\Start Menu\Programs\Startup\Office Startup.lnk backup=c:\windows\pss\Office Startup.lnkStartup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BrMfcWnd] 2006-06-27 21:46 622592 ------w- c:\program files\Brother\Brmfcmon\BrMfcWnd.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ControlCenter3] 2006-06-29 02:18 77824 ----a-w- c:\program files\Brother\ControlCenter3\BrCtrCen.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTFMON.EXE] 2008-04-14 12:00 15360 ----a-w- c:\windows\SYSTEM32\ctfmon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2009-09-04 14:54 417792 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Steam] 2009-06-11 01:04 1217784 ----a-w- c:\program files\Steam\Steam.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services] "WMPNetworkSvc"=3 (0x3) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "c:\\Program Files\\DOOM Collector's Edition\\Final Doom\\Doom95.exe"= "%windir%\\system32\\ccapp.exe"= "c:\\Program Files\\Black Isle\\BGII - SoA\\BGMain.exe"= "c:\\SIERRA\\Half-Life\\hl.exe"= "c:\\SIERRA\\Counter-Strike\\cstrike.exe"= "c:\\WINDOWS\\SYSTEM32\\dpvsetup.exe"= "c:\\Program Files\\Sierra On-Line\\SIGSPat.exe"= "c:\\Program Files\\Steam\\SteamApps\\phunky_jill\\half-life deathmatch source\\hl2.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\wlcsdk.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\Dragon Age\\bin_ship\\daorigins.exe"= "c:\\Program Files\\Dragon Age\\DAOriginsLauncher.exe"= "c:\\Program Files\\Dragon Age\\bin_ship\\daupdatersvc.service.exe"= R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\SYSTEM32\DRIVERS\avgldx86.sys [12/05/2010 7:20 PM 216200] R1 AvgTdiX;AVG Free Network Redirector;c:\windows\SYSTEM32\DRIVERS\avgtdix.sys [12/05/2010 7:20 PM 242896] R2 avg9emc;AVG Free E-mail Scanner;c:\program files\AVG\AVG9\avgemc.exe [12/05/2010 7:20 PM 916760] R2 avg9wd;AVG Free WatchDog;c:\program files\AVG\AVG9\avgwdsvc.exe [12/05/2010 7:20 PM 308064] S0 sptd;sptd;c:\windows\SYSTEM32\DRIVERS\sptd.sys [20/05/2009 5:15 PM 721904] S3 DAUpdaterSvc;Dragon Age: Origins - Content Updater;c:\program files\Dragon Age\bin_ship\daupdatersvc.service.exe [26/02/2010 2:25 PM 25832] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.com.au/ uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8 uInternet Settings,ProxyServer = http=127.0.0.1:5555 uInternet Settings,ProxyOverride = <local> uSearchURL,(Default) = hxxp://www.google.com/search?q=%s IE: &Search IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 DPF: Microsoft XML Parser for Java - file://c:\windows\Java\classes\xmldso.cab DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-morezoyeti - c:\windows\system32\vamodimu.dll MSConfigStartUp-SunJavaUpdateSched - c:\program files\Java\jre1.5.0_08\bin\jusched.exe AddRemove-Icy Tower v1.3.1_is1 - c:\games\icytower1.3\unins000.exe AddRemove-{40C03514-89C3-41BA-0090-3B440256DB87} - c:\program files\EA GAMES\The Sims 2\EAUninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-18 11:14 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(712) c:\windows\system32\MrvGINA.dll c:\windows\system32\Ati2evxx.dll c:\windows\system32\RegCompact.dll - - - - - - - > 'Explorer.exe'(3212) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\AVG\AVG9\avgnsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\system32\Ati2evxx.exe c:\program files\AVG\AVG9\avgchsvx.exe c:\program files\AVG\AVG9\avgrsx.exe c:\program files\AVG\AVG9\avgcsrvx.exe c:\windows\SOUNDMAN.EXE c:\program files\iPod\bin\iPodService.exe . ************************************************************************** . Completion time: 2010-05-18 11:24:41 - machine was rebooted ComboFix-quarantined-files.txt 2010-05-18 01:24 Pre-Run: 161,855,956,480 bytes free Post-Run: 161,885,716,992 bytes free Current=3 Default=3 Failed=0 LastKnownGood=6 Sets=1,2,3,4,5,6 - - End Of File - - 6D870A527BB56ECB08958B77F5D0BD5E
  7. <OTL.txt continued> CREATERESTOREPOINT Restore point Set: OTL Restore Point (16902109354000384) ========== Files/Folders - Created Within 30 Days ========== [2020/02/19 22:06:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\Adobe [2020/02/19 22:06:06 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Adobe [2020/02/19 19:44:41 | 000,000,000 | ---D | C] -- C:\Bin [2020/02/19 19:26:38 | 000,000,000 | ---D | C] -- C:\Program Files\PowerArchiver [2020/02/19 19:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\ODBC [2020/02/19 19:19:41 | 000,000,000 | ---D | C] -- C:\WINDOWS\forms [2020/02/19 19:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Windows Messaging [2020/02/19 19:17:33 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Office [2020/02/19 18:20:21 | 000,000,000 | -H-D | C] -- C:\Program Files\InstallShield Installation Information [2020/02/19 13:57:56 | 000,000,000 | ---D | C] -- C:\Program Files\Electronic Arts [2020/02/19 13:52:43 | 000,000,000 | ---D | C] -- C:\Program Files\Maxis [2020/02/19 13:05:57 | 000,000,000 | ---D | C] -- C:\Program Files\Bullfrog [2020/02/19 11:32:00 | 000,000,000 | -HSD | C] -- C:\WINDOWS\Installer [2020/02/19 11:31:29 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\InstallShield [2020/02/19 11:29:16 | 000,000,000 | -H-D | C] -- C:\WINDOWS\PrintHood [2020/02/19 11:29:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\Local Settings [2020/02/19 11:21:49 | 000,000,000 | -H-D | C] -- C:\WINDOWS\NetHood [2020/02/19 11:20:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\CatRoot [2020/02/19 11:20:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\Temporary Internet Files [2020/02/19 11:20:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\History [2020/02/19 11:20:24 | 000,000,000 | --SD | C] -- C:\WINDOWS\Cookies [2020/02/19 11:20:22 | 000,000,000 | ---D | C] -- C:\Program Files\DirectX [2020/02/19 11:19:21 | 000,000,000 | --SD | C] -- C:\WINDOWS\Favorites [2020/02/19 11:19:15 | 000,000,000 | --SD | C] -- C:\WINDOWS\Downloaded Program Files [2020/02/19 11:19:14 | 000,000,000 | R--D | C] -- C:\WINDOWS\Offline Web Pages [2020/02/19 11:18:32 | 000,000,000 | ---D | C] -- C:\Program Files\Uninstall Information [2020/02/19 11:18:05 | 000,000,000 | -H-D | C] -- C:\WINDOWS\Recent [2020/02/19 11:18:05 | 000,000,000 | ---D | C] -- C:\WINDOWS\SendTo [2020/02/19 11:18:01 | 000,000,000 | ---D | C] -- C:\WINDOWS\Start Menu [2020/02/19 11:17:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\Desktop [2020/02/19 11:17:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\All Users [2019/02/20 11:11:43 | 000,000,000 | -H-D | C] -- C:\WINDOWS\spool [2019/02/20 11:11:36 | 000,000,000 | -H-D | C] -- C:\WINDOWS\SYSBCKUP [2019/02/20 11:11:34 | 000,000,000 | -H-D | C] -- C:\WINDOWS\APPLOG [2019/02/20 11:10:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\SAMPLES [2019/02/20 11:09:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\PIF [2019/02/20 11:09:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\IOSUBSYS [2019/02/20 11:09:08 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ShellNew [2019/02/20 11:08:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\MACROMED [2019/02/20 11:07:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\Application Data [2019/02/20 11:07:46 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SERVICES [2019/02/20 11:07:12 | 000,000,000 | ---D | C] -- C:\Program Files\Online Services [2019/02/20 11:07:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\CATROOT [2019/02/20 11:06:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\VMM32 [2019/02/20 11:06:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\MEDIA [2019/02/20 11:06:04 | 000,000,000 | --SD | C] -- C:\WINDOWS\Tasks [2019/02/20 11:06:00 | 000,000,000 | ---D | C] -- C:\WINDOWS\CONFIG [2019/02/20 11:05:58 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\COLOR [2019/02/20 11:05:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\DRWATSON [2019/02/20 11:05:50 | 000,000,000 | R--D | C] -- C:\WINDOWS\WEB [2019/02/20 11:05:44 | 000,000,000 | R-SD | C] -- C:\WINDOWS\FONTS [2019/02/20 11:03:48 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\SHELLEXT [2019/02/20 11:03:44 | 000,000,000 | ---D | C] -- C:\WINDOWS\System\OOBE [2019/02/20 11:03:30 | 000,000,000 | ---D | C] -- C:\WINDOWS\JAVA [2019/02/20 11:03:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\SYSTEM [2019/02/20 11:03:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\CURSORS [2019/02/20 11:03:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\SYSTEM32 [2019/02/20 11:03:10 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\DRIVERS [2019/02/20 11:02:50 | 000,000,000 | ---D | C] -- C:\WINDOWS\HELP [2019/02/20 11:02:44 | 000,000,000 | -H-D | C] -- C:\WINDOWS\INF [2019/02/20 11:02:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\COMMAND [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Windows Media Player [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Outlook Express [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\NetMeeting [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Common Files\Microsoft Shared [2019/02/20 10:54:28 | 000,000,000 | R--D | C] -- C:\Program Files\Accessories [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\SYSTEM [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\PLUS! [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Internet Explorer [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files [2019/02/20 10:54:28 | 000,000,000 | ---D | C] -- C:\Program Files\CHAT [2019/02/20 10:54:24 | 000,000,000 | ---D | C] -- C:\WINDOWS [2010/05/17 10:05:20 | 000,571,392 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe [2010/05/17 10:04:53 | 000,258,560 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTH.scr [2010/05/15 10:52:59 | 000,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/05/15 10:52:58 | 000,020,952 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/05/15 09:47:53 | 006,153,376 | ---- | C] (Malwarebytes Corporation ) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\mbam-setup-1.46.exe [2010/05/12 23:12:03 | 000,000,000 | ---D | C] -- C:\WINDOWS\tmpcopy [2010/05/12 20:52:46 | 000,000,000 | ---D | C] -- C:\WINDOWS\ie8updates [2010/05/12 20:44:20 | 000,455,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mrxsmb.sys [2010/05/12 20:44:12 | 000,594,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeeds.dll [2010/05/12 20:44:12 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msfeedsbs.dll [2010/05/12 20:44:10 | 001,985,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iertutil.dll [2010/05/12 20:42:02 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iyuv_32.dll [2010/05/12 20:42:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsbyuv.dll [2010/05/12 20:41:45 | 000,017,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msyuv.dll [2010/05/12 20:32:21 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrnlmp.exe [2010/05/12 20:32:20 | 002,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntoskrnl.exe [2010/05/12 20:32:20 | 002,024,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ntkrpamp.exe [2010/05/12 20:28:49 | 000,272,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\bthport.sys [2010/05/12 20:22:09 | 000,044,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wups2.dll [2010/05/12 20:22:08 | 000,015,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\wuapi.dll.mui [2010/05/12 20:10:58 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\PrivacIE [2010/05/12 20:08:22 | 000,000,000 | -HSD | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\IETldCache [2010/05/12 19:43:25 | 000,000,000 | -H-D | C] -- C:\WINDOWS\ie8 [2010/05/12 19:31:06 | 000,000,000 | -H-D | C] -- C:\$AVG [2010/05/12 19:20:48 | 000,242,896 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010/05/12 19:20:48 | 000,012,464 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010/05/12 19:20:41 | 000,216,200 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010/05/12 19:20:39 | 000,029,512 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010/05/12 19:20:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\System32\drivers\Avg [2010/05/12 19:20:18 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9 [2010/05/12 19:20:18 | 000,000,000 | ---D | C] -- C:\Program Files\AVG [2010/05/12 18:48:52 | 000,000,000 | ---D | C] -- C:\RRTVAULT [2010/05/12 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Works [2010/05/12 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft Visual Studio [2010/05/12 18:24:02 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft ActiveSync [2010/05/12 18:23:14 | 000,000,000 | ---D | C] -- C:\Program Files\Microsoft.NET [2010/05/12 16:40:55 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Sun [2010/05/12 16:40:54 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java [2010/05/12 16:40:16 | 000,411,368 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\deployJava1.dll [2010/05/12 16:40:16 | 000,153,376 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaws.exe [2010/05/12 16:40:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\javaw.exe [2010/05/12 16:40:16 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\WINDOWS\System32\java.exe [2010/05/12 16:22:21 | 000,000,000 | -H-D | C] -- C:\Config.msi [2010/05/12 15:42:43 | 000,000,000 | ---D | C] -- C:\Program Files\Digital Protection [2010/05/12 14:06:24 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch [2010/05/12 14:02:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winzm.ime [2010/05/12 14:02:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winsp.ime [2010/05/12 14:02:32 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winpy.ime [2010/05/12 14:02:31 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wingb.ime [2010/05/12 14:02:31 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winime.ime [2010/05/12 14:02:30 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\winar30.ime [2010/05/12 14:02:30 | 000,041,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.dll [2010/05/12 14:02:30 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\weitekp9.sys [2010/05/12 14:02:29 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamreg51.dll [2010/05/12 14:02:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamps51.dll [2010/05/12 14:02:28 | 000,364,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svc.dll [2010/05/12 14:02:28 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wam51.dll [2010/05/12 14:02:28 | 000,073,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ext.dll [2010/05/12 14:02:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3svapi.dll [2010/05/12 14:02:28 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w3ctrs51.dll [2010/05/12 14:02:27 | 000,426,041 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicepad.dll [2010/05/12 14:02:27 | 000,086,073 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\voicesub.dll [2010/05/12 14:02:27 | 000,048,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\w32.dll [2010/05/12 14:02:24 | 000,103,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uihelper.dll [2010/05/12 14:02:24 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\uniime.dll [2010/05/12 14:02:24 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\unicdime.ime [2010/05/12 14:02:23 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tsprof.exe [2010/05/12 14:02:22 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tools.dll [2010/05/12 14:02:22 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tmigrate.dll [2010/05/12 14:02:21 | 000,571,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlgnt.ime [2010/05/12 14:02:21 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintsetp.exe [2010/05/12 14:02:21 | 000,185,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\thawbrkr.dll [2010/05/12 14:02:21 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tintlphr.exe [2010/05/12 14:02:20 | 000,021,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdipx.sys [2010/05/12 14:02:20 | 000,019,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdspx.sys [2010/05/12 14:02:20 | 000,013,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tdasync.sys [2010/05/12 14:02:18 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\svcext51.dll [2010/05/12 14:02:17 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sspifilt.dll [2010/05/12 14:02:17 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ssinc51.dll [2010/05/12 14:02:17 | 000,016,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\status.dll [2010/05/12 14:02:16 | 000,101,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\srusbusd.dll [2010/05/12 14:02:15 | 000,143,422 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\softkey.dll [2010/05/12 14:02:14 | 000,188,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpsmir.dll [2010/05/12 14:02:14 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpthrd.dll [2010/05/12 14:02:14 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpstup.dll [2010/05/12 14:02:14 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmptrap.exe [2010/05/12 14:02:14 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_snprfdll.dll [2010/05/12 14:02:13 | 000,456,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsvc.dll [2010/05/12 14:02:13 | 000,358,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpincl.dll [2010/05/12 14:02:13 | 000,259,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpcl.dll [2010/05/12 14:02:13 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmp.exe [2010/05/12 14:02:13 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\snmpmib.dll [2010/05/12 14:02:12 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_smtpctrs.dll [2010/05/12 14:02:12 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpapi.dll [2010/05/12 14:02:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smimsgif.dll [2010/05/12 14:02:12 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsy.dll [2010/05/12 14:02:11 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smi2smir.exe [2010/05/12 14:02:11 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm9aw.dll [2010/05/12 14:02:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smb6w.dll [2010/05/12 14:02:11 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sma3w.dll [2010/05/12 14:02:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm93w.dll [2010/05/12 14:02:11 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm92w.dll [2010/05/12 14:02:11 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smierrsm.dll [2010/05/12 14:02:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm87w.dll [2010/05/12 14:02:10 | 000,030,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm81w.dll [2010/05/12 14:02:10 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8cw.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm90w.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8dw.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm8aw.dll [2010/05/12 14:02:10 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm89w.dll [2010/05/12 14:02:10 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\sm59w.dll [2010/05/12 14:02:09 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\simptcp.dll [2010/05/12 14:02:06 | 000,221,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\seo.dll [2010/05/12 14:02:06 | 000,057,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_scripto.dll [2010/05/12 14:02:06 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_seos.dll [2010/05/12 14:02:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia330.dll [2010/05/12 14:02:05 | 000,079,872 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rwia001.dll [2010/05/12 14:02:05 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rwnh.dll [2010/05/12 14:02:04 | 000,029,184 | ---- | C] (Ricoh Co., Ltd.) -- C:\WINDOWS\System32\dllcache\rw330ext.dll [2010/05/12 14:02:04 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rw001ext.dll [2010/05/12 14:02:03 | 000,026,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\romanime.ime [2010/05/12 14:02:03 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\rpcref.dll [2010/05/12 14:02:02 | 000,023,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_regtrace.exe [2010/05/12 14:02:02 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\register.exe [2010/05/12 14:02:01 | 000,020,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ramdisk.sys [2010/05/12 14:02:00 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quick.ime [2010/05/12 14:02:00 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\quser.exe [2010/05/12 14:02:00 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\query.exe [2010/05/12 14:01:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pwsdata.dll [2010/05/12 14:01:58 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxviceo.dll [2010/05/12 14:01:58 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxmcro.dll [2010/05/12 14:01:58 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmxgl.dll [2010/05/12 14:01:57 | 000,482,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlgnt.ime [2010/05/12 14:01:57 | 000,070,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlphr.exe [2010/05/12 14:01:57 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pmigrate.dll [2010/05/12 14:01:57 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pintlcsd.dll [2010/05/12 14:01:56 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\phon.ime [2010/05/12 14:01:56 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\permchk.dll [2010/05/12 14:01:55 | 000,036,927 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs411.dll [2010/05/12 14:01:55 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\pagecnt.dll [2010/05/12 14:01:55 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs404.dll [2010/05/12 14:01:55 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs804.dll [2010/05/12 14:01:55 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\padrs412.dll [2010/05/12 14:01:52 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_ntfsdrv.dll [2010/05/12 14:01:51 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nextlink.dll [2010/05/12 14:01:51 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\nsepm.dll [2010/05/12 14:01:48 | 000,229,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\multibox.dll [2010/05/12 14:01:48 | 000,119,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mtstocom.exe [2010/05/12 14:01:44 | 001,875,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.lex [2010/05/12 14:01:44 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\msir3jp.dll [2010/05/12 14:01:38 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\migregdb.exe [2010/05/12 14:01:37 | 000,092,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.sys [2010/05/12 14:01:37 | 000,092,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mga.dll [2010/05/12 14:01:37 | 000,085,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\metada51.dll [2010/05/12 14:01:37 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\mdsync.dll [2010/05/12 14:01:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_mailmsg.dll [2010/05/12 14:01:36 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\md5filt.dll [2010/05/12 14:01:35 | 000,022,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lpdsvc.dll [2010/05/12 14:01:35 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logscrpt.dll [2010/05/12 14:01:35 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lprmon.dll [2010/05/12 14:01:35 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lonsint.dll [2010/05/12 14:01:34 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\lmmib2.dll [2010/05/12 14:01:33 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\korwbrkr.dll [2010/05/12 14:01:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdvntc.dll [2010/05/12 14:01:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdusa.dll [2010/05/12 14:01:32 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdurdu.dll [2010/05/12 14:01:31 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecnt.dll [2010/05/12 14:01:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth3.dll [2010/05/12 14:01:31 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth2.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth1.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdth0.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr2.dll [2010/05/12 14:01:31 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdsyr1.dll [2010/05/12 14:01:30 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnecat.dll [2010/05/12 14:01:30 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdnec95.dll [2010/05/12 14:01:30 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41a.dll [2010/05/12 14:01:30 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdlk41j.dll [2010/05/12 14:01:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintel.dll [2010/05/12 14:01:30 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdintam.dll [2010/05/12 14:01:29 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdibm02.dll [2010/05/12 14:01:29 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinpun.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinmar.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinkan.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinhin.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdinguj.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdindev.dll [2010/05/12 14:01:29 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdheb.dll [2010/05/12 14:01:28 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdax2.dll [2010/05/12 14:01:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdfa.dll [2010/05/12 14:01:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv2.dll [2010/05/12 14:01:28 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbddiv1.dll [2010/05/12 14:01:28 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdgeo.dll [2010/05/12 14:01:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd106n.dll [2010/05/12 14:01:27 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101a.dll [2010/05/12 14:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda3.dll [2010/05/12 14:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda2.dll [2010/05/12 14:01:27 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbda1.dll [2010/05/12 14:01:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarmw.dll [2010/05/12 14:01:27 | 000,005,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbdarme.dll [2010/05/12 14:01:26 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iscomlog.dll [2010/05/12 14:01:26 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\jupiw.dll [2010/05/12 14:01:26 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iwrps.dll [2010/05/12 14:01:26 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isapips.dll [2010/05/12 14:01:26 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\kbd101.dll [2010/05/12 14:01:25 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iprip.dll [2010/05/12 14:01:24 | 000,315,455 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskf.dll [2010/05/12 14:01:24 | 000,257,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infocomm.dll [2010/05/12 14:01:24 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoctrs.dll [2010/05/12 14:01:23 | 000,471,102 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imskdic.dll [2010/05/12 14:01:23 | 000,102,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imlang.dll [2010/05/12 14:01:23 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imkrinst.exe [2010/05/12 14:01:22 | 000,274,489 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputyc.dll [2010/05/12 14:01:22 | 000,262,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjputy.exe [2010/05/12 14:01:22 | 000,233,527 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjprw.exe [2010/05/12 14:01:22 | 000,208,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpmig.exe [2010/05/12 14:01:22 | 000,045,109 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpuex.exe [2010/05/12 14:01:21 | 000,716,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcus.dll [2010/05/12 14:01:21 | 000,307,257 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.exe [2010/05/12 14:01:21 | 000,155,705 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdsvr.exe [2010/05/12 14:01:21 | 000,081,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdct.dll [2010/05/12 14:01:21 | 000,057,398 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpdadm.exe [2010/05/12 14:01:20 | 000,811,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81k.dll [2010/05/12 14:01:20 | 000,368,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjpcic.dll [2010/05/12 14:01:20 | 000,340,023 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imjp81.ime [2010/05/12 14:01:20 | 000,311,359 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsv.exe [2010/05/12 14:01:20 | 000,102,463 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imepadsm.dll [2010/05/12 14:01:19 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrcic.dll [2010/05/12 14:01:19 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekr61.ime [2010/05/12 14:01:19 | 000,086,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmbx.dll [2010/05/12 14:01:19 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\imekrmig.exe [2010/05/12 14:01:19 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iissync.exe [2010/05/12 14:01:18 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iische51.dll [2010/05/12 14:01:18 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iislog51.dll [2010/05/12 14:01:18 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisclex4.dll [2010/05/12 14:01:18 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iiscrmap.dll [2010/05/12 14:01:18 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisfecnv.dll [2010/05/12 14:01:18 | 000,003,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismui.dll [2010/05/12 14:01:17 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisadmin.dll [2010/05/12 14:01:14 | 010,129,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxkor.dll [2010/05/12 14:01:07 | 010,096,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hwxcht.dll [2010/05/12 14:01:06 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpext.dll [2010/05/12 14:01:06 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpod51.dll [2010/05/12 14:01:06 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\httpmb51.dll [2010/05/12 14:01:05 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hostmib.dll [2010/05/12 14:01:05 | 000,036,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\hanjadic.dll [2010/05/12 14:01:04 | 000,032,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\gzip.dll [2010/05/12 14:01:03 | 000,400,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsxp32.dll [2010/05/12 14:01:03 | 000,397,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxstiff.dll [2010/05/12 14:01:03 | 000,246,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxst30.dll [2010/05/12 14:01:03 | 000,192,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxswzrd.dll [2010/05/12 14:01:03 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsui.dll [2010/05/12 14:01:02 | 000,562,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsst.dll [2010/05/12 14:01:02 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssvc.exe [2010/05/12 14:01:02 | 000,031,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsroute.dll [2010/05/12 14:01:02 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsmon.dll [2010/05/12 14:01:02 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxssend.exe [2010/05/12 14:01:02 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsperf.dll [2010/05/12 14:01:02 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsres.dll [2010/05/12 14:01:01 | 000,285,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscomex.dll [2010/05/12 14:01:01 | 000,229,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscover.exe [2010/05/12 14:01:01 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclntr.dll [2010/05/12 14:01:01 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscom.dll [2010/05/12 14:01:01 | 000,055,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsevent.dll [2010/05/12 14:01:01 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsdrv.dll [2010/05/12 14:01:01 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsext32.dll [2010/05/12 14:01:00 | 000,451,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsapi.dll [2010/05/12 14:01:00 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxsclnt.exe [2010/05/12 14:01:00 | 000,125,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsv251.dll [2010/05/12 14:01:00 | 000,111,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fxscfgwz.dll [2010/05/12 14:00:59 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmdll.dll [2010/05/12 14:00:59 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpctrs2.dll [2010/05/12 14:00:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpmib.dll [2010/05/12 14:00:59 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftlx041e.dll [2010/05/12 14:00:58 | 000,024,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpadmcgi.exe [2010/05/12 14:00:58 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\flattemp.exe [2010/05/12 14:00:57 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_fcachdll.dll [2010/05/12 14:00:57 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\f3ahvoas.dll [2010/05/12 14:00:56 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntagnt.dll [2010/05/12 14:00:56 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntwin.exe [2010/05/12 14:00:56 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\evntcmd.exe [2010/05/12 14:00:56 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\exstrace.dll [2010/05/12 14:00:55 | 000,057,856 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esuimgd.dll [2010/05/12 14:00:55 | 000,045,056 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esunid.dll [2010/05/12 14:00:55 | 000,031,744 | ---- | C] (SEIKO EPSON CORP.) -- C:\WINDOWS\System32\dllcache\esucmd.dll [2010/05/12 14:00:55 | 000,025,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\et4000.sys [2010/05/12 14:00:49 | 000,078,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\dayi.ime [2010/05/12 14:00:49 | 000,042,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\davcdata.exe [2010/05/12 14:00:47 | 000,057,399 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cplexe.exe [2010/05/12 14:00:47 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\convlog.exe [2010/05/12 14:00:47 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\counters.dll [2010/05/12 14:00:47 | 000,018,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cprofile.exe [2010/05/12 14:00:46 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\controt.dll [2010/05/12 14:00:46 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\compfilt.dll [2010/05/12 14:00:45 | 000,480,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintsetp.exe [2010/05/12 14:00:44 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintime.dll [2010/05/12 14:00:44 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtmbx.dll [2010/05/12 14:00:44 | 000,056,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtskdic.dll [2010/05/12 14:00:44 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cintlgnt.ime [2010/05/12 14:00:43 | 001,677,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chsbrkr.dll [2010/05/12 14:00:43 | 000,838,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chtbrkr.dll [2010/05/12 14:00:42 | 000,078,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chajei.ime [2010/05/12 14:00:42 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgport.exe [2010/05/12 14:00:42 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chgusr.exe [2010/05/12 14:00:42 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\chglogon.exe [2010/05/12 14:00:42 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\change.exe [2010/05/12 14:00:41 | 000,054,528 | ---- | C] (Philips Semiconductors GmbH) -- C:\WINDOWS\System32\dllcache\cap7146.sys [2010/05/12 14:00:41 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_iscii.dll [2010/05/12 14:00:40 | 000,218,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_g18030.dll [2010/05/12 14:00:40 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\c_is2022.dll [2010/05/12 14:00:31 | 000,045,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\browscap.dll [2010/05/12 14:00:29 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\authfilt.dll [2010/05/12 14:00:27 | 000,369,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asp51.dll [2010/05/12 14:00:27 | 000,029,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\asptxn.dll [2010/05/12 14:00:27 | 000,010,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aspperf.dll [2010/05/12 14:00:26 | 000,331,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\aqueue.dll [2010/05/12 14:00:26 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\appconf.dll [2010/05/12 14:00:26 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_aqadmin.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0804.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0412.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0411.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt040d.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0404.dll [2010/05/12 14:00:25 | 000,019,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\agt0401.dll [2010/05/12 14:00:23 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adrot.dll [2010/05/12 14:00:23 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admexs.dll [2010/05/12 14:00:23 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admxprox.dll [2010/05/12 14:00:23 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\EXCH_adsiisex.dll [2010/05/12 14:00:19 | 000,016,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptsat.dll [2010/05/12 14:00:19 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\wamregps.dll [2010/05/12 14:00:18 | 000,032,827 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\tcptest.exe [2010/05/12 14:00:18 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\staxmem.dll [2010/05/12 14:00:17 | 002,134,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpsnap.dll [2010/05/12 14:00:17 | 000,189,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\smtpadm.dll [2010/05/12 14:00:17 | 000,016,437 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.exe [2010/05/12 14:00:16 | 000,020,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\shtml.dll [2010/05/12 14:00:13 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\logui.ocx [2010/05/12 14:00:12 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\isatq.dll [2010/05/12 14:00:12 | 000,019,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetsloc.dll [2010/05/12 14:00:12 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\infoadmn.dll [2010/05/12 14:00:12 | 000,007,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.exe [2010/05/12 14:00:11 | 000,829,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\inetmgr.dll [2010/05/12 14:00:11 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisui.dll [2010/05/12 14:00:11 | 000,133,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrtl.dll [2010/05/12 14:00:11 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstas.exe [2010/05/12 14:00:11 | 000,005,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisrstap.dll [2010/05/12 14:00:10 | 000,068,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisext51.dll [2010/05/12 14:00:10 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iismap.dll [2010/05/12 14:00:10 | 000,020,538 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpremadm.exe [2010/05/12 14:00:10 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\iisreset.exe [2010/05/12 14:00:10 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\ftpsapi2.dll [2010/05/12 14:00:09 | 000,598,071 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmc.dll [2010/05/12 14:00:09 | 000,208,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpmmcsat.dll [2010/05/12 14:00:09 | 000,020,541 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpexedll.dll [2010/05/12 14:00:08 | 000,876,653 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awel.dll [2010/05/12 14:00:08 | 000,188,494 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fpcount.exe [2010/05/12 14:00:08 | 000,109,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98swin.exe [2010/05/12 14:00:08 | 000,049,212 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4awebs.dll [2010/05/12 14:00:08 | 000,014,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp98sadm.exe [2010/05/12 14:00:07 | 000,147,513 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4apws.dll [2010/05/12 14:00:07 | 000,102,509 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4atxt.dll [2010/05/12 14:00:07 | 000,049,210 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4areg.dll [2010/05/12 14:00:07 | 000,041,020 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avnb.dll [2010/05/12 14:00:07 | 000,032,826 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4avss.dll [2010/05/12 14:00:06 | 000,184,435 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4amsft.dll [2010/05/12 14:00:06 | 000,082,035 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\fp4anscp.dll [2010/05/12 14:00:05 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certwiz.ocx [2010/05/12 14:00:05 | 000,188,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cfgwiz.exe [2010/05/12 14:00:05 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\cnfgprts.ocx [2010/05/12 14:00:05 | 000,046,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\coadmin.dll [2010/05/12 14:00:04 | 000,094,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\certmap.ocx [2010/05/12 14:00:04 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.dll [2010/05/12 14:00:04 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\author.exe [2010/05/12 14:00:03 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\adsiis51.dll [2010/05/12 14:00:03 | 000,043,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admwprox.dll [2010/05/12 14:00:03 | 000,016,439 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.exe [2010/05/12 14:00:02 | 000,020,540 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\admin.dll [2010/05/12 13:35:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\spxcoins.dll [2010/05/12 13:35:24 | 000,024,661 | ---- | C] (Perle Systems Ltd.) -- C:\WINDOWS\System32\dllcache\spxcoins.dll [2010/05/12 13:35:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\irclass.dll [2010/05/12 13:35:24 | 000,013,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\System32\dllcache\irclass.dll [2010/05/12 11:56:36 | 000,000,000 | ---D | C] -- C:\WINDOWS\dllcache [2010/05/12 11:55:28 | 000,000,000 | ---D | C] -- C:\WINDOWS\CatRoot2 [2010/05/10 21:48:30 | 000,000,000 | ---D | C] -- C:\Kaspersky Rescue Disk 10.0 [2010/05/08 23:11:08 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware [2010/05/05 09:11:52 | 000,000,000 | ---D | C] -- C:\WINDOWS\PRAGMAvrpvccimuw [2010/05/05 09:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Local Settings\Application Data\nlfofeppu [2010/05/05 09:10:53 | 000,000,000 | ---D | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Local Settings\Application Data\mbwlfsffy [2010/04/27 16:49:49 | 000,000,000 | R--D | C] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Brother [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2020/02/19 19:36:44 | 000,000,030 | ---- | M] () -- C:\CONFIG.SYS [2020/02/19 18:01:40 | 000,006,792 | ---- | M] () -- C:\SPIN_LOG.C [2020/02/19 18:01:40 | 000,000,572 | -HS- | M] () -- C:\SPINRITE.FIF [2020/02/19 12:16:16 | 000,272,054 | -HS- | M] () -- C:\SCDOS.BAK [2020/02/19 11:19:24 | 000,011,079 | -H-- | M] () -- C:\Program Files\folder.htt [2019/02/20 11:16:56 | 000,001,676 | ---- | M] () -- C:\MSDOS.SYS [2019/02/20 11:10:50 | 000,005,166 | -HS- | M] () -- C:\SUHDLOG.DAT [2019/02/20 10:54:02 | 000,000,022 | -HS- | M] () -- C:\MSDOS.--- [2010/05/17 10:05:25 | 000,571,392 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe [2010/05/17 10:04:53 | 000,258,560 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTH.scr [2010/05/16 15:41:29 | 060,032,049 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/05/16 15:39:40 | 000,438,918 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010/05/16 15:39:40 | 000,378,264 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010/05/16 15:39:40 | 000,054,096 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010/05/16 15:35:44 | 000,002,228 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010/05/16 15:35:05 | 000,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010/05/16 15:35:00 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010/05/16 02:43:43 | 011,534,336 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\ntuser.dat [2010/05/16 02:43:43 | 000,000,178 | -HS- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\ntuser.ini [2010/05/15 10:53:01 | 000,000,703 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/15 09:47:53 | 006,153,376 | ---- | M] (Malwarebytes Corporation ) -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\mbam-setup-1.46.exe [2010/05/15 09:41:20 | 000,001,697 | ---- | M] () -- C:\WINDOWS\WININIT.INI [2010/05/13 21:52:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2010/05/13 08:58:41 | 000,000,269 | ---- | M] () -- C:\Fold.reg [2010/05/13 08:58:41 | 000,000,115 | ---- | M] () -- C:\Reg.bat [2010/05/12 21:05:07 | 000,266,208 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT [2010/05/12 20:57:11 | 000,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010/05/12 19:31:09 | 000,002,497 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\Word 2003.lnk [2010/05/12 19:20:48 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgtdix.sys [2010/05/12 19:20:48 | 000,012,464 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\avgrsstx.dll [2010/05/12 19:20:48 | 000,001,514 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG Free 9.0.lnk [2010/05/12 19:20:41 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgldx86.sys [2010/05/12 19:20:39 | 000,113,461 | ---- | M] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010/05/12 19:20:39 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\System32\drivers\avgmfx86.sys [2010/05/12 18:25:36 | 000,016,244 | ---- | M] () -- C:\WINDOWS\System32\rrt_is.wav [2010/05/12 18:25:36 | 000,007,302 | ---- | M] () -- C:\WINDOWS\System32\rrt_vf.wav [2010/05/12 18:25:36 | 000,007,148 | ---- | M] () -- C:\WINDOWS\System32\rrt_tv.wav [2010/05/12 18:25:36 | 000,006,282 | ---- | M] () -- C:\WINDOWS\System32\rrt_tn.wav [2010/05/12 18:24:04 | 000,000,737 | ---- | M] () -- C:\WINDOWS\ODBC.INI [2010/05/12 16:25:41 | 000,001,555 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\CCleaner.lnk [2010/05/12 16:21:58 | 000,000,292 | ---- | M] () -- C:\WINDOWS\SYSTEM.INI [2010/05/12 16:13:32 | 000,070,008 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2010/05/12 16:12:10 | 000,000,648 | ---- | M] () -- C:\WINDOWS\win.ini [2010/05/12 16:12:10 | 000,000,292 | ---- | M] () -- C:\WINDOWS\SYSTEM.UNV [2010/05/12 16:12:10 | 000,000,282 | -HS- | M] () -- C:\boot.ini [2010/05/12 14:03:39 | 000,000,288 | ---- | M] () -- C:\WINDOWS\System32\$winnt$.inf [2010/05/12 13:59:20 | 000,316,640 | ---- | M] () -- C:\WINDOWS\WMSysPr9.prx [2010/05/12 13:59:19 | 000,023,392 | ---- | M] () -- C:\WINDOWS\System32\nscompat.tlb [2010/05/12 13:59:19 | 000,016,832 | ---- | M] () -- C:\WINDOWS\System32\amcompat.tlb [2010/05/12 13:59:06 | 000,004,346 | ---- | M] () -- C:\WINDOWS\ODBCINST.INI [2010/05/12 13:58:00 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\WindowsLogon.manifest [2010/05/12 13:58:00 | 000,000,488 | RH-- | M] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | M] () -- C:\WINDOWS\System32\cdplayer.exe.manifest [2010/05/12 13:56:35 | 000,022,748 | ---- | M] () -- C:\WINDOWS\System32\emptyregdb.dat [2010/05/12 13:53:59 | 000,004,444 | ---- | M] () -- C:\WINDOWS\System32\pid.PNF [2010/05/05 09:39:07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\System32\drivers\qzanlkzy.sys [2010/04/30 16:54:47 | 000,000,153 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\webct_upload_applet.properties [2010/04/30 14:39:36 | 000,002,137 | ---- | M] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\iTunes.lnk [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2010/04/18 11:40:47 | 008,015,121 | ---- | M] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\XTC_-_Senses_Working_Overtime.mp3 [4 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [2 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2020/02/19 19:36:44 | 000,000,030 | ---- | C] () -- C:\CONFIG.SYS [2020/02/19 19:36:26 | 000,272,054 | -HS- | C] () -- C:\SCDOS.BAK [2020/02/19 18:01:40 | 000,006,792 | ---- | C] () -- C:\SPIN_LOG.C [2020/02/19 18:01:40 | 000,000,572 | -HS- | C] () -- C:\SPINRITE.FIF [2020/02/19 12:16:14 | 000,272,054 | -HS- | C] () -- C:\SCDOS.SYS [2020/02/19 12:16:03 | 000,032,768 | -HS- | C] () -- C:\SYSIOMGR.SYS [2020/02/19 11:19:22 | 000,011,079 | -H-- | C] () -- C:\Program Files\folder.htt [2019/02/20 11:16:56 | 000,001,676 | ---- | C] () -- C:\MSDOS.SYS [2019/02/20 11:10:50 | 000,005,166 | -HS- | C] () -- C:\SUHDLOG.DAT [2019/02/20 10:54:02 | 000,000,022 | -HS- | C] () -- C:\MSDOS.--- [2010/05/15 10:53:01 | 000,000,703 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\Malwarebytes' Anti-Malware.lnk [2010/05/13 21:52:51 | 000,000,000 | RHS- | C] () -- C:\IO.SYS [2010/05/13 08:58:41 | 000,000,269 | ---- | C] () -- C:\Fold.reg [2010/05/13 08:58:41 | 000,000,115 | ---- | C] () -- C:\Reg.bat [2010/05/12 19:20:48 | 000,001,514 | ---- | C] () -- C:\Documents and Settings\All Users.WINDOWS\Desktop\AVG Free 9.0.lnk [2010/05/12 19:20:39 | 000,113,461 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\iavichjw.avm [2010/05/12 19:20:35 | 060,032,049 | ---- | C] () -- C:\WINDOWS\System32\drivers\Avg\incavi.avm [2010/05/12 18:25:36 | 000,016,244 | ---- | C] () -- C:\WINDOWS\System32\rrt_is.wav [2010/05/12 18:25:36 | 000,007,302 | ---- | C] () -- C:\WINDOWS\System32\rrt_vf.wav [2010/05/12 18:25:36 | 000,007,148 | ---- | C] () -- C:\WINDOWS\System32\rrt_tv.wav [2010/05/12 18:25:36 | 000,006,282 | ---- | C] () -- C:\WINDOWS\System32\rrt_tn.wav [2010/05/12 16:25:41 | 000,001,555 | ---- | C] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\CCleaner.lnk [2010/05/12 14:02:38 | 000,028,288 | ---- | C] () -- C:\WINDOWS\System32\dllcache\xjis.nls [2010/05/12 14:01:58 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prcp.nls [2010/05/12 14:01:58 | 000,083,748 | ---- | C] () -- C:\WINDOWS\System32\dllcache\prc.nls [2010/05/12 14:01:56 | 000,175,104 | ---- | C] () -- C:\WINDOWS\System32\dllcache\pintlcsa.dll [2010/05/12 14:01:34 | 000,047,066 | ---- | C] () -- C:\WINDOWS\System32\dllcache\ksc.nls [2010/05/12 14:01:33 | 001,158,818 | ---- | C] () -- C:\WINDOWS\System32\dllcache\korwbrkr.lex [2010/05/12 14:01:23 | 000,059,392 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imscinst.exe [2010/05/12 14:01:22 | 000,196,665 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imjpinst.exe [2010/05/12 14:01:19 | 000,134,339 | ---- | C] () -- C:\WINDOWS\System32\dllcache\imekr.lex [2010/05/12 14:01:10 | 013,463,552 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hwxjpn.dll [2010/05/12 14:01:05 | 000,108,827 | ---- | C] () -- C:\WINDOWS\System32\dllcache\hanja.lex [2010/05/12 14:00:59 | 000,094,208 | ---- | C] () -- C:\WINDOWS\System32\dllcache\fpencode.dll [2010/05/12 14:00:44 | 000,173,568 | ---- | C] () -- C:\WINDOWS\System32\dllcache\chtskf.dll [2010/05/12 14:00:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls [2010/05/12 14:00:40 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls [2010/05/12 14:00:40 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_870.nls [2010/05/12 14:00:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_858.nls [2010/05/12 14:00:39 | 000,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls [2010/05/12 14:00:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls [2010/05/12 14:00:39 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls [2010/05/12 14:00:38 | 000,180,770 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20932.nls [2010/05/12 14:00:38 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20949.nls [2010/05/12 14:00:38 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20936.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21027.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_21025.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20924.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20880.nls [2010/05/12 14:00:38 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20871.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20838.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20833.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20424.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20423.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20420.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20297.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20290.nls [2010/05/12 14:00:37 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20285.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20284.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20280.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20278.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20277.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20273.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20269.nls [2010/05/12 14:00:36 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20108.nls [2010/05/12 14:00:35 | 000,187,938 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20005.nls [2010/05/12 14:00:35 | 000,185,378 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20003.nls [2010/05/12 14:00:35 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20004.nls [2010/05/12 14:00:35 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20002.nls [2010/05/12 14:00:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20107.nls [2010/05/12 14:00:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20106.nls [2010/05/12 14:00:35 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20105.nls [2010/05/12 14:00:34 | 000,189,986 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1361.nls [2010/05/12 14:00:34 | 000,186,402 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20001.nls [2010/05/12 14:00:34 | 000,180,258 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_20000.nls [2010/05/12 14:00:34 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1149.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1148.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1147.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1146.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1145.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1144.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1143.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1142.nls [2010/05/12 14:00:33 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1141.nls [2010/05/12 14:00:32 | 000,177,698 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10003.nls [2010/05/12 14:00:32 | 000,173,602 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10008.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1140.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_1047.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls [2010/05/12 14:00:32 | 000,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls [2010/05/12 14:00:31 | 000,195,618 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10002.nls [2010/05/12 14:00:31 | 000,162,850 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10001.nls [2010/05/12 14:00:31 | 000,082,172 | ---- | C] () -- C:\WINDOWS\System32\dllcache\bopomofo.nls [2010/05/12 14:00:30 | 000,066,728 | ---- | C] () -- C:\WINDOWS\System32\dllcache\big5.nls [2010/05/12 13:58:00 | 000,000,488 | RH-- | C] () -- C:\WINDOWS\System32\logonui.exe.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\wuaucpl.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\WindowsShell.Manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\sapi.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\nwc.cpl.manifest [2010/05/12 13:57:54 | 000,000,749 | RH-- | C] () -- C:\WINDOWS\System32\ncpa.cpl.manifest [2010/05/12 13:35:02 | 000,144,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\netfx.cat [2010/05/12 13:35:02 | 000,112,918 | ---- | C] () -- C:\WINDOWS\System32\dllcache\tabletpc.cat [2010/05/12 13:35:02 | 000,034,747 | ---- | C] () -- C:\WINDOWS\System32\dllcache\mediactr.cat [2010/05/12 13:35:02 | 000,026,991 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn7.cat [2010/05/12 13:35:02 | 000,014,433 | ---- | C] () -- C:\WINDOWS\System32\dllcache\msn9.cat [2010/05/12 13:35:02 | 000,010,027 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSTSWEB.CAT [2010/05/12 13:35:02 | 000,008,574 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IASNT4.CAT [2010/05/12 13:35:02 | 000,007,382 | ---- | C] () -- C:\WINDOWS\System32\dllcache\OEMBIOS.CAT [2010/05/12 13:35:02 | 000,007,334 | ---- | C] () -- C:\WINDOWS\System32\dllcache\wmerrenu.cat [2010/05/12 13:35:01 | 001,296,669 | ---- | C] () -- C:\WINDOWS\System32\dllcache\SP3.CAT [2010/05/12 13:35:01 | 000,797,189 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5IIS.CAT [2010/05/12 13:35:01 | 000,399,645 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MAPIMIG.CAT [2010/05/12 13:35:01 | 000,037,484 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MW770.CAT [2010/05/12 13:35:01 | 000,034,063 | ---- | C] () -- C:\WINDOWS\System32\dllcache\FP4.CAT [2010/05/12 13:35:01 | 000,016,535 | ---- | C] () -- C:\WINDOWS\System32\dllcache\IMS.CAT [2010/05/12 13:35:01 | 000,013,472 | ---- | C] () -- C:\WINDOWS\System32\dllcache\HPCRDP.CAT [2010/05/12 13:35:01 | 000,012,363 | ---- | C] () -- C:\WINDOWS\System32\dllcache\MSMSGS.CAT [2010/05/12 13:35:00 | 002,144,487 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5.CAT [2010/05/12 13:35:00 | 000,522,220 | ---- | C] () -- C:\WINDOWS\System32\dllcache\NT5INF.CAT [2010/05/05 09:11:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\drivers\qzanlkzy.sys [2010/04/18 11:39:46 | 008,015,121 | ---- | C] () -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\XTC_-_Senses_Working_Overtime.mp3 [2010/04/13 19:18:16 | 000,000,419 | ---- | C] () -- C:\WINDOWS\BRWMARK.INI [2010/04/13 19:18:16 | 000,000,027 | ---- | C] () -- C:\WINDOWS\BRPP2KA.INI [2010/04/13 19:17:51 | 000,000,226 | ---- | C] () -- C:\WINDOWS\Brpfx04a.ini [2010/04/13 19:17:51 | 000,000,094 | ---- | C] () -- C:\WINDOWS\brpcfx.ini [2010/04/13 19:16:28 | 000,106,496 | ---- | C] () -- C:\WINDOWS\System32\BrMuSNMP.dll [2010/04/13 19:12:29 | 000,027,019 | ---- | C] () -- C:\WINDOWS\maxlink.ini [2010/04/05 13:23:56 | 000,279,712 | ---- | C] () -- C:\WINDOWS\System32\drivers\atksgt.sys [2010/04/05 13:23:55 | 000,025,888 | ---- | C] () -- C:\WINDOWS\System32\drivers\lirsgt.sys [2009/05/11 20:47:52 | 000,000,164 | ---- | C] () -- C:\WINDOWS\avrack.ini [2009/05/11 20:47:45 | 000,143,360 | ---- | C] () -- C:\WINDOWS\System32\RtlCPAPI.dll [2009/05/04 02:37:22 | 000,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009/02/12 07:30:02 | 000,190,976 | ---- | C] () -- C:\WINDOWS\System32\WgaLogon.dll [2009/01/06 17:50:05 | 000,000,000 | ---- | C] () -- C:\WINDOWS\iPlayer.INI [2008/12/07 14:08:04 | 000,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2008/10/07 08:13:30 | 000,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2008/10/07 08:13:22 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2008/10/07 08:13:20 | 000,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2008/09/12 16:21:02 | 000,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2008/09/11 10:50:56 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll [2008/04/27 10:33:36 | 000,765,952 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2008/01/19 12:41:56 | 000,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2007/10/15 12:59:15 | 000,001,697 | ---- | C] () -- C:\WINDOWS\WININIT.INI [2007/09/04 12:56:10 | 000,164,352 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2007/02/05 20:05:26 | 000,000,038 | ---- | C] () -- C:\WINDOWS\AviSplitter.INI [2006/01/13 15:41:33 | 000,021,840 | ---- | C] () -- C:\WINDOWS\System32\SIntfNT.dll [2006/01/13 15:41:33 | 000,017,212 | ---- | C] () -- C:\WINDOWS\System32\SIntf32.dll [2006/01/13 15:41:33 | 000,012,067 | ---- | C] () -- C:\WINDOWS\System32\SIntf16.dll [2006/01/05 18:47:37 | 000,000,643 | ---- | C] () -- C:\WINDOWS\SIERRA.INI [2005/12/30 15:20:54 | 000,063,488 | ---- | C] () -- C:\WINDOWS\xobglu16.dll [2005/12/30 15:20:54 | 000,023,552 | ---- | C] () -- C:\WINDOWS\xobglu32.dll [2005/05/20 20:36:10 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll [2005/04/15 08:44:23 | 000,000,073 | ---- | C] () -- C:\WINDOWS\entpack.ini [2005/03/04 15:09:34 | 000,000,512 | ---- | C] () -- C:\WINDOWS\System32\st41t4jj.dll [2005/03/02 18:08:18 | 000,000,882 | ---- | C] () -- C:\WINDOWS\DC.ini [2004/12/31 13:22:51 | 000,000,737 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2003/02/19 01:26:28 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\cmirmdrv.dll [2002/03/04 10:16:34 | 000,110,592 | R--- | C] () -- C:\WINDOWS\System32\Jpeg32.dll [1996/11/20 23:00:00 | 000,022,016 | ---- | C] () -- C:\WINDOWS\System32\DOCOBJ.DLL ========== LOP Check ========== [2010/05/12 19:20:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\avg9 [2009/06/02 00:06:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Azureus [2009/05/20 17:22:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\DAEMON Tools Lite [2009/05/09 14:54:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\EPSON [2010/02/28 08:29:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\GameHouse [2006/12/16 16:35:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Ideas From the Deep [2010/04/13 19:12:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\ScanSoft [2008/08/01 17:49:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\Synthetic Reality [2006/05/18 18:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\VideoEgg1 [2009/05/12 15:59:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\VistaCodecs [2008/01/19 15:43:38 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\WinZip [2009/10/19 19:31:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{755AC846-7372-4AC8-8550-C52491DAA8BD} [2009/07/18 19:01:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906} [2006/05/14 14:48:54 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users.WINDOWS\Application Data\~0 [2006/09/29 02:34:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\.limewire [2010/03/08 11:43:55 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Azureus [2009/05/20 17:32:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\DAEMON Tools Lite [2008/05/28 19:25:35 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Dev-Cpp [2006/12/16 16:35:36 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Ideas From the Deep [2008/01/03 14:24:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\ImgBurn [2010/03/29 21:07:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\LimeWire [2009/05/21 18:28:18 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Nokia [2009/05/09 14:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Seven Zip ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2004/12/17 06:07:06 | 000,000,455 | ---- | M] () -- C:\AUTOEXEC.BAT [2002/08/19 03:12:02 | 000,000,171 | ---- | M] () -- C:\AUTOEXEC.PSS [2009/05/14 20:01:15 | 000,000,211 | -HS- | M] () -- C:\Boot.bak [2010/05/12 16:12:10 | 000,000,282 | -HS- | M] () -- C:\boot.ini [2004/12/12 23:33:26 | 000,072,868 | -HS- | M] () -- C:\BOOTLOG.PRV [2004/12/12 23:53:58 | 000,072,998 | -HS- | M] () -- C:\BOOTLOG.TXT [2004/12/27 05:17:00 | 000,000,512 | -HS- | M] () -- C:\bootsect.dos [2010/05/12 16:31:23 | 000,175,804 | ---- | M] () -- C:\caisslog.txt [2000/06/14 15:04:00 | 000,015,125 | ---- | M] () -- C:\CHECKMBR.EXE [2004/08/03 23:00:00 | 000,260,272 | ---- | M] () -- C:\cmldr [2002/08/19 03:12:02 | 000,000,032 | ---- | M] () -- C:\CONFIG.PSS [2020/02/19 19:36:44 | 000,000,030 | ---- | M] () -- C:\CONFIG.SYS [2004/12/08 20:20:24 | 000,000,464 | ---- | M] () -- C:\CTPNP.CFG [2005/02/26 10:23:58 | 000,000,824 | ---- | M] () -- C:\debugInstaller.txt [2008/06/06 17:57:49 | 003,692,090 | ---- | M] () -- C:\defs.zip [2004/12/12 23:53:58 | 000,002,491 | ---- | M] () -- C:\FETNDI.LOG [2010/05/13 08:58:41 | 000,000,269 | ---- | M] () -- C:\Fold.reg [2019/02/20 11:12:44 | 000,001,010 | ---- | M] () -- C:\FRUNLOG.TXT [2003/10/20 23:27:32 | 000,004,767 | ---- | M] () -- C:\GAMES.BAT [2002/09/02 01:26:06 | 000,000,967 | ---- | M] () -- C:\GAMES.PIF [1999/04/24 08:22:00 | 000,222,390 | RHS- | M] () -- C:\IO.SY0 [2010/05/13 21:52:51 | 000,000,000 | RHS- | M] () -- C:\IO.SYS [2003/06/15 18:31:38 | 000,000,004 | ---- | M] () -- C:\lotr.txt [2004/12/27 05:04:52 | 000,000,512 | -H-- | M] () -- C:\MBR_BOOT.DAT [2019/02/20 10:54:02 | 000,000,022 | -HS- | M] () -- C:\MSDOS.--- [2019/02/20 11:16:56 | 000,001,676 | ---- | M] () -- C:\MSDOS.SYS [2002/03/04 00:24:28 | 000,000,194 | ---- | M] () -- C:\MSINPUT.INI [2004/12/18 22:27:12 | 010,979,154 | ---- | M] () -- C:\My Documents.zip [2002/05/06 04:57:30 | 000,021,937 | -HS- | M] () -- C:\NETLOG.TXT [2009/06/04 10:04:15 | 000,452,976 | ---- | M] () -- C:\new_log.html [2009/06/05 21:21:19 | 000,000,154 | ---- | M] () -- C:\nslookup.txt [2008/04/14 22:00:00 | 000,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008/04/14 22:00:00 | 000,250,048 | RHS- | M] () -- C:\ntldr [2010/05/16 15:34:56 | 2145,386,496 | -HS- | M] () -- C:\pagefile.sys [2010/05/13 08:58:41 | 000,000,115 | ---- | M] () -- C:\Reg.bat [2003/10/02 21:40:16 | 000,004,944 | ---- | M] () -- C:\Rescued Document.txt [2004/12/26 08:30:44 | 000,158,183 | ---- | M] () -- C:\SCANDISK.LOG [2020/02/19 12:16:16 | 000,272,054 | -HS- | M] () -- C:\SCDOS.BAK [2001/10/30 17:01:16 | 000,272,054 | -HS- | M] () -- C:\SCDOS.SYS [2000/06/14 15:04:00 | 000,077,584 | -HS- | M] () -- C:\SCEDIT.SYS [2003/06/08 04:39:14 | 000,000,369 | -HS- | M] () -- C:\SCOSW.DAT [2003/06/08 04:29:44 | 000,014,726 | -HS- | M] () -- C:\SCOSW.LOG [2001/10/30 17:01:16 | 000,015,845 | -HS- | M] () -- C:\SCOSW_A.SYS [2001/10/30 17:01:16 | 000,059,333 | -HS- | M] () -- C:\SCOSW_B.SYS [2001/10/30 17:01:16 | 000,045,115 | ---- | M] () -- C:\SCOSW_D.SYS [1980/01/02 00:36:08 | 000,000,307 | ---- | M] () -- C:\SCTEMP.BAT [2004/12/12 05:19:28 | 000,002,788 | ---- | M] () -- C:\SETUPXLG.TXT [2020/02/19 18:01:40 | 000,000,572 | -HS- | M] () -- C:\SPINRITE.FIF [2020/02/19 18:01:40 | 000,006,792 | ---- | M] () -- C:\SPIN_LOG.C [2019/02/20 11:10:50 | 000,005,166 | -HS- | M] () -- C:\SUHDLOG.DAT [2001/12/19 23:27:52 | 000,311,652 | -HS- | M] () -- C:\SYSCMNDR.HLP [2002/08/19 03:37:36 | 000,439,909 | ---- | M] () -- C:\SYSCMNDR.SYS [2001/08/28 20:51:38 | 000,032,768 | -HS- | M] () -- C:\SYSIOMGR.SYS < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2009/03/08 04:31:44 | 000,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\dxtmsft.dll [2009/03/08 04:31:38 | 000,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\dxtrans.dll [2010/02/25 16:24:35 | 000,184,320 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SYSTEM32\iepeers.dll [2 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %systemroot%\System32\config\*.sav > [2010/05/12 23:32:36 | 003,555,328 | ---- | M] () -- C:\WINDOWS\SYSTEM32\config\default.sav [2010/05/04 22:01:42 | 000,053,248 | ---- | M] () -- C:\WINDOWS\SYSTEM32\config\security.sav [2010/05/12 23:32:36 | 031,780,864 | ---- | M] () -- C:\WINDOWS\SYSTEM32\config\software.sav [2010/05/12 23:32:36 | 012,058,624 | ---- | M] () -- C:\WINDOWS\SYSTEM32\config\system.sav < %systemroot%\system32\drivers\*.sys /90 > [2010/04/05 13:23:56 | 000,279,712 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\atksgt.sys [2010/05/12 19:20:41 | 000,216,200 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys [2010/05/12 19:20:39 | 000,029,512 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys [2010/05/12 19:20:48 | 000,242,896 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys [2010/04/05 13:23:55 | 000,025,888 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\lirsgt.sys [2010/04/29 15:39:26 | 000,020,952 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\mbam.sys [2010/04/29 15:39:38 | 000,038,224 | ---- | M] (Malwarebytes Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\mbamswissarmy.sys [2010/02/24 23:11:07 | 000,455,680 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\SYSTEM32\DRIVERS\mrxsmb.sys [2010/05/05 09:39:07 | 000,000,000 | ---- | M] () -- C:\WINDOWS\SYSTEM32\DRIVERS\qzanlkzy.sys < End of report >
  8. OTL logfile created on: 17/05/2010 10:08:34 AM - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 296.09 Gb Total Space | 150.63 Gb Free Space | 50.87% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LITTLE_JILLYS Current User Name: jilly Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe (OldTimer Tools) PRC - C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTH.scr (OldTimer Tools) PRC - C:\Program Files\AVG\AVG9\avgchsvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgnsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgcsrvx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgrsx.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) PRC - C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop\OTL.exe (OldTimer Tools) MOD - C:\WINDOWS\SYSTEM32\msscript.ocx (Microsoft Corporation) ========== Win32 Services (SafeList) ========== SRV - (avg9emc) -- C:\Program Files\AVG\AVG9\avgemc.exe (AVG Technologies CZ, s.r.o.) SRV - (avg9wd) -- C:\Program Files\AVG\AVG9\avgwdsvc.exe (AVG Technologies CZ, s.r.o.) SRV - (DAUpdaterSvc) -- C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe (BioWare) ========== Driver Services (SafeList) ========== DRV - (AvgTdiX) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgtdix.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgLdx86) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgldx86.sys (AVG Technologies CZ, s.r.o.) DRV - (AvgMfx86) -- C:\WINDOWS\SYSTEM32\DRIVERS\avgmfx86.sys (AVG Technologies CZ, s.r.o.) DRV - (qzanlkzy) -- C:\WINDOWS\SYSTEM32\DRIVERS\qzanlkzy.sys () DRV - (atksgt) -- C:\WINDOWS\SYSTEM32\DRIVERS\atksgt.sys () DRV - (lirsgt) -- C:\WINDOWS\SYSTEM32\DRIVERS\lirsgt.sys () DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys (Duplex Secure Ltd.) DRV - (cpuz132) -- C:\WINDOWS\SYSTEM32\DRIVERS\cpuz132_x32.sys (Windows ® Codename Longhorn DDK provider) DRV - (gameenum) -- C:\WINDOWS\SYSTEM32\DRIVERS\gameenum.sys (Microsoft Corporation) DRV - (SISNIC) -- C:\WINDOWS\SYSTEM32\DRIVERS\sisnic.sys (SiS Corporation) DRV - (ati2mtag) -- C:\WINDOWS\SYSTEM32\DRIVERS\ati2mtag.sys (ATI Technologies Inc.) DRV - (ALCXWDM) Service for Realtek AC97 Audio (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\alcxwdm.sys (Realtek Semiconductor Corp.) DRV - (W8335XP) NETGEAR WG311v3 802.11g Wireless PCI Adapter for Windows XP (8335) -- C:\WINDOWS\SYSTEM32\DRIVERS\WG311v3XP.sys (Marvell Semiconductor, Inc) DRV - (VIAudio) VIA AC'97 Enhanced Audio Controller (WDM) -- C:\WINDOWS\SYSTEM32\DRIVERS\viaudio.sys (VIA Technologies, Inc.) ========== Standard Registry (All) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchcust.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://ie.search.msn.com/{SUB_RFC1766}/srchasst/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Page_Transitions = 1 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?p...amp;ar=iesearch IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Google IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://www.google.com/search?q={searchTerm...tf8&oe=utf8 IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com.au/ IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\SYSTEM32\ieframe.dll (Microsoft Corporation) IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <local> IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:5555 FF - HKLM\software\mozilla\Firefox\Extensions\\jqs@sun.com: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/05/19 21:04:03 | 000,000,000 | ---D | M] [2009/05/19 21:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Mozilla\Extensions [2009/05/19 21:05:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Application Data\Mozilla\Extensions\mozswing@mozswing.org O1 HOSTS File: ([2009/05/15 22:48:52 | 000,000,027 | ---- | M]) - C:\WINDOWS\SYSTEM32\DRIVERS\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Reader Link Helper) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated) O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll (AVG Technologies CZ, s.r.o.) O2 - BHO: (Spybot-S&D IE Protection) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O2 - BHO: (Windows Live Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation) O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.) O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll File not found O3 - HKCU\..\Toolbar\ShellBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Address) - {01E04581-4EEE-11D0-BFE9-00AA005B4383} - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {0E5CBF21-D15F-11D0-8301-00AA005B4383} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O3 - HKCU\..\Toolbar\WebBrowser: (&Links) - {F2CF5485-4E02-4F68-819C-B92DE9277049} - C:\WINDOWS\SYSTEM32\ieframe.dll (Microsoft Corporation) O4 - HKLM..\Run: [AVG9_TRAY] C:\Program Files\AVG\AVG9\avgtray.exe (AVG Technologies CZ, s.r.o.) O4 - HKLM..\Run: [indexSearch] C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe (Apple Inc.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (rootkit-scan)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\FirstStart.exe (OLYMPUS IMAGING CORP.) O4 - HKLM..\Run: [PaperPort PTD] C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe (ScanSoft, Inc.) O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\qttask.exe (Apple Inc.) O4 - HKLM..\Run: [soundMan] C:\WINDOWS\soundman.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [sSBkgdUpdate] C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe (Scansoft, Inc.) O4 - HKLM..\Run: [type32] C:\Program Files\Microsoft IntelliType Pro\type32.exe (Microsoft Corporation) O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O4 - HKCU..\Run: [MsnMsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation) O4 - HKCU..\Run: [OM2_Monitor] C:\Program Files\OLYMPUS\OLYMPUS Master 2\MMonitor.exe (OLYMPUS IMAGING CORP.) O4 - HKCU..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe (Safer-Networking Ltd.) O4 - Startup: C:\Documents and Settings\All Users.WINDOWS\Start Menu\Programs\Startup\NETGEAR WG311v3 Smart Wizard.lnk = C:\Program Files\NETGEAR\WG311v3\wlancfg5.exe () O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Control Panel present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Toolbars present O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Toolbars present O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFolderOptions = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRun = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetFolders = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogoff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWindowsUpdate = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewOnDrive = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoFind = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: disableregistrytools = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 0 O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0 O8 - Extra context menu item: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\OFFICE11\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\OFFICE11\REFIEBAR.DLL (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll (Safer Networking Limited) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\WINDOWS\SYSTEM32\winrnr.dll (Microsoft Corporation) O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\SYSTEM32\rsvpsp.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000012 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000013 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000014 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000015 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000016 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000017 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000018 - C:\WINDOWS\SYSTEM32\mswsock.dll (Microsoft Corporation) O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://www.apple.com/qtactivex/qtplugin.cab (QuickTime Object) O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/download/C/0...heckControl.cab (Windows Genuine Advantage Validation Tool) O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwa...director/sw.cab (Shockwave ActiveX Control) O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://gfx1.hotmail.com/mail/w3/resources/MSNPUpld.cab (MSN Photo Upload Tool) O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/windowsupdate/...b?1273659687031 (WUWebControl Class) O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} http://upload.facebook.com/controls/2009.0...oUploader55.cab (Facebook Photo Uploader 5 Control) O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flash...t/ultrashim.cab (Reg Error: Key error.) O16 - DPF: {BDEE1959-AB6B-4745-A29B-F492861102CC} Reg Error: Key error. (Reg Error: Key error.) O16 - DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-...indows-i586.cab (Java Plug-in 1.6.0_20) O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} http://download.macromedia.com/pub/shockwa...ash/swflash.cab (Shockwave Flash Object) O16 - DPF: {E77F23EB-E7AB-4502-8F37-247DBAF1A147} http://gfx1.hotmail.com/mail/w4/pr01/photo...ol/MSNPUpld.cab (Windows Live Hotmail Photo Upload Tool) O16 - DPF: Microsoft XML Parser for Java file://C:\WINDOWS\Java\classes\xmldso.cab (Reg Error: Key error.) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 10.1.1.1 192.168.0.1 O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = Blue_Mountains O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\gopher {79eac9e4-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll (AVG Technologies CZ, s.r.o.) O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\WINDOWS\SYSTEM32\inetcomm.dll (Microsoft Corporation) O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\SYSTEM\ole db\MSDAIPP.DLL (Microsoft Corporation) O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\WINDOWS\SYSTEM32\itss.dll (Microsoft Corporation) O18 - Protocol\Handler\ms-itss {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation) O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap11 {32505114-5902-49B2-880A-1F7738E5A384} - C:\Program Files\Common Files\Microsoft Shared\Web Components\11\OWC11.DLL (Microsoft Corporation) O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\sysimage {76E67A63-06E9-11D2-A840-006008059382} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\WINDOWS\SYSTEM32\msvidctl.dll (Microsoft Corporation) O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\WINDOWS\SYSTEM32\mshtml.dll (Microsoft Corporation) O18 - Protocol\Handler\wia {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} - C:\WINDOWS\SYSTEM32\wiascr.dll (Microsoft Corporation) O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation) O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\WINDOWS\System32\mscoree.dll (Microsoft Corporation) O18 - Protocol\Filter\Class Install Handler {32B533BB-EDAE-11d0-BD5A-00AA00B92AF1} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\deflate {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\gzip {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\lzdhtml {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\WINDOWS\SYSTEM32\urlmon.dll (Microsoft Corporation) O18 - Protocol\Filter\text/webviewhtml {733AC4CB-F1A4-11d0-B951-00A0C90312E1} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O18 - Protocol\Filter\text/xml {807553E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE11\MSOXMLMF.DLL (Microsoft Corporation) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\WINDOWS\SYSTEM32\userinit.exe (Microsoft Corporation) O20 - HKLM Winlogon: GinaDLL - (MrvGINA.dll) - C:\WINDOWS\System32\MrvGINA.dll (Marvell®) O20 - HKLM Winlogon: UIHost - (logonui.exe) - C:\WINDOWS\System32\logonui.exe (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (rundll32 shell32) - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O20 - HKLM Winlogon: VMApplet - (Control_RunDLL "sysdm.cpl") - C:\WINDOWS\System32\sysdm.cpl (Microsoft Corporation) O20 - HKCU Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O20 - Winlogon\Notify\avgrsstarter: DllName - avgrsstx.dll - C:\WINDOWS\System32\avgrsstx.dll (AVG Technologies CZ, s.r.o.) O20 - Winlogon\Notify\crypt32chain: DllName - crypt32.dll - C:\WINDOWS\System32\crypt32.dll (Microsoft Corporation) O20 - Winlogon\Notify\cryptnet: DllName - cryptnet.dll - C:\WINDOWS\System32\cryptnet.dll (Microsoft Corporation) O20 - Winlogon\Notify\cscdll: DllName - cscdll.dll - C:\WINDOWS\System32\cscdll.dll (Microsoft Corporation) O20 - Winlogon\Notify\dimsntfy: DllName - %SystemRoot%\System32\dimsntfy.dll - C:\WINDOWS\SYSTEM32\dimsntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\RegCompact: DllName - RegCompact.dll - C:\WINDOWS\System32\RegCompact.dll (AMUST Software) O20 - Winlogon\Notify\ScCertProp: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\Schedule: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\sclgntfy: DllName - sclgntfy.dll - C:\WINDOWS\System32\sclgntfy.dll (Microsoft Corporation) O20 - Winlogon\Notify\SensLogn: DllName - WlNotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\termsrv: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - C:\WINDOWS\System32\WgaLogon.dll () O20 - Winlogon\Notify\wlballoon: DllName - wlnotify.dll - C:\WINDOWS\System32\wlnotify.dll (Microsoft Corporation) O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - C:\WINDOWS\SYSTEM32\shell32.dll (Microsoft Corporation) O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - C:\WINDOWS\SYSTEM32\stobject.dll (Microsoft Corporation) O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - C:\WINDOWS\SYSTEM32\webcheck.dll (Microsoft Corporation) O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\SYSTEM32\wpdshserviceobj.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {438755C2-A8BA-11D1-B96B-00A0C90312E1} - Browseui preloader - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O22 - SharedTaskScheduler: {8C7461EF-2B13-11d2-BE35-3078302C2030} - Component Categories cache daemon - C:\WINDOWS\SYSTEM32\browseui.dll (Microsoft Corporation) O24 - Desktop Components:0 (My Current Home Page) - About:Home O24 - Desktop WallPaper: C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\My Documents\My Pictures\desktop2.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\My Documents\My Pictures\desktop2.bmp O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - C:\WINDOWS\System32\shell32.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msapsspc.dll) - C:\WINDOWS\System32\msapsspc.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (schannel.dll) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (digest.dll) - C:\WINDOWS\System32\digest.dll (Microsoft Corporation) O29 - HKLM SecurityProviders - (msnsspc.dll) - C:\WINDOWS\System32\msnsspc.dll (Microsoft Corporation) O30 - LSA: Authentication Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (kerberos) - C:\WINDOWS\System32\kerberos.dll (Microsoft Corporation) O30 - LSA: Security Packages - (msv1_0) - C:\WINDOWS\System32\msv1_0.dll (Microsoft Corporation) O30 - LSA: Security Packages - (schannel) - C:\WINDOWS\System32\schannel.dll (Microsoft Corporation) O30 - LSA: Security Packages - (wdigest) - C:\WINDOWS\System32\wdigest.dll (Microsoft Corporation) O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2004/12/17 06:07:06 | 000,000,455 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2002/08/19 03:12:02 | 000,000,171 | ---- | M] () - C:\AUTOEXEC.PSS -- [ NTFS ] O34 - HKLM BootExecute: (autocheck autochk *) - File not found O35 - HKLM\..comfile [open] -- "%1" %* O35 - HKLM\..exefile [open] -- "%1" %* O37 - HKLM\...com [@ = comfile] -- "%1" %* O37 - HKLM\...exe [@ = exefile] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\SYSTEM32\ias [2010/05/12 13:58:33 | 000,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found
  9. Hello kahdah, Thanks for your response. I was able to run OTH and OTL and I will paste below the contents requested. Running GMER however, resulted in a blue screen with a message saying "A problem has been detected and windows has been shut down to prevent damage to your cmputer: PFN_LIST_Corrupt" It then began a dump of physical memory to disk and was followed by a restart. I attempted to run the scan two times and each time the blue screen with the same message appeared. (Note: The scan would run for about 30-40 minutes before the blue screen appeared.) Both Extras.txt and OTL.txt cannot fit so I have attached them as well. Sorry! Extras.txt OTL Extras logfile created on: 17/05/2010 10:08:34 AM - Run 1 OTL by OldTimer - Version 3.2.4.1 Folder = C:\Documents and Settings\jilly.BLUE_MOUNTAINS.000\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000C09 | Country: Australia | Language: ENA | Date Format: d/MM/yyyy 1.00 Gb Total Physical Memory | 1.00 Gb Available Physical Memory | 63.00% Memory free 3.00 Gb Paging File | 3.00 Gb Available in Paging File | 86.00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 296.09 Gb Total Space | 150.63 Gb Free Space | 50.87% Space Free | Partition Type: NTFS D: Drive not present or media not loaded E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: LITTLE_JILLYS Current User Name: jilly Logged in as Administrator. Current Boot Mode: Normal Scan Mode: Current user Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\program files\microsoft office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "FirewallDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:*:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:*:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:*:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:*:Enabled:@xpsp2res.dll,-22002 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 0 "DoNotAllowExceptions" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "139:TCP" = 139:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22004 "445:TCP" = 445:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22005 "137:UDP" = 137:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22001 "138:UDP" = 138:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22002 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\MSN Messenger\msncall.exe" = C:\Program Files\MSN Messenger\msncall.exe:*:Enabled:Windows Live Messenger 8.0 (Phone) -- File not found "C:\Program Files\LimeWire\LimeWire.exe" = C:\Program Files\LimeWire\LimeWire.exe:*:Enabled:LimeWire -- (Lime Wire, LLC) "C:\Program Files\Steam\SteamApps\phunky_jill\half-life deathmatch source\hl2.exe" = C:\Program Files\Steam\SteamApps\phunky_jill\half-life deathmatch source\hl2.exe:*:Enabled:hl2 -- () "C:\SIERRA\Counter-Strike\cstrike.exe" = C:\SIERRA\Counter-Strike\cstrike.exe:*:Enabled:CounterStrike Launcher -- (Valve, L.L.C.) "C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\SAGENT4.EXE" = C:\WINDOWS\SYSTEM32\spool\drivers\w32x86\3\SAGENT4.EXE:*:Enabled:SAgent4 -- File not found "C:\Program Files\DOOM Collector's Edition\Final Doom\Doom95.exe" = C:\Program Files\DOOM Collector's Edition\Final Doom\Doom95.exe:*:Enabled:doom95 -- (id Software) "C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe" = C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe:*:Enabled:lh -- File not found "C:\Program Files\EA GAMES\Ultima Online Gold\client 308j.exe" = C:\Program Files\EA GAMES\Ultima Online Gold\client 308j.exe:*:Enabled:client 308j -- File not found "C:\Program Files\EA GAMES\Ultima Online Gold\client 3.0.8j.exe" = C:\Program Files\EA GAMES\Ultima Online Gold\client 3.0.8j.exe:*:Enabled:client 3.0.8j -- File not found "C:\Program Files\EA GAMES\Ultima Online Gold\Client.exe" = C:\Program Files\EA GAMES\Ultima Online Gold\Client.exe:*:Enabled:Client -- File not found "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\EA GAMES\uogold\client 3.0.8j.exe" = C:\Program Files\EA GAMES\uogold\client 3.0.8j.exe:*:Enabled:client 3.0.8j -- File not found "C:\Program Files\EA GAMES\uogold\client 308j.exe" = C:\Program Files\EA GAMES\uogold\client 308j.exe:*:Enabled:client 308j -- File not found "C:\Program Files\EA GAMES\Ultima Online Gold\client 4.0.11c.exe" = C:\Program Files\EA GAMES\Ultima Online Gold\client 4.0.11c.exe:*:Enabled:client 4.0.11c -- File not found "C:\Program Files\Steam\SteamApps\phunky_jill\half-life 2 deathmatch\hl2.exe" = C:\Program Files\Steam\SteamApps\phunky_jill\half-life 2 deathmatch\hl2.exe:*:Enabled:hl2 -- () "C:\Program Files\Ultima Online\client.exe" = C:\Program Files\Ultima Online\client.exe:*:Enabled:Ultima Online Client -- (Electronic Arts) "C:\Program Files\Ultima Online\cl6016.exe" = C:\Program Files\Ultima Online\cl6016.exe:*:Enabled:Ultima Online Client -- (Electronic Arts) "C:\Program Files\Steam\SteamApps\phunky_jill\half-life\hl.exe" = C:\Program Files\Steam\SteamApps\phunky_jill\half-life\hl.exe:*:Enabled:Half-Life Launcher -- (Valve) "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) "C:\Program Files\AVG\AVG9\avgemc.exe" = C:\Program Files\AVG\AVG9\avgemc.exe:*:Enabled:avgemc.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgupd.exe" = C:\Program Files\AVG\AVG9\avgupd.exe:*:Enabled:avgupd.exe -- (AVG Technologies CZ, s.r.o.) "C:\Program Files\AVG\AVG9\avgnsx.exe" = C:\Program Files\AVG\AVG9\avgnsx.exe:*:Enabled:avgnsx.exe -- (AVG Technologies CZ, s.r.o.) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\system32\sessmgr.exe" = %windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019 -- (Microsoft Corporation) "C:\Program Files\Messenger\msmsgs.exe" = C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger -- (Microsoft Corporation) "C:\Program Files\DOOM Collector's Edition\Final Doom\Doom95.exe" = C:\Program Files\DOOM Collector's Edition\Final Doom\Doom95.exe:*:Enabled:doom95 -- (id Software) "%windir%\system32\ccapp.exe" = %windir%\system32\ccapp.exe:*:Enabled:System Process -- File not found "C:\Program Files\Black Isle\BGII - SoA\BGMain.exe" = C:\Program Files\Black Isle\BGII - SoA\BGMain.exe:*:Enabled:Baldur's Gate II - Shadows of Amn - Throne of Bhaal -- (BioWare Corp.) "C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe" = C:\Program Files\Lionhead Studios Ltd\Black & White\runblack.exe:*:Enabled:lh -- File not found "C:\SIERRA\Half-Life\hl.exe" = C:\SIERRA\Half-Life\hl.exe:*:Enabled:Half-Life Launcher -- (Valve, L.L.C.) "C:\SIERRA\Counter-Strike\cstrike.exe" = C:\SIERRA\Counter-Strike\cstrike.exe:*:Enabled:CounterStrike Launcher -- (Valve, L.L.C.) "C:\WINDOWS\SYSTEM32\dpvsetup.exe" = C:\WINDOWS\SYSTEM32\dpvsetup.exe:*:Enabled:Microsoft DirectPlay Voice Test -- (Microsoft Corporation) "C:\Program Files\Sierra On-Line\SIGSPat.exe" = C:\Program Files\Sierra On-Line\SIGSPat.exe:*:Enabled:SIGSPat -- (Havas Interactive) "C:\Program Files\Steam\SteamApps\phunky_jill\half-life deathmatch source\hl2.exe" = C:\Program Files\Steam\SteamApps\phunky_jill\half-life deathmatch source\hl2.exe:*:Enabled:hl2 -- () "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\MSN Messenger\livecall.exe" = C:\Program Files\MSN Messenger\livecall.exe:*:Enabled:Windows Live Messenger 8.1 (Phone) -- File not found "C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe" = C:\Program Files\CA\CA Internet Security Suite\CA Anti-Virus\vetmsg.exe:*:Enabled:VetMsg -- File not found "C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation) "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation) "C:\Program Files\iTunes\iTunes.exe" = C:\Program Files\iTunes\iTunes.exe:*:Enabled:iTunes -- (Apple Inc.) "C:\Program Files\Dragon Age\bin_ship\daorigins.exe" = C:\Program Files\Dragon Age\bin_ship\daorigins.exe:*:Enabled:Dragon Age Origins Game -- (BioWare) "C:\Program Files\Dragon Age\DAOriginsLauncher.exe" = C:\Program Files\Dragon Age\DAOriginsLauncher.exe:*:Enabled:Dragon Age Origins Launcher -- (BioWare) "C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe" = C:\Program Files\Dragon Age\bin_ship\daupdatersvc.service.exe:*:Enabled:Dragon Age Origins Updater -- (BioWare) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{048298C9-A4D3-490B-9FF9-AB023A9238F3}" = Steam "{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support "{1A7F8DF6-5A3E-4CDF-BC82-BE26B407E21B}" = The Sims Superstar "{1C4551A6-4743-4093-91E4-1477CD655043}" = NVIDIA PhysX "{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live Upload Tool "{21289AE2-24FE-11D5-8F73-0050DA0F6297}" = The Sims Menu Editor "{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT "{26A24AE4-039D-4CA4-87B4-2F83216011FF}" = Java 6 Update 20 "{31ED8B29-7A73-440D-B3BA-E05ABDDA68DD}" = Delicious - Emilys Holiday Season "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform "{3DE5E7D4-7B88-403C-A3FD-2017A8240C5B}" = Google Earth "{40C03514-89C3-41BA-0090-3B440256DB87}" = The Sims 2 "{45338B07-A236-4270-9A77-EBB4115517B5}" = Windows Live Sign-in Assistant "{45FCADDB-0B29-457E-83A1-D245C62A716C}" = OLYMPUS Master 2 "{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater "{595A6662-6158-11D4-8F73-0050DA0F6297}" = The Sims Art Studio "{5D5B9E6A-344C-4976-95AB-ABBDC648E5DA}" = Microsoft IntelliType Pro 5.2 "{63569CE9-FA00-469C-AF5C-E5D4D93ACF91}" = Windows Genuine Advantage v1.3.0254.0 "{6412CECE-8172-4BE5-935B-6CECACD2CA87}" = Windows Live Mail "{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update "{6D316D67-DA52-4659-9C98-F479963534D6}" = Audiosurf "{6DE13770-01B7-4366-8DA6-48237793F445}" = VoiceOver Kit "{70014586-7BBA-4A92-A610-CDC896C48F8F}" = NETGEAR WG311v3 PCI Adapter "{716E0306-8318-4364-8B8F-0CC4E9376BAC}" = MSXML 4.0 SP2 Parser and SDK "{71C97545-E547-4A8B-B0C8-61FF853270AC}" = PaperPort "{81128EE8-8EAD-4DB0-85C6-17C2CE50FF71}" = Windows Live Essentials "{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{90120000-0020-0409-0000-0000000FF1CE}" = Compatibility Pack for the 2007 Office system "{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting "{9A0ED01E-FD18-457A-AB9C-0835DCDB17BB}" = Microsoft Platform SDK (R2) (3790.2075) "{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 "{9A912C12-A7DA-44D7-BD57-5CA85E2F33E1}" = Brother MFL-Pro Suite "{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI "{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime "{A85FD55B-891B-4314-97A5-EA96C0BD80B5}" = Windows Live Messenger "{AADEA55D-C834-4BCB-98A3-4B8D1C18F4EE}" = Apple Mobile Device Support "{AC76BA86-7AD7-1033-7B44-A81000000003}" = Adobe Reader 8.1.0 "{AEC81925-9C76-4707-84A9-40696C613ED3}" = Dragon Age: Origins "{B3332FCA-3B51-4053-8C2D-9F7ACFE6065A}" = Wocarson Windows Genuine Advantage Validation v1.9.9.1 Cracked V2 "{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1" = Spybot - Search & Destroy "{B8C3B479-1716-11D5-968A-0050BA84F5F7}" = Baldur's Gate II - Throne of Bhaal "{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}" = The Sims Extras.Txt OTL.Txt
  10. Hello, Reading through some of the more recent topics it seems I have a few symptoms shared with other users on this forum. I originally had a fake anti virus popping up telling me to run scans etc and I was not allowed to run task manager and a lot of other programs; "the file *program-name*.exe is infected and must be scanned for viruses" or a message along those lines was given each time I attempted to run a program. Now it seems after running Malwarebytes, Spybot Search and Destroy, Kaspersky Rescue Disk and AVG Anti Virus most of the visible problems seem to be gone. I also had my searches in Internet Explorer being redirected to other sites, but that appears to be fixed now too... I have noticed that when I run a Spybot scan and find several problems. I choose to fix these problems, but upon restarting the computer if I run another Spybot scan it seems it finds these problems again. Malwarebytes also seems to find something called PRAGMAd.sys or something (I can't quite remember what it was called.). But that seems to come back too. I've got a copy of the Spybot scan below, i'm not sure if it will help. It's quite frustrating not being able to get rid of whatever it is! Thanks, Daniel Spybot Search and Destroy Fraud.MalwareDefense: [sBI $E7E827C2] Settings (Registry key, fixed) HKEY_LOCAL_MACHINE\Software\Malware Defense Fraud.MalwareDefense: [sBI $655F7E78] Settings (Registry key, fixed) HKEY_USERS\S-1-5-21-1801674531-2049760794-839522115-1105\Software\Malware Defense Fraud.MalwareDefense: [sBI $655F7E78] Settings (Registry key, fixed) HKEY_USERS\S-1-5-21-484763869-1935655697-725345543-500\Software\Malware Defense Fraud.PaladinAntivirus: [sBI $B2D62186] Settings (Registry key, fixed) HKEY_LOCAL_MACHINE\SOFTWARE\Paladin Antivirus SpySheriff: [sBI $9302253C] Settings (Registry change, fixed) HKEY_USERS\S-1-5-21-484763869-1935655697-725345543-500\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\ForceActiveDesktopOn Fraud.PaladinAntivirus: [sBI $2135E99D] Settings (Registry key, fixed) HKEY_USERS\S-1-5-21-1801674531-2049760794-839522115-1105\Software\Paladin Antivirus Fraud.PaladinAntivirus: [sBI $2135E99D] Settings (Registry key, fixed) HKEY_USERS\S-1-5-21-484763869-1935655697-725345543-500\Software\Paladin Antivirus FunWebProducts: [sBI $561F0D2E] User settings (Registry value, fixed) HKEY_USERS\S-1-5-21-484763869-1935655697-725345543-500\Software\Microsoft\Internet Explorer\MenuExt\&Search\=...http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml... FunWebProducts: [sBI $8CC75C5A] Settings (Registry value, fixed) HKEY_USERS\S-1-5-21-484763869-1935655697-725345543-500\Software\Microsoft\Internet Explorer\URLSearchHooks\{00A6FAF6-072E-44cf-8957-5838F569A31D} MyWay.MyWebSearch: [sBI $6404C538] Settings (Registry key, fixed) HKEY_USERS\S-1-5-21-484763869-1935655697-725345543-500\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{07B18EA1-A523-4961-B6BB-170DE4475CCA} MyWay.MyWebSearch: [sBI $B1C70274] Browser helper object (Registry key, fixed) HKEY_USERS\S-1-5-21-484763869-1935655697-725345543-500\Software\MyWebSearch Microsoft.WindowsSecurityCenter_disabled: [sBI $2E20C9A9] Settings (Registry change, fixed) HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\wscsvc\Start Right Media: Tracking cookie (Internet Explorer: jilly) (Cookie, fixed) --- Spybot - Search & Destroy version: 1.6.2 (build: 20090126) --- 2009-01-26 blindman.exe (1.0.0.8) 2009-01-26 SDFiles.exe (1.6.1.7) 2009-01-26 SDMain.exe (1.0.0.6) 2009-01-26 SDShred.exe (1.0.2.5) 2009-01-26 SDUpdate.exe (1.6.0.12) 2009-01-26 SpybotSD.exe (1.6.2.46) 2009-03-05 TeaTimer.exe (1.6.6.32) 2009-05-15 unins000.exe (51.49.0.0) 2009-01-26 Update.exe (1.6.0.7) 2009-11-04 advcheck.dll (1.6.5.20) 2007-04-02 aports.dll (2.1.0.0) 2008-06-14 DelZip179.dll (1.79.11.1) 2009-01-26 SDHelper.dll (1.6.2.14) 2008-06-19 sqlite3.dll 2009-01-26 Tools.dll (2.1.6.10) 2009-01-16 UninsSrv.dll (1.0.0.0) 2010-02-17 Includes\Adware.sbi (*) 2010-05-04 Includes\AdwareC.sbi (*) 2010-01-25 Includes\Cookies.sbi (*) 2009-11-03 Includes\Dialer.sbi (*) 2010-05-04 Includes\DialerC.sbi (*) 2010-01-25 Includes\HeavyDuty.sbi (*) 2009-05-26 Includes\Hijackers.sbi (*) 2010-05-04 Includes\HijackersC.sbi (*) 2010-01-20 Includes\Keyloggers.sbi (*) 2010-05-04 Includes\KeyloggersC.sbi (*) 2004-11-29 Includes\LSP.sbi (*) 2010-05-05 Includes\Malware.sbi (*) 2010-05-05 Includes\MalwareC.sbi (*) 2009-03-25 Includes\PUPS.sbi (*) 2010-04-13 Includes\PUPSC.sbi (*) 2010-01-25 Includes\Revision.sbi (*) 2009-01-13 Includes\Security.sbi (*) 2010-05-04 Includes\SecurityC.sbi (*) 2008-06-03 Includes\Spybots.sbi (*) 2008-06-03 Includes\SpybotsC.sbi (*) 2010-03-02 Includes\Spyware.sbi (*) 2010-05-04 Includes\SpywareC.sbi (*) 2010-03-08 Includes\Tracks.uti 2010-04-27 Includes\Trojans.sbi (*) 2010-05-04 Includes\TrojansC-02.sbi (*) 2010-05-04 Includes\TrojansC-03.sbi (*) 2010-05-04 Includes\TrojansC-04.sbi (*) 2010-05-04 Includes\TrojansC-05.sbi (*) 2010-05-04 Includes\TrojansC.sbi (*) 2008-03-04 Plugins\Chai.dll 2008-03-05 Plugins\Fennel.dll 2008-02-26 Plugins\Mate.dll 2007-12-24 Plugins\TCPIPAddress.dll
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.